Releases: graybuton/goframe
Release list
GoFrame v0.2.0-preview.3
Release Notes: v0.2.0-preview.3
Summary
v0.2.0-preview.3 is a hotfix preview after v0.2.0-preview.2.
It fixes stale toolchain self-reporting. v0.2.0-preview.2 installed from the
correct Go module tag, but the CLI self-reported:
goxc version 0.1.0
and goxc package wrote generated package metadata with:
"toolchainVersion": "0.1.0"goxc version and generated goframe-package.json metadata now use the module
version recorded in Go build information for tagged module installs. Local
checkout builds report and write:
devel
What Changed
goxc versionno longer uses the hardcoded release constant for CLI
self-reporting.goxc packagewritestoolchainVersionfrom the same build-info-derived
value in generatedgoframe-package.jsonmetadata.- Tagged module installs such as
@v0.2.0-preview.3report and write
v0.2.0-preview.3. - Local checkout builds such as
go run ./cmd/goxc versionand
go install ./cmd/goxcreportdevel, and local package metadata writes
"toolchainVersion": "devel".
Compatibility
- No GoFrame runtime behavior changed.
- No GOX parser, codegen, or language behavior changed.
- No package workflow, layout, build, export, serve, clean, doctor, workspace,
or manifest behavior changed. - Package metadata now reports the build-info-derived toolchain version.
- No examples changed.
- No migration is required.
Validation
Release-gate validation for this hotfix should include:
go test ./cmd/goxc;go test ./...;go vet ./...;node scripts/docs-check.mjs;scripts/artifact-check.sh;scripts/module-path-check.sh;scripts/size-budget.sh;scripts/browser-smoke.sh.
The release readiness check should also verify local checkout behavior:
go run ./cmd/goxc version
tmpbin="$(mktemp -d)"
GOBIN="$tmpbin" go install ./cmd/goxc
"$tmpbin/goxc" versionBoth local commands should print goxc version devel on the first line.
It should also verify local package metadata:
go run ./cmd/goxc package ./examples/counter --compiler=goThe generated examples/counter/.goframe/package/standalone/goframe-package.json
should contain:
"toolchainVersion": "devel"Install
After the tag is published, install the exact hotfix preview with:
go install github.com/graybuton/goframe/cmd/goxc@v0.2.0-preview.3Verification
Run:
goxc versionExpected first line:
goxc version v0.2.0-preview.3
Generated goframe-package.json metadata should include:
"toolchainVersion": "v0.2.0-preview.3"Non-Goals
This hotfix does not include:
- runtime changes;
- GOX parser, codegen, or language changes;
- package workflow or layout changes beyond the reported metadata value;
goxcbuild/export/serve behavior changes;- server/fullstack API changes;
- production readiness claims;
- route loader, JSON/data framework, or global cache changes;
- release tag creation in the release-notes PR.
GoFrame v0.2.0-preview.2
Release Notes: v0.2.0-preview.2
Summary
v0.2.0-preview.2 is an experimental preview for GoFrame's web-first browser/WASM direction.
This release focuses on server-backed evidence and the smallest browser-side text loader now present in the runtime: experimental gf.FetchText.
The validated target remains interactive browser/WASM applications built with the GoFrame runtime, GOX, and goxc. This release does not claim production readiness, fullstack/server APIs, server functions, SSR/hydration, route loaders, JSON/data framework behavior, global caching, or production server behavior.
Highlights
examples/server-backedis now a persistent reference fixture for a packaged GoFrame browser/WASM app served by a plain Gonet/httpbackend.- The fixture exposes a same-origin
/api/greetingendpoint and exercises a resource/form flow from the browser app. - Browser smoke covers:
- initial backend data;
- form-driven updates;
- controlled backend HTTP 500 failure UI;
- recovery after a valid submission;
- delayed stale-response no-overwrite behavior.
- Experimental
gf.FetchTextprovides a browser/WASM text-only helper that fits thegf.UseResource/ResourceLoader[string]shape. examples/server-backedusesgf.FetchText.examples/resourceis now the second adoption point forgf.FetchTextwhile keeping parsing and lifecycle demonstration local to the example.- The
cmd/goxcworkspace dependency characterization test now keeps the innergo listbaseline robust underGOFLAGS=-buildvcs=false.
