govulncheck is reporting issues, and the scheduled Github action is failing

Issue 1: running `govulncheck ./...` yields

```
[13:42:39] ~/Documents/GitHub/bento (main) $ govulncheck ./...
=== Symbol Results ===

Vulnerability #1: GO-2026-4559
    Sending certain HTTP/2 frames can cause a server to panic in
    golang.org/x/net
  More info: https://pkg.go.dev/vuln/GO-2026-4559
  Module: golang.org/x/net
    Found in: golang.org/x/net@v0.50.0
    Fixed in: golang.org/x/net@v0.51.0
    Example traces found:
      #1: internal/impl/azure/input_blob_storage.go:14:2: azure.init calls runtime.init, which eventually calls http2.ConfigureTransports
      #2: internal/docs/field.go:803:79: docs.NewLintError calls http2.ConnectionError.Error
      #3: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls http2.ErrCode.String
      #4: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls http2.FrameHeader.String
      #5: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls http2.FrameType.String
      #6: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.ReadFrame
      #7: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.ReadFrameForHeader
      #8: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.ReadFrameHeader
      #9: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WriteContinuation
      #10: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WriteGoAway
      #11: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WriteHeaders
      #12: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WritePing
      #13: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WriteRSTStream
      #14: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WriteSettings
      #15: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WriteSettingsAck
      #16: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.Framer.WriteWindowUpdate
      #17: internal/docs/field.go:803:79: docs.NewLintError calls http2.GoAwayError.Error
      #18: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls http2.Setting.String
      #19: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls http2.SettingID.String
      #20: internal/impl/io/output_http_server.go:730:22: io.httpServerOutput.TriggerCloseNow calls sync.Once.Do, which eventually calls http2.SettingsFrame.ForeachSetting
      #21: internal/docs/field.go:803:79: docs.NewLintError calls http2.StreamError.Error
      #22: internal/impl/elasticsearch/aws/aws.go:81:33: aws.awsSignerTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.Transport.NewClientConn
      #23: internal/impl/elasticsearch/aws/aws.go:81:33: aws.awsSignerTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.Transport.RoundTrip
      #24: internal/cli/lint.go:254:14: cli.LintAction calls fmt.Fprint, which eventually calls http2.bufferedWriterTimeoutWriter.Write
      #25: internal/cli/lint.go:254:14: cli.LintAction calls fmt.Fprint, which eventually calls http2.chunkWriter.Write
      #26: internal/docs/field.go:803:79: docs.NewLintError calls http2.connError.Error
      #27: internal/docs/field.go:803:79: docs.NewLintError calls http2.duplicatePseudoHeaderError.Error
      #28: internal/codec/reader.go:1178:18: codec.regexReader.Close calls http2.gzipReader.Close
      #29: internal/impl/pure/scanner_skip_bom.go:138:19: pure.bufPriorityReader.Read calls http2.gzipReader.Read
      #30: internal/docs/field.go:803:79: docs.NewLintError calls http2.headerFieldNameError.Error
      #31: internal/docs/field.go:803:79: docs.NewLintError calls http2.headerFieldValueError.Error
      #32: internal/impl/elasticsearch/aws/aws.go:81:33: aws.awsSignerTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.netHTTPClientConn.RoundTrip
      #33: internal/impl/elasticsearch/aws/aws.go:81:33: aws.awsSignerTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.noDialH2RoundTripper.NewClientConn
      #34: internal/impl/elasticsearch/aws/aws.go:81:33: aws.awsSignerTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.noDialH2RoundTripper.RoundTrip
      #35: internal/docs/field.go:803:79: docs.NewLintError calls http2.pseudoHeaderError.Error
      #36: internal/cli/lint.go:254:14: cli.LintAction calls fmt.Fprint, which eventually calls http2.stickyErrWriter.Write
      #37: internal/codec/reader.go:1178:18: codec.regexReader.Close calls http2.transportResponseBody.Close
      #38: internal/impl/pure/scanner_skip_bom.go:138:19: pure.bufPriorityReader.Read calls http2.transportResponseBody.Read
      #39: internal/impl/elasticsearch/aws/aws.go:81:33: aws.awsSignerTransport.RoundTrip calls http.Transport.RoundTrip, which eventually calls http2.unencryptedTransport.RoundTrip
      #40: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls http2.writeData.String

Vulnerability #2: GO-2026-4518
    Denial of service in github.com/jackc/pgproto3/v2
  More info: https://pkg.go.dev/vuln/GO-2026-4518
  Module: github.com/jackc/pgproto3/v2
    Found in: github.com/jackc/pgproto3/v2@v2.3.3
    Fixed in: N/A
    Example traces found:
      #1: internal/impl/cockroachdb/input_changefeed.go:193:30: cockroachdb.crdbChangefeedInput.Connect calls pgxpool.Pool.Query, which eventually calls pgproto3.Frontend.Receive

Vulnerability #3: GO-2025-4098
    Container escape and DDoS due to arbitrary write gadgets and procfs write
    redirects in github.com/opencontainers/runc
  More info: https://pkg.go.dev/vuln/GO-2025-4098
  Module: github.com/opencontainers/runc
    Found in: github.com/opencontainers/runc@v1.1.12
    Fixed in: github.com/opencontainers/runc@v1.2.8
    Example traces found:
      #1: internal/impl/aws/integration_test_helpers.go:26:33: aws.GetLocalStack calls dockertest.NewPool, which eventually calls user.CurrentUser
      #2: internal/impl/aws/integration_test_helpers.go:13:2: aws.init calls docker.init, which eventually calls user.init

Vulnerability #4: GO-2025-3603
    Query smuggling in ch-go library in github.com/ClickHouse/ch-go
  More info: https://pkg.go.dev/vuln/GO-2025-3603
  Module: github.com/ClickHouse/ch-go
    Found in: github.com/ClickHouse/ch-go@v0.61.5
    Fixed in: github.com/ClickHouse/ch-go@v0.65.0
    Example traces found:
      #1: internal/docs/field.go:803:79: docs.NewLintError calls compress.CorruptedDataErr.Error
      #2: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls compress.Method.String
      #3: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls compress.NewReader
