diff --git a/.devcontainer.json b/.devcontainer.json index 95eaf29..31cc2b6 100644 --- a/.devcontainer.json +++ b/.devcontainer.json @@ -1,39 +1,39 @@ { - "name": "go-tx-map dev container", - "image": "mcr.microsoft.com/devcontainers/go:0-1.24-bullseye", - "features": { - "ghcr.io/devcontainers/features/github-cli:1": {}, - "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {} - }, - "mounts": [ - "type=cache,target=/home/vscode/.cache/go-build", - "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock" - ], - "runArgs": [ - "--cap-drop=ALL", - "--security-opt", - "no-new-privileges:true" - ], - "postCreateCommand": "make lint && go vet ./... && go test ./...", - "customizations": { - "vscode": { - "settings": { - "go.useLanguageServer": true, - "go.lintTool": "golangci-lint", - "go.toolsEnvVars": { - "GOFLAGS": "-buildvcs=false" - }, - "editor.formatOnSave": true, - "editor.codeActionsOnSave": { - "source.organizeImports": true - } - }, - "extensions": [ - "golang.Go", - "github.vscode-github-actions", - "eamodio.gitlens" - ] - } - }, - "remoteUser": "vscode" + "customizations": { + "vscode": { + "extensions": [ + "golang.Go", + "github.vscode-github-actions", + "eamodio.gitlens" + ], + "settings": { + "editor.codeActionsOnSave": { + "source.organizeImports": true + }, + "editor.formatOnSave": true, + "go.lintTool": "golangci-lint", + "go.toolsEnvVars": { + "GOFLAGS": "-buildvcs=false" + }, + "go.useLanguageServer": true + } + } + }, + "features": { + "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {}, + "ghcr.io/devcontainers/features/github-cli:1": {} + }, + "image": "mcr.microsoft.com/devcontainers/go:0-1.24-bullseye", + "mounts": [ + "type=cache,target=/home/vscode/.cache/go-build", + "type=bind,source=/var/run/docker.sock,target=/var/run/docker.sock" + ], + "name": "go-tx-map dev container", + "postCreateCommand": "make lint && go vet ./... && go test ./...", + "remoteUser": "vscode", + "runArgs": [ + "--cap-drop=ALL", + "--security-opt", + "no-new-privileges:true" + ] } diff --git a/.github/.prettierrc.yml b/.github/.prettierrc.yml index 044bda1..9164aaf 100644 --- a/.github/.prettierrc.yml +++ b/.github/.prettierrc.yml @@ -7,30 +7,22 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - # Print width (line length limit) printWidth: 80 - # Indentation tabWidth: 2 useTabs: false - # Quotes singleQuote: false # Use double quotes for consistency - # Brackets and spacing (applies to JS/JSON objects, not YAML arrays) bracketSpacing: false # Keep consistent with YAML array formatting bracketSameLine: false - # Array and object formatting trailingComma: "none" # No trailing commas in YAML - # Line endings (should match .editorconfig) endOfLine: "lf" - # Prose formatting (for Markdown in YAML) proseWrap: "preserve" - # YAML-specific settings overrides: - files: "*.{yml,yaml}" diff --git a/.github/FUNDING.yml b/.github/FUNDING.yml index 2a96e9c..26b09fb 100644 --- a/.github/FUNDING.yml +++ b/.github/FUNDING.yml @@ -1,3 +1,2 @@ # These are supported funding model platforms - github: bsv-blockchain diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml index d5474c2..7187e77 100644 --- a/.github/ISSUE_TEMPLATE/bug_report.yml +++ b/.github/ISSUE_TEMPLATE/bug_report.yml @@ -13,7 +13,6 @@ body: placeholder: The custom function strips the plus sign from numbers... validations: required: true - - type: textarea id: reproduction_steps attributes: @@ -24,7 +23,6 @@ body: 2. Observe that the result is "input" (missing 'symbol') validations: required: true - - type: textarea id: expected_behavior attributes: @@ -33,7 +31,6 @@ body: placeholder: I expected the result to be "symbol+input" since the plus sign is allowed. validations: required: true - - type: textarea id: environment attributes: @@ -45,7 +42,6 @@ body: - Library version/commit: v1.3.4 or commit 88aef9c validations: required: false - - type: textarea id: additional_context attributes: diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml index 6136c01..5d2103f 100644 --- a/.github/ISSUE_TEMPLATE/feature_request.yml +++ b/.github/ISSUE_TEMPLATE/feature_request.yml @@ -13,7 +13,6 @@ body: placeholder: I'm always frustrated when I try to use X and it doesn't support Y... validations: required: true - - type: textarea id: solution attributes: @@ -22,7 +21,6 @@ body: placeholder: Add support for this custom function to custom map... validations: required: true - - type: textarea id: alternatives attributes: @@ -31,7 +29,6 @@ body: placeholder: I also considered doing this through a wrapper or middleware... validations: required: false - - type: textarea id: context attributes: diff --git a/.github/ISSUE_TEMPLATE/question.yml b/.github/ISSUE_TEMPLATE/question.yml index 7f6bd1d..6c7af3b 100644 --- a/.github/ISSUE_TEMPLATE/question.yml +++ b/.github/ISSUE_TEMPLATE/question.yml @@ -13,7 +13,6 @@ body: placeholder: I'm wondering about the behavior of the package.XYZ function when... validations: required: true - - type: textarea id: additional_context attributes: diff --git a/.github/actions/load-env/action.yml b/.github/actions/load-env/action.yml index f9ac9f0..057604f 100644 --- a/.github/actions/load-env/action.yml +++ b/.github/actions/load-env/action.yml @@ -14,10 +14,8 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: "Load Environment Variables" description: "Loads environment variables from .github/.env.shared and outputs as JSON" - outputs: env-json: description: "JSON object containing all environment variables" @@ -25,7 +23,6 @@ outputs: primary-runner: description: "Primary runner OS extracted from environment variables" value: ${{ steps.load-env.outputs.primary-runner }} - runs: using: "composite" steps: diff --git a/.github/actions/warm-cache/action.yml b/.github/actions/warm-cache/action.yml index 2ffb69e..d077dc0 100644 --- a/.github/actions/warm-cache/action.yml +++ b/.github/actions/warm-cache/action.yml @@ -7,10 +7,8 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: "Warm Go Caches" description: "Warm Go module and build caches for the specified Go version and OS" - inputs: go-version: description: "Go version to use" @@ -31,7 +29,6 @@ inputs: go-secondary-version: description: "Secondary Go version for comparison" required: true - runs: using: "composite" steps: @@ -40,7 +37,6 @@ runs: # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 - # ———————————————————————————————————————————————————————————————— # Set environment variables # ———————————————————————————————————————————————————————————————— @@ -53,7 +49,6 @@ runs: echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV echo "GOLANGCI_LINT_CACHE=$HOME/.cache/golangci-lint" >> $GITHUB_ENV echo "✅ Cache Environment variables set successfully" - # ──────────────────────────────────────────────────────────────────────────── # Restore the *shared* module cache (pkg/mod) # ──────────────────────────────────────────────────────────────────────────── @@ -66,7 +61,6 @@ runs: key: ${{ inputs.matrix-os }}-gomod-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.matrix-os }}-gomod- - # ———————————————————————————————————————————————————————————————— # Check go.mod required version before setting up Go # ———————————————————————————————————————————————————————————————— @@ -100,7 +94,6 @@ runs: fi fi fi - # ———————————————————————————————————————————————————————————————— # Determine Go Toolchain Mode and set up Go # ———————————————————————————————————————————————————————————————— @@ -120,14 +113,12 @@ runs: else echo "Not setting GOTOOLCHAIN (using default)" fi - - name: 🏗️ Set up Go id: setup-go uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0 with: go-version: ${{ inputs.go-version }} cache: false # we handle caches ourselves - # ──────────────────────────────────────────────────────────────────────────── # Restore the build cache & test cache # ──────────────────────────────────────────────────────────────────────────── @@ -142,7 +133,6 @@ runs: key: ${{ inputs.matrix-os }}-gobuild-${{ inputs.go-version }}-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.matrix-os }}-gobuild-${{ inputs.go-version }}- - # ———————————————————————————————————————————————————————————————— # Ensure go.sum exists and download modules # ———————————————————————————————————————————————————————————————— @@ -157,7 +147,6 @@ runs: else echo "✅ go.sum already exists" fi - # ──────────────────────────────────────────────────────────────────────────── # Warm the caches only when we had a miss # ──────────────────────────────────────────────────────────────────────────── @@ -176,7 +165,6 @@ runs: make install-stdlib echo "✅ Cache warmed for Go ${{ inputs.go-version }}" - # ──────────────────────────────────────────────────────────────────────────── # Save the build cache we just created # ──────────────────────────────────────────────────────────────────────────── @@ -189,7 +177,6 @@ runs: ~/.cache/go-build/test # This is the first key, which does NOT have test cache, this will be used as a fail-over key: ${{ inputs.matrix-os }}-gobuild-${{ inputs.go-version }}-${{ hashFiles('**/go.sum') }} - # ———————————————————————————————————————————————————————————————— # Track cache performance (no outputs - use artifacts instead) # ———————————————————————————————————————————————————————————————— @@ -214,7 +201,6 @@ runs: echo "📊 Cache statistics:" jq . "$STATS_FILE" - # ———————————————————————————————————————————————————————————————— # Upload cache statistics # ———————————————————————————————————————————————————————————————— diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 4ff2830..047bd3f 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -22,9 +22,7 @@ # • PR limit = 10 to avoid queue flooding. # • All dependency PRs require passing CI + CODEOWNERS review. # ──────────────────────────────────────────────────────────────── - version: 2 - updates: # ────────────────────────────────────────────────────────────── # 1. Go Modules (go.mod / go.sum) @@ -54,7 +52,6 @@ updates: commit-message: prefix: "chore" include: "scope" - # ────────────────────────────────────────────────────────────── # 2. GitHub Actions Workflows # ────────────────────────────────────────────────────────────── @@ -77,7 +74,6 @@ updates: commit-message: prefix: "chore" include: "scope" - # ────────────────────────────────────────────────────────────── # 3. DevContainer (devcontainer.json : base image + features) # ────────────────────────────────────────────────────────────── diff --git a/.github/workflows/auto-merge-on-approval.yml b/.github/workflows/auto-merge-on-approval.yml index 9d87f69..017d444 100644 --- a/.github/workflows/auto-merge-on-approval.yml +++ b/.github/workflows/auto-merge-on-approval.yml @@ -22,9 +22,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: Auto-merge on Approval - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— @@ -33,26 +31,22 @@ on: types: [submitted] pull_request: types: [ready_for_review, review_request_removed] - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read pull-requests: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true - # ———————————————————————————————————————————————————————————————— # Environment Variables # ———————————————————————————————————————————————————————————————— # Note: Configuration variables are loaded from .github/.env.shared - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables from .env.shared @@ -72,14 +66,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ---------------------------------------------------------------------------------- # Process Auto-merge # ---------------------------------------------------------------------------------- @@ -93,7 +85,6 @@ jobs: outputs: action-taken: ${{ steps.process.outputs.action }} pr-number: ${{ github.event.pull_request.number }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -163,7 +154,6 @@ jobs: else echo " 🔑 Token: Default GITHUB_TOKEN" fi - # ———————————————————————————————————————————————————————————————— # Process the PR for auto-merge # ———————————————————————————————————————————————————————————————— @@ -406,7 +396,6 @@ jobs: core.setOutput('action', 'failed'); throw error; } - # ---------------------------------------------------------------------------------- # Generate Workflow Summary Report # ---------------------------------------------------------------------------------- @@ -490,7 +479,6 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY echo "---" >> $GITHUB_STEP_SUMMARY echo "🤖 _Automated by GitHub Actions_" >> $GITHUB_STEP_SUMMARY - # ———————————————————————————————————————————————————————————————— # Report final workflow status # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 8b289ca..3a89ace 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -4,7 +4,6 @@ # You may wish to alter this file to override the set of languages analyzed, # or to provide custom queries or build logic. name: "CodeQL" - on: push: branches: [master] @@ -13,24 +12,19 @@ on: branches: [master] schedule: - cron: "0 8 * * 1" # Every Monday at 08:00 UTC - concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true - permissions: