Commit graph

436 commits

Author SHA1 Message Date
dependabot[bot]
2263417aaf
Bump github/codeql-action from 3.24.8 to 3.24.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.8 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](05963f47d8...1b1aada464)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 20:02:01 +00:00
ff719d09b7
Merge pull request #84 from wneessen/dependabot/github_actions/actions/setup-go-5.0.0
Bump actions/setup-go from 3.5.0 to 5.0.0
2024-03-19 20:45:20 +01:00
850ea82828
Merge pull request #85 from wneessen/dependabot/github_actions/docker/build-push-action-5.3.0
Bump docker/build-push-action from 3.3.1 to 5.3.0
2024-03-19 20:45:06 +01:00
474c137f89
Merge pull request #86 from wneessen/dependabot/github_actions/docker/metadata-action-5.5.1
Bump docker/metadata-action from 3.3.0 to 5.5.1
2024-03-19 20:44:53 +01:00
8907dc60e1
Merge pull request #87 from wneessen/dependabot/github_actions/sonarsource/sonarqube-scan-action-9ad16418d1dd6d28912bc0047ee387e90181ce1c
Bump sonarsource/sonarqube-scan-action from 1b9d398800bf807ad36901b351fff52deba642d6 to 9ad16418d1dd6d28912bc0047ee387e90181ce1c
2024-03-19 20:44:37 +01:00
dependabot[bot]
c674235d94
Bump sonarsource/sonarqube-scan-action
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) from 1b9d398800bf807ad36901b351fff52deba642d6 to 9ad16418d1dd6d28912bc0047ee387e90181ce1c.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](1b9d398800...9ad16418d1)

---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 19:42:38 +00:00
dependabot[bot]
f7b196bfbf
Bump docker/metadata-action from 3.3.0 to 5.5.1
Bumps [docker/metadata-action](https://github.com/docker/metadata-action) from 3.3.0 to 5.5.1.
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Upgrade guide](https://github.com/docker/metadata-action/blob/master/UPGRADE.md)
- [Commits](98669ae865...8e5442c4ef)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 19:42:34 +00:00
dependabot[bot]
d1dfac476d
Bump docker/build-push-action from 3.3.1 to 5.3.0
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 3.3.1 to 5.3.0.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](1104d47137...2cdde995de)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 19:42:29 +00:00
dependabot[bot]
f4a61bf426
Bump actions/setup-go from 3.5.0 to 5.0.0
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](6edd4406fa...0c52d547c9)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-19 19:42:25 +00:00
760593f248
Merge pull request #83 from wneessen/dependabot/github_actions/docker/setup-buildx-action-3.2.0
Bump docker/setup-buildx-action from 2.10.0 to 3.2.0
2024-03-18 22:07:47 +01:00
7d5493c77d
Merge pull request #82 from wneessen/dependabot/github_actions/github/codeql-action-3.24.8
Bump github/codeql-action from 3.24.7 to 3.24.8
2024-03-18 22:07:32 +01:00
d4d76a0f0a
Merge pull request #81 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.1
Bump actions/upload-artifact from 3.1.0 to 4.3.1
2024-03-18 22:07:19 +01:00
bac3aa4750
Merge pull request #80 from wneessen/dependabot/github_actions/fsfe/reuse-action-3.0.0
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
2024-03-18 22:07:10 +01:00
7e742a4a73
Merge pull request #79 from wneessen/dependabot/github_actions/docker/setup-qemu-action-3.0.0
Bump docker/setup-qemu-action from 2.2.0 to 3.0.0
2024-03-18 22:07:00 +01:00
dependabot[bot]
a0c312f39f
Bump docker/setup-buildx-action from 2.10.0 to 3.2.0
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 2.10.0 to 3.2.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](885d1462b8...2b51285047)

