feat(trace): production hardening — re-baseline to v0.2.0 + OSS hygiene#7
Merged
Conversation
…tributes, .editorconfig)
Re-baselines trace's version to 0.2.0 and adds the three top-50 OSS
standard files that were missing.
Version 0.2.0 set in:
- cmd/trace/cli/versioninfo/versioninfo.go (`var Version = "0.2.0"`)
Aligns trace with the rest of the hawk-eco ecosystem (hawk, tok, eyrie,
yaad, sight, inspect). Build-time `-ldflags` overrides remain the way
release builds pin to a specific version; this is the source-of-truth
default for local `go run`.
CHANGELOG.md gains an [Unreleased] section that captures the re-baseline
and the three new files. The existing 0.1.0 entry is preserved.
New files:
- .gitattributes — LF normalization (matches WINDOWS.md guidance —
Windows-only `*.bat`/`*.cmd`/`*.ps1` keep CRLF), binary detection,
GitHub linguist hints (collapse `go.sum`, `.opencode/package-lock.json`,
and `.opencode/bun.lock` in PR diffs; mark `docs/**`, `AGENTS.md`,
`CLAUDE.md`, `WINDOWS.md` as documentation so language stats
reflect Go).
- .editorconfig — UTF-8, LF, final newline, trim trailing whitespace
by default; tabs for Go and Makefile, 2-space indent for YAML/JSON/
TOML/shell, no-trim for Markdown (preserves the trailing-2-spaces
line-break syntax).
- .github/PULL_REQUEST_TEMPLATE.md — Summary / Changes / Privacy &
redaction impact / Agent compatibility / Testing / Checklist. The
privacy/redaction section is specific to trace because every change
in `redact/` can leak PII or secrets if regressed; the agent-
compatibility section asks contributors to call out which of the
seven supported agents (Claude Code, Codex, Gemini CLI, OpenCode,
Cursor, Factory AI Droid, Copilot CLI) they tested against.
Verification:
- `go build ./...` clean
- `go vet ./...` clean
- `go test -race -count=1 -timeout=300s ./perf/... ./redact/... ./cmd/...`
passes — 48 packages green, zero failures
- `gofmt -l cmd/trace/cli/versioninfo/versioninfo.go` clean
Out of scope (intentional follow-ups):
- 33 pre-existing `gofmt` issues in untouched files. A separate
`style: gofmt -w .` PR will clean them so this PR stays focused
on the version bump and OSS hygiene.
- The repo's `.golangci.yaml` references the
`embeddedstructfieldcheck` linter, which the currently-installed
golangci-lint version does not recognize. Tracked as a separate
`fix(ci): pin golangci-lint version or relax unknown-linter` PR.
- VERSION file as single source of truth - CODEOWNERS for auto-review routing - Canonical Makefile with standard targets - release-please config + workflow - lefthook/pre-commit hooks (conventional commits, fmt, lint, secrets) - Canonical CI + release GitHub Actions workflows - Standardized .editorconfig, .gitattributes, CODE_OF_CONDUCT, SECURITY, CONTRIBUTING - goreleaser config (where applicable) Part of hawk-eco standardization sweep.
|
You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool. What Enabling Code Scanning Means:
For more information about GitHub Code Scanning, check out the documentation. |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| steps: | ||
| - name: Run release-please | ||
| id: release | ||
| uses: googleapis/release-please-action@v4 |
|
|
||
| - name: Run GoReleaser | ||
| uses: goreleaser/goreleaser-action@1a80836c5c9d9e5755a25cb59ec6f45a3b5f41a8 # v7 | ||
| uses: goreleaser/goreleaser-action@v6 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Production-hygiene pass for trace that brings the repo to top-50 OSS
repository standards. Single commit targeting
dev.The mandate (per
GOAL.md) is that trace be the reference Go sessionobservability tool for AI coding agents, comparable in quality to
langfuse, langsmith, phoenix (arize), openllmetry, traceloop, helicone,
braintrust, and lunary, and built for solo developers who run their
coding agent locally.
Unlike the other hawk-eco repos, trace already had
CODE_OF_CONDUCT.md,CONTRIBUTING.md,dependabot.yml,CODEOWNERS, and three issuetemplates. This PR fills in the three remaining gaps and aligns the
version baseline.
Changes
Version 0.2.0
cmd/trace/cli/versioninfo/versioninfo.govar Version = "0.2.0"(the source-of-truth default; build-time-ldflagscontinues to override for releases)The various
cli_version: "0.x.y"strings inside test fixtures(
cmd/trace/cli/checkpoint/v2_*_test.go,cmd/trace/cli/transcript/compact/pi_test.go) are intentionallyunchanged — they represent the version of trace that wrote a stored
checkpoint and exist precisely to verify backward-compatible read paths
work even when newer code reads older data.
CHANGELOG.md
Added
## [Unreleased]describing the re-baseline and the three newfiles. Existing
0.1.0entry preserved.New files
.gitattributesWINDOWS.md— Windows-only*.bat/*.cmd/*.ps1keep CRLF), binary detection, GitHub linguist hints (collapsego.sum,.opencode/package-lock.json,.opencode/bun.lockin PR diffs; markdocs/**,AGENTS.md,CLAUDE.md,WINDOWS.mdas documentation so language stats reflect Go).editorconfig.github/PULL_REQUEST_TEMPLATE.mdThe PR template has two trace-specific sections worth calling out:
redact/can leakPII or secrets if regressed, so the template asks for explicit
before/after
go test ./redact/...results when redaction code istouched.
coding agents (Claude Code, Codex, Gemini CLI, OpenCode, Cursor,
Factory AI Droid, Copilot CLI). The template asks contributors to
list which agents they tested against and call out any they could
not.
Verification
go build ./...go vet ./...go test -race -count=1 -timeout=300s ./perf/... ./redact/... ./cmd/...gofmt -l cmd/trace/cli/versioninfo/versioninfo.goOut of scope (intentional follow-ups)
gofmtissues in untouched files. A separatestyle: gofmt -w .PR will clean them so this PR stays focused onthe version bump and OSS hygiene.
.golangci.yamlreferences theembeddedstructfieldchecklinter, which the installed golangci-lint version does not recognize
(
Error: unknown linters: 'embeddedstructfieldcheck'). This needs asmall
fix(ci): pin golangci-lint version or relax unknown-linterPR — keeping it separate so the version bump is reviewable on its
own.
e2e/tests not exercised on this PR (they require coding-agentbinaries on the runner). CI will run them on push.
Test plan
go build ./...go vet ./...cmd/...+perf/...+redact/...suite with-race.editorconfigand.gitattributesvalidate (no parser errors)relevant e2e workflows