From 3ec59bdfc966268af2c24fe8150c009ec286ecce Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Jun 2026 05:22:04 +0000 Subject: [PATCH 1/3] Initial plan From 9d531908c0d113228614b8e55cfb1ae499455cc7 Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Jun 2026 05:25:33 +0000 Subject: [PATCH 2/3] Add go-openapi monorepo infrastructure (golangci, SECURITY.md, README, CI workflows, go.mod) --- .github/dependabot.yaml | 65 +++++++++++++++ .github/workflows/auto-merge.yml | 15 ++++ .github/workflows/bump-release.yml | 40 ++++++++++ .github/workflows/codeql.yml | 22 ++++++ .github/workflows/contributors.yml | 18 +++++ .github/workflows/go-test.yml | 17 ++++ .github/workflows/monitor-bot-pr.yml | 18 +++++ .github/workflows/scanner.yml | 19 +++++ .github/workflows/tag-release.yml | 20 +++++ .golangci.yml | 78 ++++++++++++++++++ LICENSE | 1 + README.md | 114 ++++++++++++++++++++++++++- SECURITY.md | 37 +++++++++ go.mod | 3 + 14 files changed, 466 insertions(+), 1 deletion(-) create mode 100644 .github/dependabot.yaml create mode 100644 .github/workflows/auto-merge.yml create mode 100644 .github/workflows/bump-release.yml create mode 100644 .github/workflows/codeql.yml create mode 100644 .github/workflows/contributors.yml create mode 100644 .github/workflows/go-test.yml create mode 100644 .github/workflows/monitor-bot-pr.yml create mode 100644 .github/workflows/scanner.yml create mode 100644 .github/workflows/tag-release.yml create mode 100644 .golangci.yml create mode 100644 SECURITY.md create mode 100644 go.mod diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml new file mode 100644 index 0000000..414541e --- /dev/null +++ b/.github/dependabot.yaml @@ -0,0 +1,65 @@ +version: 2 +updates: + - package-ecosystem: "github-actions" + directory: "/" + schedule: + interval: "weekly" + day: "friday" + open-pull-requests-limit: 2 # <- default is 5 + allow: + - dependency-type: all + groups: # <- group all github actions updates in a single PR + # 1. development-dependencies are auto-merged + development-dependencies: + patterns: + - '*' + assignees: + - fredbi + + - package-ecosystem: "gomod" + # We define 4 groups of dependencies to regroup update pull requests: + # - development (e.g. test dependencies) + # - go-openapi updates + # - golang.org (e.g. golang.org/x/... packages) + # - other dependencies (direct or indirect) + # + # * All groups are checked once a week and each produce at most 1 PR. + # * All dependabot PRs are auto-approved + # + # Auto-merging policy, when requirements are met: + # 1. development-dependencies are auto-merged + # 2. golang.org-dependencies are auto-merged + # 3. go-openapi patch updates are auto-merged. Minor/major version updates require a manual merge. + # 4. other dependencies require a manual merge + directories: + - "**/*" + schedule: + interval: "weekly" + day: "friday" + open-pull-requests-limit: 4 + groups: + development-dependencies: + patterns: + - "github.com/stretchr/testify" + - "github.com/go-openapi/testify" + + golang-org-dependencies: + patterns: + - "golang.org/*" + + go-openapi-dependencies: + patterns: + - "github.com/go-openapi/*" + exclude-patterns: + - "github.com/go-openapi/testify" + + other-dependencies: + exclude-patterns: + - "github.com/go-openapi/*" + - "github.com/stretchr/testify" + - "github.com/go-openapi/testify" + - "golang.org/*" + allow: + - dependency-type: all + assignees: + - fredbi diff --git a/.github/workflows/auto-merge.yml b/.github/workflows/auto-merge.yml new file mode 100644 index 0000000..b253775 --- /dev/null +++ b/.github/workflows/auto-merge.yml @@ -0,0 +1,15 @@ +name: Dependabot auto-merge + +permissions: + contents: read + +on: + pull_request: + +jobs: + dependabot: + permissions: + contents: write + pull-requests: write + uses: go-openapi/ci-workflows/.github/workflows/auto-merge.