project updates pre release 0.8 #33
Conversation
Upgrade project to support the latest two version of golang. Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Update to latest golang version (2025-08-12). Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Upgrade to latest golangci-lint version. Signed-off-by: Shachar Sharon <ssharon@redhat.com>
Use latest github actions: setup-go@v6 and checkout@v5. Signed-off-by: Shachar Sharon <ssharon@redhat.com>
.github/workflows/main.yml
Outdated
| runs-on: ubuntu-latest | ||
| steps: | ||
| - uses: actions/setup-go@v5 | ||
| - uses: actions/setup-go@v6 |
There was a problem hiding this comment.
This is fine, I'm happy to approve - however some projects have been switching to use hashes to be me more secure against possible future malicious versions:
https://docs.github.com/en/actions/reference/security/secure-use#using-third-party-actions
Since you're touching a lot of these now it might be worth adopting that practice too, but I won't insist on it at this time.
There was a problem hiding this comment.
Interesting -- I was not aware. Will dig into it and see how it goes...
There was a problem hiding this comment.
I pushed another commit with explicit git-hash instead of tags. Not sure if this is the proper/recommended way. @phlogistonjohn WDYT ?
There was a problem hiding this comment.
It looks fine to me.
Switching to explicit hash; be more secure against possible future malicious versions[1]. [1] https://docs.github.com/en/actions/reference/ security/secure-use#using-third-party-actions Signed-off-by: Shachar Sharon <ssharon@redhat.com>
3 participants
Get ready for next release by updating to most recent golang and relevant tools.