Merge pull request #66 from truemail-rb/develop

truemail-go v1.0.4
truemail-rb · Feb 19, 2023 · 63c742f · 63c742f
2 parents e46049c + 30020c0
commit 63c742f
Show file tree

Hide file tree

Showing 7 changed files with 148 additions and 58 deletions.
diff --git a/.circleci/config.yml b/.circleci/config.yml
@@ -5,12 +5,12 @@ version: 2.1
 defaults: &defaults
   working_directory: ~/truemail-go
   docker:
-    - image: cimg/go:1.19
+    - image: cimg/go:1.20.1
 
 jobs:
   linters:
     docker:
-      - image: golangci/golangci-lint:v1.50.1-alpine
+      - image: golangci/golangci-lint:v1.51.1-alpine
 
     steps:
       - checkout
@@ -24,7 +24,8 @@ jobs:
 
       - run:
           name: Running linters
-          command: lefthook run linters
+          command: |
+            lefthook run linters
 
   tests:
     <<: *defaults
@@ -34,7 +35,8 @@ jobs:
 
       - run:
           name: Running tests
-          command: gotestsum --format standard-verbose -- -coverprofile=coverage_report ./...
+          command: |
+            gotestsum --format standard-verbose -- -coverprofile=coverage_report ./...
 
       - run:
           name: Creating coverage reports
@@ -58,22 +60,48 @@ jobs:
           command: |
             bash <(curl -s https://codecov.io/bash) -f coverage_report
 
+  tag:
+    <<: *defaults
+
+    steps:
+      - checkout
+
+      - add_ssh_keys:
+          fingerprints:
+            - "f6:1c:3f:c6:bd:08:21:0b:2c:a9:0a:1f:7b:92:1d:00"
+
+      - run:
+          name: Publishing new tag to GitHub
+          command: |
+            ./.circleci/scripts/tag.sh
+
   release:
     <<: *defaults
 
     steps:
       - checkout
 
+      - add_ssh_keys:
+          fingerprints:
+            - "f6:1c:3f:c6:bd:08:21:0b:2c:a9:0a:1f:7b:92:1d:00"
+
       - run:
-          name: Publishing new release to Go Packages
+          name: Publishing new release to GitHub, Go Packages
           command: |
-            ./.circleci/scripts/release.sh
+            ./.circleci/scripts/release.sh truemail-rb truemail-go
 
 workflows:
   build:
     jobs:
       - linters
       - tests
+      - tag:
+          requires:
+            - linters
+            - tests
+          filters:
+            branches:
+              only: master
       - release:
           filters:
             branches:

diff --git a/.circleci/scripts/release.sh b/.circleci/scripts/release.sh
@@ -1,13 +1,52 @@
 #!/bin/sh
 set -e
 
-latest_tag() {
-  git tag -l | grep -E "^v[0-9]+\.[0-9]+\.[0-9]+" | cut -d"-" -f 1 | sort | tail -n 1
+GITHUB_NAMESPACE=$1
+GITHUB_REPOSITORY=$2
+GH_CLI_RELEASES_URL="https://github.com/cli/cli/releases"
+FILE_NAME="gh"
+BUILD_ARCHITECTURE="linux_amd64.deb"
+DELIMETER="_"
+PACKAGE_FILE="$FILE_NAME$DELIMETER$BUILD_ARCHITECTURE"
+
+get_release_candidate_tag() {
+  git tag --sort=v:refname | grep -E "v[0-9]+\.[0-9]+\.[0-9]+" | tail -n 1
+}
+
+RELEASE_CANDIDATE_TAG=$(get_release_candidate_tag)
+CURRENT_VERSION="$(printf '%s' "$RELEASE_CANDIDATE_TAG" | cut -c 2-2)"
+RELEASE_VERSION=$(if [ "$CURRENT_VERSION" -gt 1 ]; then echo "v$CURRENT_VERSION"; else echo; fi)
+
+release_to_pkg_go() {
+  echo "Triggering pkg.go.dev about new release..."
+  curl -X POST "https://pkg.go.dev/fetch/github.com/$GITHUB_NAMESPACE/$GITHUB_REPOSITORY/$RELEASE_VERSION@$RELEASE_CANDIDATE_TAG"
+}
+
+gh_cli_latest_release() {
+  curl -sL -o /dev/null -w '%{url_effective}' "$GH_CLI_RELEASES_URL/latest" | rev | cut -f 1 -d '/'| rev
+}
+
+download_gh_cli() {
+  test -z "$VERSION" && VERSION="$(gh_cli_latest_release)"
+  test -z "$VERSION" && {
+    echo "Unable to get GitHub CLI release." >&2
+    exit 1
+  }
+  curl -s -L -o "$PACKAGE_FILE" "$GH_CLI_RELEASES_URL/download/$VERSION/$FILE_NAME$DELIMETER$(printf '%s' "$VERSION" | cut -c 2-100)$DELIMETER$BUILD_ARCHITECTURE"
+}
+
+install_gh_cli() {
+  sudo dpkg -i "$PACKAGE_FILE"
+  rm "$PACKAGE_FILE"
 }
 
