From 011d03c772ae3ef89ff14df53bb74bf13bd2c366 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iv=C3=A1n=20SZKIBA?= <szkiba@users.noreply.github.com>
Date: Wed, 17 Dec 2025 12:25:30 +0000
Subject: [PATCH 1/3] fix: update gosec version to 2.22.11 in Dockerfiles

---
 Dockerfile            | 2 +-
 Dockerfile.goreleaser | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 3a374c9..9aea26e 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 ARG GO_VERSION=1.25.5-alpine3.22@sha256:3587db7cc96576822c606d119729370dbf581931c5f43ac6d3fa03ab4ed85a10
-ARG GOSEC_VERSION=2.22.10@sha256:c8852d609f9af551387555a81808a3bca8d172629b124fab0d83c937cabc2f3d
+ARG GOSEC_VERSION=2.22.11@sha256:4c42d880c93d9a38771dc130a705bae2480a45a1bb32240249806b12d7641d6d
 
 FROM securego/gosec:${GOSEC_VERSION} AS gosec
 
diff --git a/Dockerfile.goreleaser b/Dockerfile.goreleaser
index b4cd1ff..10bf012 100644
--- a/Dockerfile.goreleaser
+++ b/Dockerfile.goreleaser
@@ -1,5 +1,5 @@
 ARG GO_VERSION=1.25.5-alpine3.22@sha256:3587db7cc96576822c606d119729370dbf581931c5f43ac6d3fa03ab4ed85a10
-ARG GOSEC_VERSION=2.22.10@sha256:c8852d609f9af551387555a81808a3bca8d172629b124fab0d83c937cabc2f3d
+ARG GOSEC_VERSION=2.22.11@sha256:4c42d880c93d9a38771dc130a705bae2480a45a1bb32240249806b12d7641d6d
 
 FROM securego/gosec:${GOSEC_VERSION} AS gosec
 

From dfc21f9e2da1903b97037b5815d94bc402be0651 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iv=C3=A1n=20SZKIBA?= <szkiba@users.noreply.github.com>
Date: Wed, 17 Dec 2025 12:28:18 +0000
Subject: [PATCH 2/3] fix: Setting go 1.25.5 to guarantee the go version used.

---
 .github/workflows/release.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index ebf8ecb..0dc0149 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -18,7 +18,7 @@ jobs:
       id-token: write
     with:
       # #region inputs
-      go-version: "1.25.x"
+      go-version: "1.25.5"
       goreleaser-version: "2.13.0"
       k6-versions: '["v1.2.3","v1.0.0"]'
       bats: ./.github/release.bats

From d2d544d134109f1a48da0be0437452c696f6426c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Iv=C3=A1n=20SZKIBA?= <szkiba@users.noreply.github.com>
Date: Wed, 17 Dec 2025 12:33:09 +0000
Subject: [PATCH 3/3] feat: add release notes for v1.3.2

---
 releases/v1.3.2.md | 9 +++++++++
 1 file changed, 9 insertions(+)
 create mode 100644 releases/v1.3.2.md

diff --git a/releases/v1.3.2.md b/releases/v1.3.2.md
new file mode 100644
index 0000000..6a7d403
--- /dev/null
+++ b/releases/v1.3.2.md
@@ -0,0 +1,9 @@
+Grafana **xk6** `v1.3.2` is here! 🎉
+
+This is a patch release that addresses security vulnerabilities in dependencies.
+
+## Security
+
+- [#400](https://github.com/grafana/xk6/issues/400)
+  - Update Docker base image to gosec 2.22.11
+  - Set go version to v1.25.5 in release workflow