core/go - Forgejo: Beyond coding. We Forge.

core/go

Fork 0

generated from lthn/LEM

Commit graph

Author	SHA1	Message	Date
Snider	0435613a31	chore(deps): update GitHub Actions and Go modules (#73 ) GitHub Actions: - actions/checkout v4 → v6 - actions/upload-artifact v4 → v6 - github/codeql-action v3 → v4 - arduino/setup-task v1 → v2 Go modules: - golang.org/x/mod v0.31.0 → v0.32.0 - golang.org/x/exp updated - aead.dev/minisign v0.2.0 → v0.3.0 - github.com/go-openapi/jsonpointer v0.21.0 → v0.22.4 - github.com/go-openapi/swag v0.23.0 → v0.25.4 - github.com/google/jsonschema-go v0.3.0 → v0.4.2 - github.com/mailru/easyjson v0.9.0 → v0.9.1 - github.com/tidwall/match v1.1.1 → v1.2.0 - github.com/woodsbury/decimal128 v1.3.0 → v1.4.0 Also fixed fmt.Errorf with non-constant format string in security package. Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 06:46:54 +00:00
Snider	3c9bbb0b64	feat(security): add core security command for vulnerability alerts (#66 ) * feat(security): add core security command for vulnerability alerts Adds `core security` command area to expose GitHub security data: - `core security alerts` - aggregated view of all security alerts - `core security deps` - Dependabot vulnerability alerts with upgrade paths - `core security scan` - CodeQL and code scanning alerts - `core security secrets` - secret scanning alerts Features: - Filter by --repo, --severity (critical,high,medium,low) - JSON output with --json for AI agent consumption - Aggregated summary with severity breakdown - Shows patched versions for easy upgrades Closes #48 Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(security): address CodeRabbit review feedback - Remove unused flattened fields from DependabotAlert struct - Add Unknown field to AlertSummary for unrecognized severities - Add doc comments for exported Add and String methods - Use cli.Wrap for contextual error wrapping - Fix secret scanning summary counting after filter - Remove unused --vulnerable flag from deps command - Fix JSON output to only include open alerts in secrets command Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> * fix(security): handle json.MarshalIndent errors Address CodeRabbit review feedback by properly handling errors from json.MarshalIndent in all security subcommands instead of ignoring them. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com> --------- Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-01 06:04:21 +00:00

Author

SHA1

Message

Date

Snider

0435613a31

chore(deps): update GitHub Actions and Go modules (#73 )

GitHub Actions:
- actions/checkout v4 → v6
- actions/upload-artifact v4 → v6
- github/codeql-action v3 → v4
- arduino/setup-task v1 → v2

Go modules:
- golang.org/x/mod v0.31.0 → v0.32.0
- golang.org/x/exp updated
- aead.dev/minisign v0.2.0 → v0.3.0
- github.com/go-openapi/jsonpointer v0.21.0 → v0.22.4
- github.com/go-openapi/swag v0.23.0 → v0.25.4
- github.com/google/jsonschema-go v0.3.0 → v0.4.2
- github.com/mailru/easyjson v0.9.0 → v0.9.1
- github.com/tidwall/match v1.1.1 → v1.2.0
- github.com/woodsbury/decimal128 v1.3.0 → v1.4.0

Also fixed fmt.Errorf with non-constant format string in security package.

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-01 06:46:54 +00:00

Snider

3c9bbb0b64

feat(security): add core security command for vulnerability alerts (#66 )

* feat(security): add core security command for vulnerability alerts

Adds `core security` command area to expose GitHub security data:
- `core security alerts` - aggregated view of all security alerts
- `core security deps` - Dependabot vulnerability alerts with upgrade paths
- `core security scan` - CodeQL and code scanning alerts
- `core security secrets` - secret scanning alerts

Features:
- Filter by --repo, --severity (critical,high,medium,low)
- JSON output with --json for AI agent consumption
- Aggregated summary with severity breakdown
- Shows patched versions for easy upgrades

Closes #48

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* fix(security): address CodeRabbit review feedback

- Remove unused flattened fields from DependabotAlert struct
- Add Unknown field to AlertSummary for unrecognized severities
- Add doc comments for exported Add and String methods
- Use cli.Wrap for contextual error wrapping
- Fix secret scanning summary counting after filter
- Remove unused --vulnerable flag from deps command
- Fix JSON output to only include open alerts in secrets command

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

* fix(security): handle json.MarshalIndent errors

Address CodeRabbit review feedback by properly handling errors from
json.MarshalIndent in all security subcommands instead of ignoring them.

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>

---------

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>

2026-02-01 06:04:21 +00:00

2 commits