Bump golang.org/x/oauth2 from 0.35.0 to 0.36.0

.github/workflows/build.yml

@@ -19,7 +19,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v6
         with:
-          go-version: 1.24
+          go-version: 1.25
 
       - name: Vet
         run: go vet ./...

.github/workflows/golangci-lint.yml

@@ -17,4 +17,4 @@ jobs:
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v9
         with:
-          version: v2.1.6
+          version: v2.11.2

api/client.go

@@ -44,7 +44,7 @@ func (c *Client) NewRequest(method, url string, body io.Reader) (req *http.Reque
 }
 
 func (c *Client) Do(req *http.Request) (res *http.Response, err error) {
-	res, err = c.HTTPClient.Do(req)
+	res, err = c.HTTPClient.Do(req) //nolint: gosec
 	if err != nil {
 		err = fmt.Errorf("HTTP request failed: %w", err)
 	}

api/response.go

@@ -6,6 +6,7 @@ import (
 	"io"
 	"net/http"
 	"net/url"
+	"strings"
 )
 
 type ResponseBody struct {
@@ -58,19 +59,19 @@ func (c *Client) GetJSONResponse(req *http.Request) (data *ResponseBody, err err
 	err = json.Unmarshal(body, data)
 
 	if res.StatusCode != http.StatusOK {
-		errInfo := ""
+		var errInfo strings.Builder
 
 		if data.Error != nil {
 			for _, e := range data.Error.Errors {
-				errInfo += fmt.Sprintf(" - %s: %s", e.Title, e.Detail)
+				fmt.Fprintf(&errInfo, " - %s: %s", e.Title, e.Detail)
 			}
 		}
 
 		for _, e := range data.Errors {
-			errInfo += fmt.Sprintf(" - %s: %s", e.Title, e.Detail)
+			fmt.Fprintf(&errInfo, " - %s: %s", e.Title, e.Detail)
 		}
 
-		err = fmt.Errorf("HTTP request returned non-ok status %s%s", res.Status, errInfo)
+		err = fmt.Errorf("HTTP request returned non-ok status %s%s", res.Status, errInfo.String())
 
 		return
 	}

api/trace.go

@@ -8,7 +8,7 @@ type LoggingRoundTripper struct {
 	Base http.RoundTripper
 }
 
-// Prepare custom client that using a logging transport.
+// NewLoggingHTTPClient prepares a custom client that using a logging transport.
 func NewLoggingHTTPClient() *http.Client {
 	client := *http.DefaultClient
 	client.Transport = LoggingRoundTripper{http.DefaultTransport}

check.go

@@ -112,7 +112,7 @@ func (c *Config) Run() (rc int, output string, err error) {
 	var sb strings.Builder
 
 	for index, list := range byLocation {
-		sb.WriteString(fmt.Sprintf("\n## %s\n\n", index))
+		fmt.Fprintf(&sb, "\n## %s\n\n", index)
 
 		for _, threat := range list {
 			var stateText string
@@ -127,15 +127,15 @@ func (c *Config) Run() (rc int, output string, err error) {
 				stateText = "WARNING"
 			}
 
-			sb.WriteString(fmt.Sprintf("[%s] [%s] %s: (%s) %s (%s)\n",
+			fmt.Fprintf(&sb, "[%s] [%s] %s: (%s) %s (%s)\n",
 				// nolint: gosmopolitan
 				threat.ThreatInfo.CreatedAt.Local().Format("2006-01-02 15:04 MST"),
 				stateText,
 				threat.AgentRealtimeInfo.AgentComputerName,
 				threat.ThreatInfo.Classification,
 				threat.ThreatInfo.ThreatName,
 				threat.ThreatInfo.MitigationStatusDescription,
-			))
+			)
 		}
 	}
 
@@ -150,8 +150,8 @@ func (c *Config) Run() (rc int, output string, err error) {
 
 	// Add perfdata.
 	sb.WriteString("|")
-	sb.WriteString(fmt.Sprintf(" threats=%d", total))
-	sb.WriteString(fmt.Sprintf(" threats_not_mitigated=%d", notMitigated))
+	fmt.Fprintf(&sb, " threats=%d", total)
+	fmt.Fprintf(&sb, " threats_not_mitigated=%d", notMitigated)
 	output = sb.String()
 
 	// determine final state.

go.mod

@@ -1,10 +1,10 @@
 module github.com/NETWAYS/check_sentinelone
 
-go 1.24.0
+go 1.25.0
 
 require (
 	github.com/NETWAYS/go-check v0.6.4
 	github.com/jarcoal/httpmock v1.4.1
 	github.com/spf13/pflag v1.0.10
-	golang.org/x/oauth2 v0.35.0
+	golang.org/x/oauth2 v0.36.0
 )

go.sum

@@ -8,5 +8,5 @@ github.com/maxatome/go-testdeep v1.14.0 h1:rRlLv1+kI8eOI3OaBXZwb3O7xY3exRzdW5QyX
 github.com/maxatome/go-testdeep v1.14.0/go.mod h1:lPZc/HAcJMP92l7yI6TRz1aZN5URwUBUAfUNvrclaNM=
 github.com/spf13/pflag v1.0.10 h1:4EBh2KAYBwaONj6b2Ye1GiHfwjqyROoF4RwYO+vPwFk=
 github.com/spf13/pflag v1.0.10/go.mod h1:McXfInJRrz4CZXVZOBLb0bTZqETkiAhM9Iw0y3An2Bg=
-golang.org/x/oauth2 v0.35.0 h1:Mv2mzuHuZuY2+bkyWXIHMfhNdJAdwW3FuWeCPYN5GVQ=
-golang.org/x/oauth2 v0.35.0/go.mod h1:lzm5WQJQwKZ3nwavOZ3IS5Aulzxi68dUSgRHujetwEA=
+golang.org/x/oauth2 v0.36.0 h1:peZ/1z27fi9hUOFCAZaHyrpWG5lwe0RJEEEeH0ThlIs=
+golang.org/x/oauth2 v0.36.0/go.mod h1:YDBUJMTkDnJS+A4BP4eZBjCqtokkg1hODuPjwiGPO7Q=