go-template

A starting point for Go projects in the c3-oss org. Captures the toolchain, hooks, CI/CD, release, security scanning, and agent integrations already battle-tested across prosa, nfe, and lastfm-webp-widgets.

What you get

• Layout: cmd/<binary> + internal/ + pkg/. Easy to add more binaries.
• Toolchain pinned via devbox: Go 1.26, just, golangci-lint v2 (with gofumpt + goimports), gosec, govulncheck, syft, gitleaks, lychee, markdownlint-cli2, GoReleaser, Node + pnpm.
• Task runner: a single .justfile exposes build, test, lint, quality, security, CI, docker, and release-snapshot targets.
• Quality gates: golangci-lint v2 standard linter set + gofumpt formatter; markdown + link checks; secret scanning.
• Security: gosec static analysis, govulncheck against the public vulnerability database, SPDX SBOMs published per release archive (Syft).
• Hooks: Husky-managed pre-commit (lint-staged + gitleaks staged), commit-msg (commitlint — Conventional Commits with mandatory scope), and pre-push (full quality gate).
• CI/CD: GitHub Actions runs quality, test (race + coverage), lint, security, and a cross-platform build matrix on every PR. Tag releases trigger GoReleaser + Docker multi-arch GHCR push + SBOM.
• Dependabot: weekly updates for Go modules, GitHub Actions, npm, Docker.
• Agent-aware: AGENTS.md, CLAUDE.md, .claude/, .codex/, and a devcontainer config ready to extend.

Using this template

Click Use this template on GitHub, clone the new repo, then:

# 1. Rename the placeholder ("myapp") to your binary, and the module path
#    to your new repo. The script handles cmd/<name>/, go.mod, Dockerfile,
#    GoReleaser, and every other reference.
./scripts/setup.sh github.com/c3-oss/<your-repo> <your-binary>

# 2. Enter the pinned toolchain (installs Go-based tools + Node deps,
#    wires Husky hooks).
devbox shell

# 3. Validate everything still works.
just ci

Commit the rename (chore(setup): rename template to <name>) and you're ready to develop.

Quick reference

just build         # compile all cmd/* into bin/
just run           # build then run the default binary
just test-race     # full race detector
just lint          # golangci-lint v2
just lint-sec      # gosec
just lint-vuln     # govulncheck
just quality       # markdown + link check + secret scan
just ci            # local mirror of the PR pipeline
just snapshot      # goreleaser --snapshot (writes dist/ with SBOMs)
just docker-build  # build the local Docker image

See AGENTS.md for the canonical project guide.

License

To the extent possible under law, Caian Ertl has waived all copyright and related or neighboring rights to this work. In the spirit of freedom of information, I encourage you to fork, modify, change, share, or do whatever you like with this project! ^C ^V