chore: Update dependencies and workflows

Author: bcessa

.github/workflows/ci.yml

@@ -1,11 +1,14 @@
 name: ci
+env:
+  commit_msg: ""
 on:
   push:
     branches:
       - "*"
   pull_request:
     branches:
       - master
+      - main
   workflow_dispatch: {}
 jobs:
   # Scan direct Go dependencies for known vulnerabilities
@@ -54,14 +57,14 @@ jobs:
     needs: scan
     strategy:
       matrix:
-        go-version: [1.19.x, 1.20.x]
+        go-version: [1.19.x, 1.20.x, 1.21.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     timeout-minutes: 15
     steps:
       # Checkout code
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Configure runner environment
       - name: Set up runner environment
@@ -88,7 +91,7 @@ jobs:
       - name: Static analysis
         uses: golangci/golangci-lint-action@v3
         with:
-          version: v1.51.2
+          version: v1.54.2
 
       # Run unit tests
       - name: Test

.github/workflows/codeql.yml

@@ -6,6 +6,7 @@ on:
   pull_request:
     branches:
       - master
+      - main
   workflow_dispatch: {}
 jobs:
   # Semantic code analysis to discover vulnerabilities in the codebase
@@ -21,7 +22,7 @@ jobs:
     steps:
       # Checkout code
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
 
       # Prepare runner environment
       - name: Set up runner environment

.github/workflows/release.yml

@@ -1,4 +1,6 @@
 name: release
+env:
+  commit_msg: ""
 on:
   push:
     tags:
@@ -13,7 +15,7 @@ jobs:
     steps:
       # Checkout code
       - name: Checkout repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         # This is required for the changelog to be properly generated
         with:
           fetch-depth: 0
@@ -36,28 +38,16 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v4
         with:
-          go-version: 1.20.x
-
-      # If "vendor" is in cache, restore.
-      # To run conditional steps use:
-      # if: steps.vendor-cache.outputs.cache-hit != 'true'
-      - name: Restore vendor from cache
-        id: vendor-cache
-        uses: actions/cache@v3
-        env:
-          cache-name: vendor
-        with:
-          path: ./vendor
-          key: ${{ env.cache-name }}-${{ hashFiles('go.sum') }}
+          go-version: 1.21.x
 
       # Use goreleaser to create the new release
       # https://github.com/goreleaser/goreleaser-action
       - name: Create release
-        uses: goreleaser/goreleaser-action@v4
+        uses: goreleaser/goreleaser-action@v5
         if: startsWith(github.ref, 'refs/tags/')
         with:
           version: latest
-          args: release --rm-dist --skip-validate
+          args: release --clean --skip=validate
         env:
           # https://docs.github.com/en/free-pro-team@latest/actions/reference/authentication-in-a-workflow
           GITHUB_TOKEN: ${{ secrets.ACCESS_TOKEN }}

.golangci.yml

@@ -25,7 +25,6 @@ linters:
     - typecheck
     - gocyclo
     - goconst
-    - depguard
     - misspell
     - lll
     - nakedret
@@ -45,16 +44,17 @@ linters:
     - predeclared
     - exportloopref
     - whitespace
+    - nestif
+    - funlen
     # Deprecated linters
-    #- wrapcheck
-    #- nestif
-    #- funlen
-    #- ifshort
-    #- varcheck
+    # - wrapcheck
+    # - ifshort
+    # - varcheck
   disable:
     - deadcode
     - unused
     - dupl
+    - depguard
     # https://github.com/golangci/golangci-lint/issues/2649
     - structcheck
     - wastedassign
@@ -96,17 +96,15 @@ linters-settings:
       - unusedresult
       - tests
       #- fieldalignment
+  nestif:
+    min-complexity: 6
   gofmt:
     simplify: true
   gocyclo:
     min-complexity: 18
   goconst:
     min-len: 3
     min-occurrences: 5
-  depguard:
-    list-type: blacklist
-    include-go-root: false
-    packages: []
   misspell:
     locale: US
     ignore-words: []

