Go 1.21.0 introduced a mandatory full patch number in `go.mod`, but many projects incorrectly use it as their *actual* build version, creating a viral minimum requirement that harms all downstream users. The `go` directive in `go.mod` defines the minimum Go version *any* project *can* use to compile your code, not the version you *use* to build it. This means setting `go 1.25.7` forces every importer, directly or transitively, to require Go 1.25.7+ to compile their project, even if they don't use your code. Tools like GitHub Actions actions/setup-go incorrectly use this directive to select the build version, compounding the problem.

The default behavior of `go mod init` setting the latest version is misleading, as the documentation clearly states it's a minimum, not a target. Only specify a patch version if your code *absolutely* cannot compile on any other patch release of that minor version, as the directive's viral nature impacts everyone.