Run go-makefile-maker

sapcc-bot · sapcc-bot · commit c7ddbf5cf7c3 · 2026-03-12T19:03:34.000Z
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -45,7 +45,7 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v6
       - name: Post coverage report
-        uses: fgrosse/go-coverage-report@v1.2.0
+        uses: fgrosse/go-coverage-report@v1.3.0
         with:
           coverage-artifact-name: code-coverage
           coverage-file-name: cover.out
diff --git a/.github/workflows/container-registry-ghcr.yaml b/.github/workflows/container-registry-ghcr.yaml
@@ -23,7 +23,7 @@ jobs:
       - name: Check out code
         uses: actions/checkout@v6
       - name: Log in to the Container registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
         with:
           password: ${{ secrets.GITHUB_TOKEN }}
           registry: ghcr.io
@@ -47,9 +47,9 @@ jobs:
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4
       - name: Build and push Docker image
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
         with:
           context: .
           labels: ${{ steps.meta.outputs.labels }}
diff --git a/.golangci.yaml b/.golangci.yaml
@@ -138,6 +138,9 @@ linters:
         - G112
         # if we put a password or token into a serialized payload, guess what, we probably did that on purpose
         - G117
+        # this triggers on net/http.Request.ParseForm() and its callers, e.g. net/http.Request.FormValue(), complaining about potential memory exhaustion from unbounded form parsing;
+        # but that is incorrect, ParseForm() by default never parses more than 10 MiB for this specific reason
+        - G120
         # created file permissions are restricted by umask if necessary
         - G306
         # the following lints cause false-positives in many repositories, should be fixed with the next release. (see https://github.com/securego/gosec/issues/1500)
diff --git a/.license-scan-overrides.jsonl b/.license-scan-overrides.jsonl
@@ -6,6 +6,7 @@
 {"name": "github.com/mattn/go-localereader", "licenceType": "MIT"}
 {"name": "github.com/miekg/dns", "licenceType": "BSD-3-Clause"}
 {"name": "github.com/pashagolub/pgxmock/v4", "licenceType": "BSD-3-Clause"}
+{"name": "github.com/pashagolub/pgxmock/v5", "licenceType": "BSD-3-Clause"}
 {"name": "github.com/spdx/tools-golang", "licenceTextOverrideFile": "vendor/github.com/spdx/tools-golang/LICENSE.code"}
 {"name": "github.com/xeipuuv/gojsonpointer", "licenceType": "Apache-2.0"}
 {"name": "github.com/xeipuuv/gojsonreference", "licenceType": "Apache-2.0"}
