build(deps): bump github.com/pion/dtls/v3 from 3.0.4 to 3.0.11 #725

Workflow file for this run

	name: CI

	on:
	push:
	branches: [ main, dev ]
	pull_request:
	branches: [ main, dev ]
	issues:
	types: [opened, edited]
	issue_comment:
	types: [created, edited]
	pull_request_target:
	types: [opened, edited, synchronize]
	pull_request_review_comment:
	types: [created, edited]

	permissions:
	contents: read
	security-events: write
	issues: write
	pull-requests: write

	jobs:
	test:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' \|\| github.event_name == 'pull_request'
	strategy:
	matrix:
	go-version: ['1.24']

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version: ${{ matrix.go-version }}
	cache: true

	- name: Download dependencies
	run: make deps

	- name: Format check
	run: \|
	go fmt ./...
	if [ -n "$(git diff --name-only)" ]; then
	echo "Code is not formatted. Please run 'go fmt ./...'"
	git diff
	exit 1
	fi

	- name: Vet
	run: make vet

	- name: Run unit tests
	run: make test-unit

	- name: Run tests with race detection
	run: make test-race

	- name: Run tests with coverage
	run: make test-coverage

	- name: Upload coverage reports to Codecov
	uses: codecov/codecov-action@v4
	with:
	file: ./coverage/coverage.out
	flags: unittests
	name: codecov-umbrella
	fail_ci_if_error: false
	verbose: true
	env:
	CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}

	lint:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' \|\| github.event_name == 'pull_request'
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'

	- name: Install golangci-lint v2
	run: \|
	echo "Go version: $(go version)"
	echo "Installing golangci-lint v2.4.0..."
	curl -sSfL https://raw.githubusercontent.com/golangci/golangci-lint/master/install.sh \| sh -s -- -b $(go env GOPATH)/bin v2.4.0
	echo "golangci-lint version: $(golangci-lint version)"

	- name: Run golangci-lint
	run: golangci-lint run --timeout=5m

	security:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' \|\| github.event_name == 'pull_request'
	permissions:
	security-events: write
	actions: read
	contents: read
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'

	- name: Install Gosec
	run: go install github.com/securego/gosec/v2/cmd/gosec@latest

	- name: Run Gosec Security Scanner
	run: \|
	gosec -conf .gosec.json -exclude=G301,G302,G304,G306 -fmt sarif -out results.sarif -stdout -verbose=text ./... \|\| true
	# Ensure SARIF file exists even if gosec fails
	if [ ! -f results.sarif ]; then
	echo '{"version": "2.1.0", "runs": [{"tool": {"driver": {"name": "gosec"}}, "results": []}]}' > results.sarif
	fi

	- name: Debug SARIF file
	run: \|
	echo "SARIF file size: $(wc -c < results.sarif)"
	echo "SARIF file head:"
	head -5 results.sarif
	if: always()

	- name: Upload SARIF file
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: results.sarif
	if: always()

	build:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' \|\| github.event_name == 'pull_request'
	needs: [test, lint]
	strategy:
	matrix:
	goos: [linux, darwin, windows]
	goarch: [amd64, arm64]
	exclude:
	# Exclude combinations that aren't commonly used
	- goos: windows
	goarch: arm64

	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'
	cache: true

	- name: Build binary
	env:
	GOOS: ${{ matrix.goos }}
	GOARCH: ${{ matrix.goarch }}
	run: \|
	if [ "$GOOS" = "windows" ]; then
	BINARY_NAME="sietch.exe"
	else
	BINARY_NAME="sietch"
	fi
	mkdir -p build
	CGO_ENABLED=0 go build -ldflags="-w -s" -o build/${BINARY_NAME}_${GOOS}_${GOARCH} ./main.go

	- name: Upload build artifacts
	uses: actions/upload-artifact@v4
	with:
	name: sietch-${{ matrix.goos }}-${{ matrix.goarch }}
	path: build/
	retention-days: 30

	integration:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' \|\| github.event_name == 'pull_request'
	needs: [test]
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'
	cache: true

	- name: Build binary for integration tests
	run: make build

	- name: Run integration tests
	run: make test-integration

	- name: Create test vaults
	run: make create-test-vaults \|\| echo "Test vault creation failed, continuing..."

	- name: Clean up test vaults
	run: make clean-test-vaults

	benchmark:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' && github.ref == 'refs/heads/main'
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'
	cache: true

	- name: Run benchmarks
	run: make bench \| tee benchmark.txt

	- name: Upload benchmark results
	uses: actions/upload-artifact@v4
	with:
	name: benchmark-results
	path: benchmark.txt
	retention-days: 30

	dependency-check:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' \|\| github.event_name == 'pull_request'
	steps:
	- name: Checkout code
	uses: actions/checkout@v4

	- name: Set up Go
	uses: actions/setup-go@v5
	with:
	go-version: '1.24'

	- name: Check for vulnerabilities
	uses: golang/govulncheck-action@v1
	with:
	go-version-input: '1.24'
	go-package: './...'
	output-format: sarif
	output-file: govulncheck.sarif
	- name: Upload govulncheck SARIF results
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: govulncheck.sarif
	category: govulncheck
	if: always()

	- name: Upload govulncheck results as artifact
	uses: actions/upload-artifact@v4
	with:
	name: govulncheck-results
	path: govulncheck.sarif
	retention-days: 30
	if: always()

	- name: Verify dependencies
	run: \|
	go mod verify
	go mod tidy
	if [ -n "$(git diff --name-only)" ]; then
	echo "go.mod or go.sum is not tidy"
	git diff
	exit 1
	fi

	ai-pr-detection:
	runs-on: ubuntu-latest
	if: github.event_name == 'pull_request_target' \|\| github.event_name == 'pull_request_review_comment'
	permissions:
	issues: write
	pull-requests: write
	steps:
	- name: AI PR Detection
	uses: github/ai-moderator@v1.1.2
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	spam-label: spam
	ai-label: ai-generated
	minimize-detected-comments: false
	enable-spam-detection: false
	enable-link-spam-detection: false
	enable-ai-detection: true

	ai-issue-moderation:
	runs-on: ubuntu-latest
	if: github.event_name == 'issues' \|\| github.event_name == 'issue_comment'
	permissions:
	issues: write
	pull-requests: write
	steps:
	- name: AI Issue and Comment Moderator
	uses: github/ai-moderator@v1.1.2
	with:
	token: ${{ secrets.GITHUB_TOKEN }}
	spam-label: spam
	ai-label: ai-generated
	minimize-detected-comments: true
	enable-spam-detection: true
	enable-link-spam-detection: true
	enable-ai-detection: true

	contributors-readme:
	runs-on: ubuntu-latest
	if: github.event_name == 'push' && github.ref == 'refs/heads/main'
	permissions:
	contents: write
	pull-requests: write
	steps:
	- name: Contribute List
	uses: akhilmhdh/contributors-readme-action@v2.3.11
	env:
	GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(deps): bump github.com/pion/dtls/v3 from 3.0.4 to 3.0.11 #725

Workflow file

build(deps): bump github.com/pion/dtls/v3 from 3.0.4 to 3.0.11 #725

Uh oh!

Workflow file for this run