diff --git a/go.mod b/go.mod
index 0a3e08b24..327c591b6 100644
--- a/go.mod
+++ b/go.mod
@@ -18,12 +18,12 @@ require (
github.com/prometheus-operator/prometheus-operator/pkg/client v0.65.2
github.com/prometheus/client_golang v1.16.0
github.com/prometheus/client_model v0.4.0
- github.com/securego/gosec/v2 v2.16.0
+ github.com/securego/gosec/v2 v2.17.0
github.com/sirupsen/logrus v1.9.3
github.com/spf13/cobra v1.7.0
github.com/stretchr/testify v1.8.4
golang.org/x/mod v0.12.0
- golang.org/x/net v0.12.0
+ golang.org/x/net v0.14.0
k8s.io/api v0.27.4
k8s.io/apiextensions-apiserver v0.27.2
k8s.io/apimachinery v0.27.4
@@ -35,6 +35,7 @@ require (
require (
github.com/beorn7/perks v1.0.1 // indirect
+ github.com/ccojocar/zxcvbn-go v1.0.1 // indirect
github.com/cespare/xxhash/v2 v2.2.0 // indirect
github.com/coreos/go-semver v0.3.1 // indirect
github.com/coreos/go-systemd/v22 v22.5.0 // indirect
@@ -57,7 +58,7 @@ require (
github.com/google/go-cmp v0.5.9 // indirect
github.com/google/gofuzz v1.2.0 // indirect
github.com/google/uuid v1.3.0 // indirect
- github.com/gookit/color v1.5.3 // indirect
+ github.com/gookit/color v1.5.4 // indirect
github.com/imdario/mergo v0.3.13 // indirect
github.com/inconshreveable/mousetrap v1.1.0 // indirect
github.com/josharian/intern v1.0.0 // indirect
@@ -69,7 +70,6 @@ require (
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
github.com/modern-go/reflect2 v1.0.2 // indirect
github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 // indirect
- github.com/nbutton23/zxcvbn-go v0.0.0-20210217022336-fa2cb2858354 // indirect
github.com/nxadm/tail v1.4.8 // indirect
github.com/pmezard/go-difflib v1.0.0 // indirect
github.com/prometheus/common v0.42.0 // indirect
@@ -81,11 +81,11 @@ require (
go.uber.org/multierr v1.9.0 // indirect
go.uber.org/zap v1.24.0 // indirect
golang.org/x/oauth2 v0.10.0 // indirect
- golang.org/x/sys v0.10.0 // indirect
- golang.org/x/term v0.10.0 // indirect
- golang.org/x/text v0.11.0 // indirect
+ golang.org/x/sys v0.11.0 // indirect
+ golang.org/x/term v0.11.0 // indirect
+ golang.org/x/text v0.12.0 // indirect
golang.org/x/time v0.3.0 // indirect
- golang.org/x/tools v0.9.3 // indirect
+ golang.org/x/tools v0.12.0 // indirect
gomodules.xyz/jsonpatch/v2 v2.3.0 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/protobuf v1.31.0 // indirect
diff --git a/go.sum b/go.sum
index ffa3e0034..a8c8cc632 100644
--- a/go.sum
+++ b/go.sum
@@ -69,6 +69,8 @@ github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6r
github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
github.com/blang/semver v3.5.0+incompatible/go.mod h1:kRBLl5iJ+tD4TcOOxsy/0fnwebNt5EWlYSAyrTnjyyk=
github.com/buger/jsonparser v1.1.1/go.mod h1:6RYKKt7H4d4+iWqouImQ9R2FZql3VbhNgx27UK13J/0=
+github.com/ccojocar/zxcvbn-go v1.0.1 h1:+sxrANSCj6CdadkcMnvde/GWU1vZiiXRbqYSCalV4/4=
+github.com/ccojocar/zxcvbn-go v1.0.1/go.mod h1:g1qkXtUSvHP8lhHp5GrSmTz6uWALGRMQdw6Qnz/hi60=
github.com/cenkalti/backoff/v4 v4.2.1 h1:y4OZtCnogmCPw98Zjyt5a6+QwPLGkiQsYW5oUqylYbM=
github.com/cenkalti/backoff/v4 v4.2.1/go.mod h1:Y3VNntkOUPxTVeUxJ/G5vcM//AlwfmyYozVcomhLiZE=
github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
@@ -373,8 +375,8 @@ github.com/googleapis/gax-go/v2 v2.0.5/go.mod h1:DWXyrwAJ9X0FpwwEdw+IPEYBICEFu5m
github.com/googleapis/gnostic v0.0.0-20170729233727-0c5108395e2d/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/googleapis/gnostic v0.1.0/go.mod h1:sJBsCZ4ayReDTBIg8b9dl28c5xFWyhBTVRp3pOg5EKY=
github.com/googleapis/gnostic v0.4.1/go.mod h1:LRhVm6pbyptWbWbuZ38d1eyptfvIytN3ir6b65WBswg=
-github.com/gookit/color v1.5.3 h1:twfIhZs4QLCtimkP7MOxlF3A0U/5cDPseRT9M/+2SCE=
-github.com/gookit/color v1.5.3/go.mod h1:NUzwzeehUfl7GIb36pqId+UGmRfQcU/WiiyTTeNjHtE=
+github.com/gookit/color v1.5.4 h1:FZmqs7XOyGgCAxmWyPslpiok1k05wmY3SJTytgvYFs0=
+github.com/gookit/color v1.5.4/go.mod h1:pZJOeOS8DM43rXbp4AZo1n9zCU2qjpcRko0b6/QJi9w=
github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
github.com/gorilla/mux v0.0.0-20191024121256-f395758b854c/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
github.com/gorilla/mux v1.7.4/go.mod h1:DVbg23sWSpFRCP0SfiEN6jmj59UnW/n46BH5rLB71So=
@@ -508,8 +510,6 @@ github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f/go.mod h1:ZdcZmHo+
github.com/nbutton23/zxcvbn-go v0.0.0-20160627004424-a22cb81b2ecd/go.mod h1:o96djdrsSGy3AWPyBgZMAGfxZNfgntdJG+11KU4QvbU=
github.com/nbutton23/zxcvbn-go v0.0.0-20171102151520-eafdab6b0663/go.mod h1:o96djdrsSGy3AWPyBgZMAGfxZNfgntdJG+11KU4QvbU=
github.com/nbutton23/zxcvbn-go v0.0.0-20180912185939-ae427f1e4c1d/go.mod h1:o96djdrsSGy3AWPyBgZMAGfxZNfgntdJG+11KU4QvbU=
-github.com/nbutton23/zxcvbn-go v0.0.0-20210217022336-fa2cb2858354 h1:4kuARK6Y6FxaNu/BnU2OAaLF86eTVhP2hjTB6iMvItA=
-github.com/nbutton23/zxcvbn-go v0.0.0-20210217022336-fa2cb2858354/go.mod h1:KSVJerMDfblTH7p5MZaTt+8zaT2iEk3AkVb9PQdZuE8=
github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
@@ -619,8 +619,8 @@ github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQD
github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
github.com/ryanuber/go-glob v0.0.0-20170128012129-256dc444b735/go.mod h1:807d1WSdnB0XRJzKNil9Om6lcp/3a0v4qIHxIXzX/Yc=
github.com/securego/gosec v0.0.0-20191002120514-e680875ea14d/go.mod h1:w5+eXa0mYznDkHaMCXA4XYffjlH+cy1oyKbfzJXa2Do=
-github.com/securego/gosec/v2 v2.16.0 h1:Pi0JKoasQQ3NnoRao/ww/N/XdynIB9NRYYZT5CyOs5U=
-github.com/securego/gosec/v2 v2.16.0/go.mod h1:xvLcVZqUfo4aAQu56TNv7/Ltz6emAOQAEsrZrt7uGlI=
+github.com/securego/gosec/v2 v2.17.0 h1:ZpAStTDKY39insEG9OH6kV3IkhQZPTq9a9eGOLOjcdI=
+github.com/securego/gosec/v2 v2.17.0/go.mod h1:lt+mgC91VSmriVoJLentrMkRCYs+HLTBnUFUBuhV2hc=
github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
github.com/shirou/gopsutil v0.0.0-20180427012116-c95755e4bcd7/go.mod h1:5b4v6he4MtMOwMlS0TUMTu2PcXUg8+E1lC7eC3UO/RA=
github.com/shirou/w32 v0.0.0-20160930032740-bb4de0191aa4/go.mod h1:qsXQc7+bwAM3Q1u/4XEfrquwF8Lw7D7y5cD8CuHnfIc=
@@ -666,7 +666,6 @@ github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw=
github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo=
-github.com/stretchr/testify v1.1.4/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
@@ -819,8 +818,8 @@ golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81R
golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
golang.org/x/net v0.0.0-20210805182204-aaa1db679c0d/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.12.0 h1:cfawfvKITfUsFCeJIHJrbSxpeu/E81khclypR0GVT50=
-golang.org/x/net v0.12.0/go.mod h1:zEVYFnQC7m/vmpQFELhcD1EWkZlX69l4oqgmer6hfKA=
+golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14=
+golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI=
golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
golang.org/x/oauth2 v0.0.0-20190604053449-0f29369cfe45/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
@@ -837,7 +836,7 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ
golang.org/x/sync v0.0.0-20200317015054-43a5402ce75a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.2.0 h1:PUR+T4wwASmuSTYdKjYHI5TD22Wy5ogLU5qZCOLxBrI=
+golang.org/x/sync v0.3.0 h1:ftCYgMx6zT/asHUrPw8BLLscYtGznsLAnjq5RH9P66E=
golang.org/x/sys v0.0.0-20170830134202-bb24a47a89ea/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20171026204733-164713f0dfce/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -886,11 +885,11 @@ golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBc
golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.10.0 h1:SqMFp9UcQJZa+pmYuAKjd9xq1f0j5rLcDIk0mj4qAsA=
-golang.org/x/sys v0.10.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM=
+golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/term v0.10.0 h1:3R7pNqamzBraeqj/Tj8qt1aQ2HpmlC+Cx/qL/7hn4/c=
-golang.org/x/term v0.10.0/go.mod h1:lpqdcUyK/oCiQxvxVrppt5ggO2KCZ5QblwqPnfZ6d5o=
