Skip to content

Releases: boinger/confvis

v1.2.0

25 Feb 00:25
@github-actions github-actions
v1.2.0
92b0a2f

Choose a tag to compare

View all tags
v1.2.0 Latest
Latest

Full Changelog: v1.1.3...v1.2.0

Assets 9
Loading

v1.1.3

21 Feb 04:07
@github-actions github-actions
v1.1.3
579d666

Choose a tag to compare

View all tags
v1.1.3

What's Changed

  • ci(deps): bump github/codeql-action from 4.32.1 to 4.32.2 by @dependabot[bot] in #8
  • ci(deps): bump SonarSource/sonarqube-scan-action from 6.0.0 to 7.0.0 by @dependabot[bot] in #9
  • ci(deps): bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 by @dependabot[bot] in #10
  • ci(deps): bump github/codeql-action from 4.32.2 to 4.32.3 by @dependabot[bot] in #11

Full Changelog: v1.1.2...v1.1.3

Contributors

dependabot
Loading

v1.1.2

06 Feb 03:34
@boinger boinger
v1.1.2
8d1e5c8

Choose a tag to compare

View all tags
v1.1.2

What's Changed

New Sources

  • CodeQL, GitLeaks, TruffleHog, and Gosec integrations — four new security scanning sources join the lineup, each with full severity-based scoring
  • Coveralls integration — coverage metrics from Coveralls alongside the existing Codecov support

Bug Fixes

  • Paginate Dependabot alerts — repositories with more than 100 open vulnerabilities now report all alerts instead of silently truncating at the first page
  • Paginate GitHub Actions workflow runs — cap and paginate to avoid incomplete run data
  • Consistent Codecov rounding — coverage scores now use uniform rounding instead of truncation
  • Validate CLI tool output — binary-runner sources now check for valid JSON before parsing, producing clearer errors when tools emit unexpected output
  • Warn on unknown severity strings — unrecognized severity levels in source count functions are surfaced as warnings instead of silently dropped
  • Fix CodeQL badge URL — corrected the README badge link for CodeQL scanning results
  • Address SonarCloud security hotspot — resolved a flagged hotspot in shared utilities

Internal / Code Quality

  • Generic source implementations — introduced shared fetch-flow engines for GitHub alerts and coverage sources; individual sources (Dependabot, CodeQL, Coveralls, Codecov) are now thin configuration wrappers with source-specific callbacks, cutting structural duplication significantly
  • Extract shared utilities — consolidated repeated patterns (config resolution, HTTP client setup, repo parsing) into reusable helpers across two refactoring passes
  • Tighten API surface — unexported package-internal helper functions and constants across source packages
  • Comprehensive test coverage — added dedicated tests for generic source packages, bringing coverage to 100% (coverage pkg) and 98.3% (githubalerts pkg)
Loading

v1.1.1

05 Feb 15:03
@boinger boinger
v1.1.1
49f6c9b

Choose a tag to compare

View all tags
v1.1.1

What's Changed

Bug Fixes

  • Surface silent failures — SonarQube metric conversion errors now warn to stderr instead of silently dropping factors; glob patterns with metacharacters that match no files produce errors; invalid weight suffixes in config paths are rejected
  • Fix sparkline division-by-zero — single-score sparklines no longer panic
  • Distinguish GitHub env errors — "no PR in event" is no longer conflated with file read/parse failures in LoadGitHubEnvWithPR
  • Remove residual dead code — deleted orphaned quality gate handler and stale snyk comment left after earlier refactors

Improvements

  • GitHub comment pagination — FindComment and FindAllConfvisComments now paginate (per_page=100) instead of only scanning the first page
  • Dashboard CSS namespacing — all fragment CSS classes prefixed with confvis- to prevent style leakage when embedded
  • Better error messages — file format hints included when extensions are unrecognized; stderr warnings when GitHub env loading fails with a provided token