.goreleaser.yml

@@ -17,16 +17,15 @@ builds:
     # code entrypoint
     main: main.go
     # CLI flags for the 'go build' command
-    flags:
-      -v
+    flags: -v
     ldflags:
       - -s -w
       - -X github.com/bryk-io/tred-cli/cmd.coreVersion={{.Version}}
       - -X github.com/bryk-io/tred-cli/cmd.buildCode={{.Commit}}
       - -X github.com/bryk-io/tred-cli/cmd.buildTimestamp={{.CommitDate}}
     # set the modified timestamp on the output binary to ensure a
     # reproducible build
-    mod_timestamp: '{{ .CommitTimestamp }}'
+    mod_timestamp: "{{ .CommitTimestamp }}"
     # disable CGO since it's not supported
     env:
       - CGO_ENABLED=0
@@ -48,7 +47,6 @@ builds:
 archives:
   # a single project can produce multiple archives
   - name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
-    rlcp: true
     builds:
       # artifacts to pack
       - tredctl
@@ -60,7 +58,7 @@ archives:
       # include documentation files in the package for distribution
       - README.md
       - LICENSE*
-      - src: '*.md'
+      - src: "*.md"
         dst: docs
         strip_parent: true
 # generate integrity checksums
@@ -72,7 +70,6 @@ checksum:
 # https://goreleaser.com/customization/source/
 source:
   enabled: true
-  rlcp: true
 # produce test releases
 # https://goreleaser.com/customization/snapshots/
 snapshot:
@@ -81,7 +78,7 @@ snapshot:
 # https://goreleaser.com/customization/release/#customize-the-changelog
 changelog:
   # Sorts the changelog by the commit messages (asc, desc or '')
-  sort: ''
+  sort: ""
   # Remove certain commit messages from the changelog
   filters:
     # Standard commit messages can help to produce better changelogs
@@ -94,21 +91,20 @@ changelog:
 # Produce homebrew formulas for the project artifacts
 # https://goreleaser.com/customization/homebrew/
 brews:
-  -
-    # Formula name
+  - # Formula name
     name: tredctl
     # Push the formula to the tap repository
     skip_upload: "false"
     # TAP repository
-    tap:
+    repository:
       owner: bryk-io
       name: homebrew-tap
     # Use 'github-actions' as commit author
     # https://github.community/t/github-actions-bot-email-address/17204
     commit_author:
       name: github-actions
       email: 41898282+github-actions[bot]@users.noreply.github.com
-    homepage: 'https://github.com/bryk-io/tred-cli'
+    homepage: "https://github.com/bryk-io/tred-cli"
     description: |
       CLI client for the 'Tamper Resistant Encrypted Data' protocol.
     install: |
@@ -123,8 +119,7 @@ brews:
 # linux packages
 # https://goreleaser.com/customization/nfpm/
 nfpms:
-  -
-    file_name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
+  - file_name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}{{ if .Arm }}v{{ .Arm }}{{ end }}"
     builds:
       - tredctl
     vendor: Bryk Labs

cmd/decrypt.go

@@ -102,20 +102,25 @@ func runDecrypt(_ *cobra.Command, args []string) error {
 
 	// Get decryption key
 	var key []byte
+
+	// ... from file
 	if viper.GetString("decrypt.key") != "" {
 		if key, err = os.ReadFile(viper.GetString("decrypt.key")); err != nil {
 			log.WithField("error", err).Fatal("could not read key file provided")
 			return err
 		}
-	} else {
+	}
+
+	// ... from user input
+	if len(key) == 0 {
 		log.Info("no key file provided, asking for a secret key now")
 		if key, err = secureAsk("Decryption Key: \n"); err != nil {
 			log.WithField("error", err).Fatal("failed to retrieve key")
 			return err
 		}
 	}
 
-	// Start tred workers pool
+	// Start TRED worker pool
 	wp, err := newPool(viper.GetInt("decrypt.workers"), key, viper.GetString("decrypt.cipher"), log)
 	if err != nil {
 		log.WithField("error", err).Fatal("could not initialize TRED workers")
@@ -126,38 +131,31 @@ func runDecrypt(_ *cobra.Command, args []string) error {
 	start := time.Now()
 	if isDir(input) {
 		_ = filepath.Walk(input, func(f string, i os.FileInfo, err error) error {
+			fields := xlog.Fields{"location": f}
+
 			// Unexpected error walking the directory
 			if err != nil {
-				log.WithFields(xlog.Fields{
-					"location": f,
-					"error":    err,
-				}).Warning("failed to traverse location")
+				fields["error"] = err
+				log.WithFields(fields).Warning("failed to traverse location")
 				return err
 			}
 
