dependabot[bot]
faf921dc6c
Bump actions/upload-artifact from 4.3.2 to 4.3.3
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.2 to 4.3.3.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](1746f4ab65...65462800fd
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-23 08:15:05 +00:00
87a21dfc6a
Merge pull request #21 from wneessen/dependabot/github_actions/actions/upload-artifact-4.3.2
...
Bump actions/upload-artifact from 4.3.1 to 4.3.2
2024-04-19 10:49:57 +02:00
dependabot[bot]
912eb0eeb8
Bump actions/upload-artifact from 4.3.1 to 4.3.2
...
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact ) from 4.3.1 to 4.3.2.
- [Release notes](https://github.com/actions/upload-artifact/releases )
- [Commits](5d5d22a312...1746f4ab65
)
---
updated-dependencies:
- dependency-name: actions/upload-artifact
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-19 08:23:26 +00:00
cb40354900
Merge pull request #20 from wneessen/dependabot/github_actions/github/codeql-action-3.25.1
...
Bump github/codeql-action from 3.25.0 to 3.25.1
2024-04-18 10:55:13 +02:00
dependabot[bot]
242a86b8e7
Bump github/codeql-action from 3.25.0 to 3.25.1
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.25.0 to 3.25.1.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](df5a14dc28...c7f9125735
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-18 08:51:00 +00:00
7e8ca377f0
Merge pull request #19 from wneessen/dependabot/github_actions/github/codeql-action-3.25.0
...
Bump github/codeql-action from 3.24.10 to 3.25.0
2024-04-16 10:53:40 +02:00
dependabot[bot]
bc7a021e33
Bump github/codeql-action from 3.24.10 to 3.25.0
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.10 to 3.25.0.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](4355270be1...df5a14dc28
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-16 08:36:02 +00:00
adc98a0231
Merge pull request #18 from wneessen/dependabot/github_actions/sigstore/cosign-installer-3.5.0
...
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
2024-04-11 11:13:29 +02:00
dependabot[bot]
fea2280875
Bump sigstore/cosign-installer from 3.4.0 to 3.5.0
...
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer ) from 3.4.0 to 3.5.0.
- [Release notes](https://github.com/sigstore/cosign-installer/releases )
- [Commits](e1523de757...59acb6260d
)
---
updated-dependencies:
- dependency-name: sigstore/cosign-installer
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-11 08:54:14 +00:00
be61815ff9
Merge pull request #16 from wneessen/dependabot/github_actions/docker/setup-buildx-action-3.3.0
...
Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
2024-04-08 11:10:14 +02:00
e1b891a2b0
Merge pull request #17 from wneessen/dependabot/github_actions/github/codeql-action-3.24.10
...
Bump github/codeql-action from 3.24.9 to 3.24.10
2024-04-08 11:09:59 +02:00
dependabot[bot]
c22aac210b
Bump github/codeql-action from 3.24.9 to 3.24.10
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.9 to 3.24.10.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b1aada464...4355270be1
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-08 09:08:17 +00:00
dependabot[bot]
b80694f5df
Bump docker/setup-buildx-action from 3.2.0 to 3.3.0
...
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action ) from 3.2.0 to 3.3.0.
- [Release notes](https://github.com/docker/setup-buildx-action/releases )
- [Commits](2b51285047...d70bba72b1
)
---
updated-dependencies:
- dependency-name: docker/setup-buildx-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-08 09:08:12 +00:00
b5385dce55
Merge pull request #15 from wneessen/dependabot/docker/golang-cdc86d9
...
Bump golang from `0466223` to `cdc86d9`
2024-04-04 10:58:19 +02:00
dependabot[bot]
2f34ced5b5
Bump golang from 0466223
to cdc86d9
...
Bumps golang from `0466223` to `cdc86d9`.
---
updated-dependencies:
- dependency-name: golang
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-04-04 08:53:48 +00:00
93db43b67a
Merge pull request #14 from wneessen/dependabot/github_actions/sonarsource/sonarqube-scan-action-53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0
...
Bump sonarsource/sonarqube-scan-action from 9ad16418d1dd6d28912bc0047ee387e90181ce1c to 53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0
2024-03-29 13:41:12 +01:00
dependabot[bot]
31beff9e47
Bump sonarsource/sonarqube-scan-action
...
Bumps [sonarsource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action ) from 9ad16418d1dd6d28912bc0047ee387e90181ce1c to 53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0.
