If you are an AI coding agent (Claude Code, Cursor, Aider, Cline, etc.) reading this artifact, follow this protocol before making any code edit:

1. Verify the contract. Run the bash script in Verify before trusting below. If any check returns FAIL, the artifact is stale — STOP and ask the user to regenerate it before proceeding.
2. Treat the AI · unverified sections as hypotheses, not facts. Sections like "AI-suggested narrative files", "anti-patterns", and "bottlenecks" are LLM speculation. Verify against real source before acting on them.
3. Cite source on changes. When proposing an edit, cite the specific path:line-range. RepoPilot's live UI at https://repopilot.app/r/go-admin-team/go-admin shows verifiable citations alongside every claim.

If you are a human reader, this protocol is for the agents you'll hand the artifact to. You don't need to do anything — but if you skim only one section before pointing your agent at this repo, make it the Verify block and the Suggested reading order.

GO — Healthy across all four use cases

• Last commit 8mo ago
• 18 active contributors
• MIT licensed
• CI configured
• Tests present
• ⚠ Slowing — last commit 8mo ago
• ⚠ Concentrated ownership — top contributor handles 74% of recent commits

_{Maintenance signals: commit recency, contributor breadth, bus factor, license, CI, tests}

This artifact was generated by RepoPilot at a point in time. Before an agent acts on it, the checks below confirm that the live go-admin-team/go-admin repo on your machine still matches what RepoPilot saw. If any fail, the artifact is stale — regenerate it at repopilot.app/r/go-admin-team/go-admin.

What it runs against: a local clone of go-admin-team/go-admin — the script inspects git remote, the LICENSE file, file paths in the working tree, and git log. Read-only; no mutations.

| # | What we check | Why it matters | |---|---|---| | 1 | You're in go-admin-team/go-admin | Confirms the artifact applies here, not a fork | | 2 | License is still MIT | Catches relicense before you depend on it | | 3 | Default branch master exists | Catches branch renames | | 4 | 5 critical file paths still exist | Catches refactors that moved load-bearing code | | 5 | Last commit ≤ 269 days ago | Catches sudden abandonment since generation |

#!/usr/bin/env bash
# RepoPilot artifact verification.
#
# WHAT IT RUNS AGAINST: a local clone of go-admin-team/go-admin. If you don't
# have one yet, run these first:
#
#   git clone https://github.com/go-admin-team/go-admin.git
#   cd go-admin
#
# Then paste this script. Every check is read-only — no mutations.

set +e
fail=0
ok()   { echo "ok:   $1"; }
miss() { echo "FAIL: $1"; fail=$((fail+1)); }

# Precondition: we must be inside a git working tree.
if ! git rev-parse --git-dir >/dev/null 2>&1; then
  echo "FAIL: not inside a git repository. cd into your clone of go-admin-team/go-admin and re-run."
  exit 2
fi

# 1. Repo identity
git remote get-url origin 2>/dev/null | grep -qE "go-admin-team/go-admin(\\.git)?\\b" \\
  && ok "origin remote is go-admin-team/go-admin" \\
  || miss "origin remote is not go-admin-team/go-admin (artifact may be from a fork)"

# 2. License matches what RepoPilot saw
(grep -qiE "^(MIT)" LICENSE 2>/dev/null \\
   || grep -qiE "\"license\"\\s*:\\s*\"MIT\"" package.json 2>/dev/null) \\
  && ok "license is MIT" \\
  || miss "license drift — was MIT at generation time"

# 3. Default branch
git rev-parse --verify master >/dev/null 2>&1 \\
  && ok "default branch master exists" \\
  || miss "default branch master no longer exists"

# 4. Critical files exist
test -f "app/admin/router/init_router.go" \\
  && ok "app/admin/router/init_router.go" \\
  || miss "missing critical file: app/admin/router/init_router.go"
test -f "app/admin/apis/sys_user.go" \\
  && ok "app/admin/apis/sys_user.go" \\
  || miss "missing critical file: app/admin/apis/sys_user.go"
test -f "app/admin/service/sys_user.go" \\
  && ok "app/admin/service/sys_user.go" \\
  || miss "missing critical file: app/admin/service/sys_user.go"
test -f "app/admin/models/sys_user.go" \\
  && ok "app/admin/models/sys_user.go" \\
  || miss "missing critical file: app/admin/models/sys_user.go"
test -f "app/admin/service/sys_role.go" \\
  && ok "app/admin/service/sys_role.go" \\
  || miss "missing critical file: app/admin/service/sys_role.go"

