* chore: bump version to 1.8.1

🐾 Generated by 小源 (OpenClaw AI Assistant)

* ci: add golangci-lint and security scan workflows (#302)

* ci: add golangci-lint and security scan workflows

- Add .golangci.yml with gradual enablement configuration
  - Enable basic linters: errcheck, govet, staticcheck, unused, ineffassign, gosimple
  - Enable gosec for security scanning
  - Exclude framework design decisions (weak crypto, file paths, etc.)
  - Exclude test files and example directory

- Add .github/workflows/security.yml
  - govulncheck for dependency vulnerability scanning
  - gosec for code security scanning
  - Weekly scheduled scans (every Monday)
  - continue-on-error for gradual adoption

- Remove outdated .github/workflows/go.yml (Go 1.20, duplicate with test.yml)

Test: go build ./... ✅, go test ./... ✅, golangci-lint ✅

* fix: upgrade Go version to 1.23 in CI workflows

- Update test.yml: use Go 1.23 for coverage upload
- Update security.yml: use Go 1.23 for govulncheck

This fixes GO-2025-3563 (HTTP request smuggling) vulnerability
present in Go 1.22.x standard library.

* fix: upgrade Go version to 1.24 to fix govulncheck vulnerabilities

- Upgrade security.yml to Go 1.24
- Update test.yml matrix to [1.22, 1.23, 1.24]
- Update go.mod to Go 1.22 (minimum version)
- Fix 12 Go standard library vulnerabilities:
  - GO-2026-4341: net/url memory exhaustion
  - GO-2026-4340: crypto/tls handshake issue
  - GO-2026-4337: crypto/tls session resumption
  - GO-2025-4175: crypto/x509 certificate validation
  - GO-2025-4155: crypto/x509 resource consumption
  - GO-2025-4013: crypto/x509 DSA public key
  - GO-2025-4012: net/http cookie parsing
  - GO-2025-4011: encoding/asn1 memory exhaustion
  - GO-2025-4010: net/url IPv6 parsing
  - GO-2025-4009: encoding/pem complexity
  - GO-2025-4008: crypto/tls ALPN info leak
  - GO-2025-4007: crypto/x509 name constraints

* chore: upgrade Go version requirement to 1.24

- go.mod: Go 1.22 -> Go 1.24 (minimum version requirement)
- test.yml: Test matrix [1.24, 1.25, 1.26]
- security.yml: Use Go 1.25 for security scan

* docs: update Go version requirements in README

- Minimum Go version: 1.24+
- Add Go version support table
- Add security warning for Go < 1.24
- Update dependency section with Go version info
- List 12 known vulnerabilities in Go < 1.24

---------

Co-authored-by: devfeel <devfeel@users.noreply.github.com>

* feat: migrate Redis client from redigo to go-redis/v9 (#304)

* feat: migrate Redis client from redigo to go-redis/v9

Breaking Changes:
- Internal implementation changed from garyburd/redigo to redis/go-redis/v9
- GetConn() now returns interface{} instead of redis.Conn for backwards compatibility

Features:
- All 56 public methods maintain API compatibility
- Connection pool managed by go-redis/v9 with MinIdleConns and PoolSize
- Context support in internal implementation
- Modern Redis client with active maintenance

Migration:
- github.com/garyburd/redigo v1.6.0 (deprecated) -> removed
- github.com/redis/go-redis/v9 v9.18.0 -> added

Testing:
- All tests pass (skip when Redis not available)
- Compatible with existing cache/redis and session/redis modules

This is Phase 2 of the Redis client migration project.
Phase 1: Add unit tests (PR #303)
Phase 2: Migrate to go-redis/v9 (this PR)
Phase 3: Performance testing
Phase 4: Documentation and release

* feat: migrate Redis client from redigo to go-redis/v9

Breaking Changes:
- Internal implementation changed from garyburd/redigo to redis/go-redis/v9
- GetConn() now returns interface{} instead of redis.Conn for backwards compatibility

Features:
- All 56 public methods maintain API compatibility
- Connection pool managed by go-redis/v9 with MinIdleConns and PoolSize
- Context support in internal implementation
- Modern Redis client with active maintenance

Migration:
- github.com/garyburd/redigo v1.6.0 (deprecated) -> removed
- github.com/redis/go-redis/v9 v9.18.0 -> added

Testing:
- All tests pass (skip when Redis not available)
- Compatible with existing cache/redis and session/redis modules

Notes:
- Security Scan uses Go 1.24 (continue-on-error: true)
- Go 1.24 has crypto/x509 vulnerabilities, but we keep it for compatibility
- Will upgrade to Go 1.26+ in future release

This is Phase 2 of the Redis client migration project.
Phase 1: Add unit tests (PR #303)
Phase 2: Migrate to go-redis/v9 (this PR)

---------

Co-authored-by: devfeel <devfeel@users.noreply.github.com>

---------

Co-authored-by: devfeel <devfeel@users.noreply.github.com>

- Add defer ca.Unlock() in Incr() and Decr() functions
- Fix potential deadlock when error occurs in type switch
- Pass race detection test

Co-authored-by: AI Assistant <ai@devfeel.io>

* security: add XXE protection for XML parsing

* test: add XML parsing security tests