1
0
mirror of https://github.com/labstack/echo.git synced 2024-12-16 10:29:24 +02:00
Commit Graph

45 Commits

Author SHA1 Message Date
Martti T.
692bc2abb6
Update dependencies (dependabot reports https://pkg.go.dev/vuln/GO-2024-3321) (#2721) 2024-12-12 07:47:56 +02:00
Steven-Whitehead
fe26277781 remove jwt middleware 2024-11-25 22:21:56 +02:00
Martti T
3062025405
Update golang.org/x/* deps (#2625) 2024-04-15 20:45:51 +03:00
toimtoimtoim
f0966790fb Upgrade deps 2024-03-09 11:28:13 +02:00
Martti T
209c6a199a
Update deps and mark Go version to 1.18 as this is what golang.org/x/* use. (#2563) 2023-12-20 15:17:20 +02:00
Nicu Maxian
287a82c228
Upgrade golang.org/x/crypto to v0.17.0 to fix vulnerability issue (#2562)
Co-authored-by: Nicu MAXIAN <nicu@numeral.io>
2023-12-19 18:07:23 +02:00
Štefan Baebler
89ae0e5f2c
Bump dependancies (#2522)
Bump:
* golang.org/x/net v0.12.0 -> v0.15.0
* golang.org/x/crypto v0.11.0 -> v0.13.0
* github.com/stretchr/testify v1.8.1 -> v1.8.4

go mod tidy
2023-10-11 07:47:09 +03:00
Štefan Baebler
5780908c7c
Fix CVE-2023-39325 / CVE-2023-44487 (#2527)
Bump golang.org/x/net from v0.12.0 to v0.17.0

Related:
* https://github.com/golang/go/issues/63417
* https://www.cve.org/CVERecord?id=CVE-2023-44487
2023-10-11 07:14:52 +03:00
bahdanmelchankatote
44ead54c8c
Upgrade packages (#2475) 2023-07-10 12:24:39 +03:00
toimtoimtoim
a3998ac96a Upgrade deps due to the latest golang.org/x/net vulnerability 2023-02-19 20:26:17 +02:00
toimtoimtoim
bc75cc2b17
Add govulncheck to CI and bump dependencies. Refactor GitHub workflows. 2022-12-13 11:54:47 +02:00
toimtoimtoim
b010b69329 Bump dependencies and add notes about Go releases we support 2022-11-12 21:52:54 +02:00
Patrick Brueckner
8f2bf82982 go mod tidy 2022-10-18 11:51:53 +03:00
Patrick Brueckner
b02e78ba55 bump x/text to 0.3.8
see https://go.dev/issue/56152, https://ossindex.sonatype.org/vulnerability/CVE-2022-32149?component-type=golang&component-name=golang.org%2Fx%2Ftext&utm_source=nancy-client&utm_medium=integration&utm_content=1.0.41
2022-10-18 11:51:53 +03:00
toimtoimtoim
56f63c3036 bump github.com/labstack/gommon dependency version 2022-10-12 22:37:08 +03:00
Roland Lammel
da85d23d68 Revert "Update direct golang deps"
This reverts commit d66712b252.
2022-03-02 23:11:46 +01:00
Roland Lammel
d66712b252 Update direct golang deps 2022-03-02 22:59:19 +01:00
toimtoimtoim
1b1a68fd4f Improve filesystem support (Go 1.16+). Add field echo.Filesystem, methods: echo.FileFS, echo.StaticFS, group.FileFS, group.StaticFS. Following methods will use echo.Filesystem to server files: echo.File, echo.Static, group.File, group.Static, Context.File 2022-01-24 15:55:16 +02:00
toimtoimtoim
0c4ad8646a update dependencies
use 1.14 for choosing updated deps. Using current tip (1.17) will cause tests fail as some packages are not supporting 1.14.
`docker run --rm -it -v $(pwd):/project golang:1.14 /bin/sh -c "cd /project && go get ./... && go mod tidy"`
2021-11-10 19:16:57 +02:00
toimtoimtoim
7ef3e0002d update dependencies 2021-11-10 19:16:57 +02:00
Martti T
f6b45f2376
CI: test against Go 1.17 (#1984) 2021-09-15 16:29:35 -03:00
Martti T
1e7e67cddb
Added request logger middleware which helps to use custom logger library for logging requests (#1980)
Added request logger middleware which helps to use custom logger library for logging requests.
2021-09-14 20:57:47 +03:00
toimtoimtoim
647af2acec JWT middleware has been changed from github.com/dgrijalva/jwt-go to github.com/golang-jwt/jwt` due former library being unmaintained and having security
issues.
NOTE: `golang-jwt/jwt` now only supports last 2 Go releases. So 1.15+
For detailed information please read https://github.com/labstack/echo/discussions/1940
2021-08-01 23:20:08 +03:00
Martti T
bb7f2223bb
Update and tidy dependencies (#1841) 2021-04-09 09:14:23 +02:00
Benjamin Chibuzor-Orie
7c8592a7e0
adds middleware for rate limiting (#1724)
* adds middleware for rate limiting

* added comment for InMemoryStore ShouldAllow

* removed redundant mutex declaration

* fixed lint issues

* removed sleep from tests

* improved coverage

* refactor: renames Identifiers, includes default SourceFunc

* Added last seen stats for visitor

* uses http Constants for improved readdability
adds default error handler

* used other handler apart from default handler to mark custom error handler for rate limiting

* split tests into separate blocks
added an error pair to IdentifierExtractor
Includes deny handler for explicitly denying requests

