[Snyk] Security upgrade golang from 1.25.2-alpine3.22 to 1.26.1-alpine3.22

[caniszczyk]

Snyk has created this PR to fix 3 vulnerabilities in the dockerfile dependencies of this project.

Keeping your Docker base image up-to-date means you’ll benefit from security fixes in the latest version of your chosen image.

Snyk changed the following file(s):

• tool/actions-gh-release/Dockerfile

We recommend upgrading to golang:1.26.1-alpine3.22, as this image has only 0 known vulnerabilities. To do this, merge this pull request, then verify your application still works as expected.

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score
	CVE-2025-69421 SNYK-ALPINE322-OPENSSL-15121226	614
	CVE-2025-69421 SNYK-ALPINE322-OPENSSL-15121226	614
	CVE-2025-46394 SNYK-ALPINE322-BUSYBOX-14091698	364
	CVE-2025-46394 SNYK-ALPINE322-BUSYBOX-14091698	364
	CVE-2024-58251 SNYK-ALPINE322-BUSYBOX-14091701	364

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 28.83%. Comparing base (32577dd) to head (cf82bab).
⚠️ Report is 132 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #6560      +/-   ##
==========================================
+ Coverage   28.82%   28.83%   +0.01%     
==========================================
  Files         563      563              
  Lines       60035    60035              
==========================================
+ Hits        17303    17313      +10     
+ Misses      41410    41401       -9     
+ Partials     1322     1321       -1     

Flag	Coverage Δ
.	23.29% <ø> (+0.01%)	⬆️
.-pkg-app-pipedv1-plugin-analysis	32.64% <ø> (ø)
.-pkg-app-pipedv1-plugin-ecs	0.00% <ø> (ø)
.-pkg-app-pipedv1-plugin-kubernetes	58.67% <ø> (ø)
.-pkg-app-pipedv1-plugin-kubernetes_multicluster	67.63% <ø> (ø)
.-pkg-app-pipedv1-plugin-scriptrun	54.83% <ø> (ø)
.-pkg-app-pipedv1-plugin-terraform	38.65% <ø> (ø)
.-pkg-app-pipedv1-plugin-wait	33.92% <ø> (ø)
.-pkg-app-pipedv1-plugin-waitapproval	52.71% <ø> (ø)
.-pkg-plugin-sdk	50.34% <ø> (+0.19%)	⬆️
.-tool-actions-gh-release	19.23% <ø> (ø)
.-tool-actions-plan-preview	25.51% <ø> (ø)
.-tool-codegen-protoc-gen-auth	0.00% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Harness.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[github-actions]

This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[github-actions]

This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[github-actions]

This PR is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[khanhtc1202]

✅ This PR has been automatically closed

The security issues addressed by this pull request are no longer present in the latest project scan. All vulnerabilities this PR was created to fix have been resolved through other means (e.g., dependency updates, direct fixes, or changes in vulnerability data).

Resolved Issues

• SNYK-ALPINE322-OPENSSL-15121226
• SNYK-ALPINE322-BUSYBOX-14091698
• SNYK-ALPINE322-BUSYBOX-14091701

What should I do?

No action is required. If you believe this PR was closed in error, you can reopen it and contact Snyk support.

---

This action was performed automatically by Snyk.