Commit graph

985 commits

Author SHA1 Message Date
cec3185376
Merge pull request #202 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.5
Bump actions/dependency-review-action from 4.2.4 to 4.2.5
2024-03-26 14:58:05 +01:00
dependabot[bot]
181ce199af
Bump actions/dependency-review-action from 4.2.4 to 4.2.5
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.2.4 to 4.2.5.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](733dd5d4a5...5bbc3ba658)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-26 13:47:39 +00:00
3a31eb181e
Merge pull request #198 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.1
Bump actions/upload-artifact from 3.1.3 to 4.3.1
2024-03-25 16:13:01 +01:00
32a66f3df9
Merge pull request #199 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.4
Bump actions/dependency-review-action from 4.2.3 to 4.2.4
2024-03-25 16:12:48 +01:00
9976302dd9
Merge pull request #200 from wneessen/dependabot/github_actions/fsfe/reuse-action-3.0.0
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
2024-03-25 16:12:33 +01:00
8fdad0ee4c
Merge pull request #201 from wneessen/dependabot/github_actions/actions/setup-go-5.0.0
Bump actions/setup-go from 3.5.0 to 5.0.0
2024-03-25 16:12:20 +01:00
dependabot[bot]
d28b22d05e
Bump actions/setup-go from 3.5.0 to 5.0.0
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3.5.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](6edd4406fa...0c52d547c9)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:33 +00:00
dependabot[bot]
4660a9d734
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action) from 1.3.0 to 3.0.0.
- [Release notes](https://github.com/fsfe/reuse-action/releases)
- [Commits](28cf8f33bc...a46482ca36)

