* chore(lint): funcorder
* chore(lint): yamlfmt, ignored broken test yaml files
* chore(tests): tests do not output garbage, add coverage
* chore(lint): fix editorconfig violations
* chore(lint): move from eclint to editorconfig-checker
* chore(lint): add pre-commit, run and fix
* chore(ci): we use renovate to manage updates
* feat: enhance gen command with directory/file arguments and custom output filenames
- Add positional argument support for targeting specific directories or files
- Add --output flag for custom output filename specification
- Implement resolveOutputPath method to handle absolute and relative custom paths
- Update CLI interface with comprehensive examples and help text
- Fix race condition in FixtureManager cache access with RWMutex synchronization
- Update .gitignore to cover additional generated file types (html, json)
- Maintain backward compatibility with existing gen command usage
This enhancement enables generating documentation for multiple actions in the same
directory without filename conflicts, while supporting flexible file targeting.
* feat: enhance CI workflow and standardize license filename
- Update CI workflow to use new gen command functionality with directory targeting
- Remove working-directory requirement by using positional arguments
- Add comprehensive documentation generation with multiple formats (md, html, json)
- Test single file targeting and recursive generation with themes
- Add artifact upload for generated documentation files
- Standardize license filename from LICENSE.md to LICENSE following GitHub conventions
- Clean up duplicate license files
The enhanced workflow demonstrates all new gen command features including
directory targeting, custom output filenames, multiple formats, and themes.
* fix: resolve all linting and EditorConfig violations
Fixed remaining code quality issues:
- Line length violation in TODO.md by breaking long summary
- Trailing whitespace removal from CI workflow, CLAUDE.md, and TODO.md
- Indentation consistency fixes in CI workflow YAML
- Security workflow cleanup for better formatting
All linters now pass:
- golangci-lint: 0 issues
- EditorConfig: No violations detected
Project maintains enterprise-grade code quality standards.
* refactor: optimize security workflow by removing Snyk and reducing duplication
Streamlined security scanning workflow:
- Remove Snyk job to eliminate redundancy with govulncheck and Trivy
- Add comprehensive coverage documentation explaining each tool's purpose
- Ensure consistent action version pinning across all jobs
- Maintain complete security protection with govulncheck, Trivy, gitleaks, and dependency-review
Benefits:
- Reduced execution time by ~2-3 minutes per workflow run
- Simplified secret management (no SNYK_TOKEN required)
- Lower complexity while maintaining enterprise-grade security coverage
- Better workflow maintainability with clear job documentation
Security coverage remains comprehensive with Go-specific vulnerability scanning,
multi-language dependency analysis, secrets detection, and PR-level dependency review.
This commit represents a comprehensive refactoring of the codebase focused on
improving code quality, testability, and maintainability.
Key improvements:
- Implement dependency injection and interface-based architecture
- Add comprehensive test framework with fixtures and test suites
- Fix all linting issues (errcheck, gosec, staticcheck, goconst, etc.)
- Achieve full EditorConfig compliance across all files
- Replace hardcoded test data with proper fixture files
- Add configuration loader with hierarchical config support
- Improve error handling with contextual information
- Add progress indicators for better user feedback
- Enhance Makefile with help system and improved editorconfig commands
- Consolidate constants and remove deprecated code
- Strengthen validation logic for GitHub Actions
- Add focused consumer interfaces for better separation of concerns
Testing improvements:
- Add comprehensive integration tests
- Implement test executor pattern for better test organization
- Create extensive YAML fixture library for testing
- Fix all failing tests and improve test coverage
- Add validation test fixtures to avoid embedded YAML in Go files
Build and tooling:
- Update Makefile to show help by default
- Fix editorconfig commands to use eclint properly
- Add comprehensive help documentation to all make targets
- Improve file selection patterns to avoid glob errors
This refactoring maintains backward compatibility while significantly
improving the internal architecture and developer experience.
- Add interactive configuration wizard with auto-detection and multi-format export
- Implement contextual error system with 14 error codes and actionable suggestions
- Add centralized progress indicators with consistent theming
- Fix all cyclomatic complexity issues (8 functions refactored)
- Eliminate code duplication with centralized utilities and error handling
- Add comprehensive test coverage for all new components
- Update TODO.md with completed tasks and accurate completion dates
- Enhanced dependency analyzer with AnalyzeActionFileWithProgress() method supporting optional progress callbacks
- Added progress bars to analyzeDependencies() and analyzeSecurityDeps() functions for batch operations
- Added IsQuiet() method to ColoredOutput for proper quiet mode handling
- Progress bars automatically show for multi-file operations (>1 file) and respect quiet mode
- Refactored analyzer code to reduce cyclomatic complexity from 14 to under 10
- Updated TODO.md to mark progress indicators task and all security tasks as completed
- All tests passing, 0 linting issues, maintains backward compatibility
Provides professional user experience with clear progress feedback for long-running operations.
- Add govulncheck, Snyk, and Trivy vulnerability scanning
- Create security workflow for automated scanning on push/PR/schedule
- Add gitleaks for secrets detection and prevention
- Implement EditorConfig linting with eclint and editorconfig-checker
- Update Makefile with security and formatting targets
- Create SECURITY.md with vulnerability reporting guidelines
- Configure Dependabot for automated dependency updates
- Fix all EditorConfig violations across codebase
- Update Go version to 1.23.10 to address stdlib vulnerabilities
- Add tests for internal/helpers package (80% coverage)
- Remove deprecated functions and migrate to error-returning patterns
- Fix YAML indentation in test fixtures to resolve test failures