+golang.org/x/term v0.11.0 h1:F9tnn/DA/Im8nCwm+fX+1/eBwi4qFjRT++MhtVC4ZX0=
+golang.org/x/term v0.11.0/go.mod h1:zC9APTIj3jG3FdV/Ons+XE1riIZXG4aZ4GTHiPZJPIU=
golang.org/x/text v0.0.0-20160726164857-2910a502d2bf/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.0.0-20170915090833-1cbadb444a80/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
@@ -899,8 +898,8 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.5/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.11.0 h1:LAntKIrcmeSKERyiOh0XMV39LXS8IE9UL2yP7+f5ij4=
-golang.org/x/text v0.11.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
+golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc=
+golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE=
golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20181108054448-85acf8d2951c/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
golang.org/x/time v0.0.0-20190308202827-9d24e82272b4/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
@@ -949,8 +948,8 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY
golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM=
-golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc=
+golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss=
+golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/vendor/github.com/ccojocar/zxcvbn-go/.gitignore b/vendor/github.com/ccojocar/zxcvbn-go/.gitignore
new file mode 100644
index 000000000..e032cc2fc
--- /dev/null
+++ b/vendor/github.com/ccojocar/zxcvbn-go/.gitignore
@@ -0,0 +1,5 @@
+zxcvbn
+debug.test
+
+# SBOMs generated during CI
+/bom.json
diff --git a/vendor/github.com/ccojocar/zxcvbn-go/.golangci.yml b/vendor/github.com/ccojocar/zxcvbn-go/.golangci.yml
new file mode 100644
index 000000000..b54f70092
--- /dev/null
+++ b/vendor/github.com/ccojocar/zxcvbn-go/.golangci.yml
@@ -0,0 +1,39 @@
+linters:
+ enable:
+ - asciicheck
+ - bodyclose
+ - dogsled
+ - durationcheck
+ - errcheck
+ - errorlint
+ - exportloopref
+ - gci
+ - ginkgolinter
+ - gofmt
+ - gofumpt
+ - goimports
+ - gosimple
+ - govet
+ - importas
+ - ineffassign
+ - megacheck
+ - misspell
+ - nakedret
+ - nolintlint
+ - revive
+ - staticcheck
+ - typecheck
+ - unconvert
+ - unparam
+ - unused
+ - wastedassign
+
+linters-settings:
+ gci:
+ sections:
+ - standard
+ - default
+ - prefix(github.com/ccojocar)
+
+run:
+ timeout: 5m
diff --git a/vendor/github.com/ccojocar/zxcvbn-go/.goreleaser.yml b/vendor/github.com/ccojocar/zxcvbn-go/.goreleaser.yml
new file mode 100644
index 000000000..2386aeee5
--- /dev/null
+++ b/vendor/github.com/ccojocar/zxcvbn-go/.goreleaser.yml
@@ -0,0 +1,27 @@
+---
+project_name: zxcvbn-go
+
+release:
+ extra_files:
+ - glob: ./bom.json
+ github:
+ owner: ccojocar
+ name: zxcvbn-go
+
+builds:
+ - main: ./testapp/
+ binary: zxcvbn-go
+ goos:
+ - darwin
+ - linux
+ - windows
+ goarch:
+ - amd64
+ - arm64
+ - s390x
+ ldflags: -X main.Version={{.Version}} -X main.GitTag={{.Tag}} -X main.BuildDate={{.Date}}
+ env:
+ - CGO_ENABLED=0
+
+gomod:
+ proxy: true
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/LICENSE.txt b/vendor/github.com/ccojocar/zxcvbn-go/LICENSE.txt
similarity index 100%
rename from vendor/github.com/nbutton23/zxcvbn-go/LICENSE.txt
rename to vendor/github.com/ccojocar/zxcvbn-go/LICENSE.txt
diff --git a/vendor/github.com/ccojocar/zxcvbn-go/Makefile b/vendor/github.com/ccojocar/zxcvbn-go/Makefile
new file mode 100644
index 000000000..0690f3753
--- /dev/null
+++ b/vendor/github.com/ccojocar/zxcvbn-go/Makefile
@@ -0,0 +1,61 @@
+GIT_TAG?= $(shell git describe --always --tags)
+BIN = zxcvbn-go
+FMT_CMD = $(gofmt -s -l -w $(find . -type f -name '*.go' -not -path './vendor/*') | tee /dev/stderr)
+IMAGE_REPO = ccojocar
+DATE_FMT=+%Y-%m-%d
+ifdef SOURCE_DATE_EPOCH
+ BUILD_DATE ?= $(shell date -u -d "@$(SOURCE_DATE_EPOCH)" "$(DATE_FMT)" 2>/dev/null || date -u -r "$(SOURCE_DATE_EPOCH)" "$(DATE_FMT)" 2>/dev/null || date -u "$(DATE_FMT)")
+else
+ BUILD_DATE ?= $(shell date "$(DATE_FMT)")
+endif
+BUILDFLAGS := "-w -s -X 'main.Version=$(GIT_TAG)' -X 'main.GitTag=$(GIT_TAG)' -X 'main.BuildDate=$(BUILD_DATE)'"
+CGO_ENABLED = 0
+GO := GO111MODULE=on go
+GO_NOMOD :=GO111MODULE=off go
+GOPATH ?= $(shell $(GO) env GOPATH)
+GOBIN ?= $(GOPATH)/bin
+GO_MINOR_VERSION = $(shell $(GO) version | cut -c 14- | cut -d' ' -f1 | cut -d'.' -f2)
+GOVULN_MIN_VERSION = 17
+GO_VERSION = 1.20
+
+default:
+ $(MAKE) test
+
+install-govulncheck:
+ @if [ $(GO_MINOR_VERSION) -gt $(GOVULN_MIN_VERSION) ]; then \
+ go install golang.org/x/vuln/cmd/govulncheck@latest; \
+ fi
+
+test-all: fmt vet lint sec govulncheck test
+
+test:
+ go test -v ./...
+
+fmt:
+ @echo "FORMATTING"
+ @FORMATTED=`$(GO) fmt ./...`
+ @([ ! -z "$(FORMATTED)" ] && printf "Fixed unformatted files:\n$(FORMATTED)") || true
+
+vet:
+ @echo "VETTING"
+ $(GO) vet ./...
+
+lint:
+ @echo "LINTING: golangci-lint"
+ golangci-lint run
+
+sec:
+ @echo "SECURITY SCANNING"
+ gosec ./...
+
+govulncheck: install-govulncheck
+ @echo "CHECKING VULNERABILITIES"
+ @if [ $(GO_MINOR_VERSION) -gt $(GOVULN_MIN_VERSION) ]; then \
+ govulncheck ./...; \
+ fi
+
+clean:
+ rm -rf build vendor dist coverage.txt
+ rm -f release image $(BIN)
+
+.PHONY: test test-all fmt vet govulncheck clean
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/README.md b/vendor/github.com/ccojocar/zxcvbn-go/README.md
similarity index 100%
rename from vendor/github.com/nbutton23/zxcvbn-go/README.md
rename to vendor/github.com/ccojocar/zxcvbn-go/README.md
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/adjacency/adjcmartix.go b/vendor/github.com/ccojocar/zxcvbn-go/adjacency/adjcmartix.go
similarity index 82%
rename from vendor/github.com/nbutton23/zxcvbn-go/adjacency/adjcmartix.go
rename to vendor/github.com/ccojocar/zxcvbn-go/adjacency/adjcmartix.go
index 66ad30b82..34526685c 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/adjacency/adjcmartix.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/adjacency/adjcmartix.go
@@ -4,7 +4,7 @@ import (
"encoding/json"
"log"
- "github.com/nbutton23/zxcvbn-go/data"
+ "github.com/ccojocar/zxcvbn-go/data"
)
// Graph holds information about different graphs
@@ -25,7 +25,7 @@ func init() {
GraphMap["l33t"] = BuildLeet()
}
-//BuildQwerty builds the Qwerty Graph
+// BuildQwerty builds the Qwerty Graph
func BuildQwerty() Graph {
data, err := data.Asset("data/Qwerty.json")
if err != nil {
@@ -34,7 +34,7 @@ func BuildQwerty() Graph {
return getAdjancencyGraphFromFile(data, "qwerty")
}
-//BuildDvorak builds the Dvorak Graph
+// BuildDvorak builds the Dvorak Graph
func BuildDvorak() Graph {
data, err := data.Asset("data/Dvorak.json")
if err != nil {
@@ -43,7 +43,7 @@ func BuildDvorak() Graph {
return getAdjancencyGraphFromFile(data, "dvorak")
}
-//BuildKeypad builds the Keypad Graph
+// BuildKeypad builds the Keypad Graph
func BuildKeypad() Graph {
data, err := data.Asset("data/Keypad.json")
if err != nil {
@@ -52,7 +52,7 @@ func BuildKeypad() Graph {
return getAdjancencyGraphFromFile(data, "keypad")
}
-//BuildMacKeypad builds the Mac Keypad Graph
+// BuildMacKeypad builds the Mac Keypad Graph
func BuildMacKeypad() Graph {
data, err := data.Asset("data/MacKeypad.json")
if err != nil {
@@ -61,7 +61,7 @@ func BuildMacKeypad() Graph {
return getAdjancencyGraphFromFile(data, "mac_keypad")
}
-//BuildLeet builds the L33T Graph
+// BuildLeet builds the L33T Graph
func BuildLeet() Graph {
data, err := data.Asset("data/L33t.json")
if err != nil {
@@ -71,7 +71,6 @@ func BuildLeet() Graph {
}
func getAdjancencyGraphFromFile(data []byte, name string) Graph {
-
var graph Graph
err := json.Unmarshal(data, &graph)
if err != nil {
@@ -82,9 +81,9 @@ func getAdjancencyGraphFromFile(data []byte, name string) Graph {
}
// CalculateAvgDegree calclates the average degree between nodes in the graph
-//on qwerty, 'g' has degree 6, being adjacent to 'ftyhbv'. '\' has degree 1.
