aether/vociferate
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases 7 Wiki Activity

chore: add missing CI validation checks (fmt, mod, gosec, govulncheck)

Browse Source 
- Add go fmt validation to enforce consistent code formatting
- Add go mod tidy and verify checks for module hygiene
- Add gosec security analysis for static security scanning
- Add govulncheck for dependency vulnerability detection
- Reorganize regex variables with clarifying comments
- Follows documented validation sequence from copilot-instructions.md
This commit is contained in:
Micheal Wilkinson
2026-03-21 14:04:35 +00:00
parent 3c60be8587
commit 7cb7b050db
2 changed files with 30 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

21
.gitea/workflows/push-validation.yml
View File

@@ -35,6 +35,27 @@ jobs:
cache: true cache: true
cache-dependency-path: go.sum cache-dependency-path: go.sum
- name: Validate formatting
run: test -z "$(gofmt -l .)"
- name: Module hygiene
run: |
set -euo pipefail
go mod tidy
go mod verify
- name: Run gosec security analysis
uses: securego/gosec@v2
with:
args: ./...
- name: Run govulncheck
uses: golang/govulncheck-action@v1
with:
go-package: ./...
cache: true
cache-dependency-path: go.sum
- name: Run full unit test suite with coverage - name: Run full unit test suite with coverage
run: | run: |
set -euo pipefail set -euo pipefail

14
internal/vociferate/vociferate.go
View File

@@ -23,11 +23,15 @@ const (
defaultUnreleasedTemplate = "### Breaking\n\n### Added\n\n### Changed\n\n### Removed\n\n### Fixed\n" defaultUnreleasedTemplate = "### Breaking\n\n### Added\n\n### Changed\n\n### Removed\n\n### Fixed\n"
) )
var releasedSectionRe = regexp.MustCompile(`(?m)^## \[(\d+\.\d+\.\d+)\] - `) // Pre-compiled regex patterns used for changelog parsing.
var linkedReleasedSectionRe = regexp.MustCompile(`(?m)^## \[(\d+\.\d+\.\d+)\](?:\([^\n)]*\))? - `) // These are read-only after initialization.
var unreleasedHeadingRe = regexp.MustCompile(`(?m)^## \[Unreleased\](?:\([^\n)]*\))?\n`) var (
var releaseHeadingRe = regexp.MustCompile(`(?m)^## \[(\d+\.\d+\.\d+)\](?:\([^\n)]*\))? - `) releasedSectionRe = regexp.MustCompile(`(?m)^## \[(\d+\.\d+\.\d+)\] - `)
var refLinkLineRe = regexp.MustCompile(`^\[[^\]]+\]: \S`) linkedReleasedSectionRe = regexp.MustCompile(`(?m)^## \[(\d+\.\d+\.\d+)\](?:\([^\n)]*\))? - `)
unreleasedHeadingRe = regexp.MustCompile(`(?m)^## \[Unreleased\](?:\([^\n)]*\))?\n`)
releaseHeadingRe = regexp.MustCompile(`(?m)^## \[(\d+\.\d+\.\d+)\](?:\([^\n)]*\))? - `)
refLinkLineRe = regexp.MustCompile(`^\[[^\]]+\]: \S`)
)
type Options struct { type Options struct {
// VersionFile is the path to the file that stores the current version, // VersionFile is the path to the file that stores the current version,