.github/workflows/ci.yml

@@ -59,7 +59,7 @@ jobs:
                 go test -race -shuffle=on --coverprofile=coverage.coverprofile --covermode=atomic ./...
             - name: Upload coverage to Codecov
               if: success()
-              uses: codecov/codecov-action@3b1354a6c45db9f1008891f4eafc1a7e94ce1d18 # v5.0.1
+              uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
               with:
                   token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos
     lint:

.github/workflows/codeql-analysis.yml

@@ -54,7 +54,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+      uses: github/codeql-action/init@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -65,7 +65,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+      uses: github/codeql-action/autobuild@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -79,4 +79,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+      uses: github/codeql-action/analyze@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3

.github/workflows/scorecards.yml

@@ -75,6 +75,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@ea9e4e37992a54ee68a9622e985e60c8e8f12d9f # v3.27.4
+        uses: github/codeql-action/upload-sarif@396bb3e45325a47dd9ef434068033c6d5bb0d11a # v3.27.3
         with:
           sarif_file: results.sarif

.golangci.toml

@@ -9,66 +9,4 @@ exclude-dirs = ["examples"]
 
 [linters]
 enable = ["stylecheck", "whitespace", "containedctx", "contextcheck", "decorder",
-    "errname", "errorlint", "gofmt", "gofumpt", "gosec"]
-
-[issues]
-
-## An overflow is impossible here
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "random.go"
-text = "G115:"
-
-## These are tests which intentionally do not need any TLS settings
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "client_test.go"
-text = "G402:"
-
-## These are tests which intentionally do not need any TLS settings
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "smtp/smtp_test.go"
-text = "G402:"
-
-## We do not dictate a TLS minimum version in the smtp package. go-mail
-## itself does set sane defaults
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "smtp/smtp.go"
-text = "G402:"
-
-## The chance that we write +2 million tests is very low, I think we can
-## ignore this for the time being
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "client_test.go"
-text = "G109:"
-
-## The chance that we write +2 million tests is very low, I think we can
-## ignore this for the time being
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "smtp/smtp_test.go"
-text = "G109:"
-
-## We inform the user about the deprecated status of CRAM-MD5 and suggest
-## to use SCRAM-SHA instead
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "smtp/auth_cram_md5.go"
-text = "G501:"
-
-## Yes, SHA1 is weak, but in the context of SCRAM it is still considered
-## secure for specific applications. The user is information about this
-## in the documentation
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "smtp/auth_scram.go"
-text = "G505:"
-
-## Test code for SCRAM-SHA1. Can be ignored.
-[[issues.exclude-rules]]
-linters = ["gosec"]
-path = "smtp/smtp_test.go"
-text = "G505:"
+    "errname", "errorlint", "gofmt", "gofumpt"]