---
updated-dependencies:
- dependency-name: fsfe/reuse-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:29 +00:00
dependabot[bot]
82a0ffef1a
Bump actions/dependency-review-action from 4.2.3 to 4.2.4
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](0fa40c3c10...733dd5d4a5)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:26 +00:00
dependabot[bot]
92bf3166c4
Bump actions/upload-artifact from 3.1.3 to 4.3.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.3 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](a8a3f3ad30...5d5d22a312)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:21 +00:00
f60ef348aa
Merge pull request #197 from wneessen/more_test_coverage
Full test coverage in B64LineBreaker
2024-03-24 22:37:05 +01:00
86e648a695
Rename error variables in b64linebreaker_test.go
In b64linebreaker_test.go, the names of error variables "mockErr" and "mockNewlineErr" have been changed to "errMockDefault" and "errMockNewline" to better clarify their roles. All instances in test cases where these error variables were used have been updated correspondingly.
2024-03-24 22:26:15 +01:00
4d6bca0f65
Refactor test cases and introduce mock writers in b64linebreaker_test.go
The commit modifies existing test cases in the TestBase64LineBreaker_WriteAndClose function where it introduces mock writers to better simulate I/O operations. The introduced mock writers are 'mockWriterExcess' and 'mockWriterNewline' which respectively simulate scenarios of data exceeding body length and inclusion of newline.
2024-03-24 22:23:36 +01:00
c0e856f2ad
Add new test and mockWriter to b64linebreaker_test.go
This update includes a new TestBase64LineBreaker_WriteAndClose function with cases for validating write and close operations in the b64linebreaker module. In addition, a mockWriter is introduced to simulate I/O operations for testing purposes.
2024-03-24 21:34:06 +01:00
5384690a97
Merge pull request #196 from wneessen/scorecard_badge
Add OpenSSF Scorecard badge to README
2024-03-24 16:42:00 +01:00
7514d735e0
Add OpenSSF Scorecard badge to README
This commit introduces the OpenSSF Scorecard badge to the README file. The badge will provide immediate access to the security scorecards of the go-mail project for users.
2024-03-24 16:34:38 +01:00
f9859799b2
Merge pull request #195 from step-security-bot/stepsecurity_remediation_1711216890
[StepSecurity] ci: Harden GitHub Actions
2024-03-23 19:06:20 +01:00
StepSecurity Bot
d87e2205d6
[StepSecurity] ci: Harden GitHub Actions
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-23 18:01:31 +00:00
25ee875300
"Add Govulncheck Security Scan workflow"
A new GitHub Actions workflow for Govulncheck Security Scan has been added. This workflow gets activated on every push or pull request and includes runner hardening and executing 'govulncheck' to identify potential vulnerabilities.
2024-03-23 18:59:10 +01:00
4aeeca5a82
Merge pull request #194 from wneessen/OpenSSF-badge
Add OpenSSF Best Practices badge to README.md
2024-03-23 17:34:47 +01:00
0dc449f582
Add OpenSSF Best Practices badge to README.md
An OpenSSF Best Practices badge was added to the README file. This badge reflects adherence to critical open source software security practices.
2024-03-23 17:28:04 +01:00
11258613d5
Merge pull request #193 from wneessen/implement_fuzzing
Implement fuzzing
2024-03-23 16:52:01 +01:00
a4918210f1
Update Base64LineBreaker fuzzing tests in b64linebreaker_test.go
Updated the fuzzing tests in the `Base64LineBreaker_Write` function. The change specifically converts integer bytes from decimal to octal. This ensures proper testing of a wider range of input scenarios, increasing the reliability and robustness of the code.
2024-03-23 16:51:18 +01:00
dae7d80759
Add fuzzing tests for subject and from fields in msg_test.go
Included two new fuzzing tests for 'Subject' and 'From' to increase code coverage and reliability. These tests expand our checking strategy by using dynamic inputs and making sure no unexpected errors occur when dealing with a variety of possible input scenarios.
2024-03-23 16:46:21 +01:00
91a3fc5261
Ignore testdata in Git
Added 'testdata' to .gitignore file. This ensures that any files or folders named 'testdata', which are most likely used for local testing, will not be tracked by Git allowing for a cleaner working directory.
2024-03-23 16:36:01 +01:00
821ee0a9e1
Update Base64LineBreaker_Write testing
Enhanced testing for the Base64LineBreaker_Write function by adding a fuzz test. This additional fuzz test provides the function with a variety of random byte inputs as a way of uncovering any hidden errors and contributing to more reliable coding.
2024-03-23 16:35:32 +01:00
280f85abd1
Add fuzz testing to Base64LineBreaker_Write function
The update enhances testing for the Base64LineBreaker_Write function by creating a fuzz test. This new fuzz test feeds the function with a wide range of random byte inputs to improve the detection of hidden anomalies and help ensure more robust code.
2024-03-23 16:14:07 +01:00
932ac2be48
Merge pull request #192 from wneessen/fix_token_perms
Add read permissions to GitHub workflow files
2024-03-23 15:52:26 +01:00
c78388a2cb
Add read permissions to GitHub workflow files
This commit adds read permissions for 'contents' in the GitHub workflow files sonarqube.yml and reuse.yml. This allows these specific workflows to access the relevant contents they need for execution.
2024-03-23 15:49:03 +01:00
976adc5be9
Merge pull request #186 from wneessen/dependabot/github_actions/github/codeql-action-3.24.9
Bump github/codeql-action from 1.1.39 to 3.24.9
2024-03-22 16:13:33 +01:00
bd513b3d5a
Merge pull request #187 from wneessen/dependabot/github_actions/codecov/codecov-action-4.1.0
Bump codecov/codecov-action from 3.1.6 to 4.1.0
2024-03-22 16:13:20 +01:00
f82a3fc261
Merge pull request #188 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-4.0.0
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
2024-03-22 16:13:08 +01:00
e789acfa75
Merge pull request #190 from wneessen/dependabot/github_actions/ossf/scorecard-action-2.3.1
Bump ossf/scorecard-action from 2.0.6 to 2.3.1
2024-03-22 16:12:55 +01:00
6d31b35fa2
Merge pull request #189 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.3
Bump actions/dependency-review-action from 2.5.1 to 4.2.3
2024-03-22 16:12:42 +01:00
b32410df19
Merge pull request #191 from wneessen/fix_reuse
Add SPDX license headers to GitHub workflow files
2024-03-22 16:10:51 +01:00
101e90f607
Add SPDX license headers to GitHub workflow files
This commit adds SPDX license headers to GitHub workflow files: scorecards.yml, dependency-review.yml, and dependabot.yml. This ensures that the license and copyright information is easily available for everyone to see.
2024-03-22 16:10:30 +01:00
dependabot[bot]
60578e4c00
Bump ossf/scorecard-action from 2.0.6 to 2.3.1
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](99c53751e0...0864cf1902)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:09 +00:00
dependabot[bot]
dbf19d2646
Bump actions/dependency-review-action from 2.5.1 to 4.2.3
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 2.5.1 to 4.2.3.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](0efb1d1d84...0fa40c3c10)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:05 +00:00
dependabot[bot]
86d86beb7f
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](3a91952989...3cfe3a4abb)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:02 +00:00
dependabot[bot]
6283546390
Bump codecov/codecov-action from 3.1.6 to 4.1.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.6 to 4.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](ab904c41d6...54bcd8715e)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:04:59 +00:00
dependabot[bot]
1b6f49cd18
Bump github/codeql-action from 1.1.39 to 3.24.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.39 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1.1.39...1b1aada464948af03b950897e5eb522f92603cc2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:04:55 +00:00
612e125c9a
Merge pull request #185 from step-security-bot/stepsecurity_remediation_1711118204
[StepSecurity] Apply security best practices
2024-03-22 16:04:31 +01:00
StepSecurity Bot
886edbc0c9
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-22 14:36:47 +00:00
1c883a8ed4
Merge pull request #182 from wneessen/feature/179_refactor-variable-names-for-readability
Refactor variable names for readability
2024-02-27 12:04:17 +01:00
514e68be54
Update variable name in random.go
Changed the abbreviation 'idx' to 'i' in the 'random.go' file. This change makes the variable roles much clearer and aligns the naming with Go's best practice, enhancing readability and maintainability.
2024-02-27 11:43:05 +01:00
6c9b875f58
Refactor variable names in log files
Updated variable names from abbreviations to full names for better code readability in the log and test log files. This modification provides a clearer understanding of variable roles and improves code maintainability in adherence to Go's best practices.
2024-02-27 11:35:37 +01:00
077cf47973
Refactor variable names for better clarity
Changed variable names for more clarity in senderror.go. This change has converted abbreviated variable names into meaningful and self-explanatory variables. This effort improves code readability and maintainability following Go's best practices.
2024-02-27 11:32:12 +01:00
7de4f5053f
Refactor variable names for better clarity
Adjusted variable names in several functions and improved code readability. Full, descriptive names have replaced abbreviations to make the codes self-explanatory. The change is aimed at enhancing code maintenance and adhering to Go's best practices for naming conventions.
2024-02-27 11:30:09 +01:00
19a3cf61ed
Refactor variable names for code readability
Updated variable names in multiple files to enhance code readability and maintainability by replacing abbreviations with full descriptive names. This ensures adherence to the best practices of naming conventions in Go.
2024-02-27 11:21:28 +01:00
40ea4fbfb3
Refactor variable names in client_120.go
Updated variable names in the client_120.go file to enhance readability and clarity. This observes best practices for naming conventions in Go, producing cleaner code that's easier to maintain and troubleshoot. Changes primarily consist of replacing abbreviations with full descriptive names.
2024-02-27 11:14:33 +01:00