From e70b2fa5da8e68c4deb282b4e16e2ff95cb2e804 Mon Sep 17 00:00:00 2001
From: sievdokymov-virtru <sergii.ievdokymov@virtru.com>
Date: Tue, 21 Apr 2026 13:07:49 +0300
Subject: [PATCH] chore: bump Go toolchain to 1.25.9

Fixes 4 standard library vulnerabilities reported by govulncheck:
- GO-2026-4947: Unexpected work during chain building in crypto/x509
- GO-2026-4946: Inefficient policy validation in crypto/x509
- GO-2026-4870: Unauthenticated TLS 1.3 KeyUpdate DoS in crypto/tls
- GO-2026-4865: XSS via JsBraceDepth context tracking in html/template

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 641163b3..d59c8411 100644
--- a/go.mod
+++ b/go.mod
@@ -2,7 +2,7 @@ module github.com/opentdf/otdfctl
 
 go 1.25.0
 
-toolchain go1.25.8
+toolchain go1.25.9
 
 require (
 	github.com/adrg/frontmatter v0.2.0