From f689f2abc009a726de20d7ca6a3f6790d152e14d Mon Sep 17 00:00:00 2001 From: "F." Date: Fri, 16 Jan 2026 19:52:29 +0100 Subject: [PATCH 1/7] chore(deps,tooling): Go 1.25.6, golangci-lint v2.8.0; lib updates MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Tooling: - .golangci.yaml: set Go to 1.25.6 - .pre-commit/golangci-lint-hook: GOLANGCI_LINT_VERSION v2.7.2 → v2.8.0 - .pre-commit/unit-test-hook: toolchain_version → 1.25.6 - .project-settings.env: GO_VERSION 1.25.6; GOLANGCI_LINT_VERSION v2.8.0; BUF_VERSION 1.63.0 - Makefile: align GO and golangci-lint versions - App deps: - go.mod/go.sum: logrus v1.9.3 → v1.9.4; golang.org/x/sys v0.39.0 → v0.40.0 No functional code changes; keeps tooling and dependencies on latest patch releases for consistency. --- .github/workflows/gitleaks.yml | 20 +++++++++++ .github/workflows/go.yml | 63 ++++++++++++++++++++++++---------- .golangci.yaml | 2 +- .pre-commit-ci-config.yaml | 24 ++----------- .pre-commit-config.yaml | 2 +- .pre-commit/golangci-lint-hook | 2 +- .pre-commit/unit-test-hook | 2 +- .project-settings.env | 6 ++-- Makefile | 4 +-- format.go | 14 ++++---- go.mod | 4 +-- go.sum | 11 +++--- stack.go | 6 ++-- types.go | 4 +-- 14 files changed, 93 insertions(+), 71 deletions(-) create mode 100644 .github/workflows/gitleaks.yml diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml new file mode 100644 index 0000000..3b19484 --- /dev/null +++ b/.github/workflows/gitleaks.yml @@ -0,0 +1,20 @@ +--- +name: gitleaks +on: + pull_request: + push: + workflow_dispatch: + schedule: + # run once a day at 4 AM + - cron: "0 4 * * *" +jobs: + scan: + name: gitleaks + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v4 + with: + fetch-depth: 0 + - uses: gitleaks/gitleaks-action@v2 + env: + GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index df66e5b..5294eba 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -1,28 +1,53 @@ --- -# This workflow will build a golang project -# For more information see: https://docs.github.com/en/actions/automating-builds-and-tests/building-and-testing-go - name: Go on: - push: - branches: ["main"] - pull_request: - branches: ["main"] + pull_request: + push: + branches: [main] jobs: - build: - runs-on: ubuntu-latest - steps: - - uses: actions/checkout@v6 + build: + runs-on: ubuntu-latest + steps: + - uses: actions/checkout@v6 + - name: Load project settings + id: settings + run: | + set -a + source .project-settings.env + set +a + echo "go_version=${GO_VERSION}" >> "$GITHUB_OUTPUT" + echo "gci_prefix=${GCI_PREFIX:-github.com/hyp3rd/sectools}" >> "$GITHUB_OUTPUT" + echo "golangci_lint_version=${GOLANGCI_LINT_VERSION}" >> "$GITHUB_OUTPUT" + echo "proto_enabled=${PROTO_ENABLED:-true}" >> "$GITHUB_OUTPUT" + + - name: Set up Go + uses: actions/setup-go@v6.1.0 + with: + go-version: "${{ steps.settings.outputs.go_version }}" + check-latest: true + + - name: Cache Go modules + uses: actions/cache@v5 + with: + path: | + ~/go/pkg/mod + ~/.cache/go-build + key: ${{ runner.os }}-go-${{ steps.settings.outputs.go_version }}-${{ hashFiles('**/go.sum') }} + restore-keys: | + ${{ runner.os }}-go-${{ steps.settings.outputs.go_version }}- + + - name: Modules download + run: go mod download - - name: Set up Go - uses: actions/setup-go@v6 - with: - go-version: "1.25.5" + - name: Tidy check + run: | + go mod tidy + git diff --exit-code go.mod