Please update the go version to 1.25.5

Hello team, could you please merge the following [dependabot PR](https://github.com/envoyproxy/ratelimit/pull/1020)?

That would fix multiple CVEs:

Name | Type | Version Installed | Vulnerability ID | Fixed in | Severity | Path
-- | -- | -- | -- | -- | -- | --
stdlib | go-module | go1.25.3 | CVE-2025-61729 | 1.24.11<br>1.25.5 | High | /bin/ratelimit
stdlib | go-module | go1.25.3 | CVE-2025-61727 | 1.24.11<br>1.25.5 | Medium | /bin/ratelimit

Evidence:
- `grype` scanner against the latest sha in the DockerHub registry:

<img width="679" height="212" alt="Image" src="https://github.com/user-attachments/assets/0d179411-102c-49c8-a462-74e781c88a0e" />

- `grype` scanner against the locally built image from the Dockerfile:

<img width="584" height="184" alt="Image" src="https://github.com/user-attachments/assets/374e8f1c-40b6-4322-9774-cc9e5d8bc2e3" />

Thank you!

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Please update the go version to 1.25.5 #1029

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Name	Type	Version Installed	Vulnerability ID	Fixed in	Severity	Path
stdlib	go-module	go1.25.3	CVE-2025-61729	1.24.11 1.25.5	High	/bin/ratelimit
stdlib	go-module	go1.25.3	CVE-2025-61727	1.24.11 1.25.5	Medium	/bin/ratelimit

Please update the go version to 1.25.5 #1029

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions