From 1f6526fede3651db6df9ce9f4fec26aca0bf6fd9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 24 Feb 2023 09:00:12 +0000
Subject: [PATCH] Bump github.com/dchest/uniuri

Bumps [github.com/dchest/uniuri](https://github.com/dchest/uniuri) from 0.0.0-20200228104902-7aecb25e1fe5 to 1.2.0.
- [Release notes](https://github.com/dchest/uniuri/releases)
- [Commits](https://github.com/dchest/uniuri/commits/v1.2.0)

---
updated-dependencies:
- dependency-name: github.com/dchest/uniuri
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod                                      |  2 +-
 go.sum                                      |  4 +-
 vendor/github.com/dchest/uniuri/.travis.yml |  6 ---
 vendor/github.com/dchest/uniuri/README.md   |  2 -
 vendor/github.com/dchest/uniuri/uniuri.go   | 59 +++++++++++++++++----
 vendor/modules.txt                          |  4 +-
 6 files changed, 54 insertions(+), 23 deletions(-)
 delete mode 100644 vendor/github.com/dchest/uniuri/.travis.yml

diff --git a/go.mod b/go.mod
index 8c46b8ab..e4d58b2a 100644
--- a/go.mod
+++ b/go.mod
@@ -5,7 +5,7 @@ go 1.17
 require (
 	github.com/beevik/etree v1.1.0
 	github.com/crewjam/httperr v0.2.0
-	github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5
+	github.com/dchest/uniuri v1.2.0
 	github.com/form3tech-oss/jwt-go v3.2.2+incompatible
 	github.com/google/go-cmp v0.5.5
 	github.com/kr/pretty v0.3.0
diff --git a/go.sum b/go.sum
index 600aad56..330d963c 100644
--- a/go.sum
+++ b/go.sum
@@ -6,8 +6,8 @@ github.com/crewjam/httperr v0.2.0/go.mod h1:Jlz+Sg/XqBQhyMjdDiC+GNNRzZTD7x39Gu3p
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5 h1:RAV05c0xOkJ3dZGS0JFybxFKZ2WMLabgx3uXnd7rpGs=
-github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5/go.mod h1:GgB8SF9nRG+GqaDtLcwJZsQFhcogVCJ79j4EdT0c2V4=
+github.com/dchest/uniuri v1.2.0 h1:koIcOUdrTIivZgSLhHQvKgqdWZq5d7KdMEWF1Ud6+5g=
+github.com/dchest/uniuri v1.2.0/go.mod h1:fSzm4SLHzNZvWLvWJew423PhAzkpNQYq+uNLq4kxhkY=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible h1:TcekIExNqud5crz4xD2pavyTgWiPvpYe4Xau31I0PRk=
 github.com/form3tech-oss/jwt-go v3.2.2+incompatible/go.mod h1:pbq4aXjuKjdthFRnoDwaVPLA+WlJuPGy+QneDUgJi2k=
 github.com/google/go-cmp v0.5.5 h1:Khx7svrCpmxxtHBq5j2mp/xVjsi8hQMfNLvJFAlrGgU=
diff --git a/vendor/github.com/dchest/uniuri/.travis.yml b/vendor/github.com/dchest/uniuri/.travis.yml
deleted file mode 100644
index 245a2f51..00000000
--- a/vendor/github.com/dchest/uniuri/.travis.yml
+++ /dev/null
@@ -1,6 +0,0 @@
-language: go
-
-go:
-  - 1.3
-  - 1.4
-  - tip
diff --git a/vendor/github.com/dchest/uniuri/README.md b/vendor/github.com/dchest/uniuri/README.md
index b321a5fa..6240bc9b 100644
--- a/vendor/github.com/dchest/uniuri/README.md
+++ b/vendor/github.com/dchest/uniuri/README.md
@@ -1,8 +1,6 @@
 Package uniuri
 =====================
 
