core/cli
8
0
Fork 0
Code Issues 1 Pull requests Projects Releases Packages Wiki Activity Actions
838 commits 4 branches 6 tags 352 MiB
Commit graph

3 commits

Author SHA1 Message Date
Snider
6292fa2c77 fix(ci): harden security scan and Dockerfiles 
- Upgrade Go to 1.26, FrankenPHP to v1.11.2 (CVE-2026-24894)
- Add non-root USER to all Dockerfiles (Trivy misconfig)
- Upgrade gitleaks to v8.24.3 with arch detection

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-21 20:51:14 +00:00
Snider
4163aedec1 fix(ci): pin gitleaks version and harden install step
Some checks failed
Security Scan / Secret Detection (push) Successful in 12s
Details
Security Scan / Go Vulnerability Check (push) Failing after 2m21s
Details
Security Scan / Dependency & Config Scan (push) Failing after 21s
Details 
The gitleaks install was fragile: depended on GitHub API (rate limits),
jq being present, and hardcoded x64 arch. Now pins v8.24.3, detects
arch, uses curl -f for proper error handling, and verifies install.

Co-Authored-By: Virgil <virgil@lethean.io>
 2026-02-21 19:50:28 +00:00
Claude
b74f8264d3 feat: add Woodpecker CI pipeline and workspace improvements (#1) 
Co-authored-by: Claude <developers@lethean.io>
Co-committed-by: Claude <developers@lethean.io>
 2026-02-08 13:25:06 +00:00