contents: read - jobs: analyze: name: Analyze runs-on: ubuntu-latest - permissions: actions: read contents: read security-events: write # Required for CodeQL to upload results - strategy: fail-fast: false matrix: @@ -39,7 +33,6 @@ jobs: language: ["go"] # Learn more... # https://docs.github.com/en/github/finding-security-vulnerabilities-and-errors-in-your-code/configuring-code-scanning#overriding-automatic-language-detection - steps: - name: Checkout repository uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 @@ -47,12 +40,10 @@ jobs: # We must fetch at least the immediate parents so that if this is # a pull request, then we can check out the head. fetch-depth: 2 - # If this run was triggered by a pull request event, then checkout # the head of the pull request instead of the merge commit. - run: git checkout HEAD^2 if: ${{ github.event_name == 'pull_request' }} - # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 @@ -62,15 +53,10 @@ jobs: # By default, queries listed here will override any specified in a config file. # Prefix the list here with "+" to use these queries and those in the config file. # queries: ./path/to/local/query, your-org/your-repo/queries@main - # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild uses: github/codeql-action/autobuild@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 - - # ℹ️ Command-line programs to run using the OS shell. - # 📚 https://git.io/JvXDl - # ✏️ If the Autobuild fails above, remove it and uncomment the following three lines # and modify them (or add more) to build your code if your project # uses a compiled language @@ -78,6 +64,8 @@ jobs: # - run: | # make bootstrap # make release - - name: Perform CodeQL Analysis + # ℹ️ Command-line programs to run using the OS shell. + # 📚 https://git.io/JvXDl + uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 diff --git a/.github/workflows/dependabot-auto-merge.yml b/.github/workflows/dependabot-auto-merge.yml index 61fbe25..d92febe 100644 --- a/.github/workflows/dependabot-auto-merge.yml +++ b/.github/workflows/dependabot-auto-merge.yml @@ -20,35 +20,29 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: Dependabot Auto-merge - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— on: pull_request: types: [opened, synchronize, reopened, ready_for_review] - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read pull-requests: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true - # ———————————————————————————————————————————————————————————————— # Environment Variables # ———————————————————————————————————————————————————————————————— # Note: Configuration variables are loaded from .github/.env.shared - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables from .env.shared @@ -70,14 +64,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ---------------------------------------------------------------------------------- # Process Dependabot PR # ---------------------------------------------------------------------------------- @@ -94,7 +86,6 @@ jobs: update-type: ${{ steps.metadata.outputs.update-type }} dependency-type: ${{ steps.metadata.outputs.dependency-type }} action-taken: ${{ steps.determine-action.outputs.action }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -152,7 +143,6 @@ jobs: else echo " 🔑 Token: Default GITHUB_TOKEN" fi - # ———————————————————————————————————————————————————————————————— # Get official Dependabot metadata # ———————————————————————————————————————————————————————————————— @@ -161,7 +151,6 @@ jobs: uses: dependabot/fetch-metadata@08eff52bf64351f401fb50d4972fa95b9f2c2d1b # v2.4.0 with: github-token: ${{ secrets.GITHUB_TOKEN }} - # ———————————————————————————————————————————————————————————————— # Log dependency information # ———————————————————————————————————————————————————————————————— @@ -175,7 +164,6 @@ jobs: echo "🌐 Package ecosystem: ${{ steps.metadata.outputs.package-ecosystem }}" echo "⬆️ Version: ${{ steps.metadata.outputs.previous-version }} → ${{ steps.metadata.outputs.new-version }}" echo "════════════════════════════════════════════════════════════════" - # ———————————————————————————————————————————————————————————————— # Check if this is a security update # ———————————————————————————————————————————————————————————————— @@ -198,7 +186,6 @@ jobs: echo "is_security=false" >> $GITHUB_OUTPUT echo "ℹ️ Not a security update" fi - # ———————————————————————————————————————————————————————————————— # Determine action based on configuration and update type # ———————————————————————————————————————————————————————————————— @@ -255,7 +242,6 @@ jobs: echo "action=$ACTION" >> $GITHUB_OUTPUT echo "✅ Determined action: $ACTION" - # ———————————————————————————————————————————————————————————————— # Handle major version alerts # ———————————————————————————————————————————————————————————————— @@ -323,7 +309,6 @@ jobs: } else { console.log('Major version alert already exists, skipping duplicate comment'); } - # ———————————————————————————————————————————————————————————————— # Handle minor production dependency alerts # ———————————————————————————————————————————————————————————————— @@ -375,7 +360,6 @@ jobs: body: commentBody }); } - # ———————————————————————————————————————————————————————————————— # Auto-merge approved updates # ———————————————————————————————————————————————————————————————— @@ -419,7 +403,6 @@ jobs: env: PR_URL: ${{ github.event.pull_request.html_url }} GH_TOKEN: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} - # ———————————————————————————————————————————————————————————————— # Add tracking labels # ———————————————————————————————————————————————————————————————— @@ -472,7 +455,6 @@ jobs: }); console.log(`Added labels: ${labels.join(', ')}`); } - # ---------------------------------------------------------------------------------- # Generate Workflow Summary Report # ---------------------------------------------------------------------------------- @@ -563,7 +545,6 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY echo "---" >> $GITHUB_STEP_SUMMARY echo "🤖 _Automated by GitHub Actions_" >> $GITHUB_STEP_SUMMARY - # ———————————————————————————————————————————————————————————————— # Report final workflow status # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress-benchmarks.yml b/.github/workflows/fortress-benchmarks.yml index 58c8daf..9e487d5 100644 --- a/.github/workflows/fortress-benchmarks.yml +++ b/.github/workflows/fortress-benchmarks.yml @@ -7,9 +7,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Benchmark Suite) - on: workflow_call: inputs: @@ -37,10 +35,8 @@ on: github-token: description: "GitHub token for API access" required: true - permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Benchmark Matrix for Go (Parallel) @@ -52,7 +48,6 @@ jobs: fail-fast: false # Continue running other benchmarks if one fails matrix: ${{ fromJSON(inputs.benchmark-matrix) }} runs-on: ${{ matrix.os }} - steps: # ———————————————————————————————————————————————————————————————— # Parse environment variables @@ -65,19 +60,16 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code and set up Go environment # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: 🔧 Set Go cache paths (cross-platform) run: | echo "🔧 Setting up Go cache paths..." echo "GOCACHE=$HOME/.cache/go-build" >> $GITHUB_ENV echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV - # ———————————————————————————————————————————————————————————————— # Restore Go module and build caches # ———————————————————————————————————————————————————————————————— @@ -89,7 +81,6 @@ jobs: key: ${{ matrix.os }}-gomod-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ matrix.os }}-gomod- - # ———————————————————————————————————————————————————————————————— # Restore the build cache # ———————————————————————————————————————————————————————————————— @@ -103,7 +94,6 @@ jobs: key: ${{ matrix.os }}-gobuild-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ matrix.os }}-gobuild-${{ matrix.go-version }}- - # ———————————————————————————————————————————————————————————————— # Check go.mod required version before setting up Go # ———————————————————————————————————————————————————————————————— @@ -137,7 +127,6 @@ jobs: fi fi fi - # ———————————————————————————————————————————————————————————————— # Determine Go Toolchain Mode and set up Go # ———————————————————————————————————————————————————————————————— @@ -156,14 +145,12 @@ jobs: else echo "Not setting GOTOOLCHAIN (using default)" fi - - name: 🏗️ Set up Go id: setup-go-bench uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version: ${{ matrix.go-version }} cache: false # we handle caches ourselves - # ———————————————————————————————————————————————————————————————— # Start benchmark timer # ———————————————————————————————————————————————————————————————— @@ -171,7 +158,6 @@ jobs: id: bench-timer run: | echo "bench-start=$(date +%s)" >> $GITHUB_OUTPUT - # ———————————————————————————————————————————————————————————————— # Run benchmarks and capture output # ———————————————————————————————————————————————————————————————— @@ -198,90 +184,13 @@ jobs: # Save status for later echo "bench_status=$BENCH_STATUS" >> $GITHUB_OUTPUT - # ———————————————————————————————————————————————————————————————— # Parse benchmark results and create statistics # ———————————————————————————————————————————————————————————————— - name: 📊 Parse benchmark statistics id: bench-summary if: always() - run: | - BENCH_END=$(date +%s) - BENCH_DURATION=$((BENCH_END - ${{ steps.bench-timer.outputs.bench-start }})) - - # Count benchmarks - BENCHMARK_COUNT=$(find . -type f -name '*_test.go' \ - -not -path './vendor/*' \ - -not -path './third_party/*' \ - -exec grep -h '^func Benchmark' {} + | wc -l) - - # Parse benchmark results - BENCH_OUTPUT_FILE="benchmark-results-${{ matrix.os }}-${{ matrix.go-version }}.txt" - STATS_FILE="benchmark-stats-${{ matrix.os }}-${{ matrix.go-version }}.json" - - # Create a pretty summary of benchmark results - BENCH_SUMMARY="" - if [ -f "$BENCH_OUTPUT_FILE" ]; then - # Step 1: Extract benchmark result lines using a more specific pattern - # Expected format: BenchmarkName-N iterations ns/op [B/op] [allocs/op] - # Example: BenchmarkMyFunc-8 1000000 1234.5 ns/op 56 B/op 2 allocs/op - - # Primary pattern: Match benchmark name with dash-number, iterations, and ns/op - BENCH_LINES=$(grep -E '^Benchmark[A-Za-z0-9_-]+-[0-9]+\s+[0-9]+\s+[0-9.]+ ns/op' "$BENCH_OUTPUT_FILE" || true) - - if [ -n "$BENCH_LINES" ]; then - BENCH_SUMMARY=$(echo "$BENCH_LINES" | while read -r line; do - # Step 2: Parse each component of the benchmark line - - # Extract benchmark name (remove the -N suffix where N is the GOMAXPROCS) - BENCH_NAME=$(echo "$line" | awk '{print $1}' | sed 's/-[0-9]*$//') - - # Extract iteration count (second field) - ITERATIONS=$(echo "$line" | awk '{print $2}') - - # Extract nanoseconds per operation (third field) - NS_PER_OP=$(echo "$line" | awk '{print $3}') - - # Step 3: Extract optional memory metrics using targeted grep - # Look for "X B/op" pattern (bytes per operation) - B_PER_OP=$(echo "$line" | grep -oE '[0-9.]+ B/op' | awk '{print $1}' || echo "N/A") - - # Look for "X allocs/op" pattern (allocations per operation) - ALLOCS_PER_OP=$(echo "$line" | grep -oE '[0-9.]+ allocs/op' | awk '{print $1}' || echo "N/A") - - # Step 4: Format the summary line - echo "- **$BENCH_NAME**: $NS_PER_OP ns/op, $B_PER_OP B/op, $ALLOCS_PER_OP allocs/op ($ITERATIONS iterations)" - done) - fi - fi - - # Escape the summary for JSON - BENCH_SUMMARY_JSON=$(echo "$BENCH_SUMMARY" | jq -Rsa .) - - # Create statistics file using jq to safely construct JSON - jq -n \ - --arg name "${{ matrix.name }}" \ - --arg os "${{ matrix.os }}" \ - --arg go_version "${{ matrix.go-version }}" \ - --argjson duration_seconds "$BENCH_DURATION" \ - --argjson benchmark_count "$BENCHMARK_COUNT" \ - --arg status "${{ steps.run-benchmarks.outputs.bench_status }}" \ - --arg timestamp "$(date -u +%Y-%m-%dT%H:%M:%SZ)" \ - --argjson benchmark_summary "$BENCH_SUMMARY_JSON" \ - '{ - "name": $name, - "os": $os, - "go_version": $go_version, - "duration_seconds": $duration_seconds, - "benchmark_count": $benchmark_count, - "status": $status, - "timestamp": $timestamp, - "benchmark_summary": $benchmark_summary - }' > "$STATS_FILE" - - echo "📊 Benchmark statistics:" - jq . "$STATS_FILE" - + run: "BENCH_END=$(date +%s)\nBENCH_DURATION=$((BENCH_END - ${{ steps.bench-timer.outputs.bench-start }}))\n\n# Count benchmarks\nBENCHMARK_COUNT=$(find . -type f -name '*_test.go' \\\n -not -path './vendor/*' \\\n -not -path './third_party/*' \\\n -exec grep -h '^func Benchmark' {} + | wc -l)\n\n# Parse benchmark results\nBENCH_OUTPUT_FILE=\"benchmark-results-${{ matrix.os }}-${{ matrix.go-version }}.txt\"\nSTATS_FILE=\"benchmark-stats-${{ matrix.os }}-${{ matrix.go-version }}.json\"\n\n# Create a pretty summary of benchmark results\nBENCH_SUMMARY=\"\"\nif [ -f \"$BENCH_OUTPUT_FILE\" ]; then\n # Step 1: Extract benchmark result lines using a more specific pattern\n # Expected format: BenchmarkName-N iterations ns/op [B/op] [allocs/op]\n # Example: BenchmarkMyFunc-8 1000000 1234.5 ns/op 56 B/op 2 allocs/op\n \n # Primary pattern: Match benchmark name with dash-number, iterations, and ns/op\n BENCH_LINES=$(grep -E '^Benchmark[A-Za-z0-9_-]+-[0-9]+\\s+[0-9]+\\s+[0-9.]