Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .github/workflows/hx-test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -11,6 +11,10 @@ on:
paths:
- "cmd/hx/**"
- "http/**"

permissions:
contents: read

jobs:
test:
runs-on: ubuntu-latest
Expand Down
3 changes: 3 additions & 0 deletions .github/workflows/lint.yml
Original file line number Diff line number Diff line change
Expand Up @@ -2,6 +2,9 @@ name: Lint
on:
pull_request:

permissions:
contents: read

jobs:
golangci:
name: lint
Expand Down
12 changes: 12 additions & 0 deletions .github/workflows/release.yml
Original file line number Diff line number Diff line change
Expand Up @@ -4,9 +4,17 @@ on:
branches:
- master
- main

permissions:
contents: read

jobs:
semantic-release:
runs-on: ubuntu-latest
permissions:
contents: write
issues: write
pull-requests: write
outputs:
release-version: ${{ steps.semantic.outputs.release-version }}
new-release-published: ${{ steps.semantic.outputs.new-release-published }}
Expand All @@ -24,6 +32,8 @@ jobs:

bump-clients:
runs-on: ubuntu-latest
permissions:
contents: read
needs: [semantic-release]
if: needs.semantic-release.outputs.new-release-published == 'true'
strategy:
Expand Down Expand Up @@ -83,6 +93,8 @@ jobs:

hx-binaries:
runs-on: ${{ matrix.os }}
permissions:
contents: read
needs: [semantic-release]
if: needs.semantic-release.outputs.new-release-published == 'true'
strategy:
Expand Down
4 changes: 4 additions & 0 deletions .github/workflows/test.yml
Original file line number Diff line number Diff line change
Expand Up @@ -5,6 +5,10 @@ on:
pull_request:
types: [opened, synchronize, reopened]
name: Test

permissions:
contents: read

jobs:
test:
strategy:
Expand Down
9 changes: 9 additions & 0 deletions SECURITY.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
# Security Policy

## Reporting a Vulnerability

Please do not report security vulnerabilities in public GitHub issues.

Report suspected vulnerabilities privately using GitHub's private vulnerability reporting for this repository, or email security@flanksource.com with details and reproduction steps.

We aim to acknowledge vulnerability reports within 3 business days and provide an initial assessment within 14 days. We coordinate disclosure timelines with reporters and will publish fixes and advisories once a vulnerability is remediated.
21 changes: 12 additions & 9 deletions cmd/hx/go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -5,7 +5,7 @@ go 1.25.1
require (
github.com/aws/aws-sdk-go-v2/config v1.32.9
github.com/flanksource/clicky v1.21.1
github.com/flanksource/commons v1.47.2
github.com/flanksource/commons v1.53.1
github.com/spf13/cobra v1.10.2
github.com/stretchr/testify v1.11.1
golang.org/x/term v0.40.0
Expand All @@ -15,9 +15,10 @@ require (
cel.dev/expr v0.25.1 // indirect
github.com/Masterminds/goutils v1.1.1 // indirect
github.com/Masterminds/semver/v3 v3.4.0 // indirect
github.com/Snawoot/go-http-digest-auth-client v1.1.3 // indirect
github.com/ajstarks/svgo v0.0.0-20211024235047-1546f124cd8b // indirect
github.com/alecthomas/chroma/v2 v2.23.1 // indirect
github.com/antchfx/xmlquery v1.5.1 // indirect
github.com/antchfx/xpath v1.3.6 // indirect
github.com/antlr4-go/antlr/v4 v4.13.1 // indirect
github.com/aws/aws-sdk-go-v2 v1.41.1 // indirect
github.com/aws/aws-sdk-go-v2/credentials v1.19.9 // indirect
Expand Down Expand Up @@ -50,13 +51,13 @@ require (
github.com/dlclark/regexp2 v1.11.5 // indirect
github.com/emirpasic/gods/v2 v2.0.0-alpha // indirect
github.com/fatih/color v1.18.0 // indirect
github.com/flanksource/gomplate/v3 v3.24.74 // indirect
github.com/flanksource/is-healthy v1.0.86 // indirect
github.com/flanksource/gomplate/v3 v3.24.81 // indirect
github.com/flanksource/is-healthy v1.0.87 // indirect
github.com/flanksource/kubectl-neat v1.0.4 // indirect
github.com/fsnotify/fsnotify v1.9.0 // indirect
github.com/fxamacker/cbor/v2 v2.9.0 // indirect
github.com/ghodss/yaml v1.0.0 // indirect
github.com/go-jose/go-jose/v3 v3.0.4 // indirect
github.com/go-jose/go-jose/v3 v3.0.5 // indirect
github.com/go-logr/logr v1.4.3 // indirect
github.com/go-logr/stdr v1.2.2 // indirect
github.com/go-ole/go-ole v1.3.0 // indirect
Expand All @@ -65,6 +66,7 @@ require (
github.com/gobwas/glob v0.2.3 // indirect
github.com/goccy/go-json v0.10.5 // indirect
github.com/goccy/go-yaml v1.19.2 // indirect
github.com/golang/groupcache v0.0.0-20210331224755-41bb18bfe9da // indirect
github.com/google/cel-go v0.27.0 // indirect
github.com/google/uuid v1.6.0 // indirect
github.com/gosimple/slug v1.15.0 // indirect
Expand Down Expand Up @@ -140,16 +142,17 @@ require (
github.com/yuin/gopher-lua v1.1.1 // indirect
github.com/yusufpapurcu/wmi v1.2.4 // indirect
go.opentelemetry.io/auto/sdk v1.2.1 // indirect
go.opentelemetry.io/otel v1.41.0 // indirect
go.opentelemetry.io/otel/metric v1.41.0 // indirect
go.opentelemetry.io/otel/trace v1.41.0 // indirect
go.opentelemetry.io/otel v1.43.0 // indirect
go.opentelemetry.io/otel/metric v1.43.0 // indirect
go.opentelemetry.io/otel/sdk v1.43.0 // indirect
go.opentelemetry.io/otel/trace v1.43.0 // indirect
go.yaml.in/yaml/v2 v2.4.3 // indirect
golang.org/x/crypto v0.48.0 // indirect
golang.org/x/exp v0.0.0-20260218203240-3dfff04db8fa // indirect
golang.org/x/net v0.51.0 // indirect
golang.org/x/oauth2 v0.34.0 // indirect
golang.org/x/sync v0.19.0 // indirect
golang.org/x/sys v0.41.0 // indirect
golang.org/x/sys v0.42.0 // indirect
golang.org/x/text v0.34.0 // indirect
google.golang.org/genproto/googleapis/api v0.0.0-20260226221140-a57be14db171 // indirect
google.golang.org/genproto/googleapis/rpc v0.0.0-20260226221140-a57be14db171 // indirect
Expand Down
Loading
Loading