update workflows

Author: Lifailon

.github/workflows/ci-binary.yml

@@ -1,4 +1,4 @@
-name: "[CI] Build binary and unit testing"
+name: "[CI] Build and unit testing"
 
 on:
   workflow_dispatch:
@@ -458,8 +458,8 @@ jobs:
         if: ${{ github.event.inputs.README == 'true' && env.VERSION != '' }}
         run: | 
           sed -i -E "s|releases/download/[0-9.]+/lazyjournal-[0-9.]+-|releases/download/$VERSION/lazyjournal-$VERSION-|" README.md
-          git config --global user.name "github-actions[bot]"
-          git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --global user.name 'GitHub Actions'
+          git config --global user.email 'actions@github.com'
           git add README.md
           git commit -m "update version on $VERSION for install deb package"
           git push origin main

.github/workflows/go-coverage-merge.yml

@@ -494,7 +494,7 @@ jobs:
       - name: Update markdown report on Wiki
         if: ${{ github.event.inputs.Markdown == 'true' }}
         run: |
-          echo -e '# Report for $(go run main.go -v) release\n' > wiki/home.md
+          echo -e "# Report for $(go run main.go -v) release\n" > wiki/home.md
           echo -e 'The test coverage report in `html` format using [go-coverage-report](https://github.com/marketplace/actions/go-coverage-report) is available [here](https://raw.githubusercontent.com/wiki/Lifailon/lazyjournal/coverage.html).\n' >> wiki/home.md
           echo -e 'During testing, the interface operation is checked in the disabled `tcell` mode, as well as the reading and coloring time of all available logs in Linux, macOS and Windows systems.\n' >> wiki/home.md
           echo -e 'To combine test results from different systems [gosovmerge](https://github.com/wadey/gocovmerge) is used.\n' >> wiki/home.md

.github/workflows/go-lint-fix.yml

@@ -82,18 +82,20 @@ jobs:
           text=$(echo $RESULTS | jq -r .Issues[0].Text)
           code=$(echo $RESULTS | jq -r .Issues[0].SourceLines[0])
           line=$(echo $RESULTS | jq -r .Issues[0].Pos.Line)
+          line=$(echo "$line" | tr -d '\r')
+          lines_offset=$(echo "${{ github.event.inputs.LINES }}" | tr -d '\r')
+          start=$((line - lines_offset))
+          [ $start -le 0 ] && start=1 # Защита от отрицательных строк
+          end=$((line + lines_offset))
           echo "ISSUE_LINT=$lint" >> $GITHUB_ENV
           echo "ISSUE_TEXT=$text" >> $GITHUB_ENV
           echo "ISSUE_CODE=$code" >> $GITHUB_ENV
           echo "ISSUE_LINE=$line" >> $GITHUB_ENV
-          line=$(echo "$line" | tr -d '\r')
-          lines=$(echo "${{ github.event.inputs.LINES }}" | tr -d '\r')
-          start=$((line - lines))
-          end=$((line + lines))
-          echo "c=$start" >> $GITHUB_ENV
+          echo "START_LINE=$start" >> $GITHUB_ENV
           echo "END_LINE=$end" >> $GITHUB_ENV
-          context=$(sed -n "${start},${end}p" "${{ github.event.inputs.FILE }}")
-          echo "CONTEXT=$context" >> $GITHUB_ENV
+          echo "CONTEXT<<EOF" >> $GITHUB_ENV
+          sed -n "${start},${end}p" "${{ github.event.inputs.FILE }}" >> $GITHUB_ENV
+          echo "EOF" >> $GITHUB_ENV
 
       - name: Fix issue using AI
         id: ai_query
@@ -105,24 +107,27 @@ jobs:
             You are an issues analyzer from the golangci linters for the Go language.
             Your task is never to answer questions, but only to correct the given piece of code.
             You will be provided with the linter name, error text, and code context.
-            Always return the same number of lines of code in your response as was given to you.
             Never change the logic of the source code or add analysis text to the response.
+            Output ONLY raw code. Do NOT use markdown code blocks.
+            Your answer should always include the same number of lines of code as was provided to you (excluding corrections).
           prompt: |
             Linter: ${{ env.ISSUE_LINT }}
             Issue text: ${{ env.ISSUE_TEXT }}
             Line of code with an error: ${{ env.ISSUE_CODE }}
             Context:
             ${{ env.CONTEXT }}
 
-      - name: Update CHANGELOG file
-        env:
-          AI_RESPONSE: ${{ steps.ai_query.outputs.response }}
+      - name: Update file
         run: |
-          FILE=$(echo "${{ github.event.inputs.FILE }}" | sed "s/.go//")
-          head -n $((START_LINE - 1)) $FILE > $FILE-fix.go
-          echo $CONTEXT >> $FILE-fix.go
-          tail -n +$((END_LINE + 1)) $FILE >> $FILE-fix.go
-          mv $FILE-fix.go $FILE
+          GO_FILE=${{ github.event.inputs.FILE }}
+          TMP_FILE=$(echo $(echo "$GO_FILE" | sed "s/.go//")-fix.go)
+          head -n $((START_LINE - 1)) "$GO_FILE" > "$TMP_FILE"
+          cat <<'EOF' >> "$TMP_FILE"
+          ${{ steps.ai_query.outputs.response }}
+          EOF
+          tail -n +$((END_LINE + 1)) "$GO_FILE" >> "$TMP_FILE"
+          mv "$TMP_FILE" "$GO_FILE"
+          go fmt "$GO_FILE"
 