-//this calculates the average over all keys.
-//TODO double check that i ported this correctly scoring.coffee ln 5
+// on qwerty, 'g' has degree 6, being adjacent to 'ftyhbv'. '\' has degree 1.
+// this calculates the average over all keys.
+// TODO double check that i ported this correctly scoring.coffee ln 5
func (adjGrp Graph) CalculateAvgDegree() float64 {
if adjGrp.averageDegree != float64(0) {
return adjGrp.averageDegree
@@ -92,14 +91,12 @@ func (adjGrp Graph) CalculateAvgDegree() float64 {
var avg float64
var count float64
for _, value := range adjGrp.Graph {
-
for _, char := range value {
if len(char) != 0 || char != " " {
avg += float64(len(char))
count++
}
}
-
}
adjGrp.averageDegree = avg / count
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/data/bindata.go b/vendor/github.com/ccojocar/zxcvbn-go/data/bindata.go
similarity index 99%
rename from vendor/github.com/nbutton23/zxcvbn-go/data/bindata.go
rename to vendor/github.com/ccojocar/zxcvbn-go/data/bindata.go
index f3a0c010c..3db0f1b10 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/data/bindata.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/data/bindata.go
@@ -33,7 +33,7 @@ func bindataRead(data []byte, name string) ([]byte, error) {
}
var buf bytes.Buffer
- _, err = io.Copy(&buf, gz)
+ _, err = io.Copy(&buf, gz) // #nosec
clErr := gz.Close()
if err != nil {
@@ -345,11 +345,13 @@ var _bindata = map[string]func() (*asset, error){
// directory embedded in the file by go-bindata.
// For example if you run go-bindata on data/... and data contains the
// following hierarchy:
-// data/
-// foo.txt
-// img/
-// a.png
-// b.png
+//
+// data/
+// foo.txt
+// img/
+// a.png
+// b.png
+//
// then AssetDir("data") would return []string{"foo.txt", "img"}
// AssetDir("data/img") would return []string{"a.png", "b.png"}
// AssetDir("foo.txt") and AssetDir("notexist") would return an error
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/entropy/entropyCalculator.go b/vendor/github.com/ccojocar/zxcvbn-go/entropy/entropyCalculator.go
similarity index 77%
rename from vendor/github.com/nbutton23/zxcvbn-go/entropy/entropyCalculator.go
rename to vendor/github.com/ccojocar/zxcvbn-go/entropy/entropyCalculator.go
index 8f57ea0a4..80432572b 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/entropy/entropyCalculator.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/entropy/entropyCalculator.go
@@ -1,12 +1,13 @@
package entropy
import (
- "github.com/nbutton23/zxcvbn-go/adjacency"
- "github.com/nbutton23/zxcvbn-go/match"
- "github.com/nbutton23/zxcvbn-go/utils/math"
"math"
"regexp"
"unicode"
+
+ "github.com/ccojocar/zxcvbn-go/adjacency"
+ "github.com/ccojocar/zxcvbn-go/match"
+ zxcvbnmath "github.com/ccojocar/zxcvbn-go/utils/math"
)
const (
@@ -27,7 +28,7 @@ var (
func DictionaryEntropy(match match.Match, rank float64) float64 {
baseEntropy := math.Log2(rank)
upperCaseEntropy := extraUpperCaseEntropy(match)
- //TODO: L33t
+ // TODO: L33t
return baseEntropy + upperCaseEntropy
}
@@ -46,18 +47,18 @@ func extraUpperCaseEntropy(match match.Match) float64 {
return float64(0)
}
- //a capitalized word is the most common capitalization scheme,
- //so it only doubles the search space (uncapitalized + capitalized): 1 extra bit of entropy.
- //allcaps and end-capitalized are common enough too, underestimate as 1 extra bit to be safe.
+ // a capitalized word is the most common capitalization scheme,
+ // so it only doubles the search space (uncapitalized + capitalized): 1 extra bit of entropy.
+ // allcaps and end-capitalized are common enough too, underestimate as 1 extra bit to be safe.
for _, matcher := range []*regexp.Regexp{startUpperRx, endUpperRx, allUpperRx} {
if matcher.MatchString(word) {
return float64(1)
}
}
- //Otherwise calculate the number of ways to capitalize U+L uppercase+lowercase letters with U uppercase letters or
- //less. Or, if there's more uppercase than lower (for e.g. PASSwORD), the number of ways to lowercase U+L letters
- //with L lowercase letters or less.
+ // Otherwise calculate the number of ways to capitalize U+L uppercase+lowercase letters with U uppercase letters or
+ // less. Or, if there's more uppercase than lower (for e.g. PASSwORD), the number of ways to lowercase U+L letters
+ // with L lowercase letters or less.
countUpper, countLower := float64(0), float64(0)
for _, char := range word {
@@ -71,21 +72,21 @@ func extraUpperCaseEntropy(match match.Match) float64 {
var possibililities float64
for i := float64(0); i <= math.Min(countUpper, countLower); i++ {
- possibililities += float64(zxcvbnmath.NChoseK(totalLenght, i))
+ possibililities += zxcvbnmath.NChoseK(totalLenght, i)
}
if possibililities < 1 {
return float64(1)
}
- return float64(math.Log2(possibililities))
+ return (math.Log2(possibililities))
}
// SpatialEntropy calculates the entropy for spatial matches
func SpatialEntropy(match match.Match, turns int, shiftCount int) float64 {
var s, d float64
if match.DictionaryName == "qwerty" || match.DictionaryName == "dvorak" {
- //todo: verify qwerty and dvorak have the same length and degree
+ // todo: verify qwerty and dvorak have the same length and degree
s = float64(len(adjacency.BuildQwerty().Graph))
d = adjacency.BuildQwerty().CalculateAvgDegree()
} else {
@@ -97,8 +98,8 @@ func SpatialEntropy(match match.Match, turns int, shiftCount int) float64 {
length := float64(len(match.Token))
- //TODO: Should this be <= or just < ?
- //Estimate the number of possible patterns w/ length L or less with t turns or less
+ // TODO: Should this be <= or just < ?
+ // Estimate the number of possible patterns w/ length L or less with t turns or less
for i := float64(2); i <= length+1; i++ {
possibleTurns := math.Min(float64(turns), i-1)
for j := float64(1); j <= possibleTurns+1; j++ {
@@ -108,8 +109,8 @@ func SpatialEntropy(match match.Match, turns int, shiftCount int) float64 {
}
entropy := math.Log2(possibilities)
- //add extra entropu for shifted keys. ( % instead of 5 A instead of a)
- //Math is similar to extra entropy for uppercase letters in dictionary matches.
+ // add extra entropu for shifted keys. ( % instead of 5 A instead of a)
+ // Math is similar to extra entropy for uppercase letters in dictionary matches.
if S := float64(shiftCount); S > float64(0) {
possibilities = float64(0)
@@ -134,7 +135,7 @@ func RepeatEntropy(match match.Match) float64 {
}
// CalcBruteForceCardinality calculates the brute force cardinality
-//TODO: Validate against python
+// TODO: Validate against python
func CalcBruteForceCardinality(password string) float64 {
lower, upper, digits, symbols := float64(0), float64(0), float64(0), float64(0)
@@ -157,12 +158,12 @@ func CalcBruteForceCardinality(password string) float64 {
// SequenceEntropy calculates the entropy for sequences such as 4567 or cdef
func SequenceEntropy(match match.Match, dictionaryLength int, ascending bool) float64 {
firstChar := match.Token[0]
- baseEntropy := float64(0)
+ var baseEntropy float64
if string(firstChar) == "a" || string(firstChar) == "1" {
baseEntropy = float64(0)
} else {
baseEntropy = math.Log2(float64(dictionaryLength))
- //TODO: should this be just the first or any char?
+ // TODO: should this be just the first or any char?
if unicode.IsUpper(rune(firstChar)) {
baseEntropy++
}
@@ -183,7 +184,7 @@ func ExtraLeetEntropy(match match.Match, password string) float64 {
if string(char) != string(match.Token[index]) {
subsitutions++
} else {
- //TODO: Make this only true for 1337 chars that are not subs?
