Commit graph

15 commits

Author SHA1 Message Date
dependabot[bot]
2263417aaf
Bump github/codeql-action from 3.24.8 to 3.24.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.8 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](05963f47d8...1b1aada464)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 20:02:01 +00:00
dependabot[bot]
35cce6e2c7
Bump github/codeql-action from 3.24.7 to 3.24.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.24.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3ab4101902...05963f47d8)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 19:41:50 +00:00
StepSecurity Bot
35067dbf85
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-17 22:22:53 +00:00
b289d440da
Update Go build command in GitHub workflow
The GitHub workflow script has been updated to use a different command for building the Go application. This will ensure that the application is built with necessary parameters for correct operation and proper linking of static libraries.
2024-03-17 20:23:29 +01:00
bfc12841ce
Update Go version and build command in codeql workflow
The codeql workflow script has been updated. Specifically, the Go version in the build command has been changed from 1.22.0 to 1.22.1+auto, to ensure alignment with the Go version specified elsewhere in the project. Additionally, the build command itself has been simplified, utilizing '/usr/bin/env' to consolidate dependencies.
2024-03-17 19:59:29 +01:00
4ea41be22f
Update Go version and simplify build script
The Go version in go.mod has been updated from 1.22 to 1.22.0 to avoid potential compatibility issues. Additionally, the build process in codeql.yml has been simplified by consolidating multiple 'go mod' commands into a single 'go build' command.
2024-03-17 19:51:46 +01:00
6f25663957
Update Go build steps in GitHub workflow
The build steps in the CodeQL action of the GitHub workflow have been updated. Instead of using the 'apt-get' command, the 'go mod tidy', 'go mod download', and 'go mod verify' are now used. This improves the building process by organizing and verifying the dependencies.
2024-03-17 19:31:10 +01:00
4bc210f1ab
Refine permissions in CodeQL workflow
The "read-all" permission has been removed from the CodeQL workflow. Instead, the workflow now includes a specific read permission for contents, ensuring a more precise and secure access level.
2024-03-17 19:28:06 +01:00
b36aeeeab6
Update CodeQL workflow to include Go installation and building
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
2024-03-17 19:24:19 +01:00
043008a97d
Update CodeQL workflow to include Go installation and building
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
2024-03-17 19:22:18 +01:00
2af31dcb48
Disable Autobuild and setup manual Go build in CodeQL workflow
The Github actions autobuild functionality has been commented out and replaced with manual building using Go. This customized build command ensures better flexibility and control over the build process.
2024-03-17 19:19:38 +01:00
eec1b36edc
Add read-all permissions and SPDX license headers in codeql.yml
The commit adds SPDX-FileCopyrightText and SPDX-License-Identifier headers at the top of codeql.yml, specifying a CC0-1.0 license for Winni Neessen's 2022 copyright. It also grants read-all permissions, ensuring all needed activities are allowed in the file's workflow.
2024-03-17 19:14:42 +01:00
2d674214a7
Create codeql.yml 2024-03-17 19:12:21 +01:00
aae55baa1d
Refine coverage profile generation in CI pipeline
The codecov workflow in the CI pipeline has been adjusted to produce more accurate coverage profiles. Previously covered but now-ignored code has been removed from the coverage profile by filtering out desired patterns with 'grep'.
2024-03-14 10:28:40 +01:00
451a70f2b9
Create codeql.yml 2024-03-14 10:18:34 +01:00