fix: upgrade Go toolchain to 1.25.5 to address HIGH severity CVEs

Fixes #3807

Upgraded Go from 1.24 to 1.25.5 to resolve HIGH severity vulnerabilities
in Go standard library (net/http, crypto, encoding packages).

Changes:
- Updated go.mod: go 1.24.1 -> go 1.25.5
- Updated GitHub Actions workflows (ci.yaml, release.yml, gh-pages.yaml)
- Updated developer_guide.md: Golang 1.20+ -> Golang 1.25.3+
- Updated third_party prometheus-nats-exporter Dockerfile

All dependencies verified compatible. Build and tests pass successfully.

Signed-off-by: Yugan <yugannkt@gmail.com>

Author: yugannkt

.github/workflows/ci.yaml

@@ -21,7 +21,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v6
         with:
-          go-version: "1.24"
+          go-version: "1.25.5"
       - name: Restore go build cache
         uses: actions/cache@v5
         with:
@@ -48,7 +48,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v6
         with:
-          go-version: "1.24"
+          go-version: "1.25.5"
       - name: Restore go build cache
         uses: actions/cache@v5
         with:
@@ -75,7 +75,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v6
         with:
-          go-version: "1.24"
+          go-version: "1.25.5"
       - name: Restore go build cache
         uses: actions/cache@v5
         with:
@@ -108,7 +108,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v6
         with:
-          go-version: "1.24"
+          go-version: "1.25.5"
       - name: Restore go build cache
         uses: actions/cache@v5
         with:

.github/workflows/gh-pages.yaml

@@ -23,7 +23,7 @@ jobs:
       - name: Setup Golang
         uses: actions/setup-go@v6
         with:
-          go-version: "1.24"
+          go-version: "1.25.5"
       - name: build
         run: make docs
       - name: deploy

.github/workflows/release.yml

@@ -27,7 +27,7 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@v6
         with:
-          go-version: "1.24"
+          go-version: "1.25.5"
 
       - name: Build binaries
         run: |
@@ -95,7 +95,7 @@ jobs:
           fi
       - uses: actions/setup-go@v6
         with:
-          go-version: "1.24"
+          go-version: "1.25.5"
       - uses: actions/checkout@v6
       - run: go install sigs.k8s.io/bom/cmd/bom@v0.2.0
       - run: go install github.com/spdx/spdx-sbom-generator/cmd/generator@v0.0.13

docs/developer_guide.md

@@ -8,7 +8,7 @@ another cluster you can ignore the Minikube specific step 3.
 
 ### Requirements
 
-- Golang 1.20+
+- Golang 1.25.3+
 - Docker
 
 ### Installation & Setup

go.mod

@@ -1,6 +1,6 @@
 module github.com/argoproj/argo-events
 
-go 1.24.1
+go 1.25.5
 
 retract v1.15.1 // Contains retractions only.
 

third_party/prometheus-nats-exporter-docker/amd64/Dockerfile

@@ -1,5 +1,5 @@
 # Golang binary building stage
-FROM golang:1.20.2
+FROM golang:1.25.5
 WORKDIR $GOPATH/src/github.com/nats-io/prometheus-nats-exporter
 RUN git clone --branch v0.10.1 https://github.com/nats-io/prometheus-nats-exporter.git .
 RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -v -a -tags netgo -installsuffix netgo -ldflags "-s -w"