feat: add comprehensive security scanning and EditorConfig integration

- Add govulncheck, Snyk, and Trivy vulnerability scanning - Create security workflow for automated scanning on push/PR/schedule - Add gitleaks for secrets detection and prevention - Implement EditorConfig linting with eclint and editorconfig-checker - Update Makefile with security and formatting targets - Create SECURITY.md with vulnerability reporting guidelines - Configure Dependabot for automated dependency updates - Fix all EditorConfig violations across codebase - Update Go version to 1.23.10 to address stdlib vulnerabilities - Add tests for internal/helpers package (80% coverage) - Remove deprecated functions and migrate to error-returning patterns - Fix YAML indentation in test fixtures to resolve test failures
2026-03-03 03:56:05 +00:00 · 2025-08-03 20:12:18 +03:00
parent e6c3e09a7f
commit ce02d36929
53 changed files with 2400 additions and 590 deletions
--- a/.github/dependabot.yml
+++ b/.github/dependabot.yml
@@ -0,0 +1,66 @@
+version: 2
+
+updates:
+  # Go modules
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "06:00"
+    open-pull-requests-limit: 10
+    reviewers:
+      - "ivuorinen"
+    assignees:
+      - "ivuorinen"
+    commit-message:
+      prefix: "chore(deps)"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "security"
+    # Group security updates
+    groups:
+      security-updates:
+        patterns:
+          - "*"
+        update-types:
+          - "security-update"
+
+  # GitHub Actions
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "06:00"
+    open-pull-requests-limit: 5
+    reviewers:
+      - "ivuorinen"
+    assignees:
+      - "ivuorinen"
+    commit-message:
+      prefix: "fix(github-action)"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "github-actions"
+
+  # Docker
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "weekly"
+      day: "monday"
+      time: "06:00"
+    open-pull-requests-limit: 3
+    reviewers:
+      - "ivuorinen"
+    assignees:
+      - "ivuorinen"
+    commit-message:
+      prefix: "fix(docker)"
+      include: "scope"
+    labels:
+      - "dependencies"
+      - "docker"