Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore: update deps and improve ci #291

Merged
merged 7 commits into from
Dec 9, 2024
Merged

chore: update deps and improve ci #291

merged 7 commits into from
Dec 9, 2024

Conversation

06kellyjac
Copy link
Member

@06kellyjac 06kellyjac commented Dec 9, 2024
edited
Loading

  • chore(deps): group dependabot prs and offset
  • chore: init submodules properly
  • chore: ensure go test -race is called with CGO_ENABLED=1
  • chore: use official govulncheck-action and upload results
  • chore(deps): update go dependencies
  • chore(deps): bump bats submodules

All Submissions.

Code Submissions.

  • Does your submission pass linting, tests, and security analysis?

Changes to Core Features.

  • Have you added an explanation of what your changes do and why you'd like us to include them?
  • Have you written new tests for your core changes, as applicable?

@06kellyjac 06kellyjac requested a review from wakeward as a code owner December 9, 2024 14:06
@06kellyjac
chore(deps): group dependabot prs and offset
42d6f4d 
Group PRs from dependabot to reduce notification and maintenance fatigue
Offset the timers just to avoid peak times
@06kellyjac
chore: init submodules properly
b36ee69
@06kellyjac
chore: ensure go test -race is called with CGO_ENABLED=1
2ec97ee 
`-race` requires `CGO_ENABLED=1`
@06kellyjac
chore: use official govulncheck-action and upload results
4a11bde 
Use official govulncheck-action
Upload sarif results to show findings
Add permission to upload new and existing CodeQL results
Filter only on go paths for go security checks
@06kellyjac
chore(deps): update go dependencies
1e5d95a
@06kellyjac
chore(deps): bump bats submodules
42a35a4
@06kellyjac
chore: fix govulncheck sarif output
b62f744 
On a successful run of govulncheck it doesn't produce any runs entries
@github-advanced-security
Copy link

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

wakeward
wakeward approved these changes Dec 9, 2024
View reviewed changes
Copy link
Collaborator

@wakeward wakeward left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@06kellyjac 06kellyjac merged commit 38a4274 into master Dec 9, 2024
8 checks passed
@06kellyjac 06kellyjac deleted the cleanup branch December 9, 2024 15:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wakeward wakeward wakeward approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@06kellyjac @wakeward