fix: upgrade Go version and dependencies to address security vulnerabilities #12

ad-0xpp · 2025-07-23T22:28:33Z

Add toolchain go1.24.5 for security fixes while keeping Go 1.23.1
Update vulnerable dependencies:
- cometbft: v0.38.15 -> v0.38.17 (fixes GO-2025-3442, GO-2025-3443)
- go-ethereum: v1.14.11 -> v1.14.13 (fixes GO-2025-3436)
- golang.org/x/net: v0.32.0 -> v0.36.0 (fixes GO-2025-3503)
- ibc-go/v8: v8.5.1 -> v8.6.1 (fixes GO-2025-3494)
Fix Docker base image references to use public golang:1.23-bullseye
Resolve Go vulnerabilities affecting blockchain consensus (GO-2025-3442, GO-2025-3443)

…ilities - Add toolchain go1.24.5 for security fixes while keeping Go 1.23.1 - Update vulnerable dependencies: * cometbft: v0.38.15 -> v0.38.17 (fixes GO-2025-3442, GO-2025-3443) * go-ethereum: v1.14.11 -> v1.14.13 (fixes GO-2025-3436) * golang.org/x/net: v0.32.0 -> v0.36.0 (fixes GO-2025-3503) * ibc-go/v8: v8.5.1 -> v8.6.1 (fixes GO-2025-3494) - Fix Docker base image references to use public golang:1.23-bullseye - Resolve Go vulnerabilities affecting blockchain consensus (GO-2025-3442, GO-2025-3443)

ad-0xpp marked this pull request as ready for review July 24, 2025 08:58

tqin7 approved these changes Jul 28, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

fix: upgrade Go version and dependencies to address security vulnerabilities #12

fix: upgrade Go version and dependencies to address security vulnerabilities #12

Uh oh!

ad-0xpp commented Jul 23, 2025

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

3 participants

fix: upgrade Go version and dependencies to address security vulnerabilities #12

Are you sure you want to change the base?

fix: upgrade Go version and dependencies to address security vulnerabilities #12

Uh oh!

Conversation

ad-0xpp commented Jul 23, 2025

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

3 participants