go.sum - - name: Build - run: go build -v ./... + - name: Verify + run: go mod verify - - name: Test - run: go test -v ./... + - name: Build + run: go build -v ./... diff --git a/.golangci.yaml b/.golangci.yaml index 5937d09..53aa66f 100644 --- a/.golangci.yaml +++ b/.golangci.yaml @@ -42,7 +42,7 @@ run: # Define the Go version limit. # Mainly related to generics support since go1.18. # Default: use Go version from the go.mod file, fallback on the env var `GOVERSION`, fallback on 1.17 - go: "1.25.5" + go: "1.25.6" linters: # Enable specific linter diff --git a/.pre-commit-ci-config.yaml b/.pre-commit-ci-config.yaml index 4c23e01..2e6c7a4 100644 --- a/.pre-commit-ci-config.yaml +++ b/.pre-commit-ci-config.yaml @@ -3,9 +3,6 @@ repos: - repo: https://github.com/pre-commit/pre-commit-hooks rev: v6.0.0 hooks: - - id: check-json - - id: pretty-format-json - exclude: cspell.json - id: end-of-file-fixer - id: mixed-line-ending - id: trailing-whitespace @@ -16,20 +13,15 @@ repos: files: .*\.(yaml|yml)$ exclude: mkdocs.yml args: [--allow-multiple-documents] - - id: requirements-txt-fixer - repo: https://github.com/adrienverge/yamllint.git - rev: v1.37.1 + rev: v1.38.0 hooks: - id: yamllint files: \.(yaml|yml)$ types: [file, yaml] entry: yamllint --strict -f parsable - - repo: https://github.com/hadolint/hadolint - rev: v2.14.0 - hooks: - - id: hadolint-docker - repo: https://github.com/streetsidesoftware/cspell-cli - rev: v9.3.3 + rev: v9.4.0 hooks: # Spell check changed files - id: cspell @@ -53,15 +45,3 @@ repos: entry: mdl language: ruby files: \.(md|mdown|markdown)$ - - repo: local - hooks: - - id: go-verify - name: go-verify - language: system - entry: ./.pre-commit/go-mod-hook - require_serial: true - - id: gci - name: gci - language: system - entry: ./.pre-commit/gci-hook - require_serial: true diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index e088411..b7b709a 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -19,7 +19,7 @@ repos: - id: requirements-txt-fixer - id: no-commit-to-branch - repo: https://github.com/adrienverge/yamllint.git - rev: v1.37.1 + rev: v1.38.0 hooks: - id: yamllint files: \.(yaml|yml)$ diff --git a/.pre-commit/golangci-lint-hook b/.pre-commit/golangci-lint-hook index 765ce26..9477f8e 100755 --- a/.pre-commit/golangci-lint-hook +++ b/.pre-commit/golangci-lint-hook @@ -23,7 +23,7 @@ if [[ -f "${ROOT_DIR}/.project-settings.env" ]]; then # shellcheck disable=SC1090 source "${ROOT_DIR}/.project-settings.env" fi -GOLANGCI_LINT_VERSION="${GOLANGCI_LINT_VERSION:-v2.7.2}" +GOLANGCI_LINT_VERSION="${GOLANGCI_LINT_VERSION:-v2.8.0}" # ####################################### # Install dependencies to run the pre-commit hook diff --git a/.pre-commit/unit-test-hook b/.pre-commit/unit-test-hook index a3d80df..ae2a4e9 100755 --- a/.pre-commit/unit-test-hook +++ b/.pre-commit/unit-test-hook @@ -21,7 +21,7 @@ hook() { local root_dir root_dir=$(git rev-parse --show-toplevel) - local toolchain_version="1.25.5" + local toolchain_version="1.25.6" if [[ -f "${root_dir}/.project-settings.env" ]]; then # shellcheck disable=SC1090 source "${root_dir}/.project-settings.env" diff --git a/.project-settings.env b/.project-settings.env index 9ace777..d7596e4 100644 --- a/.project-settings.env +++ b/.project-settings.env @@ -1,5 +1,5 @@ -GOLANGCI_LINT_VERSION=v2.7.2 -BUF_VERSION=v1.61.0 -GO_VERSION=1.25.5 +GOLANGCI_LINT_VERSION=v2.8.0 +BUF_VERSION=1.63.0 +GO_VERSION=1.25.6 GCI_PREFIX=github.com/hyp3rd/ewrap PROTO_ENABLED=false diff --git a/Makefile b/Makefile index 3cb6273..6988e56 100644 --- a/Makefile +++ b/Makefile @@ -1,7 +1,7 @@ include .project-settings.env -GOLANGCI_LINT_VERSION ?