      #4: internal/impl/snowflake/output_snowflake_put.go:698:22: snowflake.snowflakeWriter.Connect calls sql.Open, which eventually calls compress.NewWriter
      #5: internal/impl/awk/processor.go:810:30: awk.awkProc.Process calls io.ReadAll, which eventually calls compress.Reader.Read
      #6: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls compress.Writer.Compress
      #7: public/components/sql/package.go:12:2: sql.init calls clickhouse.init, which calls compress.init
      #8: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutBool
      #9: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutByte
      #10: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutInt32
      #11: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutInt64
      #12: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutRaw
      #13: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutString
      #14: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutUInt64
      #15: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutUInt8
      #16: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.PutUVarInt
      #17: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Buffer.Reset
      #18: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.CardinalityKey.String
      #19: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.ClientCode.String
      #20: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.ClientQueryKind.String
      #21: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColBool.Append
      #22: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColBool.DecodeColumn
      #23: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColBool.EncodeColumn
      #24: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColBool.Row
      #25: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColBool.Rows
      #26: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDate.Append
      #27: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate.DecodeColumn
      #28: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate.EncodeColumn
      #29: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate.Row
      #30: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate.Rows
      #31: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDate32.Append
      #32: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate32.DecodeColumn
      #33: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate32.EncodeColumn
      #34: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate32.Row
      #35: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDate32.Rows
      #36: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDateTime.Append
      #37: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime.DecodeColumn
      #38: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime.EncodeColumn
      #39: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime.Row
      #40: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime.Rows
      #41: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDateTime64.Append
      #42: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime64.DecodeColumn
      #43: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime64.EncodeColumn
      #44: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime64.Row
      #45: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime64.Rows
      #46: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime64.WithLocation
      #47: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDateTime64.WithPrecision
      #48: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDecimal128.Append
      #49: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal128.DecodeColumn
      #50: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal128.EncodeColumn
      #51: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal128.Row
      #52: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal128.Rows
      #53: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDecimal256.Append
      #54: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal256.DecodeColumn
      #55: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal256.EncodeColumn
      #56: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal256.Row
      #57: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal256.Rows
      #58: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDecimal32.Append
      #59: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal32.DecodeColumn
      #60: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal32.EncodeColumn
      #61: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal32.Row
      #62: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal32.Rows
      #63: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColDecimal64.Append
      #64: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal64.DecodeColumn
      #65: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal64.EncodeColumn
      #66: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal64.Row
      #67: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColDecimal64.Rows
      #68: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColEnum16.Append
      #69: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum16.DecodeColumn
      #70: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum16.EncodeColumn
      #71: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum16.Row
      #72: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum16.Rows
      #73: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColEnum8.Append
      #74: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum8.DecodeColumn
      #75: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum8.EncodeColumn
      #76: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum8.Row
      #77: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColEnum8.Rows
      #78: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColFixedStr.Append
      #79: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFixedStr.DecodeColumn
      #80: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFixedStr.EncodeColumn
      #81: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFixedStr.Row
      #82: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFixedStr.Rows
      #83: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColFloat32.Append
      #84: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat32.DecodeColumn
      #85: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat32.EncodeColumn