+ ns/op' \"$BENCH_OUTPUT_FILE\" || true)\n \n if [ -n \"$BENCH_LINES\" ]; then\n BENCH_SUMMARY=$(echo \"$BENCH_LINES\" | while read -r line; do\n # Step 2: Parse each component of the benchmark line\n \n # Extract benchmark name (remove the -N suffix where N is the GOMAXPROCS)\n BENCH_NAME=$(echo \"$line\" | awk '{print $1}' | sed 's/-[0-9]*$//')\n \n # Extract iteration count (second field)\n ITERATIONS=$(echo \"$line\" | awk '{print $2}')\n \n # Extract nanoseconds per operation (third field)\n NS_PER_OP=$(echo \"$line\" | awk '{print $3}')\n \n # Step 3: Extract optional memory metrics using targeted grep\n # Look for \"X B/op\" pattern (bytes per operation)\n B_PER_OP=$(echo \"$line\" | grep -oE '[0-9.]+ B/op' | awk '{print $1}' || echo \"N/A\")\n \n # Look for \"X allocs/op\" pattern (allocations per operation) \n ALLOCS_PER_OP=$(echo \"$line\" | grep -oE '[0-9.]+ allocs/op' | awk '{print $1}' || echo \"N/A\")\n \n # Step 4: Format the summary line\n echo \"- **$BENCH_NAME**: $NS_PER_OP ns/op, $B_PER_OP B/op, $ALLOCS_PER_OP allocs/op ($ITERATIONS iterations)\"\n done)\n fi\nfi\n\n# Escape the summary for JSON\nBENCH_SUMMARY_JSON=$(echo \"$BENCH_SUMMARY\" | jq -Rsa .)\n\n# Create statistics file using jq to safely construct JSON\njq -n \\\n --arg name \"${{ matrix.name }}\" \\\n --arg os \"${{ matrix.os }}\" \\\n --arg go_version \"${{ matrix.go-version }}\" \\\n --argjson duration_seconds \"$BENCH_DURATION\" \\\n --argjson benchmark_count \"$BENCHMARK_COUNT\" \\\n --arg status \"${{ steps.run-benchmarks.outputs.bench_status }}\" \\\n --arg timestamp \"$(date -u +%Y-%m-%dT%H:%M:%SZ)\" \\\n --argjson benchmark_summary \"$BENCH_SUMMARY_JSON\" \\\n '{\n \"name\": $name,\n \"os\": $os,\n \"go_version\": $go_version,\n \"duration_seconds\": $duration_seconds,\n \"benchmark_count\": $benchmark_count,\n \"status\": $status,\n \"timestamp\": $timestamp,\n \"benchmark_summary\": $benchmark_summary\n }' > \"$STATS_FILE\"\n\necho \"📊 Benchmark statistics:\"\njq . \"$STATS_FILE\"\n" # ———————————————————————————————————————————————————————————————— # Upload benchmark statistics # ———————————————————————————————————————————————————————————————— @@ -292,7 +201,6 @@ jobs: name: benchmark-stats-${{ matrix.os }}-${{ matrix.go-version }} path: benchmark-stats-*.json retention-days: 1 - # ———————————————————————————————————————————————————————————————— # Upload raw benchmark results # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress-code-quality.yml b/.github/workflows/fortress-code-quality.yml index 46b74b4..2c20c91 100644 --- a/.github/workflows/fortress-code-quality.yml +++ b/.github/workflows/fortress-code-quality.yml @@ -7,9 +7,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Code Quality) - on: workflow_call: inputs: @@ -48,10 +46,8 @@ on: github-token: description: "GitHub token for API access" required: true - permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Go Vet (Static Analysis) @@ -72,20 +68,17 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code and set up Go environment # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: 🔧 Set Go cache paths (cross-platform) run: | echo "🔧 Setting up Go cache paths..." echo "GOCACHE=$HOME/.cache/go-build" >> $GITHUB_ENV echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV echo "GOLANGCI_LINT_CACHE=$HOME/.cache/golangci-lint" >> $GITHUB_ENV - # ———————————————————————————————————————————————————————————————— # Restore Go module and build caches # ———————————————————————————————————————————————————————————————— @@ -97,7 +90,6 @@ jobs: key: ${{ inputs.primary-runner }}-gomod-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.primary-runner }}-gomod- - # ———————————————————————————————————————————————————————————————— # # Restore the build cache and test cache # ———————————————————————————————————————————————————————————————— @@ -111,7 +103,6 @@ jobs: key: ${{ inputs.primary-runner }}-gobuild-${{ inputs.go-primary-version }}-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.primary-runner }}-gobuild-${{ inputs.go-primary-version }}- - # ———————————————————————————————————————————————————————————————— # Set up Go environment # ———————————————————————————————————————————————————————————————— @@ -121,7 +112,6 @@ jobs: with: go-version: ${{ inputs.go-primary-version }} cache: false # we handle caches ourselves - # ———————————————————————————————————————————————————————————————— # Run go vet with parallel execution # ———————————————————————————————————————————————————————————————— @@ -130,7 +120,6 @@ jobs: echo "🚀 Running static analysis with go vet (parallel mode)..." make vet-parallel echo "✅ Static analysis completed successfully" - # ———————————————————————————————————————————————————————————————— # Summary of Go vet results # ———————————————————————————————————————————————————————————————— @@ -146,7 +135,6 @@ jobs: echo "| **Result** | ✅ No issues found |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "🎯 **All packages passed static analysis checks.**" >> $GITHUB_STEP_SUMMARY - # ---------------------------------------------------------------------------------- # Lint (Code Linting) # ---------------------------------------------------------------------------------- @@ -168,20 +156,17 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code and set up Go environment # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: 🔧 Set Go cache paths (cross-platform) run: | echo "🔧 Setting up Go cache paths..." echo "GOCACHE=$HOME/.cache/go-build" >> $GITHUB_ENV echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV echo "GOLANGCI_LINT_CACHE=$HOME/.cache/golangci-lint" >> $GITHUB_ENV - # ———————————————————————————————————————————————————————————————— # Extract golangci-lint version from Makefile # ———————————————————————————————————————————————————————————————— @@ -195,7 +180,6 @@ jobs: fi echo "✅ Found golangci-lint version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT - # ———————————————————————————————————————————————————————————————— # Restore Go module and build caches # ———————————————————————————————————————————————————————————————— @@ -207,7 +191,6 @@ jobs: key: ${{ inputs.primary-runner }}-gomod-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.primary-runner }}-gomod- - # ———————————————————————————————————————————————————————————————— # Restore the build cache and test cache # ———————————————————————————————————————————————————————————————— @@ -221,7 +204,6 @@ jobs: key: ${{ inputs.primary-runner }}-gobuild-${{ inputs.go-primary-version }}-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.primary-runner }}-gobuild-${{ inputs.go-primary-version }}- - # ———————————————————————————————————————————————————————————————— # Set up Go environment # ———————————————————————————————————————————————————————————————— @@ -231,7 +213,6 @@ jobs: with: go-version: ${{ inputs.go-primary-version }} cache: false - # ———————————————————————————————————————————————————————————————— # Restore Cache golangci-lint # ———————————————————————————————————————————————————————————————— @@ -244,14 +225,12 @@ jobs: restore-keys: | ${{ inputs.primary-runner }}-golangci-lint-analysis-${{ hashFiles('.golangci.json', '**/go.sum') }} ${{ inputs.primary-runner }}-golangci-lint-analysis- - - name: 🔍 Debug cache usage run: | echo "🔍 Module cache size: $(du -sh $GOMODCACHE 2>/dev/null | cut -f1 || echo 'N/A')" echo "🔍 Build cache size: $(du -sh $GOCACHE 2>/dev/null | cut -f1 || echo 'N/A')" echo "🔍 Lint cache size: $(du -sh $GOLANGCI_LINT_CACHE 2>/dev/null | cut -f1 || echo 'N/A')" echo "🔍 Checking if vendor directory exists: $(ls -la | grep vendor || echo 'No vendor directory')" - # ———————————————————————————————————————————————————————————————— # Run golangci-lint # ———————————————————————————————————————————————————————————————— @@ -271,7 +250,6 @@ jobs: make lint echo "✅ Code linting completed successfully" - # ———————————————————————————————————————————————————————————————— # Summary of golangci-lint results # ———————————————————————————————————————————————————————————————— @@ -287,7 +265,6 @@ jobs: echo "| **Result** | ✅ All checks passed |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "🎯 **Code quality standards met - no linting issues found.**" >> $GITHUB_STEP_SUMMARY - # ---------------------------------------------------------------------------------- # YAML Validation (Linting) # ---------------------------------------------------------------------------------- @@ -309,7 +286,6 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code with full history for proper ignore file handling # ———————————————————————————————————————————————————————————————— @@ -317,7 +293,6 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 # Full history for prettier ignores files - # ———————————————————————————————————————————————————————————————— # Check for required .prettierignore file # ———————————————————————————————————————————————————————————————— @@ -336,7 +311,6 @@ jobs: echo " - .prettierignore (root directory)" exit 1 fi - # ———————————————————————————————————————————————————————————————— # Set up Node.js (no caching since we don't have package.json) # ———————————————————————————————————————————————————————————————— @@ -344,7 +318,6 @@ jobs: uses: actions/setup-node@a0853c24544627f65ddf259abe73b1d18a591444 # v4.0.4 with: node-version: ${{ env.NODE_VERSION }} - # ———————————————————————————————————————————————————————————————— # Create package.json with pinned prettier and install securely # ———————————————————————————————————————————————————————————————— @@ -359,7 +332,6 @@ jobs: } }" > package.json echo "✅ Package.json created" - # ———————————————————————————————————————————————————————————————— # Install Prettier using existing local installation if available # ———————————————————————————————————————————————————————————————— @@ -384,7 +356,6 @@ jobs: echo "📌 Prettier version: $PRETTIER_VERSION" echo "version=$PRETTIER_VERSION" >> $GITHUB_OUTPUT id: prettier-version - # ———————————————————————————————————————————————————————————————— # List YAML files to be checked (for transparency) # ———————————————————————————————————————————————————————————————— @@ -414,7 +385,6 @@ jobs: echo " • Files that would be processed: $PROCESSED_YAML" echo " • Files needing formatting: $CHECKED_YAML" echo " • Files ignored by prettier: $((TOTAL_YAML - PROCESSED_YAML))" - # ———————————————————————————————————————————————————————————————— # Run Prettier in check mode against YAML files # ———————————————————————————————————————————————————————————————— @@ -436,7 +406,6 @@ jobs: fi exit $PRETTIER_EXIT_CODE - # ———————————————————————————————————————————————————————————————— # Show detailed diff when check fails (helpful for debugging) # ———————————————————————————————————————————————————————————————— @@ -491,38 +460,12 @@ jobs: # Exit with failure exit 1 - # ———————————————————————————————————————————————————————————————— # Job Summary # ———————————————————————————————————————————————————————————————— - name: 📊 Job Summary if: success() - run: | - echo "## 📐 YAML Validation Summary" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "| 🔍 Validation Details | ✅ Status |" >> $GITHUB_STEP_SUMMARY - echo "|---|---|" >> $GITHUB_STEP_SUMMARY - echo "| **Tool** | Prettier (EditorConfig-aware) |" >> $GITHUB_STEP_SUMMARY - echo "| **Version** | ${{ steps.prettier-version.outputs.version }} |" >> $GITHUB_STEP_SUMMARY - echo "| **Configuration** | .editorconfig rules |" >> $GITHUB_STEP_SUMMARY - echo "| **Scope** | All .yml and .yaml files |" >> $GITHUB_STEP_SUMMARY - echo "| **Result** | ✅ All files properly formatted |" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "### 📊 File Processing Statistics" >> $GITHUB_STEP_SUMMARY - echo "- **Total YAML files found**: ${{ env.TOTAL_YAML }}" >> $GITHUB_STEP_SUMMARY - echo "- **Files processed by prettier**: ${{ env.PROCESSED_YAML }}" >> $GITHUB_STEP_SUMMARY - echo "- **Files needing formatting**: ${{ env.CHECKED_YAML }}" >> $GITHUB_STEP_SUMMARY - echo "- **Files ignored by prettier**: $((${{ env.TOTAL_YAML }} - ${{ env.PROCESSED_YAML }}))" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "### 📋 EditorConfig YAML Rules Applied" >> $GITHUB_STEP_SUMMARY - echo "- **Indent Style**: Spaces" >> $GITHUB_STEP_SUMMARY - echo "- **Indent Size**: 2" >> $GITHUB_STEP_SUMMARY - echo "- **Line Endings**: LF" >> $GITHUB_STEP_SUMMARY - echo "- **Final Newline**: Required" >> $GITHUB_STEP_SUMMARY - echo "- **Trailing Whitespace**: Trimmed" >> $GITHUB_STEP_SUMMARY - echo "" >> $GITHUB_STEP_SUMMARY - echo "🎯 **All YAML files meet formatting standards.