The .goreleaser.yaml configuration has been updated to include Docker image signing. This is accomplished by utilizing 'docker_signs' and specifying 'artifacts: all', allowing to process and authenticate all output Docker images. The user's password for the Docker registry is taken from the environment variable 'COSIGN_PWD'.
The Dockerfile has been streamlined to remove unnecessary steps and over-complications. Previously the setup involved building in a separate stage and copying files over, which has now been simplified to just copying the necessary executable to the scratch container and specifying the entry point.
Extended the .goreleaser.yaml configuration with build_flag_templates options for the Docker image. These new flags introduce image labels for open containers, which provides more detailed image information including the creation date, project name, revision, and version.
Added four Docker image templates in the .goreleaser.yaml file. The newly introduced templates specify the image tags based on the version, making it easier to handle different versions of the Docker image for the "apg-go" project.
The Docker build command in the GitHub workflow file (docker.yml) now requires sudo privileges. Additionally, the Dockerfile has been expanded to not only tidy up and verify the Go modules project but also to alter the build path for the "apg-go" executable.
The GitHub Workflow (docker.yml) has been refactored to replace docker-compose with docker. This involves changes in the installation instructions and the commands to build and test the Docker image. This simplifies the workflow and allows the use of standard Docker commands instead of docker-compose.
Docker-compose installation has been moved in the GitHub Workflow (docker.yml) from the "test" to the "build" phase. This change ensures docker-compose is installed early on, making it available throughout the entire process. The steps include updating the package list, installing docker-compose, and confirming its installation.
The GitHub Workflow (docker.yml) now includes a step for installing docker-compose. This addition ensures that docker-compose is available within the Docker container, which is necessary for performing complex multi-container tasks. The installation process involves updating the package list, installing docker-compose, and verifying its location.
The Docker image creation and pushing procedures have been moved from the goreleaser.yaml file to a separate GitHub Workflow file docker.yml. This shift gives a more granular control over the Docker image build and push operations with specific GitHub Actions. Also, added the Dockerfile instructions and docker-files for image building to cope up with the changed Docker process.
A new Docker image template has been added to the .goreleaser.yaml file. Specifically, the image template 'wneessen/apg-go' was introduced under the 'dockers' configuration, allowing smoother configuration for Docker-based implementations.
We've added new configuration options for setting minimum counts of lowercase, numeric, special, and uppercase characters in passwords. The HIBP check feature has also been removed due to redundancy. Note: High values for these character minimums may lead to long calculation times.
This commit introduces new methods to enable HIBP checks, exclude specific characters, and set a fixed password length in the password generator configuration. It also includes tests to verify that these new options work correctly in the password configuration.
This commit introduces two new badges to the README file. The first badge directs users to the project's Discord server, promoting community contributions. The second badge verifies that the project complies with REUSE software recommendations, ensuring users of the project's commitment to best practices in software development.
Updated the sonar-project.properties file to include a path for the Go coverage report. This path will allow Sonar to access the coverage report created by Go tests, improving overall project testing and coverage monitoring.
Reformatted error messages to use %w for improved error handling in "random.go", and updated the used Go version in the ".golangci.toml" file. Also, removed some unnecessary lines in "random_test.go" and improved the layout of an array in "koremutake.go".
This commit updates the existing badge references on the README.md file. The previous badge links were pointing to GitHub locations, these are being changed to point to 'src.neessen.cloud', potentially reflecting a move away from GitHub.
This commit adds two new license files, MIT.txt and CC0-1.0.txt under the LICENSES directory. These licenses provide a clear understanding of the permissions and restrictions applied to the software which can be important for both developers and users.
This commit introduces the .gitignore configuration file and adds SPDX headers to several files including test and documentation files. The headers provide license information in a standardized format which can be easily picked up by automated tools for license compliance checks. Additionally, it deleted a .idea/.gitignore file, which is a project specific IDE configuration file not necessary for the repository. It also introduced a README.md file providing more insightful information about the project.
The flag assignments in apg.go have been updated to be in alphabetic order and two new flags, `-mX` and `-p`, have been added. This change improves readability and makes maintaining the code easier, while not affecting the algorithm's functionality.
The flag assignments in the apg.go file have been rearranged and organized in alphabetical order by their first letter for better readability and easy management. The logic remains unaffected, but the changes should improve the overall code aesthetic and maintainability.
The code now supports the configuration parameter 'ExcludeChars', which gives users the ability to specify particular characters that should not be included in the generated passwords. This addition was fully implemented both on config.go and random.go, while the relevant option flag was also added to apg.go for user interaction.
An option flag has been added to apg.go, which allows users to check the version of the script. When activated, the script displays the version and exits. It also provides OS and architecture information, outputted to stderr for user convenience.
Introduced unit tests for the HasBeenPwned function in the hibp_test.go file. These tests consist of scenarios with both secured and compromised passwords, improving the function's reliability and error handling capabilities.
Implemented HIBP password check feature which will crosscheck generated passwords with the HIBP pwned passwords database. This functionality enhances security by not recommending potentially compromised passwords. A new flag, CheckHIBP has been added to enable or disable this feature.
Added "TestPronounce" function in spelling_test.go file to ensure pronunciation mechanism works as expected. The function tests various cases including no syllables, single syllable, multiple syllables, and non-Koremutake syllables.
The spelling of "Pronounceable" has been adjusted throughout the code. Moreover, a new functionality for producing pronounceable passwords spelled as correlating syllables has been integrated. This includes relevant changes to password character sets used for pronounceable passwords and enhancements to test this new feature.
In this commit, several new tests have been introduced into random_test.go. These include cases for generating pronounceable passwords, testing minimum requirement conditions, and checking different password algorithms. This provides more comprehensive testing coverage and confirms the expected functionality of password generator methods.
Added detailed test cases for handling password length and coin flip functionality in random_test.go. These additional unit tests cover various conditions for password lengths, and ensure that 'generateCoinFlip' behaves as expected across multiple invocations.
Removed redundant comments in random_test.go, specifically in TestGetCharRangeFromConfig function. This change simplifies and tidies the code, while maintaining its comprehensibility and the clarity of the test cases structure.
Added a new unit test, TestSpell, to the spelling_test.go file. This new test safely triggers several different spell checking scenarios, from empty strings to non-alphabetical characters. As a result, the function's reliability and robustness is significantly improved.
A comprehensive unit test, TestGetCharRangeFromConfig, has been added to the random_test.go file. This test validates the GetCharRangeFromConfig function across various scenarios and configurations. It also improves code reliability and makes the application more robust against potential issues.
The error message format in `ModesFromFlags()` method within `mode_test.go` has been refactored. The refactoring improved the clarity and conciseness of error reporting when the expected mode is not found during test execution.
The new function "generatePronouncable" generates pronounceable passwords using the Koremutake syllabic representation. It is executed when 'Generate()' method is called with Algorithm set to 'AlgoPronouncable'. Additionally, significant changes were made to enhance the readability and performance of the 'GetCharRangeFromConfig' and 'checkMinimumRequirements' methods. In 'mode_test.go', the error message format has been updated for clear and concise display.
Modified the error messages in spelling tests within spelling_test.go to improve clarity and readability. These adjustments involve changing the format specifiers in the error messages of 'ConvertByteToWord' function tests to correspond with the expected data types for better error reporting.
The update introduces a new 'SpellPassword' setting in the configuration that, when enabled, spells out the generated passwords in the phonetic alphabet. The accompanied changes include the addition of 'spelling.go' and 'spelling_test.go' files containing the spelling logic and corresponding tests. The domain-specific error handling is also enhanced for unsupported characters.