1
0
Fork 0
mirror of https://github.com/Luzifer/go_helpers.git synced 2024-12-25 05:21:20 +00:00
Commit graph

83 commits

Author SHA1 Message Date
fe36f52937
Add CSP helper
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-06-17 14:37:18 +02:00
6aae1097dd
prepare release v2.19.0 2023-06-16 11:44:06 +02:00
18ec694696
Add http.NoListFS
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-06-16 11:41:31 +02:00
8899d95437
Update dependencies, fix multiple CVEs
Total: 9 (UNKNOWN: 0, LOW: 0, MEDIUM: 2, HIGH: 7, CRITICAL: 0)

┌───────────────────┬────────────────┬──────────┬───────────────────────────────────┬───────────────────────────────────┬──────────────────────────────────────────────────────────────┐
│      Library      │ Vulnerability  │ Severity │         Installed Version         │           Fixed Version           │                            Title                             │
├───────────────────┼────────────────┼──────────┼───────────────────────────────────┼───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│ golang.org/x/net  │ CVE-2021-33194 │ HIGH     │ 0.0.0-20210119194325-5f4716e94777 │ 0.0.0-20210520170846-37e1c6afe023 │ golang: x/net/html: infinite loop in ParseFragment           │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2021-33194                   │
│                   ├────────────────┤          │                                   ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│                   │ CVE-2021-44716 │          │                                   │ 0.0.0-20211209124913-491a49abca63 │ golang: net/http: limit growth of header canonicalization    │
│                   │                │          │                                   │                                   │ cache                                                        │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2021-44716                   │
│                   ├────────────────┤          │                                   ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│                   │ CVE-2022-27664 │          │                                   │ 0.0.0-20220906165146-f3363e06e74c │ handle server errors after sending GOAWAY                    │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2022-27664                   │
│                   ├────────────────┤          │                                   ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│                   │ CVE-2022-41723 │          │                                   │ 0.7.0                             │ avoid quadratic complexity in HPACK decoding                 │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2022-41723                   │
│                   ├────────────────┼──────────┤                                   ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│                   │ CVE-2021-31525 │ MEDIUM   │                                   │ 0.0.0-20210428140749-89ef3d95e781 │ golang: net/http: panic in ReadRequest and ReadResponse when │
│                   │                │          │                                   │                                   │ reading a very large...                                      │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2021-31525                   │
│                   ├────────────────┤          │                                   ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│                   │ CVE-2022-41717 │          │                                   │ 0.4.0                             │ excessive memory growth in a Go server accepting HTTP/2      │
│                   │                │          │                                   │                                   │ requests                                                     │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2022-41717                   │
├───────────────────┼────────────────┼──────────┼───────────────────────────────────┼───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│ golang.org/x/text │ CVE-2021-38561 │ HIGH     │ 0.3.5                             │ 0.3.7                             │ out-of-bounds read in golang.org/x/text/language leads to    │
│                   │                │          │                                   │                                   │ DoS                                                          │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2021-38561                   │
│                   ├────────────────┤          │                                   ├───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│                   │ CVE-2022-32149 │          │                                   │ 0.3.8                             │ ParseAcceptLanguage takes a long time to parse complex tags  │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2022-32149                   │
├───────────────────┼────────────────┤          ├───────────────────────────────────┼───────────────────────────────────┼──────────────────────────────────────────────────────────────┤
│ gopkg.in/yaml.v3  │ CVE-2022-28948 │          │ 3.0.0-20210107192922-496545a6307b │ 3.0.0-20220521103104-8f96da9f5d5e │ crash when attempting to deserialize invalid input           │
│                   │                │          │                                   │                                   │ https://avd.aquasec.com/nvd/cve-2022-28948                   │
└───────────────────┴────────────────┴──────────┴───────────────────────────────────┴───────────────────────────────────┴──────────────────────────────────────────────────────────────┘

