Updated latest changes

[mhescobar97]

Description

Related Issue

Closes #(issue_number)

Type of Change

• Bug fix (non-breaking change which fixes an issue)
• New feature (non-breaking change which adds functionality)
• Breaking change (fix or feature that would cause existing functionality to not work as expected)
• Documentation update
• Refactoring (no functional changes)
• Performance improvement

Testing

• Manual testing completed
• Functionality verified in development environment
• No breaking changes introduced

Screenshots (if applicable)

Checklist

• My code follows the project's style guidelines
• I have performed a self-review of my code
• I have tested my changes thoroughly
• Any dependent changes have been merged and published

Additional Notes

Summary by Sourcery

Improve licensing/runtime context handling, add proper versioning and release metadata, and enhance GitHub workflows and templates for project maintenance.

New Features:

• Allow licensing to be activated and persisted using a GLOBAL_API_KEY when no stored license is found.
• Expose clearer configuration keys for instance ID, API key, tier, and customer ID.
• Permit common static asset paths (CSS, JS, images, fonts) to bypass the license gate middleware so the UI can load before activation.

Bug Fixes:

• Ensure link messages include a video preview type when sending links with thumbnails, improving compatibility with clients expecting this metadata.

Enhancements:

• Refine runtime licensing flow and context validation, including clearer status values, improved registration messaging, and safer context hashing and integrity activation.
• Streamline HTTP client, heartbeat, activation, and shutdown helpers for license server communication.
• Introduce a fixed, named heartbeat interval constant for better configurability.
• Wire binary version from a VERSION file or ldflags so builds and logs report an accurate semantic version, and ensure the VERSION file is included in the runtime image.
• Update built manager frontend asset references in the distributed index.html file.

Build:

• Adjust Docker image tagging in the publish workflow to use the VERSION file for tags and always push a latest tag.
• Ensure Docker builds include git submodules, pass VERSION as a build argument, and set the build context explicitly.
• Copy the VERSION file into the final Docker image for runtime access.

CI:

• Add localized GitHub issue templates for bug reports and feature requests in English and Portuguese to standardize contributions.
• Add a pull request template to enforce consistent PR descriptions and testing notes.

Documentation:

• Add a TRADEMARKS policy document and NOTICE file describing trademark and branding rules for Evolution Foundation and the project.

Chores:

• Introduce git submodule configuration and vendor the whatsmeow-lib directory for project dependencies.

[sourcery-ai]

Reviewer's Guide

Refactors and partially de-obfuscates the core licensing/runtime code while adding support for GLOBAL_API_KEY activation, improves license-related HTTP routing and static asset gating, wires versioning through build and runtime (including Docker and GitHub Actions), tweaks WhatsApp link preview behavior, and adds project governance files like issue templates and trademark/notice docs.

Sequence diagram for runtime license activation with GLOBAL_API_KEY

sequenceDiagram
    participant app as InitializeRuntime
    participant db as RuntimeConfigDB
    participant licSrv as LicensingServer

    app->>db: _8ftv()
    db-->>app: RuntimeData or error

    alt saved license found
        app->>licSrv: _2a2d(rc, version)
        licSrv-->>app: HTTP 200 active
        app->>db: _nk7y(RuntimeData)
    else no saved license and GLOBAL_API_KEY set
        app->>licSrv: _2a2d(rc, version)
        licSrv-->>app: success or error
        alt activation success
            app->>db: _nk7y(RuntimeData)
        else activation failed
            app->>app: _p3()
        end
    else no license and no GLOBAL_API_KEY
        app->>app: _p3()
    end

Loading

Flow diagram for version propagation through build and licensing

flowchart LR
    VERSION_FILE["VERSION file"]
    GH_ACTIONS["GitHub Actions: Read version step"]
    DOCKER_META["Docker meta tags (VERSION, latest)"]
    DOCKER_BUILD["docker/build-push-action with build-arg VERSION"]
    GO_MAIN["cmd/evolution-go main.version (ldflags or VERSION)"]
    LIC_HTTP["_2a2d / _b1h send version to licensing server"]

    VERSION_FILE --> GH_ACTIONS
    GH_ACTIONS --> DOCKER_META
    DOCKER_META --> DOCKER_BUILD
    DOCKER_BUILD --> GO_MAIN
    GO_MAIN --> LIC_HTTP

Loading

File-Level Changes

Change	Details	Files
Refactor and clarify licensing/runtime core, add GLOBAL_API_KEY activation path, and tighten license/heartbeat/deactivation flows.	Rename many internal helpers and fields in the licensing/runtime module to new identifiers while keeping behavior largely equivalent, including XOR/hex, HTTP client, DB accessors, and runtime context state. Promote runtime config key strings from obfuscated constants to descriptive exported constants (ConfigKeyInstanceID, ConfigKeyAPIKey, ConfigKeyTier, ConfigKeyCustomerID). Introduce RuntimeData type to replace the previous anonymous struct, and adjust getter/setter helpers to use it. Add support in InitializeRuntime for seeding activation from a GLOBAL_API_KEY when no stored license exists: attempt remote activation, persist license on success, otherwise clear key and keep inactive state. Extract and reuse helper functions for printing the ‘License Registration Required’ banner and for license exchange/activation/heartbeat/deactivation requests using renamed helper functions. Update ComputeSessionSeed, DeriveInstanceToken, ActivateIntegrity, ValidateContext, GateMiddleware, LicenseRoutes, StartHeartbeat, and Shutdown to use the new field/func names and semantics, and to treat status strings and JSON fields as explicit values like "active", "tier", and "version". Extend GateMiddleware’s allowlist to always pass through static assets (svg, css, js, png, ico, woff2, woff, ttf) even when license is inactive.	pkg/core/c0.go
Standardize application versioning via VERSION file, build args, and ldflags, and propagate into Docker build and GitHub Actions workflow.	Change main.go default version from "dev" to "0.0.0" and update init() to only read VERSION file when still at the default, trimming whitespace and ignoring empty content. Update Dockerfile to copy VERSION from the build stage into the runtime image so the binary can read it at startup. Modify publish_docker_image GitHub Actions workflow to checkout submodules, read VERSION into an output, use that value and "latest" as Docker tags, set the build context explicitly, and pass VERSION as a build-arg.	cmd/evolution-go/main.go Dockerfile .github/workflows/publish_docker_image.yml
Adjust WhatsApp link sending to include an explicit video preview type when a thumbnail is used.	Within sendLinkWithRetry, introduce a previewType variable set to waE2E.ExtendedTextMessage_VIDEO and attach it to ExtendedTextMessage.PreviewType when building the message. Ensure the downloaded thumbnail bytes are still used as JPEGThumbnail alongside the new PreviewType.	pkg/sendMessage/service/send_service.go
Refresh built manager frontend assets and static references.	Update manager/dist/index.html to reference new hashed JS and CSS asset filenames. Remove the old hashed JS and CSS asset bundles that are no longer used from the dist tree.	manager/dist/index.html manager/dist/assets/index-CRnVAbpY.js manager/dist/assets/index-BsMXpWP7.css
Introduce GitHub issue and PR templates plus legal/brand documentation and related repo metadata.	Add English and Portuguese bug-report issue templates, capturing reproduction details, environment, logs, and version info. Add English and Portuguese feature-request issue templates with motivation, usage examples, and implementation ideas sections. Add TRADEMARKS.md describing the Evolution Foundation trademark and brand-asset policy and protected UI/identity elements. Add placeholder NOTICE file and .gitmodules plus a checked-in whatsmeow-lib entry (submodule or vendored directory) to support the project’s structure. Add a pull_request_template.md describing the expected structure of PRs (description, issue, type, testing, screenshots, checklist).	.github/ISSUE_TEMPLATE/-en--bug-report.yaml .github/ISSUE_TEMPLATE/-pt--reportar-bug.yaml .github/ISSUE_TEMPLATE/-en--feature-request.yaml .github/ISSUE_TEMPLATE/-pt--solicitar-recurso.yaml .github/pull_request_template.md TRADEMARKS.md NOTICE .gitmodules whatsmeow-lib

Possibly linked issues

• #(unlisted): Yes. By adding the whatsmeow-lib submodule and ensuring it’s checked out, the PR fixes the missing go.mod Docker build failure.

