From 86acf21019a116e76f9fe9634fec37528d90fd21 Mon Sep 17 00:00:00 2001 From: "F." Date: Sat, 17 Jan 2026 19:19:16 +0100 Subject: [PATCH] chore(deps,ci): upgrade Go 1.25.6, bump ewrap/sectools, harden gitleaks - Build/Tooling: - Upgrade Go toolchain to 1.25.6 across repo (go.mod, Makefile, .project-settings.env, pre-commit unit-test hook). - Dependencies: - Bump github.com/hyp3rd/ewrap to v1.3.7 and github.com/hyp3rd/sectools to v1.1.7 (update go.sum). - CI: - Add least-privilege permissions to gitleaks workflow (contents: read). - Limit push trigger to main; update actions/checkout to v6. No runtime code changes; keeps toolchain and CI current while tightening permissions. --- .github/workflows/gitleaks.yml | 7 +++++-- .pre-commit/unit-test-hook | 2 +- .project-settings.env | 2 +- Makefile | 2 +- go.mod | 6 +++--- go.sum | 8 ++++---- 6 files changed, 15 insertions(+), 12 deletions(-) diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index a06154f..b71a776 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -1,18 +1,21 @@ --- name: gitleaks +permissions: + contents: read on: pull_request: push: + branches: [main] workflow_dispatch: schedule: - # run once a day at 4 AM UTC + # run once a day at 4 AM - cron: "0 4 * * *" jobs: scan: name: gitleaks runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - uses: gitleaks/gitleaks-action@v2 diff --git a/.pre-commit/unit-test-hook b/.pre-commit/unit-test-hook index a3d80df..ae2a4e9 100755 --- a/.pre-commit/unit-test-hook +++ b/.pre-commit/unit-test-hook @@ -21,7 +21,7 @@ hook() { local root_dir root_dir=$(git rev-parse --show-toplevel) - local toolchain_version="1.25.5" + local toolchain_version="1.25.6" if [[ -f "${root_dir}/.project-settings.env" ]]; then # shellcheck disable=SC1090 source "${root_dir}/.project-settings.env" diff --git a/.project-settings.env b/.project-settings.env index c20586b..9377da4 100644 --- a/.project-settings.env +++ b/.project-settings.env @@ -1,5 +1,5 @@ GOLANGCI_LINT_VERSION=v2.8.0 BUF_VERSION=v1.63.0 -GO_VERSION=1.25.5 +GO_VERSION=1.25.6 GCI_PREFIX=github.com/hyp3rd/hypercache PROTO_ENABLED=true diff --git a/Makefile b/Makefile index d6103e6..7cf0805 100644 --- a/Makefile +++ b/Makefile @@ -2,7 +2,7 @@ include .project-settings.env GOLANGCI_LINT_VERSION ?= v2.7.2 BUF_VERSION ?= v1.61.0 -GO_VERSION ?= 1.25.5 +GO_VERSION ?= 1.25.6 GCI_PREFIX ?= github.com/hyp3rd/hypercache PROTO_ENABLED ?= true diff --git a/go.mod b/go.mod index 05a2bbc..7e67382 100644 --- a/go.mod +++ b/go.mod @@ -1,13 +1,13 @@ module github.com/hyp3rd/hypercache -go 1.25.5 +go 1.25.6 require ( github.com/cespare/xxhash/v2 v2.3.0 github.com/goccy/go-json v0.10.5 github.com/gofiber/fiber/v3 v3.0.0-rc.3 - github.com/hyp3rd/ewrap v1.3.5 - github.com/hyp3rd/sectools v1.1.6 + github.com/hyp3rd/ewrap v1.3.7 + github.com/hyp3rd/sectools v1.1.7 github.com/longbridgeapp/assert v1.1.0 github.com/redis/go-redis/v9 v9.17.2 github.com/shamaton/msgpack/v2 v2.4.0 diff --git a/go.sum b/go.sum index e79ab93..bd54b84 100644 --- a/go.sum +++ b/go.sum @@ -28,10 +28,10 @@ github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8= github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU= github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0= github.com/google/uuid v1.6.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= -github.com/hyp3rd/ewrap v1.3.5 h1:qXnWrmTQEt6zeSap5I/c047GSFlq3L8zIxiqdB1W7MU= -github.com/hyp3rd/ewrap v1.3.5/go.mod h1:Nf6m8teevefjvr3ejK47ofL4F05cKpMMGxt3TFIC+B8= -github.com/hyp3rd/sectools v1.1.6 h1:7g9mh4qiit8snvwgjryHxVNDCcpeQ0C4/qPJbFs23Gg= -github.com/hyp3rd/sectools v1.1.6/go.mod h1:9PBVgZP4rifD8rAs+5OGtQfg5U3fVwN1W4eUgnh1W64= +github.com/hyp3rd/ewrap v1.3.7 h1:3uS7osww2dHI/08/rihGdtEzaSSgdtH4l9HubtMe6Io= +github.com/hyp3rd/ewrap v1.3.7/go.mod h1:9IhBgb6LhJDrgVNdx4vZ9SIw6eXxiopjZb2HvbG8pgA= +github.com/hyp3rd/sectools v1.1.7 h1:K19cHdyzJk89oJ3lxxZU7r+9Gn0J61El7vBvySn+WqE= +github.com/hyp3rd/sectools v1.1.7/go.mod h1:wvgPFv52qssfXEx07FUHSmLRpG1fSaeffdwEbRE0PV8= github.com/klauspost/compress v1.18.3 h1:9PJRvfbmTabkOX8moIpXPbMMbYN60bWImDDU7L+/6zw= github.com/klauspost/compress v1.18.3/go.mod h1:R0h/fSBs8DE4ENlcrlib3PsXS61voFxhIs2DeRhCvJ4= github.com/longbridgeapp/assert v1.1.0 h1:L+/HISOhuGbNAAmJNXgk3+Tm5QmSB70kwdktJXgjL+I=