Chen Xiong
91c9af7583
security: update Go version to 1.24.4 to fix CVE-2025-22874
...
- Updated go.mod to require Go 1.24.4 (minimum version)
- Updated GitHub workflows to use Go 1.24.4 instead of ^1.20
- Dockerfiles already using Go 1.24.4 (no changes needed)
- Fixes vulnerability CVE-2025-22874 in Go versions < 1.23.10, 1.24.4
2025-06-24 10:33:26 +08:00
dependabot[bot]
c7b14eacbd
Bump actions/setup-go from 4 to 5 ( #1894 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 4 to 5.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v4...v5 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-12-12 09:55:42 +11:00
dependabot[bot]
0a0182da13
Bump actions/checkout from 3 to 4 ( #1776 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 3 to 4.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-13 07:58:30 +10:00
dependabot[bot]
cbe84232a3
Bump actions/setup-go from 3 to 4 ( #1601 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 3 to 4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-03-18 14:22:25 +11:00
Mike Farah
f4e7203a55
Fix github action attempt
2023-02-11 23:50:47 +11:00
Mike Farah
5cb3c876fc
bump to go 1.20
2023-02-11 04:06:16 +11:00
Mike Farah
b1a40a9fb7
Bumped go compiler; bumped quality tools
2022-08-29 14:13:15 +10:00
dependabot[bot]
22a2ccfdf4
Bump actions/setup-go from 2 to 3 ( #1183 )
...
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 2 to 3.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-04-15 08:27:51 +10:00
Naveen
b1f77d975e
Set permissions for GitHub actions ( #1168 )
...
- Included permissions for the action. https://github.com/ossf/scorecard/blob/main/docs/checks.md#token-permissions
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#permissions
https://docs.github.com/en/actions/using-jobs/assigning-permissions-to-jobs
[Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests](https://securitylab.github.com/research/github-actions-preventing-pwn-requests/ )
Restrict the GitHub token permissions only to the required ones; this way, even if the attackers will succeed in compromising your workflow, they won’t be able to do much.
Signed-off-by: naveensrinivasan <172697+naveensrinivasan@users.noreply.github.com>
2022-04-09 14:55:43 +10:00
Mike Farah
3cd999bb87
Bumping to go1.18, bumping dev tools
2022-03-28 14:18:55 +11:00
dependabot[bot]
b1fee26a7f
Bump actions/checkout from 2 to 3 ( #1130 )
...
Bumps [actions/checkout](https://github.com/actions/checkout ) from 2 to 3.
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](https://github.com/actions/checkout/compare/v2...v3 )
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-03-10 13:43:36 +11:00
Mike Farah
01b4917f26
Debug github build
2022-01-27 14:22:01 +11:00
Mike Farah
bff4c9e586
Fixing bad label in github action
2021-11-10 13:27:55 +11:00
Mike Farah
69e1a9e468
add build check to PRs
2021-11-10 13:27:55 +11:00
Matthieu MOREL
e7d4dc9581
Update go.yml
2021-11-09 08:25:26 +11:00
dependabot[bot]
bf02a865bd
Bump actions/setup-go from 1 to 2.1.4
...
* Bump actions/setup-go from 1 to 2.1.4
Bumps [actions/setup-go](https://github.com/actions/setup-go ) from 1 to 2.1.4.
- [Release notes](https://github.com/actions/setup-go/releases )
- [Commits](https://github.com/actions/setup-go/compare/v1...v2.1.4 )
---
updated-dependencies:
- dependency-name: actions/setup-go
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Matthieu MOREL <mmorel-35@users.noreply.github.com>
2021-11-09 08:25:26 +11:00
Mike Farah
5972bb2f23
attempt to fix pipeline
2020-11-25 11:17:28 +11:00
Mike Farah
bb6f07d147
Use latest go-lang
2020-09-08 09:43:11 +10:00
Mike Farah
7dc3d62bb6
Attempt to fix github flow
2020-04-14 11:33:25 +10:00
Mike Farah
f68b24323e
Attempt to fix git workflow action
2020-04-14 11:18:45 +10:00
Mike Farah
3c36db9285
Split github actions pipeline
2020-04-14 09:22:38 +10:00
Mike Farah
605d6fab9b
Try newest golang version
2020-04-13 11:05:36 +10:00
Mike Farah
0d477841da
Show github build status
2020-02-26 21:13:39 +11:00
Mike Farah
125d04a75b
Attempt to fix git workflow
2020-02-26 11:03:05 +11:00
Mike Farah
954affea23
Create go.yml
2020-02-21 21:19:09 +11:00