(WIP)feat: added nilaway to the repo

[jkawan]

Summary by cubic

Add NilAway static analysis to catch nil-safety issues early in CI and locally. CI runs NilAway via go run, and a new make target simplifies local checks.

• New Features
  • Added make nilaway target: go run go.uber.org/nilaway/cmd/nilaway@latest ./...
  • CI runs NilAway with go run instead of installing the binary
  • Updated go.mod toolchain to 1.24.3

^{Written for commit e241914. Summary will update on new commits.}

Summary by CodeRabbit

• Chores
  • Updated Go toolchain to a previous version
  • Added static analysis tooling to the build pipeline as a new build target
  • Simplified continuous integration workflow to use inline tool execution instead of pre-installation
  • Static analysis now automatically runs after dependency management steps

[coderabbitai]

📝 Walkthrough

Walkthrough

Modified the nilaway code analysis workflow by updating the GitHub Actions workflow to invoke nilaway through go run instead of a pre-installed binary, eliminating the explicit installation step. Added a new nilaway make target to the Makefile that depends on mod-tidy and executes nilaway via go run for code analysis, updating the PHONY targets list accordingly. Updated the Go toolchain version in go.mod from go1.24.4 to go1.24.3.

🚥 Pre-merge checks | ✅ 2

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: adding nilaway (a nil-checking tool) to the repository. The title is clear, specific, and directly related to the primary objective of the pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch feat-add-nilaway

Tip

Issue Planner is now in beta. Read the docs and try it out! Share your feedback on Discord.

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Fix all issues with AI agents

In `@go.mod`:
- Line 5: The go.mod specifies an outdated toolchain version ("toolchain
go1.24.3"); update this to the latest Go 1.24 patch (e.g., "toolchain
go1.24.13") so the repository uses the current stable 1.24.x; edit the toolchain
line in go.mod accordingly and run `go mod tidy`/local build to verify
compatibility (referencing the toolchain line in go.mod).

🧹 Nitpick comments (1)

.github/workflows/nilaway.yml (1)

22-23: Consider pinning nilaway to a specific version instead of @latest.

Using @latest means different CI runs may use different nilaway versions, leading to non-reproducible results (e.g., a new nilaway release could suddenly cause failures unrelated to code changes). Consider pinning to a specific version like go.uber.org/nilaway/cmd/nilaway@v0.x.y.

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

🧩 Analysis chain

🏁 Script executed:

git log --oneline -20 go.mod

Repository: blinklabs-io/adder

Length of output: 89

---

🏁 Script executed:

cat go.mod

Repository: blinklabs-io/adder

Length of output: 4629

---

🏁 Script executed:

cat .github/workflows/golangci-lint.yml

Repository: blinklabs-io/adder

Length of output: 768

---

🌐 Web query:

Go 1.24 latest patch version 2026

💡 Result:

As of February 10, 2026, the latest Go 1.24 patch release is Go 1.24.13, released on February 4, 2026. [1][2]

---

Toolchain version go1.24.3 is outdated — consider updating to latest stable 1.24.x

The current toolchain version is go1.24.3 while the latest Go 1.24 patch release is go1.24.13 (Feb 4, 2026). Since the repo maintains Go 1.24 support alongside 1.25 testing in CI for backward compatibility, using the latest stable 1.24.x patch would align better with maintenance practices and ensure all critical patches are included.

🤖 Prompt for AI Agents

In `@go.mod` at line 5, The go.mod specifies an outdated toolchain version
("toolchain go1.24.3"); update this to the latest Go 1.24 patch (e.g.,
"toolchain go1.24.13") so the repository uses the current stable 1.24.x; edit
the toolchain line in go.mod accordingly and run `go mod tidy`/local build to
verify compatibility (referencing the toolchain line in go.mod).

[cubic-dev-ai]

1 issue found across 3 files

Prompt for AI agents (all issues)

Check if these issues are valid — if so, understand the root cause of each and fix them.


<file name="Makefile">

<violation number="1" location="Makefile:43">
P2: Pin the nilaway tool version instead of using `@latest` so CI and local runs stay deterministic.</violation>
</file>

_{Reply with feedback, questions, or to request a fix. Tag @cubic-dev-ai to re-run a review.}

[cubic-dev-ai]

P2: Pin the nilaway tool version instead of using @latest so CI and local runs stay deterministic.

Prompt for AI agents

Check if this issue is valid — if so, understand the root cause and fix it. At Makefile, line 43:

<comment>Pin the nilaway tool version instead of using `@latest` so CI and local runs stay deterministic.</comment>

<file context>
@@ -39,6 +39,9 @@ swagger:
 	go test -v -race ./...
 
+nilaway: mod-tidy
+	go run go.uber.org/nilaway/cmd/nilaway@latest ./...
+
 # Build adder-tray binary
</file context>