      #86: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat32.Row
      #87: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat32.Rows
      #88: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColFloat64.Append
      #89: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat64.DecodeColumn
      #90: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat64.EncodeColumn
      #91: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat64.Row
      #92: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColFloat64.Rows
      #93: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColIPv4.Append
      #94: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv4.DecodeColumn
      #95: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv4.EncodeColumn
      #96: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv4.Row
      #97: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv4.Rows
      #98: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColIPv6.Append
      #99: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv6.DecodeColumn
      #100: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv6.EncodeColumn
      #101: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv6.Row
      #102: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColIPv6.Rows
      #103: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColInt128.Append
      #104: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt128.DecodeColumn
      #105: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt128.EncodeColumn
      #106: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt128.Row
      #107: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt128.Rows
      #108: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColInt16.Append
      #109: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt16.DecodeColumn
      #110: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt16.EncodeColumn
      #111: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt16.Row
      #112: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt16.Rows
      #113: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColInt256.Append
      #114: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt256.DecodeColumn
      #115: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt256.EncodeColumn
      #116: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt256.Row
      #117: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt256.Rows
      #118: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColInt32.Append
      #119: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt32.DecodeColumn
      #120: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt32.EncodeColumn
      #121: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt32.Row
      #122: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt32.Rows
      #123: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColInt64.Append
      #124: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt64.DecodeColumn
      #125: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt64.EncodeColumn
      #126: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt64.Row
      #127: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt64.Rows
      #128: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColInt8.Append
      #129: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt8.DecodeColumn
      #130: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt8.EncodeColumn
      #131: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt8.Row
      #132: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColInt8.Rows
      #133: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColNothing.DecodeColumn
      #134: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColPoint.Append
      #135: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColPoint.DecodeColumn
      #136: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColPoint.EncodeColumn
      #137: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColPoint.Row
      #138: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColPoint.Rows
      #139: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColStr.Append
      #140: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColStr.AppendBytes
      #141: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColStr.DecodeColumn
      #142: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColStr.EncodeColumn
      #143: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColStr.Row
      #144: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColStr.Rows
      #145: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColUInt128.Append
      #146: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt128.DecodeColumn
      #147: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt128.EncodeColumn
      #148: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt128.Row
      #149: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt128.Rows
      #150: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt16.Append
      #151: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt16.DecodeColumn
      #152: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt16.EncodeColumn
      #153: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt16.Row
      #154: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt16.Rows
      #155: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColUInt256.Append
      #156: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt256.DecodeColumn
      #157: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt256.EncodeColumn
      #158: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt256.Row
      #159: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt256.Rows
      #160: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt32.Append
      #161: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt32.DecodeColumn
      #162: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt32.EncodeColumn
      #163: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt32.Row
      #164: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt32.Rows
      #165: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt64.Append
      #166: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt64.DecodeColumn
      #167: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt64.EncodeColumn
      #168: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt64.Row
      #169: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt64.Rows
