Skip to content

[Sync] Update project files from source repository (1f83ec3)#88

Merged
mrz1836 merged 1 commit intomasterfrom
chore/sync-files-bsv-blockchain-20251222-191701-1f83ec3
Dec 23, 2025
Merged

[Sync] Update project files from source repository (1f83ec3)#88
mrz1836 merged 1 commit intomasterfrom
chore/sync-files-bsv-blockchain-20251222-191701-1f83ec3

Conversation

@mrz1836
Copy link
Copy Markdown
Collaborator

@mrz1836 mrz1836 commented Dec 23, 2025

What Changed

  • Updated mage-x version from v1.11.0 to v1.12.2 in .github/.env.base configuration
  • Added new MAGE_X_CVE_EXCLUDES environment variable for govulncheck/magex CVE exclusions with default values (CVE-2024-38513, CVE-2023-45142)
  • Synchronized 27 GitHub Actions workflow files with upstream changes including codeql-analysis, fortress workflows, dependabot, auto-merge, and other CI/CD pipelines
  • Added detailed documentation for the new CVE exclusion configuration explaining its usage with magex deps:audit command

Why It Was Necessary

  • Upgrades to mage-x v1.12.2 to incorporate latest build tool improvements, bug fixes, and feature enhancements
  • Provides consistent CVE exclusion management across both Nancy and govulncheck tools, ensuring known acceptable vulnerabilities can be properly excluded from security scans
  • Maintains workflow synchronization to ensure CI/CD pipelines remain consistent with latest best practices and improvements
  • Improves developer experience by offering multiple ways to exclude CVEs (environment variable or command-line parameter)

Testing Performed

  • Validated YAML syntax of all 27 modified GitHub Actions workflow files
  • Verified .github/.env.base configuration syntax and environment variable format
  • Confirmed mage-x v1.12.2 version exists and is accessible
  • Reviewed CVE exclusion format matches expected comma-separated list pattern
  • Ensured backward compatibility with existing workflow configurations and no breaking changes introduced

Impact / Risk

  • Low Risk: Standard configuration and workflow synchronization updates
  • Breaking Changes: None - new CVE exclusion variable is optional and has sensible defaults
  • Performance: Potential improvements from mage-x v1.12.2 updates
  • Developer Experience: Enhanced with additional CVE exclusion control and updated tooling
  • All changes are in CI/CD infrastructure with no impact on runtime application code

@mrz1836 mrz1836 self-assigned this Dec 23, 2025
@mrz1836 mrz1836 added automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps labels Dec 23, 2025
@github-actions github-actions bot added size/L Large change (201–500 lines) update General updates labels Dec 23, 2025
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud bot commented Dec 23, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mrz1836 mrz1836 merged commit 546571c into master Dec 23, 2025
44 checks passed
@github-actions github-actions bot deleted the chore/sync-files-bsv-blockchain-20251222-191701-1f83ec3 branch December 23, 2025 00:21
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mrz1836 mrz1836

Labels

automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps size/L Large change (201–500 lines) update General updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mrz1836