The language matrix in the .github/workflows/codeql.yml file has been updated to only include 'go'. This change removes the 'javascript-typescript' option to focus solely on Go code analysis and enhance the efficiency of the workflow process.
The Autobuild command in the .github/workflows/codeql.yml file has been commented out due to possible build failure. Instead, a new run command is added to manually build the application using Go. This change allows for more control and reliability on the build process.
A new file, LICENSES/CC0-1.0.txt, has been created to provide the Creative Commons Zero v1.0 Universal license for the project. Additionally, SPDX headers specifying the MIT license and copyright details have been added to each of the GitHub workflow files, enhancing the clarity and compliance of the project's license utilization.
Added SECURITY.md with details for vulnerability reporting and encryption. Introduced new workflows for dependency review, Scorecard supply-chain security, and CodeQL analysis. Made amendments to docker-publish.yml for better Docker build and publishing process. These enhancements are aimed towards improving the security stance and the efficiency of CI/CD workflows.
All source code files as well as README.md, .gitignore, and various configuration files have been updated with an SPDX license identifier, changing license from CC0-1.0 to MIT. The copyright year has been updated to 2023, and the copyright holder's email address has been corrected from 'winni@neessen.dev' to 'wn@neessen.dev'. An MIT license text file has been additionally added.
This commit introduces two new workflows for Github Actions: REUSE Compliance Check and golangci-lint. It also includes the funding options for the project in a dedicated FUNDING.yml file. These changes will enhance code quality checks and offer ways to support the project financially.
This commit introduces a SonarQube configuration setup, adds an .idea/.gitignore file, and expands the root .gitignore file. The SonarQube setup includes a GitHub Actions workflow and a project properties file. The .gitignore files are updated to properly ignore files for JetBrains IDEs, local testfiles, SonarQube, and others.
