Merged
Conversation
- Update the `fetch-depth` value to `0` in the workflow for `go.yml` - Update the `golangci/golangci-lint-action` version from `v3` to `v4` in the workflow for `go.yml` - Change the step name from `Checkout` to `Checkout repository` in the workflow for `goreleaser.yml` - Update the `actions/setup-go` version to `v5` in the workflow for `goreleaser.yml` - Modify the `args` value to `release --clean` in the workflow for `goreleaser.yml` Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update the version of `github.com/stretchr/testify` from `v1.8.4` to `v1.9.0` - Update the version of `github.com/bytedance/sonic` from `v1.11.2` to `v1.11.3` - Update the version of `github.com/pelletier/go-toml/v2` from `v2.1.1` to `v2.2.0` Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Change the changelog generation from `git` to `github` - Add changelog groups for "Refactor", "Build process updates", and "Documentation updates" - Remove changelog filters that exclude commits with messages starting with "docs", containing "CICD", or "typo" Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update `github.com/bytedance/sonic` to version `1.11.6` - Add `github.com/bytedance/sonic/loader` version `0.1.1` - Replace `github.com/chenzhuoyu/base64x` with `github.com/cloudwego/base64x` version `0.1.4` - Replace `github.com/chenzhuoyu/iasm` with `github.com/cloudwego/iasm` version `0.2.0` - Update `github.com/go-playground/validator/v10` to version `10.20.0` - Update `github.com/pelletier/go-toml/v2` to version `2.2.1` - Update `golang.org/x/crypto` to version `0.22.0` - Update `golang.org/x/net` to version `0.24.0` - Update `golang.org/x/sys` to version `0.19.0` - Update `google.golang.org/protobuf` to version `1.34.0` Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update the golangci-lint action version from `v4` to `v5` in the GitHub workflow for Go. Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Remove the `project_name` setting from the `.goreleaser.yaml` configuration file Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update the golangci-lint-action version from `v5` to `v6` in the GitHub Actions workflow - Remove macOS-latest job configuration from the GitHub Actions workflow Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Expand test matrix in GitHub Actions to include macOS alongside Ubuntu - Add caching for Go build files on macOS runner Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update GoReleaser action from version 5 to version 6 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update `github.com/gin-gonic/gin` to v1.10.0 - Update `github.com/bytedance/sonic` to v1.11.8 - Update `github.com/gabriel-vasile/mimetype` to v1.4.4 - Update `github.com/go-playground/validator/v10` to v10.22.0 - Update `github.com/goccy/go-json` to v0.10.3 - Update `github.com/klauspost/cpuid/v2` to v2.2.8 - Update `github.com/pelletier/go-toml/v2` to v2.2.2 - Update `golang.org/x/arch` to v0.8.0 - Update `golang.org/x/crypto` to v0.24.0 - Update `golang.org/x/net` to v0.26.0 - Update `golang.org/x/sys` to v0.21.0 - Update `golang.org/x/text` to v0.16.0 - Update `google.golang.org/protobuf` to v1.34.2 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update the Go versions in the workflow from 1.18 and 1.19 to only include 1.20, 1.21, 1.22, and 1.23 - Change the Go version in the go.mod file from 1.18 to 1.20 Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Remove support for Go 1.20 in GitHub Actions workflow - Update Go version in go.mod to 1.21.0 - Update indirect dependencies in go.mod to newer versions Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update `github.com/bytedance/sonic` to `v1.12.6` - Update `github.com/bytedance/sonic/loader` to `v0.2.1` - Update `github.com/gabriel-vasile/mimetype` to `v1.4.7` - Update `github.com/go-playground/validator/v10` to `v10.23.0` - Update `github.com/goccy/go-json` to `v0.10.4` - Update `github.com/klauspost/cpuid/v2` to `v2.2.9` - Update `golang.org/x/arch` to `v0.12.0` - Update `golang.org/x/crypto` to `v0.31.0` - Update `golang.org/x/net` to `v0.33.0` - Update `golang.org/x/sys` to `v0.28.0` - Update `golang.org/x/text` to `v0.21.0` - Update `google.golang.org/protobuf` to `v1.36.1` Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Add a GitHub Actions workflow for Bearer PR Check - Configure the workflow to trigger on pull request events [opened, synchronize, reopened] - Set permissions for contents to read and pull-requests to write - Define a job named `rule_check` that runs on `ubuntu-latest` - Include steps to checkout the repository, set up reviewdog, run Bearer report, and execute reviewdog Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Add Go 1.24 to the list of Go versions in the GitHub Actions workflow Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