Server-backed Evidence
The server-backed fixture demonstrates a narrow integration boundary:
goxc package ./examples/server-backed --compiler=goproduces the browser/WASM app bundle;examples/server-backed/cmd/serveris a plain Gonet/httpserver;- the backend serves the packaged standalone directory as static files;
- the backend exposes
/api/greetingon the same origin as the app; - the browser app renders backend data through
gf.UseResourceand a small form flow.
This is evidence for a server-backed browser/WASM pattern, not a GoFrame server framework.
Experimental gf.FetchText
gf.FetchText is an experimental browser/WASM text loader for the ResourceLoader[string] contract.
In browser/WASM builds, it:
- calls browser
fetchwith the provided key as the URL; - uses
AbortControllerfor cleanup; - reads successful responses with
response.text(); - rejects non-OK HTTP responses with an ordinary error whose text includes the status code;
- rejects fetch/network failures with an ordinary error;
- prevents resolve/reject callbacks after cleanup.
Host builds compile with a stub that rejects with a clear ordinary error and returns a safe no-op cleanup.
gf.FetchText is text-only. It does not provide JSON parsing, UseFetch, public HTTPError, a browser subpackage, caching, retry/backoff, deduplication, route loaders, server APIs, auth/session behavior, SSR, hydration, or production server behavior.
Compatibility
- Existing
gf.UseResourcesemantics did not change. - Existing custom
ResourceLoaderimplementations remain valid. gf.FetchTextis Experimental Frontier, not Public-Candidate.examples/server-backedis an example/integration fixture, not a server framework.- Existing browser/WASM app workflows remain experimental preview workflows.
Not Supported / Not Claimed
This release does not claim:
- production readiness;
- stable 1.0 API compatibility;
- fullstack/server APIs;
- server functions;
- SSR or hydration;
- route loaders;
- JSON/data framework behavior;
- global resource cache;
- auth/session helpers;
- production server behavior;
- history-mode router or server fallback automation;
- broad reusable package ecosystem stability;
- Player/Engine;
.gfapp.
Install
go install github.com/graybuton/goframe/cmd/goxc@v0.2.0-preview.2Full Notes
See docs/release-notes-v0.2.0-preview.2.md for the complete release notes, validation scope, compatibility notes, upgrade notes, and known limitations.
Known issue
goxc version and generated goframe-package.json metadata self-report 0.1.0 in this preview.
The Go module tag itself is correct: v0.2.0-preview.2.
This is fixed in v0.2.0-preview.3.
GoFrame v0.2.0-preview.1
Release Notes: v0.2.0-preview.1
Summary
v0.2.0-preview.1 is a narrow evaluator preview for GoFrame's web-first direction.
This release records the post-v0.1.0-preview.2 work around external Go component package evidence and closes the public strategy wording around GoFrame's active direction: browser/WASM runtime, GOX, goxc, package/export workflows, examples, and CI evidence.
GoFrame remains experimental. This release does not claim production readiness, stable 1.0 APIs, fullstack/server APIs, SSR/hydration, Player/Engine, .gfapp, or a broad reusable package ecosystem.
Highlights
- Web-first positioning closeout: GoFrame is described as an experimental Go-first web application framework and toolchain.
- Player/Engine,
.gfapp, portable host/runtime packaging, desktop/mobile shells, and custom app engine work are inactive and outside the preview promise. - External component package identity evidence now covers:
- package-qualified GOX tags for external imports;
- import aliases as debug labels rather than runtime identity;
- same-symbol package separation;
- versioned import path separation.
goxcbuild workspaces now preserve app modulerequire/replacedirectives needed for ordinary Go package resolution.- Local relative replace targets are rewritten to original module locations when materialized under
.goframe/work/<profile>. - Go/WASM build-flow evidence covers a local-replace external Go component package imported by an app module.
- Release-facing docs keep preview promises tied to current evidence.
Supported In This Preview
This preview supports evaluating:
- browser/WASM interactive apps;
- the current
pkg/goframeruntime surfaces documented as public-candidate or experimental; - GOX generation, package-qualified component tags, and diagnostics covered by current tests;
goxc generate,build,package,export,serve,size,clean,doctor, andversion;- static package/export workflow for browser deployment artifacts;
- hash-router/static-host deployment model;
- app module local
require/replaceexternal Go component package path for ordinary Go packages.
Not Supported / Not Claimed
This release does not claim:
- production readiness;
- stable 1.0 API compatibility;
- fullstack/server APIs;
- SSR or hydration;
- history-mode router, file routing, route loaders, or production server fallback automation;
- production static server behavior in
goxc serve; - raw
.goxgeneration inside external dependencies; - broad reusable component package ecosystem stability;
- full multi-module monorepo support;
- remote or non-local external module evidence for the new external component package path;
- equivalent Firefox or Safari support;
- Player/Engine,
.gfapp, portable host/runtime packaging, desktop/mobile shells, or custom app engine; - stable LSP/formatter behavior.
Install
go install github.com/graybuton/goframe/cmd/goxc@v0.2.0-preview.1Full Notes
See docs/release-notes-v0.2.0-preview.1.md for the complete release notes, validation scope, platform evidence, upgrade notes, and known limitations.
GoFrame v0.1.0-preview.2
Release Notes: v0.1.0-preview.2
Summary
v0.1.0-preview.2 is a maintenance preview after
v0.1.0-preview.1. It focuses on public repository hygiene and security/test
harness hardening that landed on main after the first evaluator preview.
GoFrame remains an experimental Go-first application platform. This maintenance
preview does not expand the runtime/API stability promise, does not make
goxc serve a production server, and keeps the preview scope centered on
browser/WASM evaluator use.
Scope preview != scope project. The first preview remains narrower than the
project vision without removing or hiding working experimental surfaces.
What Changed Since v0.1.0-preview.1
Community Health
The repository now includes minimal public-preview community files:
- issue templates for bug reports and feature requests;
- a pull request template;
- updated contribution guidance;
- a short Code of Conduct.
These files describe contribution expectations for an experimental public
preview repository. They do not change runtime, toolchain, package, or example
behavior.
goxc serve Path Hardening
goxc serve now hardens static request path handling:
- request paths are sanitized before filesystem resolution and before handing
the request tohttp.FileServer; - traversal and backslash paths return 404;
- symlinked served entries remain fail-closed;
- existing static asset headers for WASM, JavaScript, CSS, gzip, and brotli
sidecars are preserved.
goxc serve remains development-only. Production static hosting, cache
headers, TLS, access control, and broader server hardening remain outside the
current preview contract.
Browser Smoke Harness Hardening
Browser smoke scripts no longer construct dynamic executable JavaScript from
test-controlled selectors, labels, or expected values in the targeted CodeQL
alert patterns. The harness passes those values as Chrome DevTools Protocol
function arguments instead.
This is test-harness hardening only. Browser runtime behavior and smoke
assertions are unchanged.
Compatibility
This maintenance preview has no intended:
- runtime API changes;
- GOX language changes;
- manifest, package, or export semantics changes;
- workflow support expansion;
- preview promise expansion.
The v0.1.0-preview.1 compatibility boundaries still apply: public-candidate
API shapes remain pre-1.0, experimental semantics remain explicitly scoped, and
production readiness is not claimed.
Validation
Expected release-branch validation includes:
git diff --check
node scripts/docs-check.mjs
go test ./...Additional checks may be run by CI or release maintainers, but this maintenance
release note only records commands that are part of the documented local
release-prep validation set.
Notes For Evaluators
After release publication, install the exact CLI tag when exact preview
selection matters:
go install github.com/graybuton/goframe/cmd/goxc@v0.1.0-preview.2@latest may depend on Go module proxy and cache timing. Use the exact tag
when immediate reproducibility matters after publication.
Non-Goals
v0.1.0-preview.2 does not include:
- production readiness;
- stable 1.0 API compatibility;
- runtime feature changes;
- GOX language changes;
- manifest/package/export contract changes;
- browser/platform support expansion;
- turning
goxc serveinto a production static server; - SSR, hydration, history routing, Player/Engine, or
.gfapppackaging.
GoFrame v0.1.0-preview.1
Release Notes: v0.1.0-preview.1
Summary
GoFrame is an experimental Go-first application platform. This preview
validates the current browser/WASM interactive application layer: the
pkg/goframe runtime, GOX generation, the goxc toolchain, static packaging,
examples, docs, and CI evidence.
The preview scope is narrower than the project vision. Router, resources, Error
Boundaries, package/export workflow, and the reference app are real working
surfaces. Player/Engine, broader host/runtime targets, richer editor tooling,
and a package ecosystem remain outside this preview promise.
