From 8e452926ae4ab016b1b93b9dc06407cdea3856c5 Mon Sep 17 00:00:00 2001
From: kanywst <niwatakuma@icloud.com>
Date: Mon, 8 Jun 2026 20:30:51 +0900
Subject: [PATCH] chore(deps): bump Go to 1.26.4 (GO-2026-5039, GO-2026-5037)

govulncheck flagged two stdlib vulns present in go1.26.3, both fixed in
go1.26.4: GO-2026-5039 (net/textproto unescaped input in errors) and
GO-2026-5037 (crypto/x509 inefficient hostname parsing). Bump the go
directive so setup-go provisions the fixed toolchain.
---
 go.mod | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/go.mod b/go.mod
index 3eadc0c..08e44be 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/0-draft/mcp-authzen
 
-go 1.26.3
+go 1.26.4
 
 require github.com/mark3labs/mcp-go v0.54.1