feat: add comprehensive security scanning and EditorConfig integration

- Add govulncheck, Snyk, and Trivy vulnerability scanning - Create security workflow for automated scanning on push/PR/schedule - Add gitleaks for secrets detection and prevention - Implement EditorConfig linting with eclint and editorconfig-checker - Update Makefile with security and formatting targets - Create SECURITY.md with vulnerability reporting guidelines - Configure Dependabot for automated dependency updates - Fix all EditorConfig violations across codebase - Update Go version to 1.23.10 to address stdlib vulnerabilities - Add tests for internal/helpers package (80% coverage) - Remove deprecated functions and migrate to error-returning patterns - Fix YAML indentation in test fixtures to resolve test failures
2026-03-02 05:55:44 +00:00 · 2025-08-03 20:12:18 +03:00
parent e6c3e09a7f
commit ce02d36929
53 changed files with 2400 additions and 590 deletions
--- a/testdata/composite-action/README.md
+++ b/testdata/composite-action/README.md
@@ -41,11 +41,11 @@ on:
 jobs:
  build:
    runs-on: ubuntu-latest
-    
+
    steps:
      - name: Checkout Repository
        uses: actions/checkout@v4
-      
+
      - name: Composite Example Action
        uses: your-org/ @v1
        with:
@@ -113,7 +113,7 @@ This action provides the following outputs that can be used in subsequent workfl
 - name: Composite Example Action
  id: action-step
  uses: your-org/ @v1
-  
+
 - name: Use Output
  run: |
    echo "build-result: \${{ steps.action-step.outputs.build-result }}"
@@ -305,4 +305,4 @@ If you find this action helpful, please consider:

 <div align="center">
  <sub>📚 Documentation generated with <a href="https://github.com/ivuorinen/gh-action-readme">gh-action-readme</a></sub>
-</div>
+</div>
--- a/testdata/composite-action/action.yml
+++ b/testdata/composite-action/action.yml
@@ -21,19 +21,19 @@ runs:
      with:
        fetch-depth: 0
        token: ${{ github.token }}
-    
+
    - name: Setup Node.js
      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
      with:
        node-version: ${{ inputs.node-version }}
        cache: 'npm'
-    
+
    - name: Install dependencies
      shell: bash
      run: |
        cd ${{ inputs.working-directory }}
        npm ci
-    
+
    - name: Run tests
      shell: bash
      run: |
@@ -41,7 +41,7 @@ runs:
        echo "Tests completed successfully"
      env:
        NODE_ENV: test
-    
+
    - name: Build project
      uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4
      id: build
@@ -50,4 +50,4 @@ runs:

 branding:
  icon: package
-  color: blue
+  color: blue