From 9f307f099eba67f76c6a1e94f13b4d356797ddfa Mon Sep 17 00:00:00 2001
From: Alexej Disterhoft <alexej@disterhoft.de>
Date: Thu, 18 Jul 2024 23:18:34 +0200
Subject: [PATCH 1/4] chore: switch from asdf to mise

---
 .envrc         | 1 -
 .mise.toml     | 2 ++
 .tool-versions | 1 -
 3 files changed, 2 insertions(+), 2 deletions(-)
 delete mode 100644 .envrc
 create mode 100644 .mise.toml
 delete mode 100644 .tool-versions

diff --git a/.envrc b/.envrc
deleted file mode 100644
index a63eb96..0000000
--- a/.envrc
+++ /dev/null
@@ -1 +0,0 @@
-use asdf
diff --git a/.mise.toml b/.mise.toml
new file mode 100644
index 0000000..b6eea30
--- /dev/null
+++ b/.mise.toml
@@ -0,0 +1,2 @@
+[tools]
+go = "1.22.5"
diff --git a/.tool-versions b/.tool-versions
deleted file mode 100644
index 009efa3..0000000
--- a/.tool-versions
+++ /dev/null
@@ -1 +0,0 @@
-golang 1.22.5

From 7fc303353ef2c0ca68323a294b3d34ca626c2bd4 Mon Sep 17 00:00:00 2001
From: Alexej Disterhoft <alexej@disterhoft.de>
Date: Thu, 18 Jul 2024 23:19:31 +0200
Subject: [PATCH 2/4] ci: add trivy to ci workflow

---
 .github/workflows/ci.yaml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index d3d9270..65e9d73 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -55,6 +55,38 @@ jobs:
         env:
           CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }}
 
+  trivy:
+    runs-on: ubuntu-latest
+
+    permissions:
+      contents: read
+      security-events: write
+      actions: read
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v4
+
+      - name: Setup Go
+        uses: actions/setup-go@v5
+        with:
+          go-version-file: ./go.mod
+
+      - name: Download Go modules
+        run: go mod download
+
+      - name: Run Trivy vulnerability scanner in repo mode
+        uses: aquasecurity/trivy-action@0.24.0
+        with:
+          scan-type: "fs"
+          format: "sarif"
+          output: "trivy-results.sarif"
+
+      - name: Upload Trivy scan results to GitHub Security tab
+        uses: github/codeql-action/upload-sarif@v3
+        with:
+          sarif_file: "trivy-results.sarif"
+
   build:
     runs-on: ubuntu-latest
 

From 129f2d178601219b85659accfe5f482590c9ef3b Mon Sep 17 00:00:00 2001
From: Alexej Disterhoft <alexej@disterhoft.de>
Date: Thu, 18 Jul 2024 23:25:58 +0200
Subject: [PATCH 3/4] ci: set GOTOOLCHAIN to local

---
 .github/workflows/ci.yaml | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 65e9d73..0008a9d 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -13,6 +13,9 @@ on:
 permissions:
   contents: read
 
+env:
+  GOTOOLCHAIN: local
+
 jobs:
   golangci-lint:
     runs-on: ubuntu-latest
@@ -24,7 +27,6 @@ jobs:
         uses: actions/setup-go@v5
         with:
           go-version-file: ./go.mod
-          cache: false
 
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v6

From 5d0d9fa2922806cc18a0bc1601dcbd40d9aa2609 Mon Sep 17 00:00:00 2001
From: Alexej Disterhoft <alexej@disterhoft.de>
Date: Thu, 18 Jul 2024 23:29:53 +0200
Subject: [PATCH 4/4] chore: Remove GOTOOLCHAIN environment variable from
 ci.yaml

---
 .github/workflows/ci.yaml | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index 0008a9d..d7e74e6 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -13,9 +13,6 @@ on:
 permissions:
   contents: read
 
-env:
-  GOTOOLCHAIN: local
-
 jobs:
   golangci-lint:
     runs-on: ubuntu-latest