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-06-16 11:41:01 +02:00
34a40a0b52
prepare release v2.18.0 2023-06-10 16:59:02 +02:00
84961abdf9
Add file.FSStack implementation
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-06-10 16:58:44 +02:00
b1f81b0d32
prepare release v2.17.1 2023-05-19 14:15:17 +02:00
44c39c2599
Fix: Prevent panics when no arguments are given
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-05-19 14:15:02 +02:00
9d7bd03948
prepare release v2.17.0 2023-05-19 14:09:45 +02:00
2c3bf95990
Add simple CLI helper
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-05-19 14:09:20 +02:00
233ea21df6
prepare release v2.16.0 2023-03-19 02:00:19 +01:00
d67686d26f
Allow to set watcher to follow symlinks
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-03-19 01:59:31 +01:00
98aacbd5ad
Drop support for Go 1.18 in tests
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-03-18 15:38:40 +01:00
f46f05de81
prepare release v2.15.3 2023-03-18 15:38:06 +01:00
59906b06e8
Fix: Tests broken after last change
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-03-18 15:37:42 +01:00
ddaaf041d9
prepare release v2.15.2 2023-03-18 15:27:35 +01:00
d1f1007b33
Fix logic bug in run loop, replace Stat with Lstat
in order to use a less expensive syscall when applied to symlinks like
in Kubernetes ConfigMap mounts

Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-03-18 15:26:18 +01:00
39823d6cdd
prepare release v2.15.1 2023-03-07 15:32:04 +01:00
3102850bbe
Update dependencies
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-03-07 15:30:30 +01:00
86f2e14325
prepare release v2.15.0 2023-02-06 18:33:17 +01:00
68572d1889
Add http.LogRoundTripper helper for request debugging
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-02-06 15:47:21 +01:00
523cc2d8d5
prepare release v2.14.0 2023-01-28 19:28:37 +01:00
2afb800b7a
Add test as Github workflow
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-01-28 19:03:34 +01:00
36c4490cff
Implement file.Watcher
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-01-28 18:43:04 +01:00
9eea964145
Drop travis support
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2023-01-28 18:42:55 +01:00
b4b5533ac2
prepare release v2.13.0 2021-11-20 21:31:19 +01:00
ef1d23bd3d
Add fieldcollection helper
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2021-11-20 21:30:58 +01:00
df7499b011
prepare release v2.12.2 2021-03-09 23:26:30 +01:00
82b334b3d3
Fix: Do not panic on weird env list entries
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2021-03-09 23:25:57 +01:00
76c41f9c37
prepare release v2.12.1 2021-02-06 22:55:26 +01:00
40971339a1
Fix: Pass in logger
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2021-02-06 22:55:12 +01:00
898da31d9a
prepare release v2.12.0 2021-02-06 22:42:22 +01:00
65531362a6
Update dependencies
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2021-02-06 22:42:07 +01:00
171f74b174
Allow to pass in a logger for HTTP logs
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2021-02-06 22:39:56 +01:00
e7a1201f43
Update imports to v2 import paths
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2021-02-06 22:39:17 +01:00
bf27164716
prepare release v2.11.0 2020-08-07 14:31:27 +02:00
e40abec1d4
Add convenience wrapper around property sets
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2020-08-07 14:30:56 +02:00
75dc1cf54b
Drop support for Go <1.13
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-11-15 17:09:08 +01:00
226d9033a3
Add test for successful execution
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-11-15 16:49:01 +01:00
e3143a022a
prepare release v2.10.0 2019-11-15 16:36:09 +01:00
4db41332c1
Add backoff retry-helper
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-11-15 16:35:59 +01:00
dabc93c52b
prepare release v2.9.1 2019-02-28 20:15:29 +01:00
730cb15cbf
Fix unversioned import paths
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-28 20:15:04 +01:00
a29d3f74e6
Drop support for older Go versions
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-28 19:35:20 +01:00
77c32c00ab
prepare release v2.9.0 2019-02-28 19:22:41 +01:00
69d3203641
Add support for Go 1.11+ modules
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2019-02-28 19:22:26 +01:00
bbca439865
prepare release v2.8.1 2018-11-19 00:28:20 +01:00
f8065b8366
Also log query parameters
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-11-19 00:27:55 +01:00
c3bea85c97
prepare release v2.8.0 2018-09-17 21:19:35 +02:00
6368adb2ad
Add GZip wrapper
Signed-off-by: Knut Ahlers <knut@ahlers.me>
2018-09-17 21:19:20 +02:00