chore: bump component versions for improved stability #259

	name: build for test

	env:
	# Common versions
	GO_VERSION: '1.23'
	TZ: Asia/Shanghai

	permissions: write-all

	on:
	push:
	branches:
	- '*'
	paths:
	- '**.go'
	- 'go.mod'
	- '.github/**'
	pull_request:
	branches:
	- "*"
	paths:
	- '**.go'
	- 'go.mod'
	- '.github/**'
	# paths-ignore:
	# - 'docs/**'
	# - '*.md'
	# - '*.yml'

	jobs:
	build:
	name: "build"
	timeout-minutes: 20
	runs-on: ubuntu-latest
	steps:
	- name: Checkout
	uses: actions/checkout@v4
	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	- name: Setup Go
	uses: actions/setup-go@v5
	with:
	go-version: ${{ env.GO_VERSION }}
	check-latest: true
	- name: install gox
	run: \|
	echo "install gox"
	go install github.com/mitchellh/gox@latest
	- name: install task
	run: \|
	echo "install task"
	go install github.com/go-task/task/v3/cmd/task@latest
	- name: install upx
	run: \|
	echo "install upx"
	sudo apt-get update -qq
	sudo apt-get install -y upx
	- name: build qcadmin
	run: \|
	task linux
	- name: test qcadmin
	run: \|
	./_output/qcadmin_linux_amd64 version
	sudo ./_output/qcadmin_linux_amd64 init --domain github.local --debug
	- name: test qcadmin
	run: \|
	task docker-build
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: ttl.sh/easysoft/qcadmin
	format: 'sarif'
	ignore-unfixed: true
	severity: 'CRITICAL,HIGH,MEDIUM'
	output: 'trivy-results.sarif'
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	if: always()
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback