You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
README prerequisite lists "Go 1.25+" but go.mod requires go 1.26.1 - contributors following the docs will hit a toolchain version error
dependabot.yml sets gomod directory to "/" but the Go module (go.mod) lives in "/cli" - Dependabot cannot find it and will never open Go dependency update PRs
CI workflow (ci.yml) installs golangci-lint, staticcheck, gosec, and govulncheck all with @latest - non-pinned tool versions cause non-deterministic CI failures when those tools ship breaking releases
The ci.yml test job runs actions/setup-go twice (once before tests, once before cross-platform build) - the second invocation is redundant and adds unnecessary CI latency
Core business-logic packages have very low test coverage - coverage_chk shows the majority of checkpoint.go lines are never executed (count=0), and launcher_test.go predominantly tests struct field defaults rather than actual launch, MCP configuration, or error-handling paths
golangci.yml enables only 6 linters (errcheck, govet, staticcheck, unused, ineffassign, misspell) - widely-used production linters such as gosimple, bodyclose, noctx, and wrapcheck are absent, leaving common error classes (unclosed HTTP bodies, missing context propagation, bare error returns) undetected
project review
Automated analysis - 6 finding(s)