---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 19:41:54 +00:00
dependabot[bot]
35cce6e2c7
Bump github/codeql-action from 3.24.7 to 3.24.8
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.24.7 to 3.24.8.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](3ab4101902...05963f47d8)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 19:41:50 +00:00
dependabot[bot]
174ca5da39
Bump actions/upload-artifact from 3.1.0 to 4.3.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.0 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](3cea537223...5d5d22a312)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 19:41:45 +00:00
dependabot[bot]
df816f5ae4
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action) from 1.3.0 to 3.0.0.
- [Release notes](https://github.com/fsfe/reuse-action/releases)
- [Commits](28cf8f33bc...a46482ca36)

---
updated-dependencies:
- dependency-name: fsfe/reuse-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 19:41:42 +00:00
dependabot[bot]
da5ffa7d3d
Bump docker/setup-qemu-action from 2.2.0 to 3.0.0
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2.2.0 to 3.0.0.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](2b82ce82d5...68827325e0)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-18 19:41:39 +00:00
4d790d3138
Merge pull request #78 from wneessen/contrib
Add CONTRIBUTING.md with contribution guidelines
2024-03-18 00:04:56 +01:00
f9314bc07c
Add CONTRIBUTING.md with contribution guidelines
The file CONTRIBUTING.md has been added to provide clear guidelines for contributors seeking to make pull requests to the project. This includes instructions on how to create effective pull requests, maintain clean commit history, and keep PRs up to date.
2024-03-18 00:04:05 +01:00
afac8e8f0e
Merge pull request #77 from wneessen/openssf_badge
Add OpenSSF Best Practices badge to README.md
2024-03-17 23:58:21 +01:00
d443446011
Add OpenSSF Best Practices badge to README.md
The OpenSSF Best Practices badge has been included in the README.md file to demonstrate the adherence of this project to the best practices set by the Open Source Security Foundation.
2024-03-17 23:57:48 +01:00
bf9cb85f9b
Merge pull request #76 from wneessen/dependabot/github_actions/ossf/scorecard-action-2.3.1
Bump ossf/scorecard-action from 2.1.2 to 2.3.1
2024-03-17 23:32:03 +01:00
7a1170b2d0
Merge pull request #74 from wneessen/dependabot/github_actions/github/codeql-action-3.24.7
Bump github/codeql-action from 2.2.4 to 3.24.7
2024-03-17 23:31:48 +01:00
abc5b90aea
Merge pull request #73 from wneessen/dependabot/github_actions/docker/login-action-3.1.0
Bump docker/login-action from 1.9.0 to 3.1.0
2024-03-17 23:31:37 +01:00
0c68f136ea
Merge pull request #72 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-4.0.0
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
2024-03-17 23:31:26 +01:00
0a3abebb5a
Merge pull request #75 from wneessen/dependabot/github_actions/codecov/codecov-action-4.1.0
Bump codecov/codecov-action from 3.1.6 to 4.1.0
2024-03-17 23:30:59 +01:00
dependabot[bot]
1d8087b1d7
Bump ossf/scorecard-action from 2.1.2 to 2.3.1
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.1.2 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](e38b1902ae...0864cf1902)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-17 22:26:56 +00:00
dependabot[bot]
3ddc257cb5
Bump codecov/codecov-action from 3.1.6 to 4.1.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.6 to 4.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](ab904c41d6...54bcd8715e)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-17 22:26:51 +00:00
dependabot[bot]
2639bb5c69
Bump github/codeql-action from 2.2.4 to 3.24.7
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2.2.4 to 3.24.7.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2.2.4...3ab4101902695724f9365a384f86c1074d94e18c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-17 22:26:48 +00:00
dependabot[bot]
f7d220dd2b
Bump docker/login-action from 1.9.0 to 3.1.0
Bumps [docker/login-action](https://github.com/docker/login-action) from 1.9.0 to 3.1.0.
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](28218f9b04...e92390c5fb)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-17 22:26:43 +00:00