…159) * Allow regexp on AllowOrigins * Regexp AllowOrigins requires slashes at start and end * Merge branch 'gin-contrib/master' into feature/regexp-origin-match # Conflicts: # config.go # cors.go * Optimization * Add regexp origin tests * Fix regexp allowed origin schema check * refactor: refactor regular expression handling in schema validation - Define a new `regexpBasedOrigin` variable for compiling the regular expression - Replace inline regular expression compilation with the `regexpBasedOrigin` variable in `validateAllowedSchemas` function Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> * refactor: simplify origin validation with precompiled regex - Define `originRegex` as a precompiled regular expression - Simplify origin validation logic using `originRegex` - Remove redundant regular expression compilation and matching logic Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> * refactor: refactor codebase for improved readability and maintainability - Remove `exportloopref` linter from `.golangci.yml` - Update regex pattern in `config.go` to use backticks instead of double quotes - Refactor `validateOrigin` function for better readability by splitting a long line into two lines Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> --------- Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com> Co-authored-by: arizz96 <arizz96@gmail.com>
- Remove support for Go versions 1.21 and 1.22 in GitHub Actions workflow - Update Go version in go.mod from 1.21.0 to 1.23.0 - Update indirect dependencies in go.mod to newer versions Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update golangci-lint-action to version 7 in GitHub workflow - Change golangci-lint configuration version to 2 - Modify linter settings to use 'default: none' instead of 'enable-all: false' and 'disable-all: true' - Remove several linters (gofmt, goimports, gosimple, stylecheck, typecheck) from the enabled list - Add linter exclusions for generated, common-false-positives, legacy, and std-error-handling - Add file path exclusions for third_party, builtin, and examples directories - Enable gofmt and goimports formatters - Remove 'run' section with its timeout setting Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update `github.com/stretchr/testify` from v1.9.0 to v1.10.0 - Update `github.com/bytedance/sonic` from v1.12.6 to v1.13.2 - Update `github.com/bytedance/sonic/loader` from v0.2.1 to v0.2.4 - Update `github.com/cloudwego/base64x` from v0.1.4 to v0.1.5 - Update `github.com/gabriel-vasile/mimetype` from v1.4.7 to v1.4.8 - Update `github.com/gin-contrib/sse` from v0.1.0 to v1.0.0 - Update `github.com/go-playground/validator/v10` from v10.23.0 to v10.26.0 - Update `github.com/goccy/go-json` from v0.10.4 to v0.10.5 - Update `github.com/klauspost/cpuid/v2` from v2.2.9 to v2.2.10 - Update `golang.org/x/arch` from v0.12.0 to v0.15.0 - Update `golang.org/x/net` from v0.37.0 to v0.38.0 - Update `google.golang.org/protobuf` from v1.36.1 to v1.36.6 Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update Codecov action from v4 to v5 Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update several dependencies to newer versions, including gin-gonic/gin, bytedance/sonic, gabriel-vasile/mimetype, gin-contrib/sse, pelletier/go-toml/v2, ugorji/go/codec, and various golang.org/x packages Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update golangci-lint GitHub Action to use version v8 instead of v7 Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Bump github.com/ugorji/go/codec to version 1.3.0 Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Rewrite and expand the README for clarity, organization, and completeness - Add a detailed table of contents and new sections for installation, quick start, advanced usage, and important notes - Provide clearer code examples for default and custom configuration scenarios - Clarify the distinction between Default and DefaultConfig, including implications for credentialed requests - Emphasize key warnings about enabling all origins and cookie usage Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Replace golangci-lint arguments with an explicit version specification Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Add detailed "Configuration Reference" section documenting all config fields, types, defaults, and their usage - Introduce notes and examples on advanced configuration, including wildcard origins and custom validation functions - Provide helper method references and usage examples for dynamically modifying allowed methods, headers, and exposed headers - Add section explaining config validation rules and error handling for common misconfigurations Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Revamp and expand the README structure, including new Overview, Table of Contents, and Examples sections - Improve clarity and consistency in section titles, phrasing, and warnings - Refine configuration documentation: simplify and clarify table descriptions, defaults, and