Internal / Code Quality

  • Extract internal/gitutil package — shared git helpers (ResolveGitPath, IsGitRepo, RefExists, CommandTimeout) consolidated from duplicate implementations in baseline and history
  • Deduplicate types and helpers — IssueCounts consolidated into scoring.SeverityCounts, checks.ParseRepository replaced by repoparse.Parse, new sources.ResolveCommand helper, gauge.ColorOptions embedded struct
  • Unexport package-internal symbols — 24 functions/constants across gauge, baseline, history, and sonarqube narrowed from exported to unexported, tightening the public API surface
  • Remove dead code — unused Parse()/ParseFile() wrappers, FetchQualityGate()/ProjectURL(), ConclusionScore(), orphaned types and test handlers
  • Fix errcheck compliance — bare fmt.Fprintf calls wrapped; discarded viper.BindPFlag errors replaced with must() panics
  • Rename MustParse to ParseDefault — aligns with Go convention (Must* implies panic)
  • Derive SonarQube metric keys from metricMappings — eliminates drift between the mapping table and the key list
  • Validation in scoring.BuildReport — catches programming errors at construction time

Full Changelog: v1.1.0...v1.1.1

Loading

v1.1.0

05 Feb 05:54
@boinger boinger
v1.1.0
7dedb84

Choose a tag to compare

View all tags
v1.1.0

What's Changed

Features

  • Embeddable dashboard fragments--fragment flag outputs HTML without DOCTYPE wrapper for embedding in Confluence, wikis, or iframes
  • --emit-json for aggregate — write structured JSON alongside visual output for CI/CD pipelines
  • Score-of-zero fix — a score of 0 is no longer silently overwritten when factors are present

Improvements

  • Adaptive dashboard layout based on report count
  • Factor threshold highlighting with pass/fail coloring
  • SVG rendering fixes (transparent backgrounds, proper viewBox scaling)
  • 90%+ test coverage, <1% duplication

Bug Fixes

  • SonarCloud badge links now show overall project metrics (instead of new-code-only)
  • Factor thresholds validated to 0–100 range

Full Changelog: v1.0.1...v1.1.0

Loading

v1.0.1

04 Feb 23:52
@github-actions github-actions
v1.0.1
5e0ff70

Choose a tag to compare

View all tags
v1.0.1

What's Changed

Bug Fixes

  • Address LLM review findings for sorting, action efficiency, and error handling

Documentation

  • Add llms.txt for AI tool integration
  • Add JSON Schema for confidence.json validation
  • Add missing sources to README and llms.txt
  • Update README with GitHub Marketplace badge
  • Documentation cleanup and fixes

Internal Improvements

  • Consolidate vulnerability penalty/weight constants in scoring package
  • Add race detection to CI
  • Add tests for EmitJSON and verify Names() sorting

Full Changelog: v1.0.0...v1.0.1

Loading

v1.0.0

04 Feb 19:33
@github-actions github-actions
v1.0.0
929472e

Choose a tag to compare

View all tags
v1.0.0
Marketplace
Marketplace

Initial stable release.

  • Aggregate metrics from SonarQube, Codecov, Snyk, Trivy, GitHub Actions, etc.
  • Generate SVG badges (gauge, flat, sparkline)
  • Baseline comparison and regression detection
  • PR comments and GitHub Check Runs
Loading

v0.1.0

04 Feb 03:30
@boinger boinger
v0.1.0
b5518f0

Choose a tag to compare

View all tags
v0.1.0

Initial release of confvis - a tool for visualizing test confidence.

Features

  • Fetch confidence metrics from Codecov, SonarCloud, GitHub Actions, Trivy
  • Aggregate multiple sources with weighted scoring
  • Generate SVG badges (flat, for-the-badge, sparkline)
  • HTML dashboard generation
  • Baseline storage and regression detection
  • Native GitHub Action for CI/CD
  • GitHub Check Run creation via API
Loading