feat: go 1.25.5

[wolf31o2]

Summary by cubic

Updated the Docker build image to use Go 1.25.5 instead of 1.25.4. Keeps the toolchain current with the latest bug fixes and security updates.

^{Written for commit b363a55. Summary will update automatically on new commits.}

Summary by CodeRabbit

• Chores
  • Updated the Go toolchain to a newer patch version.

_{✏️ Tip: You can customize this high-level summary in your review settings.}

[coderabbitai]

📝 Walkthrough

Walkthrough

The Dockerfile's Go toolchain package version is updated from go-1.25~=1.25.4 to go-1.25~=1.25.5 within the apk add command. This is a patch-level version increment with no changes to build steps, dependencies, or container entry point.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

• Single version number update with no logic or structural changes
• Straightforward patch bump requiring verification of version availability and compatibility

Possibly related PRs

• feat: go 1.25.4 #73: Earlier PR that bumped Go toolchain to version 1.25.4, which this PR further upgrades to 1.25.5.

Pre-merge checks and finishing touches

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: updating Go from 1.25.4 to 1.25.5 in the Dockerfile.

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat/go-1.25.5

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[cubic-dev-ai]

No issues found across 1 file

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 47e0871 and b363a55.

📒 Files selected for processing (1)

• Dockerfile (1 hunks)

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (1)

• GitHub Check: cubic · AI code reviewer

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🌐 Web query:

Go 1.25.5 release security advisories CVE

💡 Result:

Go 1.25.5 addresses two security issues: CVE-2025-61729 (excessive resource consumption when printing HostnameError error strings in crypto/x509) and CVE-2025-61727 (excluded subdomain constraint not restricting wildcard SANs in crypto/x509). [1][2]

---

Go 1.25.5 patch includes security fixes.

This update to Go 1.25.5 addresses CVE-2025-61729 (excessive resource consumption in crypto/x509 error printing) and CVE-2025-61727 (wildcard SAN constraint validation in crypto/x509). The patch-level version bump is appropriate for deploying these security improvements.

🤖 Prompt for AI Agents

In Dockerfile around line 2, the Go runtime is not pinned to the patched
release; update the APK Go package spec to ensure the image installs Go 1.25.5
(or a later 1.25.x patched release) so the CVE fixes are included, then rebuild
the image — change the go package version token to the patched 1.25.5 (or
higher) variant used by this Alpine base and re-run the build to verify the new
Go version is installed.