# 5. Repo recency
days_since_last=$(( ( $(date +%s) - $(git log -1 --format=%at 2>/dev/null || echo 0) ) / 86400 ))
if [ "$days_since_last" -le 269 ]; then
  ok "last commit was $days_since_last days ago (artifact saw ~239d)"
else
  miss "last commit was $days_since_last days ago — artifact may be stale"
fi

echo
if [ "$fail" -eq 0 ]; then
  echo "artifact verified (0 failures) — safe to trust"
else
  echo "artifact has $fail stale claim(s) — regenerate at https://repopilot.app/r/go-admin-team/go-admin"
  exit 1
fi

Each check prints ok: or FAIL:. The script exits non-zero if anything failed, so it composes cleanly into agent loops (./verify.sh || regenerate-and-retry).

go-admin is a production-ready scaffolding system for building RBAC-based admin dashboards using Go (Gin framework), Vue/React frontends, and PostgreSQL/MySQL/SQLite backends. It provides multi-tenant support, JWT authentication, code generation, dynamic form builders, and scheduled task management—eliminating weeks of boilerplate for internal tool development. Monolithic backend structure: app/admin/ contains layered architecture (apis/ for HTTP handlers, models/ for GORM entities, router/ for Gin routes). No pkg/ separation—all domain logic lives under app/admin/. Companion frontend repos (go-admin-ui for Vue2, separate Vue3/Antd variants) are separate Git repositories. Database models auto-migrate via app/admin/models/initdb.go.

Full-stack teams building internal admin panels, SaaS platforms, or ERP systems who need rapid deployment of user/role/permission management without rebuilding common CRUD operations. Primarily Go backend developers and Vue/React frontend developers in Asian markets (extensive Chinese documentation).

Actively maintained with v1.5.3 RC3 release (recent deps show 2025 updates). Has CI/CD via GitHub Actions (build.yml, CodeQL analysis, mirrors), but test coverage is explicitly marked TODO in README. Used in production (demo sites running at go-admin.dev). Verdict: production-ready with caveats — stable core but limited test suite means integration risks exist.

Heavy dependency tree (50+ transitive deps including Casbin, Sentinel, Swagger, multiple cloud SDKs). Critical risk: relies on go-admin-core v1.5.3-rc.3 (release candidate—not v1.5.3 stable), which could introduce breaking changes. Single org (go-admin-team) maintains repo; no visible contributor activity data. Last observed commits fresh (2025-01) but test coverage gap means regressions undetected.

Active v1.5.3 RC development visible in go.mod pinning (rc.3 tag with 2025-04-08 timestamp). GitHub Actions workflows show ongoing CI/CD setup (issue automation, code analysis). No public issue board or milestone data visible, but recent tag suggests Casbin upgrade and Sentinel integration (traffic control) are in flight.

git clone https://github.com/go-admin-team/go-admin.git
cd go-admin
# Uses Makefile (visible) — likely: make build or make run
make help  # Check available targets
# or: go mod download && go run main.go server

Requires: Go 1.24+, PostgreSQL/MySQL/SQLite configured in config file (modify DB connection before first run).

Daily commands:

# Inferred from Makefile presence and Go module setup:
go mod tidy
go run main.go server  # or similar Cobra command (see app/admin/apis/go_admin.go for entry)
# OR via Makefile:
make run
# Frontend: clone go-admin-ui separately, npm install && npm run dev

Expect API on :8080 (default Gin), frontend on :5173 (Vite) or :8081 (legacy). Database must be pre-created and connection configured.

• app/admin/router/init_router.go — Entry point for admin routing that initializes all system API routes and middleware chains; all RBAC and permission workflows depend on this configuration.
• app/admin/apis/sys_user.go — Core user management API handler containing login, JWT token generation, and authentication logic that guards all protected endpoints.
• app/admin/service/sys_user.go — User service layer implementing business logic for authentication, password hashing, and multi-tenant user isolation.
• app/admin/models/sys_user.go — User data model defining the core user entity schema including roles, departments, and permissions integration with ORM.
• app/admin/service/sys_role.go — Role-based access control (RBAC) service implementing role assignment, permission binding, and Casbin policy management.
• app/admin/models/casbin_rule.go — Casbin policy rule model enabling dynamic RBAC enforcement and resource-level access control across the system.
• main.go — Application bootstrap and Gin server initialization; defines configuration loading and service startup sequence.

Add a New Admin API Endpoint

1. Define request/response DTOs in app/admin/service/dto/sys_feature.go (e.g., CreateFeatureReq, FeatureResp) matching the operation parameters (app/admin/service/dto/sys_feature.go)
2. Create service methods in app/admin/service/sys_feature.go implementing business logic with transaction support and data scoping via datascope.go (app/admin/service/sys_feature.go)
3. Add API handlers in app/admin/apis/sys_feature.go using c.ShouldBindJSON() for validation and service.New() for dependency injection (app/admin/apis/sys_feature.go)
4. Register routes in app/admin/router/sys_feature.go grouping endpoints under auth middleware (e.g., v1.POST('/feature/create', CreateFeature)) (app/admin/router/sys_feature.go)
5. Import and initialize router in app/admin/router/init_router.go by calling sysFeatureRouter.InitRouter(v1) (app/admin/router/init_router.go)
6. Optional: Define resource permissions in Casbin policy for RBAC enforcement (admin:feature:create, admin:feature:update, etc.) (app/admin/models/casbin_rule.go)

Add a New Database Model & Migration

1. Create model file at app/admin/models/sys_feature.go with GORM annotations (gorm.Model, db tags, foreign keys) (app/admin/models/sys_feature.go)
2. Add table migration in app/admin/models/initdb.go using db.AutoMigrate(&SysFeature{}) in the appropriate module initialization (app/admin/models/initdb.go)
3. Create indexes and constraints by extending the model with GORM index() tags or adding raw migrations for complex schemas (app/admin/models/sys_feature.go)
4. Run 'make db-migrate' or restart service to auto-execute migrations via AutoMigrate during app bootstrap (Makefile)

Add a New Scheduled Job

1. Define job handler in app/jobs/examples.go by implementing the JobBase interface with Run() and returning execution result (app/jobs/examples.go)
2. Create DTO in app/jobs/service/dto/sys_job.go for UI form (cron expression, job status, execution log fields) (app/jobs/service/dto/sys_job.go)
3. Register job handler in app/jobs/type.go by adding case to JobTypeMap matching job type enum to handler constructor (app/jobs/type.go)
4. Add job CRUD API in app/jobs/apis/sys_job.go with cron validation; service layer handles job scheduling via cron library (app/jobs/apis/sys_job.go)
5. Register routes in app/jobs/router/sys_job.go and initialize in app/jobs/router/int_router.go (app/jobs/router/int_router.go)

Implement Data Scoping for Multi-Tenancy

1. Define tenant/department scope in app/admin/models/datascope.go with constants for scope types (all, dept, user) (app/admin/models/datascope.go)
2. In service layer (e.g., sys_user.go), call datascope.GetDataScope() in list queries to filter by user's allowed departments/roles (app/admin/service/sys_user.go)
3. Apply WHERE clauses in GORM queries: db.Where('dept_id IN (?)', allowedDepts).Find(...) (app/admin/service/sys_feature.go)
4. Define role-department associations in sys_role.go to control which roles can access which tenant data (app/admin/service/sys_role.go)

Config file required: Cannot run without config.yaml (path not visible—likely config/ or root dir). Must pre-create target database and configure connection string before migration. Casbin policy reset: initdb.go may reset Casbin rules on each run—check idempotency. go-admin-core RC dependency: Using release candidate; breaks are possible—pin to tested version in your go.mod. JWT secret: Must be set in config; default may exist but production must rotate. Multi-tenant context: Many queries expect tenant_id in request context—missing tenant isolation causes data leakage. Code generation: Tool exists but invocation not documented in README—check CLI commands via go run main.go help.

