docs: note gitea gosec action source fix
This commit is contained in:
Micheal Wilkinson
@@ -16,6 +16,7 @@ A `### Breaking` section is used in addition to Keep a Changelog's standard sect
|
|||||||
### Changed
|
### Changed
|
||||||
|
|
||||||
- CI security scanning now uses GitHub Marketplace actions (`secureCodeBox/gosec-action` and `golang/govulncheck-action`) instead of manual tool installation, improving reliability and caching.
|
- CI security scanning now uses GitHub Marketplace actions (`secureCodeBox/gosec-action` and `golang/govulncheck-action`) instead of manual tool installation, improving reliability and caching.
|
||||||
|
- CI setup compatibility fix: gosec scanner now references the correct public action source (`securego/gosec`), resolving action clone failures in Gitea runners.
|
||||||
- Code formatting validation added to CI pipelines: pushes and pull requests with code not matching `go fmt ./...` output will be rejected.
|
- Code formatting validation added to CI pipelines: pushes and pull requests with code not matching `go fmt ./...` output will be rejected.
|
||||||
- Dependencies updated to resolve security vulnerabilities: `cloudflare/circl` to v1.6.3, `go-git/v5` to v5.17.0, `golang.org/x/crypto` to v0.49.0, and `golang.org/x/net` to v0.52.0.
|
- Dependencies updated to resolve security vulnerabilities: `cloudflare/circl` to v1.6.3, `go-git/v5` to v5.17.0, `golang.org/x/crypto` to v0.49.0, and `golang.org/x/net` to v0.52.0.
|
||||||
- CI workflows now include explicit caching for Go modules and build artifacts to reduce pipeline execution time.
|
- CI workflows now include explicit caching for Go modules and build artifacts to reduce pipeline execution time.
|
||||||
|
|||||||
Reference in New Issue
Block a user