From 452010eb505beca737e26818ece54fd45d7ec7de Mon Sep 17 00:00:00 2001
From: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Date: Fri, 27 Feb 2026 00:04:19 +0300
Subject: [PATCH 1/2] fix(security): remediate CVE vulnerabilities

- Update Go version to 1.24.13 (fixes CVE-2025-68121, CVE-2025-61726,
  CVE-2025-61731, CVE-2025-61732, CVE-2025-61728, CVE-2025-61730)

Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 19ab5a7..1a6093c 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/crossplane-contrib/function-patch-and-transform
 
-go 1.24.11
+go 1.24.13
 
 require (
 	github.com/alecthomas/kong v1.13.0

From ae0c93f1777f9b0823ac6371bfe15146da33e8be Mon Sep 17 00:00:00 2001
From: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
Date: Fri, 27 Feb 2026 00:12:00 +0300
Subject: [PATCH 2/2] ci: update Go version to 1.24.13

Update GO_VERSION in CI workflow to match go.mod requirement
after CVE remediation.

Signed-off-by: Alper Rifat Ulucinar <ulucinar@users.noreply.github.com>
---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 376c8e2..2afbec5 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -14,7 +14,7 @@ on:
 
 env:
   # Common versions
-  GO_VERSION: '1.24.11'
+  GO_VERSION: '1.24.13'
   GOLANGCI_VERSION: 'v2.4.0'
   DOCKER_BUILDX_VERSION: 'v0.23.0'