Commit graph

67 commits

Author SHA1 Message Date
dependabot[bot]
92bf3166c4
Bump actions/upload-artifact from 3.1.3 to 4.3.1
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3.1.3 to 4.3.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](a8a3f3ad30...5d5d22a312)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 13:45:21 +00:00
StepSecurity Bot
d87e2205d6
[StepSecurity] ci: Harden GitHub Actions
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-23 18:01:31 +00:00
25ee875300
"Add Govulncheck Security Scan workflow"
A new GitHub Actions workflow for Govulncheck Security Scan has been added. This workflow gets activated on every push or pull request and includes runner hardening and executing 'govulncheck' to identify potential vulnerabilities.
2024-03-23 18:59:10 +01:00
c78388a2cb
Add read permissions to GitHub workflow files
This commit adds read permissions for 'contents' in the GitHub workflow files sonarqube.yml and reuse.yml. This allows these specific workflows to access the relevant contents they need for execution.
2024-03-23 15:49:03 +01:00
976adc5be9
Merge pull request #186 from wneessen/dependabot/github_actions/github/codeql-action-3.24.9
Bump github/codeql-action from 1.1.39 to 3.24.9
2024-03-22 16:13:33 +01:00
bd513b3d5a
Merge pull request #187 from wneessen/dependabot/github_actions/codecov/codecov-action-4.1.0
Bump codecov/codecov-action from 3.1.6 to 4.1.0
2024-03-22 16:13:20 +01:00
f82a3fc261
Merge pull request #188 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-4.0.0
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
2024-03-22 16:13:08 +01:00
e789acfa75
Merge pull request #190 from wneessen/dependabot/github_actions/ossf/scorecard-action-2.3.1
Bump ossf/scorecard-action from 2.0.6 to 2.3.1
2024-03-22 16:12:55 +01:00
6d31b35fa2
Merge pull request #189 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.3
Bump actions/dependency-review-action from 2.5.1 to 4.2.3
2024-03-22 16:12:42 +01:00
101e90f607
Add SPDX license headers to GitHub workflow files
This commit adds SPDX license headers to GitHub workflow files: scorecards.yml, dependency-review.yml, and dependabot.yml. This ensures that the license and copyright information is easily available for everyone to see.
2024-03-22 16:10:30 +01:00
dependabot[bot]
60578e4c00
Bump ossf/scorecard-action from 2.0.6 to 2.3.1
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.0.6 to 2.3.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](99c53751e0...0864cf1902)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:09 +00:00
dependabot[bot]
dbf19d2646
Bump actions/dependency-review-action from 2.5.1 to 4.2.3
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 2.5.1 to 4.2.3.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](0efb1d1d84...0fa40c3c10)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:05 +00:00
dependabot[bot]
86d86beb7f
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](3a91952989...3cfe3a4abb)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:05:02 +00:00
dependabot[bot]
6283546390
Bump codecov/codecov-action from 3.1.6 to 4.1.0
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.6 to 4.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](ab904c41d6...54bcd8715e)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:04:59 +00:00
dependabot[bot]
1b6f49cd18
Bump github/codeql-action from 1.1.39 to 3.24.9
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 1.1.39 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v1.1.39...1b1aada464948af03b950897e5eb522f92603cc2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-03-22 15:04:55 +00:00
StepSecurity Bot
886edbc0c9
[StepSecurity] Apply security best practices
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-22 14:36:47 +00:00
f01047855f
Update Go version in GitHub workflow files
The Go version has been updated to '1.22' in the 'sonarqube.yml', 'golangci-lint.yml', and 'codecov.yml' GitHub action workflow files. This includes an additional modification for the Go versions matrix and condition statements in the 'codecov.yml' workflow.
2024-02-10 14:14:34 +01:00
1c39dc8cf8
Upgrade codecov-action to v3 in GitHub workflow
The codecov-action version used in the GitHub workflow file has been upgraded from v2 to v3. This enhances the reliability and performance by leveraging the new features and improvements available in version 3. This commit doesn't affect the functionality of the project but is more of a dependency update.
2024-01-25 14:03:19 +01:00
0bd5390e37
Update codecov.yml 2023-08-23 11:47:00 +02:00
b2e54717b3
Update Go version to 1.21 in GitHub workflows
This commit updates the Go version from 1.20 to 1.21 on three GitHub workflow files: golangci-lint.yml, codecov.yml, and sonarqube.yml. The change ensures we use the latest Go version which is more efficient and comes with additional features, leading to improved project performance.
2023-08-15 10:11:13 +02:00
169286e109
Update golangci-lint to Go 1.20 2023-02-02 19:10:16 +01:00
0dca1491db
Looks like golangci-lint does not support 1.20 yet 2023-02-02 10:26:11 +01:00
fa0d51ec80
GH seems to interpret 1.20 as 1.2. Let's try if a string works 2023-02-02 10:23:51 +01:00
c5481d9059
Updated workflows to Go 1.20 2023-02-02 10:16:46 +01:00
4a1b1ede96
Update sonarqube.yml
Remove gosec and update to Go 1.19
2022-10-18 17:36:13 +02:00
f36df2fcdb
Fix codecov Go version setup
The different code version usages in the codecov workflow were missing the actual go setup set, which caused all tests to always run with Go 1.17. This PR fixes this
2022-10-18 16:40:03 +02:00
8c6f291b38
Update golangci-lint.yml 2022-10-17 18:35:53 +02:00
9e2fc70ee6
Update golangci-lint.yml 2022-10-17 18:21:28 +02:00
0149003d49
Update golangci-lint.yml 2022-10-17 18:20:37 +02:00
872315ed80
Create golangci-lint.yml 2022-10-17 18:18:32 +02:00
9e2cad565a
Update codecov.yml 2022-09-08 15:33:39 +02:00
6556926573
Update codecov.yml 2022-09-08 15:30:47 +02:00
d5ee314883
Update codecov.yml 2022-09-08 15:29:18 +02:00
48a1acc782
Update codecov.yml 2022-09-08 15:25:08 +02:00
67101c0a99
Update codecov.yml
Install sendmail for tests on ubuntu
2022-09-08 15:23:06 +02:00
bce51755d2
Update codecov.yml
Add Go 1.19 to test coverage and use it as default
2022-09-08 15:05:38 +02:00
04196716f1
Update sonarqube.yml
Run SonarQube on PRs too
2022-07-07 10:52:01 +02:00
4e4d3f5157
Update reuse.yml 2022-06-17 15:27:07 +02:00
617ff3eed5
Create reuse.yml 2022-06-17 15:22:53 +02:00
31001e87b2
#24: Add SPDX license IDs for REUSE compliance
# SUMMARY

