elastic / cloudbeat / 19172968028
76%
main: 76%

LAST BUILD BRANCH: renovate/main-github.com-google-gnostic-models-0.x
DEFAULT BRANCH: main
Ran
Jobs 1
Files 229
Run time 1min
Badge
Embed ▾
README BADGES
x

If you need to use a raster PNG badge, change the '.svg' to '.png' in the link

Markdown

Textile

RDoc

HTML

Rst
coverage: 76.19%. Remained the same
19172968028

push

github

web-flow 
Update Go to 1.25.2 for CVE-2025-61725 (net/mail ParseAddress DoS) (#3667)

### Summary of your changes

Addresses GHSA-qh38-484v-w52x: Go's `net/mail.ParseAddress` is
vulnerable to CPU exhaustion when parsing large domain-literals (CVSS
7.5). Fixed in Go 1.25.2.

This PR follows the Go version bump pattern from PR #3607, updating all
necessary files to ensure consistency across the repository.

### Changes Made

- `.go-version`: 1.25.1 → 1.25.2
- `go.mod`: go 1.24.4 → go 1.25.2
- `bin/.go-1.25.1.pkg` → `bin/.go-1.25.2.pkg` (renamed)
- `bin/go`: Updated symlink to point to `.go-1.25.2.pkg`
- `bin/gofmt`: Updated symlink to point to `.go-1.25.2.pkg`
- `docs/version.asciidoc`: `:go-version:` 1.25.1 → 1.25.2

### Impact

No direct usage of `net/mail` found in codebase. Update mitigates
potential transitive dependency exposure and ensures all Go version
references are consistent across the repository.

### Screenshot/Data

N/A - Infrastructure update only

### Related Issues

- Related: GHSA-qh38-484v-w52x / CVE-2025-61725
- Reference: #3607

### Checklist
- [ ] I have added tests that prove my fix is effective or that my
feature works
- [ ] I have added the necessary README/documentation (if appropriate)

#### Introducing a new rule?

- [ ] Generate rule metadata using [this
script](https://github.com/elastic/cloudbeat/tree/main/security-policies/dev#generate-rules-metadata)
- [ ] Add relevant unit tests
- [ ] Generate relevant rule templates using [this
script](https://github.com/elastic/cloudbeat/tree/main/security-policies/dev#generate-rule-templates),
and open a PR in
[elastic/packages/cloud_security_posture](https://github.com/elastic/integrations/tree/main/packages/cloud_security_posture)

<!-- START COPILOT CODING AGENT SUFFIX -->



<details>

<summary>Original prompt</summary>

> Check if repository impacted by GHSA-qh38-484v-w52x


</details>



<!-- START COPILOT CODING AGENT TIPS -->
---

💡 You can make Copilot smarter by setting up custom in... (continued)

9600 of 12600 relevant lines covered (76.19%)

16.59 hits per line

Uncovered Existing Lines

Lines Coverage File
2
83.06
 0.0% internal/resources/providers/gcplib/inventory/provider.go
Jobs
ID Job ID Ran Files Coverage
1 19172968028.1 229
76.19
 GitHub Action Run
Source Files on build 19172968028