d-b.ca/smtprelay
2
0
Fork 0
forked from drew/smtprelay
Code Pull Requests Activity
393 Commits 3 Branches 17 Tags
843c02aa0e970a2583294d18faeb782779dee8d8
Commit Graph

393 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
dependabot[bot]
843c02aa0e build(deps): Bump github/codeql-action from 3.29.3 to 3.29.4 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.3 to 3.29.4.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](d6bbdef45e...4e828ff8d4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-24 22:47:29 +02:00
dependabot[bot]
fcc77af3bc build(deps): Bump github/codeql-action from 3.29.2 to 3.29.3 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.2 to 3.29.3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](181d5eefc2...d6bbdef45e)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-21 19:02:50 +02:00
dependabot[bot]
67bccd6fd8 build(deps): Bump step-security/harden-runner from 2.12.2 to 2.13.0 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.2 to 2.13.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](6c439dc8bd...ec9f2d5744)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.13.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-17 09:56:29 +02:00
dependabot[bot]
8f12438b5a build(deps): Bump golang.org/x/crypto from 0.39.0 to 0.40.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.39.0 to 0.40.0.
- [Commits](https://github.com/golang/crypto/compare/v0.39.0...v0.40.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.40.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-12 22:52:23 +02:00
dependabot[bot]
5b7a8ea783 build(deps): Bump github/codeql-action from 3.29.1 to 3.29.2 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.1 to 3.29.2.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](39edc492db...181d5eefc2)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-07-02 17:07:26 +02:00
dependabot[bot]
b715e23541 build(deps): Bump step-security/harden-runner from 2.12.1 to 2.12.2 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.1 to 2.12.2.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](002fdce3c6...6c439dc8bd)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.12.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-30 17:53:57 +02:00
dependabot[bot]
4e1cfa7bc6 build(deps): Bump github/codeql-action from 3.29.0 to 3.29.1 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.0 to 3.29.1.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](ce28f5bb42...39edc492db)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-30 17:53:24 +02:00
dependabot[bot]
9f7aa1719e build(deps): Bump step-security/harden-runner from 2.12.0 to 2.12.1 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.12.0 to 2.12.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](0634a2670c...002fdce3c6)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.12.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-12 22:12:59 +02:00
dependabot[bot]
692c1bd3ac build(deps): Bump github/codeql-action from 3.28.19 to 3.29.0 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.19 to 3.29.0.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](fca7ace96b...ce28f5bb42)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.29.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-12 22:12:18 +02:00
dependabot[bot]
638f6558cc build(deps): Bump golang.org/x/crypto from 0.38.0 to 0.39.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.38.0 to 0.39.0.
- [Commits](https://github.com/golang/crypto/compare/v0.38.0...v0.39.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.39.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-06 21:48:53 +02:00
Bernhard Froehlich
085052b96a smtp: ignore HELO error in QUIT 
Merge from net/smtp/smtp.go

Obtained from:	2ef8e41f9543478a51a0147a735e4415737de09f
v1.12.0 		2025-06-04 18:08:38 +00:00
Bernhard Froehlich
2753d3670d smtp: fix calls to Printf(s) with non constant format 
Merge from net/smtp/smtp.go

Obtained from:	bf91eb3a8bb057a620f3823e4d6b74a529c0a44d
 2025-06-04 18:05:52 +00:00
Bernhard Froehlich
68ddb8cbc0 smtp: add available godoc link 
Merge from net/smtp/smtp.go

Obtained from:	1d45a7ef560a76318ed59dfdb178cecd58caf948
 2025-06-04 18:03:51 +00:00
Bernhard Froehlich
0b6eff0eeb smtp: add missing periods in comments 
Merge from net/smtp/smtp.go

Obtained from:	b2faff18ce28edad98303d2c3134dec1331fd7b5
 2025-06-04 17:59:02 +00:00
Bernhard Froehlich
51ed156dad Remove cmd/hasher for bcrypt. 
There are enough tools available as a replacement. You will find
one that suits you.
 2025-06-04 17:41:07 +00:00
Bernhard Froehlich
d4aedd2453 ci: Bump to Go 1.24 2025-06-04 17:38:21 +00:00
dependabot[bot]
47361c9df0 build(deps): Bump github/codeql-action from 3.28.18 to 3.28.19 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.18 to 3.28.19.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](ff0a06e83c...fca7ace96b)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-04 19:10:55 +02:00
dependabot[bot]
ab9ddfc8aa build(deps): Bump ossf/scorecard-action from 2.4.1 to 2.4.2 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.1 to 2.4.2.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](f49aabe0b5...05b42c6244)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-06-03 12:21:43 +02:00
dependabot[bot]
e722c8288e build(deps): Bump actions/dependency-review-action from 4.7.0 to 4.7.1 
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.7.0 to 4.7.1.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](38ecb5b593...da24556b54)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 4.7.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-16 15:01:03 +02:00
dependabot[bot]
c42bc9b3bb build(deps): Bump github/codeql-action from 3.28.17 to 3.28.18 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.17 to 3.28.18.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](60168efe1c...ff0a06e83c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-16 15:00:35 +02:00
Stefan Walluhn
cafbc78e74 set transient response code on potential temporary error conditions 2025-05-16 14:58:33 +02:00
dependabot[bot]
d20e3d201c build(deps): Bump actions/dependency-review-action from 4.6.0 to 4.7.0 
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.6.0 to 4.7.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](ce3cf9537a...38ecb5b593)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 4.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-11 07:40:05 +02:00
dependabot[bot]
11696737ee build(deps): Bump actions/setup-go from 5.4.0 to 5.5.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.4.0 to 5.5.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](0aaccfd150...d35c59abb0)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-version: 5.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-11 07:39:37 +02:00
dependabot[bot]
cc8d678e18 build(deps): Bump golang.org/x/crypto from 0.37.0 to 0.38.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.37.0 to 0.38.0.
- [Commits](https://github.com/golang/crypto/compare/v0.37.0...v0.38.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.38.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-11 07:39:06 +02:00
dependabot[bot]
2a6a0ef76d build(deps): Bump github/codeql-action from 3.28.16 to 3.28.17 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.16 to 3.28.17.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](28deaeda66...60168efe1c)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.17
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-05-11 07:38:19 +02:00
dependabot[bot]
dfdefc5e7d build(deps): Bump github/codeql-action from 3.28.15 to 3.28.16 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.15 to 3.28.16.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](45775bd823...28deaeda66)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.16
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-25 17:00:15 +02:00
dependabot[bot]
3c4f79dc89 build(deps): Bump step-security/harden-runner from 2.11.1 to 2.12.0 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.1 to 2.12.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](c6295a65d1...0634a2670c)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-22 20:43:41 +02:00
dependabot[bot]
82db571b02 build(deps): Bump github/codeql-action from 3.28.13 to 3.28.15 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.13 to 3.28.15.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](1b549b9259...45775bd823)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 3.28.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-13 15:06:22 +02:00
dependabot[bot]
a06d7a6296 build(deps): Bump golang.org/x/crypto from 0.36.0 to 0.37.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.36.0 to 0.37.0.
- [Commits](https://github.com/golang/crypto/compare/v0.36.0...v0.37.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-version: 0.37.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-13 15:05:58 +02:00
dependabot[bot]
a971995458 build(deps): Bump actions/dependency-review-action from 4.5.0 to 4.6.0 
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.5.0 to 4.6.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](3b139cfc5f...ce3cf9537a)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 15:00:19 +02:00
dependabot[bot]
b8b668bbbb build(deps): Bump step-security/harden-runner from 2.11.0 to 2.11.1 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.11.0 to 2.11.1.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](4d991eb9b9...c6295a65d1)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-04-06 14:59:55 +02:00
dependabot[bot]
66f76ccae7 build(deps): Bump github/codeql-action from 3.28.11 to 3.28.13 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.11 to 3.28.13.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](6bb031afdd...1b549b9259)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-30 14:34:15 +02:00
dependabot[bot]
e2a4d646d9 build(deps): Bump actions/upload-artifact from 4.6.1 to 4.6.2 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.1 to 4.6.2.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](4cec3d8aa0...ea165f8d65)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-30 14:33:48 +02:00
dependabot[bot]
9fdd6040bd build(deps): Bump actions/setup-go from 5.3.0 to 5.4.0 
Bumps [actions/setup-go](https://github.com/actions/setup-go) from 5.3.0 to 5.4.0.
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](f111f3307d...0aaccfd150)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-30 14:33:25 +02:00
dependabot[bot]
5d00ff36f0 build(deps): Bump github/codeql-action from 3.28.10 to 3.28.11 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.10 to 3.28.11.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](b56ba49b26...6bb031afdd)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-10 21:19:04 +01:00
Bernhard Froehlich
db79ed0ea9 ci: Run go mod tidy 2025-03-06 20:19:58 +01:00
dependabot[bot]
40942a7f83 Bump golang.org/x/crypto from 0.33.0 to 0.36.0 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.33.0 to 0.36.0.
- [Commits](https://github.com/golang/crypto/compare/v0.33.0...v0.36.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2025-03-06 20:15:49 +01:00
dependabot[bot]
2795ce3230 Bump github/codeql-action from 3.28.9 to 3.28.10 (#188) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.9 to 3.28.10.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](9e8d0789d4...b56ba49b26)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 21:06:17 +01:00
dependabot[bot]
307ce547ec Bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#187) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.4.0 to 2.4.1.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](62b2cac7ed...f49aabe0b5)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 21:05:27 +01:00
dependabot[bot]
ea911a0aaa Bump actions/upload-artifact from 4.6.0 to 4.6.1 (#186) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.6.0 to 4.6.1.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](65c4c4a1dd...4cec3d8aa0)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-24 21:04:53 +01:00
dependabot[bot]
99b72e32f1 Bump step-security/harden-runner from 2.10.4 to 2.11.0 (#184) 
Bumps [step-security/harden-runner](https://github.com/step-security/harden-runner) from 2.10.4 to 2.11.0.
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](cb605e52c2...4d991eb9b9)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-17 20:30:51 +01:00
dependabot[bot]
a2f92daa41 Bump golang.org/x/crypto from 0.32.0 to 0.33.0 (#183) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.32.0 to 0.33.0.
- [Commits](https://github.com/golang/crypto/compare/v0.32.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-10 11:49:26 +01:00
dependabot[bot]
b5dc7d1c5b Bump github/codeql-action from 3.28.8 to 3.28.9 (#182) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.28.8 to 3.28.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](dd746615b3...9e8d0789d4)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-07 17:48:03 +01:00
Bernhard Fröhlich
2358b735b1 Add badge for OpenSSF scorecard (#181) 2025-02-04 13:26:39 +01:00
dependabot[bot]
e4736a7544 Bump ossf/scorecard-action from 2.3.3 to 2.4.0 (#180) 
Bumps [ossf/scorecard-action](https://github.com/ossf/scorecard-action) from 2.3.3 to 2.4.0.
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](dc50aa9510...62b2cac7ed)

---
updated-dependencies:
- dependency-name: ossf/scorecard-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-02-04 12:38:41 +01:00
Bernhard Fröhlich
ccaf614b6b Update release.yaml (#179) 2025-02-04 10:45:06 +01:00
StepSecurity Bot
effa1c9192 [StepSecurity] ci: Harden GitHub Actions (#178) 
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
 2025-02-04 10:30:36 +01:00
Bernhard Fröhlich
ddfd61bfd1 Update CodeQL workflow to limit permissions (#177) 2025-02-04 10:23:36 +01:00
StepSecurity Bot
b6cbf2f82b [StepSecurity] ci: Harden GitHub Actions (#176) 
Signed-off-by: StepSecurity Bot <bot@stepsecurity.io>
 2025-02-04 09:55:43 +01:00
Bernhard Fröhlich
687c793203 Create SECURITY.md (#175) 
Create a initial security policy

This is based on a document from the OpenSSF scorecard project

https://github.com/ossf/scorecard/blob/main/SECURITY.md
 2025-02-04 09:47:27 +01:00