diff --git a/Makefile b/Makefile index ff029c7f13d..1d68f9b514c 100644 --- a/Makefile +++ b/Makefile @@ -221,8 +221,7 @@ security-gosec: .PHONY: security-govulncheck security-govulncheck: @echo "Running govulncheck..." - @command -v govulncheck >/dev/null || go install golang.org/x/vuln/cmd/govulncheck@latest - govulncheck ./... + go run golang.org/x/vuln/cmd/govulncheck ./... @echo "✓ Govulncheck complete" # Test JavaScript files @@ -574,7 +573,6 @@ tools: ## Install build-time tools from tools.go @go install github.com/rhysd/actionlint/cmd/actionlint@v1.7.11 @go install github.com/securego/gosec/v2/cmd/gosec@v2.27.1 @go install golang.org/x/tools/gopls@v0.21.1 - @go install golang.org/x/vuln/cmd/govulncheck@v1.1.4 @echo "✓ Tools installed successfully" # Install golangci-lint binary (avoiding GPL dependencies in go.mod) diff --git a/go.mod b/go.mod index c758671cbf7..35d5eda1740 100644 --- a/go.mod +++ b/go.mod @@ -25,7 +25,7 @@ require ( golang.org/x/mod v0.37.0 golang.org/x/term v0.44.0 golang.org/x/tools v0.46.0 - golang.org/x/vuln v1.3.0 + golang.org/x/vuln v1.4.0 ) require ( @@ -110,7 +110,7 @@ require ( golang.org/x/oauth2 v0.36.0 // indirect golang.org/x/sync v0.21.0 // indirect golang.org/x/sys v0.46.0 // indirect - golang.org/x/telemetry v0.0.0-20260610154732-fb80ec83bdd9 // indirect + golang.org/x/telemetry v0.0.0-20260611141451-d61e87d5f4a3 // indirect golang.org/x/text v0.38.0 // indirect google.golang.org/api v0.282.0 // indirect google.golang.org/genai v1.58.0 // indirect diff --git a/go.sum b/go.sum index 7ac557a031b..11f35360659 100644 --- a/go.sum +++ b/go.sum @@ -257,8 +257,8 @@ golang.org/x/sys v0.0.0-20210831042530-f4d43177bf5e/go.mod h1:oPkhp1MJrh7nUepCBc golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.46.0 h1:noSf2Fq6F8DBgS+LysIkx7rIExoNHJsxOAtPp4rthXw= golang.org/x/sys v0.46.0/go.mod h1:4GL1E5IUh+htKOUEOaiffhrAeqysfVGipDYzABqnCmw= -golang.org/x/telemetry v0.0.0-20260610154732-fb80ec83bdd9 h1:FjUup8XrRy7lv+XHONi6KKUSizeF2NnVrTnz/HhbohQ= -golang.org/x/telemetry v0.0.0-20260610154732-fb80ec83bdd9/go.mod h1:3AWMyWHS+caVoiEXpiq6+tzKA40J4vQT3MYr80ZtQpc= +golang.org/x/telemetry v0.0.0-20260611141451-d61e87d5f4a3 h1:npLQMrOn2MsmuA1yJESQ+woxUfrPCRTSjODXQu2ltow= +golang.org/x/telemetry v0.0.0-20260611141451-d61e87d5f4a3/go.mod h1:3AWMyWHS+caVoiEXpiq6+tzKA40J4vQT3MYr80ZtQpc= golang.org/x/term v0.44.0 h1:0rLvDRCtNj0gZkyIXhCyOb2OAzEhLVqc4B+hrsBhrmc= golang.org/x/term v0.44.0/go.mod h1:7ze4MdzUzLXpSAoFP1H0bOI9aXDqveSvatT5vKcFh2Y= golang.org/x/text v0.38.0 h1:sXmwo9DwP3OK9EZ7PqAdaooSGozfl/3a6/xJcbzPRhE= @@ -269,8 +269,8 @@ golang.org/x/tools/go/expect v0.1.1-deprecated h1:jpBZDwmgPhXsKZC6WhL20P4b/wmnps golang.org/x/tools/go/expect v0.1.1-deprecated/go.mod h1:eihoPOH+FgIqa3FpoTwguz/bVUSGBlGQU67vpBeOrBY= golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated h1:1h2MnaIAIXISqTFKdENegdpAgUXz6NrPEsbIeWaBRvM= golang.org/x/tools/go/packages/packagestest v0.1.1-deprecated/go.mod h1:RVAQXBGNv1ib0J382/DPCRS/BPnsGebyM1Gj5VSDpG8= -golang.org/x/vuln v1.3.0 h1:hZYzR8uRhYhDSX88d+40TWbKAVw7BIvRWm26rtEn8jw= -golang.org/x/vuln v1.3.0/go.mod h1:MIY2PaR1y52stzZM3uHBboUAdVJvSVMl5nP3OQrwQaE= +golang.org/x/vuln v1.4.0 h1:FpmTZiV4PyqY3lFfuCkz1JftEXb/+8M2NEkjJM5TF4g= +golang.org/x/vuln v1.4.0/go.mod h1:FJ7XyKs83nAdxQ7PMsia2PoynwZMJ/QajXVMBBIgFe8= gonum.org/v1/gonum v0.17.0 h1:VbpOemQlsSMrYmn7T2OUvQ4dqxQXU+ouZFQsZOx50z4= gonum.org/v1/gonum v0.17.0/go.mod h1:El3tOrEuMpv2UdMrbNlKEh9vd86bmQ6vqIcDwxEOc1E= google.golang.org/api v0.282.0 h1:WmJiSVqUnKqJCpJOx7YADbXaC+9DDsnGSfllFSj7R2I=