Add CHANGELOG.md and enhance error handling in DNS resolution

- Created CHANGELOG.md to document project changes and adhere to semantic versioning.
- Updated `resolveAttempts` function to return an error for invalid flag combinations, improving error handling.
- Adjusted main.go to handle errors from `resolveAttempts`, ensuring graceful exits on invalid input.
- Revised README.md to link to the new CHANGELOG.md for better visibility of project updates.

Author: TMHSDigital

.github/CODE_OF_CONDUCT.md

@@ -0,0 +1,23 @@
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+We as members, contributors, and leaders pledge to make participation in our community a harassment-free experience for everyone.
+
+## Our Standards
+Examples of behavior that contributes to a positive environment:
+- Using welcoming and inclusive language
+- Being respectful of differing viewpoints and experiences
+- Gracefully accepting constructive criticism
+- Focusing on what is best for the community
+
+Examples of unacceptable behavior:
+- Harassment, trolling, or insulting comments
+- Public or private harassment
+- Publishing others' private information without permission
+- Other conduct which could reasonably be considered inappropriate
+
+## Enforcement
+Instances of abusive, harassing, or otherwise unacceptable behavior may be reported by opening a [Security Advisory](https://github.com/TMHSDigital/subenum/security/advisories/new) or contacting the maintainers privately.
+
+## Attribution
+This Code of Conduct is adapted from the [Contributor Covenant](https://www.contributor-covenant.org), version 2.1.

.github/CONTRIBUTING.md

@@ -0,0 +1,3 @@
+# Contributing
+
+See the full contributing guide at [docs/CONTRIBUTING.md](../docs/CONTRIBUTING.md).

.github/workflows/codeql.yml

@@ -25,7 +25,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v6
       with:
-        go-version: '1.22'
+        go-version-file: 'go.mod'
 
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v4

.github/workflows/go.yml

@@ -18,7 +18,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v6
       with:
-        go-version: '1.22'
+        go-version-file: 'go.mod'
 
     - name: Cache Go build artifacts
       uses: actions/cache@v5
@@ -73,6 +73,11 @@ jobs:
             goarch: amd64
             artifact_name: subenum
             asset_name: subenum-macos-amd64
+          - os: ubuntu-latest
+            goos: linux
+            goarch: arm64
+            artifact_name: subenum
+            asset_name: subenum-linux-arm64
 
     runs-on: ${{ matrix.os }}
 
@@ -82,7 +87,7 @@ jobs:
     - name: Set up Go
       uses: actions/setup-go@v6
       with:
-        go-version: '1.22'
+        go-version-file: 'go.mod'
 
     - name: Cache Go build artifacts
       uses: actions/cache@v5
@@ -113,3 +118,14 @@ jobs:
         files: ${{ matrix.asset_name }}
       env:
         GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Generate checksum
+      shell: bash
+      run: sha256sum ${{ matrix.asset_name }} > ${{ matrix.asset_name }}.sha256
+
+    - name: Upload checksum to release
+      uses: softprops/action-gh-release@v2
+      with:
+        files: ${{ matrix.asset_name }}.sha256
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

logs/CHANGELOG.md CHANGELOG.mdlogs/CHANGELOG.md renamed to CHANGELOG.md

@@ -72,4 +72,4 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 - Initial project setup with basic functionality
 - Concurrent subdomain enumeration using goroutines
 - DNS resolution with configurable timeout
-- Command-line flags for wordlist, concurrency, and timeout 
+- Command-line flags for wordlist, concurrency, and timeout

README.md

@@ -8,13 +8,15 @@
 
 [![Build](https://img.shields.io/github/actions/workflow/status/TMHSDigital/subenum/go.yml?branch=main&style=for-the-badge&label=build)](https://github.com/TMHSDigital/subenum/actions)
 [![License: GPL v3](https://img.shields.io/badge/License-GPLv3-blue.svg?style=for-the-badge)](LICENSE)
+<!-- Update Go version badge when go.mod changes -->
 [![Go](https://img.shields.io/badge/Go-1.22+-00ADD8?style=for-the-badge&logo=go&logoColor=white)](https://go.dev)
 [![CodeQL](https://img.shields.io/github/actions/workflow/status/TMHSDigital/subenum/codeql.yml?label=CodeQL&style=for-the-badge)](https://github.com/TMHSDigital/subenum/actions/workflows/codeql.yml)
 [![Release](https://img.shields.io/github/v/release/TMHSDigital/subenum?style=for-the-badge)](https://github.com/TMHSDigital/subenum/releases)
+[![Go Report Card](https://goreportcard.com/badge/github.com/TMHSDigital/subenum?style=for-the-badge)](https://goreportcard.com/report/github.com/TMHSDigital/subenum)
 
 `Concurrent Workers` &middot; `Context-Aware Cancellation` &middot; `Retry with Backoff` &middot; `Wildcard Detection` &middot; `Simulation Mode` &middot; `Zero Dependencies`
 
-[Quick Start](#-installation) | [Documentation](./docs) | [Architecture](#-system-architecture) | [Changelog](./logs/CHANGELOG.md)
+[Quick Start](#installation) | [Documentation](./docs) | [Architecture](#system-architecture) | [Changelog](./CHANGELOG.md)
 
 </div>
 
@@ -242,8 +244,6 @@ subenum/
 │   └── wordlist/
 │       ├── reader.go           # LoadWordlist (dedup + sanitize)
 │       └── reader_test.go      # Wordlist loading and dedup tests
-├── logs/
-│   └── CHANGELOG.md            # Versioned release history
 ├── tools/
 │   └── wordlist-gen.go         # Custom wordlist generator utility
 ├── main.go                     # CLI entry point: flag parsing, wiring
@@ -253,6 +253,7 @@ subenum/
 ├── docker-compose.yml          # Compose orchestration
 ├── Makefile                    # Build, test, lint, simulate, Docker targets
 ├── .golangci.yml               # Linter configuration (golangci-lint v2)
+├── CHANGELOG.md                # Versioned release history
 ├── SECURITY.md                 # Vulnerability disclosure policy
 └── LICENSE                     # GNU General Public License v3.0
 ```

SECURITY.md

@@ -2,22 +2,14 @@
 
 ## Reporting a Vulnerability
 
-If you discover a security vulnerability in `subenum`, please follow these steps to report it responsibly:
+If you discover a security vulnerability in `subenum`, **do not open a public issue.**
 
-1. **Do NOT** disclose the vulnerability publicly until it has been addressed.
-2. Send details of the vulnerability to the repository maintainers via GitHub Issues or create a private report through GitHub's Security tab.
-3. Include the following information:
-   - A description of the vulnerability
-   - Steps to reproduce the issue
-   - Potential impact
-   - Any suggested fixes (if available)
+Report it privately using GitHub's Security Advisory feature:
+1. Go to the [Security tab](https://github.com/TMHSDigital/subenum/security/advisories/new) of this repository.
+2. Click **"Report a vulnerability"**.
+3. Fill in the description, reproduction steps, and impact.
 
-## What to Expect
-
-- You'll receive acknowledgment of your report within 48 hours.
-- We'll investigate and provide an estimated timeline for a fix.
-- You'll be kept informed about the progress.
-- After the issue is resolved, you'll be credited for the discovery (unless you prefer anonymity).
+You will receive acknowledgment within 48 hours. We will investigate, provide a fix timeline, keep you informed throughout, and credit you upon resolution (unless you prefer anonymity).
 
 ## Scope
 
@@ -33,4 +25,4 @@ Using this tool against systems without explicit permission is potentially illeg
 
 ## Thank You
 
-Security researchers and responsible disclosure are vital to maintaining secure software. We appreciate your efforts to disclose vulnerabilities responsibly. 
+Security researchers and responsible disclosure are vital to maintaining secure software. We appreciate your efforts to disclose vulnerabilities responsibly.

internal/output/writer.go

@@ -45,6 +45,8 @@ func (w *Writer) Progress(pct float64, processed, total, found int64) {
 
 // ProgressDone writes the final newline on stderr after progress reporting ends.
 func (w *Writer) ProgressDone() {
+	w.mu.Lock()
+	defer w.mu.Unlock()
 	fmt.Fprintln(os.Stderr)
 }
 

main.go

@@ -91,11 +91,15 @@ func main() {
 	force := flag.Bool("force", false, "Continue scanning even if wildcard DNS is detected")
 	flag.Parse()
 
-	// Resolve -attempts / -retries precedence.
-	maxAttempts := resolveAttempts(*attempts, *retries)
+	maxAttempts, err := resolveAttempts(*attempts, *retries)
 
 	out := output.New(nil, *testMode)
 
+	if err != nil {
+		out.Error("%v", err)
+		os.Exit(1)
+	}
+
 	if *testMode {
 		out.Info("")
 		out.Info("╔════════════════════════════════════════════════════════════════════╗")
@@ -325,21 +329,19 @@ done:
 }
 
 // resolveAttempts merges the -attempts and deprecated -retries flags.
-func resolveAttempts(attempts, retries int) int {
+func resolveAttempts(attempts, retries int) (int, error) {
 	attemptsSet := attempts != 0
 	retriesSet := retries != 0
 
 	switch {
 	case attemptsSet && retriesSet:
-		fmt.Fprintln(os.Stderr, "Error: cannot use both -attempts and -retries; use -attempts only")
-		os.Exit(1)
-		return 0
+		return 0, fmt.Errorf("cannot use both -attempts and -retries; use -attempts only")
 	case retriesSet:
 		fmt.Fprintln(os.Stderr, "Warning: -retries is deprecated, use -attempts instead")
-		return retries
+		return retries, nil
 	case attemptsSet:
-		return attempts
+		return attempts, nil
 	default:
-		return 1
+		return 1, nil
 	}
 }

main_test.go

@@ -87,10 +87,20 @@ func TestValidateDomain(t *testing.T) {
 }
 
 func TestResolveAttempts(t *testing.T) {
-	if got := resolveAttempts(0, 0); got != 1 {
-		t.Errorf("default: got %d, want 1", got)
+	got, err := resolveAttempts(0, 0)
+	if err != nil || got != 1 {
+		t.Errorf("default: got %d, err %v; want 1, nil", got, err)
 	}
-	if got := resolveAttempts(5, 0); got != 5 {
-		t.Errorf("-attempts=5: got %d, want 5", got)
+	got, err = resolveAttempts(5, 0)
+	if err != nil || got != 5 {
+		t.Errorf("-attempts=5: got %d, err %v; want 5, nil", got, err)
+	}
+	got, err = resolveAttempts(0, 3)
+	if err != nil || got != 3 {
+		t.Errorf("-retries=3: got %d, err %v; want 3, nil", got, err)
+	}
+	_, err = resolveAttempts(5, 3)
+	if err == nil {
+		t.Error("both set: expected error, got nil")
 	}
 }