From 77349fa524193844807f856658a5f02d76f308e5 Mon Sep 17 00:00:00 2001 From: "Wayne E. Seguin" Date: Fri, 23 May 2025 14:18:38 -0400 Subject: [PATCH 1/2] Updated to go 1.24.3 - Editor autoformatted comments (go fmt) - Commented out unreachable code pointed out by running go vet ./... --- auth.go | 95 +++++++++++++++++++------------------ client.go | 6 +-- errors.go | 58 +++++++++++------------ go.mod | 16 ++++++- go.sum | 106 +----------------------------------------- kv.go | 64 ++++++++++++++----------- kv1.go | 40 ++++++++-------- kv2.go | 74 ++++++++++++++--------------- mount.go | 26 +++++------ oidc.go | 10 ++-- rekey.go | 62 ++++++++++++------------ root.go | 52 ++++++++++----------- sys.go | 60 ++++++++++++------------ test | 1 + vaultkv_suite_test.go | 2 +- 15 files changed, 295 insertions(+), 377 deletions(-) diff --git a/auth.go b/auth.go index 9161fdb..90df5cd 100644 --- a/auth.go +++ b/auth.go @@ -7,20 +7,20 @@ import ( "time" ) -//SetAuthToken provides a thread-safe way to set the auth token for the client. -//Setting AuthToken directly is still valid, but may race if a coroutine can -//possibly make a request with the client while the AuthToken is being written -//to. This function handles a mutex which avoids that. +// SetAuthToken provides a thread-safe way to set the auth token for the client. +// Setting AuthToken directly is still valid, but may race if a coroutine can +// possibly make a request with the client while the AuthToken is being written +// to. This function handles a mutex which avoids that. func (v *Client) SetAuthToken(token string) { v.tokenLock.Lock() v.AuthToken = token v.tokenLock.Unlock() } -//AuthOutput is the general structure as returned by AuthX functions. The -//Metadata member type is determined by the specific Auth function. Note that -//the Vault must be initialized and unsealed in order to use authentication -//endpoints. +// AuthOutput is the general structure as returned by AuthX functions. The +// Metadata member type is determined by the specific Auth function. Note that +// the Vault must be initialized and unsealed in order to use authentication +// endpoints. type AuthOutput struct { Renewable bool LeaseDuration time.Duration @@ -32,9 +32,9 @@ type AuthOutput struct { } type authOutputRaw struct { - Renewable bool `json:"renewable"` - Data map[string]interface{} `json:"data"` - LeaseDuration int `json:"lease_duration"` + Renewable bool `json:"renewable"` + Data map[string]interface{} `json:"data"` + LeaseDuration int `json:"lease_duration"` Auth struct { ClientToken string `json:"client_token"` Accessor string `json:"accessor"` @@ -83,23 +83,23 @@ func (a authOutputRaw) toFinal(m interface{}) *AuthOutput { return ret } -//AuthGithubMetadata is the metadata member set by AuthGithub. +// AuthGithubMetadata is the metadata member set by AuthGithub. type AuthGithubMetadata struct { Username string `json:"username"` Organization string `json:"org"` } -//AuthGithub is a shorthand for AuthGithubMount against the default github auth -//mountpoint, 'github' +// AuthGithub is a shorthand for AuthGithubMount against the default github auth +// mountpoint, 'github' func (v *Client) AuthGithub(accessToken string) (ret *AuthOutput, err error) { return v.AuthGithubMount("github", accessToken) } -//AuthGithubMount submits the given accessToken to the github auth endpoint at -//the given mount, checking it against configurations for Github organizations. -//If the accessToken belongs to an authorized account, then the AuthOutput -//object is returned, and this client's AuthToken is set to the returned token. -//Given mountpoint is relative to /v1/auth. +// AuthGithubMount submits the given accessToken to the github auth endpoint at +// the given mount, checking it against configurations for Github organizations. +// If the accessToken belongs to an authorized account, then the AuthOutput +// object is returned, and this client's AuthToken is set to the returned token. +// Given mountpoint is relative to /v1/auth. func (v *Client) AuthGithubMount(mount, accessToken string) (ret *AuthOutput, err error) { raw := &authOutputRaw{} @@ -125,22 +125,22 @@ func (v *Client) AuthGithubMount(mount, accessToken string) (ret *AuthOutput, er return } -//AuthOktaMetadata is the metadata member set by AuthOkta +// AuthOktaMetadata is the metadata member set by AuthOkta type AuthOktaMetadata struct { Username string `json:"username"` } -//AuthOkta is a shorthand for AuthOktaMount against the default Okta mountpoint, -//'okta'. +// AuthOkta is a shorthand for AuthOktaMount against the default Okta mountpoint, +// 'okta'. func (v *Client) AuthOkta(username, password string) (ret *AuthOutput, err error) { return v.AuthOktaMount("okta", username, password) } -//AuthOktaMount submits the given username and password to the Okta auth endpoint -//mounted at the given mountpoint, checking it against existing Okta auth -//configurations. If auth is successful, then the AuthOutput object is returned, -//and this client's AuthToken is set to the returned token. Given mountpoint is -//relative to /v1/auth. +// AuthOktaMount submits the given username and password to the Okta auth endpoint +// mounted at the given mountpoint, checking it against existing Okta auth +// configurations. If auth is successful, then the AuthOutput object is returned, +// and this client's AuthToken is set to the returned token. Given mountpoint is +// relative to /v1/auth. func (v *Client) AuthOktaMount(mount, username, password string) (ret *AuthOutput, err error) { raw := &authOutputRaw{} @@ -157,7 +157,6 @@ func (v *Client) AuthOktaMount(mount, username, password string) (ret *AuthOutpu }{Password: password}, &raw, ) - fmt.Sprintf("%s", err) if err != nil { return } @@ -168,22 +167,22 @@ func (v *Client) AuthOktaMount(mount, username, password string) (ret *AuthOutpu return } -//AuthLDAPMetadata is the metadata member set by AuthLDAP +// AuthLDAPMetadata is the metadata member set by AuthLDAP type AuthLDAPMetadata struct { Username string `json:"username"` } -//AuthLDAP is a shorthand for AuthLDAPMount against the default LDAP mountpoint, -//'ldap'. +// AuthLDAP is a shorthand for AuthLDAPMount against the default LDAP mountpoint, +// 'ldap'. func (v *Client) AuthLDAP(username, password string) (ret *AuthOutput, err error) { return v.AuthLDAPMount("ldap", username, password) } -//AuthLDAPMount submits the given username and password to the LDAP auth endpoint -//mounted at the given mountpoint, checking it against existing LDAP auth -//configurations. If auth is successful, then the AuthOutput object is returned, -//and this client's AuthToken is set to the returned token. Given mountpoint is -//relative to /v1/auth. +// AuthLDAPMount submits the given username and password to the LDAP auth endpoint +// mounted at the given mountpoint, checking it against existing LDAP auth +// configurations. If auth is successful, then the AuthOutput object is returned, +// and this client's AuthToken is set to the returned token. Given mountpoint is +// relative to /v1/auth. func (v *Client) AuthLDAPMount(mount, username, password string) (ret *AuthOutput, err error) { raw := &authOutputRaw{} @@ -210,21 +209,21 @@ func (v *Client) AuthLDAPMount(mount, username, password string) (ret *AuthOutpu return } -//AuthUserpassMetadata is the metadata member set by AuthUserpass +// AuthUserpassMetadata is the metadata member set by AuthUserpass type AuthUserpassMetadata struct { Username string `json:"username"` } -//AuthUserpass is a shorthand for AuthUserpassMount for the default userpass +// AuthUserpass is a shorthand for AuthUserpassMount for the default userpass // mount point, 'userpass'. func (v *Client) AuthUserpass(username, password string) (ret *AuthOutput, err error) { return v.AuthUserpassMount("userpass", username, password) } -//AuthUserpass submits the given username and password to the userpass auth -//endpoint located at the given mount. If a username with that password exists, -//then the AuthOutput object is returned, and this client's AuthToken is set to -//the returned token. Given mountpoint is relative to /v1/auth. +// AuthUserpass submits the given username and password to the userpass auth +// endpoint located at the given mount. If a username with that password exists, +// then the AuthOutput object is returned, and this client's AuthToken is set to +// the returned token. Given mountpoint is relative to /v1/auth. func (v *Client) AuthUserpassMount(mount, username, password string) (ret *AuthOutput, err error) { raw := &authOutputRaw{} @@ -251,14 +250,14 @@ func (v *Client) AuthUserpassMount(mount, username, password string) (ret *AuthO return } -//AuthApprole performs auth against the given approle mount with the given +// AuthApprole performs auth against the given approle mount with the given // approle ID and secret. If the login is successful, this client's AuthToken is // set to the returned token. Given mountpoint is relative to /v1/auth. func (v *Client) AuthApprole(roleID, secretID string) (ret *AuthOutput, err error) { return v.AuthApproleMount("approle", roleID, secretID) } -//AuthApproleMount performs auth against the given approle mount with the given +// AuthApproleMount performs auth against the given approle mount with the given // approle ID and secret. If the login is successful, this client's AuthToken is // set to the returned token. func (v *Client) AuthApproleMount(mount, roleID, secretID string) (ret *AuthOutput, err error) { @@ -291,13 +290,13 @@ func (v *Client) AuthApproleMount(mount, roleID, secretID string) (ret *AuthOutp return } -//TokenRenewSelf takes the token in the Client object and attempts to renew its +// TokenRenewSelf takes the token in the Client object and attempts to renew its // lease. func (v *Client) TokenRenewSelf() (err error) { return v.doRequest("POST", "/auth/token/renew-self", nil, nil) } -//TokenInfo contains metadata about a token. Return values from the Vault API +// TokenInfo contains metadata about a token. Return values from the Vault API // are converted into more easily usable Golang types. type TokenInfo struct { Accessor string @@ -337,7 +336,7 @@ type tokenInfoRaw struct { } `json:"data"` } -//TokenInfoSelf returns the contents of the token self info endpoint of the vault +// TokenInfoSelf returns the contents of the token self info endpoint of the vault func (v *Client) TokenInfoSelf() (ret *TokenInfo, err error) { raw := tokenInfoRaw{} err = v.doRequest("GET", "/auth/token/lookup-self", nil, &raw) @@ -381,7 +380,7 @@ func (v *Client) TokenInfoSelf() (ret *TokenInfo, err error) { return } -//TokenIsValid returns no error if it can look itself up. This can error +// TokenIsValid returns no error if it can look itself up. This can error // if the token is valid but somebody has configured policies such that it can not // look itself up. It can also error, of course, if the token is invalid. func (v *Client) TokenIsValid() (err error) { diff --git a/client.go b/client.go index 712be89..79ef84c 100644 --- a/client.go +++ b/client.go @@ -15,7 +15,7 @@ import ( "sync" ) -//Client provides functions that access and abstract the Vault API. +// Client provides functions that access and abstract the Vault API. // VaultURL must be set to the for the client to work. Only Vault versions // 0.6.5 and above are tested to work with this client. type Client struct { @@ -37,7 +37,7 @@ type vaultResponse struct { //There's totally more to the response, but this is all I care about atm. } -//URL encoded values can be given as a *url.Values as "input" when performing +// URL encoded values can be given as a *url.Values as "input" when performing // a GET call func (v *Client) doRequest( method, path string, @@ -84,7 +84,7 @@ func (v *Client) doRequest( return err } -//Curl takes the given path, prepends /v1/ to it, and makes the request +// Curl takes the given path, prepends /v1/ to it, and makes the request // with the remainder of the given parameters. Errors returned only reflect // transport errors, not HTTP semantic errors func (v *Client) Curl(method string, path string, urlQuery url.Values, body io.Reader) (*http.Response, error) { diff --git a/errors.go b/errors.go index 38ed531..a1f53a1 100644 --- a/errors.go +++ b/errors.go @@ -8,8 +8,8 @@ import ( "strings" ) -//ErrBadRequest represents 400 status codes that are returned from the API. -//See: your fault. +// ErrBadRequest represents 400 status codes that are returned from the API. +// See: your fault. type ErrBadRequest struct { message string } @@ -18,13 +18,13 @@ func (e *ErrBadRequest) Error() string { return fmt.Sprintf("400 Bad Request: %s", e.message) } -//IsBadRequest returns true if the error is an ErrBadRequest +// IsBadRequest returns true if the error is an ErrBadRequest func IsBadRequest(err error) bool { _, is := err.(*ErrBadRequest) return is } -//ErrForbidden represents 403 status codes returned from the API. This could be +// ErrForbidden represents 403 status codes returned from the API. This could be // if your auth is wrong or expired, or you simply don't have access to do the // particular thing you're trying to do. Check your privilege. type ErrForbidden struct { @@ -35,13 +35,13 @@ func (e *ErrForbidden) Error() string { return fmt.Sprintf("403 Forbidden: %s", e.message) } -//IsForbidden returns true if the error is an ErrForbidden +// IsForbidden returns true if the error is an ErrForbidden func IsForbidden(err error) bool { _, is := err.(*ErrForbidden) return is } -//ErrNotFound represents 404 status codes returned from the API. This could be +// ErrNotFound represents 404 status codes returned from the API. This could be // either that the thing you're looking for doesn't exist, or in some cases // that you don't have access to the thing you're looking for and that Vault is // hiding it from you. @@ -53,13 +53,13 @@ func (e *ErrNotFound) Error() string { return fmt.Sprintf("404 Not Found: %s", e.message) } -//IsNotFound returns true if the error is an ErrNotFound +// IsNotFound returns true if the error is an ErrNotFound func IsNotFound(err error) bool { _, is := err.(*ErrNotFound) return is } -//ErrStandby is only returned from Health() if standbyok is set to false and the +// ErrStandby is only returned from Health() if standbyok is set to false and the // node you're querying is a standby. type ErrStandby struct { message string @@ -69,14 +69,14 @@ func (e *ErrStandby) Error() string { return fmt.Sprintf("429 Standby: %s", e.message) } -//IsErrStandby returns true if the error is an ErrStandby +// IsErrStandby returns true if the error is an ErrStandby func IsErrStandby(err error) bool { _, is := err.(*ErrStandby) return is } -//ErrDRSecondary is only returned from Health() if standbyok is set to false -//and the node you're querying is a secondary disaster recovery node. +// ErrDRSecondary is only returned from Health() if standbyok is set to false +// and the node you're querying is a secondary disaster recovery node. type ErrDRSecondary struct { message string } @@ -85,14 +85,14 @@ func (e *ErrDRSecondary) Error() string { return fmt.Sprintf("472 DRSecondary: %s", e.message) } -//IsErrDRSecondary returns true if the error is an ErrDRSecondary +// IsErrDRSecondary returns true if the error is an ErrDRSecondary func IsErrDRSecondary(err error) bool { _, is := err.(*ErrDRSecondary) return is } -//ErrPerfStandby is only returned from Health() if standbyok is set to false -//and the node you're querying is a performance standby node. +// ErrPerfStandby is only returned from Health() if standbyok is set to false +// and the node you're querying is a performance standby node. type ErrPerfStandby struct { message string } @@ -101,20 +101,20 @@ func (e *ErrPerfStandby) Error() string { return fmt.Sprintf("473 PerfStandby %s", e.message) } -//IsErrPerfStandby returns true if the error is an ErrPerfStandby +// IsErrPerfStandby returns true if the error is an ErrPerfStandby func IsErrPerfStandby(err error) bool { _, is := err.(*ErrPerfStandby) return is } -//IsAnyStandbyErr returns true if the error is that the node is a standby or a -//performance standby +// IsAnyStandbyErr returns true if the error is that the node is a standby or a +// performance standby func IsAnyStandbyErr(err error) bool { return IsErrStandby(err) || IsErrPerfStandby(err) } -//ErrInternalServer represents 500 status codes that are returned from the API. -//See: their fault. +// ErrInternalServer represents 500 status codes that are returned from the API. +// See: their fault. type ErrInternalServer struct { message string } @@ -123,13 +123,13 @@ func (e *ErrInternalServer) Error() string { return fmt.Sprintf("500 Internal Server Error: %s", e.message) } -//IsInternalServer returns true if the error is an ErrInternalServer +// IsInternalServer returns true if the error is an ErrInternalServer func IsInternalServer(err error) bool { _, is := err.(*ErrInternalServer) return is } -//ErrSealed represents the 503 status code that is returned by Vault most +// ErrSealed represents the 503 status code that is returned by Vault most // commonly if the Vault is currently sealed, but could also represent the Vault // being in a maintenance state. type ErrSealed struct { @@ -140,14 +140,14 @@ func (e *ErrSealed) Error() string { return fmt.Sprintf("503 Sealed: %s", e.message) } -//IsSealed returns true if the error is an ErrSealed +// IsSealed returns true if the error is an ErrSealed func IsSealed(err error) bool { _, is := err.(*ErrSealed) return is } -//ErrUninitialized represents a 503 status code being returned and the Vault -//being uninitialized. +// ErrUninitialized represents a 503 status code being returned and the Vault +// being uninitialized. type ErrUninitialized struct { message string } @@ -156,13 +156,13 @@ func (e *ErrUninitialized) Error() string { return fmt.Sprintf("503 Uninitialized: %s", e.message) } -//IsUninitialized returns true if the error is an ErrUninitialized +// IsUninitialized returns true if the error is an ErrUninitialized func IsUninitialized(err error) bool { _, is := err.(*ErrUninitialized) return is } -//ErrTransport is returned if an error was encountered trying to reach the API, +// ErrTransport is returned if an error was encountered trying to reach the API, // as opposed to an error from the API, is returned type ErrTransport struct { message string @@ -172,13 +172,13 @@ func (e *ErrTransport) Error() string { return fmt.Sprintf("Transport Error: %s", e.message) } -//IsTransport returns true if the error is an ErrTransport +// IsTransport returns true if the error is an ErrTransport func IsTransport(err error) bool { _, is := err.(*ErrTransport) return is } -//ErrKVUnsupported is returned by the KV object when the user requests an +// ErrKVUnsupported is returned by the KV object when the user requests an // operation that cannot be performed by the actual version of the KV backend // that the KV object is abstracting type ErrKVUnsupported struct { @@ -189,7 +189,7 @@ func (e *ErrKVUnsupported) Error() string { return fmt.Sprintf("Operation unsupported by KV version: %s", e.message) } -//IsErrKVUnsupported returns true if the error is an ErrKVUnsupported +// IsErrKVUnsupported returns true if the error is an ErrKVUnsupported func IsErrKVUnsupported(err error) bool { _, is := err.(*ErrKVUnsupported) return is diff --git a/go.mod b/go.mod index 6497013..580b7cd 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/cloudfoundry-community/vaultkv -go 1.15 +go 1.24.3 require ( github.com/hashicorp/cap v0.5.0 @@ -8,3 +8,17 @@ require ( github.com/onsi/ginkgo v1.16.5 github.com/onsi/gomega v1.10.1 ) + +require ( + github.com/fsnotify/fsnotify v1.4.9 // indirect + github.com/hashicorp/errwrap v1.1.0 // indirect + github.com/hashicorp/go-multierror v1.1.1 // indirect + github.com/hashicorp/go-uuid v1.0.3 // indirect + github.com/nxadm/tail v1.4.8 // indirect + golang.org/x/net v0.17.0 // indirect + golang.org/x/sys v0.15.0 // indirect + golang.org/x/text v0.14.0 // indirect + golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect + gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect + gopkg.in/yaml.v2 v2.3.0 // indirect +) diff --git a/go.sum b/go.sum index 287cf67..c86aaa6 100644 --- a/go.sum +++ b/go.sum @@ -1,43 +1,26 @@ -cloud.google.com/go/compute/metadata v0.2.0/go.mod h1:zFmK7XCadkQkj6TtorcaGlCW1hT1fIilQDwofLpJ20k= -github.com/coreos/go-oidc/v3 v3.5.0/go.mod h1:ecXRtV4romGPeO6ieExAsUK9cb/3fp9hXNz1tlv8PIM= -github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E= github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38= -github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk= -github.com/fatih/color v1.14.1/go.mod h1:2oHN61fhTpgcxD3TSWCgKDiH1+x4OiDVVGH8WlgGZGg= -github.com/frankban/quicktest v1.14.4/go.mod h1:4ptaffx2x8+WTWXmUCuVU6aPUX1/Mz7zb5vbUoiM6w0= github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo= github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4= github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ= -github.com/go-jose/go-jose/v3 v3.0.0/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= -github.com/go-jose/go-jose/v3 v3.0.1/go.mod h1:RNkWWRld676jZEYoV3+XK8L2ZnNSvIsxFMht0mSX+u8= github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE= github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= -github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U= github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8= github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA= github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs= github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w= github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0= github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI= -github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk= github.com/golang/protobuf v1.5.2 h1:ROPKBNFfQgOUMifHyP+KYbvpjbdoFNs+aK7DXlji0Tw= github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY= github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU= github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE= -github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= -github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38= -github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY= github.com/hashicorp/cap v0.5.0 h1:YIlAYxdXXtx2IL1JDvP2OyEl55Ooi0yl573kSB9Orlw= github.com/hashicorp/cap v0.5.0/go.mod h1:IAy00Er+ZFpMo+5x6B4bkO2HgpzgrkfsuDWMmHAuKUE= github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= github.com/hashicorp/errwrap v1.1.0 h1:OxrOeh75EUXMY8TBjag2fzXGZ40LB6IKw45YeGUDY2I= github.com/hashicorp/errwrap v1.1.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4= -github.com/hashicorp/go-cleanhttp v0.5.2/go.mod h1:kO/YDlP8L1346E6Sodw+PrpBSV4/SoxCXGY6BqNFT48= -github.com/hashicorp/go-hclog v1.4.0/go.mod h1:W4Qnvbt70Wk/zYJryRzDRU/4r0kIg0PVHBcfoyhpF5M= github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo= github.com/hashicorp/go-multierror v1.1.1/go.mod h1:iw975J/qwKPdAO1clOe2L8331t/9/fmwbPZ6JB6eMoM= github.com/hashicorp/go-secure-stdlib/base62 v0.1.2 h1:ET4pqyjiGmY09R5y+rSd70J2w45CtbWDNvGqWp/R3Ng= @@ -46,20 +29,6 @@ github.com/hashicorp/go-uuid v1.0.2/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/b github.com/hashicorp/go-uuid v1.0.3 h1:2gKiV6YVmrJ1i2CKKa9obLvRieoRGviZFL26PcT/Co8= github.com/hashicorp/go-uuid v1.0.3/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro= github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU= -github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo= -github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE= -github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk= -github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ= -github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI= -github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY= -github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE= -github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc= -github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4= -github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg= -github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU= -github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94= -github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= -github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM= github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A= github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE= github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU= @@ -70,127 +39,57 @@ github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042 github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY= github.com/onsi/gomega v1.10.1 h1:o0+MgICZLuZ7xjH7Vx6zS/zcu93/BEp1VwkIW1mEXCE= github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo= -github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA= github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4= -github.com/rogpeppe/go-internal v1.9.0/go.mod h1:WtVeX8xhTBvf0smdhujwtBcq4Qrzq/fJaraNFVN+nFs= -github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ= -github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= -github.com/stretchr/objx v0.4.0/go.mod h1:YvHI0jy2hoMjB+UWwv71VJQ9isScKT/TqJzVSSt89Yw= -github.com/stretchr/objx v0.5.0/go.mod h1:Yh+to48EsGEfYuaHDzXPcE3xhTkx73EhmCGUpEOglKo= github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA= -github.com/stretchr/testify v1.6.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= -github.com/stretchr/testify v1.7.2/go.mod h1:R6va5+xMeoiuVRoj+gSkQ7d3FALtqAAGI1FQKckRals= -github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU= -github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4= -github.com/yhat/scrape v0.0.0-20161128144610-24b7890b0945/go.mod h1:4vRFPPNYllgCacoj+0FoKOjTW68rUhEfqPLiEJaK2w8= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= -golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= -golang.org/x/crypto v0.14.0/go.mod h1:MVFd36DqK4CsrnJYDkBA3VC4m2GkXAM0PvzMCn4JQf4= -golang.org/x/crypto v0.17.0/go.mod h1:gCAAfMLgwOJRpTjQ2zCCt2OcSfYMTeZVSRtQlPC7Nq4= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= -golang.org/x/mod v0.8.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= -golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= -golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks= golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.3.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE= -golang.org/x/net v0.6.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs= -golang.org/x/net v0.9.0/go.mod h1:d48xBJpPfHeWQsugry2m+kC02ZBRGRgulfHnEXEuWns= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= -golang.org/x/oauth2 v0.3.0/go.mod h1:rQrIauxkUhJ6CuwEXwymO2/eh4xz2ZWF1nBkcxS+tGk= -golang.org/x/oauth2 v0.5.0/go.mod h1:9/XBHVqLaWO3/BRHs5jbpYCnOZVjj5V0ndyaAM7KB4I= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220503163025-988cb79eb6c6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.7.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.8.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= -golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.3.0/go.mod h1:q750SLmJuPmVoN1blW3UFBPREJfb1KmY3vwxfr+nFDA= -golang.org/x/term v0.5.0/go.mod h1:jMB1sMXY+tzblOD4FWmEbocvup2/aLOaQEp7JmGp78k= -golang.org/x/term v0.7.0/go.mod h1:P32HKFT3hSsZrRxla30E9HqToFYAQPCMs/zFMBUFqPY= -golang.org/x/term v0.8.0/go.mod h1:xPskH00ivmX89bAKVGSKKtLOWNx2+17Eiy94tnKShWo= -golang.org/x/term v0.13.0/go.mod h1:LTmsnFJwVN6bCy1rVCoS+qHT1HhALEFxKncY3WNNh4U= -golang.org/x/term v0.15.0/go.mod h1:BDl952bC7+uMoWR75FIrCDx79TPU9oHkTZ9yRbYOrX0= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= -golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= -golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= -golang.org/x/tools v0.6.0/go.mod h1:Xwgl3UAJ/d3gWutnCtw505GrjyAbvKui8lOU390QaIU= -golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE= golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= -google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc= google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8= google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0= google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM= google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE= google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo= google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU= -google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw= -google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc= -google.golang.org/protobuf v1.28.