Update go 1.23.8 => 1.23.10 (#4207)

MikeWillCook · Mike-at-Paramify · web-flow · commit 3fd8dfa0f9aa · 2025-07-06T16:18:03.000-04:00
Co-authored-by: Mike Cook &lt;mike@paramify.com&gt;
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -20,7 +20,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v3
         with:
-          go-version: 1.23.8
+          go-version: 1.23.10
         id: go
 
       - name: Setup Node.js environment
@@ -50,7 +50,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v3
         with:
-          go-version: 1.23.8
+          go-version: 1.23.10
         id: go
 
       - name: Setup Node.js environment
@@ -82,7 +82,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v3
         with:
-          go-version: 1.23.8
+          go-version: 1.23.10
         id: go
 
       - name: Setup Node.js environment
@@ -274,7 +274,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v3
         with:
-          go-version: 1.23.8
+          go-version: 1.23.10
         id: go
 
       # Make sure esbuild works with old versions of Deno. Note: It's important
diff --git a/.github/workflows/validate.yml b/.github/workflows/validate.yml
@@ -18,7 +18,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v3
         with:
-          go-version: 1.23.8
+          go-version: 1.23.10
         id: go
 
       - name: Validation checks
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -17,6 +17,10 @@
     (()=>{})();
     ```
 
+* Update Go from 1.23.8 to 1.23.10 ([#4204](https://github.com/evanw/esbuild/issues/4204), [#4207](https://github.com/evanw/esbuild/pull/4207)
+
+    This should have no effect on existing code as this version change does not change Go's operating system support. It may remove certain reports from vulnerability scanners that detect which version of the Go compiler esbuild uses. Fixed vulnerabilities CVE-2025-4673 and CVE-2025-22874.
+
 ## 0.25.5
 
 * Fix a regression with `browser` in `package.json` ([#4187](https://github.com/evanw/esbuild/issues/4187))
diff --git a/Makefile b/Makefile
@@ -20,7 +20,7 @@ test-all:
 	@$(MAKE) --no-print-directory -j6 test-common test-deno ts-type-tests test-wasm-node test-wasm-browser lib-typecheck test-yarnpnp
 
 check-go-version:
-	@go version | grep ' go1\.23\.8 ' || (echo 'Please install Go version 1.23.8' && false)
+	@go version | grep ' go1\.23\.10 ' || (echo 'Please install Go version 1.23.10' && false)
 
 # Note: Don't add "-race" here by default. The Go race detector is currently
 # only supported on the following configurations:
