- Add SHA256 checksum args for amd64 and arm64 Go tarballs
- Verify downloaded Go tarball integrity via `sha256sum -c`
- Remove root-owned `/root/.config/fabric` directory creation
- Create fabric config directory under non-root `appuser` home
- Set proper ownership on `appuser` config directory with `chown`
Update the Dockerfile to bring it closer to current container best practices while fixing multiple critical CVEs.
This pins Alpine 3.21 and Go 1.25.9 explicitly, installs the Go toolchain in the builder stage so the image no longer depends on an unavailable upstream golang tag, upgrades setuptools to pick up the CVE-2025-47273 fix, refreshes the yt-dlp installation path, and runs the final image as a non-root user.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
- Upgrade Go from 1.24 to 1.25.1
- Update Anthropic SDK for web fetch tools
- Upgrade AWS Bedrock SDK 12 versions
- Update Azure Core and Identity SDKs
- Fix Nix config for Go version lag
- Update Docker base to golang:1.25-alpine
- Add comprehensive upgrade documentation
CHANGES
- Gate release and version workflows to upstream owner only.
- Switch tagging and releases to built-in GITHUB_TOKEN.
- Replace environment passing with step outputs across workflows.
- Remove docker-publish-on-tag workflow to reduce duplication and complexity.
- Add OCI description label to Docker image.
- Document GHCR multi-arch annotations for accurate package descriptions.
- Update README with new ARM binary release announcement.
- Simplify GoReleaser config by removing comments and extras.
### CHANGES
- Introduce `cmd` directory for all main application binaries.
- Move all Go packages into the `internal` directory.
- Rename the `restapi` package to `server` for clarity.
- Consolidate patterns and strategies into a new `data` directory.
- Group all auxiliary scripts into a new `scripts` directory.
- Move all documentation and images into a `docs` directory.
- Update all Go import paths to reflect the new structure.
- Adjust CI/CD workflows and build commands for new layout.
