fix: bump go to 1.25.9 to resolve govulncheck findings

TimPietruskyRunPod · TimPietruskyRunPod · commit eb26fd36c119 · 2026-04-13T17:15:51.000+02:00
go 1.25.8 has 4 known vulnerabilities in the standard library
(crypto/x509, crypto/tls, archive/tar) that cause govulncheck
to fail in CI. go 1.25.9 fixes all of them.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -5,10 +5,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
-      - name: Setup Go 1.25.8
+      - name: Setup Go 1.25.9
         uses: actions/setup-go@v5
         with:
-          go-version: 1.25.8
+          go-version: 1.25.9
       # You can test your matrix by printing the current Go version
       - name: Display Go version
         run: go version
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -34,7 +34,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v5
         with:
-          go-version: "1.25.8"
+          go-version: "1.25.9"
 
       - name: Run GoReleaser
         uses: goreleaser/goreleaser-action@v6
diff --git a/go.mod b/go.mod
@@ -1,6 +1,6 @@
 module github.com/runpod/runpodctl
 
-go 1.25.8
+go 1.25.9
 
 require (
 	github.com/denisbrodbeck/machineid v1.0.1
