Release 3.49

[kingcrunch]

Description

Current release 3.48 is affected by https://nvd.nist.gov/vuln/detail/cve-2025-68121
As far as I can see the upcoming 3.49 already uses go-1.26 and therefore should not be affected.

We have a pretty strict policy regarding vulnerabilities and currently trivy scanner reports issues go-task.

It would be nice, if one could just release 3.49

Thank you for your effort :)

[trulede]

In the interim, while you wait ... you might install from source either an existing released version, or main. Use a docker container for instance, makes it easy to select a golang version.

https://taskfile.dev/docs/installation#build-from-source
https://github.com/trulede/task-docker/blob/main/Dockerfile

[trulede]

@kingcrunch can you please provide the text of the report which indicates an issue with task.

[andreynering]

I plan to do a release this weekend 🙂

[andreynering]

Release is out!

https://github.com/go-task/task/releases/tag/v3.49.0