 			// Ignore hidden files
 			if strings.HasPrefix(filepath.Base(f), ".") && !viper.GetBool("decrypt.all") {
-				log.WithFields(xlog.Fields{
-					"location": f,
-				}).Debug("ignoring hidden file")
+				log.WithFields(fields).Debug("ignoring hidden file")
 				return nil
 			}
 
 			// Don't go into sub-directories if not required
 			if i.IsDir() && !viper.GetBool("decrypt.recursive") {
-				log.WithFields(xlog.Fields{
-					"location": f,
-				}).Debug("ignoring directory on non-recursive run")
+				log.WithFields(fields).Debug("ignoring directory on non-recursive run")
 				return filepath.SkipDir
 			}
 
-			// Ignore subdir markers
-			if i.IsDir() {
-				return nil
+			// Add files as jobs on processing pool
+			if !i.IsDir() {
+				wp.add(job{file: f, showBar: false})
 			}
-
-			// Add job to processing pool
-			wp.add(job{file: f, showBar: false})
 			return nil
 		})
 	} else {

cmd/encrypt.go

@@ -102,20 +102,25 @@ func runEncrypt(_ *cobra.Command, args []string) error {
 
 	// Get encryption key
 	var key []byte
+
+	// ... from file
 	if viper.GetString("encrypt.key") != "" {
 		if key, err = os.ReadFile(viper.GetString("encrypt.key")); err != nil {
 			log.WithField("error", err).Fatal("could not read key file provided")
 			return err
 		}
-	} else {
+	}
+
+	// ... from user input
+	if len(key) == 0 {
 		log.Info("no key file provided, asking for a secret key now")
 		if key, err = getInteractiveKey(); err != nil {
 			log.WithField("error", err).Fatal("failed to retrieve key")
 			return err
 		}
 	}
 
-	// Start tred workers pool
+	// Start TRED worker pool
 	wp, err := newPool(viper.GetInt("encrypt.workers"), key, viper.GetString("encrypt.cipher"), log)
 	if err != nil {
 		log.WithField("error", err).Fatal("could not initialize TRED workers")
@@ -126,38 +131,31 @@ func runEncrypt(_ *cobra.Command, args []string) error {
 	start := time.Now()
 	if isDir(input) {
 		err = filepath.Walk(input, func(f string, i os.FileInfo, err error) error {
+			fields := xlog.Fields{"location": f}
+
 			// Unexpected error walking the directory
 			if err != nil {
-				log.WithFields(xlog.Fields{
-					"location": f,
-					"error":    err,
-				}).Warning("failed to traverse location")
+				fields["error"] = err
+				log.WithFields(fields).Warning("failed to traverse location")
 				return err
 			}
 
 			// Ignore hidden files
 			if strings.HasPrefix(filepath.Base(f), ".") && !viper.GetBool("encrypt.all") {
-				log.WithFields(xlog.Fields{
-					"location": f,
-				}).Debug("ignoring hidden file")
+				log.WithFields(fields).Debug("ignoring hidden file")
 				return nil
 			}
 
 			// Don't go into sub-directories if not required
 			if i.IsDir() && !viper.GetBool("encrypt.recursive") {
-				log.WithFields(xlog.Fields{
-					"location": f,
-				}).Debug("ignoring directory on non-recursive run")
+				log.WithFields(fields).Debug("ignoring directory on non-recursive run")
 				return filepath.SkipDir
 			}
 
-			// Ignore subdir markers
-			if i.IsDir() {
-				return nil
+			// Add files as jobs on processing pool
+			if !i.IsDir() {
+				wp.add(job{file: f, showBar: false, encrypt: true})
 			}
-
-			// Add job to processing pool
-			wp.add(job{file: f, showBar: false, encrypt: true})
 			return nil
 		})
 	} else {