fix(api): filter empty metadata values when creating threat model fro… #209

Workflow file for this run

.github/workflows/security.yml at 82a3444

	# Security and Quality Checks
	# Runs on every PR and push to main
	# Includes linting (with gosec), build verification, and unit tests

	name: "Security & Quality"

	on:
	push:
	branches: [main]
	pull_request:
	branches: [main]

	jobs:
	lint:
	name: Lint & Static Analysis
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout repository
	uses: actions/checkout@v6

	- name: Setup Go
	uses: actions/setup-go@v6
	with:
	go-version-file: go.mod
	cache: true

	- name: Run golangci-lint
	uses: golangci/golangci-lint-action@v9
	with:
	version: v2.8.0
	args: --timeout=5m

	build:
	name: Build Verification
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout repository
	uses: actions/checkout@v6

	- name: Setup Go
	uses: actions/setup-go@v6
	with:
	go-version-file: go.mod
	cache: true

	- name: Build server
	run: go build -o bin/tmiserver ./cmd/server

	test:
	name: Unit Tests
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout repository
	uses: actions/checkout@v6

	- name: Setup Go
	uses: actions/setup-go@v6
	with:
	go-version-file: go.mod
	cache: true

	- name: Run unit tests
	run: go test -v -race -short ./...

	openapi-validation:
	name: OpenAPI Validation
	runs-on: ubuntu-latest
	permissions:
	contents: read
	steps:
	- name: Checkout repository
	uses: actions/checkout@v6

	- name: Install vacuum
	run: \|
	curl -fsSL https://quobix.com/scripts/install_vacuum.sh \| sudo sh

	- name: Validate OpenAPI specification
	run: \|
	# JSON syntax check
	jq empty api-schema/tmi-openapi.json
	# Vacuum linting with OWASP rules
	vacuum lint -r vacuum-ruleset.yaml api-schema/tmi-openapi.json

	dependency-review:
	name: Dependency Review
	runs-on: ubuntu-latest
	# Only run on pull requests
	if: github.event_name == 'pull_request'
	permissions:
	contents: read
	pull-requests: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@v6

	- name: Dependency Review
	uses: actions/dependency-review-action@v4
	with:
	fail-on-severity: high
	# Deny licenses that are incompatible with the project
	deny-licenses: GPL-3.0, AGPL-3.0

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

fix(api): filter empty metadata values when creating threat model fro… #209

Workflow file

fix(api): filter empty metadata values when creating threat model fro… #209

Uh oh!

Workflow file for this run