Release v0.2.0

[skyoo2003]

Summary

• Add v0.2.0 changelog entry aggregating all changes since v0.1.1
• Security hardening: fix uncontrolled data in path expressions and slice memory allocation overflows
• Add GoReleaser + Changie release pipeline
• Bump dependencies across Go (go-sqlite3, golangci-lint-action) and web packages (shadcn, react, typescript, base-ui, lucide-react)

Changelog

Added

• GoReleaser + Changie release pipeline (feat: add GoReleaser + Changie release pipeline #26)

Changed

• Dependency bumps: golangci-lint-action, go-sqlite3, GitHub Actions, web packages (chore: bump golangci/golangci-lint-action from 8.0.0 to 9.2.0 #27)

Fixed

• Slice memory allocation with excessive size value (fix: Potential fix for code scanning alert no. 22: Slice memory allocation with excessive size value #6)
• Remove reference to non-existent devcloud.yaml in Dockerfile (fix: remove reference to non-existent devcloud.yaml in Dockerfile #25)

Security

• Fix uncontrolled data used in path expression (fix: Potential fix for code scanning alert no. 2: Uncontrolled data used in path expression #23)

Test plan

• Verify CHANGELOG.md renders correctly
• Confirm all PRs since v0.1.1 are represented
• Merge to main, then tag and run GoReleaser

[sourcery-ai]

Reviewer's Guide

Introduce the v0.2.0 release notes by adding a new version section to the main changelog, wiring up the Unreleased comparison link to point from v0.2.0, and adding a corresponding Changie-generated per-release changelog file that documents added release pipeline, dependency bumps, bug fixes, and security hardening.

File-Level Changes

Change	Details	Files
Add v0.2.0 section to the main changelog and update comparison links for the Unreleased section.	Insert a new v0.2.0 section with Added/Changed/Fixed/Security subsections summarising issues fix: Potential fix for code scanning alert no. 22: Slice memory allocation with excessive size value #6, fix: Potential fix for code scanning alert no. 2: Uncontrolled data used in path expression #23, fix: remove reference to non-existent devcloud.yaml in Dockerfile #25, and code scanning alerts. Link the v0.2.0 heading to the GitHub release URL matching the new tag. Update the [Unreleased] comparison link to start from v0.2.0 instead of v0.1.0. Add a reference link definition for [v0.2.0] pointing to the GitHub release URL.	CHANGELOG.md
Add a per-release changelog file for v0.2.0 compatible with the Changie release workflow.	Create a new changes/v0.2.0.md file that mirrors the v0.2.0 entries from the main changelog. Structure the file into Added, Changed, Fixed, and Security sections with links back to the corresponding GitHub issues. Ensure the new file follows the same markdown conventions as existing Changie change files to integrate with the release pipeline.	changes/v0.2.0.md

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've reviewed your changes and they look great!

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}