mirror of
https://github.com/lunchcat/sif.git
synced 2026-06-12 19:11:25 -07:00
vmfunc
83702e9a41
- add golangci-lint job to go.yml (parallel with build+test) - add Go 1.23/1.24 version matrix, coverage only on 1.24 - upgrade setup-go@v4 to v5, codecov@v4 to v5 across all workflows - fix check-large-files bug (find|while never exits 1), exclude .git/ - add concurrency groups to push+PR workflows (no duplicate runs) - lowercase all workflow names to match project voice - add gosec, errorlint, gocognit, nilnil, wastedassign, usetesting linters - remove deprecated exportloopref (Go 1.22 fixed loop var capture) - new: govulncheck.yml - Go vuln scanner with call-graph analysis - new: scorecard.yml - OpenSSF supply chain scorecard - new: dependabot.yml - auto-update Go deps + Actions versions - release: SHA256 checksums + SBOM generation for all artifacts - add CODEOWNERS
18 lines
310 B
YAML
18 lines
310 B
YAML
version: 2
|
|
updates:
|
|
- package-ecosystem: gomod
|
|
directory: /
|
|
schedule:
|
|
interval: weekly
|
|
open-pull-requests-limit: 5
|
|
labels:
|
|
- deps
|
|
|
|
- package-ecosystem: github-actions
|
|
directory: /
|
|
schedule:
|
|
interval: weekly
|
|
open-pull-requests-limit: 5
|
|
labels:
|
|
- deps
|