      #170: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt8.Append
      #171: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt8.DecodeColumn
      #172: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt8.EncodeColumn
      #173: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt8.Row
      #174: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUInt8.Rows
      #175: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ColUUID.Append
      #176: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUUID.DecodeColumn
      #177: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUUID.EncodeColumn
      #178: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUUID.Row
      #179: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.ColUUID.Rows
      #180: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.Compression.String
      #181: internal/docs/field.go:803:79: docs.NewLintError calls proto.Error.Error
      #182: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.Error.String
      #183: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.Feature.String
      #184: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.IPv4.ToIP
      #185: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.IPv6.String
      #186: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.IPv6.ToIP
      #187: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.Interface.String
      #188: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.IntervalScale.String
      #189: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.NewReader
      #190: internal/impl/elasticsearch/output.go:385:22: elasticsearch.Output.WriteBatch calls elastic.BulkService.Do, which eventually calls proto.ProfileEventType.MarshalJSON
      #191: internal/impl/cockroachdb/input_changefeed.go:193:30: cockroachdb.crdbChangefeedInput.Connect calls pgxpool.Pool.Query, which eventually calls proto.ProfileEventType.MarshalText
      #192: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.ProfileEventType.String
      #193: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.Bool
      #194: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.DisableCompression
      #195: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.EnableCompression
      #196: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.Int32
      #197: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.Int64
      #198: internal/impl/awk/processor.go:810:30: awk.awkProc.Process calls io.ReadAll, which calls proto.Reader.Read
      #199: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.ReadByte
      #200: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.Str
      #201: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.UInt64
      #202: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.UInt8
      #203: internal/impl/sql/input_sql_select.go:274:17: sql.sqlSelectInput.Read calls sql.Rows.Next, which eventually calls proto.Reader.UVarInt
      #204: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.ServerCode.String
      #205: internal/impl/kafka/input_sarama_kafka.go:59:27: kafka.bentoSaramaLogger.Println calls fmt.Sprintln, which eventually calls proto.Stage.String
      #206: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ToIPv4
      #207: internal/impl/sql/processor_sql_raw.go:265:34: sql.sqlRawProcessor.ProcessBatch calls sql.DB.QueryContext, which eventually calls proto.ToIPv6
      #208: public/components/sql/package.go:12:2: sql.init calls clickhouse.init, which calls proto.init

Vulnerability #5: GO-2025-3540
    Potential out of order responses when CLIENT SETINFO times out during
    connection establishment in github.com/redis/go-redis
  More info: https://pkg.go.dev/vuln/GO-2025-3540
  Module: github.com/redis/go-redis/v9
    Found in: github.com/redis/go-redis/v9@v9.4.0
    Fixed in: github.com/redis/go-redis/v9@v9.6.3
    Example traces found:
      #1: internal/impl/redis/input_pubsub.go:98:33: redis.redisPubSubReader.Connect calls redis.ClusterClient.PSubscribe, which eventually calls redis.baseClient.initConn
      #2: internal/impl/redis/input_pubsub.go:98:33: redis.redisPubSubReader.Connect calls redis.ClusterClient.PSubscribe, which eventually calls redis.baseClient.initConn
      #3: internal/impl/redis/input_pubsub.go:98:33: redis.redisPubSubReader.Connect calls redis.ClusterClient.PSubscribe, which eventually calls redis.baseClient.initConn

Vulnerability #6: GO-2024-3110
    Can be confused to create empty files/directories on the host in
    github.com/opencontainers/runc
  More info: https://pkg.go.dev/vuln/GO-2024-3110
  Module: github.com/opencontainers/runc
    Found in: github.com/opencontainers/runc@v1.1.12
    Fixed in: github.com/opencontainers/runc@v1.1.14
    Example traces found:
      #1: internal/impl/aws/integration_test_helpers.go:26:33: aws.GetLocalStack calls dockertest.NewPool, which eventually calls user.CurrentUser
      #2: internal/impl/aws/integration_test_helpers.go:13:2: aws.init calls docker.init, which eventually calls user.init

Your code is affected by 6 vulnerabilities from 5 modules.
This scan also found 0 vulnerabilities in packages you import and 3
vulnerabilities in modules you require, but your code doesn't appear to call
these vulnerabilities.
Use '-show verbose' for more details.
```

Issue 2: the action https://github.com/warpstreamlabs/bento/actions/workflows/govulncheck.yml has been failing since November.

https://github.com/warpstreamlabs/bento/actions/runs/23122952914

> Warning: Failed to restore: Cache service responded with 400
> Cache is not found

https://github.com/warpstreamlabs/bento/actions/runs/22833390042

> Run github/codeql-action/upload-sarif@v4.32.5
> Post-processing sarif files: ["govulncheck.sarif"]
> Validating govulncheck.sarif
> Error details: instance.runs[0].results[3].stacks is not of a type(s) array
> Error details: instance.runs[0].results[4].stacks is not of a type(s) array
> Error: Unable to upload "govulncheck.sarif" as it is not valid SARIF:
> - instance.runs[0].results[3].stacks is not of a type(s) array
> - instance.runs[0].results[4].stacks is not of a type(s) array

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

govulncheck is reporting issues, and the scheduled Github action is failing #769

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

govulncheck is reporting issues, and the scheduled Github action is failing #769

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions