release: v8.0.0 (#251)

Author: ironman0x7b2

.dockerignore

@@ -1,5 +1,4 @@
 /.idea/
-/.github/
 /.vscode/
 /bin/
 /vendor/

.github/CODEOWNERS

@@ -1,2 +1,2 @@
 # Repository maintainers
-* @bsrinivas8687
+* @ironman0x7b2

.github/ISSUE_TEMPLATE/bug_report.md

@@ -20,8 +20,9 @@ A clear and concise description of what you expected to happen.
 If applicable, add screenshots to help explain your problem.
 
 **Desktop (please complete the following information):**
- - OS: [e.g. iOS]
- - Version [e.g. 22]
+
+- OS: [e.g. iOS]
+- Version [e.g. 22]
 
 **Additional context**
 Add any other context about the problem here.

.github/workflows/build.yml

@@ -0,0 +1,26 @@
+name: Build
+
+on:
+  pull_request:
+  push:
+    branches:
+      - development
+      - master
+
+jobs:
+  go:
+    runs-on: ubuntu-latest
+    permissions:
+      contents: read
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+
+      - name: Set up Go
+        uses: actions/setup-go@v6
+        with:
+          go-version: '1.25'
+
+      - name: Go Build
+        run: go build ./...

.github/workflows/codeql.yml

@@ -7,29 +7,34 @@ on:
 
 jobs:
   analyze:
-    name: Analyze
+    name: Analyze (${{ matrix.language }})
     runs-on: ubuntu-latest
-
+    permissions:
+      security-events: write
+      packages: read
+      actions: read
+      contents: read
     strategy:
       fail-fast: false
       matrix:
-        languages:
-          - go
+        include:
+          - language: actions
+            build-mode: none
+          - language: go
+            build-mode: autobuild
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
-          languages: ${{ matrix.languages }}
+          languages: ${{ matrix.language }}
+          build-mode: ${{ matrix.build-mode }}
           queries: security-extended,security-and-quality
 
-      - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
-
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
         with:
-          category: /language:${{ matrix.languages }}
+          category: "/language:${{matrix.language}}"

.github/workflows/docker-publish.yml

@@ -11,34 +11,52 @@ env:
 
 jobs:
   build:
-    name: Build
     runs-on: ubuntu-latest
+    permissions:
+      contents: read
+      packages: write
+      id-token: write
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
 
-      - name: Setup Docker buildx
-        uses: docker/setup-buildx-action@v3
+      - name: Install cosign
+        if: github.event_name == 'release'
+        uses: sigstore/cosign-installer@faadad0cce49287aee09b3a48701e75088a2c6ad #v4.0.0
+
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 #v3.11.1
 
       - name: Log into registry ${{ env.REGISTRY }}
-        uses: docker/login-action@v3
+        if: github.event_name == 'release'
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef #v3.6.0
         with:
           registry: ${{ env.REGISTRY }}
-          username: ${{ github.repository_owner }}
+          username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Extract Docker metadata
         id: meta
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f #v5.8.0
         with:
           images: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v5
+        id: build-and-push
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 #v6.18.0
         with:
           context: .
+          push: ${{ github.event_name == 'release' }}
           labels: ${{ steps.meta.outputs.labels }}
-          platforms: linux/amd64
-          push: true
           tags: ${{ steps.meta.outputs.tags }}
+          platforms: |
+            linux/amd64
+            linux/arm64
+
+      - name: Sign the published Docker image
+        if: github.event_name == 'release'
+        env:
+          TAGS: ${{ steps.meta.outputs.tags }}
+          DIGEST: ${{ steps.build-and-push.outputs.digest }}
+        run: echo "${TAGS}" | xargs -I {} cosign sign --yes {}@${DIGEST}

.gitignore

@@ -1,4 +1,5 @@
 .DS_Store*
+/*.snap
 /.idea/
 /.vscode/
 /bin/

.golangci.yaml

@@ -0,0 +1,36 @@
+version: '2'
+linters:
+  default: all
+  disable:
+    - cyclop
+    - depguard
+    - err113
+    - exhaustruct
+    - forcetypeassert
+    - funlen
+    - gocognit
+    - ireturn
+    - lll
+    - mnd
+    - nestif
+    - nilnil
+    - noinlineerr
+    - nonamedreturns
+    - varnamelen
+    - wsl
+  settings:
+    gosec:
+      excludes:
+        - G115
+        - G204
+        - G404
+    revive:
+      rules:
+        - name: package-comments
+          disabled: true
+    tagliatelle:
+      case:
+        rules:
+          json: snake
+run:
+  timeout: 5m

.golangci.yml

@@ -23,13 +23,13 @@ include:
 Examples of unacceptable behavior by participants include:
 
 * The use of sexualized language or imagery and unwelcome sexual attention or
- advances
+  advances
 * Trolling, insulting/derogatory comments, and personal or political attacks
 * Public or private harassment
 * Publishing others' private information, such as a physical or electronic
- address, without explicit permission
+  address, without explicit permission
 * Other conduct which could reasonably be considered inappropriate in a
- professional setting
+  professional setting
 
 ## Our Responsibilities