diff --git a/.github/dependabot.yml b/.github/dependabot.yml index 55253d3..ac5090f 100644 --- a/.github/dependabot.yml +++ b/.github/dependabot.yml @@ -1,9 +1,7 @@ -# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates - version: 2 updates: - package-ecosystem: "gomod" - directory: "/" # Location of package manifests + directory: "/" labels: - "🤖 Dependencies" schedule: diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml index 0bf600f..74b7c79 100644 --- a/.github/workflows/benchmark.yml +++ b/.github/workflows/benchmark.yml @@ -1,5 +1,24 @@ -on: [push] name: Benchmark + +on: + push: + branches: + - "master" + - "main" + paths-ignore: + - "**.md" + - LICENSE + - ".github/ISSUE_TEMPLATE/*.yml" + - ".github/dependabot.yml" + pull_request: + branches: + - "*" + paths-ignore: + - "**.md" + - LICENSE + - ".github/ISSUE_TEMPLATE/*.yml" + - ".github/dependabot.yml" + jobs: Compare: runs-on: ubuntu-latest @@ -8,15 +27,19 @@ jobs: uses: actions/setup-go@v5 with: go-version: 1.19.x + - name: Fetch Repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 + - name: Run Benchmark run: set -o pipefail; go test ./... -benchmem -run=^$ -bench . | tee output.txt + - name: Get Previous Benchmark Results uses: actions/cache@v3 with: path: ./cache key: ${{ runner.os }}-benchmark + - name: Save Benchmark Results uses: benchmark-action/github-action-benchmark@v1 with: diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 80937bb..cb20f5b 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -29,7 +29,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@v2 + uses: github/codeql-action/init@v3 # Override language selection by uncommenting this and choosing your languages with: languages: go @@ -37,7 +37,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@v2 + uses: github/codeql-action/autobuild@v3 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -51,4 +51,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v2 + uses: github/codeql-action/analyze@v3 diff --git a/.github/workflows/dependabot-automerge.yml b/.github/workflows/dependabot-automerge.yml index 0355ee9..da92776 100644 --- a/.github/workflows/dependabot-automerge.yml +++ b/.github/workflows/dependabot-automerge.yml @@ -28,7 +28,7 @@ jobs: steps: - name: Dependabot metadata id: metadata - uses: dependabot/fetch-metadata@v1.4.0 + uses: dependabot/fetch-metadata@v1.6.0 with: github-token: "${{ secrets.PR_TOKEN }}" - name: Enable auto-merge for Dependabot PRs diff --git a/.github/workflows/linter.yml b/.github/workflows/linter.yml index 26492c5..99dd926 100644 --- a/.github/workflows/linter.yml +++ b/.github/workflows/linter.yml @@ -1,11 +1,31 @@ -on: [push, pull_request] -name: Linter +name: Golangci Lint Check + +on: + push: + branches: + - "master" + - "main" + paths-ignore: + - "**.md" + - LICENSE + - ".github/ISSUE_TEMPLATE/*.yml" + - ".github/dependabot.yml" + pull_request: + branches: + - "*" + paths-ignore: + - "**.md" + - LICENSE + - ".github/ISSUE_TEMPLATE/*.yml" + - ".github/dependabot.yml" + jobs: Golint: runs-on: ubuntu-latest steps: - name: Fetch Repository - uses: actions/checkout@v3 + uses: actions/checkout@v4 + - name: Run Golint uses: reviewdog/action-golangci-lint@v2 with: diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 854a1d5..c6715a7 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -1,12 +1,42 @@ -on: [push, pull_request] -name: Security +name: Gosec Security Scan + +on: + push: + branches: + - "master" + - "main" + paths-ignore: + - "**.md" + - LICENSE + - ".github/ISSUE_TEMPLATE/*.yml" + - ".github/dependabot.yml" + pull_request: + branches: + - "*" + paths-ignore: + - "**.md" + - LICENSE + - ".github/ISSUE_TEMPLATE/*.yml" + - ".github/dependabot.yml" + jobs: - Gosec: + gosec-scan: runs-on: ubuntu-latest + env: + GO111MODULE: on steps: - name: Fetch Repository - uses: actions/checkout@v3 - - name: Run Gosec - uses: securego/gosec@master + uses: actions/checkout@v4 + + - name: Install Go + uses: actions/setup-go@v5 with: - args: -exclude-dir=internal/*/ ./... \ No newline at end of file + go-version: 'oldstable' + check-latest: true + cache: false + + - name: Install Gosec + run: go install github.com/securego/gosec/v2/cmd/gosec@latest + + - name: Run Gosec + run: gosec -exclude-dir=internal ./... diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml index 2a9bc93..36fc59e 100644 --- a/.github/workflows/test.yml +++ b/.github/workflows/test.yml @@ -2,41 +2,37 @@ on: push: branches: - master + - main + paths: + - "**" + - "!docs/**" + - "!**.md" pull_request: -name: Tests + paths: + - "**" + - "!docs/**" + - "!**.md" + +name: Test jobs: - Tests: + Build: strategy: matrix: - go-version: [1.19.x, 1.20.x] + go-version: [1.19.x, 1.20.x, 1.21.x] platform: [ubuntu-latest, windows-latest, macos-latest] runs-on: ${{ matrix.platform }} steps: - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: ${{ matrix.go-version }} - - name: Setup Golang caches - uses: actions/cache@v3 - with: - # In order: - # * Module download cache - # * Build cache (Linux) - # * Build cache (Mac) - # * Build cache (Windows) - path: | - ~/go/pkg/mod - ~/.cache/go-build - ~/Library/Caches/go-build - ~\AppData\Local\go-build - key: ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }} - restore-keys: | - ${{ runner.os }}-go-${{ matrix.go-version }}- - - name: Fetch Repository - uses: actions/checkout@v3 - - name: Run Test - uses: nick-fields/retry@v2 - with: - max_attempts: 3 - timeout_minutes: 15 - command: go test ./... -v -race + - name: Fetch Repository + uses: actions/checkout@v4 + + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: ${{ matrix.go-version }} + + - name: Run Test + uses: nick-fields/retry@v2 + with: + max_attempts: 3 + timeout_minutes: 15 + command: go test ./... -v -race -count=1 \ No newline at end of file diff --git a/.github/workflows/vulncheck.yml b/.github/workflows/vulncheck.yml index ab18ebe..a36018e 100644 --- a/.github/workflows/vulncheck.yml +++ b/.github/workflows/vulncheck.yml @@ -1,19 +1,38 @@ -on: [push, pull_request_target] name: Vulnerability Check + +on: + push: + branches: + - master + - main + paths: + - "**" + - "!docs/**" + - "!**.md" + pull_request: + paths: + - "**" + - "!docs/**" + - "!**.md" + jobs: - Security: + govulncheck-check: runs-on: ubuntu-latest + env: + GO111MODULE: on steps: - - name: Install Go - uses: actions/setup-go@v5 - with: - go-version: 1.19.x - - name: Fetch Repository - uses: actions/checkout@v3 - - name: Install Govulncheck - run: | - export GO111MODULE=on - export PATH=${PATH}:`go env GOPATH`/bin - go install golang.org/x/vuln/cmd/govulncheck@latest - - name: Run Govulncheck - run: "`go env GOPATH`/bin/govulncheck ./..." + - name: Fetch Repository + uses: actions/checkout@v4 + + - name: Install Go + uses: actions/setup-go@v5 + with: + go-version: "stable" + check-latest: true + cache: false + + - name: Install Govulncheck + run: go install golang.org/x/vuln/cmd/govulncheck@latest + + - name: Run Govulncheck + run: govulncheck ./... diff --git a/file_test.go b/file_test.go index 524616e..f57e6b7 100644 --- a/file_test.go +++ b/file_test.go @@ -4,6 +4,7 @@ import ( "io/fs" "net/http" "os" + "runtime" "testing" "github.com/stretchr/testify/require" @@ -15,7 +16,13 @@ func Test_ReadFile(t *testing.T) { testFS := http.FS(os.DirFS(".github/tests")) file, err := ReadFile("john.txt", testFS) - require.Equal(t, string(file), "doe\n") + switch runtime.GOOS { + case "windows": + require.Equal(t, string(file), "doe\r\n") + default: + require.Equal(t, string(file), "doe\n") + } + require.NoError(t, err) } diff --git a/go.mod b/go.mod index 6503ef7..a84f5d4 100644 --- a/go.mod +++ b/go.mod @@ -3,8 +3,8 @@ module github.com/gofiber/utils/v2 go 1.19 require ( - github.com/google/uuid v1.3.0 - github.com/stretchr/testify v1.8.3 + github.com/google/uuid v1.5.0 + github.com/stretchr/testify v1.8.4 ) require ( diff --git a/go.sum b/go.sum index 3f21246..53bfb8c 100644 --- a/go.sum +++ b/go.sum @@ -1,11 +1,11 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I= -github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= +github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU= +github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo= github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY= -github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= +github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk= +github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=