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= google.golang.org/protobuf v1.28.1 h1:d0NfwRgPtno5B1Wa6L2DAG+KivqkdutMf1UhdNx175w= google.golang.org/protobuf v1.28.1/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I= +gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127 h1:qIbj1fsPNlZgppZ+VLlY7N33q108Sa+fhmuc+sWQYwY= -gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ= gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw= @@ -198,6 +97,3 @@ gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU= gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= -mvdan.cc/gofumpt v0.5.0/go.mod h1:HBeVDtMKRZpXyxFciAirzdKklDlGu8aAy1wEbH5Y9js= diff --git a/kv.go b/kv.go index a73d3c4..e96e300 100644 --- a/kv.go +++ b/kv.go @@ -7,7 +7,7 @@ import ( "time" ) -//KV provides an abstraction to the Vault tree which makes dealing with +// KV provides an abstraction to the Vault tree which makes dealing with // the potential of both KV v1 and KV v2 backends easier to work with. // KV v1 backends are exposed through this interface much like KV v2 // backends with only one version. There are limitations around Delete @@ -33,9 +33,13 @@ type kvMount interface { MountVersion() (version uint) } -/*==================== - KV V1 -====================*/ +/* +==================== + + KV V1 + +==================== +*/ type kvv1Mount struct { client *Client } @@ -121,9 +125,13 @@ func (k kvv1Mount) MountVersion() (version uint) { return 1 } -/*==================== - KV V2 -====================*/ +/* +==================== + + KV V2 + +==================== +*/ type kvv2Mount struct { client *Client } @@ -206,7 +214,7 @@ func (k kvv2Mount) MountVersion() (version uint) { KV Abstraction ==========================*/ -//NewKV returns an initialized KV object. +// NewKV returns an initialized KV object. func (v *Client) NewKV() *KV { return &KV{Client: v, mounts: map[string]kvMount{}} } @@ -265,14 +273,14 @@ func subtractMount(mount string, path string) string { return ret } -//KVGetOpts are options applicable to KV.Get +// KVGetOpts are options applicable to KV.Get type KVGetOpts struct { // Version is the version of the resource to retrieve. Setting this to zero (or // not setting it at all) will retrieve the latest version Version uint } -//KVVersion contains information about a version of a secret. +// KVVersion contains information about a version of a secret. type KVVersion struct { //If KV version is 1, CreatedAt.IsZero() will be true CreatedAt time.Time @@ -281,14 +289,14 @@ type KVVersion struct { Destroyed bool } -//Alive returns if the KVVersion is not deleted or destroyed. +// Alive returns if the KVVersion is not deleted or destroyed. func (k KVVersion) Alive() bool { return !(k.Deleted || k.Destroyed) } -//Get retrieves the value at the given path in the tree. This follows the -//semantics of Client.Get or Client.V2Get, chosen based on the backend mounted -//at the path given. +// Get retrieves the value at the given path in the tree. This follows the +// semantics of Client.Get or Client.V2Get, chosen based on the backend mounted +// at the path given. func (k *KV) Get(path string, output interface{}, opts *KVGetOpts) (meta KVVersion, err error) { mountPath, mount, err := k.mountForPath(path) if err != nil { @@ -299,9 +307,9 @@ func (k *KV) Get(path string, output interface{}, opts *KVGetOpts) (meta KVVersi return mount.Get(mountPath, path, output, opts) } -//List retrieves the paths under the given path. If the path does not exist or -//it is not a folder, ErrNotFound is thrown. Results ending with a slash are -//folders. +// List retrieves the paths under the given path. If the path does not exist or +// it is not a folder, ErrNotFound is thrown. Results ending with a slash are +// folders. func (k *KV) List(path string) (paths []string, err error) { mountPath, mount, err := k.mountForPath(path) if err != nil { @@ -312,13 +320,13 @@ func (k *KV) List(path string) (paths []string, err error) { return mount.List(mountPath, path) } -//KVSetOpts are the options for a set call to the KV.Set() call. Currently there +// KVSetOpts are the options for a set call to the KV.Set() call. Currently there // are none, but it exists in case the API adds support in the future for things // that we can put here. type KVSetOpts struct{} -//Set puts the values given at the path given. If KV v1, the previous value, if -//any, is overwritten. If KV v2, a new version is created. +// Set puts the values given at the path given. If KV v1, the previous value, if +// any, is overwritten. If KV v2, a new version is created. func (k *KV) Set(path string, values interface{}, opts *KVSetOpts) (meta KVVersion, err error) { mountPath, mount, err := k.mountForPath(path) if err != nil { @@ -329,7 +337,7 @@ func (k *KV) Set(path string, values interface{}, opts *KVSetOpts) (meta KVVersi return mount.Set(mountPath, path, values, opts) } -//KVDeleteOpts are options applicable to KV.Delete +// KVDeleteOpts are options applicable to KV.Delete type KVDeleteOpts struct { //Versions are the versions of the secret to delete. If left nil, // the latest version is deleted. @@ -341,7 +349,7 @@ type KVDeleteOpts struct { V1Destroy bool } -//Delete attempts to mark the secret at the given path (and version) as deleted. +// Delete attempts to mark the secret at the given path (and version) as deleted. // For KV v1, temporarily deleting a secret is not possible. Use the V1Destroy // option as a way to safeguard against unwanted destruction of secrets. func (k *KV) Delete(path string, opts *KVDeleteOpts) (err error) { @@ -354,7 +362,7 @@ func (k *KV) Delete(path string, opts *KVDeleteOpts) (err error) { return mount.Delete(mountPath, path, opts) } -//Undelete attempts to unmark deletion on a previously deleted version. +// Undelete attempts to unmark deletion on a previously deleted version. // KV v1 backends cannot do this, and so if the backend is KV v1, this // returns an ErrKVUnsupported. func (k *KV) Undelete(path string, versions []uint) (err error) { @@ -367,7 +375,7 @@ func (k *KV) Undelete(path string, versions []uint) (err error) { return mount.Undelete(mountPath, path, versions) } -//Destroy attempts to irrevocably delete the given versions at the given +// Destroy attempts to irrevocably delete the given versions at the given // path. For KV v1 backends, this is a call to Client.Delete. for KV v2 // backends, this is a call to Client.V2Destroy func (k *KV) Destroy(path string, versions []uint) (err error) { @@ -380,7 +388,7 @@ func (k *KV) Destroy(path string, versions []uint) (err error) { return mount.Destroy(mountPath, path, versions) } -//DestroyAll attempts to irrevocably delete all versions of the secret +// DestroyAll attempts to irrevocably delete all versions of the secret // at the given path. For KV v1 backends, this is a call to Client.Delete. // For v2 backends, this is a call to Client.V2DestroyMetadata func (k *KV) DestroyAll(path string) (err error) { @@ -393,7 +401,7 @@ func (k *KV) DestroyAll(path string) (err error) { return mount.DestroyAll(mountPath, path) } -//Versions returns the versions of the secret available. If no secret +// Versions returns the versions of the secret available. If no secret // exists at this path, ErrNotFound is returned. If the secret exists // and this is a KV v1 backend, one version is returned. func (k *KV) Versions(path string) (ret []KVVersion, err error) { @@ -406,7 +414,7 @@ func (k *KV) Versions(path string) (ret []KVVersion, err error) { return mount.Versions(mountPath, path) } -//MountVersion returns the KV version of the mount for the given path. +// MountVersion returns the KV version of the mount for the given path. // v1 mounts return 1; v2 mounts return 2. func (k *KV) MountVersion(mount string) (version uint, err error) { _, m, err := k.mountForPath(mount) @@ -417,7 +425,7 @@ func (k *KV) MountVersion(mount string) (version uint, err error) { return m.MountVersion(), nil } -//MountPath returns the path of the mount on which the given path is mounted. +// MountPath returns the path of the mount on which the given path is mounted. // If no such mount can be found, an error is returned. func (k *KV) MountPath(path string) (mount string, err error) { mount, _, err = k.mountForPath(path) diff --git a/kv1.go b/kv1.go index 1f4db0a..e042102 100644 --- a/kv1.go +++ b/kv1.go @@ -6,14 +6,14 @@ import ( "reflect" ) -//Get retrieves the secret at the given path and unmarshals it into the given -//output object using the semantics of encoding/json.Unmarshal. If the object -//is nil, an unmarshal will not be attempted (this can be used to check for -//existence). If the object could not be unmarshalled into, the resultant error -//is returned. Example path would be /secret/foo, if Key/Value backend were -//mounted at "/secret". The Vault must be unsealed and initialized for this -//endpoint to work. No assumptions are made about the mounting point of your -//Key/Value backend. +// Get retrieves the secret at the given path and unmarshals it into the given +// output object using the semantics of encoding/json.Unmarshal. If the object +// is nil, an unmarshal will not be attempted (this can be used to check for +// existence). If the object could not be unmarshalled into, the resultant error +// is returned. Example path would be /secret/foo, if Key/Value backend were +// mounted at "/secret". The Vault must be unsealed and initialized for this +// endpoint to work. No assumptions are made about the mounting point of your +// Key/Value backend. func (v *Client) Get(path string, output interface{}) error { if output != nil && reflect.ValueOf(output).Kind() != reflect.Ptr { @@ -28,12 +28,12 @@ func (v *Client) Get(path string, output interface{}) error { return err } -//List returns the list of paths nested directly under the given path. If this -//is not a "directory" for any paths, then ErrNotFound is returned. In the list -//of paths returned on success, if a path ends with a slash, then it is also a -//"directory". The Vault must be unsealed and initialized for this endpoint to -//work. No assumptions are made about the mounting point of your Key/Value -//backend. +// List returns the list of paths nested directly under the given path. If this +// is not a "directory" for any paths, then ErrNotFound is returned. In the list +// of paths returned on success, if a path ends with a slash, then it is also a +// "directory". The Vault must be unsealed and initialized for this endpoint to +// work. No assumptions are made about the mounting point of your Key/Value +// backend. func (v *Client) List(path string) ([]string, error) { ret := []string{} @@ -53,16 +53,16 @@ func (v *Client) List(path string) ([]string, error) { return ret, err } -//Set puts the values in the given object at the given path. The given object -//must marshal into a JSON hash from string->anything (see: a golang map or -//struct). The Vault must be unsealed and initialized for this endpoint to work. -//No assumptions are made about the mounting point of your Key/Value backend. +// Set puts the values in the given object at the given path. The given object +// must marshal into a JSON hash from string->anything (see: a golang map or +// struct). The Vault must be unsealed and initialized for this endpoint to work. +// No assumptions are made about the mounting point of your Key/Value backend. func (v *Client) Set(path string, values interface{}) error { return v.doRequest("PUT", path, &values, nil) } -//Delete attempts to delete the value at the specified path. No error is -//returned if there is already no value at the given path. +// Delete attempts to delete the value at the specified path. No error is +// returned if there is already no value at the given path. func (v *Client) Delete(path string) error { return v.doRequest("DELETE", path, nil, nil) } diff --git a/kv2.go b/kv2.go index af18418..b67404e 100644 --- a/kv2.go +++ b/kv2.go @@ -10,7 +10,7 @@ import ( "time" ) -//Use some heuristics to determine what is the most likely mount path if Vault won't +// Use some heuristics to determine what is the most likely mount path if Vault won't // tell us with its old, crusty version func mountPathDefault(path string) string { path = strings.TrimLeft(path, "/") @@ -23,10 +23,10 @@ func mountPathDefault(path string) string { return fmt.Sprintf("%s%s", prefix, strings.Split(path, "/")[0]) } -//IsKVv2Mount returns true if the mount is a version 2 KV mount and false -//otherwise. This will also simply return false if no mount exists at the given -//mount point or if the Vault is too old to have the API endpoint to look for -//the mount. If a different API error occurs, it will be propagated out. +// IsKVv2Mount returns true if the mount is a version 2 KV mount and false +// otherwise. This will also simply return false if no mount exists at the given +// mount point or if the Vault is too old to have the API endpoint to look for +// the mount. If a different API error occurs, it will be propagated out. func (c *Client) IsKVv2Mount(path string) (mountPath string, isV2 bool, err error) { path = strings.TrimPrefix(path, "/") output := struct { @@ -85,7 +85,7 @@ func (c *Client) IsKVv2Mount(path string) (mountPath string, isV2 bool, err erro return } -//V2Version is information about a version of a secret. The DeletedAt member +// V2Version is information about a version of a secret. The DeletedAt member // will be nil to signify that a version is not deleted. Take note of the // difference between "deleted" and "destroyed" - a deletion simply marks a // secret as deleted, preventing it from being read. A destruction actually @@ -120,18 +120,18 @@ func (v v2VersionAPI) Parse() V2Version { return ret } -//V2GetOpts are options to specify in a V2Get request. +// V2GetOpts are options to specify in a V2Get request. type V2GetOpts struct { // Version is the version of the resource to retrieve. Setting this to zero (or // not setting it at all) will retrieve the latest version Version uint } -//V2Get will get a secret from the given path in a KV version 2 secrets backend. -//If the secret is at "/bar" in the backend mounted at "foo", then the path -//should be "foo/bar". The response will be decoded into the item pointed to -//by output using encoding/json.Unmarshal semantics. The version to retrieve -//can be selected by setting Version in the V2GetOpts struct at opts. +// V2Get will get a secret from the given path in a KV version 2 secrets backend. +// If the secret is at "/bar" in the backend mounted at "foo", then the path +// should be "foo/bar". The response will be decoded into the item pointed to +// by output using encoding/json.Unmarshal semantics. The version to retrieve +// can be selected by setting Version in the V2GetOpts struct at opts. func (c *Client) V2Get(mount, subpath string, output interface{}, opts *V2GetOpts) (meta V2Version, err error) { if output != nil && reflect.ValueOf(output).Kind() != reflect.Ptr { @@ -168,12 +168,12 @@ func (c *Client) V2Get(mount, subpath string, output interface{}, opts *V2GetOpt return } -//V2List returns the list of paths nested directly under the given path. If this -//is not a "directory" for any paths, then ErrNotFound is returned. In the list -//of paths returned on success, if a path ends with a slash, then it is also a -//"directory". The Vault must be unsealed and initialized for this endpoint to -//work. No assumptions are made about the mounting point of your Key/Value -//backend. +// V2List returns the list of paths nested directly under the given path. If this +// is not a "directory" for any paths, then ErrNotFound is returned. In the list +// of paths returned on success, if a path ends with a slash, then it is also a +// "directory". The Vault must be unsealed and initialized for this endpoint to +// work. No assumptions are made about the mounting point of your Key/Value +// backend. func (c *Client) V2List(mount, subpath string) ([]string, error) { ret := []string{} path := fmt.Sprintf("%s/metadata/%s", strings.Trim(mount, "/"), strings.Trim(subpath, "/")) @@ -194,7 +194,7 @@ func (c *Client) V2List(mount, subpath string) ([]string, error) { return ret, err } -//V2SetOpts are options that can be specified to a V2Set call +// V2SetOpts are options that can be specified to a V2Set call type V2SetOpts struct { //CAS provides a check-and-set version number. If this is set to zero, then // the value will only be written if the key does not yet exist. If the CAS @@ -203,20 +203,20 @@ type V2SetOpts struct { CAS *uint `json:"cas,omitempty"` } -//WithCAS returns a pointer to a new V2SetOpts with the CAS value set to the -//given value. If i is zero, then the value will only be written if the key -//does not exist. If i is non-zero, then the value will only be written if the -//currently existing version matches i. Not calling CAS will result in no -//restriction on writing. If the mount is set up for requiring CAS, then not -//setting CAS with this function a valid number will result in a failure when -//attempting to write. +// WithCAS returns a pointer to a new V2SetOpts with the CAS value set to the +// given value. If i is zero, then the value will only be written if the key +// does not exist. If i is non-zero, then the value will only be written if the +// currently existing version matches i. Not calling CAS will result in no +// restriction on writing. If the mount is set up for requiring CAS, then not +// setting CAS with this function a valid number will result in a failure when +// attempting to write. func (s V2SetOpts) WithCAS(i uint) *V2SetOpts { s.CAS = new(uint) *s.CAS = i return &s } -//V2Set uses encoding/json.Marshal on the object given in values to encode +// V2Set uses encoding/json.Marshal on the object given in values to encode // the secret as JSON, and writes it to the path given. Populate ops to use the // check-and-set functionality. Returns the metadata about the written secret // if the write is successful. @@ -246,12 +246,12 @@ func (c *Client) V2Set(mount, subpath string, values interface{}, opts *V2SetOpt return } -//V2DeleteOpts are options that can be provided to a V2Delete call. +// V2DeleteOpts are options that can be provided to a V2Delete call. type V2DeleteOpts struct { Versions []uint `json:"versions"` } -//V2Delete marks a secret version at the given path as deleted. If opts is not +// V2Delete marks a secret version at the given path as deleted. If opts is not // provided or the Versions slice therein is left nil, the latest version is // deleted. Otherwise, the specified versions are deleted. Note that the deleted // data from this call is recoverable from a call to V2Undelete. @@ -269,7 +269,7 @@ func (c *Client) V2Delete(mount, subpath string, opts *V2DeleteOpts) error { return c.doRequest(method, path, opts, nil) } -//V2Undelete marks the specified versions at the specified paths as not deleted. +// V2Undelete marks the specified versions at the specified paths as not deleted. func (c *Client) V2Undelete(mount, subpath string, versions []uint) error { path := fmt.Sprintf("%s/undelete/%s", strings.Trim(mount, "/"), strings.Trim(subpath, "/")) return c.doRequest("POST", path, struct { @@ -279,7 +279,7 @@ func (c *Client) V2Undelete(mount, subpath string, versions []uint) error { }, nil) } -//V2Destroy permanently deletes the specified versions at the specified path. +// V2Destroy permanently deletes the specified versions at the specified path. func (c *Client) V2Destroy(mount, subpath string, versions []uint) error { path := fmt.Sprintf("%s/destroy/%s", strings.Trim(mount, "/"), strings.Trim(subpath, "/")) return c.doRequest("POST", path, struct { @@ -289,14 +289,14 @@ func (c *Client) V2Destroy(mount, subpath string, versions []uint) error { }, nil) } -//V2DestroyMetadata permanently destroys all secret versions and all metadata +// V2DestroyMetadata permanently destroys all secret versions and all metadata // associated with the secret at the specified path. func (c *Client) V2DestroyMetadata(mount, subpath string) error { path := fmt.Sprintf("%s/metadata/%s", strings.Trim(mount, "/"), strings.Trim(subpath, "/")) return c.doRequest("DELETE", path, nil, nil) } -//V2Metadata is the metadata associated with a secret +// V2Metadata is the metadata associated with a secret type V2Metadata struct { CreatedAt time.Time UpdatedAt time.Time @@ -320,9 +320,9 @@ type v2MetadataAPI struct { } `json:"data"` } -//Version returns the version with the given number in the metadata as a -//V2Version object , if present. If no version with that number is present, an -//error is returned. +// Version returns the version with the given number in the metadata as a +// V2Version object , if present. If no version with that number is present, an +// error is returned. func (m V2Metadata) Version(number uint) (version V2Version, err error) { if len(m.Versions) == 0 { err = fmt.Errorf("That version does not exist in the metadata") @@ -364,7 +364,7 @@ func (m v2MetadataAPI) Parse() V2Metadata { return ret } -//V2GetMetadata gets the metadata associated with the secret at the specified +// V2GetMetadata gets the metadata associated with the secret at the specified // path. func (c *Client) V2GetMetadata(mount, subpath string) (meta V2Metadata, err error) { path := fmt.Sprintf("%s/metadata/%s", strings.Trim(mount, "/"), strings.Trim(subpath, "/")) diff --git a/mount.go b/mount.go index b76ef5d..cadf86d 100644 --- a/mount.go +++ b/mount.go @@ -15,7 +15,7 @@ const ( MountTypeKV = "kv" ) -//Mount represents a backend mounted at a point in Vault. +// Mount represents a backend mounted at a point in Vault. type Mount struct { //The type of mount at this point Type string @@ -24,7 +24,7 @@ type Mount struct { Options map[string]interface{} } -//MountConfig specifies configuration options given when initializing a backend. +// MountConfig specifies configuration options given when initializing a backend. type MountConfig struct { DefaultLeaseTTL time.Duration MaxLeaseTTL time.Duration @@ -95,7 +95,7 @@ func newMountConfigEnableAPI(conf *MountConfig) *mountConfigEnableAPI { } } -//ListMounts queries the Vault backend for a list of active mounts that can +// ListMounts queries the Vault backend for a list of active mounts that can // be seen with the current authentication token. It is returned as a map // of mount points to mount information. func (c *Client) ListMounts() (map[string]Mount, error) { @@ -144,12 +144,12 @@ func getMountList(candidate interface{}) map[string]mountListAPI { return tmpOutput } -//KVMountOptions is a map[string]interface{} that can be given as the options -//when mounting a backend. It has Version manipulation functions to make life -//easier. +// KVMountOptions is a map[string]interface{} that can be given as the options +// when mounting a backend. It has Version manipulation functions to make life +// easier. type KVMountOptions map[string]interface{} -//GetVersion retruns the version held in the KVMountOptions object +// GetVersion retruns the version held in the KVMountOptions object func (o KVMountOptions) GetVersion() int { if o == nil { return 1 @@ -165,7 +165,7 @@ func (o KVMountOptions) GetVersion() int { return ret } -//WithVersion returns a new KVMountOptions object with the given version +// WithVersion returns a new KVMountOptions object with the given version func (o KVMountOptions) WithVersion(version int) KVMountOptions { if o == nil { o = make(map[string]interface{}, 1) @@ -175,7 +175,7 @@ func (o KVMountOptions) WithVersion(version int) KVMountOptions { return o } -//EnableSecretsMount mounts a secrets backend at the given path, configured with +// EnableSecretsMount mounts a secrets backend at the given path, configured with // the given Mount configuration. func (c *Client) EnableSecretsMount(path string, config Mount) error { input := struct { @@ -193,12 +193,12 @@ func (c *Client) EnableSecretsMount(path string, config Mount) error { return c.doRequest("POST", fmt.Sprintf("/sys/mounts/%s", path), &input, nil) } -//DisableSecretsMount deletes the mount at the given path. +// DisableSecretsMount deletes the mount at the given path. func (c *Client) DisableSecretsMount(path string) error { return c.doRequest("DELETE", fmt.Sprintf("/sys/mounts/%s", path), nil, nil) } -//TuneMountOptions are parameters to be sent to the Vault when editing the +// TuneMountOptions are parameters to be sent to the Vault when editing the // configuration of a mount. Only non-empty values will be sent. type TuneMountOptions struct { Description string @@ -207,7 +207,7 @@ type TuneMountOptions struct { Options map[string]interface{} } -//TuneSecretsMount updates the configuration of the mount at the given path. +// TuneSecretsMount updates the configuration of the mount at the given path. func (c *Client) TuneSecretsMount(path string, opts TuneMountOptions) error { rawTuneMountOptions := struct { Description string `json:"description,omitempty"` @@ -228,7 +228,7 @@ func (c *Client) TuneSecretsMount(path string, opts TuneMountOptions) error { ) } -//UpgradeKVToV2 sets the version of the mount (presumably KV mount) to the +// UpgradeKVToV2 sets the version of the mount (presumably KV mount) to the // version 2. Just a shorthand wrapper for TuneSecretsMount with the // appropriate opts structure. func (c *Client) UpgradeKVToV2(path string) error { diff --git a/oidc.go b/oidc.go index 6dc4f48..fbb8543 100644 --- a/oidc.go +++ b/oidc.go @@ -47,7 +47,7 @@ func (v *Client) AuthOIDCMount(mount string) (ret *AuthOutput, err error) { sigintCh := make(chan os.Signal, 1) signal.Notify(sigintCh, authHalts...) defer signal.Stop(sigintCh) - raw := &authOutputRaw{} + //raw := &authOutputRaw{} // see go vet unreachable code below authURL, clientNonce, err := fetchAuthURL(v, mount) if err != nil { @@ -86,10 +86,10 @@ func (v *Client) AuthOIDCMount(mount string) (ret *AuthOutput, err error) { case <-time.After(2 * time.Minute): return nil, errors.New("Timed out waiting for response from provider") } - - ret = raw.toFinal(AuthOIDCMetadata{}) - v.AuthToken = ret.ClientToken - return + // go vet: ./oidc.go:89:2: unreachable code + //ret = raw.toFinal(AuthOIDCMetadata{}) + //v.AuthToken = ret.ClientToken + //return } func fetchAuthURL(v *Client, mount string) (string, string, error) { //var authURL string diff --git a/rekey.go b/rekey.go index 27bf56e..40a2dc7 100644 --- a/rekey.go +++ b/rekey.go @@ -7,7 +7,7 @@ import ( "strings" ) -//Rekey represents a rekey operation currently in progress in the Vault. This +// Rekey represents a rekey operation currently in progress in the Vault. This // wraps an otherwise cumbersome rekey API. Remaining() can be called to see // how many keys are still required by the rekey, and then those many keys // can be sent through one or more calls to Submit(). This should be created @@ -19,8 +19,8 @@ type Rekey struct { keys []string } -//RekeyConfig is given to NewRekey to configure the parameters of the rekey -//operation to be started. +// RekeyConfig is given to NewRekey to configure the parameters of the rekey +// operation to be started. type RekeyConfig struct { Shares int `json:"secret_shares"` Threshold int `json:"secret_threshold"` @@ -28,8 +28,8 @@ type RekeyConfig struct { Backup bool `json:"backup,omitempty"` } -//RekeyState gives the state of the rekey operation as of the last call to -//Submit, NewRekey, or CurrentRekey. +// RekeyState gives the state of the rekey operation as of the last call to +// Submit, NewRekey, or CurrentRekey. type RekeyState struct { Started bool `json:"started"` Nonce string `json:"nonce"` @@ -43,9 +43,9 @@ type RekeyState struct { Backup bool `json:"backup"` } -//NewRekey will start a new rekey operation. If successful, a *Rekey is -//returned containing the necessary state for submitting keys for this rekey -//operation. +// NewRekey will start a new rekey operation. If successful, a *Rekey is +// returned containing the necessary state for submitting keys for this rekey +// operation. func (v *Client) NewRekey(conf RekeyConfig) (*Rekey, error) { err := v.rekeyStart(conf) if err != nil { @@ -56,7 +56,7 @@ func (v *Client) NewRekey(conf RekeyConfig) (*Rekey, error) { return v.CurrentRekey() } -//CurrentRekey returns a *Rekey with the state necessary to continue a rekey +// CurrentRekey returns a *Rekey with the state necessary to continue a rekey // operation if one is in progress. If no rekey is in progress, *ErrNotFound // is returned and no *Rekey is returned. func (v *Client) CurrentRekey() (*Rekey, error) { @@ -77,7 +77,7 @@ func (v *Client) CurrentRekey() (*Rekey, error) { }, nil } -//This is here because in Vault 0.10.3, a regression was introduced that causes +// This is here because in Vault 0.10.3, a regression was introduced that causes // rekey operations against an uninitialized or sealed Vault to return a 500 // instead of a 503 func (v *Client) correct500Error(err error) error { @@ -98,29 +98,29 @@ func (v *Client) rekeyStart(conf RekeyConfig) error { return v.doSysRequest("PUT", "/sys/rekey/init", &conf, nil) } -//Cancel tells Vault to forget about the current rekey operation +// Cancel tells Vault to forget about the current rekey operation func (r *Rekey) Cancel() error { return r.client.RekeyCancel() } -//RekeyCancel tells Vault to forget about the current rekey operation +// RekeyCancel tells Vault to forget about the current rekey operation func (v *Client) RekeyCancel() error { return v.doSysRequest("DELETE", "/sys/rekey/init", nil, nil) } -//Before 0.10, it was "no rekey in progress". In 0.10, the word barrier was added +// Before 0.10, it was "no rekey in progress". In 0.10, the word barrier was added var rekeyRegexp = regexp.MustCompile("no (barrier )?rekey in progress") -//Submit gives keys to the rekey operation specified by this *Rekey object. Any -//keys beyond the current required amount are ignored. If the Rekey is -//successful after all keys have been sent, then done will be returned as true. -//If the threshold is reached and any of the keys were incorrect, an -//*ErrBadRequest is returned and done is false. In this case, the rekey is not -//cancelled, but is instead reset. No error is given for an incorrect key -//before the threshold is reached. An *ErrBadRequest may also be returned if -//there is no longer any rekey in progress, but in this case, done will be -//returned as true. To retrieve the new keys after submitting enough existing -//keys, call Keys() on the Rekey object. +// Submit gives keys to the rekey operation specified by this *Rekey object. Any +// keys beyond the current required amount are ignored. If the Rekey is +// successful after all keys have been sent, then done will be returned as true. +// If the threshold is reached and any of the keys were incorrect, an +// *ErrBadRequest is returned and done is false. In this case, the rekey is not +// cancelled, but is instead reset. No error is given for an incorrect key +// before the threshold is reached. An *ErrBadRequest may also be returned if +// there is no longer any rekey in progress, but in this case, done will be +// returned as true. To retrieve the new keys after submitting enough existing +// keys, call Keys() on the Rekey object. func (r *Rekey) Submit(keys ...string) (done bool, err error) { for _, key := range keys { var result interface{} @@ -212,24 +212,24 @@ func (v *Client) rekeySubmit(key string, nonce string) (ret interface{}, err err return unmarshalTarget, err } -//Remaining returns the number of keys yet required by this rekey operation. -//This does not refresh state. If you believe that an external agent may have -//changed the state of the rekey, get a new rekey object with CurrentRekey, or -//Submit another key. +// Remaining returns the number of keys yet required by this rekey operation. +// This does not refresh state. If you believe that an external agent may have +// changed the state of the rekey, get a new rekey object with CurrentRekey, or +// Submit another key. func (r *Rekey) Remaining() int { return r.state.Required - r.state.Progress } -//State returns the current state of the rekey operation. This does not refresh +// State returns the current state of the rekey operation. This does not refresh // state. If you believe that an external agent may have changed the state of // the rekey, get a new rekey object with CurrentRekey, or Submit another key. func (r *Rekey) State() RekeyState { return r.state } -//Keys returns the new keys from this rekey operation if the operation has been -//successful. The return value is undefined if the rekey operation is not yet -//successful. +// Keys returns the new keys from this rekey operation if the operation has been +// successful. The return value is undefined if the rekey operation is not yet +// successful. func (r *Rekey) Keys() []string { return r.keys } diff --git a/root.go b/root.go index 34300c9..66aa97d 100644 --- a/root.go +++ b/root.go @@ -8,9 +8,9 @@ import ( "regexp" ) -//GenerateRoot has functions for generating a new root token. Create this -//object with NewGenerateRoot(). That function performs the necessary -//initialization for the process +// GenerateRoot has functions for generating a new root token. Create this +// object with NewGenerateRoot(). That function performs the necessary +// initialization for the process type GenerateRoot struct { client *Client otp []byte @@ -20,7 +20,7 @@ type GenerateRoot struct { state GenerateRootState } -//GenerateRootState contains state information about the GenerateRoot operation +// GenerateRootState contains state information about the GenerateRoot operation type GenerateRootState struct { Started bool `json:"started"` Nonce string `json:"nonce"` @@ -38,7 +38,7 @@ type GenerateRootState struct { Complete bool `json:"complete"` } -//NewGenerateRoot initializes and returns a new generate root object. +// NewGenerateRoot initializes and returns a new generate root object. func (v *Client) NewGenerateRoot() (*GenerateRoot, error) { ret := GenerateRoot{ client: v, @@ -93,17 +93,17 @@ func (v *Client) NewGenerateRoot() (*GenerateRoot, error) { var genRootRegexp = regexp.MustCompile("no root generation in progress") -//Submit gives keys to the generate root token operation specified by this -//*GenerateRoot object. Any keys beyond the current required amount are -//ignored. If the Rekey is successful after all keys have been sent, then done -//will be returned as true. If the threshold is reached and any of the keys -//were incorrect, an *ErrBadRequest is returned and done is false. In this -//case, the generate root is not cancelled, but is instead reset. No error is -//given for an incorrect key before the threshold is reached. An *ErrBadRequest -//may also be returned if there is no longer any generate root token operation -//in progress, but in this case, done will be returned as true. To retrieve the -//new keys after submitting enough existing keys, call RootToken() on the -//GenerateRoot object. +// Submit gives keys to the generate root token operation specified by this +// *GenerateRoot object. Any keys beyond the current required amount are +// ignored. If the Rekey is successful after all keys have been sent, then done +// will be returned as true. If the threshold is reached and any of the keys +// were incorrect, an *ErrBadRequest is returned and done is false. In this +// case, the generate root is not cancelled, but is instead reset. No error is +// given for an incorrect key before the threshold is reached. An *ErrBadRequest +// may also be returned if there is no longer any generate root token operation +// in progress, but in this case, done will be returned as true. To retrieve the +// new keys after submitting enough existing keys, call RootToken() on the +// GenerateRoot object. func (g *GenerateRoot) Submit(keys ...string) (done bool, err error) { for _, key := range keys { g.state, err = g.client.genRootSubmit(key, g.state.Nonce) @@ -130,12 +130,12 @@ func (g *GenerateRoot) Submit(keys ...string) (done bool, err error) { return g.state.Complete, nil } -//Cancel cancels the current generate root operation +// Cancel cancels the current generate root operation func (g *GenerateRoot) Cancel() error { return g.client.GenerateRootCancel() } -//GenerateRootCancel cancels the current generate root operation +// GenerateRootCancel cancels the current generate root operation func (v *Client) GenerateRootCancel() error { return v.doSysRequest("DELETE", "/sys/generate-root/attempt", nil, nil) } @@ -157,22 +157,22 @@ func (v *Client) genRootSubmit(key string, nonce string) (ret GenerateRootState, return } -//Remaining returns the number of keys yet required by this generate root token -//operation. This does not refresh state, and only reflects the last action of -//this GenerateRoot object. +// Remaining returns the number of keys yet required by this generate root token +// operation. This does not refresh state, and only reflects the last action of +// this GenerateRoot object. func (g *GenerateRoot) Remaining() int { return g.state.Required - g.state.Progress } -//State returns the current state of the generate root operation. This does not -//refresh state, and only reflects the last action of this GenerateRoot object. +// State returns the current state of the generate root operation. This does not +// refresh state, and only reflects the last action of this GenerateRoot object. func (g *GenerateRoot) State() GenerateRootState { return g.state } -//RootToken returns the new root