diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index 4bce5fcfa..594f4a414 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -34,8 +34,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -59,7 +59,7 @@ jobs: - name: Restore baseline if: github.event_name == 'pull_request' id: restore-baseline - uses: actions/cache/restore@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache/restore@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: baseline-bench.txt key: go-benchmark-${{ github.event.pull_request.base.ref }}-never @@ -95,7 +95,7 @@ jobs: - name: Comment PR with results if: github.event_name == 'pull_request' && steps.restore-baseline.outputs.cache-matched-key != '' - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const fs = require('fs'); @@ -160,14 +160,14 @@ jobs: - name: Save baseline if: github.event_name == 'push' - uses: actions/cache/save@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache/save@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: path: baseline-bench.txt key: go-benchmark-${{ github.ref_name }}-${{ github.sha }} - name: Upload benchmark results if: always() - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: benchmark-results path: | diff --git a/.github/workflows/ci-wfctl.yml.example b/.github/workflows/ci-wfctl.yml.example index 08199b54f..2302a1095 100644 --- a/.github/workflows/ci-wfctl.yml.example +++ b/.github/workflows/ci-wfctl.yml.example @@ -53,7 +53,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' # bumped from generated 1.22 to match repo standard + go-version: '1.26.4' # bumped from generated 1.22 to match repo standard - name: Install wfctl run: go install github.com/GoCodeAlone/workflow/cmd/wfctl@latest - name: Validate config @@ -81,7 +81,7 @@ jobs: # - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 # - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 # with: -# go-version: '1.26' +# go-version: '1.26.4' # - name: Build binary # run: | # GOOS=linux GOARCH=amd64 go build -o bin/server ./cmd/server/ @@ -92,9 +92,9 @@ jobs: # username: ${{ github.actor }} # password: ${{ secrets.GITHUB_TOKEN }} # - name: Set up Docker Buildx -# uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 +# uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0 # - name: Build and push Docker image -# uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6 +# uses: docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0 # with: # context: . # push: true diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5dc6a6a84..bd039604b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -30,7 +30,7 @@ jobs: packages: read strategy: matrix: - go-version: ['1.26'] + go-version: ['1.26.4'] steps: - name: Check out code @@ -40,7 +40,7 @@ jobs: uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version: ${{ matrix.go-version }} - cache: true + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -78,7 +78,7 @@ jobs: CODECOV_TOKEN: ${{ secrets.CODECOV_TOKEN }} - name: Upload coverage reports - uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5 + uses: codecov/codecov-action@75cd11691c0faa626561e295848008c8a7dddffe # v5.5.4 if: always() && steps.codecov-token.outputs.available == 'true' with: token: ${{ secrets.CODECOV_TOKEN }} @@ -100,8 +100,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -138,8 +138,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -162,7 +162,7 @@ jobs: run: go build -v ./... - name: Upload UI build artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: admin-ui-dist path: ui/dist/ @@ -183,8 +183,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Build examples run: | @@ -206,8 +206,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Run golangci-lint on examples uses: golangci/golangci-lint-action@82606bf257cbaff209d206a39f5134f0cfbfd2ee # v9.2.1 @@ -232,8 +232,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Run go mod tidy (workflow) run: go mod tidy @@ -312,8 +312,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -359,19 +359,19 @@ jobs: echo -n " $config ... " # Run with timeout — exit 124 means timeout (expected for servers) - output=$(timeout 10s ./workflow-example -config "$config" 2>&1) && { + if timeout 10s ./workflow-example -config "$config" >/tmp/workflow-example.out 2>&1; then echo "OK (exited cleanly)" passed=$((passed + 1)) - } || { + else rc=$? - if [ $rc -eq 124 ]; then + if [ "$rc" -eq 124 ]; then echo "OK (server timeout — expected)" passed=$((passed + 1)) else echo "WARN (exit $rc — may need runtime deps)" warned=$((warned + 1)) fi - } + fi done echo "" @@ -402,7 +402,7 @@ jobs: - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version-file: go.mod - cache: true + cache: false - name: Download module deps (needed for `go list -deps`) env: GOWORK: "off" @@ -424,7 +424,7 @@ jobs: DEPS=$(go list -deps ./... 2>&1) LIST_EXIT=$? set -e - if [ $LIST_EXIT -ne 0 ]; then + if [ "$LIST_EXIT" -ne 0 ]; then echo "FAIL: \`go list -deps ./...