-[![Build Status](https://travis-ci.org/dchest/uniuri.svg)](https://travis-ci.org/dchest/uniuri)
-
 ```go
 import "github.com/dchest/uniuri"
 ```
diff --git a/vendor/github.com/dchest/uniuri/uniuri.go b/vendor/github.com/dchest/uniuri/uniuri.go
index 6393446c..dd965921 100644
--- a/vendor/github.com/dchest/uniuri/uniuri.go
+++ b/vendor/github.com/dchest/uniuri/uniuri.go
@@ -22,7 +22,10 @@
 // read from it.
 package uniuri
 
-import "crypto/rand"
+import (
+	"crypto/rand"
+	"math"
+)
 
 const (
 	// StdLen is a standard length of uniuri string to achive ~95 bits of entropy.
@@ -47,35 +50,71 @@ func NewLen(length int) string {
 	return NewLenChars(length, StdChars)
 }
 
-// NewLenChars returns a new random string of the provided length, consisting
+// maxBufLen is the maximum length of a temporary buffer for random bytes.
+const maxBufLen = 2048
+
+// minRegenBufLen is the minimum length of temporary buffer for random bytes
+// to fill after the first rand.Read request didn't produce the full result.
+// If the initial buffer is smaller, this value is ignored.
+// Rationale: for performance, assume it's pointless to request fewer bytes from rand.Read.
+const minRegenBufLen = 16
+
+// estimatedBufLen returns the estimated number of random bytes to request
+// given that byte values greater than maxByte will be rejected.
+func estimatedBufLen(need, maxByte int) int {
+	return int(math.Ceil(float64(need) * (255 / float64(maxByte))))
+}
+
+// NewLenCharsBytes returns a new random byte slice of the provided length, consisting
 // of the provided byte slice of allowed characters (maximum 256).
-func NewLenChars(length int, chars []byte) string {
+func NewLenCharsBytes(length int, chars []byte) []byte {
 	if length == 0 {
-		return ""
+		return nil
 	}
 	clen := len(chars)
 	if clen < 2 || clen > 256 {
 		panic("uniuri: wrong charset length for NewLenChars")
 	}
 	maxrb := 255 - (256 % clen)
-	b := make([]byte, length)
-	r := make([]byte, length+(length/4)) // storage for random bytes.
+	buflen := estimatedBufLen(length, maxrb)
+	if buflen < length {
+		buflen = length
+	}
+	if buflen > maxBufLen {
+		buflen = maxBufLen
+	}
+	buf := make([]byte, buflen) // storage for random bytes
+	out := make([]byte, length) // storage for result
 	i := 0
 	for {
-		if _, err := rand.Read(r); err != nil {
+		if _, err := rand.Read(buf[:buflen]); err != nil {
 			panic("uniuri: error reading random bytes: " + err.Error())
 		}
-		for _, rb := range r {
+		for _, rb := range buf[:buflen] {
 			c := int(rb)
 			if c > maxrb {
 				// Skip this number to avoid modulo bias.
 				continue
 			}
-			b[i] = chars[c%clen]
+			out[i] = chars[c%clen]
 			i++
 			if i == length {
-				return string(b)
+				return out
 			}
 		}
+		// Adjust new requested length, but no smaller than minRegenBufLen.
+		buflen = estimatedBufLen(length-i, maxrb)
+		if buflen < minRegenBufLen && minRegenBufLen < cap(buf) {
+			buflen = minRegenBufLen
+		}
+		if buflen > maxBufLen {
+			buflen = maxBufLen
+		}
 	}
 }
+
+// NewLenChars returns a new random string of the provided length, consisting
+// of the provided byte slice of allowed characters (maximum 256).
+func NewLenChars(length int, chars []byte) string {
+	return string(NewLenCharsBytes(length, chars))
+}
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 3147a2da..ad999cbf 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -6,8 +6,8 @@ github.com/beevik/etree
 github.com/crewjam/httperr
 # github.com/davecgh/go-spew v1.1.1
 ## explicit
-# github.com/dchest/uniuri v0.0.0-20200228104902-7aecb25e1fe5
-## explicit
+# github.com/dchest/uniuri v1.2.0
+## explicit; go 1.19
 github.com/dchest/uniuri
 # github.com/form3tech-oss/jwt-go v3.2.2+incompatible
 ## explicit