From 9f57d4dccf078718f5500a0357e4e806b99ca43a Mon Sep 17 00:00:00 2001
From: Andrew Nesbitt <andrewnez@gmail.com>
Date: Wed, 18 Mar 2026 19:22:45 +0000
Subject: [PATCH] Fix mnd/stringscut/slicescontains lints and bump Go to 1.26.1

Extracts magic number 8192 into a const, uses strings.Cut and
slices.Contains for cleaner code, and bumps Go from 1.25.6 to
1.26.1 to fix stdlib vulnerability GO-2026-4602.
---
 .github/workflows/ci.yml |  4 ++--
 extract/extract.go       | 19 ++++++++++---------
 go.mod                   |  2 +-
 3 files changed, 13 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index a4ed1dd..f3b2242 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        go-version: ['1.25']
+        go-version: ['1.26']
 
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
@@ -43,7 +43,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6
         with:
-          go-version: '1.25'
+          go-version: '1.26'
 
       - name: golangci-lint
         uses: golangci/golangci-lint-action@1e7e51e771db61008b38414a730f564565cf7c20 # v9
diff --git a/extract/extract.go b/extract/extract.go
index ebdcff8..3abccc2 100644
--- a/extract/extract.go
+++ b/extract/extract.go
@@ -3,6 +3,7 @@ package extract
 import (
 	"os"
 	"regexp"
+	"slices"
 	"strings"
 	"unicode/utf8"
 
@@ -142,13 +143,13 @@ func FilterIgnoreBlocks(text string) string {
 		b.WriteString(text[:startIdx])
 
 		rest := text[startIdx+len(startMarker):]
-		endIdx := strings.Index(rest, endMarker)
-		if endIdx == -1 {
+		_, after, found := strings.Cut(rest, endMarker)
+		if !found {
 			// Unclosed block: discard the rest.
 			break
 		}
 
-		text = rest[endIdx+len(endMarker):]
+		text = after
 	}
 
 	return b.String()
@@ -172,18 +173,18 @@ func ExtractFromFile(path string) (core.ReuseInfo, error) {
 	return info, nil
 }
 
+const binaryCheckLimit = 8192
+
 // isBinary returns true if data looks like a binary file. It checks for null
 // bytes and invalid UTF-8 in the first 8KB.
 func isBinary(data []byte) bool {
 	check := data
-	if len(check) > 8192 {
-		check = check[:8192]
+	if len(check) > binaryCheckLimit {
+		check = check[:binaryCheckLimit]
 	}
 
-	for _, b := range check {
-		if b == 0 {
-			return true
-		}
+	if slices.Contains(check, 0) {
+		return true
 	}
 
 	return !utf8.Valid(check)
diff --git a/go.mod b/go.mod
index 856c3cd..300c050 100644
--- a/go.mod
+++ b/go.mod
@@ -1,5 +1,5 @@
 module github.com/git-pkgs/reuse
 
-go 1.25.6
+go 1.26.1
 
 require github.com/BurntSushi/toml v1.6.0