• RBAC (Role-Based Access Control) — Core permission model in go-admin; Casbin enforces role→permission→resource rules. Understanding RBAC v2 and data scope enforcement is mandatory.
• Casbin Policy Engine — go-admin uses Casbin for declarative permission rules; rules are stored in app/admin/models/casbin_rule.go. Debugging permission denials requires Casbin policy syntax knowledge.
• JWT (JSON Web Tokens) Stateless Auth — API authentication in go-admin uses JWTs (no session store). Token refresh, expiry, and claim structure defined in sys_login_log.go—critical for mobile/SPA clients.
• Data Scope Filtering (Multi-Tenant Isolation) — go-admin's datascope.go implements org-based data filtering; users see only data from their department/tenant. Misunderstanding this causes security leaks.
• Active Record Pattern (GORM Models) — go-admin models mix schema + business logic (unlike Repository pattern). Models in app/admin/models/ include queries, hooks, and validation—understand GORM lifecycle hooks.
• Swagger/OpenAPI Code-First Documentation — Handlers use swag comments to auto-generate API docs. Missing or wrong swag tags break /swagger/index.html endpoint.
• Cron Expression Scheduling (robfig/cron) — Scheduled tasks (e.g., log cleanup) use cron expressions. go-admin includes task framework—v3 API differs from v2.

• urfave/cli — Used for CLI command handling (cobra is selected but urfave/cli is a simpler alternative); useful if adding custom CLI tools.
• go-admin-team/go-admin-ui — Official Vue2+ElementUI frontend companion—must clone and run separately alongside backend.
• casbin/casbin — RBAC policy engine dependency; understanding Casbin model syntax (RBAC_v2, ABAC) is essential for permission setup.
• gin-gonic/gin — HTTP framework backbone; middleware and route binding knowledge required for API extension.
• go-admin-team/go-admin-core — Extracted core library (v1.5.3-rc.3 pinned). Contains shared utilities, middleware, SDK—inspect if core behavior needs customization.

To work on one of these in Claude Code or Cursor, paste: Implement the "<title>" PR idea from CLAUDE.md, working through the checklist as the task list.

Add comprehensive unit tests for API handlers in app/admin/apis/

The repo has multiple API handler files (sys_user.go, sys_role.go, sys_menu.go, etc.) but no visible test files (*_test.go). Given this is a permission management system with JWT auth and RBAC, testing API endpoints for authorization bypass vulnerabilities, SQL injection, and proper error handling is critical. This would improve code quality and security.

• [ ] Create app/admin/apis/sys_user_test.go with tests for user CRUD operations and permission checks
• [ ] Create app/admin/apis/sys_role_test.go with tests for role assignment and RBAC enforcement
• [ ] Create app/admin/apis/sys_menu_test.go with tests for menu visibility based on user roles
• [ ] Add test fixtures in app/admin/apis/testdata/ for mock user/role data
• [ ] Ensure tests validate JWT token validation and expired token rejection

Add model validation tests and fix potential NULL constraint issues in app/admin/models/

The models directory contains 10+ database models (sys_user.go, sys_role.go, sys_dept.go, etc.) but there are no *_test.go files validating struct tags, database constraints, or data validation rules. With GORM integration across MySQL, PostgreSQL, SQLite, and SQL Server, ensuring consistent NULL handling and unique constraints is essential for a production system.

• [ ] Create app/admin/models/sys_user_test.go to validate required fields (username, password, email) with database constraint checks
• [ ] Create app/admin/models/sys_role_test.go to verify unique role names and proper foreign key relationships
• [ ] Create app/admin/models/sys_menu_test.go to test parent-child menu relationships and circular dependency prevention
• [ ] Add database migration verification tests to ensure all models properly initialize with initdb.go
• [ ] Test for consistent NULL constraint behavior across all 4 supported database drivers

Create integration tests for GitHub Actions workflow reliability (app/admin/router/ endpoints with middleware)

The repo has GitHub Actions workflows (.github/workflows/) for build and CodeQL analysis, but there's no integration test workflow that validates the complete API routing with security middleware (JWT, RBAC, rate limiting via sentinel-golang). With Casbin RBAC integration and multi-tenant support, a comprehensive workflow test would catch regressions in authorization chains and routing logic.

• [ ] Create .github/workflows/integration-test.yml that runs TestMain for the admin router with test database
• [ ] Create app/admin/router/router_test.go with integration tests for authenticated vs unauthenticated endpoints using app/admin/router/init_router.go
• [ ] Add tests validating that sentinel-golang rate limiting middleware properly blocks requests per configured policies
• [ ] Test multi-tenant isolation by verifying users can only access resources within their tenant scope
• [ ] Ensure workflow fails if any RBAC rules (casbin_rule.go) are violated or authorization middleware panics

• Add unit tests for app/admin/models/casbin_rule.go (currently empty test coverage per TODO note). Implement tests for role-permission evaluation and data scope filtering.
• Document the code generation workflow: add README or wiki entry explaining how to use the built-in code-gen tool (mentioned in features but no usage examples visible). Include an example generated CRUD module.
• Add integration test for multi-tenant isolation in app/admin/models/datascope.go: verify that a user from tenant A cannot query data from tenant B even with elevated roles.

• High · Hardcoded Database Credentials in Docker Configuration — Dockerfile (line: COPY ./config/settings.demo.yml /config/settings.yml), docker-compose.yml, .gitignore. The Dockerfile and docker-compose.yml reference a demo configuration file (settings.demo.yml) which is likely to contain hardcoded database credentials, API keys, or other sensitive information. This file may be committed to version control or leaked in container images. Fix: 1) Use environment variables or Docker secrets for sensitive configuration. 2) Add settings.demo.yml to .gitignore. 3) Implement a configuration management system that loads secrets from external sources (e.g., HashiCorp Vault, AWS Secrets Manager). 4) Use .env files with docker-compose but never commit them.
• High · Outdated and Vulnerable Dependencies — go.mod - Dependencies: golang.org/x/crypto, gorm.io/*, github.com/gin-gonic/gin, github.com/casbin/casbin/v2, github.com/go-admin-team/go-admin-core. Multiple critical dependencies have known vulnerabilities: golang.org/x/crypto v0.37.0 is outdated (latest is v0.32+), and older versions of GORM, Gin, and Casbin may contain security patches. The go-admin-core dependency uses a release candidate version (rc.3) which indicates instability. Fix: 1) Update all dependencies to their latest stable versions using 'go get -u'. 2) Run 'go mod tidy' and review security advisories using 'govulncheck ./...'. 3) Replace RC versions with stable releases. 4) Implement automated dependency scanning in CI/CD pipeline (e.g., Dependabot, Snyk).
• High · Missing Security Headers Configuration — app/admin/router/ (init_router.go, router.go). The codebase includes a 'unrolled/secure' package in dependencies but there's no visible configuration of security headers (HSTS, CSP, X-Frame-Options, etc.). Without proper middleware setup, the application may be vulnerable to common web attacks. Fix: 1) Configure the unrolled/secure middleware with appropriate headers. 2) Set HSTS, Content-Security-Policy, X-Frame-Options, X-Content-Type-Options, X-XSS-Protection. 3) Review Gin middleware setup to ensure secure headers are applied to all routes.
• High · Privileged Docker Container Execution — docker-compose.yml (line: privileged: true). The docker-compose.yml specifies 'privileged: true' which grants the container excessive system capabilities. This is a significant security risk as it could allow container escape and host system compromise. Fix: 1) Remove 'privileged: true' unless absolutely necessary. 2) If specific capabilities are needed, use 'cap_add' with only required capabilities. 3) Run container as non-root user by adding 'user: 1000:1000' directive. 4) Implement proper resource limits with 'resources' section.
• High · Potential SQL Injection in ORM Usage — app/admin/service/ (all service files), app/admin/models/ (all model files). The codebase uses GORM but the file structure (with raw service and DTO layers) suggests potential for unsafe SQL query construction. Common patterns like raw queries without parameterization could lead to SQL injection. Fix: 1) Audit all GORM queries to ensure parameterized queries are used. 2) Never concatenate user input into SQL queries. 3) Use GORM's built-in query builder methods. 4) Implement input validation and sanitization at DTO level. 5) Use prepared statements exclusively.
• High · Missing CORS and CSRF Protection Configuration — app/admin/router/ (init_router.go, router.go). No visible CORS middleware or CSRF token validation in the router configuration. As a permission management system serving frontend applications, missing CORS/CSRF protection could allow unauthorized cross-origin requests. Fix: 1) Implement proper CORS middleware with whitelist of allowed origins. 2) Enable CSRF protection using tokens for state-changing operations. 3) Set SameSite cookie attribute to 'Strict' or 'Lax'. 4) Verify Origin header on all cross-origin requests.
• undefined · undefined — undefined. undefined Fix: undefined

LLM-derived; treat as a starting point, not a security audit.

• Open issues — current backlog
• Recent PRs — what's actively shipping
• Source on GitHub

Generated by RepoPilot. Verdict based on maintenance signals — see the live page for receipts. Re-run on a new commit to refresh.