diff --git a/.github/actions/bootstrap/action.yaml b/.github/actions/bootstrap/action.yaml
index 8f59c34ca..333f59364 100644
--- a/.github/actions/bootstrap/action.yaml
+++ b/.github/actions/bootstrap/action.yaml
@@ -5,7 +5,7 @@ inputs:
   go-version:
     description: "Go version to install"
     required: true
-    default: ">= 1.24"
+    default: "1.25.x"
   go-dependencies:
     description: "Download go dependencies"
     required: true
@@ -33,6 +33,7 @@ runs:
       if: inputs.go-version != ''
       with:
         go-version: ${{ inputs.go-version }}
+        check-latest: true
 
     - name: Restore tool cache
       if: inputs.tools == 'true'
diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index 13f91f53b..6c90f9802 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -44,6 +44,7 @@ jobs:
       uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 #v6.2.0
       with:
         go-version-file: go.mod
+        check-latest: true
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
diff --git a/go.mod b/go.mod
index 98bd71d6c..897241460 100644
--- a/go.mod
+++ b/go.mod
@@ -1,6 +1,6 @@
 module github.com/anchore/syft
 
-go 1.24.6
+go 1.25
 
 require (
 	github.com/BurntSushi/toml v1.6.0