The GitHub workflow script has been updated to use a different command for building the Go application. This will ensure that the application is built with necessary parameters for correct operation and proper linking of static libraries.
The reuse and docker-publish workflow scripts in GitHub Actions have been updated. Now these scripts have permission to read contents. This will ensure secure access and controlled operations on repositories.
The codeql workflow script has been updated. Specifically, the Go version in the build command has been changed from 1.22.0 to 1.22.1+auto, to ensure alignment with the Go version specified elsewhere in the project. Additionally, the build command itself has been simplified, utilizing '/usr/bin/env' to consolidate dependencies.
The Go version in go.mod has been updated from 1.22 to 1.22.0 to avoid potential compatibility issues. Additionally, the build process in codeql.yml has been simplified by consolidating multiple 'go mod' commands into a single 'go build' command.
The Go version specified in the go.mod file has been upgraded from 1.22 to 1.22.0. This may be necessary to avoid compatibility issues with updated systems and dependencies.
The Go version specified in the go.mod file has been downgraded from 1.22.1 to 1.22. This change is necessary to maintain compatibility with systems and dependencies that may not yet support the latest version of Go.
The Go version specified in the go.mod file has been upgraded from 1.21 to 1.22.1. This change ensures the use of the latest Go features and improvements, enhancing the overall project performance.
The Go version specified in the go.mod file has been downgraded from 1.22 to 1.21. This is to ensure compatibility with the project's specified dependencies.
The build steps in the CodeQL action of the GitHub workflow have been updated. Instead of using the 'apt-get' command, the 'go mod tidy', 'go mod download', and 'go mod verify' are now used. This improves the building process by organizing and verifying the dependencies.
The "read-all" permission has been eliminated from the .github/workflows/golangci-lint.yml file. In its place, more specific read permissions have been implemented to enhance security measures and establish accurate access levels.
The "read-all" permission has been removed from the CodeQL workflow. Instead, the workflow now includes a specific read permission for contents, ensuring a more precise and secure access level.
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
The previous autobuild process has been disabled in the Github actions workflow. A new step for Go installation and manual building of the application using Go has been implemented, providing enhanced control and flexibility over the project's build process.
The Github actions autobuild functionality has been commented out and replaced with manual building using Go. This customized build command ensures better flexibility and control over the build process.
This commit adds "read-all" permissions to golangci-lint, codecov, and sonarqube workflow files. This change ensures that all necessary activities are allowed during the workflow processes.
The commit adds SPDX-FileCopyrightText and SPDX-License-Identifier headers at the top of codeql.yml, specifying a CC0-1.0 license for Winni Neessen's 2022 copyright. It also grants read-all permissions, ensuring all needed activities are allowed in the file's workflow.
SPDX-FileCopyrightText and SPDX-License-Identifier license headers have been added to the top of the scorecard.yml file. The headers pertain to the 2022 copyright of Winni Neessen and define the license to be CC0-1.0.
The version number has been corrected to 1.1.0 from 1.0.1. This change was made in both the README.md file and the apg.go file. This update reflects the new algorithm for binary secrets introduction in version 1.1.0 instead of version 1.0.1.
A new test case named "Pronounce_Mixed" has been added to the file spelling_test.go. This new case helps validate the behavior of the function when dealing with mixed syllables. More specifically, it deals with a situation where a number and a pronounceable syllable are combined, enhancing the overall robustness of the spelling tests.
The test for HasBeenPwned function in hibp_test.go has been updated to handle errors more effectively. Instead of failing the test directly upon encountering an error, it now logs the error and terminates the current subtest. This improves the test's resilience and makes debugging easier.
This commit refactors the way the 'length' variable is initialized in the generateBinary function of the Generator struct in random.go. Notably, it makes use of Go's type inference feature to eliminate the need to explicitly declare the variable type.
This commit updates the password generator to now include a binary mode. This mode produces a 256 bits long fully binary secret which can be used for AES-256 encryption. New flags `-bh` (print hex representation) and `-bn` (new line after secret) have been added for this mode. The version has also been updated to 1.0.1 recognizing this new addition.
This commit introduces a new "Examples" section in the README.md to illustrate usage, ranging from website login password, PIN generation, to phone verification. In addition, it includes a new file under the example-code directory for a PIN generator using apg-go.
This commit rectifies a couple of typographic errors in the README.md file. Notably, there was a typo 'abondoning' which has been corrected to 'abandoning' and, it tidies up punctuation within the sentences. The main focus was to ensure readability and clarity of the documentation.
Corrected all the occurrences of the word 'pronouncable' to correct spelling 'pronounceable' across the README file. Also fixed a small typo 'apt-go', replaced it with the correct term 'apg-go'. The changes ensure correct spelling and consistent terminology in the README document.
The README file has been updated with thorough installation instructions. Changes range from introducing binary and package releases, including their verification using GPG signature, to refactoring the source code installation steps. Additionally, instructions for specific platforms like FreeBSD, Arch Linux, Debian/Redhat/Alpine, etc., have been improved for clarity.
The repetitive code used for password character counting in different scenarios has been consolidated into a single function, matchesMinimumAmount(). This extraction simplifies the main function and makes the code more maintainable, while maintaining the functionality of checking whether the password meets certain character count criteria.
The error message within the test case had a typographical error. The word "length" was incorrectly spelled as "lenght". This has been fixed to enhance the readability of the code.
A new unit test has been added to verify GetCharRangeFromConfig() function. The test ensures that the function properly excludes configured characters from the generated range.
The version number in several instances in the README file and apg.go has been modified from v2.0.0 to v1.0.0. This more accurately reflects the version where the changes were implemented and ensures consistency across all documentation.
Updated the "Winni Neessen" Software signing key contact details in the README file for better readability and neatness. This conveys the same information but in a more compressed, comprehensible manner.
Updated the README file to document new features added in the codebase: codecov badge, pre-built package usage, fixed-length password flag usage, coinflip mode, and the minimum required characters. The goreleaser configuration (`.goreleaser.yaml`) was cleaned up, removing unnecessary sections for docker usage. This clarifies how to execute certain functionalities and makes the goreleaser configuration easier to read and maintain.
A codecov.yml configuration file has been added to specify the coverage target and other codecov settings. The CI pipeline has also been streamlined to directly generate the coverage profile without using grep for filtering ignored code paths. This makes it easier to understand and maintain the testing and coverage reporting process.
The codecov workflow in the CI pipeline has been adjusted to produce more accurate coverage profiles. Previously covered but now-ignored code has been removed from the coverage profile by filtering out desired patterns with 'grep'.
Set file permission during Docker copy action
The Dockerfile has been updated to set the file permission to 555 during the copy action for '/builddir/apg-go'. This change ensures that the appropriate user permissions are set right from when the image is built.