repo overhaul + security updates#126
Open
butlergroup wants to merge 33 commits intocaddy-dns:masterfrom
Open
Conversation
new file: .github/ISSUE_TEMPLATE/feature_request.md modified: .github/workflows/continuous-integration.yml new file: .github/workflows/defender-for-devops.yml new file: .github/workflows/osv-scanner.yml new file: .github/workflows/scorecard.yml modified: Dockerfile modified: README.md modified: go.mod modified: go.sum
new file: CONTRIBUTING.md modified: README.md new file: SECURITY.md new file: code-of-conduct.md new file: privacy-policy.md new file: terms-of-service.md
Updated Dependabot configuration to enable daily updates for gomod, Docker, and GitHub Actions.
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 7.0.0. - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@4cec3d8...bbbca2d) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.3. - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@f49aabe...4eaacf0) --- updated-dependencies: - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) from 3 to 4. - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3...v4) --- updated-dependencies: - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6 to 7. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v6...v7) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/setup-dotnet](https://github.com/actions/setup-dotnet) from 4 to 5. - [Release notes](https://github.com/actions/setup-dotnet/releases) - [Commits](actions/setup-dotnet@v4...v5) --- updated-dependencies: - dependency-name: actions/setup-dotnet dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ons/setup-dotnet-5 Bump actions/setup-dotnet from 4 to 5
…er/build-push-action-7 Bump docker/build-push-action from 6 to 7
…er/setup-buildx-action-4 Bump docker/setup-buildx-action from 3 to 4
…/scorecard-action-2.4.3 Bump ossf/scorecard-action from 2.4.1 to 2.4.3
…ons/upload-artifact-7.0.0 Bump actions/upload-artifact from 4.6.1 to 7.0.0
modified: .github/workflows/osv-scanner.yml modified: README.md
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6. - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v4...v6) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [docker/login-action](https://github.com/docker/login-action) from 3 to 4. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3...v4) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3 to 4. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [microsoft/security-devops-action](https://github.com/microsoft/security-devops-action) from 1.6.0 to 1.12.0. - [Release notes](https://github.com/microsoft/security-devops-action/releases) - [Commits](microsoft/security-devops-action@v1.6.0...v1.12.0) --- updated-dependencies: - dependency-name: microsoft/security-devops-action dependency-version: 1.12.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 5. - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v3...v5) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ions/cache-5 Bump actions/cache from 3 to 5
…rosoft/security-devops-action-1.12.0 Bump microsoft/security-devops-action from 1.6.0 to 1.12.0
…ub/codeql-action-4 Bump github/codeql-action from 3 to 4
…er/login-action-4 Bump docker/login-action from 3 to 4
…ons/checkout-6 Bump actions/checkout from 4 to 6
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5 to 6. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5...v6) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
…ions/setup-go-6 Bump actions/setup-go from 5 to 6
….yml Bumps [google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml](https://github.com/google/osv-scanner-action) from 2.3.3 to 2.3.5. - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@c5996e0...c518547) --- updated-dependencies: - dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…-pr.yml Bumps [google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml](https://github.com/google/osv-scanner-action) from 2.3.3 to 2.3.5. - [Release notes](https://github.com/google/osv-scanner-action/releases) - [Commits](google/osv-scanner-action@c5996e0...c518547) --- updated-dependencies: - dependency-name: google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml dependency-version: 2.3.5 dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com>
…gle/osv-scanner-action/dot-github/workflows/osv-scanner-reusable-pr.yml-2.3.5 Bump google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml from 2.3.3 to 2.3.5
…gle/osv-scanner-action/dot-github/workflows/osv-scanner-reusable.yml-2.3.5 Bump google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml from 2.3.3 to 2.3.5
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
modified Dockerfile to use alpine:latest and upgrade zlib to address CVE-2026-22184
updated go.mod dependencies to latest and to use latest Go version (1.26.1)
updated CI workflow with permission and concurrency settings
updated CI workflow to use latest Go version (1.26.1)
added code-of-conduct.md
added PULL_REQUEST_TEMPLATE.md
added SECURITY.md
added privacy-policy.md
added terms-of-service.md
added issue templates
added Microsoft Defender For Devops workflow
added OSV-Scanner workflow
added Scorecard supply-chain security workflow
added badges in README.md for all workflows
Tests pass!
Recommend enabling CodeQL from the repo settings tab and Dependabot from the security tab for additional visibility into potential issues with code/dependencies
Lastly: shameless plug for my forked Caddy Kubernetes Ingress Controller since it doesn't seem to be maintained