**" >> $GITHUB_STEP_SUMMARY - + run: "echo \"## 📐 YAML Validation Summary\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"| 🔍 Validation Details | ✅ Status |\" >> $GITHUB_STEP_SUMMARY\necho \"|---|---|\" >> $GITHUB_STEP_SUMMARY\necho \"| **Tool** | Prettier (EditorConfig-aware) |\" >> $GITHUB_STEP_SUMMARY\necho \"| **Version** | ${{ steps.prettier-version.outputs.version }} |\" >> $GITHUB_STEP_SUMMARY\necho \"| **Configuration** | .editorconfig rules |\" >> $GITHUB_STEP_SUMMARY\necho \"| **Scope** | All .yml and .yaml files |\" >> $GITHUB_STEP_SUMMARY\necho \"| **Result** | ✅ All files properly formatted |\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"### 📊 File Processing Statistics\" >> $GITHUB_STEP_SUMMARY\necho \"- **Total YAML files found**: ${{ env.TOTAL_YAML }}\" >> $GITHUB_STEP_SUMMARY\necho \"- **Files processed by prettier**: ${{ env.PROCESSED_YAML }}\" >> $GITHUB_STEP_SUMMARY \necho \"- **Files needing formatting**: ${{ env.CHECKED_YAML }}\" >> $GITHUB_STEP_SUMMARY\necho \"- **Files ignored by prettier**: $((${{ env.TOTAL_YAML }} - ${{ env.PROCESSED_YAML }}))\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"### 📋 EditorConfig YAML Rules Applied\" >> $GITHUB_STEP_SUMMARY\necho \"- **Indent Style**: Spaces\" >> $GITHUB_STEP_SUMMARY\necho \"- **Indent Size**: 2\" >> $GITHUB_STEP_SUMMARY\necho \"- **Line Endings**: LF\" >> $GITHUB_STEP_SUMMARY\necho \"- **Final Newline**: Required\" >> $GITHUB_STEP_SUMMARY\necho \"- **Trailing Whitespace**: Trimmed\" >> $GITHUB_STEP_SUMMARY\necho \"\" >> $GITHUB_STEP_SUMMARY\necho \"🎯 **All YAML files meet formatting standards.**\" >> $GITHUB_STEP_SUMMARY\n" # ———————————————————————————————————————————————————————————————— # Cleanup # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress-performance-summary.yml b/.github/workflows/fortress-performance-summary.yml index a7e0d8e..f8e5fe2 100644 --- a/.github/workflows/fortress-performance-summary.yml +++ b/.github/workflows/fortress-performance-summary.yml @@ -7,9 +7,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Performance Summary) - on: workflow_call: inputs: @@ -68,10 +66,8 @@ on: description: "Primary runner OS" required: true type: string - permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Performance Summary Report @@ -91,7 +87,6 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Download all statistics artifacts # ———————————————————————————————————————————————————————————————— @@ -101,7 +96,6 @@ jobs: with: pattern: "*-stats-*" merge-multiple: true - # ———————————————————————————————————————————————————————————————— # Generate performance report # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress-release.yml b/.github/workflows/fortress-release.yml index afbfca4..9940be4 100644 --- a/.github/workflows/fortress-release.yml +++ b/.github/workflows/fortress-release.yml @@ -7,9 +7,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Version Release) - # ———————————————————————————————————————————————————————————————— # Workflow Call Configuration # ———————————————————————————————————————————————————————————————— @@ -39,13 +37,11 @@ on: slack-webhook: description: "Slack webhook URL for notifications" required: false - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Release Job @@ -64,14 +60,12 @@ jobs: with: fetch-depth: 0 # Required for changelog generation token: ${{ secrets.github-token }} - - name: 🔧 Set Go cache paths (cross-platform) run: | echo "🔧 Setting up Go cache paths..." echo "GOCACHE=$HOME/.cache/go-build" >> $GITHUB_ENV echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV echo "GOLANGCI_LINT_CACHE=$HOME/.cache/golangci-lint" >> $GITHUB_ENV - # ———————————————————————————————————————————————————————————————— # Validate version tag format # ———————————————————————————————————————————————————————————————— @@ -101,7 +95,6 @@ jobs: echo "version=$TAG" >> $GITHUB_OUTPUT echo "version_without_v=${TAG#v}" >> $GITHUB_OUTPUT echo "is_prerelease=$([[ -n "$PRERELEASE" ]] && echo 'true' || echo 'false')" >> $GITHUB_OUTPUT - # ———————————————————————————————————————————————————————————————— # Extract GoReleaser version from environment # ———————————————————————————————————————————————————————————————— @@ -111,7 +104,6 @@ jobs: GORELEASER_VERSION=$(echo '${{ inputs.env-json }}' | jq -r '.GORELEASER_VERSION // "v2.10.2"') echo "✅ Using GoReleaser version: $GORELEASER_VERSION" echo "version=$GORELEASER_VERSION" >> $GITHUB_OUTPUT - # ———————————————————————————————————————————————————————————————— # Restore Go module and build caches # ———————————————————————————————————————————————————————————————— @@ -123,7 +115,6 @@ jobs: key: ${{ inputs.primary-runner }}-gomod-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.primary-runner }}-gomod- - # ———————————————————————————————————————————————————————————————— # Restore build cache from a warm-cache job # ———————————————————————————————————————————————————————————————— @@ -136,7 +127,6 @@ jobs: key: ${{ inputs.primary-runner }}-gobuild-${{ inputs.go-primary-version }}-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ inputs.primary-runner }}-gobuild-${{ inputs.go-primary-version }}- - # ———————————————————————————————————————————————————————————————— # Restore Cache golangci-lint # ———————————————————————————————————————————————————————————————— @@ -149,7 +139,6 @@ jobs: restore-keys: | ${{ inputs.primary-runner }}-golangci-lint-analysis-${{ hashFiles('.golangci.json', '**/go.sum') }} ${{ inputs.primary-runner }}-golangci-lint-analysis- - # ———————————————————————————————————————————————————————————————— # Set up Go environment # ———————————————————————————————————————————————————————————————— @@ -159,7 +148,6 @@ jobs: with: go-version: ${{ inputs.go-primary-version }} cache: false # we handle caches ourselves - # ———————————————————————————————————————————————————————————————— # Pre-flight config validation # ———————————————————————————————————————————————————————————————— @@ -171,7 +159,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.github-token }} SLACK_WEBHOOK: ${{ secrets.slack-webhook }} # used only if referenced in .goreleaser.yml - # ———————————————————————————————————————————————————————————————— # Extract changelog information # ———————————————————————————————————————————————————————————————— @@ -192,7 +179,6 @@ jobs: echo "ℹ️ No previous tag found - this appears to be the first release" echo "previous_tag=" >> $GITHUB_OUTPUT fi - # ———————————————————————————————————————————————————————————————— # Build and publish the release # ———————————————————————————————————————————————————————————————— @@ -205,7 +191,6 @@ jobs: env: GITHUB_TOKEN: ${{ secrets.github-token }} SLACK_WEBHOOK: ${{ secrets.slack-webhook }} # used only if referenced in .goreleaser.yml - # ———————————————————————————————————————————————————————————————— # Generate release summary # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress-security-scans.yml b/.github/workflows/fortress-security-scans.yml index d5e62ba..0d0a089 100644 --- a/.github/workflows/fortress-security-scans.yml +++ b/.github/workflows/fortress-security-scans.yml @@ -7,9 +7,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Security Scans) - on: workflow_call: inputs: @@ -53,10 +51,8 @@ on: ossi-token: description: "OSS Index token for Nancy authentication" required: false - permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Ask Nancy (Dependency Checks) @@ -77,20 +73,17 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code and set up Go environment # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: 🔧 Set Go cache paths (cross-platform) run: | echo "🔧 Setting up Go cache paths..." echo "GOCACHE=$HOME/.cache/go-build" >> $GITHUB_ENV echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV echo "GOLANGCI_LINT_CACHE=$HOME/.cache/golangci-lint" >> $GITHUB_ENV - # ———————————————————————————————————————————————————————————————— # Set up Go environment # ———————————————————————————————————————————————————————————————— @@ -100,7 +93,6 @@ jobs: with: go-version: ${{ inputs.go-primary-version }} cache: false # we handle caches ourselves - # ———————————————————————————————————————————————————————————————— # Write the "go" list to file for Nancy # ———————————————————————————————————————————————————————————————— @@ -109,7 +101,6 @@ jobs: echo "📋 Generating module list for security scanning..." go list -json -m all > go.list echo "✅ Module list generated successfully" - # ———————————————————————————————————————————————————————————————— # Run Nancy to check for vulnerabilities # ———————————————————————————————————————————————————————————————— @@ -123,7 +114,6 @@ jobs: githubToken: ${{ secrets.github-token }} # ← prevents rate-limit 403 nancyVersion: ${{ env.NANCY_VERSION }} nancyCommand: sleuth --loud --exclude-vulnerability ${{ env.NANCY_EXCLUDES }} - # ———————————————————————————————————————————————————————————————— # Summary of Nancy results # ———————————————————————————————————————————————————————————————— @@ -142,7 +132,6 @@ jobs: echo "### 🚫 Excluded Vulnerabilities" >> $GITHUB_STEP_SUMMARY echo "The following vulnerabilities were excluded from the scan:" >> $GITHUB_STEP_SUMMARY echo "${{ env.NANCY_EXCLUDES }}" >> $GITHUB_STEP_SUMMARY - # ---------------------------------------------------------------------------------- # Govulncheck (Vulnerability Checks) # ---------------------------------------------------------------------------------- @@ -162,27 +151,23 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code and set up Go environment # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: 🔧 Set Go cache paths (cross-platform) run: | echo "🔧 Setting up Go cache paths..." echo "GOCACHE=$HOME/.cache/go-build" >> $GITHUB_ENV echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV echo "GOLANGCI_LINT_CACHE=$HOME/.cache/golangci-lint" >> $GITHUB_ENV - - name: 🏗️ Set up Go id: setup-govulncheck uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version: ${{ inputs.go-primary-version }} cache: false # we handle caches ourselves - # ———————————————————————————————————————————————————————————————— # Restore (and later save) a compact cache for the govulncheck binary # and its vulnerability DB files. @@ -194,7 +179,6 @@ jobs: path: | ~/.cache/govulncheck-bin key: ${{ inputs.primary-runner }}-govulncheck-${{ env.GOVULNCHECK_VERSION }} - - name: 🛠️ Make cached govulncheck usable run: | set -euo pipefail @@ -208,7 +192,6 @@ jobs: fi # Make sure the binary location is on PATH for *all* subsequent steps. echo "$(go env GOPATH)/bin" >> "$GITHUB_PATH" - # ———————————————————————————————————————————————————————————————— # Install govulncheck *only* when the cache was empty. # ———————————————————————————————————————————————————————————————— @@ -222,7 +205,6 @@ jobs: mkdir -p ~/.cache/govulncheck-bin cp "$(go env GOPATH)/bin/govulncheck" ~/.cache/govulncheck-bin/ echo "✅ govulncheck installed and stored in cache" - # ———————————————————————————————————————————————————————————————— # Run govulncheck # ———————————————————————————————————————————————————————————————— @@ -231,7 +213,6 @@ jobs: echo "🔍 Running vulnerability analysis..." make govulncheck echo "✅ Vulnerability scan completed" - # ———————————————————————————————————————————————————————————————— # Summary of govulncheck results # ———————————————————————————————————————————————————————————————— @@ -248,7 +229,6 @@ jobs: echo "| **Version** | ${{ env.GOVULNCHECK_VERSION }} |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "🎯 **Analysis completed successfully with no security issues found.**" >> $GITHUB_STEP_SUMMARY - # ---------------------------------------------------------------------------------- # Gitleaks (Secret Scanning) # ---------------------------------------------------------------------------------- @@ -268,7 +248,6 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Check repository security conditions # ———————————————————————————————————————————————————————————————— @@ -300,7 +279,6 @@ jobs: echo "PR Head Repo: $PR_HEAD_REPO" echo "is_same_repo=false" >> $GITHUB_OUTPUT fi - # ———————————————————————————————————————————————————————————————— # Checkout code and set up Go environment # ———————————————————————————————————————————————————————————————— @@ -308,7 +286,6 @@ jobs: uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: fetch-depth: 0 # Fetch all history so Gitleaks can scan commits - - name: 🔍 Run gitleaks scan if: steps.repo-check.outputs.is_same_repo == 'true' uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v8.27.2 @@ -320,7 +297,6 @@ jobs: GITLEAKS_ENABLE_UPLOAD_ARTIFACT: "true" GITLEAKS_ENABLE_SUMMARY: "true" GITLEAKS_VERSION: ${{ env.GITLEAKS_VERSION }} - - name: 📊 Job Summary if: steps.repo-check.outputs.is_same_repo == 'true' run: | @@ -334,7 +310,6 @@ jobs: echo "| **Result** | ✅ No secrets detected (see logs for details) |" >> $GITHUB_STEP_SUMMARY echo "" >> $GITHUB_STEP_SUMMARY echo "🎯 **Secret scan completed successfully.