\` exited $LIST_EXIT (gate cannot enforce):" echo "$DEPS" | head -10 | sed 's/^/ /' exit 1 @@ -436,7 +436,9 @@ jobs: || true) if [ -n "$UNEXPECTED" ]; then echo "FAIL: unexpected gcp/azure/api transitive deps in workflow-core build graph:" - printf ' %s\n' $UNEXPECTED + while IFS= read -r dep; do + printf ' %s\n' "$dep" + done <<< "$UNEXPECTED" echo echo "Only cloud.google.com/go/compute/metadata is allowlisted (OAuth2 ADC helper)." echo "Other gcp/azure SDK packages belong in a plugin, not workflow core." diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 63394c4d4..7a5dffe3f 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -45,8 +45,8 @@ jobs: if: matrix.language == 'go' uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js if: matrix.language == 'go' @@ -64,12 +64,12 @@ jobs: NODE_AUTH_TOKEN: ${{ secrets.GITHUB_TOKEN }} - name: Initialize CodeQL - uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/init@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: languages: ${{ matrix.language }} build-mode: ${{ matrix.build-mode }} - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4 + uses: github/codeql-action/analyze@8aad20d150bbac5944a9f9d289da16a4b0d87c1e # v4.36.2 with: category: "/language:${{ matrix.language }}" diff --git a/.github/workflows/conformance-budget-check.yml b/.github/workflows/conformance-budget-check.yml index a2ef26cab..a01900267 100644 --- a/.github/workflows/conformance-budget-check.yml +++ b/.github/workflows/conformance-budget-check.yml @@ -46,13 +46,13 @@ jobs: id: hour run: echo "value=$(date -u +%Y%m%d%H)" >> "$GITHUB_OUTPUT" - # actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 does post-step write-back automatically: + # actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 does post-step write-back automatically: # if cache-hit is false, the action records the path's contents # at job-end and uploads under this key for the next run on the # same key. No explicit upload-cache step is needed. - name: Restore budget result cache id: budget-cache - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4 + uses: actions/cache@27d5ce7f107fe9357f9df03efb73ab90386fccae # v5.0.5 with: key: budget-${{ github.event.pull_request.base.sha || github.sha }}-${{ steps.hour.outputs.value }} path: /tmp/budget-result.json diff --git a/.github/workflows/conformance-smoke.yml b/.github/workflows/conformance-smoke.yml index 561c8c0c7..eb1008a0b 100644 --- a/.github/workflows/conformance-smoke.yml +++ b/.github/workflows/conformance-smoke.yml @@ -77,8 +77,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Build wfctl run: go build -o wfctl ./cmd/wfctl diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml index 37171f32a..a5c0d8d02 100644 --- a/.github/workflows/copilot-setup-steps.yml +++ b/.github/workflows/copilot-setup-steps.yml @@ -33,7 +33,7 @@ jobs: uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: go-version-file: go.mod - cache: true + cache: false cache-dependency-path: go.sum # Configure Go for private repository access @@ -43,7 +43,7 @@ jobs: # Setup Docker for containerized development - name: Set up Docker Buildx - uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3 + uses: docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0 # Install Go dependencies and development tools - name: Install Go dependencies and tools diff --git a/.github/workflows/create-release.yml b/.github/workflows/create-release.yml index 963e49c93..0752964aa 100644 --- a/.github/workflows/create-release.yml +++ b/.github/workflows/create-release.yml @@ -88,7 +88,7 @@ jobs: printf '%s\n' "${{ steps.next_version.outputs.tag }}" > release-metadata/release-tag.txt - name: Upload release metadata - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: release-metadata path: release-metadata/release-tag.txt diff --git a/.github/workflows/dependency-update.yml b/.github/workflows/dependency-update.yml index 6a0c61b79..e2ade31c9 100644 --- a/.github/workflows/dependency-update.yml +++ b/.github/workflows/dependency-update.yml @@ -30,8 +30,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.24' - cache: true + go-version: '1.26.4' + cache: false - name: Update main dependencies run: | @@ -50,7 +50,7 @@ jobs: cd example && go build ./... - name: Create Pull Request - uses: peter-evans/create-pull-request@22a9089034f40e5a961c8808d113e2c98fb63676 # v7 + uses: peter-evans/create-pull-request@5f6978faf089d4d20b00c7766989d076bb2fc7f1 # v8.1.1 with: token: ${{ secrets.GITHUB_TOKEN }} commit-message: 'chore: update Go dependencies' diff --git a/.github/workflows/helm-lint.yml b/.github/workflows/helm-lint.yml index 536c7e2e1..ad5dd96cb 100644 --- a/.github/workflows/helm-lint.yml +++ b/.github/workflows/helm-lint.yml @@ -18,7 +18,7 @@ jobs: uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Helm - uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4 + uses: azure/setup-helm@1a275c3b69536ee54be43f2070a358922e12c8d4 # v4.3.1 with: version: 'v3.16.0' diff --git a/.github/workflows/osv-scanner.yml b/.github/workflows/osv-scanner.yml index 27724a17a..af18d8f8c 100644 --- a/.github/workflows/osv-scanner.yml +++ b/.github/workflows/osv-scanner.yml @@ -32,7 +32,7 @@ permissions: jobs: scan-scheduled: if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }} - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@c5996e0193a3df57d695c1b8a1dec2a4c62e8730" # v2.3.3 + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@9a498708959aeaef5ef730655706c5a1df1edbc2" # v2.3.8 with: # Example of specifying custom arguments scan-args: |- @@ -41,7 +41,7 @@ jobs: ./ scan-pr: if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }} - uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@c5996e0193a3df57d695c1b8a1dec2a4c62e8730" # v2.3.3 + uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@9a498708959aeaef5ef730655706c5a1df1edbc2" # v2.3.8 with: # Example of specifying custom arguments scan-args: |- diff --git a/.github/workflows/pre-release.yml b/.github/workflows/pre-release.yml index 7189136d4..c47373466 100644 --- a/.github/workflows/pre-release.yml +++ b/.github/workflows/pre-release.yml @@ -30,8 +30,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -65,8 +65,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -115,12 +115,12 @@ jobs: - name: Create checksums run: | cd dist - sha256sum * > checksums.txt + sha256sum ./* > checksums.txt - name: Clean up old snapshot releases run: | # Delete all previous snapshot-* releases (keep only latest) - gh release list --limit 50 | grep '^snapshot-' | awk '{print $1}' | while read tag; do + gh release list --limit 50 | grep '^snapshot-' | awk '{print $1}' | while read -r tag; do gh release delete "$tag" --yes --cleanup-tag || true done env: @@ -158,8 +158,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up ko uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9 diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 7a9a00c9b..cc1859e3e 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -37,8 +37,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -90,7 +90,7 @@ jobs: echo "UI_TARBALL=workflow-admin-ui-${VERSION}.tar.gz" >> "$GITHUB_ENV" - name: Upload UI artifact - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: admin-ui path: workflow-admin-ui-*.tar.gz @@ -113,8 +113,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 @@ -143,7 +143,8 @@ jobs: GONOSUMCHECK: github.com/GoCodeAlone/* GOFLAGS: -mod=mod run: | - export KO_DOCKER_REPO="ghcr.io/$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" + KO_DOCKER_REPO="ghcr.io/$(echo '${{ github.repository }}' | tr '[:upper:]' '[:lower:]')" + export KO_DOCKER_REPO VERSION="${TAG_NAME#v}" CORE_VERSION="${VERSION%%[-+]*}" MAJOR_MINOR="$(echo "$CORE_VERSION" | cut -d. -f1-2)" @@ -193,8 +194,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Set up Node.js if: matrix.build_ui @@ -231,7 +232,7 @@ jobs: done - name: Upload binaries - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4 + uses: actions/upload-artifact@043fb46d1a93c77aae656e7c1c64a875d1fc6a0a # v7.0.1 with: name: binaries-${{ matrix.name }} path: dist/* @@ -249,14 +250,14 @@ jobs: fetch-depth: 0 - name: Download all binary artifacts - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: pattern: binaries-* path: dist merge-multiple: true - name: Download admin UI artifact - uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4 + uses: actions/download-artifact@3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c # v8.0.1 with: name: admin-ui path: dist @@ -264,8 +265,8 @@ jobs: - name: Set up Go uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' - cache: true + go-version: '1.26.4' + cache: false - name: Generate grpc-versions.txt # Cross-repo dep-sync foundation per @@ -291,7 +292,7 @@ jobs: - name: Create checksums run: | cd dist - sha256sum * > checksums.txt + sha256sum ./* > checksums.txt - name: Create Release (draft during asset upload) uses: softprops/action-gh-release@3bb12739c298aeb8a4eeaf626c5b8d85266b0e65 # v2 @@ -315,7 +316,7 @@ jobs: if: ${{ !contains(inputs.tag_name || github.ref_name, '-') }} steps: - name: Update wfctl formula in homebrew-tap - uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4 + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 with: token: ${{ secrets.repo_dispatch_token }} repository: GoCodeAlone/homebrew-tap @@ -332,7 +333,7 @@ jobs: repo: ['GoCodeAlone/workflow-editor'] steps: - name: Trigger IDE update for ${{ matrix.repo }} - uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4 + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 with: token: ${{ secrets.repo_dispatch_token }} repository: ${{ matrix.repo }} @@ -346,7 +347,7 @@ jobs: if: ${{ !contains(inputs.tag_name || github.ref_name, '-') }} steps: - name: Trigger registry manifest sync - uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4 + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 with: token: ${{ secrets.repo_dispatch_token }} repository: GoCodeAlone/workflow-registry @@ -360,7 +361,7 @@ jobs: if: ${{ !contains(inputs.tag_name || github.ref_name, '-') }} steps: - name: Trigger workflow-scenarios bump - uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4 + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 with: token: ${{ secrets.repo_dispatch_token }} repository: GoCodeAlone/workflow-scenarios diff --git a/.github/workflows/test-dispatch.yml b/.github/workflows/test-dispatch.yml index 0a8a17d43..a1e57929f 100644 --- a/.github/workflows/test-dispatch.yml +++ b/.github/workflows/test-dispatch.yml @@ -25,7 +25,7 @@ jobs: echo "REPO_DISPATCH_TOKEN is set" - name: Dispatch to workflow-editor - uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4 + uses: peter-evans/repository-dispatch@28959ce8df70de7be546dd1250a005dd32156697 # v4.0.1 with: token: ${{ secrets.REPO_DISPATCH_TOKEN }} repository: GoCodeAlone/workflow-editor diff --git a/CICD_PLAN.md b/CICD_PLAN.md index ef2640b1c..08123915b 100644 --- a/CICD_PLAN.md +++ b/CICD_PLAN.md @@ -90,7 +90,7 @@ func (s *DockerSandbox) CopyOut(ctx context.Context, srcPath string) (io.ReadClo - name: build-ui type: step.shell_exec config: - image: node:20-alpine + image: node:24-alpine commands: - npm ci - npm run build diff --git a/CONTRIBUTING.md b/CONTRIBUTING.md index 368614f23..f5a049fac 100644 --- a/CONTRIBUTING.md +++ b/CONTRIBUTING.md @@ -6,8 +6,8 @@ Thank you for your interest in contributing to the workflow engine. This guide c ### Prerequisites -- Go 1.26+ -- Node.js 18+ (for UI development) +- Go 1.26.4+ +- Node.js 24+ (for UI development) - Git - `golangci-lint` (install: `go install github.com/golangci/golangci-lint/cmd/golangci-lint@latest`) diff --git a/DOCUMENTATION.md b/DOCUMENTATION.md index 6a49fc95a..1bd85046b 100644 --- a/DOCUMENTATION.md +++ b/DOCUMENTATION.md @@ -1511,7 +1511,7 @@ steps: - name: run-tests type: step.docker_run config: - image: "golang:1.25" + image: "golang:1.26.4" command: ["go", "test", "./..."] env: CI: "true" diff --git a/README.md b/README.md index e3d3d08e6..0552dfac5 100644 --- a/README.md +++ b/README.md @@ -133,8 +133,8 @@ scaffolds, see [Repository Layout](docs/REPO_LAYOUT.md). ### Requirements -- Go 1.26+ -- Node.js 18+ (for UI development) +- Go 1.26.4+ +- Node.js 24+ (for UI development) ### Run the Server diff --git a/cigen/render_gha.go b/cigen/render_gha.go index 89b7a4974..b5123d12a 100644 --- a/cigen/render_gha.go +++ b/cigen/render_gha.go @@ -7,7 +7,7 @@ import ( const ( githubActionsCheckoutRef = "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3" - githubActionsScriptRef = "actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7" + githubActionsScriptRef = "actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0" // #nosec G101 -- action commit SHA, not a credential. githubActionsSetupWfctlRef = "GoCodeAlone/setup-wfctl@bcd880980f5bbe8d192d0c20ff6279d25331f956 # v1" ) diff --git a/cigen/render_gha_test.go b/cigen/render_gha_test.go index f9922b3ea..5b6158c72 100644 --- a/cigen/render_gha_test.go +++ b/cigen/render_gha_test.go @@ -78,7 +78,7 @@ func TestRenderGitHubActions_PinsActionSHAs(t *testing.T) { for _, want := range []string{ "actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3", "GoCodeAlone/setup-wfctl@bcd880980f5bbe8d192d0c20ff6279d25331f956 # v1", - "actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7", + "actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0", } { if !strings.Contains(content, want) { t.Fatalf("generated GitHub Actions workflow missing pinned action %q:\n%s", want, content) @@ -87,7 +87,7 @@ func TestRenderGitHubActions_PinsActionSHAs(t *testing.T) { for _, moving := range []string{ "actions/checkout@" + "v6", "GoCodeAlone/setup-wfctl@" + "v1", - "actions/github-script@" + "v7", + "actions/github-script@" + "v9", } { if strings.Contains(content, moving) { t.Fatalf("generated GitHub Actions workflow contains moving action ref %q:\n%s", moving, content) diff --git a/cigen/testdata/multisite/generated-infra.yml b/cigen/testdata/multisite/generated-infra.yml index 9aa4b0221..23087a4bf 100644 --- a/cigen/testdata/multisite/generated-infra.yml +++ b/cigen/testdata/multisite/generated-infra.yml @@ -32,7 +32,7 @@ jobs: - name: Plan deploy run: wfctl infra plan --config 'deploy.yaml' --format markdown >> plan.md - name: Post plan comment - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const fs = require('fs'); diff --git a/cmd/wfctl/build_security_audit_test.go b/cmd/wfctl/build_security_audit_test.go index e2aefdc55..a9d482d4a 100644 --- a/cmd/wfctl/build_security_audit_test.go +++ b/cmd/wfctl/build_security_audit_test.go @@ -377,7 +377,7 @@ ci: containers: - name: app method: dockerfile -`, `FROM golang:1.22-alpine +`, `FROM golang:1.26.4-alpine RUN addgroup -S app && adduser -S app -G app USER app COPY . . @@ -406,7 +406,7 @@ ci: containers: - name: app method: dockerfile -`, `FROM golang:1.22-alpine +`, `FROM golang:1.26.4-alpine USER app `) findings := runBuildAuditChecks(cfgPath, filepath.Dir(cfgPath)) diff --git a/cmd/wfctl/deploy.go b/cmd/wfctl/deploy.go index 20fdf38f4..00fd603fb 100644 --- a/cmd/wfctl/deploy.go +++ b/cmd/wfctl/deploy.go @@ -972,7 +972,7 @@ func writeDockerfile(path string) error { const content = `# Auto-generated by wfctl deploy docker # Multi-stage build for a workflow engine application. -FROM golang:1.25-alpine AS builder +FROM golang:1.26.4-alpine AS builder RUN apk add --no-cache git ca-certificates WORKDIR /build COPY go.mod go.sum ./ diff --git a/cmd/wfctl/generate.go b/cmd/wfctl/generate.go index