Update dependencies and build to go1.22 (#2113)

* Update dependencies and build to go1.22 * Fix api changes wrt to dependencies * Update golangci config
2024-05-23 23:44:31 +02:00
parent 56e7bd01ca
commit 2f33fe86f5
1556 changed files with 3279522 additions and 1924375 deletions
--- a/vendor/github.com/labstack/echo/v4/middleware/secure.go
+++ b/vendor/github.com/labstack/echo/v4/middleware/secure.go
@@ -1,3 +1,6 @@
+// SPDX-License-Identifier: MIT
+// SPDX-FileCopyrightText: © 2015 LabStack LLC and Echo contributors
+
 package middleware

 import (
@@ -6,84 +9,80 @@ import (
 	"github.com/labstack/echo/v4"
 )

-type (
-	// SecureConfig defines the config for Secure middleware.
-	SecureConfig struct {
-		// Skipper defines a function to skip middleware.
-		Skipper Skipper
+// SecureConfig defines the config for Secure middleware.
+type SecureConfig struct {
+	// Skipper defines a function to skip middleware.
+	Skipper Skipper

-		// XSSProtection provides protection against cross-site scripting attack (XSS)
-		// by setting the `X-XSS-Protection` header.
-		// Optional. Default value "1; mode=block".
-		XSSProtection string `yaml:"xss_protection"`
+	// XSSProtection provides protection against cross-site scripting attack (XSS)
+	// by setting the `X-XSS-Protection` header.
+	// Optional. Default value "1; mode=block".
+	XSSProtection string `yaml:"xss_protection"`

-		// ContentTypeNosniff provides protection against overriding Content-Type
-		// header by setting the `X-Content-Type-Options` header.
-		// Optional. Default value "nosniff".
-		ContentTypeNosniff string `yaml:"content_type_nosniff"`
+	// ContentTypeNosniff provides protection against overriding Content-Type
+	// header by setting the `X-Content-Type-Options` header.
+	// Optional. Default value "nosniff".
+	ContentTypeNosniff string `yaml:"content_type_nosniff"`

-		// XFrameOptions can be used to indicate whether or not a browser should
-		// be allowed to render a page in a <frame>, <iframe> or <object> .
-		// Sites can use this to avoid clickjacking attacks, by ensuring that their
-		// content is not embedded into other sites.provides protection against
-		// clickjacking.
-		// Optional. Default value "SAMEORIGIN".
-		// Possible values:
-		// - "SAMEORIGIN" - The page can only be displayed in a frame on the same origin as the page itself.
-		// - "DENY" - The page cannot be displayed in a frame, regardless of the site attempting to do so.
-		// - "ALLOW-FROM uri" - The page can only be displayed in a frame on the specified origin.
-		XFrameOptions string `yaml:"x_frame_options"`
+	// XFrameOptions can be used to indicate whether or not a browser should
+	// be allowed to render a page in a <frame>, <iframe> or <object> .
+	// Sites can use this to avoid clickjacking attacks, by ensuring that their
+	// content is not embedded into other sites.provides protection against
+	// clickjacking.
+	// Optional. Default value "SAMEORIGIN".
+	// Possible values:
+	// - "SAMEORIGIN" - The page can only be displayed in a frame on the same origin as the page itself.
+	// - "DENY" - The page cannot be displayed in a frame, regardless of the site attempting to do so.
+	// - "ALLOW-FROM uri" - The page can only be displayed in a frame on the specified origin.
+	XFrameOptions string `yaml:"x_frame_options"`

-		// HSTSMaxAge sets the `Strict-Transport-Security` header to indicate how
-		// long (in seconds) browsers should remember that this site is only to
-		// be accessed using HTTPS. This reduces your exposure to some SSL-stripping
-		// man-in-the-middle (MITM) attacks.
-		// Optional. Default value 0.
-		HSTSMaxAge int `yaml:"hsts_max_age"`
+	// HSTSMaxAge sets the `Strict-Transport-Security` header to indicate how
+	// long (in seconds) browsers should remember that this site is only to
+	// be accessed using HTTPS. This reduces your exposure to some SSL-stripping
+	// man-in-the-middle (MITM) attacks.
+	// Optional. Default value 0.
+	HSTSMaxAge int `yaml:"hsts_max_age"`