       - name: Getting linter check results in json format after fixing
         run: |
@@ -142,4 +147,4 @@ jobs:
           title: "Fixed linters"
           body: "Fixing linters with AI from GitHub Actions."
           add-paths: |
-            ${{ github.event.inputs.file }})
+            ${{ github.event.inputs.file }}

.github/workflows/go-release.yml

@@ -45,8 +45,8 @@ jobs:
       - name: Create git tag and branch for new version
         if: ${{ github.event.inputs.Tag == 'true' }}
         run: | 
-          git config --global user.name "github-actions[bot]"
-          git config --global user.email "41898282+github-actions[bot]@users.noreply.github.com"
+          git config --global user.name 'GitHub Actions'
+          git config --global user.email 'actions@github.com'
           git tag $VERSION
           git checkout -b "release/$VERSION"
           git push origin "release/$VERSION" $VERSION

.github/workflows/sast-codacy.yml

@@ -1,10 +1,11 @@
 name: "[SAST] Codacy"
 
 on:
-  push:
-    branches: [ "main" ]
-  pull_request:
-    branches: [ "main" ]
+  workflow_dispatch:
+  # push:
+  #   branches: ["main"]
+  # pull_request:
+  #   branches: ["main"]
 
 permissions:
   contents: read
@@ -46,4 +47,4 @@ jobs:
       - name: Upload SARIF results file
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: results.sarif
+          sarif_file: results.sarif

.github/workflows/sast-codeql.yml

@@ -1,10 +1,11 @@
 name: "[SAST] CodeQL"
 
 on:
+  workflow_dispatch:
   push:
-    branches: [ "main" ]
+    branches: ["main"]
   pull_request:
-    branches: [ "main" ]
+    branches: ["main"]
 
 jobs:
   analyze:
@@ -49,4 +50,4 @@ jobs:
       - name: Perform CodeQL Analysis
         uses: github/codeql-action/analyze@v4
         with:
-          category: "/language:${{matrix.language}}"
+          category: "/language:${{matrix.language}}"

.github/workflows/sast-semgrep.yml

@@ -1,35 +1,39 @@
 name: "[SAST] Semgrep"
 
 on:
+  workflow_dispatch:
   push:
-    branches: [ "main" ]
+    branches: ["main"]
   pull_request:
-    branches: [ "main" ]
+    branches: ["main"]
 
 permissions:
   contents: read
 
 jobs:
   semgrep:
-    name: Scan
+    name: semgrep/ci
     runs-on: ubuntu-latest
 
     permissions:
       contents: read
       security-events: write
       actions: read
 
+    # A Docker image with semgrep installed
+    container:
+      image: semgrep/semgrep
+
+    # Skip any PR created by dependabot
+    if: (github.actor != 'dependabot[bot]')
+
     steps:
       - uses: actions/checkout@v6
 
-      - uses: returntocorp/semgrep-action@fcd5ab7459e8d91cb1777481980d1b18b4fc6735
-        with:
-          publishToken: ${{ secrets.SEMGREP_APP_TOKEN }}
-          publishDeployment: ${{ secrets.SEMGREP_DEPLOYMENT_ID }}
-          generateSarif: "1"
+      - run: semgrep scan --config auto --sarif --output=semgrep.sarif
 
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@v3
+        uses: github/codeql-action/upload-sarif@v4
         with:
           sarif_file: semgrep.sarif
-        if: always()
+        if: always()

.github/workflows/sast-snyk.yaml

@@ -1,10 +1,11 @@
 name: "[SAST] Snyk"
 
 on:
-  push:
-    branches: ["main" ]
-  pull_request:
-    branches: ["main"]
+  workflow_dispatch:
+  # push:
+  #   branches: ["main"]
+  # pull_request:
+  #   branches: ["main"]
 
 permissions:
   contents: read
@@ -36,4 +37,4 @@ jobs:
       - name: Upload result to GitHub Code Scanning
         uses: github/codeql-action/upload-sarif@v4
         with:
-          sarif_file: snyk-code.sarif
+          sarif_file: snyk-code.sarif

README.md

@@ -10,7 +10,7 @@
     <a href="https://aur.archlinux.org/packages/lazyjournal"><img title="Arch Linux" src="https://img.shields.io/aur/version/lazyjournal?logo=arch-linux&color=blue&label=AUR"></a>
     <a href="https://hub.docker.com/r/lifailon/lazyjournal"><img title="Docker Hub" src="https://img.shields.io/docker/image-size/lifailon/lazyjournal/latest?logo=docker&color=blue&label=Docker+Hub"></a>
 <br>
-    <a href="https://github.com/Lifailon/lazyjournal/actions/workflows/build.yml"><img title="Actions Build"src="https://github.com/Lifailon/lazyjournal/actions/workflows/build.yml/badge.svg"></a>
+    <a href="https://github.com/Lifailon/lazyjournal/actions/workflows/ci-binary.yml"><img title="Actions Build"src="https://github.com/Lifailon/lazyjournal/actions/workflows/ci-binary.yml/badge.svg"></a>
     <a href="https://github.com/Lifailon/lazyjournal/wiki"><img title="Go coverage report"src="https://raw.githubusercontent.com/wiki/Lifailon/lazyjournal/coverage.svg"></a>
     <a href="https://goreportcard.com/report/github.com/Lifailon/lazyjournal"><img src="https://goreportcard.com/badge/github.com/Lifailon/lazyjournal" alt="Go Report"></a>
     <a href="https://app.fossa.com/projects/git%2Bgithub.com%2FLifailon%2Flazyjournal?ref=badge_shield&issueType=security" alt="FOSSA Status"><img src="https://app.fossa.com/api/projects/git%2Bgithub.com%2FLifailon%2Flazyjournal.svg?type=shield&issueType=security"/></a>