Skip to content

[Sync] Update project files from source repository (1f83ec3)#78

Merged
mrz1836 merged 1 commit into
masterfrom
chore/sync-files-bsv-blockchain-20251222-191619-1f83ec3
Dec 23, 2025
Merged

[Sync] Update project files from source repository (1f83ec3)#78
mrz1836 merged 1 commit into
masterfrom
chore/sync-files-bsv-blockchain-20251222-191619-1f83ec3

Conversation

@mrz1836
Copy link
Copy Markdown
Collaborator

@mrz1836 mrz1836 commented Dec 23, 2025

What Changed

  • Updated mage-x version from v1.11.0 to v1.12.2 in .github/.env.base configuration
  • Added new MAGE_X_CVE_EXCLUDES environment variable for govulncheck/magex CVE exclusions with default values (CVE-2024-38513, CVE-2023-45142)
  • Updated 27 GitHub Actions workflow files to align with latest CI/CD pipeline standards and conventions
  • Enhanced security scanning configuration to support CVE exclusion management through both environment variables and command parameters

Why It Was Necessary

  • The mage-x v1.12.2 upgrade provides improved dependency auditing capabilities and bug fixes for build tooling
  • Centralizing CVE exclusion management through the new MAGE_X_CVE_EXCLUDES variable reduces duplication and provides consistency between Nancy and govulncheck security scanning tools
  • Workflow synchronization ensures all CI/CD pipelines benefit from upstream improvements in testing, security scanning, and automation processes
  • The CVE exclusion mechanism allows teams to document known acceptable vulnerabilities while maintaining security scanning effectiveness

Testing Performed

  • Validated YAML syntax for all 28 modified workflow files
  • Verified .github/.env.base configuration follows expected format and variable naming conventions
  • Confirmed new MAGE_X_CVE_EXCLUDES variable aligns with existing NANCY_EXCLUDES pattern
  • Reviewed workflow job dependencies and trigger conditions remain intact
  • Verified mage-x v1.12.2 version exists and is accessible

Impact / Risk

  • Low Risk: Configuration updates and workflow synchronization are standard maintenance operations
  • No Breaking Changes: New CVE exclusion variable is additive and includes sensible defaults
  • Performance: Mage-x v1.12.2 may include performance improvements for build and test operations
  • Compatibility: All workflow changes maintain backward compatibility with existing CI/CD processes

@mrz1836 mrz1836 self-assigned this Dec 23, 2025
@mrz1836 mrz1836 added automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps labels Dec 23, 2025
@github-actions github-actions Bot added size/L Large change (201–500 lines) update General updates labels Dec 23, 2025
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Dec 23, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@mrz1836 mrz1836 merged commit 9384682 into master Dec 23, 2025
44 checks passed
@github-actions github-actions Bot deleted the chore/sync-files-bsv-blockchain-20251222-191619-1f83ec3 branch December 23, 2025 00:20
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@mrz1836 mrz1836

Labels

automated-sync Automated sync PR, e.g. from a fork or external repo automerge Label to automatically merge pull requests that meet all required conditions chore Simple dependency updates or version bumps size/L Large change (201–500 lines) update General updates

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@mrz1836