From 88ccce884c32c65af0b28736632e40f69301c9cb Mon Sep 17 00:00:00 2001
From: Steve Yegge <steve.yegge@gmail.com>
Date: Tue, 16 Dec 2025 00:52:54 -0800
Subject: [PATCH] chore: update Go toolchain to 1.24.11 to address CVEs
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Fixes #565. Updates toolchain from go1.24.2 to go1.24.11 to address:
- CVE-2025-22874: crypto/x509 ExtKeyUsageAny policy validation
- CVE-2025-47907: database/sql Postgres Scan race condition
- CVE-2025-58183: archive/tar unbounded allocation
- CVE-2025-58186: net/http unbounded headers
- CVE-2025-58187: crypto/x509 name constraint resource consumption
- CVE-2025-61729: crypto/x509 excessive resource consumption

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 8bdfd883..a6955c25 100644
--- a/go.mod
+++ b/go.mod
@@ -2,7 +2,7 @@ module github.com/steveyegge/beads
 
 go 1.24.0
 
-toolchain go1.24.2
+toolchain go1.24.11
 
 require (
 	github.com/anthropics/anthropic-sdk-go v1.19.0