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4 + secrets: inherit diff --git a/.github/workflows/bump-release.yml b/.github/workflows/bump-release.yml new file mode 100644 index 0000000..47d5592 --- /dev/null +++ b/.github/workflows/bump-release.yml @@ -0,0 +1,40 @@ +name: Bump Release + +permissions: + contents: read + + +on: + workflow_dispatch: + inputs: + bump-type: + description: Type of bump (patch, minor, major) + type: choice + options: + - patch + - minor + - major + default: patch + required: false + tag-message-title: + description: Tag message title to prepend to the release notes + required: false + type: string + tag-message-body: + description: | + Tag message body to prepend to the release notes. + (use "|" to replace end of line). + required: false + type: string + +jobs: + bump-release: + permissions: + contents: write + pull-requests: write + uses: go-openapi/ci-workflows/.github/workflows/bump-release-monorepo.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4 + with: + bump-type: ${{ inputs.bump-type }} + tag-message-title: ${{ inputs.tag-message-title }} + tag-message-body: ${{ inputs.tag-message-body }} + secrets: inherit diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml new file mode 100644 index 0000000..78fee34 --- /dev/null +++ b/.github/workflows/codeql.yml @@ -0,0 +1,22 @@ +name: "CodeQL" + +on: + push: + branches: [ "master" ] + pull_request: + branches: [ "master" ] + paths-ignore: # remove this clause if CodeQL is a required check + - '**/*.md' + schedule: + - cron: '39 19 * * 5' + +permissions: + contents: read + +jobs: + codeql: + permissions: + contents: read + security-events: write + uses: go-openapi/ci-workflows/.github/workflows/codeql.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4 + secrets: inherit diff --git a/.github/workflows/contributors.yml b/.github/workflows/contributors.yml new file mode 100644 index 0000000..19a6282 --- /dev/null +++ b/.github/workflows/contributors.yml @@ -0,0 +1,18 @@ +name: Contributors + +on: + schedule: + - cron: '18 4 * * 6' + + workflow_dispatch: + +permissions: + contents: read + +jobs: + contributors: + permissions: + pull-requests: write + contents: write + uses: go-openapi/ci-workflows/.github/workflows/contributors.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4 + secrets: inherit diff --git a/.github/workflows/go-test.yml b/.github/workflows/go-test.yml new file mode 100644 index 0000000..382aa09 --- /dev/null +++ b/.github/workflows/go-test.yml @@ -0,0 +1,17 @@ +name: go test + +permissions: + pull-requests: read + contents: read + +on: + push: + branches: + - master + + pull_request: + +jobs: + test: + uses: go-openapi/ci-workflows/.github/workflows/go-test-monorepo.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4 + secrets: inherit diff --git a/.github/workflows/monitor-bot-pr.yml b/.github/workflows/monitor-bot-pr.yml new file mode 100644 index 0000000..a3a11e5 --- /dev/null +++ b/.github/workflows/monitor-bot-pr.yml @@ -0,0 +1,18 @@ +name: Monitor bot PRs + +on: + workflow_dispatch: + schedule: + - cron: '18 6 * * *' + +permissions: + contents: read + +jobs: + monitor-pr: + permissions: + contents: write + pull-requests: write + statuses: read + uses: go-openapi/ci-workflows/.github/workflows/monitor-bot-pr.yml@cd9849915b4f8b6ceeeaf24e02e8f8e24202c8f6 # v0.3.3 + secrets: inherit diff --git a/.github/workflows/scanner.yml b/.github/workflows/scanner.yml new file mode 100644 index 0000000..170f896 --- /dev/null +++ b/.github/workflows/scanner.yml @@ -0,0 +1,19 @@ +name: Vulnerability scans + +on: + branch_protection_rule: + push: + branches: ["master"] + schedule: + - cron: "18 4 * * 3" + +permissions: + contents: read + +jobs: + scanners: + permissions: + contents: read + security-events: write + uses: go-openapi/ci-workflows/.github/workflows/scanner.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4 + secrets: inherit diff --git a/.github/workflows/tag-release.yml b/.github/workflows/tag-release.yml new file mode 100644 index 0000000..cd19c7f --- /dev/null +++ b/.github/workflows/tag-release.yml @@ -0,0 +1,20 @@ +name: Release on tag + +permissions: + contents: read + +on: + push: + tags: + - v[0-9]+* + +jobs: + gh-release: + name: Create release + permissions: + contents: write + uses: go-openapi/ci-workflows/.github/workflows/release.yml@7a1bb6c4f078ac1a3258db1ae91c37a9d29eee2a # v0.3.4 + with: + tag: ${{ github.ref_name }} + is-monorepo: true + secrets: inherit