Update v0.1.0

.github/workflows/quality.yml

@@ -0,0 +1,57 @@
+name: Quality & Security
+
+on:
+  push:
+    branches: [ "master", "main" ]
+  pull_request:
+    branches: [ "master", "main" ]
+
+jobs:
+  quality:
+    name: Code Quality
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '1.25'
+
+      - name: Install dependencies
+        run: sudo apt-get update && sudo apt-get install -y libsqlite3-dev
+
+      - name: Format Check
+        run: |
+          if [ -n "$(gofmt -l .)" ]; then
+            echo "Go code is not formatted:"
+            gofmt -d .
+            exit 1
+          fi
+
+      - name: Vet
+        run: go vet ./...
+
+      - name: Staticcheck
+        uses: dominikh/staticcheck-action@v1.3.0
+        with:
+          version: "latest"
+          install-go: false
+
+  security:
+    name: Security Scan
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v4
+        with:
+          go-version: '1.25'
+
+      - name: Install govulncheck
+        run: go install golang.org/x/vuln/cmd/govulncheck@latest
+
+      - name: Run Vulnerability Check
+        run: govulncheck ./...
+
+      - name: Run Gosec Security Scanner
+        uses: securego/gosec@master
+        with:
+          args: ./...

.github/workflows/test.yml

@@ -0,0 +1,29 @@
+name: Test and Build
+
+on:
+  push:
+    branches: [ "master", "main" ]
+  pull_request:
+    branches: [ "master", "main" ]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+
+    - name: Set up Go
+      uses: actions/setup-go@v4
+      with:
+        go-version: '1.25'
+
+    - name: Install dependencies
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y libsqlite3-dev
+
+    - name: Build
+      run: go build -v ./cmd/rapg/...
+
+    - name: Test
+      run: go test -v -race ./...

.gitignore

@@ -0,0 +1,43 @@
+# Binaries
+/rapg
+*.exe
+*.dll
+*.so
+*.dylib
+*.test
+
+# Output & Build
+/dist/
+coverage.out
+
+# OS Specific
+.DS_Store
+.DS_Store?
+._*
+.Spotlight-V100
+.Trashes
+ehthumbs.db
+Thumbs.db
+
+# Editors / IDEs
+.vscode/
+.idea/
+*.swp
+*.swo
+
+# Go
+go.work
+go.work.sum
+vendor/
+
+# Project Specific
+# Local database (SQLite)
+*.db
+*.db-journal
+*.db-wal
+
+# Generated env files
+.env
+
+# User config directory (if created locally during dev)
+.rapg/

.goreleaser.yaml

@@ -0,0 +1,104 @@
+# This is an example .goreleaser.yml file with some sensible defaults.
+# Make sure to check the documentation at https://goreleaser.com
+version: 2
+
+before:
+  hooks:
+    - go mod tidy
+
+builds:
+  - env:
+      - CGO_ENABLED=1
+    goos:
+      - linux
+      - windows
+      - darwin
+    goarch:
+      - amd64
+      - arm64
+    main: ./cmd/rapg/main.go
+    ldflags:
+      - -s -w
+
+archives:
+  - format: tar.gz
+    # this name template makes the OS and Arch compatible with the results of uname.
+    name_template: >-
+      {{ .ProjectName }}_
+      {{- title .Os }}_
+      {{- if eq .Arch "amd64" }}x86_64
+      {{- else if eq .Arch "386" }}i386
+      {{- else }}{{ .Arch }}{{ end }}
+      {{- if .Arm }}v{{ .Arm }}{{ end }}
+    # use zip for windows archives
+    format_overrides:
+    - goos: windows
+      format: zip
+
+checksum:
+  name_template: 'checksums.txt'
+
+snapshot:
+  name_template: "{{ incpatch .Version }}-next"
+
+changelog:
+  sort: asc
+  filters:
+    exclude:
+      - '^docs:'
+      - '^test:'
+
+brews:
+  -
+    name: rapg
+
+    # GitHub/GitLab repository to push the formula to
+    repository:
+      owner: kanywst
+      name: homebrew-tap
+      token: "{{ .Env.TAP_GITHUB_TOKEN }}"
+
+    # Template for the url which is determined by the given Token (github, gitlab or gitea)
+    url_template: "https://github.com/kanywst/rapg/releases/download/{{ .Tag }}/{{ .ArtifactName }}"
+
+    # Git author used to commit to the repository.
+    # Defaults are shown.
+    commit_author:
+      name: goreleaserbot
+      email: goreleaser@carlosbecker.com
+
+    # The project name and current git tag are used in the format string.
+    commit_msg_template: "Brew formula update for {{ .ProjectName }} version {{ .Tag }}"
+
+    # Folder inside the repository to put the formula.
+    # Default is the root folder.
+    directory: Formula
+
+    # Your app's homepage.
+    # Default is empty.
+    homepage: "https://github.com/kanywst/rapg"
+
+    # Template of your app's description.
+    # Default is empty.
+    description: "The Developer-First Secret Manager."
+
+    # SPDX identifier of your app's license.
+    # Default is empty.
+    license: "MIT"
+
+    # Setting this will prevent goreleaser to actually try to commit the updated
+    # formula - instead, the formula file will be stored on the dist folder only,
+    # leaving the responsibility of publishing it to the user.
+    # If set to auto, the release will not be published to the homebrew tap if
+    # one of and Linux and macOS (darwin) builds are missing.
+    skip_upload: auto # Upload requires a real TAP repo, skipping for this demo context.
+
+    # So you can `brew test` your formula.
+    # Default is empty.
+    test: |
+      system "#{bin}/rapg gen --help"
+
+    # Custom install script for brew.
+    # Default is 'bin.install "program"'.
+    install: |
+      bin.install "rapg"

Makefile

@@ -1,34 +1,39 @@
-.DEFAULT_GOAL := help
+.PHONY: build run test clean fmt vet install demo
 
-ifeq ($(GOPATH),)
-	GOPATH := $(shell pwd)
-endif
+BINARY_NAME=rapg
+MAIN_PATH=cmd/rapg/main.go
 
-export GOPATH
+# Build the binary
+build:
+	go build -o $(BINARY_NAME) $(MAIN_PATH)
 
-BIN_NAME := ra
+# Run properly (interactive)
+run:
+	go run $(MAIN_PATH)
 
-.PHONY: help
-help:
-	@echo "Usage: make [target]"
-	@echo ""
-	@echo "Targets:"
-	@echo "  build-mac       Build for macOS"
-	@echo "  build-linux     Build for Linux"
-	@echo "  clean           Clean build artifacts"
-	@echo "  help            Show this help message"
+# Run tests
+test:
+	go test -v ./...
 
-.PHONY: build-mac
-build-mac:
-	@echo "Building for macOS..."
-	GOOS=darwin GOARCH=amd64 go build -o ${GOPATH}/$(BIN_NAME) cmd/rapg/main.go
+# Format code
+fmt:
+	go fmt ./...
 
-.PHONY: build-linux
-build-linux:
-	@echo "Building for Linux..."
-	GOOS=linux GOARCH=amd64 go build -o $(GOPATH)/$(BIN_NAME).linux cmd/rapg/main.go
+# Static analysis
+vet:
+	go vet ./...
 
-.PHONY: clean
+# Install to GOPATH/bin
+install:
+	go install $(MAIN_PATH)
+
+# Clean build artifacts
 clean:
-	@echo "Cleaning build artifacts..."
-	rm -rf $(GOPATH)
+	rm -f $(BINARY_NAME)
+	rm -rf dist/
+	rm -f coverage.out
+	rm -f demo.gif
+
+# Update the demo GIF (requires vhs)
+demo:
+	vhs demo.tape