token from this operation if the operation has -//been successful. The return value is undefined if the operation is not yet -//successful. +// RootToken returns the new root token from this operation if the operation has +// been successful. The return value is undefined if the operation is not yet +// successful. func (g *GenerateRoot) RootToken() (string, error) { rawTok := g.state.EncodedToken if rawTok == "" { diff --git a/sys.go b/sys.go index 6f5646a..ff752af 100644 --- a/sys.go +++ b/sys.go @@ -28,7 +28,7 @@ func (v *Client) doSysRequest( return err } -//IsInitialized returns true if the targeted Vault is initialized +// IsInitialized returns true if the targeted Vault is initialized func (v *Client) IsInitialized() (is bool, err error) { //Don't call doSysRequest from here because it calls IsInitialized // and that could get ugly @@ -45,9 +45,9 @@ func (v *Client) IsInitialized() (is bool, err error) { return } -//SealState is the return value from Unseal and SealStatus. Type is only -//populated by SealStatus. ClusterName and ClusterID are only populated is -//Vault is unsealed. +// SealState is the return value from Unseal and SealStatus. Type is only +// populated by SealStatus. ClusterName and ClusterID are only populated is +// Vault is unsealed. type SealState struct { //Type is the type of unseal key. It is not returned from Unseal Type string `json:"type,omitempty"` @@ -66,7 +66,7 @@ type SealState struct { ClusterID string `json:"cluster_id,omitempty"` } -//SealStatus calls the /sys/seal-status endpoint and returns the info therein +// SealStatus calls the /sys/seal-status endpoint and returns the info therein func (v *Client) SealStatus() (ret *SealState, err error) { err = v.doSysRequest( "GET", @@ -77,8 +77,8 @@ func (v *Client) SealStatus() (ret *SealState, err error) { return } -//InitConfig is the information passed to InitVault to configure the Vault. -//Shares and Threshold are required. +// InitConfig is the information passed to InitVault to configure the Vault. +// Shares and Threshold are required. type InitConfig struct { //Split the master key into this many shares Shares int `json:"secret_shares"` @@ -88,8 +88,8 @@ type InitConfig struct { PGPKeys []string `json:"pgp_keys"` } -//InitVaultOutput is the return value of InitVault, and contains the generated -//Keys and RootToken. +// InitVaultOutput is the return value of InitVault, and contains the generated +// Keys and RootToken. type InitVaultOutput struct { client *Client Keys []string `json:"keys"` @@ -97,9 +97,9 @@ type InitVaultOutput struct { RootToken string `json:"root_token"` } -//Unseal takes the keys in the InitVaultOutput object and sends each one to the -//unseal endpoint. If any of the unseal calls are unsuccessful, an error is -//returned. +// Unseal takes the keys in the InitVaultOutput object and sends each one to the +// unseal endpoint. If any of the unseal calls are unsuccessful, an error is +// returned. func (i *InitVaultOutput) Unseal() error { for _, key := range i.Keys { sealState, err := i.client.Unseal(key) @@ -115,10 +115,10 @@ func (i *InitVaultOutput) Unseal() error { return nil } -//InitVault puts to the /sys/init endpoint to initialize the Vault, and returns +// InitVault puts to the /sys/init endpoint to initialize the Vault, and returns // the root token and unseal keys that were generated. The token of the client // object is automatically set to the root token if the init is successful. -//If the vault has already been initialized, this returns *ErrBadRequest +// If the vault has already been initialized, this returns *ErrBadRequest func (v *Client) InitVault(in InitConfig) (out *InitVaultOutput, err error) { out = &InitVaultOutput{} err = v.doSysRequest( @@ -137,7 +137,7 @@ func (v *Client) InitVault(in InitConfig) (out *InitVaultOutput, err error) { return } -//Seal puts to the /sys/seal endpoint to seal the Vault. +// Seal puts to the /sys/seal endpoint to seal the Vault. // If the Vault is already sealed, this doesn't return an error. // If the Vault is unsealed and an incorrect token is provided, then this // returns *ErrForbidden. Newer versions of Vault (0.11.2+) APIs return errors @@ -152,11 +152,11 @@ func (v *Client) Seal() error { return err } -//Unseal puts to the /sys/unseal endpoint with a single key to progress the -//unseal attempt. If the unseal was successful, then the Sealed member of the -//returned struct will be false. If the given unseal key is improperly -//formatted, an *ErrBadRequest is returned. If the vault is already unsealed, -//no error is returned +// Unseal puts to the /sys/unseal endpoint with a single key to progress the +// unseal attempt. If the unseal was successful, then the Sealed member of the +// returned struct will be false. If the given unseal key is improperly +// formatted, an *ErrBadRequest is returned. If the vault is already unsealed, +// no error is returned func (v *Client) Unseal(key string) (out *SealState, err error) { out = &SealState{} err = v.doSysRequest( @@ -179,9 +179,9 @@ func (v *Client) Unseal(key string) (out *SealState, err error) { return } -//ResetUnseal resets the current unseal attempt, such that the progress towards -//an unseal becomes 0. If the vault is unsealed, nothing happens and no error -//is returned. +// ResetUnseal resets the current unseal attempt, such that the progress towards +// an unseal becomes 0. If the vault is unsealed, nothing happens and no error +// is returned. func (v *Client) ResetUnseal() (err error) { err = v.doSysRequest( "PUT", @@ -197,13 +197,13 @@ func (v *Client) ResetUnseal() (err error) { return } -//Health gives information about the current state of the Vault. If standbyok -//is set to true, no error will be returned in the case that the targeted vault -//is a standby node or a performance standby node. If the targeted node is a -//standby and standbyok is false, then ErrStandby will be returned. If the -//Vault is not yet initialized, ErrUninitialized will be returned. If the Vault -//is initialized but sealed, then ErrSealed will be returned. If none of these -//are the case, no error is returned. +// Health gives information about the current state of the Vault. If standbyok +// is set to true, no error will be returned in the case that the targeted vault +// is a standby node or a performance standby node. If the targeted node is a +// standby and standbyok is false, then ErrStandby will be returned. If the +// Vault is not yet initialized, ErrUninitialized will be returned. If the Vault +// is initialized but sealed, then ErrSealed will be returned. If none of these +// are the case, no error is returned. func (v *Client) Health(standbyok bool) error { //Don't call doRequest from Health because ParseError calls Health query := url.Values{} diff --git a/test b/test index faa7165..58d30c5 100755 --- a/test +++ b/test @@ -6,6 +6,7 @@ vaultVersions=( "1.5.6" "1.6.4" "1.7.1" +"1.15.0" ) if [[ $1 == "latest" ]]; then diff --git a/vaultkv_suite_test.go b/vaultkv_suite_test.go index eb2b8b1..bb9ec76 100644 --- a/vaultkv_suite_test.go +++ b/vaultkv_suite_test.go @@ -102,7 +102,7 @@ func (s1 semver) LessThan(s2 semver) bool { return s1.patch < s2.patch } -//The current vault client used by each spec +// The current vault client used by each spec var vault *vaultkv.Client var err error From c5e2ae69fda16947d6ed5eb1f392643d8ed54e3d Mon Sep 17 00:00:00 2001 From: "Wayne E. Seguin" Date: Fri, 23 May 2025 14:59:14 -0400 Subject: [PATCH 2/2] Update golang.org/x/net to v0.38.0 to fix security vulnerabilities Fixes CVE-2023-45288, CVE-2025-22870, and CVE-2025-22872 by updating golang.org/x/net from v0.17.0 to v0.38.0. Also updates related dependencies golang.org/x/sys and golang.org/x/text. --- go.mod | 6 +++--- go.sum | 12 ++++++------ 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/go.mod b/go.mod index 580b7cd..df9914c 100644 --- a/go.mod +++ b/go.mod @@ -15,9 +15,9 @@ require ( github.com/hashicorp/go-multierror v1.1.1 // indirect github.com/hashicorp/go-uuid v1.0.3 // indirect github.com/nxadm/tail v1.4.8 // indirect - golang.org/x/net v0.17.0 // indirect - golang.org/x/sys v0.15.0 // indirect - golang.org/x/text v0.14.0 // indirect + golang.org/x/net v0.38.0 // indirect + golang.org/x/sys v0.31.0 // indirect + golang.org/x/text v0.23.0 // indirect golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 // indirect gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 // indirect gopkg.in/yaml.v2 v2.3.0 // indirect diff --git a/go.sum b/go.sum index c86aaa6..8a27a66 100644 --- a/go.sum +++ b/go.sum @@ -52,8 +52,8 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= -golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= +golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= +golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -66,12 +66,12 @@ golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= -golang.org/x/sys v0.15.0 h1:h48lPFYpsTvQJZF4EKyI4aLHaev3CxivZmv7yZig9pc= -golang.org/x/sys v0.15.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA= +golang.org/x/sys v0.31.0 h1:ioabZlmFYtWhL+TRYpcnNlLwhyxaM9kWTDEmfnprqik= +golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ= -golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU= +golang.org/x/text v0.23.0 h1:D71I7dUrlY+VX0gQShAThNGHFxZ13dGLBHQLVl1mJlY= +golang.org/x/text v0.23.0/go.mod h1:/BLNzu4aZCJ1+kcD0DNRotWKage4q2rGVAg4o22unh4= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=