* Bad licenses:
* Deprecated licenses:
* Licenses without file extension:
* Missing licenses:
* Unused licenses:
* Used licenses: CC0-1.0, MIT
* Read errors: 0
* Files with copyright information: 45 / 45
* Files with license information: 45 / 45

Congratulations! Your project is compliant with version 3.0 of the REUSE Specification :-)
2022-06-17 15:05:54 +02:00
1d697c3334
Update codecov.yml
We do not support go 1.15
2022-06-09 09:53:39 +02:00
8e68b7197f
Create feature_request.yml 2022-06-01 20:49:33 +02:00
ac0c2c043c
Create config.yml 2022-06-01 20:47:52 +02:00
9faca1cc59
Create bug_report.yml 2022-06-01 20:46:42 +02:00
556223c09a
Update sonarqube.yml 2022-04-12 23:25:23 +02:00
a5cd8d6d68
Update sonarqube.yml 2022-04-12 23:15:56 +02:00
483773cb9c
Update sonarqube.yml 2022-04-12 23:12:32 +02:00
b7c817d4e4
Update and rename sonarqube.yaml to sonarqube.yml 2022-04-12 19:36:20 +02:00
e76cd59d66
Create sonarqube.yaml 2022-04-12 19:35:07 +02:00
24993e17d4
Update FUNDING.yml 2022-04-03 12:41:40 +02:00