↠ Updated to tmpl version 0.11.0 which comes with…

1. an opt-in Dependabot version update configuration — this disabled the currently used .github/dependabot.yml file in order to remove the PR noise and reduce the maintenance overhead. Dependency updates will be made by keeping up-to-date with new tmpl repository versions instead which take care of this.

↠ Even though the package-comments rule of the revive linter is quite useful, it produces false-positive errors when another file already has a package documentation. Duplicating documentation is not a workaround so the rule has been disabled for now and might be re-enabled if the rule logic gets updated.

↠ The time-equal rule was added in #64, but the revive linter used by golangci-lint does not yet include the rule in the current release version but only merged it into the main branch. Therefore linting failed because the rule is not known (yet) and golangci-lint exits before running any linter.
To fix the problem the time-equal rule has been disabled again for now and will be enabled again when it is available in a new revive version that is used by golangci-lint.

↠ By default golangci-lint excludes specific issues (matches) that are known to be "annoying", but this also includes issues explicitly enabled by this template, e.g. the revive rule to check that exported function and methods always have a comment.
To prevent these issues to be found the default excludes will be disables through the issues.exclude-use-default configuration field.

↠ To improve workflow execution time for the ci-go workflow the actions/cache GitHub action is now used to cache Go dependencies and build outputs. Also see the detailed documentation about “Caching dependencies to speed up workflows“ to learn more about the way action/cache works.

↠ The currently latest golangci-lint version 1.43.0 introduced new linters and updated supported ones:

1. tagliatelle (v1.40.0) — Handles struct tags name casing.
   This linter is disabled by default, but will be enabled for this template to improve consistency across tag names.
2. errorlint (v1.40.0) — This linter has been disabled in #39 due to prevent false-positive errors, but will be enabled again with the newly introduced errorf option being disabled to prevent this from happening again while still taking advantage of the assert and comparison checks.
3. wrapcheck (v1.40.0) — This linter is known to cause false-positive errors for the main module (go list -m) of the repository where golangic-lint is being run, but in version 2.3.0 the ignorePackageGlobs option was added that allows to ignore packages by pattern. Therefore in each project the main module should be added as wildcard. Also see tomarrell/wrapcheck#2 for details and discussions about this known problem.
4. golint (v1.40.1) — Remove deprecated linter.
   4.1 The recommended drop-in replacement is revive which is disabled by default, but will be enabled for this template.
5. gofumpt (v1.42.0) — Add the lang-version with value set to 1.17 to target the (currently) latest Go version.
6. bidichk (v1.43.0) — Checks for dangerous unicode character sequences.
   This linter is disabled by default, but will be enabled for this template to prevent "trojan source" bugs.
7. nilnil (v1.43.0) — Checks that there is no simultaneous return of nil error and an invalid value.
   This linter is disabled by default, but will be enabled for this template to prevent ambiguous returns.
8. tenv (v1.43.0) — Detects using os.Setenv instead of t.Setenv since Go 1.17.
   This linter is disabled by default, but will be enabled for this template to prevent errors in tests.
9. contextcheck (v1.43.0) — Checks if functions whether use a non-inherited context.
   This linter is disabled by default, but will be enabled for this template to broken call chains and loss of context information.
10. lll — Add the tab-width option with value set to 2 to use two spaces for the width of one tab.
11. gci — Add the comma-separated list of prefixes for local package imports to be put after 3rd-party packages.

↠ Before the Go module used Go version 1.16 so it has been updated to the currently latest minor version 1.17.

↠ Before all jobs were summarized in the ci workflow but not separated by their scope, i.e. Go and Node specific tasks. The workflow was also not optimized to only run when specific files have been changed which resulted in false-positive executions and wasted limited free tier and developer time.
Therefore the ci workflow has been optimized by splitting it into new ci-go and ci-node workflows.

CI Go

The new ci-go workflow…

• only runs when any *.go file has been modified. See the extensive GitHub action documentations about on.<push|pull_request>.paths and the filter pattern cheat sheet for more details.
• only runs for ubuntu-latest instead of a matrix with macos-latest and windows-latest which should be added for projects with platform specific code.

CI Node

The new ci-node workflow…

• only runs when any *.js, *.json, *.md, *.yaml and *.yml file has been modified. This matches the lint-staged, Prettier and remark configurations. See the extensive GitHub action documentations about on.<push|pull_request>.paths and the filter pattern cheat sheet for more details.
• only runs for ubuntu-latest instead of a matrix with macos-latest and windows-latest which should be added for projects with platform specific code.
• uses cache npm dependencies which is possible as of actions/[email protected].

Silent linting errors for CI/CD environments

When running the configured linting tasks the Prettier CLI prints matches to the standard output with a visual preview of the file content and a marker at the specific element. When files that store secret data, e.g. when encrypted with git-crypt, are decrypted in the GitHub Actions this could leak this data when Prettier finds errors in these files.
To prevent these case new CI specific linting tasks have been added with a silent loglevel. This however comes with the drawback that possible linting errors must be analyzed locally, but the code quality is still ensured by blocking subsequent workflows.

↠ Updated to tmpl version 0.10.0 which comes with…

1. an optimized GitHub action workflow scope — this change has also already been resolved in #68, but additionally created the ci-go GitHub Action workflow.
2. the regular Node package dependency & GitHub action version updates
3. the migration to the Markdown style guide version 0.4.0

↠ golangci-lint version 1.39.0 introduced new linters and updated supported ones:

1. predeclared (v1.35.0) — Checks for definitions and declarations that shadows one of Go's pre-declared identifiers.
   This linter is disabled by default, but will be enabled for this template to help to prevent shadowed identifiers.
2. interfacer (v1.38.0) — Has been deprecated and will be removed from the enabled linter in this template.
3. scopelint (v1.39.0) — Has been deprecated and will be replaced by exportloopref.
   The exportloopref linter is disabled by default, but will be enabled for this template to help to catch loop variable bugs.