-		// HSTSExcludeSubdomains won't include subdomains tag in the `Strict Transport Security`
-		// header, excluding all subdomains from security policy. It has no effect
-		// unless HSTSMaxAge is set to a non-zero value.
-		// Optional. Default value false.
-		HSTSExcludeSubdomains bool `yaml:"hsts_exclude_subdomains"`
+	// HSTSExcludeSubdomains won't include subdomains tag in the `Strict Transport Security`
+	// header, excluding all subdomains from security policy. It has no effect
+	// unless HSTSMaxAge is set to a non-zero value.
+	// Optional. Default value false.
+	HSTSExcludeSubdomains bool `yaml:"hsts_exclude_subdomains"`

-		// ContentSecurityPolicy sets the `Content-Security-Policy` header providing
-		// security against cross-site scripting (XSS), clickjacking and other code
-		// injection attacks resulting from execution of malicious content in the
-		// trusted web page context.
-		// Optional. Default value "".
-		ContentSecurityPolicy string `yaml:"content_security_policy"`
+	// ContentSecurityPolicy sets the `Content-Security-Policy` header providing
+	// security against cross-site scripting (XSS), clickjacking and other code
+	// injection attacks resulting from execution of malicious content in the
+	// trusted web page context.
+	// Optional. Default value "".
+	ContentSecurityPolicy string `yaml:"content_security_policy"`

-		// CSPReportOnly would use the `Content-Security-Policy-Report-Only` header instead
-		// of the `Content-Security-Policy` header. This allows iterative updates of the
-		// content security policy by only reporting the violations that would
-		// have occurred instead of blocking the resource.
-		// Optional. Default value false.
-		CSPReportOnly bool `yaml:"csp_report_only"`
+	// CSPReportOnly would use the `Content-Security-Policy-Report-Only` header instead
+	// of the `Content-Security-Policy` header. This allows iterative updates of the
+	// content security policy by only reporting the violations that would
+	// have occurred instead of blocking the resource.
+	// Optional. Default value false.
+	CSPReportOnly bool `yaml:"csp_report_only"`

-		// HSTSPreloadEnabled will add the preload tag in the `Strict Transport Security`
-		// header, which enables the domain to be included in the HSTS preload list
-		// maintained by Chrome (and used by Firefox and Safari): https://hstspreload.org/
-		// Optional.  Default value false.
-		HSTSPreloadEnabled bool `yaml:"hsts_preload_enabled"`
+	// HSTSPreloadEnabled will add the preload tag in the `Strict Transport Security`
+	// header, which enables the domain to be included in the HSTS preload list
+	// maintained by Chrome (and used by Firefox and Safari): https://hstspreload.org/
+	// Optional.  Default value false.
+	HSTSPreloadEnabled bool `yaml:"hsts_preload_enabled"`

-		// ReferrerPolicy sets the `Referrer-Policy` header providing security against
-		// leaking potentially sensitive request paths to third parties.
-		// Optional. Default value "".
-		ReferrerPolicy string `yaml:"referrer_policy"`
-	}
-)
+	// ReferrerPolicy sets the `Referrer-Policy` header providing security against
+	// leaking potentially sensitive request paths to third parties.
+	// Optional. Default value "".
+	ReferrerPolicy string `yaml:"referrer_policy"`
+}

-var (
-	// DefaultSecureConfig is the default Secure middleware config.
-	DefaultSecureConfig = SecureConfig{
-		Skipper:            DefaultSkipper,
-		XSSProtection:      "1; mode=block",
-		ContentTypeNosniff: "nosniff",
-		XFrameOptions:      "SAMEORIGIN",
-		HSTSPreloadEnabled: false,
-	}
-)
+// DefaultSecureConfig is the default Secure middleware config.
+var DefaultSecureConfig = SecureConfig{
+	Skipper:            DefaultSkipper,
+	XSSProtection:      "1; mode=block",
+	ContentTypeNosniff: "nosniff",
+	XFrameOptions:      "SAMEORIGIN",
+	HSTSPreloadEnabled: false,
+}

 // Secure returns a Secure middleware.
 // Secure middleware provides protection against cross-site scripting (XSS) attack,