b5eb93974..c8447b902 100644 --- a/cmd/wfctl/generate.go +++ b/cmd/wfctl/generate.go @@ -54,8 +54,8 @@ const ( // #nosec G101 -- action commit SHA, not a credential. githubActionsSetupWfctlRef = "GoCodeAlone/setup-wfctl@bcd880980f5bbe8d192d0c20ff6279d25331f956 # v1" githubActionsDockerLoginRef = "docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3" - githubActionsDockerSetupBuildxRef = "docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3" - githubActionsDockerBuildPushRef = "docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6" + githubActionsDockerSetupBuildxRef = "docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0" + githubActionsDockerBuildPushRef = "docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0" ) func runGenerateGithubActions(args []string) error { @@ -177,7 +177,7 @@ func writeCIWorkflow(path string, features *projectFeatures) error { fmt.Fprintf(&b, " - uses: %s\n", githubActionsCheckoutRef) fmt.Fprintf(&b, " - uses: %s\n", githubActionsSetupGoRef) b.WriteString(" with:\n") - b.WriteString(" go-version: '1.22'\n") + b.WriteString(" go-version: '1.26.4'\n") b.WriteString(" - name: Install wfctl\n") b.WriteString(" run: go install github.com/GoCodeAlone/workflow/cmd/wfctl@latest\n") b.WriteString(" - name: Validate config\n") @@ -230,7 +230,7 @@ func writeCDWorkflow(path string, features *projectFeatures, registry, platforms fmt.Fprintf(&b, " - uses: %s\n", githubActionsCheckoutRef) fmt.Fprintf(&b, " - uses: %s\n", githubActionsSetupGoRef) b.WriteString(" with:\n") - b.WriteString(" go-version: '1.22'\n") + b.WriteString(" go-version: '1.26.4'\n") if features.hasUI { fmt.Fprintf(&b, " - uses: %s\n", githubActionsSetupNodeRef) @@ -280,7 +280,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.22' + go-version: '1.26.4' - name: Build plugin binaries run: | mkdir -p dist diff --git a/cmd/wfctl/plugin_conformance_test.go b/cmd/wfctl/plugin_conformance_test.go index 617488d16..02786a487 100644 --- a/cmd/wfctl/plugin_conformance_test.go +++ b/cmd/wfctl/plugin_conformance_test.go @@ -408,7 +408,7 @@ func prepareConformanceFixture(t *testing.T, name string) string { if err != nil { t.Fatalf("repo root: %v", err) } - goMod := "module example.com/" + name + "\n\ngo 1.26.0\n\nrequire github.com/GoCodeAlone/workflow v0.0.0\n\nreplace github.com/GoCodeAlone/workflow => " + filepath.ToSlash(root) + "\n" + goMod := "module example.com/" + name + "\n\ngo 1.26.4\n\nrequire github.com/GoCodeAlone/workflow v0.0.0\n\nreplace github.com/GoCodeAlone/workflow => " + filepath.ToSlash(root) + "\n" if err := os.WriteFile(filepath.Join(dst, "go.mod"), []byte(goMod), 0o600); err != nil { t.Fatalf("write fixture go.mod: %v", err) } diff --git a/cmd/wfctl/templates/api-service/.github/workflows/ci.yml.tmpl b/cmd/wfctl/templates/api-service/.github/workflows/ci.yml.tmpl index 8a029a49a..e3cb94363 100644 --- a/cmd/wfctl/templates/api-service/.github/workflows/ci.yml.tmpl +++ b/cmd/wfctl/templates/api-service/.github/workflows/ci.yml.tmpl @@ -12,7 +12,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.22' + go-version: '1.26.4' - name: Install wfctl run: go install github.com/GoCodeAlone/workflow/cmd/wfctl@latest - name: Validate config diff --git a/cmd/wfctl/templates/api-service/Dockerfile.tmpl b/cmd/wfctl/templates/api-service/Dockerfile.tmpl index 62efe142a..c81f01c89 100644 --- a/cmd/wfctl/templates/api-service/Dockerfile.tmpl +++ b/cmd/wfctl/templates/api-service/Dockerfile.tmpl @@ -1,4 +1,4 @@ -FROM golang:1.22-alpine AS builder +FROM golang:1.26.4-alpine AS builder WORKDIR /app diff --git a/cmd/wfctl/templates/api-service/README.md.tmpl b/cmd/wfctl/templates/api-service/README.md.tmpl index c1147ce63..10fb1f880 100644 --- a/cmd/wfctl/templates/api-service/README.md.tmpl +++ b/cmd/wfctl/templates/api-service/README.md.tmpl @@ -6,7 +6,7 @@ A workflow-based API service built with the [GoCodeAlone/workflow](https://githu ### Prerequisites -- Go 1.22+ +- Go 1.26.4+ ### Run diff --git a/cmd/wfctl/templates/api-service/go.mod.tmpl b/cmd/wfctl/templates/api-service/go.mod.tmpl index b86f759b3..634d7b7cb 100644 --- a/cmd/wfctl/templates/api-service/go.mod.tmpl +++ b/cmd/wfctl/templates/api-service/go.mod.tmpl @@ -1,6 +1,6 @@ module github.com/{{.Author}}/{{.Name}} -go 1.22 +go 1.26.4 require ( github.com/CrisisTextLine/modular v1.11.11 diff --git a/cmd/wfctl/templates/event-processor/.github/workflows/ci.yml.tmpl b/cmd/wfctl/templates/event-processor/.github/workflows/ci.yml.tmpl index 8a029a49a..e3cb94363 100644 --- a/cmd/wfctl/templates/event-processor/.github/workflows/ci.yml.tmpl +++ b/cmd/wfctl/templates/event-processor/.github/workflows/ci.yml.tmpl @@ -12,7 +12,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.22' + go-version: '1.26.4' - name: Install wfctl run: go install github.com/GoCodeAlone/workflow/cmd/wfctl@latest - name: Validate config diff --git a/cmd/wfctl/templates/event-processor/Dockerfile.tmpl b/cmd/wfctl/templates/event-processor/Dockerfile.tmpl index 62efe142a..c81f01c89 100644 --- a/cmd/wfctl/templates/event-processor/Dockerfile.tmpl +++ b/cmd/wfctl/templates/event-processor/Dockerfile.tmpl @@ -1,4 +1,4 @@ -FROM golang:1.22-alpine AS builder +FROM golang:1.26.4-alpine AS builder WORKDIR /app diff --git a/cmd/wfctl/templates/event-processor/README.md.tmpl b/cmd/wfctl/templates/event-processor/README.md.tmpl index 37443deb1..6f1f7b0bd 100644 --- a/cmd/wfctl/templates/event-processor/README.md.tmpl +++ b/cmd/wfctl/templates/event-processor/README.md.tmpl @@ -6,7 +6,7 @@ An event-driven workflow processor built with the [GoCodeAlone/workflow](https:/ ### Prerequisites -- Go 1.22+ +- Go 1.26.4+ ### Run diff --git a/cmd/wfctl/templates/event-processor/go.mod.tmpl b/cmd/wfctl/templates/event-processor/go.mod.tmpl index b86f759b3..634d7b7cb 100644 --- a/cmd/wfctl/templates/event-processor/go.mod.tmpl +++ b/cmd/wfctl/templates/event-processor/go.mod.tmpl @@ -1,6 +1,6 @@ module github.com/{{.Author}}/{{.Name}} -go 1.22 +go 1.26.4 require ( github.com/CrisisTextLine/modular v1.11.11 diff --git a/cmd/wfctl/templates/full-stack/.github/workflows/ci.yml.tmpl b/cmd/wfctl/templates/full-stack/.github/workflows/ci.yml.tmpl index 9897ac852..bd0fcd5dd 100644 --- a/cmd/wfctl/templates/full-stack/.github/workflows/ci.yml.tmpl +++ b/cmd/wfctl/templates/full-stack/.github/workflows/ci.yml.tmpl @@ -12,7 +12,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.22' + go-version: '1.26.4' - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: '24' diff --git a/cmd/wfctl/templates/full-stack/Dockerfile.tmpl b/cmd/wfctl/templates/full-stack/Dockerfile.tmpl index 379bba1f5..5ba9637eb 100644 --- a/cmd/wfctl/templates/full-stack/Dockerfile.tmpl +++ b/cmd/wfctl/templates/full-stack/Dockerfile.tmpl @@ -1,4 +1,4 @@ -FROM node:20-alpine AS ui-builder +FROM node:24-alpine AS ui-builder WORKDIR /app/ui COPY ui/package*.json ./ @@ -6,7 +6,7 @@ RUN npm ci COPY ui/ . RUN npm run build -FROM golang:1.22-alpine AS go-builder +FROM golang:1.26.4-alpine AS go-builder WORKDIR /app COPY go.mod ./ diff --git a/cmd/wfctl/templates/full-stack/README.md.tmpl b/cmd/wfctl/templates/full-stack/README.md.tmpl index bd006c9ec..824fde09f 100644 --- a/cmd/wfctl/templates/full-stack/README.md.tmpl +++ b/cmd/wfctl/templates/full-stack/README.md.tmpl @@ -6,8 +6,8 @@ A full-stack workflow application with React UI and Go backend, built with the [ ### Prerequisites -- Go 1.22+ -- Node.js 18+ +- Go 1.26.4+ +- Node.js 24+ ### Development diff --git a/cmd/wfctl/templates/full-stack/go.mod.tmpl b/cmd/wfctl/templates/full-stack/go.mod.tmpl index b86f759b3..634d7b7cb 100644 --- a/cmd/wfctl/templates/full-stack/go.mod.tmpl +++ b/cmd/wfctl/templates/full-stack/go.mod.tmpl @@ -1,6 +1,6 @@ module github.com/{{.Author}}/{{.Name}} -go 1.22 +go 1.26.4 require ( github.com/CrisisTextLine/modular v1.11.11 diff --git a/cmd/wfctl/templates/plugin/.github/workflows/release.yml.tmpl b/cmd/wfctl/templates/plugin/.github/workflows/release.yml.tmpl index b87fa33f6..5864c818e 100644 --- a/cmd/wfctl/templates/plugin/.github/workflows/release.yml.tmpl +++ b/cmd/wfctl/templates/plugin/.github/workflows/release.yml.tmpl @@ -12,7 +12,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.22' + go-version: '1.26.4' - name: Build plugin binaries run: | mkdir -p dist diff --git a/cmd/wfctl/templates/plugin/go.mod.tmpl b/cmd/wfctl/templates/plugin/go.mod.tmpl index 4c497e780..8ca0bcec5 100644 --- a/cmd/wfctl/templates/plugin/go.mod.tmpl +++ b/cmd/wfctl/templates/plugin/go.mod.tmpl @@ -1,6 +1,6 @@ module github.com/{{.Author}}/{{.Name}} -go 1.22 +go 1.26.4 require ( github.com/GoCodeAlone/workflow v0.1.0 diff --git a/cmd/wfctl/templates/ui-plugin/.github/workflows/release.yml.tmpl b/cmd/wfctl/templates/ui-plugin/.github/workflows/release.yml.tmpl index 45b12e0c3..331076f03 100644 --- a/cmd/wfctl/templates/ui-plugin/.github/workflows/release.yml.tmpl +++ b/cmd/wfctl/templates/ui-plugin/.github/workflows/release.yml.tmpl @@ -12,7 +12,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.22' + go-version: '1.26.4' - uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: node-version: '24' diff --git a/cmd/wfctl/templates/ui-plugin/go.mod.tmpl b/cmd/wfctl/templates/ui-plugin/go.mod.tmpl index 4c497e780..8ca0bcec5 100644 --- a/cmd/wfctl/templates/ui-plugin/go.mod.tmpl +++ b/cmd/wfctl/templates/ui-plugin/go.mod.tmpl @@ -1,6 +1,6 @@ module github.com/{{.Author}}/{{.Name}} -go 1.22 +go 1.26.4 require ( github.com/GoCodeAlone/workflow v0.1.0 diff --git a/cmd/wfctl/testdata/conformance/iac-hang/go.mod b/cmd/wfctl/testdata/conformance/iac-hang/go.mod index e94e6e2cb..cf7417c92 100644 --- a/cmd/wfctl/testdata/conformance/iac-hang/go.mod +++ b/cmd/wfctl/testdata/conformance/iac-hang/go.mod @@ -1,3 +1,3 @@ module example.com/iac-hang -go 1.26.0 +go 1.26.4 diff --git a/cmd/wfctl/testdata/conformance/iac-pass/go.mod b/cmd/wfctl/testdata/conformance/iac-pass/go.mod index 584e7c3bf..d6585d02c 100644 --- a/cmd/wfctl/testdata/conformance/iac-pass/go.mod +++ b/cmd/wfctl/testdata/conformance/iac-pass/go.mod @@ -1,6 +1,6 @@ module example.com/iac-pass -go 1.26.0 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.0.0 diff --git a/cmd/wfctl/testdata/conformance/no-iac/go.mod