↠ Updated to tmpl version 0.9.0 which moves from Yarn back to npm again, improves and clarifies the handling of lockfiles and comes with some major Node package dependency & GitHub action version updates.

↠ Go 1.16 is finally released so the Go version used for the actions/setup-go action in the ci workflow has been updated from 1.15.x to 1.16.x and the defined Go version in the go.mod file bumped to go 1.16.

↠ Bumped outdated Node.js package dependencies and GitHub actions to their latest versions:

• #48, #52 (⊶ e2487f2, c13b812) actions/setup-node from v2.1.3 to v2.1.5
• #49 (⊶ 9250ff9) github.com/stretchr/testify from v1.6.1 to v1.7.0
• #50, #51, #53 (⊶ bd642b5, ba39b7e, f208cdc) golangci/golangci-lint-action from v2 to v2.5.2

↠ Using the majority apps as name for the /app directory conveys a better understanding of the actual use case and makes it more clear that it can contain more than one application in the monorepo layout.
This also aligns with the example in the /web directory documentation and the Yarn/NPM workspace configuration in the package.json file where both using the apps directory.

↠ In #21 golangci-lint was updated to the currently latest version 1.32.0 which introduced the errorlint that has been enabled for this template repository. As it turns out it causes a lot of false-positives errors for code lines that explicitly do not wrap the error to prevent it become part of the public API.
Therefore the linter has been disabled again because the update also introduced the new wrapcheck linter which helps to prevent that errors from external packages are exposed to the public API.

↠ Updated to “tmpl“ version 0.8.0 which reduces Dependabot PR noise for the NPM package ecosystem.

↠ Before switching the GitHub repository visibility to “public“ a few adjustments had to be made.
Basically #22 was reverted, taking the changes from #23 into account, so that SVG images like the repository hero are using the URLs for public repositories again instead of the ones that allow to resolve the files in private repositories.

↠ Bumped outdated Node.js package dependencies and GitHub actions to their latest versions:

• #42 (⊶ 6e91700) prettier from 2.1.2 to 2.2.1 — The the official Prettier 2.2 introduction blog post for more details.
• #47 (⊶ 90c22f2) actions/setup-node from v2.1.2 to v2.1.3

↠ Wrote the initial project documentation for the README.md file that includes…

1. …an project introduction and motivation.
2. …an overview of the project features.
3. …an overview of the directory structure.
4. …more detailed sections about all features.
5. …some basic instructions how to use this template repository.
6. …information about references used for this template repository.
7. …information about how to contribute to this project.

Each directory documented in step 3 contains an individual documentation with more detailed information about it.
The package.json file has also been extended to include the Yarn/NPM workspaces field.

↠ Updated to tmpl version 0.7.0 (including version 0.6.0) which introduced a configuration for automated dependency updates and security alerts with Dependabot. Next to the included update configurations for the CI/CD GitHub action workflow and Yarn/NPM dependencies, the file has been extended to support Go modules.
This version also updated to the latest Node.js package dependency & GitHub Action versions.

↠ The currently latest golangci-lint version 1.32.0 introduced new linters that have been configured for this template repository:

1. wrapcheck — Checks that errors returned from external packages are wrapped.
   This linter is disabled by default, but has been enabled for this template repository to help tp reduce error context loss.
2. errorlint — Helps to make more efficient use of the error wrapping scheme introduced in Go 1.13.
   This linter is disabled by default, but has been enabled for this template repository to help to use Go's new error handling concept.
3. tparallel — Detects inappropriate usage of t.Parallel() method in Go tests.
   This linter is disabled by default, but has been enabled for this template repository to help to prevent parallelism errors in tests.

↠ Updated to "tmpl" version 0.5.0 which now uses a namespace for the NPM package name that helps to prevent collisions with already existing NPM packages like tmpl.

↠ To prevent golangci-lint and the CI workflow test job from failing a stub file for the tmplgo package has been added along with a example test (tmplgo_test package).
This also comes with the benefit of providing a simple starting point for users of this template repository.

↠ Before the CI workflow used a matrix strategy to run the lint-go and test jobs, but this has been improved to make the workflow run faster by avoiding unnecessary steps:

• The lint-go job has been changed to only run on the currently latest stable Go version 1.15.x only on Linux because golangci-lint doesn't care about the Go version and OS it runs on but only statically checks the source code.
• The test job has been changed to only run on the currently latest stable Go version 1.15.x.

These changes help to keep the required GitHub Action run minutes for the account of this repository as small as possible without wasting resources for unnecessary tasks.

↠ Before the CI workflow only used the push configuration for the on field. To improve the performance a more fine grained configuration is now used that has already been defined in the "tmpl" template repository:

• Only runs on pushes to the main branch.
• Only runs on pushes for v* tags.
• Always runs for pushes to PRs.

These changes help to keep the required GitHub Action run minutes for the account of this repository as small as possible without wasting resources for unnecessary runs.

↠ Adapted to "tmpl" version 0.4.0 which includes a optimized OS version matrix strategy for Node based tasks in the CI workflow that helps to keep the required GitHub Action run minutes for the account of this repository as small as possible without wasting resources for unnecessary tasks.