diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index c13915d..688d742 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -34,7 +34,6 @@ jobs: - name: Run GoReleaser uses: goreleaser/goreleaser-action@v6 with: - version: latest args: release env: GITHUB_TOKEN: ${{ github.token }} diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml new file mode 100644 index 0000000..77f27d3 --- /dev/null +++ b/.github/workflows/security.yml @@ -0,0 +1,51 @@ +--- +name: Security Checks +on: + pull_request: + branches: [main] + push: + branches: [main] + schedule: + - cron: '0 15 * * 0' + +permissions: + contents: read + actions: read + pull-requests: read + security-events: write + +jobs: + gosec: + name: Golang Security Checker + runs-on: ubuntu-24.04 + steps: + - name: Checkout Source + uses: actions/checkout@v6 + - name: Run Gosec Security Scanner + uses: securego/gosec@v2.22.11 + with: + args: '-no-fail -fmt sarif -out results.sarif -tests ./...' + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v4 + with: + sarif_file: results.sarif + govulncheck: + name: Govulncheck + runs-on: ubuntu-24.04 + steps: + - uses: actions/checkout@v6 + - name: Setup Go + uses: actions/setup-go@v6 + with: + go-version-file: go.mod + - id: govulncheck + uses: arnested/govulncheck-action@main + with: + output-format: sarif + output-file: results.sarif + setup-go: false + repo-checkout: false + - name: Upload SARIF file + uses: github/codeql-action/upload-sarif@v4 + with: + sarif_file: results.sarif diff --git a/.goreleaser.yml b/.goreleaser.yml index b1e4fe2..e7650ee 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -1,9 +1,16 @@ --- +version: 2 builds: - env: - CGO_ENABLED=0 + mod_timestamp: "{{ .CommitTimestamp }}" + flags: + - -trimpath + ldflags: + - -s -w -X main.version={{.Version}} -X main.commit={{.Commit}} -X main.date={{ .CommitDate }} archives: - - format: binary + - formats: + - binary name_template: >- {{ .ProjectName }}_ {{- if eq .Os "linux" }}Linux @@ -14,7 +21,7 @@ archives: checksum: name_template: 'checksums.txt' snapshot: - name_template: "{{ .Tag }}-next" + version_template: "{{ .Tag }}-next" changelog: sort: asc filters: diff --git a/LICENSE b/LICENSE.md similarity index 93% rename from LICENSE rename to LICENSE.md index 4fc147f..bebec4b 100644 --- a/LICENSE +++ b/LICENSE.md @@ -1,6 +1,7 @@ MIT License +=========== -Copyright (c) 2017, 2018 Arne Jørgensen +Copyright (c) 2017, 2018, 2022, 2024, 2025 Arne Jørgensen Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal diff --git a/go.mod b/go.mod index 919144b..ef9433e 100644 --- a/go.mod +++ b/go.mod @@ -14,6 +14,6 @@ require ( github.com/cpuguy83/go-md2man/v2 v2.0.7 // indirect github.com/google/go-querystring v1.1.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect - github.com/shopspring/decimal v1.3.1 // indirect - github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 // indirect + github.com/shopspring/decimal v1.4.0 // indirect + github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 // indirect ) diff --git a/go.sum b/go.sum index d9d0c3a..317d67b 100644 --- a/go.sum +++ b/go.sum @@ -14,14 +14,14 @@ github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZb github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= -github.com/shopspring/decimal v1.3.1 h1:2Usl1nmF/WZucqkFZhnfFYxxxu8LG21F6nPQBE5gKV8= -github.com/shopspring/decimal v1.3.1/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o= +github.com/shopspring/decimal v1.4.0 h1:bxl37RwXBklmTi0C79JfXCEBD1cqqHt0bbgBAGFp81k= +github.com/shopspring/decimal v1.4.0/go.mod h1:gawqmDU56v4yIKSwfBSFip1HdCCXN8/+DMd9qYNcwME= github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= github.com/urfave/cli/v2 v2.27.7 h1:bH59vdhbjLv3LAvIu6gd0usJHgoTTPhCFib8qqOwXYU= github.com/urfave/cli/v2 v2.27.7/go.mod h1:CyNAG/xg+iAOg0N4MPGZqVmv2rCoP267496AOXUZjA4= -github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1 h1:gEOO8jv9F4OT7lGCjxCBTO/36wtF6j2nSip77qHd4x4= -github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM= +github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342 h1:FnBeRrxr7OU4VvAzt5X7s6266i6cSVkkFPS0TuXWbIg= +github.com/xrash/smetrics v0.0.0-20250705151800-55b8f293f342/go.mod h1:Ohn+xnUBiLI6FVj/9LpzZWtj1/D6lUovWYBkxHVV3aM= golang.org/x/net v0.48.0 h1:zyQRTTrjc33Lhh0fBgT/H3oZq9WuvRR5gPC70xpDiQU= golang.org/x/net v0.48.0/go.mod h1:+ndRgGjkh8FGtu1w1FGbEC31if4VrNVMuKTgcAAnQRY= golang.org/x/oauth2 v0.34.0 h1:hqK/t4AKgbqWkdkcAeI8XLmbK+4m4G5YeQRrmiotGlw=