**" >> $GITHUB_STEP_SUMMARY - - name: 📊 Fork Security Notice if: steps.repo-check.outputs.is_same_repo == 'false' run: | diff --git a/.github/workflows/fortress-setup-config.yml b/.github/workflows/fortress-setup-config.yml index 8827389..981fe46 100644 --- a/.github/workflows/fortress-setup-config.yml +++ b/.github/workflows/fortress-setup-config.yml @@ -8,9 +8,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Setup Configuration) - on: workflow_call: inputs: @@ -96,10 +94,8 @@ on: warm-cache-matrix: description: "Warm cache matrix JSON" value: ${{ jobs.setup-config.outputs.warm-cache-matrix }} - permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Setup the configuration for the CI environment @@ -131,7 +127,6 @@ jobs: static-analysis-enabled: ${{ steps.config.outputs.static-analysis-enabled }} test-matrix: ${{ steps.matrix.outputs.matrix }} warm-cache-matrix: ${{ steps.matrix.outputs.matrix }} - steps: # ———————————————————————————————————————————————————————————————— # Start timer to record workflow start time @@ -144,7 +139,6 @@ jobs: echo "start-time=$START_TIME" >> $GITHUB_OUTPUT echo "start-epoch=$START_EPOCH" >> $GITHUB_OUTPUT echo "🚀 Workflow started at: $START_TIME" - # ———————————————————————————————————————————————————————————————— # Parse environment variables from JSON # ———————————————————————————————————————————————————————————————— @@ -161,7 +155,6 @@ jobs: done echo "✅ Environment variables parsed successfully" - # ———————————————————————————————————————————————————————————————— # Checkout code (sparse checkout) # ———————————————————————————————————————————————————————————————— @@ -172,7 +165,6 @@ jobs: Makefile go.mod go.sum - # ———————————————————————————————————————————————————————————————— # Get Go versions and set up the matrix # ———————————————————————————————————————————————————————————————— @@ -188,7 +180,6 @@ jobs: VERSIONS=$(echo "$VERSIONS" | jq -c .) echo "versions=$VERSIONS" >> "$GITHUB_OUTPUT" echo "✅ Unique Go versions: $VERSIONS" - # ———————————————————————————————————————————————————————————————— # Generate the test matrix based on Go versions and runner OSes # ———————————————————————————————————————————————————————————————— @@ -264,7 +255,6 @@ jobs: # ------------------------------------------------------------ echo "matrix=$(echo "$MATRIX" | jq -c .)" >> "$GITHUB_OUTPUT" echo "✅ Matrix generated successfully" - # ———————————————————————————————————————————————————————————————— # Configure environment variables # ———————————————————————————————————————————————————————————————— @@ -319,7 +309,6 @@ jobs: else echo "is-release-run=false" >> $GITHUB_OUTPUT fi - # ———————————————————————————————————————————————————————————————— # Build the final summary of the configuration # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress-test-makefile.yml b/.github/workflows/fortress-test-makefile.yml index ef0e28e..4c7b2bf 100644 --- a/.github/workflows/fortress-test-makefile.yml +++ b/.github/workflows/fortress-test-makefile.yml @@ -7,9 +7,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Test Makefile) - on: workflow_call: inputs: @@ -21,10 +19,8 @@ on: description: "Primary runner OS" required: true type: string - permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Test Makefile (Compilation and Help Verification) @@ -44,7 +40,6 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code (sparse checkout) # ———————————————————————————————————————————————————————————————— @@ -57,7 +52,6 @@ jobs: Makefile go.mod go.sum - # ———————————————————————————————————————————————————————————————— # Verify the Makefile compiles and runs # ———————————————————————————————————————————————————————————————— @@ -66,7 +60,6 @@ jobs: echo "📋 Running makefile..." make help echo "✅ Makefile ran successfully" - - name: ✅ Verify make help and required commands id: verify-make run: | @@ -151,7 +144,6 @@ jobs: echo "" echo "✅ Makefile verification completed successfully." - # ———————————————————————————————————————————————————————————————— # Summary of Makefile verification # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress-test-suite.yml b/.github/workflows/fortress-test-suite.yml index 2e9f098..d44f4f3 100644 --- a/.github/workflows/fortress-test-suite.yml +++ b/.github/workflows/fortress-test-suite.yml @@ -7,9 +7,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress (Go Test Suite) - on: workflow_call: inputs: @@ -52,10 +50,8 @@ on: codecov-token: description: "Codecov token for coverage uploads" required: false - permissions: contents: read - jobs: # ---------------------------------------------------------------------------------- # Testing Matrix for Go (Parallel) @@ -67,7 +63,6 @@ jobs: fail-fast: true matrix: ${{ fromJSON(inputs.test-matrix) }} runs-on: ${{ matrix.os }} - steps: # ———————————————————————————————————————————————————————————————— # Parse environment variables @@ -80,20 +75,17 @@ jobs: echo "$ENV_JSON" | jq -r 'to_entries | .[] | "\(.key)=\(.value)"' | while IFS='=' read -r key value; do echo "$key=$value" >> $GITHUB_ENV done - # ———————————————————————————————————————————————————————————————— # Checkout code and set up Go environment # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - - name: 🔧 Set Go cache paths (cross-platform) run: | echo "🔧 Setting up Go cache paths..." echo "GOCACHE=$HOME/.cache/go-build" >> $GITHUB_ENV echo "GOMODCACHE=$HOME/go/pkg/mod" >> $GITHUB_ENV echo "GOLANGCI_LINT_CACHE=$HOME/.cache/golangci-lint" >> $GITHUB_ENV - # ———————————————————————————————————————————————————————————————— # Restore Go module and build caches # ———————————————————————————————————————————————————————————————— @@ -105,7 +97,6 @@ jobs: key: ${{ matrix.os }}-gomod-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ matrix.os }}-gomod- - # ———————————————————————————————————————————————————————————————— # Restore the build cache and test cache # ———————————————————————————————————————————————————————————————— @@ -119,7 +110,6 @@ jobs: key: ${{ matrix.os }}-gobuild-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }} restore-keys: | ${{ matrix.os }}-gobuild-${{ matrix.go-version }}- - # ———————————————————————————————————————————————————————————————— # Check go.mod required version before setting up Go # ———————————————————————————————————————————————————————————————— @@ -153,7 +143,6 @@ jobs: fi fi fi - # ———————————————————————————————————————————————————————————————— # Determine Go Toolchain Mode and set up Go # ———————————————————————————————————————————————————————————————— @@ -173,14 +162,12 @@ jobs: else echo "Not setting GOTOOLCHAIN (using default)" fi - - name: 🏗️ Set up Go id: setup-go-test uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0 with: go-version: ${{ matrix.go-version }} cache: false # we handle caches ourselves - # ———————————————————————————————————————————————————————————————— # Start test timer # ———————————————————————————————————————————————————————————————— @@ -188,7 +175,6 @@ jobs: id: test-timer run: | echo "test-start=$(date +%s)" >> $GITHUB_OUTPUT - # ———————————————————————————————————————————————————————————————— # Run tests and coverage # ———————————————————————————————————————————————————————————————— @@ -216,7 +202,6 @@ jobs: fi echo "✅ Tests completed successfully" - # ———————————————————————————————————————————————————————————————— # Fuzz tests (only on Linux) # ———————————————————————————————————————————————————————————————— @@ -226,7 +211,6 @@ jobs: echo "🎯 Running fuzz tests..." make test-fuzz VERBOSE=${{ env.ENABLE_VERBOSE_TEST_OUTPUT }} echo "✅ Fuzz tests completed successfully" - # ———————————————————————————————————————————————————————————————— # All test results are always captured # ———————————————————————————————————————————————————————————————— @@ -284,7 +268,6 @@ jobs: echo "📊 Test statistics:" jq . "$STATS_FILE" - # ———————————————————————————————————————————————————————————————— # Upload test statistics # ———————————————————————————————————————————————————————————————— @@ -295,7 +278,6 @@ jobs: name: test-stats-${{ matrix.os }}-${{ matrix.go-version }} path: test-stats-*.json retention-days: 1 - # ———————————————————————————————————————————————————————————————— # Upload coverage only for race-cover tests # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/fortress.yml b/.github/workflows/fortress.yml index 69ab1ec..668b862 100644 --- a/.github/workflows/fortress.yml +++ b/.github/workflows/fortress.yml @@ -24,9 +24,7 @@ # Attribution is requested if reused: Created by @mrz1836 # # ------------------------------------------------------------------------------------ - name: GoFortress - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— @@ -39,20 +37,17 @@ on: pull_request: branches: - "**" # All branches for PRs - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: ${{ !startsWith(github.ref, 'refs/tags/') }} - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables and Setup Configuration @@ -73,14 +68,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ---------------------------------------------------------------------------------- # Setup Configuration Workflow # ---------------------------------------------------------------------------------- @@ -124,7 +117,6 @@ jobs: .github/actions/warm-cache go.mod go.sum - # ———————————————————————————————————————————————————————————————— # Extract verbose flag from env-json # ———————————————————————————————————————————————————————————————— @@ -132,7 +124,6 @@ jobs: id: extract run: | echo "enable_verbose=$(echo '${{ needs.load-env.outputs.env-json }}' | jq -r '.ENABLE_VERBOSE_TEST_OUTPUT')" >> "$GITHUB_OUTPUT" - # ———————————————————————————————————————————————————————————————— # Warm the Go caches using local action # ———————————————————————————————————————————————————————————————— @@ -242,7 +233,6 @@ jobs: echo "| 🧪 Test Suite | ${{ needs.test-suite.result }} |" echo "| 🏃 Benchmarks | ${{ needs.benchmarks.result }} |" } >> "$GITHUB_STEP_SUMMARY" - # ———————————————————————————————————————————————————————————————— # Fail the workflow *only* when a dependency actually failed/canceled # - 'skipped' is OK (e.g. feature flag off) @@ -286,7 +276,6 @@ jobs: fi exit 1 - # ———————————————————————————————————————————————————————————————— # Succeed if all required jobs passed or were skipped # ———————————————————————————————————————————————————————————————— @@ -294,7 +283,6 @@ jobs: if: ${{ !contains(needs.*.result, 'failure') && !contains(needs.*.result, 'cancelled') }} run: | echo "🎉 All required checks passed (skipped jobs are considered OK)." - # ---------------------------------------------------------------------------------- # Release Version # ---------------------------------------------------------------------------------- diff --git a/.github/workflows/pull-request-management.yml b/.github/workflows/pull-request-management.yml index 1a14bdc..b93a650 100644 --- a/.github/workflows/pull-request-management.yml +++ b/.github/workflows/pull-request-management.yml @@ -21,34 +21,28 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: PR Management - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— on: pull_request: types: [opened, reopened, ready_for_review, closed] - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number }} cancel-in-progress: true - # ———————————————————————————————————————————————————————————————— # Environment Variables # ———————————————————————————————————————————————————————————————— # Note: Configuration variables are loaded from .github/.env.shared - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables from .env.shared @@ -68,14 +62,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ---------------------------------------------------------------------------------- # Apply Labels Based on Branch and Title # ---------------------------------------------------------------------------------- @@ -89,7 +81,6 @@ jobs: if: github.event.action != 'closed' outputs: labels-applied: ${{ steps.apply-labels.outputs.labels-applied }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -113,7 +104,6 @@ jobs: echo "🔍 Configuration loaded:" echo " 🤖 Skip bot users: $SKIP_BOT_USERS" echo " 🏷️ Apply type labels: $APPLY_TYPE_LABELS" - # ———————————————————————————————————————————————————————————————— # Apply labels based on branch and title patterns # ———————————————————————————————————————————————————————————————— @@ -243,7 +233,6 @@ jobs: core.setOutput('labels-applied', '[]'); // Don't fail the entire workflow for label issues } - # ---------------------------------------------------------------------------------- # Assign Default Assignee # ---------------------------------------------------------------------------------- @@ -259,7 +248,6 @@ jobs: github.event.pull_request.head.repo.owner.login == github.repository_owner outputs: assignee-added: ${{ steps.assign.outputs.assignee-added }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -283,7 +271,6 @@ jobs: echo "🔍 Configuration loaded:" echo " 👤 Default assignee: $DEFAULT_ASSIGNEE" echo " 🤖 Skip bot users: $SKIP_BOT_USERS" - # ———————————————————————————————————————————————————————————————— # Assign default assignee if needed # ———————————————————————————————————————————————————————————————— @@ -328,7 +315,6 @@ jobs: core.setOutput('assignee-added', 'false'); // Don't fail the workflow for assignment issues } - # ---------------------------------------------------------------------------------- # Welcome New Contributors # ---------------------------------------------------------------------------------- @@ -345,7 +331,6 @@ jobs: github.event.pull_request.head.repo.owner.login == github.repository_owner outputs: welcomed: ${{ steps.welcome.outputs.welcomed }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -369,7 +354,6 @@ jobs: echo "🔍 Configuration loaded:" echo " 👋 Welcome first-time contributors: $WELCOME_FIRST_TIME" echo " 🤖 Skip bot users: $SKIP_BOT_USERS" - # ———————————————————————————————————————————————————————————————— # Post welcome message # ———————————————————————————————————————————————————————————————— @@ -421,7 +405,6 @@ jobs: console.error(`❌ Failed to post welcome comment: ${error.message}`); core.setOutput('welcomed', 'false'); } - # ---------------------------------------------------------------------------------- # Analyze PR Size # ---------------------------------------------------------------------------------- @@ -436,7 +419,6 @@ jobs: outputs: size-label: ${{ steps.analyze.outputs.size-label }} total-changes: ${{ steps.analyze.outputs.total-changes }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -466,7 +448,6 @@ jobs: echo "🔍 Configuration loaded:" echo " 📏 Apply size labels: $APPLY_SIZE_LABELS" echo " 📊 Size thresholds: XS≤$SIZE_XS, S≤$SIZE_S, M≤$SIZE_M, L≤$SIZE_L, XL>$SIZE_L" - # ———————————————————————————————————————————————————————————————— # Analyze and label PR size # ———————————————————————————————————————————————————————————————— @@ -525,7 +506,6 @@ jobs: core.setOutput('size-label', ''); core.setOutput('total-changes', totalChanges.toString()); } - # ---------------------------------------------------------------------------------- # Clean Runner Cache (on PR close) # ---------------------------------------------------------------------------------- @@ -539,7 +519,6 @@ jobs: if: github.event.action == 'closed' outputs: caches-cleaned: ${{ steps.clean.outputs.caches-cleaned }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -560,7 +539,6 @@ jobs: # Log configuration echo "🔍 Configuration loaded:" echo " 🧹 Clean cache on close: $CLEAN_CACHE" - # ———————————————————————————————————————————————————————————————— # Clean up caches associated with the PR # ———————————————————————————————————————————————————————————————— @@ -628,7 +606,6 @@ jobs: echo "════════════════════════════════════════════════════════════════" echo "✅ Cleaned $cleanedCount out of $cacheCount cache(s)" echo "caches-cleaned=$cleanedCount" >> $GITHUB_OUTPUT - # ---------------------------------------------------------------------------------- # Delete Merged Branch # ---------------------------------------------------------------------------------- @@ -644,7 +621,6 @@ jobs: github.event.pull_request.head.repo.full_name == github.repository outputs: branch-deleted: ${{ steps.delete.outputs.branch-deleted }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -668,7 +644,6 @@ jobs: echo "🔍 Configuration loaded:" echo " 🗑️ Delete branch on merge: $DELETE_BRANCH" echo " 🔒 Protected branches: $PROTECTED_BRANCHES" - # ———————————————————————————————————————————————————————————————— # Delete the merged branch # ———————————————————————————————————————————————————————————————— @@ -726,7 +701,6 @@ jobs: console.log(`⏭️ Skipping deletion for protected branch: ${branch}`); core.setOutput('branch-deleted', 'skip'); } - # ---------------------------------------------------------------------------------- # Generate Workflow Summary Report # ---------------------------------------------------------------------------------- @@ -846,7 +820,6 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY echo "---" >> $GITHUB_STEP_SUMMARY echo "🤖 _Automated by GitHub Actions_" >> $GITHUB_STEP_SUMMARY - # ———————————————————————————————————————————————————————————————— # Report final workflow status # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml index b45d321..aa84337 100644 --- a/.github/workflows/scorecard.yml +++ b/.github/workflows/scorecard.yml @@ -1,7 +1,6 @@ # This workflow uses actions that GitHub does not certify. They are provided # by a third-party and are governed by separate terms of service, privacy # policy, and support documentation. - name: Scorecard supply-chain security on: # For Branch-Protection check. Only the default branch is supported. See @@ -13,16 +12,13 @@ on: - cron: "0 8 * * 1" # Every Monday at 08:00 UTC push: branches: ["master"] - concurrency: group: ${{ github.workflow }}-${{ github.event.pull_request.number || github.ref }} cancel-in-progress: true - # Declare default permissions as read-only. permissions: contents: read security-events: read # For scorecard analysis - jobs: analysis: name: Scorecard analysis @@ -37,13 +33,11 @@ jobs: # Uncomment the permissions below if installing in a private repository. # contents: read # actions: read - steps: - name: "Checkout code" uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 with: persist-credentials: false - - name: "Run analysis" uses: ossf/scorecard-action@05b42c624433fc40578a4040d5cf5e36ddca8cde # v2.4.2 with: @@ -63,10 +57,8 @@ jobs: # - `publish_results` will always be set to `false`, regardless # of the value entered here. publish_results: true - # (Optional) Uncomment file_mode if you have a .gitattributes with files marked export-ignore # file_mode: git - # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF # format to the repository Actions tab. - name: "Upload artifact" @@ -75,7 +67,6 @@ jobs: name: SARIF file path: results.sarif retention-days: 5 - # Upload the results to GitHub's code scanning dashboard (optional). # Commenting out will disable the upload of results to your repo's Code Scanning dashboard - name: "Upload to code-scanning" diff --git a/.github/workflows/stale-check.yml b/.github/workflows/stale-check.yml index 1d5de2f..87d1534 100644 --- a/.github/workflows/stale-check.yml +++ b/.github/workflows/stale-check.yml @@ -15,9 +15,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: Stale Check - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— @@ -26,20 +24,17 @@ on: # ┌─ min ─┬─ hour ─┬─ dom ─┬─ mon ─┬─ dow ─┐ - cron: "0 12 * * 1-5" # 7:00 AM EST (12:00 UTC) workflow_dispatch: # Allow manual triggering - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables from .env.shared @@ -59,14 +54,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ---------------------------------------------------------------------------------- # Main Stale Check Job # ---------------------------------------------------------------------------------- @@ -77,7 +70,6 @@ jobs: permissions: issues: write # Required to add labels and comments pull-requests: write # Required to add labels and comments on PRs - steps: # ———————————————————————————————————————————————————————————————— # Log token configuration @@ -93,7 +85,6 @@ jobs: else echo "✅ Using default GITHUB_TOKEN for stale check operations" fi - # ———————————————————————————————————————————————————————————————— # Extract environment variables # ———————————————————————————————————————————————————————————————— @@ -121,7 +112,6 @@ jobs: echo "operations-per-run=$OPERATIONS_PER_RUN" >> $GITHUB_OUTPUT echo "✅ Configuration extracted successfully" - # ———————————————————————————————————————————————————————————————— # Calculate cutoff dates for stale detection # ———————————————————————————————————————————————————————————————— @@ -146,7 +136,6 @@ jobs: echo "🔸 Stale label: ${{ steps.config.outputs.stale-label }}" echo "🔸 Operations limit: ${{ steps.config.outputs.operations-per-run }}" echo "✅ Date calculations complete" - # ———————————————————————————————————————————————————————————————— # Process issues for stale marking and closing # ———————————————————————————————————————————————————————————————— @@ -283,7 +272,6 @@ jobs: console.log(`🏷️ Marked stale: ${markedStaleCount} issues`); console.log(`🔒 Closed: ${closedCount} issues`); console.log(`⚡ Operations used: ${operationsCount}/${operationsLimit}`); - # ———————————————————————————————————————————————————————————————— # Process pull requests for stale marking and closing # ———————————————————————————————————————————————————————————————— @@ -418,7 +406,6 @@ jobs: console.log(`🏷️ Marked stale: ${markedStaleCount} PRs`); console.log(`🔒 Closed: ${closedCount} PRs`); console.log(`⚡ Operations used: ${operationsCount}/${operationsLimit}`); - # ———————————————————————————————————————————————————————————————— # Clean up stale labels from recently updated items # ———————————————————————————————————————————————————————————————— @@ -530,7 +517,6 @@ jobs: console.log(`\n📊 === Label Cleanup Summary ===`); console.log(`🔍 Checked: ${checkedCount} items with stale label`); console.log(`✅ Removed stale labels from: ${removedCount} items`); - # ———————————————————————————————————————————————————————————————— # Generate a workflow summary report # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/sync-labels.yml b/.github/workflows/sync-labels.yml index 6610402..de9df46 100644 --- a/.github/workflows/sync-labels.yml +++ b/.github/workflows/sync-labels.yml @@ -12,9 +12,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: Sync Labels - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— @@ -30,20 +28,17 @@ on: type: boolean default: false required: false - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: sync-labels-${{ github.ref }} cancel-in-progress: true - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables from .env.shared @@ -64,14 +59,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ———————————————————————————————————————————————————————————————— # Extract sync-labels specific configuration # ———————————————————————————————————————————————————————————————— @@ -92,7 +85,6 @@ jobs: echo "labels-file=$LABELS_FILE" >> $GITHUB_OUTPUT echo "✅ Configuration extracted: labels file = $LABELS_FILE" - # ---------------------------------------------------------------------------------- # Sync Labels Job # ---------------------------------------------------------------------------------- @@ -103,7 +95,6 @@ jobs: permissions: contents: read issues: write # Required for label management - steps: # ———————————————————————————————————————————————————————————————— # Log token configuration @@ -119,13 +110,11 @@ jobs: else echo "✅ Using default GITHUB_TOKEN for label operations" fi - # ———————————————————————————————————————————————————————————————— # Checkout repository # ———————————————————————————————————————————————————————————————— - name: 📥 Checkout code uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0 - # ———————————————————————————————————————————————————————————————— # Validate and parse labels file # ———————————————————————————————————————————————————————————————— @@ -204,7 +193,6 @@ jobs: print(f'❌ Error processing file: {e}') sys.exit(1) EOF - # ———————————————————————————————————————————————————————————————— # Sync labels using native GitHub API # ———————————————————————————————————————————————————————————————— @@ -421,7 +409,6 @@ jobs: console.error(`\n❌ Label sync failed: ${error.message}`); throw error; } - # ———————————————————————————————————————————————————————————————— # Verify sync results (optional) # ———————————————————————————————————————————————————————————————— @@ -488,7 +475,6 @@ jobs: console.error(`❌ Verification failed: ${error.message}`); // Don't fail the workflow for verification issues } - # ———————————————————————————————————————————————————————————————— # Generate a workflow summary report # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/update-pre-commit-hooks.yml b/.github/workflows/update-pre-commit-hooks.yml index 91d98aa..8ebd405 100644 --- a/.github/workflows/update-pre-commit-hooks.yml +++ b/.github/workflows/update-pre-commit-hooks.yml @@ -15,9 +15,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: Update Pre-commit Hooks - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— @@ -37,25 +35,21 @@ on: required: false default: true type: boolean - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true - # ———————————————————————————————————————————————————————————————— # Environment Variables # ———————————————————————————————————————————————————————————————— # Note: Configuration variables are loaded from .github/.env.shared - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables from .env.shared @@ -75,14 +69,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ---------------------------------------------------------------------------------- # Update Pre-commit Hooks # ---------------------------------------------------------------------------------- @@ -98,7 +90,6 @@ jobs: pr_exists: ${{ steps.check_branch.outputs.pr_exists }} pr_number: ${{ steps.check_branch.outputs.pr_number }} hooks_updated: ${{ steps.analyze_changes.outputs.hooks_updated }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -167,7 +158,6 @@ jobs: else echo " 🔑 Token: Default GITHUB_TOKEN" fi - # ———————————————————————————————————————————————————————————————— # Check out the