From 7e2d784d74a0ac501521deceda2ffbeb46706c76 Mon Sep 17 00:00:00 2001
From: kanywst <niwatakuma@icloud.com>
Date: Wed, 3 Jun 2026 19:30:58 +0900
Subject: [PATCH] fix(deps): bump go directive to 1.26.4 for stdlib vulns

Go 1.26.3 stdlib is affected by GO-2026-5037 (crypto/x509),
GO-2026-5038 (mime), and GO-2026-5039 (net/textproto), all fixed
in 1.26.4. CI resolves its toolchain from go.mod (go-version-file),
so bumping the go directive picks up the patched stdlib and clears
the govulncheck job.
---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 4db0834..743a245 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/0-draft/omega
 
-go 1.26.3
+go 1.26.4
 
 require (
 	github.com/cedar-policy/cedar-go v1.6.2