chore(deps): update docker.io/golang docker tag to v1.26.4

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
docker.io/golang	stage	minor	1.25.11-alpine3.23 → 1.26.4-alpine3.23

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[DeepDiver1975]

Updates the Go builder stage in v8/Dockerfile.multiarch from golang:1.25.11-alpine3.23 → golang:1.26.4-alpine3.23, including the pinned digest. This is a minor Go version bump — Go maintains strong backwards compatibility so this is generally safe. No concerns — safe to merge once CI passes.

[DeepDiver1975]

🤖 Automated review by Claude Code review agent.

Summary: Renovate bumps the go-builder base image in v8/Dockerfile.multiarch from golang:1.25.11-alpine3.23 to golang:1.26.4-alpine3.23, with the SHA256 digest re-pinned to match. Single-line, well-formed change: same alpine3.23 line, tag + digest both updated consistently. Note this is a Go minor bump (1.25 → 1.26), not a patch — golang minor releases are generally backward-compatible, and PR #12 just moved the builder to 1.25.11, so staying current is reasonable. Builder-stage only; no runtime image change.

CHANGELOG: n/a by convention. CHANGELOG.md contains only the ## [Unreleased] header with no entries, and prior merged renovate dep bumps in this repo (#14, #15, #16, #1) touched only the Dockerfile(s) with no changelog entry. A builder base-image bump is internal/non-user-facing, so no entry is expected.

Checks: Not all green at the moment. mergeStateStatus=BLOCKED. The build (8.1.0-rc.1, v8) / build (arm64) job currently shows fail, and several other build-matrix jobs are pending. lint, lint-editorconfig, prepare, and the rolling build (amd64) pass. This repo's build matrix has had transient arm64/upstream flakiness; recommend confirming whether the arm64 failure is the dep bump or a transient/infra issue, and let pending jobs settle, before merging.

Verdict: Change itself is clean and low-risk. Holding short of unreserved approval only because a required build job is currently failing and others are pending — re-check CI status before merge.

[DeepDiver1975]

🤖 Automated review by Claude Code review agent.

Verdict: approve (low-risk). Single-line golang base-image bump in v8/Dockerfile.multiarch: golang:1.25.11-alpine3.23 → 1.26.4-alpine3.23, with a matching well-formed sha256: digest. Patch-level Go toolchain update for the build stage only; alpine base unchanged. No other files touched.

• Diff: 1 file, +1/-1 — tag + digest both updated and well-formed.
• Checks: all required green at the current HEAD — both build matrices (amd64 + arm64, v8 and default), lint, lint-editorconfig, prepare all pass. (The prior approve-with-nits referenced build-checks-failing on an older HEAD; that is resolved — builds are green now.) The merge/update-docker-hub-description jobs show skipping (post-merge gating, non-blocking).
• Merge state: BLOCKED is due to REVIEW_REQUIRED (an approving review is still pending), not a CI failure; the PR is MERGEABLE with no conflicts.
• CHANGELOG: n-a — dependency tag bumps follow this repo's convention of no changelog entry (cf. #13–#16).

No concerns.

[DeepDiver1975]

🤖 Automated approval by Claude Code review agent. Builder base-image bump golang 1.25.11→1.26.4-alpine3.23 (tag + matching digest); all required checks green at current HEAD (the earlier build failure is resolved).