Added SECURITY.md with details for vulnerability reporting and encryption. Introduced new workflows for dependency review, Scorecard supply-chain security, and CodeQL analysis. Made amendments to docker-publish.yml for better Docker build and publishing process. These enhancements are aimed towards improving the security stance and the efficiency of CI/CD workflows.
All source code files as well as README.md, .gitignore, and various configuration files have been updated with an SPDX license identifier, changing license from CC0-1.0 to MIT. The copyright year has been updated to 2023, and the copyright holder's email address has been corrected from 'winni@neessen.dev' to 'wn@neessen.dev'. An MIT license text file has been additionally added.
This commit introduces two new workflows for Github Actions: REUSE Compliance Check and golangci-lint. It also includes the funding options for the project in a dedicated FUNDING.yml file. These changes will enhance code quality checks and offer ways to support the project financially.
This commit introduces a SonarQube configuration setup, adds an .idea/.gitignore file, and expands the root .gitignore file. The SonarQube setup includes a GitHub Actions workflow and a project properties file. The .gitignore files are updated to properly ignore files for JetBrains IDEs, local testfiles, SonarQube, and others.