constraints - Reorganize and enhance code examples for better readability and usability - Remove redundant or overly verbose comments, streamlining instructions and guidance throughout Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Move the Overview section to a later position in the README while retaining its content - Remove the explicit Table of Contents section and rely on the markdown-generated navigation - Simplify the document by consolidating introductory content Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Refactor a large test function for CORS "AllowOrigins" logic into multiple, focused test cases - Add new tests to separately cover missing origin, origin matching host, allowed origins, denied origins, allowed preflight, and denied preflight scenarios - Improve test clarity and maintainability by splitting distinct origin handling behaviors into individual functions Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Refactor tests to use table-driven style, reducing repetition and increasing maintainability - Consolidate similar assertion patterns into loops and test tables for better scalability - Replace multiple standalone test cases with grouped, parameterized subtests - Simplify router handler definitions to single-line functions - Update assertions to use the expected, actual parameter order for clarity - Replace repeated origin validation checks with comprehensive test sets using maps of origins to expected results - Refactor control flow using switch statements for clarity in testing multi-group router logic - Minor code cleanup, such as variable renaming and removing redundant comments Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Add a vulnerability scanning job using Trivy to the workflow - Configure the scanner to check for critical and high severity issues and output results in SARIF format Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Add Go 1.25 to the CI matrix so workflows run against versions 1.23, 1.24, and 1.25 Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Remove vulnerability scanning job from the Go workflow - Add a dedicated Trivy security scan workflow with scheduled, push, and pull request triggers - Display Trivy Security Scan badge in the README Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Add a GitHub Action workflow for automated security scanning using Trivy on codebase - Configure workflow to trigger on pushes, pull requests, scheduled runs, and manual dispatch - Upload scan results in SARIF format to GitHub Security tab - Include a scan step with table output for logs and CI visibility Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update Go version requirement to 1.24.0 - Upgrade direct dependencies gin-gonic/gin and testify to newer versions - Upgrade various indirect dependencies to newer versions - Add new indirect dependencies including go-yaml, kr/text, quic-go, qpack, and uber/mock - Remove indirect dependencies that are no longer required Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Update golangci-lint GitHub Action from v8 to v9 - Remove Go 1.23 from test matrix Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Remove the Bearer PR Check workflow - Update actions/checkout and setup-go to latest major versions across all workflows - Update CodeQL and SARIF upload actions to latest major versions - Consolidate and improve Trivy security scanning workflow, including medium severity and extra scan steps - Remove redundant Trivy scan workflow Signed-off-by: appleboy <appleboy.tw@gmail.com>
🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Rename the Trivy workflow file for improved clarity Signed-off-by: appleboy <appleboy.tw@gmail.com>
chore(deps): bump github/codeql-action from 3 to 4 chore(deps): bump actions/setup-go from 5 to 6 chore(deps): bump golangci/golangci-lint-action from 7 to 9 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
Fix CVE-2025-59530 vulnerability (quic-go Crash Due to Premature HANDSHAKE_DONE Frame) 🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
🤖 Generated with [Claude Code](https://claude.com/claude-code) Co-Authored-By: Claude <noreply@anthropic.com>
- Add constants for repeated test origin URLs (goconst) - Break long lines to comply with 120 char limit (lll) 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Update workflow filename from trivy.yml to trivy-scan.yml to match actual workflow file. Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
Upgrade aquasecurity/trivy-action to address security vulnerabilities in the previous version. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
Upgrade github.com/gin-gonic/gin from v1.11.0 to v1.12.0 and update GitHub Actions test matrix to only support Go 1.25 and 1.26. Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
- Upgrade goreleaser-action to v7 in goreleaser workflow Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.