= v2.7.2 -GO_VERSION ?= 1.25.5 +GOLANGCI_LINT_VERSION ?= v2.8.0 +GO_VERSION ?= 1.25.6 GCI_PREFIX ?= github.com/hyp3rd/ewrap PROTO_ENABLED ?= true diff --git a/format.go b/format.go index c40200e..9cd5768 100644 --- a/format.go +++ b/format.go @@ -13,19 +13,19 @@ import ( // serialized to various formats like JSON and YAML. type ErrorOutput struct { // Message contains the main error message - Message string `json:"message" yaml:"message"` + Message string `json:"message" yaml:"message"` // Timestamp indicates when the error occurred - Timestamp string `json:"timestamp" yaml:"timestamp"` + Timestamp string `json:"timestamp" yaml:"timestamp"` // Type categorizes the error - Type string `json:"type" yaml:"type"` + Type string `json:"type" yaml:"type"` // Severity indicates the error's impact level - Severity string `json:"severity" yaml:"severity"` + Severity string `json:"severity" yaml:"severity"` // Stack contains the error stack trace - Stack string `json:"stack" yaml:"stack"` + Stack string `json:"stack" yaml:"stack"` // Cause contains the underlying error if any - Cause *ErrorOutput `json:"cause,omitempty" yaml:"cause,omitempty"` + Cause *ErrorOutput `json:"cause,omitempty" yaml:"cause,omitempty"` // Context contains additional error context - Context map[string]any `json:"context,omitempty" yaml:"context,omitempty"` + Context map[string]any `json:"context,omitempty" yaml:"context,omitempty"` // Metadata contains user-defined metadata Metadata map[string]any `json:"metadata,omitempty" yaml:"metadata,omitempty"` // Recovery provides guidance on resolving the error diff --git a/go.mod b/go.mod index 150a73d..d8b8977 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ require ( github.com/goccy/go-json v0.10.5 github.com/hashicorp/go-multierror v1.1.1 github.com/rs/zerolog v1.34.0 - github.com/sirupsen/logrus v1.9.3 + github.com/sirupsen/logrus v1.9.4 github.com/stretchr/testify v1.10.0 go.uber.org/multierr v1.11.0 go.uber.org/zap v1.27.1 @@ -23,5 +23,5 @@ require ( github.com/pkg/errors v0.9.1 // indirect github.com/pmezard/go-difflib v1.0.0 // indirect github.com/stretchr/objx v0.5.2 // indirect - golang.org/x/sys v0.39.0 // indirect + golang.org/x/sys v0.40.0 // indirect ) diff --git a/go.sum b/go.sum index b864ecd..bd412cb 100644 --- a/go.sum +++ b/go.sum @@ -28,13 +28,12 @@ github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZN github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY= github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ= -github.com/sirupsen/logrus v1.9.3 h1:dueUQJ1C2q9oE3F7wvmSGAaVtTmUizReu6fjN8uqzbQ= -github.com/sirupsen/logrus v1.9.3/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ= +github.com/sirupsen/logrus v1.9.4 h1:TsZE7l11zFCLZnZ+teH4Umoq5BhEIfIzfRDZ1Uzql2w= +github.com/sirupsen/logrus v1.9.4/go.mod h1:ftWc9WdOfJ0a92nsE2jF5u5ZwH8Bv2zdeOC42RjbV2g= github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME= github.com/stretchr/objx v0.5.2 h1:xuMeJ0Sdp5ZMRXx/aWO6RZxdr3beISkG5/G/aIRr3pY= github.com/stretchr/objx v0.5.2/go.mod h1:FRsXN1f5AsAjCGJKqEizvkpNtU+EGNCLh3NxZ/8L+MA= github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI= -github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg= github.com/stretchr/testify v1.10.0 h1:Xv5erBjTwe/5IxqUQTdXv5kgmIvbHo3QQyRwhJsOfJA= github.com/stretchr/testify v1.10.0/go.mod h1:r2ic/lqez/lEtzL7wO/rwa5dbSLXVDPFyf8C91i36aY= go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc= @@ -45,14 +44,12 @@ go.uber.org/multierr v1.11.0 h1:blXXJkSxSSfBVBlC76pxqeO+LN3aDfLQo+309xJstO0= go.uber.org/multierr v1.11.0/go.mod h1:20+QtiLqy0Nd6FdQB9TLXag12DsQkrbs3htMFfDN80Y= go.uber.org/zap v1.27.1 h1:08RqriUEv8+ArZRYSTXy1LeBScaMpVSTBhCeaZYfMYc= go.uber.org/zap v1.27.1/go.mod h1:GB2qFLM7cTU87MWRP2mPIjqfIDnGu+VIO4V/SdhGo2E= -golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.12.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.39.0 h1:CvCKL8MeisomCi6qNZ+wbb0DN9E5AATixKsvNtMoMFk= -golang.org/x/sys v0.39.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= +golang.org/x/sys v0.40.0 h1:DBZZqJ2Rkml6QMQsZywtnjnnGvHza6BTfYFWY9kjEWQ= +golang.org/x/sys v0.40.0/go.mod h1:OgkHotnGiDImocRcuBABYBEXf8A9a87e/uXjp9XT3ks= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM= gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0= -gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA= gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM= diff --git a/stack.go b/stack.go index 61bd6d3..7d439ca 100644 --- a/stack.go +++ b/stack.go @@ -10,11 +10,11 @@ type StackFrame struct { // Function is the fully qualified function name Function string `json:"function" yaml:"function"` // File is the source file path - File string `json:"file" yaml:"file"` + File string `json:"file" yaml:"file"` // Line is the line number in the source file - Line int `json:"line" yaml:"line"` + Line int `json:"line" yaml:"line"` // PC is the program counter for this frame - PC uintptr `json:"pc" yaml:"pc"` + PC uintptr `json:"pc" yaml:"pc"` } // StackTrace represents a collection of stack frames. diff --git a/types.go b/types.go index 41ec83c..ce34a0c 100644 --- a/types.go +++ b/types.go @@ -84,9 +84,9 @@ func (s Severity) String() string { // RecoverySuggestion provides guidance on how to recover from an error. type RecoverySuggestion struct { // Message provides a human-readable explanation. - Message string `json:"message" yaml:"message"` + Message string `json:"message" yaml:"message"` // Actions lists specific steps that can be taken. - Actions []string `json:"actions" yaml:"actions"` + Actions []string `json:"actions" yaml:"actions"` // Documentation links to relevant documentation. Documentation string `json:"documentation" yaml:"documentation"` } From 17a95d97557beaf8148345aab6801933ad3ec8f9 Mon Sep 17 00:00:00 2001 From: "F." <62474964+hyp3rd@users.noreply.github.com> Date: Fri, 16 Jan 2026 20:05:39 +0100 Subject: [PATCH 2/7] Update .github/workflows/go.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/go.