{"id":47683123,"url":"https://github.com/rybkr/gitvista","last_synced_at":"2026-04-02T14:11:08.357Z","repository":{"id":321502497,"uuid":"1086085742","full_name":"rybkr/gitvista","owner":"rybkr","description":"Visualization tool for Git history","archived":false,"fork":false,"pushed_at":"2026-03-26T17:26:34.000Z","size":49336,"stargazers_count":0,"open_issues_count":81,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2026-03-26T18:12:45.707Z","etag":null,"topics":["dev","git","tool","visualization"],"latest_commit_sha":null,"homepage":"https://gitvista.io","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rybkr.png","metadata":{"files":{"readme":".github/README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":"AGENTS.md","dco":null,"cla":null}},"created_at":"2025-10-29T23:36:12.000Z","updated_at":"2026-03-26T17:26:40.000Z","dependencies_parsed_at":"2025-10-30T02:13:37.492Z","dependency_job_id":"d6c70541-e6f1-4b2c-8c0c-4258086b15a0","html_url":"https://github.com/rybkr/gitvista","commit_stats":null,"previous_names":["rybkr/gitspy","rybkr/gitvista"],"tags_count":17,"template":false,"template_full_name":null,"purl":"pkg:github/rybkr/gitvista","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rybkr%2Fgitvista","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rybkr%2Fgitvista/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rybkr%2Fgitvista/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rybkr%2Fgitvista/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rybkr","download_url":"https://codeload.github.com/rybkr/gitvista/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rybkr%2Fgitvista/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31307592,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-02T12:59:32.332Z","status":"ssl_error","status_checked_at":"2026-04-02T12:54:48.875Z","response_time":89,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.5:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["dev","git","tool","visualization"],"created_at":"2026-04-02T14:11:07.620Z","updated_at":"2026-04-02T14:11:08.338Z","avatar_url":"https://github.com/rybkr.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# CI/CD and Pre-commit Configuration\n\nThis directory contains GitHub Actions workflows and pre-commit hook configuration for continuous integration, security, and development automation.\n\n## Quick Links\n\n- **For Developers:** See [DEVELOPMENT.md](../../DEVELOPMENT.md) for local setup\n- **For Branch Protection:** See [BRANCH_PROTECTION.md](BRANCH_PROTECTION.md) for main branch rules\n- **For Infrastructure:** This document\n\n## Overview\n\nThe GitVista project uses:\n\n1. **Lefthook** - Fast pre-commit framework for local checks before committing\n2. **GitHub Actions CI/CD** - Automated testing, building, and security scanning\n3. **Branch Protection Rules** - Enforce quality gates on main branch\n\n## Pre-commit Hooks (Lefthook)\n\n### What Runs Locally\n\nWhen you make a commit, lefthook automatically runs checks to catch issues before they reach GitHub:\n\n**File: `lefthook.yml`**\n\n| Check | Files | Time | Auto-fix |\n|-------|-------|------|----------|\n| gofmt | `*.go` | \u003c 1s | ✅ Yes |\n| goimports | `*.go` | \u003c 2s | ✅ Yes |\n| go vet | `*.go` | \u003c 1s | ❌ No |\n| staticcheck | `*.go` | \u003c 5s | ❌ No |\n| gosec | `internal/**/*.go` | \u003c 2s | ❌ No |\n| js-syntax | `web/**/*.js` | \u003c 1s | ❌ No |\n| js-commonjs | `web/**/*.js` | \u003c 1s | ❌ No |\n\n**Total time:** ~10 seconds (fast enough not to interrupt workflow)\n\n### Installation\n\nSee [DEVELOPMENT.md](../../DEVELOPMENT.md#quick-start) for setup instructions or run:\n\n```bash\nmake setup-hooks\n```\n\n## GitHub Actions CI Workflow\n\n### File: `workflows/ci.yml`\n\nComprehensive CI pipeline that runs on:\n- Every push to `main` and `dev` branches\n- All pull requests to `main`\n- Automatically triggered by GitHub\n\n### Jobs Overview\n\nAll jobs run in parallel for speed (~3-5 minutes total):\n\n#### 1. **Format Check** (\u003c 10s)\n- Validates all Go code is gofmt-compliant\n- Fails if any file needs formatting\n- **Status:** Required\n\n#### 2. **Vet** (\u003c 30s)\n- Runs `go vet` for suspicious code patterns\n- Detects unused variables, pointer errors, unreachable code\n- **Status:** Required\n\n#### 3. **Lint** (\u003c 2m)\n- Runs golangci-lint with 13+ linters\n- Configured in `/.golangci.yml`\n- Linters: errcheck, staticcheck, gosec, revive, misspell, and more\n- Only reports new