dependabot[bot]
134d943439
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](3a91952989...3cfe3a4abb)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-17 22:26:40 +00:00
49506634bc
Merge pull request #71 from step-security-bot/stepsecurity_remediation_1710714172
[StepSecurity] Apply security best practices
2024-03-17 23:26:17 +01:00
StepSecurity Bot
35067dbf85
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-17 22:22:53 +00:00
5ba220f1b9
Merge pull request #69 from wneessen/add_fuzzing
Add fuzzing
2024-03-17 22:09:40 +01:00
3ffb499c1b
Add fuzz testing to config_test.go
This commit adds a function `FuzzWithAlgorithm` to the configuration test file (config_test.go). The function introduces more comprehensive fuzz testing for the algorithm configuration. It focuses on handling different integers including negative and high numbers, thus enhancing robustness of the algorithm.
2024-03-17 22:05:44 +01:00
b40b4b7e63
Add expanded fuzz testing to algo_test.go
This commit introduces several new fuzz tests to the algo_test.go file. These tests specifically target the IntToAlgo functionality to ensure proper handling of negative, out-of-range, and very large input values. By covering these edge-cases, we enhance the reliability of the algorithm conversion process.
2024-03-17 22:05:35 +01:00
f5f6a12e83
Merge pull request #68 from wneessen/security-md
Create SECURITY.md
2024-03-17 21:33:25 +01:00
f65feff1f9
Create SECURITY.md 2024-03-17 21:32:57 +01:00
7f8fbb05bc
Merge pull request #67 from wneessen/token-permissions
Add read permissions to GitHub workflows
2024-03-17 20:23:45 +01:00
b289d440da
Update Go build command in GitHub workflow
The GitHub workflow script has been updated to use a different command for building the Go application. This will ensure that the application is built with necessary parameters for correct operation and proper linking of static libraries.
2024-03-17 20:23:29 +01:00
ef8e334df0
Add read permissions to GitHub workflows
The reuse and docker-publish workflow scripts in GitHub Actions have been updated. Now these scripts have permission to read contents. This will ensure secure access and controlled operations on repositories.
2024-03-17 20:16:27 +01:00
ba891efd37
Merge pull request #64 from wneessen/codeql
Create codeql.yml
2024-03-17 20:02:09 +01:00
bfc12841ce
Update Go version and build command in codeql workflow
The codeql workflow script has been updated. Specifically, the Go version in the build command has been changed from 1.22.0 to 1.22.1+auto, to ensure alignment with the Go version specified elsewhere in the project. Additionally, the build command itself has been simplified, utilizing '/usr/bin/env' to consolidate dependencies.
2024-03-17 19:59:29 +01:00
4ea41be22f
Update Go version and simplify build script
The Go version in go.mod has been updated from 1.22 to 1.22.0 to avoid potential compatibility issues. Additionally, the build process in codeql.yml has been simplified by consolidating multiple 'go mod' commands into a single 'go build' command.
2024-03-17 19:51:46 +01:00
2691b04e38
Upgrade Go version in go.mod
The Go version specified in the go.mod file has been upgraded from 1.22 to 1.22.0. This may be necessary to avoid compatibility issues with updated systems and dependencies.
2024-03-17 19:49:43 +01:00
decf5526d1
Downgrade Go version in go.mod
The Go version specified in the go.mod file has been downgraded from 1.22.1 to 1.22. This change is necessary to maintain compatibility with systems and dependencies that may not yet support the latest version of Go.
2024-03-17 19:38:12 +01:00
061b9f4f7f
Upgrade Go version in go.mod
The Go version specified in the go.mod file has been upgraded from 1.21 to 1.22.1. This change ensures the use of the latest Go features and improvements, enhancing the overall project performance.
2024-03-17 19:36:40 +01:00
bffc8ac65e
Update Go version in go.mod
The Go version specified in the go.mod file has been downgraded from 1.22 to 1.21. This is to ensure compatibility with the project's specified dependencies.
2024-03-17 19:33:18 +01:00