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 5294eba..c17be93 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -18,7 +18,7 @@ jobs: source .project-settings.env set +a echo "go_version=${GO_VERSION}" >> "$GITHUB_OUTPUT" - echo "gci_prefix=${GCI_PREFIX:-github.com/hyp3rd/sectools}" >> "$GITHUB_OUTPUT" + echo "gci_prefix=${GCI_PREFIX:-github.com/hyp3rd/ewrap}" >> "$GITHUB_OUTPUT" echo "golangci_lint_version=${GOLANGCI_LINT_VERSION}" >> "$GITHUB_OUTPUT" echo "proto_enabled=${PROTO_ENABLED:-true}" >> "$GITHUB_OUTPUT" From 5c8c1b0ec6e262633f79343037e42e4a56b8b546 Mon Sep 17 00:00:00 2001 From: "F." <62474964+hyp3rd@users.noreply.github.com> Date: Fri, 16 Jan 2026 20:05:48 +0100 Subject: [PATCH 3/7] Update .project-settings.env Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .project-settings.env | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.project-settings.env b/.project-settings.env index d7596e4..18137ae 100644 --- a/.project-settings.env +++ b/.project-settings.env @@ -1,5 +1,5 @@ GOLANGCI_LINT_VERSION=v2.8.0 -BUF_VERSION=1.63.0 +BUF_VERSION=v1.63.0 GO_VERSION=1.25.6 GCI_PREFIX=github.com/hyp3rd/ewrap PROTO_ENABLED=false From 35c01a2bb8f397ad172f90e33db007010318a1f2 Mon Sep 17 00:00:00 2001 From: "F." <62474964+hyp3rd@users.noreply.github.com> Date: Fri, 16 Jan 2026 20:06:03 +0100 Subject: [PATCH 4/7] Update .github/workflows/go.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/go.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index c17be93..4f824a6 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -20,7 +20,7 @@ jobs: echo "go_version=${GO_VERSION}" >> "$GITHUB_OUTPUT" echo "gci_prefix=${GCI_PREFIX:-github.com/hyp3rd/ewrap}" >> "$GITHUB_OUTPUT" echo "golangci_lint_version=${GOLANGCI_LINT_VERSION}" >> "$GITHUB_OUTPUT" - echo "proto_enabled=${PROTO_ENABLED:-true}" >> "$GITHUB_OUTPUT" + echo "proto_enabled=${PROTO_ENABLED:-false}" >> "$GITHUB_OUTPUT" - name: Set up Go uses: actions/setup-go@v6.1.0 From 5b618d9181af143fe5767615e3da8d6ac9746435 Mon Sep 17 00:00:00 2001 From: "F." <62474964+hyp3rd@users.noreply.github.com> Date: Fri, 16 Jan 2026 20:06:13 +0100 Subject: [PATCH 5/7] Update .github/workflows/gitleaks.yml Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> --- .github/workflows/gitleaks.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 3b19484..85a8949 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -12,7 +12,7 @@ jobs: name: gitleaks runs-on: ubuntu-latest steps: - - uses: actions/checkout@v4 + - uses: actions/checkout@v6 with: fetch-depth: 0 - uses: gitleaks/gitleaks-action@v2 From 336f84d16ab78ac138338b6047450ed9d144f8e5 Mon Sep 17 00:00:00 2001 From: "F." <62474964+hyp3rd@users.noreply.github.com> Date: Fri, 16 Jan 2026 20:13:08 +0100 Subject: [PATCH 6/7] Potential fix for code scanning alert no. 12: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/go.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/go.yml b/.github/workflows/go.yml index 4f824a6..d6ec6c0 100644 --- a/.github/workflows/go.yml +++ b/.github/workflows/go.yml @@ -1,5 +1,7 @@ --- name: Go +permissions: + contents: read on: pull_request: From 1304f3cfe44f5e28e3ff1e37afc9d1a5104fb965 Mon Sep 17 00:00:00 2001 From: "F." <62474964+hyp3rd@users.noreply.github.com> Date: Fri, 16 Jan 2026 20:13:29 +0100 Subject: [PATCH 7/7] Potential fix for code scanning alert no. 13: Workflow does not contain permissions Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com> --- .github/workflows/gitleaks.yml | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.github/workflows/gitleaks.yml b/.github/workflows/gitleaks.yml index 85a8949..a5255d3 100644 --- a/.github/workflows/gitleaks.yml +++ b/.github/workflows/gitleaks.yml @@ -1,5 +1,7 @@ --- name: gitleaks +permissions: + contents: read on: pull_request: push: