feat: Modernize Go Lambda template with comprehensive tooling and documentation#2
Merged
feat: Modernize Go Lambda template with comprehensive tooling and documentation#2
Conversation
…umentation - Initialize Go module with latest Go 1.22+ and AWS Lambda Go SDK v1.52.0 - Replace Python pre-commit with Lefthook for Go-native git hooks - Add golangci-lint configuration with 20+ linters - Create comprehensive CI/CD workflows: - Multi-version testing (Go 1.22.x, 1.23.x) - Code quality checks with golangci-lint and gofmt - Security scanning with gosec, govulncheck, and CodeQL - PR title validation for conventional commits - Add comprehensive documentation: - README with badges and quick start guide - DEVELOPMENT.md with detailed workflow and best practices - CHANGELOG.md following Keep a Changelog format - Improve Lambda handler with structured Request/Response types - Add comprehensive test suite with 88.9% coverage - Update .gitignore for Go projects and Lambda artifacts - Add YAML and Markdown linting configurations
- Update Go to v1.23 (latest stable) - Update golangci-lint to v1.63.4 (from v1.61.0) - Update Terraform to v1.10.3 (from v1.9.0) - Update github.com/stretchr/testify to v1.11.1 (from v1.7.2) - Update github.com/stretchr/objx to v0.5.3 (from v0.5.2) - Update all documentation to reflect Go 1.23 requirement - Update CI/CD workflows with latest tool versions - Verify all tests passing (88.9% coverage maintained)
- Convert all YAML files from CRLF to LF line endings - Break long curl command in code-quality workflow to meet 120 char limit - Verify all Markdown files properly formatted with mdformat - All YAML files passing yamllint validation - All Markdown files passing mdformat validation
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
- Remove deprecated exportloopref linter (deprecated since v1.60.2, replaced by copyloopvar for Go 1.22+) - Fix SA1029 staticcheck error by using custom contextKey type instead of string literal for context.WithValue() - Fix errcheck error in BenchmarkHandler by adding //nolint:errcheck directive - Update golangci-lint target Go version to 1.22 for compatibility with installed version All code compiles successfully and 100% of tests pass (6/6 functions)
CRITICAL SECURITY UPDATE: Addresses 9 vulnerabilities in Go standard library: GO-2025-4175: Improper application of excluded DNS name constraints when verifying wildcard names in crypto/x509 GO-2025-4155: Excessive resource consumption when printing error string for host certificate validation in crypto/x509 GO-2025-4013: Panic when validating certificates with DSA public keys in crypto/x509 GO-2025-4012: Lack of limit when parsing cookies can cause memory exhaustion in net/http GO-2025-4011: Parsing DER payload can cause memory exhaustion in encoding/asn1 GO-2025-4010: Insufficient validation of bracketed IPv6 hostnames in net/url GO-2025-4009: Quadratic complexity when parsing some invalid inputs in encoding/pem GO-2025-4008: ALPN negotiation error contains attacker controlled information in crypto/tls GO-2025-4007: Quadratic complexity when checking name constraints in crypto/x509 Changes: - Updated Go from 1.23 to 1.24 (latest stable) - Updated CI test matrix to Go 1.23.x and 1.24.x - Updated golangci-lint target to Go 1.24 - Updated all documentation to reflect Go 1.24 requirement - All tests passing (6/6 functions) - Build successful
- Update code-quality workflow to use Go 1.24 - Update security workflow (govulncheck and gosec jobs) to use Go 1.24 - Ensures golangci-lint, govulncheck, and other tools are built with matching Go version - Fixes 'Go language version mismatch' errors in CI
- Install latest golangci-lint instead of v1.63.4 - v1.63.4 was built with Go 1.23, causing version mismatch with Go 1.24 target - Latest version is built with current Go and guarantees compatibility - Update README badge to reflect 'latest' version - Fixes 'Go language version mismatch' error in code-quality workflow
- Updated .golangci.yml to support golangci-lint v2.8.0 - Removed deprecated linters (gosimple, stylecheck, gofmt, goimports) - Added version: 2 to config file for v2 compatibility - Fixed linter errors: - Added package comment to main.go - Renamed unused ctx parameter to _ in handler function - All tests passing, 0 linting issues
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
No description provided.