fix(security): upgrade Go 1.25.7 to 1.26.1 to resolve 4 stdlib vulnerabilities

GO-2026-4602 (os), GO-2026-4601 (net/url), GO-2026-4600 and GO-2026-4599 (crypto/x509). The crypto/x509 fixes are only available in go1.26.1+, not backported to go1.25.x.
2026-03-07 08:45:55 +08:00
parent 1b4d2a41c9
commit 0c9ba9e86c
6 changed files with 10 additions and 31 deletions
--- a/deploy/Dockerfile
+++ b/deploy/Dockerfile
@@ -7,7 +7,7 @@
 # =============================================================================

 ARG NODE_IMAGE=node:24-alpine
-ARG GOLANG_IMAGE=golang:1.25.5-alpine
+ARG GOLANG_IMAGE=golang:1.26.1-alpine
 ARG ALPINE_IMAGE=alpine:3.20
 ARG GOPROXY=https://goproxy.cn,direct
 ARG GOSUMDB=sum.golang.google.cn