fix: CVE-2025-61726 - upgrade go version to >1.25.5

Signed-off-by: Shubham Bhardwaj <shubbhar@redhat.com>

Author: infernus01

.github/workflows/ci.yaml

@@ -45,7 +45,7 @@ jobs:
     - name: golangci-lint
       uses: golangci/golangci-lint-action@4afd733a84b1f43292c63897423277bb7f4313a9 # v8.0.0
       with:
-        version: v2.1.6
+        version: v2.9.0
         only-new-issues: true
         args: --timeout=10m
     - name: yamllint
@@ -93,6 +93,3 @@ jobs:
     - name: make cross
       run: |
         make cross
-  e2e-tests:
-    needs: [build]
-    uses: ./.github/workflows/e2e-matrix.yml

.github/workflows/codeql-analysis.yml

@@ -13,10 +13,14 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [main]
+    branches:
+      - main
+      - release-*
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [main]
+    branches:
+      - main
+      - release-*
   schedule:
     - cron: '30 20 * * 2'
 
@@ -38,11 +42,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@45580472a5bb82c4681c4ac726cfdb60060c2ee1  # v3.32.4
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -51,7 +55,7 @@ jobs:
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
     # setup cache to speed up the action
-    - uses: actions/cache@v4
+    - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830  # v4.3.0
       with:
         path: |
           ~/.cache/go-build
@@ -81,4 +85,4 @@ jobs:
         make bin/tkn
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@45580472a5bb82c4681c4ac726cfdb60060c2ee1  # v3.32.4

Makefile

@@ -118,9 +118,10 @@ lint-yaml: ${YAML_FILES}  ; $(info $(M) running yamllint…) ## runs yamllint on
 	@yamllint -c .yamllint $(YAML_FILES)
 
 ## Tests
-TEST_UNIT_TARGETS := test-unit-verbose test-unit-race
+TEST_UNIT_TARGETS := test-unit-verbose test-unit-race test-unit-verbose-and-race
 test-unit-verbose: ARGS=-v
 test-unit-race:    ARGS=-race
+test-unit-verbose-and-race: ARGS=-v -race
 $(TEST_UNIT_TARGETS): test-unit
 .PHONY: $(TEST_UNIT_TARGETS) test-unit
 test-unit: ; $(info $(M) running unit tests…) ## Run unit tests

go.mod

@@ -1,6 +1,6 @@
 module github.com/tektoncd/cli
 
-go 1.25.0
+go 1.25.6
 
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.7