update security.md and update golangci-lint

synfinatic · Sep 6, 2024 · 3469640 · 3469640
1 parent cecde20
commit 3469640
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 3 deletions.
diff --git a/.github/workflows/golangci-lint.yaml b/.github/workflows/golangci-lint.yaml
@@ -24,13 +24,13 @@ jobs:
     steps:
       - uses: actions/setup-go@v5
         with:
-          go-version: '${{ vars.GO_VERSION }}'
+          go-version: "${{ vars.GO_VERSION }}"
       - uses: actions/checkout@v4
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v6
         with:
           # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
-          version: v${{ vars.GOLANGCI_LINT_VERSION }}
+          version: "${{ vars.GOLANGCI_LINT_VERSION }}"
 
           # Optional: working directory, useful for monorepos
           # working-directory: somedir

diff --git a/docs/security.md b/docs/security.md
@@ -3,9 +3,21 @@
 ## Supported Versions
 
 The only version I support is the latest version of `aws-sso`.  Should a new
-major version be released which is incompatible with v1.x, then this policy
+major version be released which is incompatible with v2.x, then this policy
 will be updated at that time.
 
+Note: with the v2.x release, v1.x is no longer supported.
+
+## Code signing
+
+All commits by me are signed by my [commit signing GPG key](commit-sign-key.asc.md).
+
+## Binary signatures
+
+All releases have a corresponding detactched GPG signature using my [code signing GPG key](code-sign-key.asc.md).
+
+## Reporting a Vulnerability
+
 ## Reporting a Vulnerability
 
 Please open a [security ticket in GitHub](