Skip to content

v0.1.1

Choose a tag to compare

@github-actions github-actions released this 01 Jul 11:46

Quality, tooling, and documentation hardening. No new features and no behavior
changes (one concurrency bug fixed).

Added

  • CI quality gateslint (golangci-lint v2), gosec, and govulncheck
    jobs, mirrored locally by make ci. gosec runs through the setup-go
    toolchain so CI matches local exactly.
  • Cyclomatic-complexity gategocyclo (min-complexity 15) added to the
    lint config; every function is now ≤15 (Go Report Card A+).
  • CodeQL advanced setup — a workflow + config carrying a query-filter for the
    intentional, opt-in --insecure host-key path.
  • Coverage toolingmake cover / make cover-html; a Coverage workflow
    publishing a self-hosted shields badge (no external service); and a CI coverage
    report with a 50% regression floor and a sticky per-package PR comment.
  • RELEASING.md — maintainer guide for cutting a release.

Changed

  • Reduced every function above cyclomatic complexity 15 to ≤15 via dispatch
    tables and helper extraction, with no change in behavior.
  • Standardized tests — external black-box packages, table-driven, positive-then-
    error ordering — and raised total coverage from 35.6% to 66.9%.
  • Relaxed the go.mod directive to go 1.26 (minor granularity).

Fixed

  • License detection — replaced LICENSE with the canonical Apache-2.0 text
    so pkg.go.dev reports Apache-2.0 instead of "UNKNOWN".
  • SSH client data racesshx.Client.Close reassigned the done channel
    while the keepalive goroutine read it; Close now closes the channel once via
    sync.Once and never reassigns it, so it is race-free and idempotent.

Security

  • Added audited //#nosec directives for the intentional paths: G106
    (--insecure opt-in), G304 (reads from kay's own key/config store), and G306
    (world-readable .pub).