Skip to content

chore(deps): bump github.com/alecthomas/chroma/v2 from 2.25.0 to 2.26.1 in the golang-other group #65

chore(deps): bump github.com/alecthomas/chroma/v2 from 2.25.0 to 2.26.1 in the golang-other group

chore(deps): bump github.com/alecthomas/chroma/v2 from 2.25.0 to 2.26.1 in the golang-other group #65

Workflow file for this run

name: Test
on:
push:
branches: [ main ]
paths:
- '**/*.go'
- '**/go.mod'
- '**/go.sum'
- '**/*.sh'
- '.github/workflows/test.yml'
pull_request:
branches: [ main ]
paths:
- '**/*.go'
- '**/go.mod'
- '**/go.sum'
- '**/*.sh'
- '.github/workflows/test.yml'
permissions:
contents: read
jobs:
test:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v6
- name: Set up Go
uses: actions/setup-go@v6
with:
go-version: '1.26.2'
- name: Download dependencies
run: go mod download
- name: Check formatting
run: |
if [ "$(gofmt -l . | wc -l)" -gt 0 ]; then
echo "The following files need formatting:"
gofmt -l .
exit 1
fi
- name: Check for sensitive data in Log() calls
run: |
# Per AGENTS.md privacy guidelines - never log sensitive data
# Check for sensitive variable names being passed as arguments to Log()
# Safe boolean indicators (e.g., has_upn=%v) are allowed
# Excludes test files (where we intentionally test for violations)
# Pattern explanation:
# - Find lines with Log( calls
# - Exclude test files and safe boolean patterns (has_*)
# - Look for sensitive variable names as actual arguments (not in format strings)
violations=$(grep -rn 'utils\.Log\|Log(' --include="*.go" . | \
grep -v "_test.go" | \
grep -vE "(has_upn|has_subscription|has_tenant|has_resource|has_object|has_display)" | \
grep -E "\b(userPrincipalName|subscriptionID|tenantID|resourceID|objectID|displayName)\b" || true)
if [ -n "$violations" ]; then
echo "ERROR: Potential sensitive data logging detected:"
echo "$violations"
echo ""
echo "Per AGENTS.md privacy guidelines, debug logs must not contain:"
echo " - User Principal Names (UPN/email addresses)"
echo " - Display names"
echo " - Tenant IDs or Object IDs"
echo " - Resource IDs (full Azure resource IDs, subscription IDs, resource group IDs)"
echo ""
echo "Use safe alternatives:"
echo " ✓ has_upn=%v (boolean indicator)"
echo " ✓ Found at index 5 (position instead of ID)"
echo " ✓ Loaded 20 subscriptions (count)"
echo " ✓ resource-1 (anonymized identifier)"
exit 1
fi
echo "✓ No sensitive data logging patterns detected"
- name: Run tests
run: make test-ci
- name: Install tmux
run: sudo apt-get update && sudo apt-get install -y tmux
- name: Run integration tests
run: make test-integration
- name: Print version info
run: ./lazyazure --version
- name: Run tests with race detector
run: make test-race