diff --git a/.golangci.yml b/.golangci.yml new file mode 100644 index 0000000..126264a --- /dev/null +++ b/.golangci.yml @@ -0,0 +1,78 @@ +version: "2" +linters: + default: all + disable: + - cyclop + - depguard + - errchkjson + - errorlint + - exhaustruct + - forcetypeassert + - funlen + - gochecknoglobals + - gochecknoinits + - gocognit + - godot + - godox + - gomoddirectives + - gosmopolitan + - inamedparam + - intrange + - ireturn + - lll + - musttag + - modernize + - nestif + - nlreturn + - nonamedreturns + - noinlineerr + - paralleltest + - recvcheck + - testpackage + - thelper + - tagliatelle + - tparallel + - unparam + - varnamelen + - whitespace + - wrapcheck + - wsl + - wsl_v5 + settings: + dupl: + threshold: 200 + goconst: + min-len: 2 + min-occurrences: 3 + gocyclo: + min-complexity: 45 + exclusions: + generated: lax + presets: + - comments + - common-false-positives + - legacy + - std-error-handling + paths: + - third_party$ + - builtin$ + - examples$ +formatters: + enable: + - gofmt + - goimports + exclusions: + generated: lax + paths: + - third_party$ + - builtin$ + - examples$ +issues: + # Maximum issues count per one linter. + # Set to 0 to disable. + # Default: 50 + max-issues-per-linter: 0 + # Maximum count of issues with the same text. + # Set to 0 to disable. + # Default: 3 + max-same-issues: 0 diff --git a/LICENSE b/LICENSE index 261eeb9..d645695 100644 --- a/LICENSE +++ b/LICENSE @@ -1,3 +1,4 @@ + Apache License Version 2.0, January 2004 http://www.apache.org/licenses/ diff --git a/README.md b/README.md index 42246f8..831dc14 100644 --- a/README.md +++ b/README.md @@ -1,2 +1,114 @@ # Codegen -Tools to generate and test golang code + + +[![Tests][test-badge]][test-url] [![Coverage][cov-badge]][cov-url] [![CI vuln scan][vuln-scan-badge]][vuln-scan-url] [![CodeQL][codeql-badge]][codeql-url] + + + +[![Release][release-badge]][release-url] [![Go Report Card][gocard-badge]][gocard-url] [![CodeFactor Grade][codefactor-badge]][codefactor-url] [![License][license-badge]][license-url] + + +[![GoDoc][godoc-badge]][godoc-url] [![Discord Channel][discord-badge]][discord-url] [![go version][goversion-badge]][goversion-url] ![Top language][top-badge] ![Commits since latest release][commits-badge] + +--- + +Tools to generate and test golang code. + +* [Contents](#contents) +* [Dependencies](#dependencies) +* [Change log](#change-log) +* [Licensing](#licensing) +* [Note to contributors](#note-to-contributors) +* [Roadmap](#roadmap) + +## Status + +Work in progress. + +## Import this library in your project + +```cmd +go get github.com/go-openapi/Codegen/{module} +``` + +## Contents + +`go-openapi/Codegen` exposes a collection of code generation tools and utilities. + +--- + +## Dependencies + +The root module `github.com/go-openapi/Codegen` at the repo level maintains a few +dependencies outside of the standard library. + +--- + +## Note to contributors + +All kinds of contributions are welcome. + +This repo is a go mono-repo. + +More general guidelines are available [here](.github/CONTRIBUTING.md). + +## Roadmap + +TODO + +## Change log + +See + +## Licensing + +This library ships under the [SPDX-License-Identifier: Apache-2.0](./LICENSE). + +## Cutting a new release + +Maintainers can cut a new release by either: + +* running [this workflow](https://github.com/go-openapi/Codegen/actions/workflows/bump-release.yml) +* or pushing a semver tag + * signed tags are preferred + * The tag message is prepended to release notes + + +[test-badge]: https://github.com/go-openapi/Codegen/actions/workflows/go-test.yml/badge.svg +[test-url]: https://github.com/go-openapi/Codegen/actions/workflows/go-test.yml +[cov-badge]: https://codecov.io/gh/go-openapi/Codegen/branch/master/graph/badge.svg +[cov-url]: https://codecov.io/gh/go-openapi/Codegen +[vuln-scan-badge]: https://github.com/go-openapi/Codegen/actions/workflows/scanner.yml/badge.svg +[vuln-scan-url]: https://github.com/go-openapi/Codegen/actions/workflows/scanner.yml +[codeql-badge]: https://github.com/go-openapi/Codegen/actions/workflows/codeql.yml/badge.svg +[codeql-url]: https://github.com/go-openapi/Codegen/actions/workflows/codeql.yml + +[release-badge]: https://badge.fury.io/gh/go-openapi%2FCodegen.svg +[release-url]: https://badge.fury.io/gh/go-openapi%2FCodegen +[gomod-badge]: https://badge.fury.io/go/github.com%2Fgo-openapi%2FCodegen.svg +[gomod-url]: https://badge.fury.io/go/github.com%2Fgo-openapi%2FCodegen + +[gocard-badge]: https://goreportcard.com/badge/github.com/go-openapi/Codegen +[gocard-url]: https://goreportcard.com/report/github.com/go-openapi/Codegen +[codefactor-badge]: https://img.shields.io/codefactor/grade/github/go-openapi/Codegen +[codefactor-url]: https://www.codefactor.io/repository/github/go-openapi/Codegen + +[doc-badge]: https://img.shields.io/badge/doc-site-blue?link=https%3A%2F%2Fgoswagger.io%2Fgo-openapi%2F +[doc-url]: https://goswagger.io/go-openapi +[godoc-badge]: https://pkg.go.dev/badge/github.com/go-openapi/Codegen +[godoc-url]: http://pkg.go.dev/github.com/go-openapi/Codegen +[discord-badge]: https://img.shields.io/discord/1446918742398341256?logo=discord&label=discord&color=blue +[discord-url]: https://discord.gg/FfnFYaC3k5 + + +[license-badge]: http://img.shields.io/badge/license-Apache%20v2-orange.svg +[license-url]: https://github.com/go-openapi/Codegen/?tab=Apache-2.0-1-ov-file#readme + +[goversion-badge]: https://img.shields.io/github/go-mod/go-version/go-openapi/Codegen +[goversion-url]: https://github.com/go-openapi/Codegen/blob/master/go.mod +[top-badge]: https://img.shields.io/github/languages/top/go-openapi/Codegen +[commits-badge]: https://img.shields.io/github/commits-since/go-openapi/Codegen/latest + +[contributing-doc-site]: https://go-openapi.github.io/doc-site/contributing/contributing/index.html +[maintainers-doc-site]: https://go-openapi.github.io/doc-site/maintainers/index.html +[style-doc-site]: https://go-openapi.github.io/doc-site/contributing/style/index.html diff --git a/SECURITY.md b/SECURITY.md new file mode 100644 index 0000000..1fea2c5 --- /dev/null +++ b/SECURITY.md @@ -0,0 +1,37 @@ +# Security Policy + +This policy outlines the commitment and practices of the go-openapi maintainers regarding security. + +## Supported Versions + +| Version | Supported | +| ------- | ------------------ | +| O.x | :white_check_mark: | + +## Vulnerability checks in place + +This repository uses automated vulnerability scans, at every merged commit and at least once a week. + +We use: + +* [`GitHub CodeQL`][codeql-url] +* [`trivy`][trivy-url] +* [`govulncheck`][govulncheck-url] + +Reports are centralized in github security reports and visible only to the maintainers. + +## Reporting a vulnerability + +If you become aware of a security vulnerability that affects the current repository, +**please report it privately to the maintainers** +rather than opening a publicly visible GitHub issue. + +Please follow the instructions provided by github to [Privately report a security vulnerability][github-guidance-url]. + +> [!NOTE] +> On Github, navigate to the project's "Security" tab then click on "Report a vulnerability". + +[codeql-url]: https://github.com/github/codeql +[trivy-url]: https://trivy.dev/docs/latest/getting-started +[govulncheck-url]: https://go.dev/blog/govulncheck +[github-guidance-url]: https://docs.github.com/en/code-security/security-advisories/guidance-on-reporting-and-writing-information-about-vulnerabilities/privately-reporting-a-security-vulnerability#privately-reporting-a-security-vulnerability diff --git a/go.mod b/go.mod new file mode 100644 index 0000000..3050122 --- /dev/null +++ b/go.mod @@ -0,0 +1,3 @@ +module github.com/go-openapi/Codegen + +go 1.25.0 From 138f7ae976ea5abe814c740ff09326cda3f383ee Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Tue, 9 Jun 2026 05:26:10 +0000 Subject: [PATCH 3/3] Fix typo in SECURITY.md: O.x -> 0.x --- SECURITY.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/SECURITY.md b/SECURITY.md index 1fea2c5..6ceb159 100644 --- a/SECURITY.md +++ b/SECURITY.md @@ -6,7 +6,7 @@ This policy outlines the commitment and practices of the go-openapi maintainers | Version | Supported | | ------- | ------------------ | -| O.x | :white_check_mark: | +| 0.x | :white_check_mark: | ## Vulnerability checks in place