repository # ———————————————————————————————————————————————————————————————— @@ -176,7 +166,6 @@ jobs: with: token: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} fetch-depth: 0 # Full history for branch operations - # ———————————————————————————————————————————————————————————————— # Verify pre-commit configuration exists # ———————————————————————————————————————————————————————————————— @@ -195,7 +184,6 @@ jobs: head -20 "${{ env.CONFIG_FILE }}" echo "════════════════════════════════════════════════════════════════" fi - # ———————————————————————————————————————————————————————————————— # Set up Python for pre-commit # ———————————————————————————————————————————————————————————————— @@ -203,7 +191,6 @@ jobs: uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: "3.x" - # ———————————————————————————————————————————————————————————————— # Cache pip dependencies to speed up later runs # ———————————————————————————————————————————————————————————————— @@ -214,7 +201,6 @@ jobs: key: ${{ runner.os }}-pip-${{ hashFiles('.github/pip/*.txt') }} restore-keys: | ${{ runner.os }}-pip- - # ———————————————————————————————————————————————————————————————— # Install pre-commit from secure requirements # ———————————————————————————————————————————————————————————————— @@ -237,7 +223,6 @@ jobs: echo "🔍 Verifying pre-commit installation..." pre-commit --version echo "✅ Pre-commit ready" - # ———————————————————————————————————————————————————————————————— # Backup original config for comparison # ———————————————————————————————————————————————————————————————— @@ -246,7 +231,6 @@ jobs: echo "💾 Creating backup of pre-commit configuration..." cp "${{ env.CONFIG_FILE }}" "${{ env.CONFIG_FILE }}.backup" echo "✅ Original config backed up for comparison" - # ———————————————————————————————————————————————————————————————— # Run pre-commit autoupdate and migrate config # ———————————————————————————————————————————————————————————————— @@ -270,7 +254,6 @@ jobs: echo "✅ Update process completed" echo "════════════════════════════════════════════════════════════════" - # ———————————————————————————————————————————————————————————————— # Check for changes and analyze what was updated # ———————————————————————————————————————————————————————————————— @@ -293,7 +276,6 @@ jobs: echo "ℹ️ No changes detected in pre-commit configuration" echo "has_changes=false" >> $GITHUB_OUTPUT fi - # ———————————————————————————————————————————————————————————————— # Analyze which hooks were updated # ———————————————————————————————————————————————————————————————— @@ -315,7 +297,6 @@ jobs: # Clean up backup rm "${{ env.CONFIG_FILE }}.backup" - # ———————————————————————————————————————————————————————————————— # Configure git # ———————————————————————————————————————————————————————————————— @@ -325,7 +306,6 @@ jobs: echo "🔧 Configuring git..." git config --global user.name "github-actions[bot]" git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" - # ———————————————————————————————————————————————————————————————— # Check for existing PRs with base branch pattern # ———————————————————————————————————————————————————————————————— @@ -350,7 +330,6 @@ jobs: fi env: GH_TOKEN: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} - # ———————————————————————————————————————————————————————————————— # Create or update branch and commit changes # ———————————————————————————————————————————————————————————————— @@ -384,7 +363,6 @@ jobs: # Push the branch git push origin "${{ env.BRANCH_NAME }}" --force-with-lease echo "✅ Changes committed and pushed to ${{ env.BRANCH_NAME }}" - # ———————————————————————————————————————————————————————————————— # Test updated hooks (optional verification) # ———————————————————————————————————————————————————————————————— @@ -417,7 +395,6 @@ jobs: echo "════════════════════════════════════════════════════════════════" echo "✅ Hook testing completed (see above for any issues)" - # ———————————————————————————————————————————————————————————————— # Create a new pull request using GitHub CLI # ———————————————————————————————————————————————————————————————— @@ -520,10 +497,8 @@ jobs: \`\`\`bash pre-commit autoupdate \`\`\`" - env: GH_TOKEN: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} - # ---------------------------------------------------------------------------------- # Generate Workflow Summary Report # ---------------------------------------------------------------------------------- @@ -578,7 +553,6 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY echo "---" >> $GITHUB_STEP_SUMMARY echo "🤖 _Automated by GitHub Actions_" >> $GITHUB_STEP_SUMMARY - # ———————————————————————————————————————————————————————————————— # Report final workflow status # ———————————————————————————————————————————————————————————————— diff --git a/.github/workflows/update-python-dependencies.yml b/.github/workflows/update-python-dependencies.yml index 28c6457..b14d5ba 100644 --- a/.github/workflows/update-python-dependencies.yml +++ b/.github/workflows/update-python-dependencies.yml @@ -17,9 +17,7 @@ # Maintainer: @mrz1836 # # ------------------------------------------------------------------------------------ - name: Update Python Dependencies - # ———————————————————————————————————————————————————————————————— # Trigger Configuration # ———————————————————————————————————————————————————————————————— @@ -44,25 +42,21 @@ on: required: false default: true type: boolean - # ———————————————————————————————————————————————————————————————— # Permissions # ———————————————————————————————————————————————————————————————— permissions: contents: read - # ———————————————————————————————————————————————————————————————— # Concurrency Control # ———————————————————————————————————————————————————————————————— concurrency: group: ${{ github.workflow }}-${{ github.ref }} cancel-in-progress: true - # ———————————————————————————————————————————————————————————————— # Environment Variables # ———————————————————————————————————————————————————————————————— # Note: Configuration variables are loaded from .github/.env.shared - jobs: # ---------------------------------------------------------------------------------- # Load Environment Variables from .env.shared @@ -82,14 +76,12 @@ jobs: sparse-checkout: | .github/.env.shared .github/actions/load-env - # ———————————————————————————————————————————————————————————————— # Load and parse environment file # ———————————————————————————————————————————————————————————————— - name: 🌍 Load environment variables uses: ./.github/actions/load-env id: load-env - # ---------------------------------------------------------------------------------- # Update Python Dependencies # ---------------------------------------------------------------------------------- @@ -104,7 +96,6 @@ jobs: has_changes: ${{ steps.check_all_changes.outputs.has_changes }} pr_exists: ${{ steps.check_branch.outputs.pr_exists }} pr_number: ${{ steps.check_branch.outputs.pr_number }} - steps: # ———————————————————————————————————————————————————————————————— # Extract configuration from env-json @@ -168,7 +159,6 @@ jobs: else echo " 🔑 Token: Default GITHUB_TOKEN" fi - # ———————————————————————————————————————————————————————————————— # Check out the repository # ———————————————————————————————————————————————————————————————— @@ -177,7 +167,6 @@ jobs: with: token: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} fetch-depth: 0 # Full history for branch operations - # ———————————————————————————————————————————————————————————————— # Set up Python for dependency management # ———————————————————————————————————————————————————————————————— @@ -185,7 +174,6 @@ jobs: uses: actions/setup-python@e797f83bcb11b83ae66e0230d6156d7c80228e7c # v6.0.0 with: python-version: "3.x" - # ———————————————————————————————————————————————————————————————— # Cache pip downloads to speed up later runs # ———————————————————————————————————————————————————————————————— @@ -196,7 +184,6 @@ jobs: key: ${{ runner.os }}-pip-${{ hashFiles('.github/pip/*.txt') }} restore-keys: | ${{ runner.os }}-pip- - # ———————————————————————————————————————————————————————————————— # Install pip-tools using secure method # ———————————————————————————————————————————————————————————————— @@ -218,7 +205,6 @@ jobs: # Verify installation pip-compile --version echo "✅ pip-tools ready" - # ———————————————————————————————————————————————————————————————— # Create backups of all files for comparison # ———————————————————————————————————————————————————————————————— @@ -233,7 +219,6 @@ jobs: done echo "✅ All backups created" - # ———————————————————————————————————————————————————————————————— # Update pip-tools requirements # ———————————————————————————————————————————————————————————————— @@ -265,7 +250,6 @@ jobs: echo "⚠️ pip-tools-requirements.in not found, skipping" echo "has_changes=false" >> $GITHUB_OUTPUT fi - # ———————————————————————————————————————————————————————————————— # Update main requirements # ———————————————————————————————————————————————————————————————— @@ -324,7 +308,6 @@ jobs: echo "ℹ️ No changes in main requirements" echo "has_changes=false" >> $GITHUB_OUTPUT fi - # ———————————————————————————————————————————————————————————————— # Check all files for changes # ———————————————————————————————————————————————————————————————— @@ -374,7 +357,6 @@ jobs: # Clean up backups find "${{ env.PIP_DIR }}" -name "*.backup" -type f -delete echo "🧹 Cleaned up backup files" - # ———————————————————————————————————————————————————————————————— # Configure git # ———————————————————————————————————————————————————————————————— @@ -384,7 +366,6 @@ jobs: echo "🔧 Configuring git..." git config --global user.name "github-actions[bot]" git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com" - # ———————————————————————————————————————————————————————————————— # Check if PR branch already exists # ———————————————————————————————————————————————————————————————— @@ -416,7 +397,6 @@ jobs: fi env: GH_TOKEN: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} - # ———————————————————————————————————————————————————————————————— # Create or update branch and commit changes # ———————————————————————————————————————————————————————————————— @@ -457,7 +437,6 @@ jobs: # Push the branch git push origin "${{ env.BRANCH_NAME }}" --force-with-lease echo "✅ Changes committed and pushed to ${{ env.BRANCH_NAME }}" - # ———————————————————————————————————————————————————————————————— # Create a new pull request using GitHub CLI # ———————————————————————————————————————————————————————————————— @@ -538,10 +517,8 @@ jobs: \`\`\`bash pip install --require-hashes -r ${{ env.PIP_DIR }}/requirements.txt \`\`\`" - env: GH_TOKEN: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} - # ———————————————————————————————————————————————————————————————— # Update existing PR if changes detected # ———————————————————————————————————————————————————————————————— @@ -569,7 +546,6 @@ jobs: echo "✅ Existing PR #$pr_number updated with new changes" env: GH_TOKEN: ${{ secrets.GH_PAT_TOKEN || secrets.GITHUB_TOKEN }} - # ———————————————————————————————————————————————————————————————— # Test updated requirements (optional verification) # ———————————————————————————————————————————————————————————————— @@ -602,7 +578,6 @@ jobs: # Clean up deactivate || true rm -rf test-env - # ---------------------------------------------------------------------------------- # Generate Workflow Summary Report # ---------------------------------------------------------------------------------- @@ -663,7 +638,6 @@ jobs: echo "" >> $GITHUB_STEP_SUMMARY echo "---" >> $GITHUB_STEP_SUMMARY echo "🤖 _Automated by GitHub Actions_" >> $GITHUB_STEP_SUMMARY - # ———————————————————————————————————————————————————————————————— # Report final workflow status # ———————————————————————————————————————————————————————————————— diff --git a/.gitpod.yml b/.gitpod.yml index ef35796..1b00fc5 100644 --- a/.gitpod.yml +++ b/.gitpod.yml @@ -2,10 +2,8 @@ # This file creates a repeatable cloud development environment. # It ensures dependencies are installed and the codebase is vetted # and tested on workspace start. - image: name: gitpod/workspace-full:1.0.0 - tasks: - name: setup-and-test init: | @@ -22,12 +20,10 @@ tasks: go vet ./... command: | go test ./... - ports: - port: 8080 onOpen: open-preview description: Application - vscode: extensions: - golang.go diff --git a/.golangci.json b/.golangci.json index eb2a212..f3be040 100644 --- a/.golangci.json +++ b/.golangci.json @@ -1,236 +1,236 @@ { - "version": "2", - "formatters": { - "enable": [ - "gofmt", - "gofumpt" - ], - "exclusions": { - "generated": "lax", - "paths": [ - ".