* adds comments for exported members Extractor and ErrorHandler

* makes cleanup implementation inhouse

* Avoid race for cleanup due to non-atomic access to store.expiresIn

* Use a dedicated producer for rate testing

* tidy commit

* refactors tests, implicitly tests lastSeen property on visitor
switches NewRateLimiterMemoryStore constructor to Referential Functions style (Advised by @pafuent)

* switches to mock of time module for time based tests
tests are now fully deterministic

* improved coverage

* replaces Rob Pike referential options with more conventional struct configs
makes cleanup asynchronous

* blocks racy access to lastCleanup

* Add benchmark tests for rate limiter

* Add rate limiter with sharded memory store

* Racy access to store.lastCleanup eliminated
Merges in shiny sharded map implementation by @lammel

* Remove RateLimiterShradedMemoryStore for now

* Make fields for RateLimiterStoreConfig public for external configuration

* Improve docs for RateLimiter usage

* Fix ErrorHandler vs. DenyHandler usage for rate limiter

* Simplify NewRateLimiterMemoryStore

* improved coverage

* updated errorHandler and denyHandler to use echo.HTTPError

* Improve wording for error and comments

* Remove duplicate lastSeen marking for Allow

* Improve wording for comments

* Add disclaimer on perf characteristics of memory store

* changes Allow signature on rate limiter to return err too

Co-authored-by: Roland Lammel <rl@neotel.at>
2021-01-15 17:53:15 -03:00
Vishal Rana
cb84205219 Bumped version
Signed-off-by: Vishal Rana <vr@labstack.com>
2020-08-27 20:09:25 -07:00
cathy zhang
c4118c049e dependency package golang.org/x/text v0.3.2 has high security vulnerabiliy, upgrade it to v0.3.3 2020-07-20 14:01:21 +08:00
Vishal Rana
6e7c7cea03 Bumped version
Signed-off-by: Vishal Rana <vr@labstack.com>
2020-03-30 12:32:58 -07:00
Vishal Rana
3e8a797db0 Updated version
Signed-off-by: Vishal Rana <vr@labstack.com>
2020-02-29 07:49:22 -08:00
Vishal Rana
91b853a6f2 Updated go.mod
Signed-off-by: Vishal Rana <vr@labstack.com>
2020-02-29 07:25:32 -08:00
ochan
c2f2e8d258
Support HTTP/2 h2c mode (cleartext) (#1489) 2020-01-28 14:46:00 -08:00
Roland Lammel
94d9e009d8 Tidy up unused imports from go.mod (#1468) 2020-01-08 10:53:02 -08:00
Vishal Rana
07ec791103 Updated deps
Signed-off-by: Vishal Rana <vr@labstack.com>
2019-12-29 23:08:27 -08:00
Vishal Rana
7c5e9ab0d9 Fixed #988
Signed-off-by: Vishal Rana <vr@labstack.com>
2019-10-24 14:59:52 -07:00
Mark Smith
ee6618e831 reset p.values to echo.maxParam (#1429)
* reset p.values to echo.maxParam
* Update context.go

How about just reset the values?
2019-10-24 10:48:56 -07:00
Vishal Rana
88a9ad73ec Updated dep & bumped v4.1.10
Signed-off-by: Vishal Rana <vr@labstack.com>
2019-08-17 07:39:36 -07:00
Vishal Rana
8fb7b5be27 Closes #1353
Signed-off-by: Vishal Rana <vr@labstack.com>
2019-06-27 10:52:17 -07:00
Vishal Rana
842fc8772f Fixed #1323
Signed-off-by: Vishal Rana <vr@labstack.com>
2019-06-09 09:37:21 -07:00
Carlos Eduardo
530f768a47 Update x/sys module to support Risc-V (#1344) 2019-06-08 09:46:39 -07:00
Vishal Rana
e53d9c516f Updated deps and fixed a typo
Signed-off-by: Vishal Rana <vr@labstack.com>
2019-04-27 22:32:29 -07:00
Alex Ungur
6d9e043284 Introduced Go module support as v4, removed obsolete CloseNotifier() mechanism
This reintroduces support for Go modules, as v4.

CloseNotifier() is removed as it has been obsoleted, see https://golang.org/doc/go1.11#net/http

It was already NOT working (not sending signals) as of 1.11 the functionality was gone, we merely
deleted the functions that exposed it. If anyone still relies on it they should migrate to using
`c.Request().Context().Done()` instead.

Closes #1268, #1255
2019-01-30 16:11:42 +02:00
Alex Ungur
38772c686c Removed go.mod and sum to help solve the issue with Go modules (#1244) 2019-01-28 16:12:53 +02:00
Vishal Rana
b37628bfc5 Updated ci
Signed-off-by: Vishal Rana <vr@labstack.com>
2018-11-10 11:01:00 -08:00
Evgeniy Kulikov
c185ebd0de Update dependencies (#1194)
* Update go.mod

Replace:
`github.com/labstack/gommon v0.0.0-20180312174116-6fe1405d73ec`
With:
`github.com/labstack/gommon v0.2.7`

* Update Gopkg

Replace:
`github.com/labstack/gommon 0.2.4`
With:
`github.com/labstack/gommon v0.2.7`

* Update go/dep 0.5.0
2018-09-14 07:46:40 -07:00
Geon Kim
54d5613aa2 Add go.mod for Go modules (#1187)
* Add go.mod
* Resolve problem
2018-09-04 08:07:41 -07:00