+ // TODO: Make this only true for 1337 chars that are not subs?
unsub++
}
}
@@ -210,7 +211,7 @@ func DateEntropy(dateMatch match.DateMatch) float64 {
}
if dateMatch.Separator != "" {
- entropy += 2 //add two bits for separator selection [/,-,.,etc]
+ entropy += 2 // add two bits for separator selection [/,-,.,etc]
}
return entropy
}
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/frequency/frequency.go b/vendor/github.com/ccojocar/zxcvbn-go/frequency/frequency.go
similarity index 96%
rename from vendor/github.com/nbutton23/zxcvbn-go/frequency/frequency.go
rename to vendor/github.com/ccojocar/zxcvbn-go/frequency/frequency.go
index d056e4d4e..4f51369e1 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/frequency/frequency.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/frequency/frequency.go
@@ -4,7 +4,7 @@ import (
"encoding/json"
"log"
- "github.com/nbutton23/zxcvbn-go/data"
+ "github.com/ccojocar/zxcvbn-go/data"
)
// List holds a frequency list
@@ -28,8 +28,8 @@ func init() {
Lists["Surname"] = getStringListFromAsset(surnameFilePath, "Surname")
Lists["English"] = getStringListFromAsset(englishFilePath, "English")
Lists["Passwords"] = getStringListFromAsset(passwordsFilePath, "Passwords")
-
}
+
func getAsset(name string) []byte {
data, err := data.Asset(name)
if err != nil {
@@ -38,8 +38,8 @@ func getAsset(name string) []byte {
return data
}
-func getStringListFromAsset(data []byte, name string) List {
+func getStringListFromAsset(data []byte, name string) List {
var tempList List
err := json.Unmarshal(data, &tempList)
if err != nil {
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/match/match.go b/vendor/github.com/ccojocar/zxcvbn-go/match/match.go
similarity index 80%
rename from vendor/github.com/nbutton23/zxcvbn-go/match/match.go
rename to vendor/github.com/ccojocar/zxcvbn-go/match/match.go
index dd30bea04..998dde111 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/match/match.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/match/match.go
@@ -1,14 +1,16 @@
package match
-//Matches is an alies for []Match used for sorting
+// Matches is an alies for []Match used for sorting
type Matches []Match
func (s Matches) Len() int {
return len(s)
}
+
func (s Matches) Swap(i, j int) {
s[i], s[j] = s[j], s[i]
}
+
func (s Matches) Less(i, j int) bool {
if s[i].I < s[j].I {
return true
@@ -28,7 +30,7 @@ type Match struct {
Entropy float64
}
-//DateMatch is specifilly a match for type date
+// DateMatch is specifilly a match for type date
type DateMatch struct {
Pattern string
I, J int
@@ -37,7 +39,7 @@ type DateMatch struct {
Day, Month, Year int64
}
-//Matcher are a func and ID that can be used to match different passwords
+// Matcher are a func and ID that can be used to match different passwords
type Matcher struct {
MatchingFunc func(password string) []Match
ID string
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/matching/dateMatchers.go b/vendor/github.com/ccojocar/zxcvbn-go/matching/dateMatchers.go
similarity index 93%
rename from vendor/github.com/nbutton23/zxcvbn-go/matching/dateMatchers.go
rename to vendor/github.com/ccojocar/zxcvbn-go/matching/dateMatchers.go
index 8dfdf2410..fd7f38332 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/matching/dateMatchers.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/matching/dateMatchers.go
@@ -5,8 +5,8 @@ import (
"strconv"
"strings"
- "github.com/nbutton23/zxcvbn-go/entropy"
- "github.com/nbutton23/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/entropy"
+ "github.com/ccojocar/zxcvbn-go/match"
)
const (
@@ -20,12 +20,12 @@ var (
dateWithOutSepMatch = regexp.MustCompile(`\d{4,8}`)
)
-//FilterDateSepMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
+// FilterDateSepMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
func FilterDateSepMatcher(m match.Matcher) bool {
return m.ID == dateSepMatcherName
}
-//FilterDateWithoutSepMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
+// FilterDateWithoutSepMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
func FilterDateWithoutSepMatcher(m match.Matcher) bool {
return m.ID == dateWithOutSepMatcherName
}
@@ -64,8 +64,8 @@ func dateSepMatcher(password string) []match.Match {
return matches
}
-func dateSepMatchHelper(password string) []match.DateMatch {
+func dateSepMatchHelper(password string) []match.DateMatch {
var matches []match.DateMatch
for _, v := range dateRxYearSuffix.FindAllString(password, len(password)) {
@@ -101,7 +101,6 @@ func dateSepMatchHelper(password string) []match.DateMatch {
}
}
return out
-
}
type dateMatchCandidate struct {
@@ -136,7 +135,7 @@ func dateWithoutSepMatch(password string) []match.Match {
return matches
}
-//TODO Has issues with 6 digit dates
+// TODO Has issues with 6 digit dates
func dateWithoutSepMatchHelper(password string) (matches []match.DateMatch) {
for _, v := range dateWithOutSepMatch.FindAllString(password, len(password)) {
i := strings.Index(password, v)
@@ -146,17 +145,17 @@ func dateWithoutSepMatchHelper(password string) (matches []match.DateMatch) {
var candidatesRoundOne []dateMatchCandidate
if length <= 6 {
- //2-digit year prefix
+ // 2-digit year prefix
candidatesRoundOne = append(candidatesRoundOne, buildDateMatchCandidate(v[2:], v[0:2], i, j))
- //2-digityear suffix
+ // 2-digityear suffix
candidatesRoundOne = append(candidatesRoundOne, buildDateMatchCandidate(v[0:lastIndex-2], v[lastIndex-2:], i, j))
}
if length >= 6 {
- //4-digit year prefix
+ // 4-digit year prefix
candidatesRoundOne = append(candidatesRoundOne, buildDateMatchCandidate(v[4:], v[0:4], i, j))
- //4-digit year sufix
+ // 4-digit year sufix
candidatesRoundOne = append(candidatesRoundOne, buildDateMatchCandidate(v[0:lastIndex-3], v[lastIndex-3:], i, j))
}
@@ -179,7 +178,6 @@ func dateWithoutSepMatchHelper(password string) (matches []match.DateMatch) {
}
intMonth, err := strconv.ParseInt(candidate.Month, 10, 16)
-
if err != nil {
continue
}
@@ -204,6 +202,5 @@ func buildDateMatchCandidate(dayMonth, year string, i, j int) dateMatchCandidate
}
func buildDateMatchCandidateTwo(day, month string, year string, i, j int) dateMatchCandidateTwo {
-
return dateMatchCandidateTwo{Day: day, Month: month, Year: year, I: i, J: j}
}
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/matching/dictionaryMatch.go b/vendor/github.com/ccojocar/zxcvbn-go/matching/dictionaryMatch.go
similarity index 89%
rename from vendor/github.com/nbutton23/zxcvbn-go/matching/dictionaryMatch.go
rename to vendor/github.com/ccojocar/zxcvbn-go/matching/dictionaryMatch.go
index 4ddb2c3b0..d0d450188 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/matching/dictionaryMatch.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/matching/dictionaryMatch.go
@@ -3,8 +3,8 @@ package matching
import (
"strings"
- "github.com/nbutton23/zxcvbn-go/entropy"
- "github.com/nbutton23/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/entropy"
+ "github.com/ccojocar/zxcvbn-go/match"
)
func buildDictMatcher(dictName string, rankedDict map[string]int) func(password string) []match.Match {
@@ -15,7 +15,6 @@ func buildDictMatcher(dictName string, rankedDict map[string]int) func(password
}
return matches
}
-
}
func dictionaryMatch(password string, dictionaryName string, rankedDict map[string]int) []match.Match {
@@ -29,7 +28,8 @@ func dictionaryMatch(password string, dictionaryName string, rankedDict map[stri
for j := i; j < length; j++ {
word := pwLowerRunes[i : j+1]
if val, ok := rankedDict[string(word)]; ok {
- matchDic := match.Match{Pattern: "dictionary",
+ matchDic := match.Match{
+ Pattern: "dictionary",
DictionaryName: dictionaryName,
I: i,
J: j,
@@ -46,7 +46,6 @@ func dictionaryMatch(password string, dictionaryName string, rankedDict map[stri
}
func buildRankedDict(unrankedList []string) map[string]int {
-
result := make(map[string]int)
for i, v := range unrankedList {
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/matching/leet.go b/vendor/github.com/ccojocar/zxcvbn-go/matching/leet.go
similarity index 95%
rename from vendor/github.com/nbutton23/zxcvbn-go/matching/leet.go
rename to vendor/github.com/ccojocar/zxcvbn-go/matching/leet.go
index 610f1973f..1f303aa6e 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/matching/leet.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/matching/leet.go
@@ -3,14 +3,14 @@ package matching
import (
"strings"
- "github.com/nbutton23/zxcvbn-go/entropy"
- "github.com/nbutton23/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/entropy"
+ "github.com/ccojocar/zxcvbn-go/match"
)
// L33TMatcherName id
const L33TMatcherName = "l33t"
-//FilterL33tMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
+// FilterL33tMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
func FilterL33tMatcher(m match.Matcher) bool {
return m.ID == L33TMatcherName
}
@@ -105,7 +105,7 @@ func createListOfMapsWithoutConflicts(table map[string][]string) []map[string][]
return result
}
-// This function retrieves the list of values that appear for one or more keys. This is usefull to
+// This function retrieves the list of values that appear for one or more keys. This is useful to
// know which l33t chars can represent more than one letter.
func retrieveConflictsListFromTable(table map[string][]string) []string {
result := []string{}
@@ -128,7 +128,7 @@ func retrieveConflictsListFromTable(table map[string][]string) []string {
}
// This function aims to create different maps for a given char if this char represents a conflict.
-// If the specified char is not a conflit one, the same map will be returned. In scenarios which
+// If the specified char is not a conflict one, the same map will be returned. In scenarios which
// the provided char can not be found on map, an empty list will be returned. This function was
// designed to be used on conflicts situations.
func createDifferentMapsForLeetChar(table map[string][]string, leetChar string) []map[string][]string {
@@ -158,7 +158,7 @@ func retrieveListOfKeysWithSpecificValueFromTable(table map[string][]string, val
return result
}
-// This function returns a lsit of substitution map from a given table. Each map in the result will
+// This function returns a list of substitution map from a given table. Each map in the result will
// provide only one representation for each value. As an example, if the provided map contains the
// values "@" and "4" in the possibilities to represent "a", two maps will be created where one
// will contain "a" mapping to "@" and the other one will provide "a" mapping to "4".