*\\.my\\.go$", - "lib/bad.go", - ".make", - ".vscode", - "dist", - "third_party$", - "builtin$" - ] - }, - "settings": { - "gci": { - "sections": [ - "standard", - "default", - "prefix(github.com/bsv-blockchain/go-tx-map)" - ] - }, - "gofmt": { - "simplify": true - }, - "gofumpt": { - "extra-rules": false - }, - "goimports": { - "local-prefixes": [ - "github.com/bsv-blockchain/go-tx-map" - ] - } - } - }, - "linters": { - "enable": [ - "arangolint", - "asasalint", - "asciicheck", - "bidichk", - "bodyclose", - "containedctx", - "contextcheck", - "copyloopvar", - "dogsled", - "durationcheck", - "embeddedstructfieldcheck", - "err113", - "errcheck", - "errchkjson", - "errname", - "errorlint", - "exhaustive", - "forbidigo", - "funcorder", - "gocheckcompilerdirectives", - "gochecknoglobals", - "gochecknoinits", - "gochecksumtype", - "gocognit", - "goconst", - "gocyclo", - "goheader", - "gomoddirectives", - "gosec", - "gosmopolitan", - "govet", - "inamedparam", - "ineffassign", - "loggercheck", - "makezero", - "mirror", - "misspell", - "musttag", - "nakedret", - "nestif", - "nilerr", - "nilnesserr", - "nilnil", - "noctx", - "nolintlint", - "nosprintfhostport", - "prealloc", - "predeclared", - "protogetter", - "reassign", - "recvcheck", - "revive", - "rowserrcheck", - "spancheck", - "sqlclosecheck", - "staticcheck", - "testifylint", - "unconvert", - "unparam", - "unused", - "wastedassign", - "wsl_v5", - "zerologlint" - ], - "disable": [ - "gocritic", - "godot", - "godox" - ], - "settings": { - "funcorder": { - "constructor-after-struct": true - }, - "revive": { - "config": ".revive.toml" - }, - "dogsled": { - "max-blank-identifiers": 2 - }, - "dupl": { - "threshold": 100 - }, - "exhaustive": { - "default-signifies-exhaustive": false - }, - "funlen": { - "lines": 60, - "statements": 40 - }, - "gocognit": { - "min-complexity": 10 - }, - "goconst": { - "min-len": 3, - "min-occurrences": 10 - }, - "gocyclo": { - "min-complexity": 10 - }, - "godox": { - "keywords": [ - "NOTE", - "OPTIMIZE", - "HACK", - "ATTN", - "ATTENTION" - ] - }, - "govet": { - "enable": [ - "atomicalign", - "shadow" - ], - "settings": { - "printf": { - "funcs": [ - "(github.com/golangci/golangci-lint/pkg/logutils.Log).Infof", - "(github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf", - "(github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf", - "(github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf" - ] - } - } - }, - "lll": { - "line-length": 120, - "tab-width": 1 - }, - "misspell": { - "locale": "US", - "ignore-rules": [ - "bsv", - "bitcoin" - ] - }, - "nakedret": { - "max-func-lines": 30 - }, - "nestif": { - "min-complexity": 4 - }, - "nolintlint": { - "allow-unused": false, - "require-explanation": true, - "require-specific": true - }, - "prealloc": { - "for-loops": false, - "range-loops": true, - "simple": true - }, - "unparam": { - "check-exported": false - }, - "wsl": { - "allow-assign-and-call": true, - "allow-cuddle-declarations": true, - "allow-multiline-assign": true, - "strict-append": true - } - } - }, - "run": { - "allow-parallel-runners": true, - "concurrency": 8, - "issues-exit-code": 1, - "tests": true - }, - "output": { - "formats": { - "text": { - "path": "stdout", - "print-issued-lines": true, - "print-linter-name": true - } - } - }, - "severity": { - "default": "warning", - "rules": [ - { - "linters": [ - "dupl", - "misspell", - "makezero" - ], - "severity": "info" - } - ] - }, - "issues": { - "uniq-by-line": true - } + "formatters": { + "enable": [ + "gofmt", + "gofumpt" + ], + "exclusions": { + "generated": "lax", + "paths": [ + ".*\\.my\\.go$", + "lib/bad.go", + ".make", + ".vscode", + "dist", + "third_party$", + "builtin$" + ] + }, + "settings": { + "gci": { + "sections": [ + "standard", + "default", + "prefix(github.com/bsv-blockchain/go-tx-map)" + ] + }, + "gofmt": { + "simplify": true + }, + "gofumpt": { + "extra-rules": false + }, + "goimports": { + "local-prefixes": [ + "github.com/bsv-blockchain/go-tx-map" + ] + } + } + }, + "issues": { + "uniq-by-line": true + }, + "linters": { + "disable": [ + "gocritic", + "godot", + "godox" + ], + "enable": [ + "arangolint", + "asasalint", + "asciicheck", + "bidichk", + "bodyclose", + "containedctx", + "contextcheck", + "copyloopvar", + "dogsled", + "durationcheck", + "embeddedstructfieldcheck", + "err113", + "errcheck", + "errchkjson", + "errname", + "errorlint", + "exhaustive", + "forbidigo", + "funcorder", + "gocheckcompilerdirectives", + "gochecknoglobals", + "gochecknoinits", + "gochecksumtype", + "gocognit", + "goconst", + "gocyclo", + "goheader", + "gomoddirectives", + "gosec", + "gosmopolitan", + "govet", + "inamedparam", + "ineffassign", + "loggercheck", + "makezero", + "mirror", + "misspell", + "musttag", + "nakedret", + "nestif", + "nilerr", + "nilnesserr", + "nilnil", + "noctx", + "nolintlint", + "nosprintfhostport", + "prealloc", + "predeclared", + "protogetter", + "reassign", + "recvcheck", + "revive", + "rowserrcheck", + "spancheck", + "sqlclosecheck", + "staticcheck", + "testifylint", + "unconvert", + "unparam", + "unused", + "wastedassign", + "wsl_v5", + "zerologlint" + ], + "settings": { + "dogsled": { + "max-blank-identifiers": 2 + }, + "dupl": { + "threshold": 100 + }, + "exhaustive": { + "default-signifies-exhaustive": false + }, + "funcorder": { + "constructor-after-struct": true + }, + "funlen": { + "lines": 60, + "statements": 40 + }, + "gocognit": { + "min-complexity": 10 + }, + "goconst": { + "min-len": 3, + "min-occurrences": 10 + }, + "gocyclo": { + "min-complexity": 10 + }, + "godox": { + "keywords": [ + "NOTE", + "OPTIMIZE", + "HACK", + "ATTN", + "ATTENTION" + ] + }, + "govet": { + "enable": [ + "atomicalign", + "shadow" + ], + "settings": { + "printf": { + "funcs": [ + "(github.com/golangci/golangci-lint/pkg/logutils.Log).Infof", + "(github.com/golangci/golangci-lint/pkg/logutils.Log).Warnf", + "(github.com/golangci/golangci-lint/pkg/logutils.Log).Errorf", + "(github.com/golangci/golangci-lint/pkg/logutils.Log).Fatalf" + ] + } + } + }, + "lll": { + "line-length": 120, + "tab-width": 1 + }, + "misspell": { + "ignore-rules": [ + "bsv", + "bitcoin" + ], + "locale": "US" + }, + "nakedret": { + "max-func-lines": 30 + }, + "nestif": { + "min-complexity": 4 + }, + "nolintlint": { + "allow-unused": false, + "require-explanation": true, + "require-specific": true + }, + "prealloc": { + "for-loops": false, + "range-loops": true, + "simple": true + }, + "revive": { + "config": ".revive.toml" + }, + "unparam": { + "check-exported": false + }, + "wsl": { + "allow-assign-and-call": true, + "allow-cuddle-declarations": true, + "allow-multiline-assign": true, + "strict-append": true + } + } + }, + "output": { + "formats": { + "text": { + "path": "stdout", + "print-issued-lines": true, + "print-linter-name": true + } + } + }, + "run": { + "allow-parallel-runners": true, + "concurrency": 8, + "issues-exit-code": 1, + "tests": true + }, + "severity": { + "default": "warning", + "rules": [ + { + "linters": [ + "dupl", + "misspell", + "makezero" + ], + "severity": "info" + } + ] + }, + "version": "2" } diff --git a/.goreleaser.yml b/.goreleaser.yml index 4f741b1..55e4319 100644 --- a/.goreleaser.yml +++ b/.goreleaser.yml @@ -3,7 +3,6 @@ # General # --------------------------- version: 2 - before: hooks: - make test @@ -14,7 +13,6 @@ changelog: - "^.github:" - "^.vscode:" - "^test:" - # --------------------------- # Builder # --------------------------- @@ -26,14 +24,12 @@ builds: - windows - darwin skip: true - # --------------------------- # Github Release # --------------------------- release: prerelease: "false" name_template: "Release v{{.Version}}" - # --------------------------- # Announce # --------------------------- @@ -46,12 +42,10 @@ announce: # username: '' # icon_emoji: '' # icon_url: '' - # See more at: https://goreleaser.com/customization/announce/#twitter twitter: enabled: false message_template: "{{ .ProjectName }} {{ .Tag }} is out!" - # See more at: https://goreleaser.com/customization/announce/#discord discord: enabled: false @@ -62,7 +56,6 @@ announce: color: "" # Defaults to `https://goreleaser.com/static/avatar.png` icon_url: "" - # See more at: https://goreleaser.com/customization/announce/#reddit reddit: enabled: false diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index c2c2cbe..dd4977c 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -11,9 +11,7 @@ # • Commit messages are validated against Conventional Commits # extended with the prefixes listed in AGENTS.md # ---------------------------------------------------------------------- - minimum_pre_commit_version: "3.7.0" # requires Python‑based hooks v2.0+ - repos: # ---------------------- Core hygiene hooks -------------------------- - repo: https://github.com/pre-commit/pre-commit-hooks @@ -23,7 +21,6 @@ repos: - id: end-of-file-fixer - id: trailing-whitespace - id: check-merge-conflict - # ------------------------- Go toolchain ----------------------------- - repo: https://github.com/TekWizely/pre-commit-golang rev: bf2137dcd61fa219107613e4a4103cf24540cd93 # frozen: v1.0.0-rc.2 @@ -34,14 +31,12 @@ repos: - id: go-imports - id: golangci-lint - id: go-mod-tidy - # ------------------------ Security scans --------------------------- - repo: https://github.com/zricethezav/gitleaks rev: 39fdb480a06768cc41a84ef86959c07ff33091c4 # frozen: v8.28.0 hooks: - id: gitleaks stages: [pre-commit, pre-push] - # ------------------- Commenting rule enforcement ------------------- - repo: local hooks: @@ -52,7 +47,6 @@ repos: bash -c 'revive -config .revive.toml ./...' types: [go] fail_fast: true - - id: comment-conventions name: "custom comment linter (AGENTS.md)" language: python @@ -62,7 +56,6 @@ repos: additional_dependencies: - regex==2024.11.6 - ruamel.yaml==0.18.18 - # --------------------- Commit‑msg validation ----------------------- - repo: https://github.com/alessandrojcm/commitlint-pre-commit-hook rev: 879f5400493f84c8b683bdeb3366a8439ca17858 # frozen: v9.22.0 @@ -70,5 +63,4 @@ repos: - id: commitlint stages: [commit-msg] additional_dependencies: ["@commitlint/config-conventional"] - default_stages: [pre-commit, pre-push] diff --git a/codecov.yml b/codecov.yml index ed2790f..9e38d31 100644 --- a/codecov.yml +++ b/codecov.yml @@ -2,7 +2,6 @@ # ---------------------- codecov: require_ci_to_pass: true - # Coverage configuration # ---------------------- coverage: @@ -12,7 +11,6 @@ coverage: # (default is 70..100) round: down # up, down, or nearest precision: 2 # Number of decimal places, between 0 and 5 - # Ignoring Paths # -------------- # which folders/files to ignore @@ -21,7 +19,6 @@ ignore: - ".make/**" - ".vscode/**" - "examples/**" - # Parsers # -------------- parsers: @@ -31,7 +28,6 @@ parsers: loop: yes method: no macro: no - # Pull request comments: # ---------------------- # Diff is the Coverage Diff of the pull request. diff --git a/go.mod b/go.mod index 3f2cb63..34b704a 100644 --- a/go.mod +++ b/go.mod @@ -15,6 +15,6 @@ require ( github.com/dolthub/maphash v0.1.0 // indirect github.com/kr/text v0.2.0 // indirect github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect - google.golang.org/protobuf v1.36.6 // indirect + google.golang.org/protobuf v1.36.9 // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff --git a/go.sum b/go.sum index 3d7386a..da1e912 100644 --- a/go.sum +++ b/go.sum @@ -19,8 +19,8 @@ github.com/rogpeppe/go-internal v1.14.1 h1:UQB4HGPB6osV0SQTLymcB4TgvyWu6ZyliaW0t github.com/rogpeppe/go-internal v1.14.1/go.mod h1:MaRKkUm5W0goXpeCfT7UZI6fk/L7L7so1lCWt35ZSgc= github.com/stretchr/testify v1.11.1 h1:7s2iGBzp5EwR7/aIZr8ao5+dra3wiQyKjjFuvgVKu7U= github.com/stretchr/testify v1.11.1/go.mod h1:wZwfW3scLgRK+23gO65QZefKpKQRnfz6sD981Nm4B6U= -google.golang.org/protobuf v1.36.6 h1:z1NpPI8ku2WgiWnf+t9wTPsn6eP1L7ksHUlkfLvd9xY= -google.golang.org/protobuf v1.36.6/go.mod h1:jduwjTPXsFjZGTmRluh+L6NjiWu7pchiJ2/5YcXBHnY= +google.golang.org/protobuf v1.36.9 h1:w2gp2mA27hUeUzj9Ex9FBjsBm40zfaDtEWow293U7Iw= +google.golang.org/protobuf v1.36.9/go.mod h1:fuxRtAxBytpl4zzqUh6/eyUujkJdNiuEkXntxiD/uRU= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk= gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q= diff --git a/tx_map.go b/tx_map.go index 237a010..1deeba5 100644 --- a/tx_map.go +++ b/tx_map.go @@ -547,7 +547,7 @@ func (s *SwissLockFreeMapUint64) Exists(hash uint64) bool { // - error: An error if the hash already exists in the map, nil otherwise. // // Attn: This method does not lock the map, so it is not suitable for concurrent access. -func (s *SwissLockFreeMapUint64) Put(hash uint64, n uint64) error { +func (s *SwissLockFreeMapUint64) Put(hash, n uint64) error { exists := s.m.Has(hash) if exists { return ErrHashAlreadyExists diff --git a/tx_map_test.go b/tx_map_test.go index a6611ec..36e4618 100644 --- a/tx_map_test.go +++ b/tx_map_test.go @@ -292,7 +292,8 @@ func testTxMap(t *testing.T, m TxMap) { assert.Equal(t, uint64(3), val) nrOfKeys := 0 - m.Iter(func(key chainhash.Hash, value uint64) bool { + + m.Iter(func(_ chainhash.Hash, _ uint64) bool { nrOfKeys++ return false @@ -430,6 +431,7 @@ func TestSplitSwissMapDelete(t *testing.T) { hash := chainhash.Hash{0x00, 0x03} bucket := Bytes2Uint16Buckets(hash, m.nrOfBuckets) delete(m.m, bucket) + return hash }, wantErr: ErrBucketDoesNotExist, @@ -446,6 +448,7 @@ func TestSplitSwissMapDelete(t *testing.T) { prepare: func(m *SplitSwissMap) chainhash.Hash { hash := chainhash.Hash{0x00, 0x07} require.NoError(t, m.Put(hash, 1)) + return hash }, wantErr: nil,