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases )
- [Commits](9ad16418d1...53c3e3207f
)
---
updated-dependencies:
- dependency-name: sonarsource/sonarqube-scan-action
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-29 08:52:42 +00:00
b71e0cd3b1
Merge pull request #13 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.5
...
Bump actions/dependency-review-action from 4.2.4 to 4.2.5
2024-03-26 10:02:05 +01:00
dependabot[bot]
1919eabc08
Bump actions/dependency-review-action from 4.2.4 to 4.2.5
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.4 to 4.2.5.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](733dd5d4a5...5bbc3ba658
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-26 08:57:51 +00:00
795f9671b5
Merge pull request #12 from wneessen/dependabot/github_actions/github/codeql-action-3.24.9
...
Bump github/codeql-action from 3.24.8 to 3.24.9
2024-03-25 09:24:09 +01:00
dfbc5f40fa
Merge pull request #11 from wneessen/dependabot/github_actions/actions/dependency-review-action-4.2.4
...
Bump actions/dependency-review-action from 4.2.3 to 4.2.4
2024-03-25 09:23:53 +01:00
dependabot[bot]
b7f7997861
Bump github/codeql-action from 3.24.8 to 3.24.9
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 3.24.8 to 3.24.9.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](05963f47d8...1b1aada464
)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 08:20:03 +00:00
dependabot[bot]
615b3eb5a4
Bump actions/dependency-review-action from 4.2.3 to 4.2.4
...
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action ) from 4.2.3 to 4.2.4.
- [Release notes](https://github.com/actions/dependency-review-action/releases )
- [Commits](0fa40c3c10...733dd5d4a5
)
---
updated-dependencies:
- dependency-name: actions/dependency-review-action
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-25 08:19:50 +00:00
71a6f505e1
Merge pull request #10 from wneessen/update-SECURITY-md
...
Update project names in SECURITY.md
2024-03-21 20:27:12 +01:00
eab102f166
Update project names in SECURITY.md
...
Project names in the SECURITY.md file have been updated to reflect the correct projects: js-mailer to logranger. The email and URL for reporting security issues have been revised accordingly.
2024-03-21 20:26:20 +01:00
166878714d
Merge pull request #9 from wneessen/readability
...
Refactor variable names for improved code readability
2024-03-21 20:24:23 +01:00
80e30c6bda
Refactor variable names for improved code readability
...
The changes involved refactor and clean-up of variable names. This encompasses making the names more descriptive and meaningful to enhance the readability of the code. Accuracy of variable names in conveying their usage and purpose has been greatly improved. The changes span across multiple files, touching crucial components like the server, rulesets, connection, and configuration handling.
2024-03-21 20:22:33 +01:00
c86532d5d9
Merge pull request #8 from wneessen/fix_reuse
...
Add SPDX license headers to workflows and Dependabot config
2024-03-21 16:35:44 +01:00
f0e0b94307
Add SPDX license headers to workflows and Dependabot config
...
Added SPDX license headers to the GitHub workflows and the Dependabot configuration file, specifying the license as MIT. Also, minor formatting changes have been made to the dependency review workflow file.
2024-03-21 16:35:03 +01:00
7b6edf1c31
Merge pull request #3 from wneessen/dependabot/github_actions/actions/checkout-4.1.2
...
Bump actions/checkout from 2.7.0 to 4.1.2
2024-03-21 16:33:27 +01:00
dependabot[bot]
9a7db0fb90
Bump actions/checkout from 2.7.0 to 4.1.2
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2.7.0 to 4.1.2.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2.7.0...9bb56186c3b09b4f86b1c65136769dd318469633 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 15:33:13 +00:00
fc1ca00262
Merge pull request #4 from wneessen/dependabot/github_actions/github/codeql-action-3.24.8
...
Bump github/codeql-action from 2.24.8 to 3.24.8
2024-03-21 16:33:08 +01:00
f54f539549
Merge pull request #5 from wneessen/dependabot/github_actions/actions/setup-go-5.0.0
...
Bump actions/setup-go from 3.5.0 to 5.0.0
2024-03-21 16:32:47 +01:00
0fb013853b
Merge pull request #6 from wneessen/dependabot/github_actions/fsfe/reuse-action-3.0.0
...
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
2024-03-21 16:32:37 +01:00
77c67b4aeb
Merge pull request #7 from wneessen/dependabot/github_actions/golangci/golangci-lint-action-4.0.0
...