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/matching/matching.go b/vendor/github.com/ccojocar/zxcvbn-go/matching/matching.go
similarity index 87%
rename from vendor/github.com/nbutton23/zxcvbn-go/matching/matching.go
rename to vendor/github.com/ccojocar/zxcvbn-go/matching/matching.go
index 4577db8a4..c6948067b 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/matching/matching.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/matching/matching.go
@@ -3,9 +3,9 @@ package matching
import (
"sort"
- "github.com/nbutton23/zxcvbn-go/adjacency"
- "github.com/nbutton23/zxcvbn-go/frequency"
- "github.com/nbutton23/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/adjacency"
+ "github.com/ccojocar/zxcvbn-go/frequency"
+ "github.com/ccojocar/zxcvbn-go/match"
)
var (
@@ -23,8 +23,7 @@ func init() {
// Omnimatch runs all matchers against the password
func Omnimatch(password string, userInputs []string, filters ...func(match.Matcher) bool) (matches []match.Match) {
-
- //Can I run into the issue where nil is not equal to nil?
+ // Can I run into the issue where nil is not equal to nil?
if dictionaryMatchers == nil || adjacencyGraphs == nil {
loadFrequencyList()
}
@@ -51,7 +50,6 @@ func Omnimatch(password string, userInputs []string, filters ...func(match.Match
}
func loadFrequencyList() {
-
for n, list := range frequency.Lists {
dictionaryMatchers = append(dictionaryMatchers, match.Matcher{MatchingFunc: buildDictMatcher(n, buildRankedDict(list.List)), ID: n})
}
@@ -63,8 +61,8 @@ func loadFrequencyList() {
adjacencyGraphs = append(adjacencyGraphs, adjacency.GraphMap["keypad"])
adjacencyGraphs = append(adjacencyGraphs, adjacency.GraphMap["macKeypad"])
- //l33tFilePath, _ := filepath.Abs("adjacency/L33t.json")
- //L33T_TABLE = adjacency.GetAdjancencyGraphFromFile(l33tFilePath, "l33t")
+ // l33tFilePath, _ := filepath.Abs("adjacency/L33t.json")
+ // L33T_TABLE = adjacency.GetAdjancencyGraphFromFile(l33tFilePath, "l33t")
sequences = make(map[string]string)
sequences["lower"] = "abcdefghijklmnopqrstuvwxyz"
@@ -78,5 +76,4 @@ func loadFrequencyList() {
matchers = append(matchers, match.Matcher{MatchingFunc: l33tMatch, ID: L33TMatcherName})
matchers = append(matchers, match.Matcher{MatchingFunc: dateSepMatcher, ID: dateSepMatcherName})
matchers = append(matchers, match.Matcher{MatchingFunc: dateWithoutSepMatch, ID: dateWithOutSepMatcherName})
-
}
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/matching/repeatMatch.go b/vendor/github.com/ccojocar/zxcvbn-go/matching/repeatMatch.go
similarity index 74%
rename from vendor/github.com/nbutton23/zxcvbn-go/matching/repeatMatch.go
rename to vendor/github.com/ccojocar/zxcvbn-go/matching/repeatMatch.go
index a93e45935..d52ba4254 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/matching/repeatMatch.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/matching/repeatMatch.go
@@ -3,13 +3,13 @@ package matching
import (
"strings"
- "github.com/nbutton23/zxcvbn-go/entropy"
- "github.com/nbutton23/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/entropy"
+ "github.com/ccojocar/zxcvbn-go/match"
)
const repeatMatcherName = "REPEAT"
-//FilterRepeatMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
+// FilterRepeatMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
func FilterRepeatMatcher(m match.Matcher) bool {
return m.ID == repeatMatcherName
}
@@ -17,7 +17,7 @@ func FilterRepeatMatcher(m match.Matcher) bool {
func repeatMatch(password string) []match.Match {
var matches []match.Match
- //Loop through password. if current == prev currentStreak++ else if currentStreak > 2 {buildMatch; currentStreak = 1} prev = current
+ // Loop through password. if current == prev currentStreak++ else if currentStreak > 2 {buildMatch; currentStreak = 1} prev = current
var current, prev string
currentStreak := 1
var i int
@@ -29,9 +29,8 @@ func repeatMatch(password string) []match.Match {
continue
}
- if strings.ToLower(current) == strings.ToLower(prev) {
+ if strings.EqualFold(current, prev) {
currentStreak++
-
} else if currentStreak > 2 {
iPos := i - currentStreak
jPos := i - 1
@@ -40,7 +39,8 @@ func repeatMatch(password string) []match.Match {
I: iPos,
J: jPos,
Token: password[iPos : jPos+1],
- DictionaryName: prev}
+ DictionaryName: prev,
+ }
matchRepeat.Entropy = entropy.RepeatEntropy(matchRepeat)
matches = append(matches, matchRepeat)
currentStreak = 1
@@ -59,7 +59,8 @@ func repeatMatch(password string) []match.Match {
I: iPos,
J: jPos,
Token: password[iPos : jPos+1],
- DictionaryName: prev}
+ DictionaryName: prev,
+ }
matchRepeat.Entropy = entropy.RepeatEntropy(matchRepeat)
matches = append(matches, matchRepeat)
}
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/matching/sequenceMatch.go b/vendor/github.com/ccojocar/zxcvbn-go/matching/sequenceMatch.go
similarity index 88%
rename from vendor/github.com/nbutton23/zxcvbn-go/matching/sequenceMatch.go
rename to vendor/github.com/ccojocar/zxcvbn-go/matching/sequenceMatch.go
index e0ed05229..697194583 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/matching/sequenceMatch.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/matching/sequenceMatch.go
@@ -3,13 +3,13 @@ package matching
import (
"strings"
- "github.com/nbutton23/zxcvbn-go/entropy"
- "github.com/nbutton23/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/entropy"
+ "github.com/ccojocar/zxcvbn-go/match"
)
const sequenceMatcherName = "SEQ"
-//FilterSequenceMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
+// FilterSequenceMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
func FilterSequenceMatcher(m match.Matcher) bool {
return m.ID == sequenceMatcherName
}
@@ -64,10 +64,8 @@ func sequenceMatch(password string) []match.Match {
matches = append(matches, matchSequence)
}
break
- } else {
- j++
}
-
+ j++
}
}
i = j
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/matching/spatialMatch.go b/vendor/github.com/ccojocar/zxcvbn-go/matching/spatialMatch.go
similarity index 59%
rename from vendor/github.com/nbutton23/zxcvbn-go/matching/spatialMatch.go
rename to vendor/github.com/ccojocar/zxcvbn-go/matching/spatialMatch.go
index fd858f5d1..101ccea5e 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/matching/spatialMatch.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/matching/spatialMatch.go
@@ -3,14 +3,14 @@ package matching
import (
"strings"
- "github.com/nbutton23/zxcvbn-go/adjacency"
- "github.com/nbutton23/zxcvbn-go/entropy"
- "github.com/nbutton23/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/adjacency"
+ "github.com/ccojocar/zxcvbn-go/entropy"
+ "github.com/ccojocar/zxcvbn-go/match"
)
const spatialMatcherName = "SPATIAL"
-//FilterSpatialMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
+// FilterSpatialMatcher can be pass to zxcvbn-go.PasswordStrength to skip that matcher
func FilterSpatialMatcher(m match.Matcher) bool {
return m.ID == spatialMatcherName
}
@@ -25,39 +25,38 @@ func spatialMatch(password string) (matches []match.Match) {
}
func spatialMatchHelper(password string, graph adjacency.Graph) (matches []match.Match) {
-
for i := 0; i < len(password)-1; {
j := i + 1
- lastDirection := -99 //an int that it should never be!
+ lastDirection := -99 // an int that it should never be!
turns := 0
shiftedCount := 0
for {
prevChar := password[j-1]
found := false
- foundDirection := -1
+ var foundDirection int
curDirection := -1
- //My graphs seem to be wrong. . . and where the hell is qwerty
+ // My graphs seem to be wrong. . . and where the hell is qwerty
adjacents := graph.Graph[string(prevChar)]
- //Consider growing pattern by one character if j hasn't gone over the edge
+ // Consider growing pattern by one character if j hasn't gone over the edge
if j < len(password) {
curChar := password[j]
for _, adj := range adjacents {
curDirection++
- if strings.Index(adj, string(curChar)) != -1 {
+ if strings.Contains(adj, string(curChar)) {
found = true
foundDirection = curDirection
if strings.Index(adj, string(curChar)) == 1 {
- //index 1 in the adjacency means the key is shifted, 0 means unshifted: A vs a, % vs 5, etc.
- //for example, 'q' is adjacent to the entry '2@'. @ is shifted w/ index 1, 2 is unshifted.
+ // index 1 in the adjacency means the key is shifted, 0 means unshifted: A vs a, % vs 5, etc.
+ // for example, 'q' is adjacent to the entry '2@'. @ is shifted w/ index 1, 2 is unshifted.
shiftedCount++
}
if lastDirection != foundDirection {
- //adding a turn is correct even in the initial case when last_direction is null:
- //every spatial pattern starts with a turn.
+ // adding a turn is correct even in the initial case when last_direction is null:
+ // every spatial pattern starts with a turn.
turns++
lastDirection = foundDirection
}
@@ -66,12 +65,12 @@ func spatialMatchHelper(password string, graph adjacency.Graph) (matches []match
}
}
- //if the current pattern continued, extend j and try to grow again
+ // if the current pattern continued, extend j and try to grow again
if found {
j++
} else {
- //otherwise push the pattern discovered so far, if any...
- //don't consider length 1 or 2 chains.
+ // otherwise push the pattern discovered so far, if any...
+ // don't consider length 1 or 2 chains.
if j-i > 2 {
matchSpc := match.Match{Pattern: "spatial", I: i, J: j - 1, Token: password[i:j], DictionaryName: graph.Name}
matchSpc.Entropy = entropy.SpatialEntropy(matchSpc, turns, shiftedCount)
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/scoring/scoring.go b/vendor/github.com/ccojocar/zxcvbn-go/scoring/scoring.go
similarity index 84%
rename from vendor/github.com/nbutton23/zxcvbn-go/scoring/scoring.go
rename to vendor/github.com/ccojocar/zxcvbn-go/scoring/scoring.go
index 4f68a6dca..dbe331884 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/scoring/scoring.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/scoring/scoring.go
@@ -2,11 +2,12 @@ package scoring
import (
"fmt"
- "github.com/nbutton23/zxcvbn-go/entropy"
- "github.com/nbutton23/zxcvbn-go/match"
- "github.com/nbutton23/zxcvbn-go/utils/math"
"math"
"sort"
+
+ "github.com/ccojocar/zxcvbn-go/entropy"
+ "github.com/ccojocar/zxcvbn-go/match"
+ zxcvbnmath "github.com/ccojocar/zxcvbn-go/utils/math"
)
const (
@@ -15,7 +16,7 @@ const (
//adjust for your site accordingly if you use another hash function, possibly by
//several orders of magnitude!
singleGuess float64 = 0.010
- numAttackers float64 = 100 //Cores used to make guesses
+ numAttackers float64 = 100 // Cores used to make guesses
secondsPerGuess float64 = singleGuess / numAttackers
)
@@ -33,11 +34,11 @@ type MinEntropyMatch struct {
/*
MinimumEntropyMatchSequence returns the minimum entropy
- Takes a list of overlapping matches, returns the non-overlapping sublist with
- minimum entropy. O(nm) dp alg for length-n password with m candidate matches.
+ Takes a list of overlapping matches, returns the non-overlapping sublist with
+ minimum entropy. O(nm) dp alg for length-n password with m candidate matches.
*/
func MinimumEntropyMatchSequence(password string, matches []match.Match) MinEntropyMatch {
- bruteforceCardinality := float64(entropy.CalcBruteForceCardinality(password))
+ bruteforceCardinality := entropy.CalcBruteForceCardinality(password)
upToK := make([]float64, len(password))
backPointers := make([]match.Match, len(password))
@@ -50,7 +51,7 @@ func MinimumEntropyMatchSequence(password string, matches []match.Match) MinEntr
}
i, j := match.I, match.J
- //see if best entropy up to i-1 + entropy of match is less that current min at j
+ // see if best entropy up to i-1 + entropy of match is less that current min at j
upTo := get(upToK, i-1)
candidateEntropy := upTo + match.Entropy
@@ -62,7 +63,7 @@ func MinimumEntropyMatchSequence(password string, matches []match.Match) MinEntr
}
}
- //walk backwards and decode the best sequence
+ // walk backwards and decode the best sequence
var matchSequence []match.Match
passwordLen := len(password)
passwordLen--
@@ -80,12 +81,13 @@ func MinimumEntropyMatchSequence(password string, matches []match.Match) MinEntr
sort.Sort(match.Matches(matchSequence))
makeBruteForceMatch := func(i, j int) match.Match {
- return match.Match{Pattern: "bruteforce",
+ return match.Match{
+ Pattern: "bruteforce",
I: i,
J: j,
Token: password[i : j+1],
- Entropy: math.Log2(math.Pow(bruteforceCardinality, float64(j-i)))}
-
+ Entropy: math.Log2(math.Pow(bruteforceCardinality, float64(j-i))),
+ }
}
k := 0
@@ -110,14 +112,16 @@ func MinimumEntropyMatchSequence(password string, matches []match.Match) MinEntr
}
crackTime := roundToXDigits(entropyToCrackTime(minEntropy), 3)
- return MinEntropyMatch{Password: password,
+ return MinEntropyMatch{
+ Password: password,
Entropy: roundToXDigits(minEntropy, 3),
MatchSequence: matchSequenceCopy,
CrackTime: crackTime,
CrackTimeDisplay: displayTime(crackTime),
- Score: crackTimeToScore(crackTime)}
-
+ Score: crackTimeToScore(crackTime),
+ }
}
+
func get(a []float64, i int) float64 {
if i < 0 || i >= len(a) {
return float64(0)
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/utils/math/mathutils.go b/vendor/github.com/ccojocar/zxcvbn-go/utils/math/mathutils.go
similarity index 100%
rename from vendor/github.com/nbutton23/zxcvbn-go/utils/math/mathutils.go
rename to vendor/github.com/ccojocar/zxcvbn-go/utils/math/mathutils.go
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/zxcvbn.go b/vendor/github.com/ccojocar/zxcvbn-go/zxcvbn.go
similarity index 76%
rename from vendor/github.com/nbutton23/zxcvbn-go/zxcvbn.go
rename to vendor/github.com/ccojocar/zxcvbn-go/zxcvbn.go
index 9c34b1c8c..f3dc19e4c 100644
--- a/vendor/github.com/nbutton23/zxcvbn-go/zxcvbn.go
+++ b/vendor/github.com/ccojocar/zxcvbn-go/zxcvbn.go
@@ -3,10 +3,10 @@ package zxcvbn
import (
"time"
- "github.com/nbutton23/zxcvbn-go/match"
- "github.com/nbutton23/zxcvbn-go/matching"
- "github.com/nbutton23/zxcvbn-go/scoring"
- "github.com/nbutton23/zxcvbn-go/utils/math"
+ "github.com/ccojocar/zxcvbn-go/match"
+ "github.com/ccojocar/zxcvbn-go/matching"
+ "github.com/ccojocar/zxcvbn-go/scoring"
+ zxcvbnmath "github.com/ccojocar/zxcvbn-go/utils/math"
)
// PasswordStrength takes a password, userInputs and optional filters and returns a MinEntropyMatch
diff --git a/vendor/github.com/gookit/color/color_16.go b/vendor/github.com/gookit/color/color_16.go
index 0b70efe44..eda226a15 100644
--- a/vendor/github.com/gookit/color/color_16.go
+++ b/vendor/github.com/gookit/color/color_16.go
@@ -41,15 +41,27 @@ func (o Opts) String() string {
* Basic 16 color definition
*************************************************************/
-// Base value for foreground/background color
-// base: fg 30~37, bg 40~47
-// light: fg 90~97, bg 100~107
+const (
+ // OptMax max option value. range: 0 - 9
+ OptMax = 10
+ // DiffFgBg diff foreground and background color
+ DiffFgBg = 10
+)
+
+// Boundary value for foreground/background color 16
+//
+// - base: fg 30~37, bg 40~47
+// - light: fg 90~97, bg 100~107
const (
FgBase uint8 = 30
+ FgMax uint8 = 37
BgBase uint8 = 40
+ BgMax uint8 = 47
HiFgBase uint8 = 90
+ HiFgMax uint8 = 97
HiBgBase uint8 = 100
+ HiBgMax uint8 = 107
)
// Foreground colors. basic foreground colors 30 - 37
@@ -94,7 +106,7 @@ const (
BgDefault Color = 49
)
-// Extra background color 100 - 107(非标准)
+// Extra background color 100 - 107 (non-standard)
const (
BgDarkGray Color = iota + 100
BgLightRed
@@ -108,7 +120,7 @@ const (
BgGray Color = 100
)
-// Option settings
+// Option settings. range: 0 - 9
const (
OpReset Color = iota // 0 重置所有设置
OpBold // 1 加粗
@@ -248,9 +260,9 @@ func (c Color) Println(a ...any) { doPrintlnV2(c.String(), a) }
// lightCyan := Cyan.Light()
// lightCyan.Print("message")
func (c Color) Light() Color {
- val := int(c)
+ val := uint8(c)
if val >= 30 && val <= 47 {
- return Color(uint8(c) + 60)
+ return Color(val + 60)
}
// don't change
@@ -264,9 +276,9 @@ func (c Color) Light() Color {
// cyan := LightCyan.Darken()
// cyan.Print("message")
func (c Color) Darken() Color {
- val := int(c)
+ val := uint8(c)
if val >= 90 && val <= 107 {
- return Color(uint8(c) - 60)
+ return Color(val - 60)
}
// don't change
@@ -324,7 +336,7 @@ func (c Color) RGB() RGBColor {
return emptyRGBColor
}
- return HEX(Basic2hex(val))
+ return HEX(Basic2hex(val), c.IsBg())
}
// Code convert to code string. eg "35"
@@ -337,8 +349,23 @@ func (c Color) String() string {
return strconv.FormatInt(int64(c), 10)
}
+// IsBg check is background color
+func (c Color) IsBg() bool {
+ val := uint8(c)
+ return val >= BgBase && val <= BgMax || val >= HiBgBase && val <= HiBgMax
+}
+
+// IsFg check is foreground color
+func (c Color) IsFg() bool {
+ val := uint8(c)
+ return val >= FgBase && val <= FgMax || val >= HiFgBase && val <= HiFgMax
+}
+
+// IsOption check is option code: 0-9
+func (c Color) IsOption() bool { return uint8(c) < OptMax }
+
// IsValid color value
-func (c Color) IsValid() bool { return c < 107 }
+func (c Color) IsValid() bool { return uint8(c) < HiBgMax }
/*************************************************************
* basic color maps
diff --git a/vendor/github.com/gookit/color/color_256.go b/vendor/github.com/gookit/color/color_256.go
index 991e604c0..79ae5f8df 100644
--- a/vendor/github.com/gookit/color/color_256.go
+++ b/vendor/github.com/gookit/color/color_256.go
@@ -43,7 +43,8 @@ const (
* 8bit(256) Color: Bit8Color Color256
*************************************************************/
-// Color256 256 color (8 bit), uint8 range at 0 - 255
+// Color256 256 color (8 bit), uint8 range at 0 - 255.
