- Implement TestRebuild404Handlers to verify 404 handler chain rebuilding
when global middleware is added via Use()
- Add waitForServerReady helper with exponential backoff to replace
unreliable time.Sleep() calls in integration tests
- Fix race conditions in TestRunEmpty, TestRunEmptyWithEnv, and
TestRunWithPort by using proper server readiness checks
- All tests now pass consistently with -race flag
This addresses the empty test function and eliminates flaky test failures
caused by insufficient wait times for server startup.
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Fix CVE-2025-59530 vulnerability (quic-go Crash Due to Premature HANDSHAKE_DONE Frame)
🤖 Generated with [Claude Code](https://claude.com/claude-code)
Co-Authored-By: Claude <noreply@anthropic.com>
* test(ginS): add comprehensive test coverage for ginS package
Improve test coverage for ginS package by adding 18 test functions covering HTTP methods, routing, middleware, static files, and templates.
* use http.Method* constants instead of raw strings in gins_test.go
* copyright updated in gins_test.go
---------
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
* perf: replace regex with custom functions in redirectTrailingSlash
* perf: use more efficient removeRepeatedChar for path slash handling
---------
Co-authored-by: 1911860538 <alxps1911@gmail.com>
* fix: call updateRouteTrees in ServeHTTP using sync.Once to support literal colon routes in all usage scenarios (#4413)
* chore: fixed golangci-lint issue in test cases for literal colon
* fix: gofumpt formatting issue
* fix: gofumpt issue in gin.go
* chore: updated routeTreesUpdated comments
* chore: removed unused variable and updated TestUpdateRouteTreesCalledOnce testcase
* chore: moved tests from literal_colon_test.go into gin_test.go
---------
Co-authored-by: pawannn <pawan@zenz.tech>
- Update linting configuration to exclude G115 gosec check instead of including specific checks
- Add the safeInt8 helper for safer type conversions and use it to prevent int8 overflow in middleware handler execution
- Group related constants and variables together for better organization in gin.go
- Refactor HTTP server instantiation to use a dedicated http.Server object for all Run methods
- Add the safeUint16 helper and use it to safely handle conversions in tree node functions to prevent uint16 overflow
Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Added detailed example for ShouldBindJSON
- Added consistent descriptive comments for ShouldBindXML, ShouldBindQuery, ShouldBindYAML, ShouldBindTOML, ShouldBindPlain, ShouldBindHeader, ShouldBindUri
- Makes binding method usage clearer for new users
- Update golangci-lint GitHub Action version from v2.1.6 to v2.6
- Remove the gci formatter and exclusions for third_party, builtin, and examples from the linter config
- Fix argument order for assert.EqualValues and assert.Exactly in context tests for clarity
- Refactor integration tests to build response strings using strings.Builder instead of direct concatenation for improved performance and readability
Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Add a Trivy security scan badge to the documentation
- Import the log package in the example code
- Improve error handling for server startup in the example code
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Remove the vulnerability-scanning job from the gin workflow
- Add a dedicated Trivy security scan workflow with scheduled, push, pull request, and manual triggers
- Improve Trivy scan output by uploading SARIF results to the GitHub Security tab and logging table output
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
- Update minimum required Go version from 1.23 to 1.24 throughout documentation, warnings, and tests
- Remove Go 1.23 from the GitHub Actions workflow matrix
- Change single quotes to double quotes for consistency in workflow configuration
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
* feat: refine hijack behavior for response lifecycle and add tests
- Clarify the error message for attempted hijack after response body data is written
- Modify hijack behavior: allow hijacking after headers are written (for better websocket compatibility), but block hijacking after any body data is sent
- Add comprehensive tests to validate allowed hijack after header write and disallowed hijack after body write
fix https://github.com/gin-gonic/gin/issues/4372
Signed-off-by: appleboy <appleboy.tw@gmail.com>
* test: use require for immediate test failure on errors
- Replace assert with require for error checks to ensure test failures immediately halt execution
Signed-off-by: appleboy <appleboy.tw@gmail.com>
* Update response_writer.go
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
---------
Signed-off-by: appleboy <appleboy.tw@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
- Change the update schedule for both gomod and GitHub Actions dependencies from weekly to daily
- Add grouping for GitHub Actions updates using a catch-all pattern
Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Rewrite and expand the contributing guidelines for clarity and thoroughness
- Add distinct sections for Issues and Pull Requests with step-by-step instructions
- Include links to documentation, user guides, and the discussions forum
- Provide advice for reporting bugs and making feature requests
- Specify requirements for pull requests, including branch, commit count, and test coverage
- Clarify documentation expectations for new features and reference the pull request checklist
- Add guidance for security-related bug reports and communication language
Signed-off-by: appleboy <appleboy.tw@gmail.com>
- Replace the old issue template with new, structured YAML templates for bug reports and feature requests
- Add a configuration file that directs users to relevant documentation and support links
- Update the pull request template to use a checklist format and clarify documentation requirements
Signed-off-by: appleboy <appleboy.tw@gmail.com>
