What's Changed

• chore(deps): bump github/codeql-action from 3 to 4 by @dependabot[bot] in #31
• chore(deps): bump golang.org/x/oauth2 from 0.31.0 to 0.32.0 by @dependabot[bot] in #30
• refactor!: remove go-github dependency and implement internal GitHub API client by @jferrl in #32

Full Changelog: v1.4.2...v1.5.0

Full Changelog: v1.4.1...v1.4.2

What's Changed

• chore: Use ReuseTokenSource in NewApplicationTokenSource by @jferrl in #22
• chore(deps): bump golang.org/x/oauth2 from 0.30.0 to 0.31.0 by @dependabot[bot] in #25
• chore(deps): bump actions/setup-go from 5 to 6 by @dependabot[bot] in #26
• Potential fix for code scanning alert no. 1: Workflow does not contain permissions by @jferrl in #27
• chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #28
• chore: upgrade github.com/google/go-github to v74 by @krancour in #29

New Contributors

• @krancour made their first contribution in #29

Full Changelog: v1.4.0...v1.4.1

What's Added

@jferrl in #21

• Personal Access Token Support: New NewPersonalAccessTokenSource function for classic and fine-grained personal access tokens
• Advanced Token Caching: Implemented dual-layer token caching system using oauth2.ReuseTokenSource
  • JWT tokens cached until expiration (up to 10 minutes)
  • Installation tokens cached until expiration (up to 1 hour)
• High-Performance HTTP Client: Custom cleanHTTPClient implementation with connection pooling
  • Based on HashiCorp's go-cleanhttp patterns for production reliability
  • HTTP/2 support with persistent connections
  • No shared global state to prevent race conditions

What's Changed

• Significant Performance Improvements: Up to 99% reduction in unnecessary token generation and GitHub API calls
• Enhanced Documentation: Added comprehensive examples for personal access token usage
• Optimized Memory Usage: Reduced object allocation through intelligent token reuse

Performance

• GitHub App JWTs: Cached and reused until expiration instead of regenerating on every API call
• Installation Tokens: Cached until expiration, dramatically reducing GitHub API rate limit consumption
• Connection Pooling: HTTP connections reused across requests for faster GitHub API interactions
• Production Ready: Optimized for high-throughput applications and CI/CD systems

Full Changelog: v1.3.0...v1.4.0

What's Changed

• fix: use go version from go.mod in actions build by @grinish21 in #12
• feat: add dependabot to keep go version up to date #10 by @grinish21 in #13
• chore(deps): bump styfle/cancel-workflow-action from 0.10.0 to 0.12.1 by @dependabot[bot] in #15
• chore(deps): bump Go version and update dependencies by @jferrl in #16
• chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in #18
• chore(deps): bump codecov/codecov-action from 4 to 5 by @dependabot[bot] in #19
• feat!: add Go generics support for unified App ID/Client ID authentication by @jferrl in #20

New Contributors

• @dependabot[bot] made their first contribution in #15

Full Changelog: v1.2.1...v1.3.0

What's Changed

• fix(deps): move jwt to v5.3.0 which fixes vuln GO-2025-3553 by @grinish21 in #9

Full Changelog: v1.2.0...v1.2.1

What's Changed

• chore: bump dependencies by @candiepih in #8

New Contributors

• @candiepih made their first contribution in #8

Full Changelog: v1.1.1...v1.2.0

What's Changed

• docs: 404 links fixed in readme by @grinish21 in #3
• chore: bump deps by @jferrl in #6
• chore: bump go version to 1.23 by @jferrl in #7

New Contributors

• @grinish21 made their first contribution in #3

Full Changelog: v1.1.0...v1.1.1

• Github enterprise compatibility

Full Changelog: v1.0.2...v1.1.0

Full Changelog: v1.0.1...v1.0.2