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've found 1 issue, and left some high level feedback:

• In the licensing HTTP helpers and routes (e.g., /v1/register/init, /v1/register/exchange, /v1/activate), json.NewDecoder(...).Decode(...) errors are ignored; consider checking and handling these errors explicitly before using the decoded structs to avoid panics or misleading responses when the licensing server returns malformed JSON.
• The static asset allowlist in GateMiddleware now includes a long set of hard-coded extensions; consider centralizing this list or using a helper (e.g., isStaticAsset(path)) so future asset types can be added in one place and the gate logic remains easier to read and maintain.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- In the licensing HTTP helpers and routes (e.g., `/v1/register/init`, `/v1/register/exchange`, `/v1/activate`), `json.NewDecoder(...).Decode(...)` errors are ignored; consider checking and handling these errors explicitly before using the decoded structs to avoid panics or misleading responses when the licensing server returns malformed JSON.
- The static asset allowlist in `GateMiddleware` now includes a long set of hard-coded extensions; consider centralizing this list or using a helper (e.g., `isStaticAsset(path)`) so future asset types can be added in one place and the gate logic remains easier to read and maintain.

## Individual Comments

### Comment 1
<location path="cmd/evolution-go/main.go" line_range="71-74" />
<code_context>
 var devMode = flag.Bool("dev", false, "Enable development mode")

-var version = "dev"
+var version = "0.0.0"

 func init() {
-	if version == "dev" {
+	// ldflags -X main.version= sets this at compile time.
+	// If not set (or still default), try reading from VERSION file.
+	if version == "0.0.0" {
</code_context>
<issue_to_address>
**suggestion (bug_risk):** Reading VERSION via relative path can break when working directory differs from binary location

This logic relies on `VERSION` being in the current working directory, which only holds in your container setup. In other contexts (different CWD, systemd units, tests) it will silently stay at `0.0.0`. To make this robust, either embed the VERSION value at build time, or resolve the file relative to the binary path (e.g. via `os.Executable()` + `filepath.Dir`).

Suggested implementation:

```golang
func init() {
	// ldflags -X main.version= sets this at compile time.
	// If not set (or still default), try reading from VERSION file located
	// alongside the executable (rather than the current working directory).
	if version == "0.0.0" {
		if exePath, err := os.Executable(); err == nil {
			versionPath := filepath.Join(filepath.Dir(exePath), "VERSION")

			if v, err := os.ReadFile(versionPath); err == nil {
				if trimmed := strings.TrimSpace(string(v)); trimmed != "" {
					version = trimmed
				}
			}
		}
	}
}

```

Ensure that `path/filepath` is imported in `cmd/evolution-go/main.go`, for example by adding:

```go
import (
    // existing imports...
    "path/filepath"
)
```

if it is not already present.
</issue_to_address>

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[sourcery-ai]

suggestion (bug_risk): Reading VERSION via relative path can break when working directory differs from binary location

This logic relies on VERSION being in the current working directory, which only holds in your container setup. In other contexts (different CWD, systemd units, tests) it will silently stay at 0.0.0. To make this robust, either embed the VERSION value at build time, or resolve the file relative to the binary path (e.g. via os.Executable() + filepath.Dir).

Suggested implementation:

func init() {
	// ldflags -X main.version= sets this at compile time.
	// If not set (or still default), try reading from VERSION file located
	// alongside the executable (rather than the current working directory).
	if version == "0.0.0" {
		if exePath, err := os.Executable(); err == nil {
			versionPath := filepath.Join(filepath.Dir(exePath), "VERSION")

			if v, err := os.ReadFile(versionPath); err == nil {
				if trimmed := strings.TrimSpace(string(v)); trimmed != "" {
					version = trimmed
				}
			}
		}
	}
}

Ensure that path/filepath is imported in cmd/evolution-go/main.go, for example by adding:

import (
    // existing imports...
    "path/filepath"
)

if it is not already present.