The GitHub workflow script has been updated to use a different command for building the Go application. This will ensure that the application is built with necessary parameters for correct operation and proper linking of static libraries.
The reuse and docker-publish workflow scripts in GitHub Actions have been updated. Now these scripts have permission to read contents. This will ensure secure access and controlled operations on repositories.
The codeql workflow script has been updated. Specifically, the Go version in the build command has been changed from 1.22.0 to 1.22.1+auto, to ensure alignment with the Go version specified elsewhere in the project. Additionally, the build command itself has been simplified, utilizing '/usr/bin/env' to consolidate dependencies.
The Go version in go.mod has been updated from 1.22 to 1.22.0 to avoid potential compatibility issues. Additionally, the build process in codeql.yml has been simplified by consolidating multiple 'go mod' commands into a single 'go build' command.
The build steps in the CodeQL action of the GitHub workflow have been updated. Instead of using the 'apt-get' command, the 'go mod tidy', 'go mod download', and 'go mod verify' are now used. This improves the building process by organizing and verifying the dependencies.
The "read-all" permission has been eliminated from the .github/workflows/golangci-lint.yml file. In its place, more specific read permissions have been implemented to enhance security measures and establish accurate access levels.
The "read-all" permission has been removed from the CodeQL workflow. Instead, the workflow now includes a specific read permission for contents, ensuring a more precise and secure access level.
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
The Github actions autobuild functionality has been commented out and replaced with manual building using Go. This customized build command ensures better flexibility and control over the build process.
This commit adds "read-all" permissions to golangci-lint, codecov, and sonarqube workflow files. This change ensures that all necessary activities are allowed during the workflow processes.
The commit adds SPDX-FileCopyrightText and SPDX-License-Identifier headers at the top of codeql.yml, specifying a CC0-1.0 license for Winni Neessen's 2022 copyright. It also grants read-all permissions, ensuring all needed activities are allowed in the file's workflow.
SPDX-FileCopyrightText and SPDX-License-Identifier license headers have been added to the top of the scorecard.yml file. The headers pertain to the 2022 copyright of Winni Neessen and define the license to be CC0-1.0.
A codecov.yml configuration file has been added to specify the coverage target and other codecov settings. The CI pipeline has also been streamlined to directly generate the coverage profile without using grep for filtering ignored code paths. This makes it easier to understand and maintain the testing and coverage reporting process.
The codecov workflow in the CI pipeline has been adjusted to produce more accurate coverage profiles. Previously covered but now-ignored code has been removed from the coverage profile by filtering out desired patterns with 'grep'.
Added a new workflow in '.github/workflows/codecov.yml' that runs on all three OS: Ubuntu, MacOS, and Windows with '1.22' version of Go. This workflow performs a test coverage check and then uploads the coverage data to Codecov. The workflow is activated on every 'push' or 'pull request' to the 'main' branch.
This commit introduces the .gitignore configuration file and adds SPDX headers to several files including test and documentation files. The headers provide license information in a standardized format which can be easily picked up by automated tools for license compliance checks. Additionally, it deleted a .idea/.gitignore file, which is a project specific IDE configuration file not necessary for the repository. It also introduced a README.md file providing more insightful information about the project.
