diff --git a/.github/workflows/govulncheck-action-publish.yml b/.github/workflows/govulncheck-action-publish.yml
index 8073fe0..9e77441 100644
--- a/.github/workflows/govulncheck-action-publish.yml
+++ b/.github/workflows/govulncheck-action-publish.yml
@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Checkout code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Set short SHA
         id: short-sha
diff --git a/.github/workflows/govulncheck-action-test-lint.yml b/.github/workflows/govulncheck-action-test-lint.yml
index a3eedc8..c4031b0 100644
--- a/.github/workflows/govulncheck-action-test-lint.yml
+++ b/.github/workflows/govulncheck-action-test-lint.yml
@@ -16,7 +16,7 @@ jobs:
       uses: actions/checkout@v4
 
     - name: Install Go
-      uses: actions/setup-go@v5
+      uses: actions/setup-go@v6
       with:
         go-version-file: govulncheck-action/go.mod
 
diff --git a/govulncheck-action/Containerfile b/govulncheck-action/Containerfile
index af1ced4..e934840 100644
--- a/govulncheck-action/Containerfile
+++ b/govulncheck-action/Containerfile
@@ -1,4 +1,4 @@
-FROM golang:1.23 as builder
+FROM golang:1.24 as builder
 
 ARG GOOS=linux 
 ARG GOARCH=amd64
@@ -7,14 +7,17 @@ WORKDIR /usr/src/app/
 
 COPY . .
 
-RUN echo "Building for govulncheck $GOOS/$GOARCH"
-RUN GOOS=$GOOS GOARCH=$GOARCH go build -v -o govulncheck main.go
+RUN echo "Building govulncheckx binary for $GOOS/$GOARCH"
+RUN GOOS=$GOOS GOARCH=$GOARCH go build -v -o govulncheckx main.go
 
-FROM golang:1.23
+FROM golang:1.24
 # using a fresh golang image without the `WORKDIR` from the builder stage
 # see https://docs.github.com/en/actions/reference/workflows-and-actions/dockerfile-support#workdir
+# using golang 1.24 but the entrypoint will trigger an install of the actual go version, 
+# even if it is 1.23 
 
 # copy the binary from the builder stage
-COPY --from=builder /usr/src/app/govulncheck /usr/local/bin/govulncheck
+COPY --from=builder /usr/src/app/govulncheckx /usr/local/bin/govulncheckx
+COPY --from=builder /usr/src/app/entrypoint.sh /usr/local/bin/entrypoint.sh
 
-ENTRYPOINT ["/usr/local/bin/govulncheck"]
\ No newline at end of file
+ENTRYPOINT ["entrypoint.sh"]
\ No newline at end of file
diff --git a/govulncheck-action/entrypoint.sh b/govulncheck-action/entrypoint.sh
new file mode 100755
index 0000000..24a2571
--- /dev/null
+++ b/govulncheck-action/entrypoint.sh
@@ -0,0 +1,12 @@
+#!/bin/bash
+
+# upgrade the go version to match the `toolchain` directive in the `go.mod` file
+# see https://go.dev/doc/toolchain
+export GOTOOLCHAIN=auto
+go mod verify
+
+# Check the version of Go
+go version
+
+# Run the govulncheck command
+govulncheckx "$@"
\ No newline at end of file
diff --git a/govulncheck-action/go.mod b/govulncheck-action/go.mod
index 89b4577..0e328d1 100644
--- a/govulncheck-action/go.mod
+++ b/govulncheck-action/go.mod
@@ -1,8 +1,8 @@
 module github.com/codeready-toolchain/toolchain-cicd/govulncheck-action
 
-go 1.23.0
+go 1.24.0
 
-toolchain go1.23.12
+toolchain go1.24.11
 
 require (
 	github.com/spf13/cobra v1.9.1