dependabot[bot]
87c0575dd4
Bump actions/setup-go from 5.0.2 to 5.1.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.2 to 5.1.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0a12ed9d6a...41dfa10bad
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-10-25 13:39:33 +00:00
d931050a6f
Update GitHub Actions paths for Go and workflow files
...
This commit refines the paths in GitHub Actions workflows to more precisely track changes in Go-related files and specific workflow files. General `.github/**` paths have been replaced with explicit references to relevant workflow files within `.github/workflows`.
2024-10-04 15:28:22 +02:00
8f596ffae7
Add offline tests workflow and clean up SonarQube config
...
Introduce a new offline tests workflow to validate Go code across multiple OS and Go versions. This commit also removes unused environment variables and updates the Go version syntax in the SonarQube workflow.
2024-10-03 16:00:58 +02:00
a41639ec07
Fix secret reference and improve test command options
...
Corrected the reference for `TEST_PASS_SCRAM` in both workflows. Simplified the Go test command in `codecov.yml` and added the `shuffle=on` option for better test randomness in `sonarqube.yml`.
2024-10-02 16:50:45 +02:00
cbba4d83d1
Add SCRAM authentication to CI workflows
...
This commit introduces SCRAM authentication configurations to both `codecov.yml` and `sonarqube.yml` GitHub Action workflow files. The changes include new environment variables for SCRAM host, user, and password to enhance the security and flexibility of the CI processes.
2024-10-02 15:51:56 +02:00
dependabot[bot]
d75d990124
Bump sonarsource/sonarqube-scan-action
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from f885e52a7572cf7943f28637e75730227df2dbf2 to 884b79409bbd464b2a59edc326a4b77dc56b2195.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](f885e52a75...884b79409b
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-25 13:58:36 +00:00
dependabot[bot]
d6725b2d63
Bump sonarsource/sonarqube-scan-action
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 0c0f3958d90fc466625f1d1af1f47bddd4cc6bd1 to f885e52a7572cf7943f28637e75730227df2dbf2.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](0c0f3958d9...f885e52a75
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-24 13:48:36 +00:00
dependabot[bot]
6d9829776a
Bump step-security/harden-runner from 2.9.1 to 2.10.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.1 to 2.10.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](5c7944e73c...91182cccc0
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-09-11 14:09:18 +00:00
dependabot[bot]
fa05b38e31
Bump sonarsource/sonarqube-quality-gate-action
...
Bumps [sonarsource/sonarqube-quality-gate-action](https://github.com/sonarsource/sonarqube-quality-gate-action ) from 72f24ebf1f81eda168a979ce14b8203273b7c3ad to dc2f7b0dd95544cd550de3028f89193576e958b9.
- [Release notes](https://github.com/sonarsource/sonarqube-quality-gate-action/releases )
- [Commits](72f24ebf1f...dc2f7b0dd9
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-quality-gate-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-30 13:19:01 +00:00
8b69fa92ae
Update Go version in SonarQube workflow
...
Bump Go version from 1.22.x to 1.23.x in the SonarQube GitHub Actions workflow. This ensures compatibility with the latest features and improvements in Go.
2024-08-16 10:30:20 +02:00
dependabot[bot]
a3a41f2399
Bump sonarsource/sonarqube-scan-action from 2.3.0 to 3.0.0
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.3.0 to 3.0.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](aecaf43ae5...0c0f3958d9
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-13 13:26:01 +00:00
dependabot[bot]
a80447d2be
Bump step-security/harden-runner from 2.9.0 to 2.9.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](0d381219dd...5c7944e73c
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-08-06 13:36:40 +00:00
dependabot[bot]
47e901d80d
Bump step-security/harden-runner from 2.8.1 to 2.9.0
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.1 to 2.9.0.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](17d0e2bd7d...0d381219dd
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-19 13:18:49 +00:00
dependabot[bot]
e8b7d0825f
Bump actions/setup-go from 5.0.1 to 5.0.2
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.1 to 5.0.2.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](cdcb360436...0a12ed9d6a
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-11 13:36:12 +00:00
dependabot[bot]
09521758db
Bump sonarsource/sonarqube-scan-action from 2.2.0 to 2.3.0
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.2.0 to 2.3.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](540792c588...aecaf43ae5
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-07-02 13:51:17 +00:00
dependabot[bot]
1191060ab7
Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.1.0 to 2.2.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](86fe817756...540792c588
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-13 13:50:11 +00:00
dependabot[bot]
cedc52f565
Bump step-security/harden-runner from 2.8.0 to 2.8.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.8.0 to 2.8.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](f086349bfa...17d0e2bd7d
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-06-07 13:25:34 +00:00
dependabot[bot]
b174a9cce1
Bump sonarsource/sonarqube-scan-action from 2.0.2 to 2.1.0
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 2.0.2 to 2.1.0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](53c3e3207f...86fe817756
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-23 14:08:07 +00:00
dependabot[bot]
6991aecc5d
---
...
