The file CONTRIBUTING.md has been added to provide clear guidelines for contributors seeking to make pull requests to the project. This includes instructions on how to create effective pull requests, maintain clean commit history, and keep PRs up to date.
The OpenSSF Best Practices badge has been included in the README.md file to demonstrate the adherence of this project to the best practices set by the Open Source Security Foundation.
This commit adds a function `FuzzWithAlgorithm` to the configuration test file (config_test.go). The function introduces more comprehensive fuzz testing for the algorithm configuration. It focuses on handling different integers including negative and high numbers, thus enhancing robustness of the algorithm.
This commit introduces several new fuzz tests to the algo_test.go file. These tests specifically target the IntToAlgo functionality to ensure proper handling of negative, out-of-range, and very large input values. By covering these edge-cases, we enhance the reliability of the algorithm conversion process.
The GitHub workflow script has been updated to use a different command for building the Go application. This will ensure that the application is built with necessary parameters for correct operation and proper linking of static libraries.
The reuse and docker-publish workflow scripts in GitHub Actions have been updated. Now these scripts have permission to read contents. This will ensure secure access and controlled operations on repositories.
The codeql workflow script has been updated. Specifically, the Go version in the build command has been changed from 1.22.0 to 1.22.1+auto, to ensure alignment with the Go version specified elsewhere in the project. Additionally, the build command itself has been simplified, utilizing '/usr/bin/env' to consolidate dependencies.
The Go version in go.mod has been updated from 1.22 to 1.22.0 to avoid potential compatibility issues. Additionally, the build process in codeql.yml has been simplified by consolidating multiple 'go mod' commands into a single 'go build' command.
The Go version specified in the go.mod file has been upgraded from 1.22 to 1.22.0. This may be necessary to avoid compatibility issues with updated systems and dependencies.
The Go version specified in the go.mod file has been downgraded from 1.22.1 to 1.22. This change is necessary to maintain compatibility with systems and dependencies that may not yet support the latest version of Go.
The Go version specified in the go.mod file has been upgraded from 1.21 to 1.22.1. This change ensures the use of the latest Go features and improvements, enhancing the overall project performance.
The Go version specified in the go.mod file has been downgraded from 1.22 to 1.21. This is to ensure compatibility with the project's specified dependencies.
The build steps in the CodeQL action of the GitHub workflow have been updated. Instead of using the 'apt-get' command, the 'go mod tidy', 'go mod download', and 'go mod verify' are now used. This improves the building process by organizing and verifying the dependencies.
The "read-all" permission has been eliminated from the .github/workflows/golangci-lint.yml file. In its place, more specific read permissions have been implemented to enhance security measures and establish accurate access levels.
The "read-all" permission has been removed from the CodeQL workflow. Instead, the workflow now includes a specific read permission for contents, ensuring a more precise and secure access level.
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
The Github actions autobuild functionality has been commented out and replaced with manual building using Go. This customized build command ensures better flexibility and control over the build process.
This commit adds "read-all" permissions to golangci-lint, codecov, and sonarqube workflow files. This change ensures that all necessary activities are allowed during the workflow processes.
The commit adds SPDX-FileCopyrightText and SPDX-License-Identifier headers at the top of codeql.yml, specifying a CC0-1.0 license for Winni Neessen's 2022 copyright. It also grants read-all permissions, ensuring all needed activities are allowed in the file's workflow.
SPDX-FileCopyrightText and SPDX-License-Identifier license headers have been added to the top of the scorecard.yml file. The headers pertain to the 2022 copyright of Winni Neessen and define the license to be CC0-1.0.
The version number has been corrected to 1.1.0 from 1.0.1. This change was made in both the README.md file and the apg.go file. This update reflects the new algorithm for binary secrets introduction in version 1.1.0 instead of version 1.0.1.
A new test case named "Pronounce_Mixed" has been added to the file spelling_test.go. This new case helps validate the behavior of the function when dealing with mixed syllables. More specifically, it deals with a situation where a number and a pronounceable syllable are combined, enhancing the overall robustness of the spelling tests.
The test for HasBeenPwned function in hibp_test.go has been updated to handle errors more effectively. Instead of failing the test directly upon encountering an error, it now logs the error and terminates the current subtest. This improves the test's resilience and makes debugging easier.