b/cmd/wfctl/testdata/conformance/no-iac/go.mod index 6f33cd24e..52ca2cd88 100644 --- a/cmd/wfctl/testdata/conformance/no-iac/go.mod +++ b/cmd/wfctl/testdata/conformance/no-iac/go.mod @@ -1,6 +1,6 @@ module example.com/no-iac -go 1.26.0 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.0.0 diff --git a/cmd/wfctl/testdata/verify_capabilities/good/go.mod b/cmd/wfctl/testdata/verify_capabilities/good/go.mod index 72d494baa..a3f3fa413 100644 --- a/cmd/wfctl/testdata/verify_capabilities/good/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/good/go.mod @@ -1,6 +1,6 @@ module github.com/test/good -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.62.0 diff --git a/cmd/wfctl/testdata/verify_capabilities/iac-extra-service/go.mod b/cmd/wfctl/testdata/verify_capabilities/iac-extra-service/go.mod index e885c9016..69e9904c7 100644 --- a/cmd/wfctl/testdata/verify_capabilities/iac-extra-service/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/iac-extra-service/go.mod @@ -1,6 +1,6 @@ module github.com/test/iac-extra-service -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.63.2 diff --git a/cmd/wfctl/testdata/verify_capabilities/iac-good/go.mod b/cmd/wfctl/testdata/verify_capabilities/iac-good/go.mod index 5d83b062c..063f0714a 100644 --- a/cmd/wfctl/testdata/verify_capabilities/iac-good/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/iac-good/go.mod @@ -1,6 +1,6 @@ module github.com/test/iac-good -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.63.2 diff --git a/cmd/wfctl/testdata/verify_capabilities/iac-missing-service/go.mod b/cmd/wfctl/testdata/verify_capabilities/iac-missing-service/go.mod index a1fd2a212..ccb16a266 100644 --- a/cmd/wfctl/testdata/verify_capabilities/iac-missing-service/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/iac-missing-service/go.mod @@ -1,6 +1,6 @@ module github.com/test/iac-missing-service -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.63.2 diff --git a/cmd/wfctl/testdata/verify_capabilities/missing-ldflag/go.mod b/cmd/wfctl/testdata/verify_capabilities/missing-ldflag/go.mod index 3ba21833c..8cbf0b862 100644 --- a/cmd/wfctl/testdata/verify_capabilities/missing-ldflag/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/missing-ldflag/go.mod @@ -1,6 +1,6 @@ module github.com/test/missing-ldflag -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.62.0 diff --git a/cmd/wfctl/testdata/verify_capabilities/name-drift/go.mod b/cmd/wfctl/testdata/verify_capabilities/name-drift/go.mod index 79d8c379c..34d58cf72 100644 --- a/cmd/wfctl/testdata/verify_capabilities/name-drift/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/name-drift/go.mod @@ -1,6 +1,6 @@ module github.com/test/name-drift -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.62.0 diff --git a/cmd/wfctl/testdata/verify_capabilities/release-good/go.mod b/cmd/wfctl/testdata/verify_capabilities/release-good/go.mod index dd3c931cc..3bac2f713 100644 --- a/cmd/wfctl/testdata/verify_capabilities/release-good/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/release-good/go.mod @@ -1,6 +1,6 @@ module github.com/test/release-good -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.62.0 diff --git a/cmd/wfctl/testdata/verify_capabilities/version-drift/go.mod b/cmd/wfctl/testdata/verify_capabilities/version-drift/go.mod index d9ad48923..6fbb61da9 100644 --- a/cmd/wfctl/testdata/verify_capabilities/version-drift/go.mod +++ b/cmd/wfctl/testdata/verify_capabilities/version-drift/go.mod @@ -1,6 +1,6 @@ module github.com/test/version-drift -go 1.26.1 +go 1.26.4 require github.com/GoCodeAlone/workflow v0.62.0 diff --git a/data/registry/.github/workflows/validate.yml b/data/registry/.github/workflows/validate.yml index 36cfbdb8d..fd0b64822 100644 --- a/data/registry/.github/workflows/validate.yml +++ b/data/registry/.github/workflows/validate.yml @@ -13,12 +13,12 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Set up Node.js - uses: actions/setup-node@v4 + uses: actions/setup-node@48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e # v6.4.0 with: - node-version: '20' + node-version: '24' - name: Install ajv-cli run: npm install --global ajv-cli @@ -32,7 +32,7 @@ jobs: permissions: contents: read steps: - - uses: actions/checkout@v6 + - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - name: Validate template YAML files run: bash scripts/validate-templates.sh diff --git a/data/registry/templates/ui-plugin.yaml b/data/registry/templates/ui-plugin.yaml index db832ad3e..1bc694bef 100644 --- a/data/registry/templates/ui-plugin.yaml +++ b/data/registry/templates/ui-plugin.yaml @@ -16,5 +16,5 @@ workflow_handlers: [] notes: | Use this template to extend the workflow builder UI with custom React components, new node types in the visual editor, or additional navigation pages. - Requires Node.js 18+ and follows the Vite + TypeScript + Zustand stack. + Requires Node.js 24+ and follows the Vite + TypeScript + Zustand stack. source: https://github.com/GoCodeAlone/workflow/tree/main/ui diff --git a/docs/APPLICATION_UI_CONTRACT.md b/docs/APPLICATION_UI_CONTRACT.md index 41f2be115..2b2875664 100644 --- a/docs/APPLICATION_UI_CONTRACT.md +++ b/docs/APPLICATION_UI_CONTRACT.md @@ -219,7 +219,7 @@ go build -o myapp ./cmd/server ```dockerfile # Stage 1: Build UI -FROM node:20-alpine AS ui-builder +FROM node:24-alpine AS ui-builder WORKDIR /app/ui COPY ui/package*.json ./ RUN npm ci @@ -227,7 +227,7 @@ COPY ui/ ./ RUN npm run build # Stage 2: Build Go binary -FROM golang:1.25-alpine AS go-builder +FROM golang:1.26.4-alpine AS go-builder WORKDIR /app COPY --from=ui-builder /app/ui/dist ./module/ui_dist COPY . . diff --git a/docs/tutorials/building-apps-with-workflow.md b/docs/tutorials/building-apps-with-workflow.md index 5f91f6e12..9ba583bbd 100644 --- a/docs/tutorials/building-apps-with-workflow.md +++ b/docs/tutorials/building-apps-with-workflow.md @@ -4,7 +4,7 @@ A hands-on tutorial for developers who want to build real applications using the Throughout this guide, the [Chat Platform example](../../example/chat-platform/) serves as the reference architecture. It is a production-grade mental health support platform built entirely from YAML configuration and dynamic Go components -- no custom server code required. -**Prerequisites**: Go 1.25+, the workflow server binary, and a text editor. +**Prerequisites**: Go 1.26.4+, the workflow server binary, and a text editor. --- @@ -63,7 +63,7 @@ It is not a good fit for: ### Prerequisites -1. **Go 1.25+** installed on your machine +1. **Go 1.26.4+** installed on your machine 2. **The workflow repository** cloned and built: ```bash @@ -74,7 +74,7 @@ go build -o server ./cmd/server The `server` binary is the only executable you need. Everything else is YAML config files, seed data, and optional dynamic component source files. -3. **Optional**: Node.js 18+ if you want to use the visual workflow builder UI +3. **Optional**: Node.js 24+ if you want to use the visual workflow builder UI 4. **Optional**: `golangci-lint` if you plan to contribute custom modules --- diff --git a/docs/tutorials/deploy-pipeline.md b/docs/tutorials/deploy-pipeline.md index 2f42e15df..ddafa5594 100644 --- a/docs/tutorials/deploy-pipeline.md +++ b/docs/tutorials/deploy-pipeline.md @@ -392,7 +392,7 @@ Insert a `build-image` job between `build-test` and the deploy jobs. This compil - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.26' + go-version: '1.26.4' - uses: digitalocean/action-doctl@3cb3953159719656269e044e0e24ca16dd2a690f # v2.5.2 with: token: ${{ secrets.DIGITALOCEAN_TOKEN }} diff --git a/example/ecommerce-app/README.md b/example/ecommerce-app/README.md index 9a46e040e..16943b5ce 100644 --- a/example/ecommerce-app/README.md +++ b/example/ecommerce-app/README.md @@ -439,7 +439,7 @@ npx playwright test --config playwright.config.ts ``` example/ecommerce-app/ ├── workflow.yaml # Complete application configuration (24 modules) -├── Dockerfile # Multi-stage build (golang:1.25 -> alpine:3.19) +├── Dockerfile # Multi-stage build (golang:1.26.4 -> alpine:3.19) ├── docker-compose.yml # Store + Prometheus + Grafana ├── README.md # This file ├── seed/ diff --git a/example/go.mod b/example/go.mod index 3665f4c54..b913e0a9a 100644 --- a/example/go.mod +++ b/example/go.mod @@ -1,6 +1,6 @@ module example -go 1.26.1 +go 1.26.4 replace github.com/GoCodeAlone/workflow => ../ diff --git a/go.mod b/go.mod index 9756f5dc3..bad6615d0 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/GoCodeAlone/workflow -go 1.26.1 +go 1.26.4 require ( charm.land/bubbles/v2 v2.1.0 diff --git a/mcp/github_actions_refs.go b/mcp/github_actions_refs.go index b30791cf9..65935b974 100644 --- a/mcp/github_actions_refs.go +++ b/mcp/github_actions_refs.go @@ -7,6 +7,6 @@ const ( // #nosec G101 -- action commit SHA, not a credential. mcpGithubActionsSetupWfctlRef = "GoCodeAlone/setup-wfctl@bcd880980f5bbe8d192d0c20ff6279d25331f956 # v1" mcpGithubActionsDockerLoginRef = "docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3" - mcpGithubActionsDockerSetupBuildxRef = "docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3" - mcpGithubActionsDockerBuildPushRef = "docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6" + mcpGithubActionsDockerSetupBuildxRef = "docker/setup-buildx-action@f7ce87c1d6bead3e36075b2ce75da1f6cc28aaca # v3.9.0" + mcpGithubActionsDockerBuildPushRef = "docker/build-push-action@4f58ea79222b3b9dc2c8bbdd6debcef730109a75 # v6.9.0" ) diff --git a/mcp/wfctl_tools.go b/mcp/wfctl_tools.go index 268df324d..39c4f5309 100644 --- a/mcp/wfctl_tools.go +++ b/mcp/wfctl_tools.go @@ -1714,7 +1714,7 @@ func mcpGenerateCDWorkflow(features *mcpProjectFeatures, registry, platforms str fmt.Fprintf(&b, " - uses: %s\n", mcpGithubActionsCheckoutRef) fmt.Fprintf(&b, " - uses: %s\n", mcpGithubActionsSetupGoRef) b.WriteString(" with:\n") - b.WriteString(" go-version: '1.22'\n") + b.WriteString(" go-version: '1.26.4'\n") if features.HasUI { fmt.Fprintf(&b, " - uses: %s\n", mcpGithubActionsSetupNodeRef) @@ -1917,7 +1917,7 @@ jobs: - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3 - uses: actions/setup-go@4a3601121dd01d1626a1e23e37211e3254c1c06c # v6.4.0 with: - go-version: '1.22' + go-version: '1.26.4' - name: Build plugin binaries run: | mkdir -p dist