+// Support 256 color on windows CMD, PowerShell
//
// 颜色值使用10进制和16进制都可 0x98 = 152
//
@@ -54,10 +55,9 @@ const (
//
// example:
//
-// fg color: [152, 0]
-// bg color: [152, 1]
+// fg color: [152, 0]
+// bg color: [152, 1]
//
-// NOTICE: now support 256 color on windows CMD, PowerShell
// lint warn - Name starts with package name
type Color256 [2]uint8
type Bit8Color = Color256 // alias
@@ -164,9 +164,7 @@ func (c Color256) String() string {
}
// IsFg color
-func (c Color256) IsFg() bool {
- return c[1] == AsFg
-}
+func (c Color256) IsFg() bool { return c[1] == AsFg }
// ToFg 256 color
func (c Color256) ToFg() Color256 {
@@ -175,9 +173,7 @@ func (c Color256) ToFg() Color256 {
}
// IsBg color
-func (c Color256) IsBg() bool {
- return c[1] == AsBg
-}
+func (c Color256) IsBg() bool { return c[1] == AsBg }
// ToBg 256 color
func (c Color256) ToBg() Color256 {
@@ -186,9 +182,7 @@ func (c Color256) ToBg() Color256 {
}
// IsEmpty value
-func (c Color256) IsEmpty() bool {
- return c[1] > 1
-}
+func (c Color256) IsEmpty() bool { return c[1] > 1 }
/*************************************************************
* 8bit(256) Style
diff --git a/vendor/github.com/gookit/color/color_rgb.go b/vendor/github.com/gookit/color/color_rgb.go
index 724cf6659..bc129b715 100644
--- a/vendor/github.com/gookit/color/color_rgb.go
+++ b/vendor/github.com/gookit/color/color_rgb.go
@@ -44,6 +44,7 @@ const (
*************************************************************/
// RGBColor definition.
+// Support RGB color on Windows CMD, PowerShell
//
// The first to third digits represent the color value.
// The last digit represents the foreground(0), background(1), >1 is unset value
@@ -54,8 +55,6 @@ const (
// // 3rd: Fg=0, Bg=1, >1: unset value
// RGBColor{30,144,255, 0}
// RGBColor{30,144,255, 1}
-//
-// NOTICE: now support RGB color on Windows CMD, PowerShell
type RGBColor [4]uint8
// create an empty RGBColor
@@ -251,6 +250,18 @@ func (c RGBColor) String() string {
return ""
}
+// ToBg convert to background color
+func (c RGBColor) ToBg() RGBColor {
+ c[3] = AsBg
+ return c
+}
+
+// ToFg convert to foreground color
+func (c RGBColor) ToFg() RGBColor {
+ c[3] = AsFg
+ return c
+}
+
// IsEmpty value
func (c RGBColor) IsEmpty() bool {
return c[3] > AsBg
diff --git a/vendor/github.com/gookit/color/convert.go b/vendor/github.com/gookit/color/convert.go
index 39aac7d2e..c71035360 100644
--- a/vendor/github.com/gookit/color/convert.go
+++ b/vendor/github.com/gookit/color/convert.go
@@ -52,6 +52,7 @@ var (
// ---------- basic(16) <=> RGB color convert ----------
// refer from Hyper app
+ // Tip: only keep foreground color, background color need convert to foreground color for convert to RGB
basic2hexMap = map[uint8]string{
30: "000000", // black
31: "c51e14", // red
@@ -61,7 +62,7 @@ var (
35: "c839c5", // magenta
36: "20c5c6", // cyan
37: "c7c7c7", // white
- // - don't add bg color
+ // - don't add bg color, convert to fg color for convert to RGB
// 40: "000000", // black
// 41: "c51e14", // red
// 42: "1dc121", // green
@@ -428,10 +429,11 @@ func HexToRGB(hex string) []int { return HexToRgb(hex) }
// HexToRgb convert hex color string to RGB numbers
//
// Usage:
-// rgb := HexToRgb("ccc") // rgb: [204 204 204]
-// rgb := HexToRgb("aabbcc") // rgb: [170 187 204]
-// rgb := HexToRgb("#aabbcc") // rgb: [170 187 204]
-// rgb := HexToRgb("0xad99c0") // rgb: [170 187 204]
+//
+// rgb := HexToRgb("ccc") // rgb: [204 204 204]
+// rgb := HexToRgb("aabbcc") // rgb: [170 187 204]
+// rgb := HexToRgb("#aabbcc") // rgb: [170 187 204]
+// rgb := HexToRgb("0xad99c0") // rgb: [170 187 204]
func HexToRgb(hex string) (rgb []int) {
hex = strings.TrimSpace(hex)
if hex == "" {
@@ -474,6 +476,7 @@ func Rgb2hex(rgb []int) string { return RgbToHex(rgb) }
// RgbToHex convert RGB-code to hex-code
//
// Usage:
+//
// hex := RgbToHex([]int{170, 187, 204}) // hex: "aabbcc"
func RgbToHex(rgb []int) string {
hexNodes := make([]string, len(rgb))
@@ -488,10 +491,15 @@ func RgbToHex(rgb []int) string {
* 4bit(16) color <=> RGB/True color
*************************************************************/
+// BasicToHex convert basic color to hex string.
+func BasicToHex(val uint8) string {
+ val = Bg2Fg(val)
+ return basic2hexMap[val]
+}
+
// Basic2hex convert basic color to hex string.
func Basic2hex(val uint8) string {
- val = Fg2Bg(val)
- return basic2hexMap[val]
+ return BasicToHex(val)
}
// Hex2basic convert hex string to basic color code.
@@ -663,6 +671,7 @@ func C256ToRgbV1(val uint8) (rgb []uint8) {
// returns r, g, and b in the set [0, 255].
//
// Usage:
+//
// HslIntToRgb(0, 100, 50) // red
// HslIntToRgb(120, 100, 50) // lime
// HslIntToRgb(120, 100, 25) // dark green
@@ -677,6 +686,7 @@ func HslIntToRgb(h, s, l int) (rgb []uint8) {
// returns r, g, and b in the set [0, 255].
//
// Usage:
+//
// rgbVals := HslToRgb(0, 1, 0.5) // red
func HslToRgb(h, s, l float64) (rgb []uint8) {
var r, g, b float64
diff --git a/vendor/github.com/gookit/color/style.go b/vendor/github.com/gookit/color/style.go
index a009d1d6e..353d39f10 100644
--- a/vendor/github.com/gookit/color/style.go
+++ b/vendor/github.com/gookit/color/style.go
@@ -37,7 +37,8 @@ func (s *Style) Add(cs ...Color) {
*s = append(*s, cs...)
}
-// Render render text
+// Render colored text
+//
// Usage:
//
// color.New(color.FgGreen).Render("text")
@@ -46,8 +47,9 @@ func (s Style) Render(a ...any) string {
return RenderCode(s.String(), a...)
}
-// Renderln render text line.
+// Renderln render text with newline.
// like Println, will add spaces for each argument
+//
// Usage:
//
// color.New(color.FgGreen).Renderln("text", "more")
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/.gitignore b/vendor/github.com/nbutton23/zxcvbn-go/.gitignore
deleted file mode 100644
index 4bff1a28e..000000000
--- a/vendor/github.com/nbutton23/zxcvbn-go/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-zxcvbn
-debug.test
diff --git a/vendor/github.com/nbutton23/zxcvbn-go/Makefile b/vendor/github.com/nbutton23/zxcvbn-go/Makefile
deleted file mode 100644
index 6aa13e006..000000000
--- a/vendor/github.com/nbutton23/zxcvbn-go/Makefile
+++ /dev/null
@@ -1,15 +0,0 @@
-PKG_LIST = $$( go list ./... | grep -v /vendor/ | grep -v "zxcvbn-go/data" )
-
-.DEFAULT_GOAL := help
-
-.PHONY: help
-help:
- @grep -E '^[a-zA-Z_-]+:.*?## .*$$' $(MAKEFILE_LIST) | sort | awk 'BEGIN {FS = ":.*?## "}; {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}'
-
-.PHONY: test
-test: ## Run `go test {Package list}` on the packages
- go test $(PKG_LIST)
-
-.PHONY: lint
-lint: ## Run `golint {Package list}`
- golint $(PKG_LIST)
\ No newline at end of file
diff --git a/vendor/github.com/securego/gosec/v2/.golangci.yml b/vendor/github.com/securego/gosec/v2/.golangci.yml
index b12140a25..d6c5de7ba 100644
--- a/vendor/github.com/securego/gosec/v2/.golangci.yml
+++ b/vendor/github.com/securego/gosec/v2/.golangci.yml
@@ -2,7 +2,6 @@ linters:
enable:
- asciicheck
- bodyclose
- - depguard
- dogsled
- durationcheck
- errcheck
diff --git a/vendor/github.com/securego/gosec/v2/README.md b/vendor/github.com/securego/gosec/v2/README.md
index 71e032d80..6c6d2982c 100644
--- a/vendor/github.com/securego/gosec/v2/README.md
+++ b/vendor/github.com/securego/gosec/v2/README.md
@@ -167,6 +167,7 @@ directory you can supply `./...` as the input argument.
- G504: Import blocklist: net/http/cgi
- G505: Import blocklist: crypto/sha1
- G601: Implicit memory aliasing of items from a range statement
+- G602: Slice access out of bounds
### Retired rules
diff --git a/vendor/github.com/securego/gosec/v2/action.yml b/vendor/github.com/securego/gosec/v2/action.yml
index 0320f0c21..8e28c346d 100644
--- a/vendor/github.com/securego/gosec/v2/action.yml
+++ b/vendor/github.com/securego/gosec/v2/action.yml
@@ -10,7 +10,7 @@ inputs:
runs:
using: 'docker'
- image: 'docker://securego/gosec:2.15.0'
+ image: 'docker://securego/gosec:2.16.0'
args:
- ${{ inputs.args }}
diff --git a/vendor/github.com/securego/gosec/v2/analyzer.go b/vendor/github.com/securego/gosec/v2/analyzer.go
index 830d338e4..023514b8a 100644
--- a/vendor/github.com/securego/gosec/v2/analyzer.go
+++ b/vendor/github.com/securego/gosec/v2/analyzer.go
@@ -59,7 +59,7 @@ var generatedCodePattern = regexp.MustCompile(`^// Code generated .* DO NOT EDIT
// The Context is populated with data parsed from the source code as it is scanned.
