sneak/pixa
1
0
Fork 0
Code Issues 2 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

bring repo into compliance with repo policies #14

Merged
sneak merged 15 commits from chore/repo-compliance into main 2026-02-25 14:52:56 +01:00
Conversation 5 Commits 15 Files Changed 18 +1102 -357

15 Commits

Author SHA1 Message Date
clawbot
85729d9181 fix: update Dockerfile to Go 1.25.4 and resolve gosec lint findings
All checks were successful
check / check (push) Successful in 1m41s
Details 
- Update Dockerfile base image from golang:1.24-alpine to golang:1.25.4-alpine
  (pinned by sha256 digest) to match go.mod requirement of go >= 1.25.4
- Fix gosec G703 (path traversal) false positives by adding filepath.Clean()
  at call sites with nolint annotations for internally-constructed paths
- Fix gosec G704 (SSRF) false positive with nolint annotation; URL is already
  validated by validateURL() which checks scheme, resolves DNS, and blocks
  private IPs
- All make check passes clean (lint + tests)
 2026-02-25 05:44:49 -08:00
sneak
a1c0ae0a44 fix: auto-detect native deps, skip nix-shell in Docker
Some checks failed
check / check (push) Failing after 43s
Details 
Check for pkg-config at make-time; if present (Docker, existing
nix-shell) run commands directly, otherwise wrap with nix-shell.
 2026-02-25 20:11:02 +07:00
sneak
429926fb71 chore: use nix-shell for CGO-dependent Makefile targets 
Wrap test, lint, and build targets with nix-shell to provide
pkg-config, vips, libheif, and golangci-lint automatically.
 2026-02-25 20:08:04 +07:00
sneak
ce6db7627d fix: resolve all golangci-lint errors 
- Add blank lines before return statements (nlreturn)
- Remove unused metaCacheMu field and sync import (unused)
- Rename unused groups parameter to _ (revive)
- Use StorageFilePerm constant instead of magic 0600 (mnd, gosec)
- Add nolint directive for vipsOnce global (gochecknoglobals)
 2026-02-25 19:58:37 +07:00
sneak
454de2f170 fix: restore original whitelist hosts in config.example.yml 2026-02-25 19:53:23 +07:00
sneak
133d9e5a4a chore: consolidate duplicate example config files 2026-02-25 19:48:03 +07:00
sneak
73f1073d61 chore: restructure README with required policy sections 2026-02-25 19:47:34 +07:00
sneak
d0fe5e7334 chore: pin Docker images by hash and run make check in build 2026-02-25 19:47:14 +07:00
sneak
c4fc1e1548 chore: update .dockerignore to policy standards 2026-02-25 18:22:35 +07:00
sneak
39fa0a5d05 chore: update .gitignore to policy standards 2026-02-25 18:22:33 +07:00
sneak
2f53b49a88 chore: add Gitea Actions CI workflow 2026-02-25 18:22:24 +07:00
sneak
ce360880f7 chore: add REPO_POLICIES.md from prompts repo 2026-02-25 18:22:19 +07:00
sneak
9d71fabdd7 chore: add GPL-3.0 LICENSE file 2026-02-25 18:22:13 +07:00
sneak
8a2b630864 chore: add .editorconfig 2026-02-25 18:18:06 +07:00
sneak
0000188265 chore: add hooks target and 30s test timeout to Makefile 
Add missing fmt-check to .PHONY, add hooks target for pre-commit
hook installation, and add 30-second timeout to test target per
repo policy.
 2026-02-25 18:18:00 +07:00