From 19d1d22b5ac609612788c6ded065474aefcc2d6d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 9 Mar 2026 10:40:08 +0000
Subject: [PATCH 1/5] Bump golang.org/x/oauth2 from 0.35.0 to 0.36.0

Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.35.0 to 0.36.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod | 4 ++--
 go.sum | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/go.mod b/go.mod
index f6b4f41..1a2baab 100644
--- a/go.mod
+++ b/go.mod
@@ -1,10 +1,10 @@
 module github.com/NETWAYS/check_sentinelone
 
-go 1.24.0
+go 1.25.0
 
 require (
 	github.com/NETWAYS/go-check v0.6.4
 	github.com/jarcoal/httpmock v1.4.1
 	github.com/spf13/pflag v1.0.10
-	golang.org/x/oauth2 v0.35.0
+	golang.org/x/oauth2 v0.36.0
 )
diff --git a/go.sum b/go.sum
index 9e4e437..9d68e43 100644
--- a/go.sum
+++ b/go.sum
@@ -8,5 +8,5 @@ github.com/maxatome/go-testdeep v1.14.0 h1:rRlLv1+kI8eOI3OaBXZwb3O7xY3exRzdW5QyX
 github.com/maxatome/go-testdeep v1.14.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM=
 github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
 github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
-golang.org/x/oauth2 v0.35.0 h1:Mv2mzuHuZuY2+bkyWXIHMfhNdJAdwW3FuWeCPYN5GVQ=
-golang.org/x/oauth2 v0.35.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
+golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs=
+golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q=

From 2850ce4cf96855e5c061f446d11daa7eec2cf69e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lorenz=20K=C3=A4stle?= <lorenz.kaestle@netways.de>
Date: Mon, 9 Mar 2026 13:55:31 +0100
Subject: [PATCH 2/5] Test build with golang 1.25 instead of 1.24

---
 .github/workflows/build.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index d9b5a67..8dbe3fe 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -19,7 +19,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v6
         with:
-          go-version: 1.24
+          go-version: 1.25
 
       - name: Vet
         run: go vet ./...

From e4197fda02b25d004f48f642d610349c69b67e7d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lorenz=20K=C3=A4stle?= <lorenz.kaestle@netways.de>
Date: Mon, 9 Mar 2026 13:55:45 +0100
Subject: [PATCH 3/5] New golangci version to due version requirements

---
 .github/workflows/golangci-lint.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml
index 6ec6004..7eb1958 100644
--- a/.github/workflows/golangci-lint.yml
+++ b/.github/workflows/golangci-lint.yml
@@ -17,4 +17,4 @@ jobs:
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v9
         with:
-          version: v2.1.6
+          version: v2.11.2

From 304c4c92cdd06481284d8d7d3fca7679437adc8e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lorenz=20K=C3=A4stle?= <lorenz.kaestle@netways.de>
Date: Mon, 9 Mar 2026 14:35:01 +0100
Subject: [PATCH 4/5] Fix linter findings

---
 api/response.go |  9 +++++----
 api/trace.go    |  2 +-
 check.go        | 10 +++++-----
 3 files changed, 11 insertions(+), 10 deletions(-)

diff --git a/api/response.go b/api/response.go
index 629b6ee..29e5a6e 100644
--- a/api/response.go
+++ b/api/response.go
@@ -6,6 +6,7 @@ import (
 	"io"
 	"net/http"
 	"net/url"
+	"strings"
 )
 
 type ResponseBody struct {
@@ -58,19 +59,19 @@ func (c *Client) GetJSONResponse(req *http.Request) (data *ResponseBody, err err
 	err = json.Unmarshal(body, data)
 
 	if res.StatusCode != http.StatusOK {
-		errInfo := ""
+		var errInfo strings.Builder
 
 		if data.Error != nil {
 			for _, e := range data.Error.Errors {
-				errInfo += fmt.Sprintf(" - %s: %s", e.Title, e.Detail)
+				fmt.Fprintf(&errInfo, " - %s: %s", e.Title, e.Detail)
 			}
 		}
 
 		for _, e := range data.Errors {
-			errInfo += fmt.Sprintf(" - %s: %s", e.Title, e.Detail)
+			fmt.Fprintf(&errInfo, " - %s: %s", e.Title, e.Detail)
 		}
 
-		err = fmt.Errorf("HTTP request returned non-ok status %s%s", res.Status, errInfo)
+		err = fmt.Errorf("HTTP request returned non-ok status %s%s", res.Status, errInfo.String())
 
 		return
 	}
diff --git a/api/trace.go b/api/trace.go
index 2ca63ce..bf20532 100644
--- a/api/trace.go
+++ b/api/trace.go
@@ -8,7 +8,7 @@ type LoggingRoundTripper struct {
 	Base http.RoundTripper
 }
 
-// Prepare custom client that using a logging transport.
+// NewLoggingHTTPClient prepares a custom client that using a logging transport.
 func NewLoggingHTTPClient() *http.Client {
 	client := *http.DefaultClient
 	client.Transport = LoggingRoundTripper{http.DefaultTransport}
diff --git a/check.go b/check.go
index 934d947..cccd10e 100644
--- a/check.go
+++ b/check.go
@@ -112,7 +112,7 @@ func (c *Config) Run() (rc int, output string, err error) {
 	var sb strings.Builder
 
 	for index, list := range byLocation {
-		sb.WriteString(fmt.Sprintf("\n## %s\n\n", index))
+		fmt.Fprintf(&sb, "\n## %s\n\n", index)
 
 		for _, threat := range list {
 			var stateText string
@@ -127,7 +127,7 @@ func (c *Config) Run() (rc int, output string, err error) {
 				stateText = "WARNING"
 			}
 
-			sb.WriteString(fmt.Sprintf("[%s] [%s] %s: (%s) %s (%s)\n",
+			fmt.Fprintf(&sb, "[%s] [%s] %s: (%s) %s (%s)\n",
 				// nolint: gosmopolitan
 				threat.ThreatInfo.CreatedAt.Local().Format("2006-01-02 15:04 MST"),
 				stateText,
@@ -135,7 +135,7 @@ func (c *Config) Run() (rc int, output string, err error) {
 				threat.ThreatInfo.Classification,
 				threat.ThreatInfo.ThreatName,
 				threat.ThreatInfo.MitigationStatusDescription,
-			))
+			)
 		}
 	}
 
@@ -150,8 +150,8 @@ func (c *Config) Run() (rc int, output string, err error) {
 
 	// Add perfdata.
 	sb.WriteString("|")
-	sb.WriteString(fmt.Sprintf(" threats=%d", total))
-	sb.WriteString(fmt.Sprintf(" threats_not_mitigated=%d", notMitigated))
+	fmt.Fprintf(&sb, " threats=%d", total)
+	fmt.Fprintf(&sb, " threats_not_mitigated=%d", notMitigated)
 	output = sb.String()
 
 	// determine final state.

From 070c3d2f21f7aba4aced3f3da9f4e7cced924681 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Lorenz=20K=C3=A4stle?= <lorenz.kaestle@netways.de>
Date: Mon, 9 Mar 2026 15:03:08 +0100
Subject: [PATCH 5/5] Ignore not applicable linter issue

---
 api/client.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/api/client.go b/api/client.go
index 5feef31..540ab1b 100644
--- a/api/client.go
+++ b/api/client.go
@@ -44,7 +44,7 @@ func (c *Client) NewRequest(method, url string, body io.Reader) (req *http.Reque
 }
 
 func (c *Client) Do(req *http.Request) (res *http.Response, err error) {
-	res, err = c.HTTPClient.Do(req)
+	res, err = c.HTTPClient.Do(req) //nolint: gosec
 	if err != nil {
 		err = fmt.Errorf("HTTP request failed: %w", err)
 	}