Skip to content

Releases: x448/safer-golangci-lint

v1.59.1

30 Aug 16:14
c1e26ef
Compare
Choose a tag to compare

What's Changed

  • Bump golangci-lint to 1.59.1 by @x448 in #15

Full Changelog: v1.56.2...v1.59.1

v1.56.2

25 Aug 19:39
0baf73e
Compare
Choose a tag to compare

What's Changed

  • Bump golangci-lint to 1.56.2 by @x448 in #13
  • Update README.md for 1.56.2 by @x448 in #14

Full Changelog: v1.54.2...v1.56.2

v1.54.2

20 Feb 14:22
8505474
Compare
Choose a tag to compare

What's Changed

  • Bump golangci-lint to 1.54.2 by @x448 in #11

Full Changelog: v1.53.3...v1.54.2

v1.53.3

25 Jun 16:53
f61c178
Compare
Choose a tag to compare

What's Changed

  • Bump golangci-lint to 1.53.3 by @x448 in #9

Full Changelog: v1.52.2...v1.53.3

v1.52.2

15 May 01:51
891adbe
Compare
Choose a tag to compare

What's Changed

  • Update safer-golangci-lint.yml for 1.52.2 by @x448 in #8
    • Bump golangci-lint to 1.52.2.
    • Bump Go to '1.20' (quotes needed to avoid GitHub bug).
    • Bump actions/setup-go to v4.
    • Update README.md.

Full Changelog: v1.51.2...v1.52.2

v1.51.2

20 Feb 06:14
a6e9854
Compare
Choose a tag to compare

Bump golangci-lint to 1.51.2.

v1.51.1

05 Feb 21:52
8502ef6
Compare
Choose a tag to compare

This release bumps golangci-lint to 1.51.1 and Go to 1.19.x.

v1.50.1

19 Dec 04:45
0c3fa52
Compare
Choose a tag to compare

What's Changed

  • Bump golangci-lint to 1.50.1 by @x448 in #6

Full Changelog: v1.49.0...v1.50.1

v1.49.0 (September 18, 2022)

18 Sep 19:50
ace61ff
Compare
Choose a tag to compare

safer-golangci-lint.yml downloads, verifies, and runs golangci-lint in a deterministic, easy to audit, and safe manner. It exists to help avoid incidents similar to Codecov Bash Script Supply Chain Attack.

This self-contained workflow file is safer than executing unverified output of curl. It's easier to audit than golangci-lint-action which has at least 9 TypeScript files and extra features that isn't needed by all projects.

Changes:

  • Bump golangci-lint to 1.49.0
  • Bump Go to 1.19 (latest version of 1.19.x because check-latest: true).
  • Put Go version in environment variable GO_VERSION.
  • Increase timeout to 15m for big projects enabling more linters.
  • Use SHA-256 to verify (instead of SHA-384) and mention checksums file.
  • Update README.

Thanks @fxamacker for reviewing this release during your busy Sunday. This workflow is used by her popular CBOR codec.

Cheers!
@x448

v1.46.2 (May 19, 2022)

20 May 12:43
a225f77
Compare
Choose a tag to compare

Changes:

  • Bump golangci-lint to 1.46.2.
  • Remove default permissions at top level and grant only read permission in the job.
  • actions/setup-go uses check-latest: true
  • Add workflow_dispatch.
  • Tidy some comments.

Checksums

  • SHA-256 of golangci-lint-1.42.0-linux-amd64.tar.gz is 242cd4f2d6ac0556e315192e8555784d13da5d1874e51304711570769c4f2b9b
  • SHA-384 of golangci-lint-1.42.0-linux-amd64.tar.gz is 60ade95e447f8c9a2dfc507c271c2ff41a0e0856f077bf2f734bcd80dd8268addf8cf1625c3e47a6516eb14f23423315
  • SHA-384 of safer-golangci-lint.yml (v1.46.2) is
    61b3abc35547b1bc662fec29e3bd72c294af0dee618dbbf6e70032bf2ee38487b9adab9793770f3405fec0da81f57733