security: resolve CVE-2025-61729 & CVE-2025-47913 via package upgrade (#2560)

s1ntaxe770r · web-flow · commit 856d9d6cc7c8 · 2026-02-06T09:39:49.000-08:00
diff --git a/Dockerfile_backend b/Dockerfile_backend
@@ -1,4 +1,4 @@
-FROM golang:1.25.4 as builder
+FROM golang:1.25.6 as builder
 ARG COMMIT_SHA
 RUN echo "commit sha: ${COMMIT_SHA}"
 
diff --git a/Dockerfile_backend_ee b/Dockerfile_backend_ee
@@ -1,4 +1,4 @@
-FROM golang:1.25.4 as builder
+FROM golang:1.25.6 as builder
 ARG COMMIT_SHA
 RUN echo "commit sha: ${COMMIT_SHA}"
 
diff --git a/Dockerfile_drift b/Dockerfile_drift
@@ -1,4 +1,4 @@
-FROM golang:1.25.4 AS builder
+FROM golang:1.25.6 AS builder
 ARG COMMIT_SHA
 RUN echo "commit sha: ${COMMIT_SHA}"
 
diff --git a/go.mod b/go.mod
@@ -1,3 +1,5 @@
 module github.com/diggerhq/digger
 
 go 1.25.0
+
+require golang.org/x/crypto v0.47.0 // indirect
diff --git a/go.sum b/go.sum
@@ -0,0 +1,2 @@
+golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=
+golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=

Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-FROM golang:1.25.4 as builder`
	`1`	`+FROM golang:1.25.6 as builder`
`2`	`2`	`ARG COMMIT_SHA`
`3`	`3`	`RUN echo "commit sha: ${COMMIT_SHA}"`
`4`	`4`
Original file line number	Diff line number	Diff line change
`@@ -0,0 +1,2 @@`
	`1`	`+golang.org/x/crypto v0.47.0 h1:V6e3FRj+n4dbpw86FJ8Fv7XVOql7TEwpHapKoMJ/GO8=`
	`2`	`+golang.org/x/crypto v0.47.0/go.mod h1:ff3Y9VzzKbwSSEzWqJsJVBnWmRwRSHt/6Op5n9bQc4A=`