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
2024-03-21 16:32:26 +01:00
dependabot[bot]
3f4a9c23cc
Bump golangci/golangci-lint-action from 3.7.0 to 4.0.0
...
Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action ) from 3.7.0 to 4.0.0.
- [Release notes](https://github.com/golangci/golangci-lint-action/releases )
- [Commits](3a91952989...3cfe3a4abb
)
---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 15:31:34 +00:00
dependabot[bot]
4967c82d92
Bump fsfe/reuse-action from 1.3.0 to 3.0.0
...
Bumps [fsfe/reuse-action](https://github.com/fsfe/reuse-action ) from 1.3.0 to 3.0.0.
- [Release notes](https://github.com/fsfe/reuse-action/releases )
- [Commits](28cf8f33bc...a46482ca36
)
---
updated-dependencies:
- dependency-name: fsfe/reuse-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 15:31:31 +00:00
dependabot[bot]
08a58e25ad
Bump actions/setup-go from 3.5.0 to 5.0.0
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3.5.0 to 5.0.0.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](6edd4406fa...0c52d547c9
)
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 15:31:29 +00:00
dependabot[bot]
8d6a02c386
Bump github/codeql-action from 2.24.8 to 3.24.8
...
Bumps [github/codeql-action](https://github.com/github/codeql-action ) from 2.24.8 to 3.24.8.
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](https://github.com/github/codeql-action/compare/v2.24.8...05963f47d870e2cb19a537396c1f668a348c7d8f )
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-03-21 15:31:25 +00:00
4ab61a625e
Merge pull request #2 from step-security-bot/stepsecurity_remediation_1711034495
...
[StepSecurity] Apply security best practices
2024-03-21 16:30:56 +01:00
StepSecurity Bot
5897a4ece0
[StepSecurity] Apply security best practices
...
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
2024-03-21 15:21:39 +00:00
94bc56f032
Merge pull request #1 from wneessen/fix_workflows
...
Implement security improvements and workflow updates
2024-03-21 16:15:21 +01:00
5c41bef4dc
Remove CodeQL
2024-03-21 16:13:37 +01:00
df58859a4f
Update language matrix in codeql workflow
...
The language matrix in the .github/workflows/codeql.yml file has been updated to only include 'go'. This change removes the 'javascript-typescript' option to focus solely on Go code analysis and enhance the efficiency of the workflow process.
2024-03-21 16:10:38 +01:00
38661b29ae
Disable Autobuild and add new build commands in workflow
...
The Autobuild command in the .github/workflows/codeql.yml file has been commented out due to possible build failure. Instead, a new run command is added to manually build the application using Go. This change allows for more control and reliability on the build process.
2024-03-21 16:08:38 +01:00
ddc62a9a04
Add CC0-1.0 license and update workflow files
...
A new file, LICENSES/CC0-1.0.txt, has been created to provide the Creative Commons Zero v1.0 Universal license for the project. Additionally, SPDX headers specifying the MIT license and copyright details have been added to each of the GitHub workflow files, enhancing the clarity and compliance of the project's license utilization.
2024-03-21 16:02:13 +01:00
42e89bc2bb
Implement security improvements and workflow updates
...
Added SECURITY.md with details for vulnerability reporting and encryption. Introduced new workflows for dependency review, Scorecard supply-chain security, and CodeQL analysis. Made amendments to docker-publish.yml for better Docker build and publishing process. These enhancements are aimed towards improving the security stance and the efficiency of CI/CD workflows.
2024-03-21 15:47:46 +01:00
9ca1b16c03
Merge pull request 'Update project references to use GitHub repository' ( #2 ) from forgejo_to_gh into main
...
Reviewed-on: #2
2024-03-21 15:40:31 +01:00
a50ae7299c
Update project references to use GitHub repository
...
All project references have been updated to point to the appropriate routes for the GitHub repository, replacing the previously used paths to src.neessen.cloud. This includes changes in README.md, Dockerfile, go mod packaging as well as in the source code where required.
2024-03-21 15:39:31 +01:00
e11e5954e3
Update Go version in .golangci.toml
...
The Go version in the .golangci.toml has been updated from 1.20 to 1.22. This update ensures that our project stays up-to-date with the latest stable version of Go, providing new features and improvements.
2024-02-08 16:16:03 +01:00