// It is passed through to all rule functions as they are called. Rules may use
-// this data in conjunction withe the encountered AST node.
+// this data in conjunction with the encountered AST node.
type Context struct {
FileSet *token.FileSet
Comments ast.CommentMap
@@ -449,10 +449,12 @@ func (gosec *Analyzer) ignore(n ast.Node) map[string]issue.SuppressionInfo {
if groups, ok := gosec.context.Comments[n]; ok && !gosec.ignoreNosec {
// Checks if an alternative for #nosec is set and, if not, uses the default.
- noSecDefaultTag := "#nosec"
+ noSecDefaultTag := NoSecTag(string(Nosec))
noSecAlternativeTag, err := gosec.config.GetGlobal(NoSecAlternative)
if err != nil {
noSecAlternativeTag = noSecDefaultTag
+ } else {
+ noSecAlternativeTag = NoSecTag(noSecAlternativeTag)
}
for _, group := range groups {
diff --git a/vendor/github.com/securego/gosec/v2/analyzers/ssrf.go b/vendor/github.com/securego/gosec/v2/analyzers/ssrf.go
index a9dbd9500..70e0211f1 100644
--- a/vendor/github.com/securego/gosec/v2/analyzers/ssrf.go
+++ b/vendor/github.com/securego/gosec/v2/analyzers/ssrf.go
@@ -46,7 +46,7 @@ func runSSRF(pass *analysis.Pass) (interface{}, error) {
if callee != nil {
ssaResult.Logger.Printf("callee: %s\n", callee)
return newIssue(pass.Analyzer.Name,
- "not implemeted",
+ "not implemented",
pass.Fset, instr.Call.Pos(), issue.Low, issue.High), nil
}
}
diff --git a/vendor/github.com/securego/gosec/v2/analyzers/util.go b/vendor/github.com/securego/gosec/v2/analyzers/util.go
index b090a3e45..f1bd867ae 100644
--- a/vendor/github.com/securego/gosec/v2/analyzers/util.go
+++ b/vendor/github.com/securego/gosec/v2/analyzers/util.go
@@ -28,7 +28,7 @@ import (
)
// SSAAnalyzerResult contains various information returned by the
-// SSA analysis along with some configuraion
+// SSA analysis along with some configuration
type SSAAnalyzerResult struct {
Config map[string]interface{}
Logger *log.Logger
@@ -42,7 +42,7 @@ func BuildDefaultAnalyzers() []*analysis.Analyzer {
}
}
-// getSSAResult retrives the SSA result from analysis pass
+// getSSAResult retrieves the SSA result from analysis pass
func getSSAResult(pass *analysis.Pass) (*SSAAnalyzerResult, error) {
result, ok := pass.ResultOf[buildssa.Analyzer]
if !ok {
diff --git a/vendor/github.com/securego/gosec/v2/cmd/gosec/main.go b/vendor/github.com/securego/gosec/v2/cmd/gosec/main.go
index 488410312..e108ba994 100644
--- a/vendor/github.com/securego/gosec/v2/cmd/gosec/main.go
+++ b/vendor/github.com/securego/gosec/v2/cmd/gosec/main.go
@@ -143,7 +143,10 @@ var (
// output suppression information for auditing purposes
flagTrackSuppressions = flag.Bool("track-suppressions", false, "Output suppression information, including its kind and justification")
- // exlude the folders from scan
+ // flagTerse shows only the summary of scan discarding all the logs
+ flagTerse = flag.Bool("terse", false, "Shows only the results and summary")
+
+ // exclude the folders from scan
flagDirsExclude arrayFlags
logger *log.Logger
@@ -354,7 +357,7 @@ func main() {
}
}
- if *flagQuiet {
+ if *flagQuiet || *flagTerse {
logger = log.New(io.Discard, "", 0)
} else {
logger = log.New(logWriter, "[gosec] ", log.LstdFlags)
diff --git a/vendor/github.com/securego/gosec/v2/config.go b/vendor/github.com/securego/gosec/v2/config.go
index ca4cf2175..9cbb7a713 100644
--- a/vendor/github.com/securego/gosec/v2/config.go
+++ b/vendor/github.com/securego/gosec/v2/config.go
@@ -33,6 +33,11 @@ const (
SSA GlobalOption = "ssa"
)
+// NoSecTag returns the tag used to disable gosec for a line of code.
+func NoSecTag(tag string) string {
+ return fmt.Sprintf("%s%s", "#", tag)
+}
+
// Config is used to provide configuration and customization to each of the rules.
type Config map[string]interface{}
diff --git a/vendor/github.com/securego/gosec/v2/helpers.go b/vendor/github.com/securego/gosec/v2/helpers.go
index 08b7893eb..b4c23e5bb 100644
--- a/vendor/github.com/securego/gosec/v2/helpers.go
+++ b/vendor/github.com/securego/gosec/v2/helpers.go
@@ -96,11 +96,46 @@ func GetChar(n ast.Node) (byte, error) {
return 0, fmt.Errorf("Unexpected AST node type: %T", n)
}
+// GetStringRecursive will recursively walk down a tree of *ast.BinaryExpr. It will then concat the results, and return.
+// Unlike the other getters, it does _not_ raise an error for unknown ast.Node types. At the base, the recursion will hit a non-BinaryExpr type,
+// either BasicLit or other, so it's not an error case. It will only error if `strconv.Unquote` errors. This matters, because there's
+// currently functionality that relies on error values being returned by GetString if and when it hits a non-basiclit string node type,
+// hence for cases where recursion is needed, we use this separate function, so that we can still be backwards compatbile.
+//
+// This was added to handle a SQL injection concatenation case where the injected value is infixed between two strings, not at the start or end. See example below
+//
+// Do note that this will omit non-string values. So for example, if you were to use this node:
+// ```go
+// q := "SELECT * FROM foo WHERE name = '" + os.Args[0] + "' AND 1=1" // will result in "SELECT * FROM foo WHERE ” AND 1=1"
+
+func GetStringRecursive(n ast.Node) (string, error) {
+ if node, ok := n.(*ast.BasicLit); ok && node.Kind == token.STRING {
+ return strconv.Unquote(node.Value)
+ }
+
+ if expr, ok := n.(*ast.BinaryExpr); ok {
+ x, err := GetStringRecursive(expr.X)
+ if err != nil {
+ return "", err
+ }
+
+ y, err := GetStringRecursive(expr.Y)
+ if err != nil {
+ return "", err
+ }
+
+ return x + y, nil
+ }
+
+ return "", nil
+}
+
// GetString will read and return a string value from an ast.BasicLit
func GetString(n ast.Node) (string, error) {
if node, ok := n.(*ast.BasicLit); ok && node.Kind == token.STRING {
return strconv.Unquote(node.Value)
}
+
return "", fmt.Errorf("Unexpected AST node type: %T", n)
}
@@ -201,22 +236,21 @@ func GetCallStringArgsValues(n ast.Node, _ *Context) []string {
return values
}
-// GetIdentStringValues return the string values of an Ident if they can be resolved
-func GetIdentStringValues(ident *ast.Ident) []string {
+func getIdentStringValues(ident *ast.Ident, stringFinder func(ast.Node) (string, error)) []string {
values := []string{}
obj := ident.Obj
if obj != nil {
switch decl := obj.Decl.(type) {
case *ast.ValueSpec:
for _, v := range decl.Values {
- value, err := GetString(v)
+ value, err := stringFinder(v)
if err == nil {
values = append(values, value)
}
}
case *ast.AssignStmt:
for _, v := range decl.Rhs {
- value, err := GetString(v)
+ value, err := stringFinder(v)
if err == nil {
values = append(values, value)
}
@@ -226,6 +260,18 @@ func GetIdentStringValues(ident *ast.Ident) []string {
return values
}
+// getIdentStringRecursive returns the string of values of an Ident if they can be resolved
+// The difference between this and GetIdentStringValues is that it will attempt to resolve the strings recursively,
+// if it is passed a *ast.BinaryExpr. See GetStringRecursive for details
+func GetIdentStringValuesRecursive(ident *ast.Ident) []string {
+ return getIdentStringValues(ident, GetStringRecursive)
+}
+
+// GetIdentStringValues return the string values of an Ident if they can be resolved
+func GetIdentStringValues(ident *ast.Ident) []string {
+ return getIdentStringValues(ident, GetString)
+}
+
// GetBinaryExprOperands returns all operands of a binary expression by traversing
// the expression tree
func GetBinaryExprOperands(be *ast.BinaryExpr) []ast.Node {
@@ -301,7 +347,7 @@ func Getenv(key, userDefault string) string {
return userDefault
}
-// GetPkgRelativePath returns the Go relative relative path derived
+// GetPkgRelativePath returns the Go relative path derived
// form the given path
func GetPkgRelativePath(path string) (string, error) {
abspath, err := filepath.Abs(path)
diff --git a/vendor/github.com/securego/gosec/v2/issue/issue.go b/vendor/github.com/securego/gosec/v2/issue/issue.go
index 5bf00dec2..db4d630fa 100644
--- a/vendor/github.com/securego/gosec/v2/issue/issue.go
+++ b/vendor/github.com/securego/gosec/v2/issue/issue.go
@@ -87,6 +87,7 @@ var ruleToCWE = map[string]string{
"G504": "327",
"G505": "327",
"G601": "118",
+ "G602": "118",
}
// Issue is returned by a gosec rule if it discovers an issue with the scanned code.
diff --git a/vendor/github.com/securego/gosec/v2/report/html/template.html b/vendor/github.com/securego/gosec/v2/report/html/template.html
index 7655383f5..3a63f068f 100644
--- a/vendor/github.com/securego/gosec/v2/report/html/template.html
+++ b/vendor/github.com/securego/gosec/v2/report/html/template.html
@@ -10,7 +10,7 @@
-
+