chore(deps): upgrade Go to 1.26 in binary installer

[czubocha]

Closes: #{ISSUE_NUMBER}

This PR upgrades the Go version used by the binary installer to 1.26.

Why this change:

• Addresses CVE-2026-27139: The std/os package in older Go versions (e.g., 1.25.7) had a Directory Traversal vulnerability. Go 1.26.1 (and later patches) includes the fix.
• Future-proofing: By setting the Go version to 1.26 in go.mod and >=1.26 in CI/release workflows, the build system will automatically pick up the latest patch version of Go 1.26, ensuring continuous security updates without manual intervention.
• Compatibility: A thorough analysis confirmed no breaking changes or incompatibilities with Go 1.26 in the existing codebase.

  

Summary by CodeRabbit

• Chores
  • CI and release workflows now require Go >= 1.26.1.
  • Project module configuration updated to Go 1.26.1 to match the CI toolchain.
  • No functional or public API changes; impacts build/tooling and developer environment only.

[cursor]

Cursor Agent can help with this pull request. Just @cursor in comments and I'll start working on changes in this branch.
_{Learn more about Cursor Agents}

[Mmarzex]

⛔ Snyk checks have failed. 2 issues have been found so far.

Status	Scanner	Critical	High	Medium	Low	Total (2)
⛔	Open Source Security	0	2	0	0	2 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: ddfdcd6f-bf8d-4d82-b129-fff0a165143f

📥 Commits

Reviewing files that changed from the base of the PR and between 02a37a4 and a16effd.

📒 Files selected for processing (3)

• .github/workflows/ci-binary-installer.yml
• .github/workflows/release-binary-installer.yml
• binary-installer/go.mod

🚧 Files skipped from review as they are similar to previous changes (3)

• .github/workflows/release-binary-installer.yml
• binary-installer/go.mod
• .github/workflows/ci-binary-installer.yml

---

📝 Walkthrough

Walkthrough

Go requirement bumped from 1.25 to 1.26.1 in CI workflows and the binary-installer module file. No other behavioral or API changes introduced.

Changes

Cohort / File(s)	Summary
CI Workflows /.github/workflows/ci-binary-installer.yml, /.github/workflows/release-binary-installer.yml	Updated with: go-version constraint from '>=1.25' to '>=1.26.1' in the "Setup: Go" steps.
Module File binary-installer/go.mod	Updated go directive from 1.25 to 1.26.1.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Poem

🐰 I hopped a little, bumped the go,
From twenty-five to twenty-six point one, ho!
CI and module now align,
A soft small tweak, a tidy sign.

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: upgrading Go from 1.25 to 1.26 in the binary installer across workflow and module files.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch cursor/problem-resolution-2532

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against the current code and only fix it if needed.

Inline comments:
In @.github/workflows/ci-binary-installer.yml:
- Line 28: The GitHub Actions step using actions/setup-go currently sets
go-version: '>=1.26.1' which is an open-ended SemVer range; update the
go-version value to a bounded patch range (e.g., '~1.26.1') so it allows patch
updates but prevents automatic minor bumps (change go-version in the
actions/setup-go step from '>=1.26.1' to '~1.26.1').

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro

Run ID: 54c7958e-d634-4524-a102-583f05890a02

📥 Commits

Reviewing files that changed from the base of the PR and between 50d395f and 04e4629.

📒 Files selected for processing (3)

• .github/workflows/ci-binary-installer.yml
• .github/workflows/release-binary-installer.yml
• binary-installer/go.mod