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-22 13:15:46 +00:00
dependabot[bot]
047ba0368d
Bump actions/setup-go from 5.0.0 to 5.0.1
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 5.0.0 to 5.0.1.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](0c52d547c9...cdcb360436
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-05-02 14:07:50 +00:00
dependabot[bot]
63d721cf6f
Bump step-security/harden-runner from 2.7.0 to 2.7.1
...
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner ) from 2.7.0 to 2.7.1.
- [Release notes](https://github.com/step-security/harden-runner/releases )
- [Commits](63c24ba6bd...a4aa98b93c
)
---
updated-dependencies:
- dependency-name: step-security/harden-runner
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-30 14:03:23 +00:00
dependabot[bot]
294de2c5ee
Bump sonarsource/sonarqube-quality-gate-action
...
Bumps [sonarsource/sonarqube-quality-gate-action](https://github.com/sonarsource/sonarqube-quality-gate-action ) from f9fe214a5be5769c40619de2fff2726c36d2d5eb to 72f24ebf1f81eda168a979ce14b8203273b7c3ad.
- [Release notes](https://github.com/sonarsource/sonarqube-quality-gate-action/releases )
- [Commits](f9fe214a5b...72f24ebf1f
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-quality-gate-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-04 13:21:20 +00:00
dependabot[bot]
b0bda8dbc8
Bump sonarsource/sonarqube-scan-action
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 9ad16418d1dd6d28912bc0047ee387e90181ce1c to 53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](9ad16418d1...53c3e3207f
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-28 13:31:06 +00:00
dependabot[bot]
d28b22d05e
Bump actions/setup-go from 3.5.0 to 5.0.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.5.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](6edd4406fa...0c52d547c9
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:33 +00:00
c78388a2cb
Add read permissions to GitHub workflow files
...
This commit adds read permissions for 'contents' in the GitHub workflow files sonarqube.yml and reuse.yml. This allows these specific workflows to access the relevant contents they need for execution.
2024-03-23 15:49:03 +01:00
StepSecurity Bot
886edbc0c9
[StepSecurity] Apply security best practices
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-22 14:36:47 +00:00
f01047855f
Update Go version in GitHub workflow files
...
The Go version has been updated to '1.22' in the 'sonarqube.yml', 'golangci-lint.yml', and 'codecov.yml' GitHub action workflow files. This includes an additional modification for the Go versions matrix and condition statements in the 'codecov.yml' workflow.
2024-02-10 14:14:34 +01:00
b2e54717b3
Update Go version to 1.21 in GitHub workflows
...
This commit updates the Go version from 1.20 to 1.21 on three GitHub workflow files: golangci-lint.yml, codecov.yml, and sonarqube.yml. The change ensures we use the latest Go version which is more efficient and comes with additional features, leading to improved project performance.
2023-08-15 10:11:13 +02:00
fa0d51ec80
GH seems to interpret 1.20 as 1.2. Let's try if a string works
2023-02-02 10:23:51 +01:00
c5481d9059
Updated workflows to Go 1.20
2023-02-02 10:16:46 +01:00
4a1b1ede96
Update sonarqube.yml
...
Remove gosec and update to Go 1.19
2022-10-18 17:36:13 +02:00
f36df2fcdb
Fix codecov Go version setup
...
The different code version usages in the codecov workflow were missing the actual go setup set, which caused all tests to always run with Go 1.17. This PR fixes this
2022-10-18 16:40:03 +02:00
04196716f1
Update sonarqube.yml
...
Run SonarQube on PRs too
2022-07-07 10:52:01 +02:00
31001e87b2
#24 : Add SPDX license IDs for REUSE compliance
...
# SUMMARY
* Bad licenses:
* Deprecated licenses:
* Licenses without file extension:
* Missing licenses:
* Unused licenses:
* Used licenses: CC0-1.0, MIT
* Read errors: 0
* Files with copyright information: 45 / 45
* Files with license information: 45 / 45
Congratulations! Your project is compliant with version 3.0 of the REUSE Specification :-)
2022-06-17 15:05:54 +02:00
556223c09a
Update sonarqube.yml
2022-04-12 23:25:23 +02:00
a5cd8d6d68
Update sonarqube.yml
2022-04-12 23:15:56 +02:00
483773cb9c
Update sonarqube.yml
2022-04-12 23:12:32 +02:00
b7c817d4e4
Update and rename sonarqube.yaml to sonarqube.yml
2022-04-12 19:36:20 +02:00