Preview Scope
This preview is for evaluators who want to inspect and try the current
browser/WASM layer:
- Go-authored interactive browser apps;
- GOX components and package-qualified component tags;
- component-scoped state, effects, context, memoization, fixed-height
virtualization, resources, and hash routing; - static
goxc packageoutput with generated package metadata; - focused examples plus the router-dashboard reference app;
- Linux/Chrome browser smoke evidence and minimal macOS/Windows Go/toolchain
evidence.
It is not a production-ready release and does not create a stable 1.0 API
promise.
What Is Included
pkg/goframe: nodes, typed component identity, hooks, context, events,
virtualized collections, hash router, component-scoped resources, runtime
error reporting, and scoped render Error Boundaries.pkg/gox: GOX parsing/code generation, source-oriented diagnostics,
package-qualified component tags, golden/error golden tests, and bounded fuzz
seeds.cmd/goxc: generate, build, package, export, serve, size, clean, doctor, and
version commands.- Package workflow: versionless
goframe.json, recommended
"assets": "./assets", legacy explicit asset lists, generated or custom root
index.html, versionedasset-manifest.json, and authoritative
goframe-package.jsoncompletion metadata. - Examples: quickstart, focused primitives, toolchain/layout examples,
examples/router-dashboardas the reference app, andexamples/dashboardas
the pressure/performance example.
How To Try It
Install the current toolchain:
go install github.com/graybuton/goframe/cmd/goxc@latest
goxc doctorFrom a local checkout, install the local goxc instead:
go install ./cmd/goxc
goxc doctorRun the quickstart:
goxc package ./examples/counter --compiler=tinygo
goxc serve ./examples/counter --port=8080Run the reference app:
goxc package ./examples/router-dashboard --compiler=tinygo
goxc serve ./examples/router-dashboard --port=8080For the intentional ErrorBoundary panic demo in the reference app, use the
recover-capable Go/WASM package path:
goxc package ./examples/router-dashboard --compiler=go
goxc serve ./examples/router-dashboard --port=8080See the evaluator guide for a shorter evaluation path and
the tutorial for the guided reference-app walkthrough.
Compatibility Notes
- Public-Candidate API shapes are documented in
API stability. They remain pre-1.0 and can change with
migration notes. - Some exported API shapes are public-candidate while deeper lifecycle,
routing, fallback, and edge-case semantics remain Experimental Frontier. - Generated typed component identity is stable enough for one app/module tree.
Broad reusable multi-module package identity is not promised by this preview. goframe.jsonremains versionless forv0.1.0-preview.1.assets: "./assets"is the recommended static asset form. Legacy explicit
asset lists remain supported.- Package root
index.htmlis always produced: selected custom templates are
rewritten, andgoxc packagegenerates a default entrypoint when no custom
template exists. - Generated
asset-manifest.jsonandgoframe-package.jsonare versioned
tooling metadata.goframe-package.jsonis the authoritative current package
completion marker.
Known Limitations
- Browser/WASM DOM target only.
- Linux/Chrome is the strongest browser evidence. Firefox and Safari are
unverified in current CI evidence. - macOS and Windows have minimal Go/toolchain CI evidence, not full browser or
TinyGo smoke coverage. - TinyGo size-oriented builds use trap-style panic behavior by default.
Recover-based ErrorBoundary demos use Go/WASM. - Resources are component-scoped. There is no global cache, deduplication,
automatic retry, Suspense behavior, route loader, or runtime fetch API. - The router is hash-based. History-mode routing, file-based routing,
middleware, route guards, and production fallback automation are outside this
preview. - Package publication is metadata-last and fail-closed, but not a transactional
rollback installer. goxc serveis development-only and not a production static server.
Validation Evidence
Current repository evidence includes:
go test ./...;- race tests for
./pkg/... ./cmd/...; go vet ./...;- debug-tag tests;
- GOX golden/error golden tests;
- bounded GOX fuzz seed targets through normal tests;
- TinyGo size budgets;
- browser smoke on Linux/Chrome;
- dashboard DOM pressure checks;
- artifact/module path gates;
- docs consistency checks;
- VS Code extension compile checks.
See CI and regression gates, platform support,
and public preview readiness for the current
evidence matrix.
Non-Goals
v0.1.0-preview.1 does not include:
- production readiness;
- stable 1.0 compatibility;
- SSR or hydration;
- history-mode router or server fallback automation;
- route loaders, middleware, auth guards, or route-level data APIs;
- Suspense, server resources, or a global resource cache;
- schema validation framework or mutation framework;
- production deployment server;
- LSP/formatter;
- Player/Engine or
.gfapppackaging.