issues on PRs (not on main push)\n- **Status:** Required\n\n#### 4. **Security Scan** (\u003c 1m)\n- Runs govulncheck for known CVEs in dependencies\n- Uses Go's official vulnerability database\n- Fails on confirmed exploitable vulnerabilities\n- **Status:** Required\n\n#### 5. **Test** (\u003c 3m)\n- Runs all unit tests with race detector\n- Generates coverage report\n- Uploads coverage to Codecov\n- Coverage badge available in README\n- **Status:** Required\n\n#### 6. **Integration Tests** (\u003c 3m)\n- Runs integration tests with full Git context\n- Tests component interactions\n- Requires `integration` build tag\n- **Status:** Required\n\n#### 7. **E2E Tests** (\u003c 3m)\n- Runs end-to-end tests\n- Tests complete workflows\n- Compares output against git baseline\n- Requires `e2e` build tag\n- **Status:** Required\n\n#### 8. **Validate JavaScript** (\u003c 10s)\n- Node.js syntax validation for all `.js` files\n- Checks for CommonJS/ES module mixing\n- Ensures ES module compliance\n- **Status:** Required\n\n#### 9. **Build** (\u003c 2m)\n- Compiles both binaries (gitvista and gitvista-cli)\n- Verifies no missing imports\n- Ensures clean compilation\n- **Status:** Required\n\n#### 10. **Docker Build** (\u003c 3m)\n- Builds production Docker image\n- Uses multi-stage Dockerfile\n- Caches intermediate layers\n- **Status:** Required\n\n#### 11. **Dependency Check** (\u003c 30s)\n- Verifies `go.mod`/`go.sum` are in sync\n- Ensures no orphaned dependencies\n- Runs `go mod tidy -check`\n- **Status:** Required\n\n#### 12. **CI Status** (instant)\n- Aggregates all job results\n- Master check for branch protection\n- Ensures all checks passed\n- **Status:** Required (master)\n\n### Status Check Details\n\nThe **ci-status** job is the master check used in branch protection rules. It verifies that ALL other jobs passed.\n\nIndividual checks also appear in branch protection (see [BRANCH_PROTECTION.md](BRANCH_PROTECTION.md)):\n\n```yaml\n# All of these are required to be green\nneeds:\n  - format\n  - vet\n  - lint\n  - security\n  - test\n  - integration\n  - e2e\n  - validate-js\n  - build\n  - docker-build\n  - dependencies\n```\n\n## Action Versions\n\nAll GitHub Actions are pinned to specific SHAs (not @latest):\n\n```yaml\n- uses: actions/checkout@b4ffde65f46336ab88eb53be0f37341b4dfc8793  # v4.1.1\n- uses: actions/setup-go@cdcb36256577b078e2e2710620cd304ffbb09590    # v5.0.0\n```\n\nThis prevents:\n- Supply chain attacks via compromised actions\n- Unexpected behavior changes\n- Non-deterministic CI runs\n\nUpdate actions periodically with Dependabot alerts.\n\n## Local Development\n\n### Install Pre-commit Hooks\n\n```bash\n# Automatic setup\nmake setup-hooks\n\n# Manual setup\nbrew install lefthook  # macOS\napt install lefthook   # Linux\nlefthook install\n```\n\n### Replicate CI Locally\n\n```bash\n# Run local CI checks (no Docker or network needed, ~5 minutes)\nmake ci-local\n\n# Run full CI suite including Docker build and dep verification\nmake ci-remote\n\n# Run fast checks only\nmake dev-check  # format, imports, vet\n\n# Run specific checks\nmake test\nmake lint\nmake integration\nmake build\nmake docker-build\n```\n\n### Make Targets Available\n\n```bash\nmake help  # List all available targets\n```\n\nKey targets:\n\n| Target | Purpose |\n|--------|---------|\n| `make setup-hooks` | Install pre-commit hooks |\n| `make dev-check` | Quick format/vet/imports check |\n| `make test` | Unit tests |\n| `make cover` | Tests with coverage |\n| `make cover-html` | Coverage report in browser |\n| `make integration` | Integration tests |\n| `make e2e` | End-to-end tests |\n| `make lint` | Run linters |\n| `make vet` | Static analysis |\n| `make format` | Auto-format code |\n| `make check-imports` | Fix import ordering |\n| `make security` | Security checks |\n| `make build` | Build binaries |\n| `make docker-build` | Build Docker image |\n| `make ci-local` | Run local CI checks |\n| `make ci-remote` | Run full CI suite |\n| `make clean` | Clean artifacts |\n\n## Secrets and Access\n\n### Environment Variables\n\n- **CODECOV_TOKEN** - Read-only token for Codecov uploads\n  - Only needed for private repos\n  - Public repos don't require this\n\n### No Credentials Needed\n\nThe workflow doesn't require:\n- AWS credentials\n- API keys\n- Database passwords\n- GitHub token (except implicit GITHUB_TOKEN)\n\n### OIDC Federated Access\n\nFor future cloud deployments, consider OIDC federation instead of long-lived credentials:\n\n```yaml\n- uses: aws-actions/configure-aws-credentials@v4\n  with:\n    role-to-assume: arn:aws:iam::ACCOUNT:role/GitHubActionsRole\n    aws-region: us-east-1\n```\n\n## Troubleshooting\n\n### Status Check Not Appearing\n\n1. Wait 5 minutes for GitHub cache\n2. Check workflow file is valid YAML: `yamllint .github/workflows/ci.yml`\n3. Verify job names match branch protection settings exactly\n4. Check Actions tab for workflow errors\n\n### \"Branch protection requires 12 checks but only 11 exist\"\n\n- A required check failed or hasn't run yet\n- Branch protection config still references old job name\n- Workflow file has a syntax error\n\n**Solution:**\n1. Verify latest workflow run succeeded\n2. Update branch protection rules to match current job names\n3. Check `.github/workflows/ci.yml` syntax\n\n### PR Can't Merge Despite Green Checkmarks\n\nPossible causes:\n1. **\"Requires up-to-date branch\"** - Rebase: `git pull --rebase origin main`\n2. **\"Requires code review\"** - Wait for reviewer\n3. **\"Requires conversation resolution\"** - Reply to all review comments\n4. **\"Requires 1 approval\"** - Reviewer approved but with \"Request changes\" flag set\n\n### Test Timeout\n\nIncrease timeout in workflow:\n\n```yaml\n- name: Run tests\n  run: go test -v -race -timeout 10m ./...\n  timeout-minutes: 15\n```\n\n### Linter Fails Locally but Passes in CI\n\n```bash\n# Clear golangci-lint cache\ngolangci-lint cache clean\n\n# Run with same config as CI\ngolangci-lint run --config=.golangci.yml\n\n# Update linter\ngo install github.com/golangci/golangci-lint/cmd/golangci-lint@latest\n```\n\n### Docker Build Fails\n\n```bash\n# Debug locally\ndocker build .\n\n# Common issues:\n# 1. Base image not available\n# 2. Missing files in COPY\n# 3. RUN command fails in container\n\n# Check Dockerfile\ncat Dockerfile\n\n# Test specific stage\ndocker build --target build .\n```\n\n## Performance\n\n### Typical Execution Times\n\nRunning in parallel on GitHub hosted runners:\n\n| Job | Time |\n|-----|------|\n| Format Check | \u003c 10s |\n| Vet | \u003c 30s |\n| Lint | \u003c 2m |\n| Security | \u003c 1m |\n| Test | \u003c 3m |\n| Integration | \u003c 3m |\n| E2E | \u003c 3m |\n| JavaScript | \u003c 10s |\n| Build | \u003c 2m |\n| Docker | \u003c 3m |\n| Dependencies | \u003c 30s |\n\n**Total (parallel):** ~3-5 minutes ⚡\n\n### Optimization Tips\n\n1. **Cache Go modules** - Already enabled\n2. **Reuse Docker layers** - Already using GitHub Actions cache\n3. **Only run E2E on PRs** - Currently runs on every PR (might optimize later)\n4. **Matrix builds** - Currently single Go version, could add 1.24 if needed\n\n## Branch Protection Rules\n\nSee [BRANCH_PROTECTION.md](BRANCH_PROTECTION.md) for detailed setup.\n\nRequired settings for main:\n- ✅ Require all CI checks to pass\n- ✅ Require 1 code review\n- ✅ Require branches up-to-date before merge\n- ❌ Don't allow administrators to bypass (optional)\n\n## Future Enhancements\n\nPotential improvements:\n\n- [ ] Multi-version Go testing (1.25, 1.26, 1.27)\n- [ ] Benchmark regression detection\n- [ ] Automated dependency updates (Dependabot)\n- [ ] Container registry push (Docker Hub, GHCR)\n- [ ] Automated semantic versioning\n- [ ] SBOM generation\n- [ ] Frontend E2E tests (Playwright)\n- [ ] Code quality metrics (gocyclo, gocognit)\n- [ ] License compliance checking\n- [ ] Automatic changelog generation\n\n## References\n\n- [GitHub Actions Documentation](https://docs.github.com/en/actions)\n- [Lefthook Documentation](https://evilmartians.com/chronicles/lefthook-knock-down-your-git-pre-commit-hook)\n- [Go Testing Best Practices](https://golang.org/doc/effective_go#testing)\n- [golangci-lint Linters](https://golangci-lint.run/usage/linters/)\n- [Codecov Documentation](https://docs.codecov.io/)\n- [GitHub Branch Protection](https://docs.github.com/en/repositories/configuring-branches-and-merges-in-your-repository/managing-protected-branches/about-protected-branches)\n\n## Need Help?\n\n1. Check [DEVELOPMENT.md](../../DEVELOPMENT.md) for local development setup\n2. See [BRANCH_PROTECTION.md](BRANCH_PROTECTION.md) for branch rules\n3. Review workflow file: `.github/workflows/ci.yml`\n4. Check Actions tab in GitHub for failed workflow details\n5. Run `make help` for available targets\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frybkr%2Fgitvista","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frybkr%2Fgitvista","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frybkr%2Fgitvista/lists"}