Skip to content

ci: add GitHub Actions CI + prepare v0.1.2 release#6

Merged
htcom-code merged 3 commits into
mainfrom
ci/github-actions
Jul 5, 2026
Merged

ci: add GitHub Actions CI + prepare v0.1.2 release#6
htcom-code merged 3 commits into
mainfrom
ci/github-actions

Conversation

@htcom-code

@htcom-code htcom-code commented Jul 5, 2026

Copy link
Copy Markdown
Owner

Adds the repo's first CI pipeline and, in doing so, prepares the v0.1.2 release (the CI's govulncheck/gofmt gates surfaced two fixes that belong in a release).

CI — .github/workflows/ci.yml

Mirrors the go-lua-perf CI structure, adapted to lua-pure's Makefile.

Job Runs Gate?
format gofmt -l clean check
verify make vet → race tests + coverage → make conformance (official Lua 5.4 fixtures)
govulncheck golang.org/x/vuln scan
build go vet + go build on ubuntu / macOS / windows ✅ (needs verify)
bench make bench observational (continue-on-error)

v0.1.2 release changes

  • Minimum Go → 1.25.11. govulncheck flagged 4 advisories in the go1.24.x stdlib (GO-2026-5037 x509, GO-2026-4971 net, GO-2026-4602 os, GO-2026-4601 net/url); all fixed in go1.25.x. Bumped the go directive; README badge + requirements line updated.
  • gofmt fix in lua/luaconf.go (the new gofmt gate caught misaligned comments).
  • Version constant synced to 0.1.2_LUAPURE_VERSION / debug MCP adapters had been stuck at 0.1.0 through the 0.1.1 release. Banner now reads luapure 0.1.2 (Lua 5.4.8).
  • CHANGELOG [0.1.2] — 2026-07-05 entry added.

Verification

  • CI: all jobs green.
  • Local make check passes (build + vet + race + conformance 30/33; gc.lua RUN-ERR is a known non-fatal case).
  • govulncheck ./... → No vulnerabilities found.

After merge: tag v0.1.2 on main and cut the GitHub release.

- gate every PR and push to main through the Makefile's verification
  discipline: gofmt → vet → race tests (with coverage) → official Lua
  5.4 conformance fixtures, so the repo's pre-push gate now runs remotely
- add CI-only hardening the Makefile doesn't cover: govulncheck plus a
  cross-platform build matrix (ubuntu/macos/windows) proving the README's
  portability claim; bench runs observationally (non-gating)
- trigger only on source-affecting paths so doc-only changes skip CI

Tags: #ci #github-actions
Co-Authored-By: htjulia <htjulia1@gmail.com>
- the new CI gofmt gate flagged misaligned trailing comments on the
  LuaRelease/Version consts; no semantic change

chore: raise minimum Go to 1.25.11

- CI govulncheck flagged 4 stdlib advisories present in the go1.24.x
  standard library — GO-2026-5037 (crypto/x509), GO-2026-4971 (net),
  GO-2026-4602 (os), GO-2026-4601 (net/url)
- all are fixed in the go1.25.x stdlib; bump the go directive so builds
  pull the patched standard library and the govulncheck gate passes
- raises this library's minimum Go requirement to 1.25.11

Tags: #ci #security #gofmt
Co-Authored-By: htjulia <htjulia1@gmail.com>
- bump the engine Version constant to 0.1.2 (exposed to Lua as
  _LUAPURE_VERSION and by the debug MCP adapters); it had been left at
  0.1.0 through the 0.1.1 release, so the banner now reports the real
  release version
- add the [0.1.2] CHANGELOG entry covering the new CI pipeline and the
  Go 1.25.11 security bump

docs: state the Go 1.25.11 minimum in the README

- update the Go badge and the requirements line to 1.25.11 so the
  public library advertises the correct minimum after the stdlib
  security bump

Tags: #release #docs #changelog
Co-Authored-By: htjulia <htjulia1@gmail.com>
@htcom-code htcom-code changed the title ci: add GitHub Actions CI pipeline ci: add GitHub Actions CI + prepare v0.1.2 release Jul 5, 2026
@htcom-code htcom-code merged commit 0b65c2b into main Jul 5, 2026
7 checks passed
@htcom-code htcom-code deleted the ci/github-actions branch July 5, 2026 13:29
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant