Commit 043fd71
Bump mise toolchain and Go module dependencies
mise tools (.tool-versions):
- go 1.26.3 -> 1.26.4 (fixes CVE-2026-42504 net/textproto error
injection, CVE-2026-42507 mime CPU exhaustion, CVE-2026-27145
crypto/x509 VerifyHostname DoS — all on the CLI's HTTPS client path)
- goreleaser 2.15.2 -> 2.16.0 (brews: deprecated; we already use
homebrew_casks — goreleaser check validates clean)
- cosign 3.0.6 -> 3.1.1 (bundle-format default; verify-blob unchanged)
- syft 1.42.4 -> 1.45.1
- caddy 2.11.2 -> 2.11.4 (security patches)
Go modules:
- bubbletea v2.0.7, koanf v2.3.5, x/crypto v0.53.0, x/mod v0.37.0,
x/term v0.44.0 (direct)
- btcec v2.5.0, btcutil v1.2.0, fsnotify v1.10.1, x/sys v0.46.0,
new chainhash/v2 module via btcec (indirect)
No breaking changes per upstream changelogs. Verified with tests
between each update group, task precommit-full (fmt, lint, race,
fuzz seeds, govulncheck clean, all-platform builds), and task
fuzz-deep across all 64 targets with no new reproducers.
Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>1 parent fdb8d04 commit 043fd71
4 files changed
Lines changed: 110 additions & 150 deletions
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
2 | 2 | | |
3 | 3 | | |
4 | 4 | | |
5 | | - | |
6 | | - | |
7 | | - | |
8 | | - | |
9 | | - | |
10 | | - | |
11 | | - | |
12 | | - | |
13 | | - | |
| 5 | + | |
| 6 | + | |
| 7 | + | |
| 8 | + | |
| 9 | + | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
14 | 14 | | |
15 | | - | |
16 | | - | |
| 15 | + | |
| 16 | + | |
17 | 17 | | |
18 | 18 | | |
19 | 19 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
7 | 7 | | |
8 | 8 | | |
9 | 9 | | |
| 10 | + | |
| 11 | + | |
| 12 | + | |
| 13 | + | |
| 14 | + | |
| 15 | + | |
| 16 | + | |
| 17 | + | |
| 18 | + | |
| 19 | + | |
| 20 | + | |
| 21 | + | |
| 22 | + | |
| 23 | + | |
| 24 | + | |
| 25 | + | |
| 26 | + | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
| 30 | + | |
| 31 | + | |
| 32 | + | |
| 33 | + | |
| 34 | + | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
| 40 | + | |
| 41 | + | |
| 42 | + | |
| 43 | + | |
| 44 | + | |
| 45 | + | |
| 46 | + | |
| 47 | + | |
10 | 48 | | |
11 | 49 | | |
12 | 50 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
1 | 1 | | |
2 | 2 | | |
3 | | - | |
| 3 | + | |
4 | 4 | | |
5 | 5 | | |
6 | 6 | | |
7 | | - | |
| 7 | + | |
8 | 8 | | |
9 | 9 | | |
10 | 10 | | |
| |||
20 | 20 | | |
21 | 21 | | |
22 | 22 | | |
23 | | - | |
| 23 | + | |
24 | 24 | | |
25 | 25 | | |
26 | 26 | | |
27 | | - | |
28 | | - | |
29 | | - | |
| 27 | + | |
| 28 | + | |
| 29 | + | |
30 | 30 | | |
31 | 31 | | |
32 | 32 | | |
33 | 33 | | |
34 | 34 | | |
35 | | - | |
36 | | - | |
37 | | - | |
38 | | - | |
| 35 | + | |
| 36 | + | |
| 37 | + | |
| 38 | + | |
| 39 | + | |
39 | 40 | | |
40 | 41 | | |
41 | | - | |
| 42 | + | |
42 | 43 | | |
43 | 44 | | |
44 | 45 | | |
45 | 46 | | |
46 | 47 | | |
47 | | - | |
48 | | - | |
| 48 | + | |
| 49 | + | |
49 | 50 | | |
50 | | - | |
51 | | - | |
| 51 | + | |
| 52 | + | |
52 | 53 | | |
| 54 | + | |
53 | 55 | | |
54 | 56 | | |
55 | | - | |
| 57 | + | |
56 | 58 | | |
57 | 59 | | |
58 | 60 | | |
59 | 61 | | |
60 | 62 | | |
61 | 63 | | |
| 64 | + | |
62 | 65 | | |
63 | 66 | | |
64 | | - | |
65 | | - | |
| 67 | + | |
| 68 | + | |
66 | 69 | | |
0 commit comments