-publish_release() {
-  echo "Triggering pkg.go.dev about new truemail-go release..."
-  curl -X POST "https://pkg.go.dev/fetch/github.com/truemail-rb/truemail-go@$(latest_tag)"
+release_to_github() {
+  echo "Downloading and installing latest gh cli..."
+  download_gh_cli
+  install_gh_cli
+  echo "Publishing new release notes to GitHub..."
+  gh release create "$RELEASE_CANDIDATE_TAG" --generate-notes
 }
 
-publish_release
+release_to_pkg_go
+release_to_github
diff --git a/.circleci/scripts/tag.sh b/.circleci/scripts/tag.sh
@@ -0,0 +1,30 @@
+#!/bin/sh
+set -e
+
+SEMVER_REGEX_PATTERN="[0-9]+\.[0-9]+\.[0-9]+"
+
+latest_changelog_tag() {
+  grep -Po "(?<=\#\# \[)$SEMVER_REGEX_PATTERN?(?=\])" CHANGELOG.md | head -n 1
+}
+
+latest_git_tag() {
+  git tag --sort=v:refname | grep -E "v$SEMVER_REGEX_PATTERN" | tail -n 1
+}
+
+TAG_CANDIDATE="v$(latest_changelog_tag)"
+
+if [ "$TAG_CANDIDATE" != "$(latest_git_tag)" ]
+then
+  echo "Configuring git..."
+  git config --global user.email "${PUBLISHER_EMAIL}"
+  git config --global user.name "${PUBLISHER_NAME}"
+  echo "Pushing new semver tag to GitHub..."
+  git tag "$TAG_CANDIDATE"
+  git push --tags
+  echo "Updating develop branch with new semver tag..."
+  git checkout develop
+  git merge "$TAG_CANDIDATE" --ff --no-edit
+  git push origin develop
+else
+  echo "Latest changelog tag ($TAG_CANDIDATE) already released on GitHub. Tagging is not required."
+fi
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -2,6 +2,23 @@
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
+## [1.0.4] - 2023-02-19
+
+### Added
+
+- Added tag script for new release tagging
+
+### Updated
+
+- Updated `go` to `1.20.1`
+- Updated releasing script (auto deploy to `GitHub`/`Go Packages`)
+- Updated `CircleCI` config
+- Updated project license
+
+### Fixed
+
+- Updated `x/net` dependency. A maliciously crafted HTTP/2 stream could cause excessive CPU consumption in the `HPACK` decoder, sufficient to cause a denial of service from a small number of small requests, [CVE-2022-41723](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41723)
+
 ## [1.0.3] - 2022-12-26
 
 ### Added

diff --git a/LICENSE.txt b/LICENSE.txt
@@ -1,6 +1,6 @@
 The MIT License (MIT)
 
-Copyright (c) 2021-2022 Vladislav Trotsenko
+Copyright (c) 2021-2023 Vladislav Trotsenko
 
 Permission is hereby granted, free of charge, to any person obtaining a copy
 of this software and associated documentation files (the "Software"), to deal

diff --git a/go.mod b/go.mod
@@ -1,23 +1,22 @@
 module github.com/truemail-rb/truemail-go
 
-go 1.19
+go 1.20
 
 require (
-	github.com/brianvoe/gofakeit/v6 v6.19.0
+	github.com/brianvoe/gofakeit/v6 v6.20.1
 	github.com/foxcpp/go-mockdns v1.0.0
-	github.com/mocktools/go-smtp-mock/v2 v2.0.1
+	github.com/mocktools/go-smtp-mock/v2 v2.0.5
 	github.com/stretchr/testify v1.8.1
-	golang.org/x/net v0.1.0
+	golang.org/x/net v0.7.0
 )
 
 require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/miekg/dns v1.1.50 // indirect
+	github.com/miekg/dns v1.1.25 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
 	github.com/stretchr/objx v0.5.0 // indirect
-	golang.org/x/mod v0.6.0 // indirect
-	golang.org/x/sys v0.1.0 // indirect
-	golang.org/x/text v0.4.0 // indirect
-	golang.org/x/tools v0.2.0 // indirect
+	golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392 // indirect
+	golang.org/x/sys v0.5.0 // indirect
+	golang.org/x/text v0.7.0 // indirect
 	gopkg.in/yaml.v3 v3.0.1 // indirect
 )
diff --git a/go.sum b/go.sum
@@ -1,15 +1,14 @@
-github.com/brianvoe/gofakeit/v6 v6.19.0 h1:g+yJ+meWVEsAmR+bV4mNM/eXI0N+0pZ3D+Mi+G5+YQo=
-github.com/brianvoe/gofakeit/v6 v6.19.0/go.mod h1:Ow6qC71xtwm79anlwKRlWZW6zVq9D2XHE4QSSMP/rU8=
+github.com/brianvoe/gofakeit/v6 v6.20.1 h1:8ihJ60OvPnPJ2W6wZR7M+TTeaZ9bml0z6oy4gvyJ/ek=
+github.com/brianvoe/gofakeit/v6 v6.20.1/go.mod h1:Ow6qC71xtwm79anlwKRlWZW6zVq9D2XHE4QSSMP/rU8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/foxcpp/go-mockdns v1.0.0 h1:7jBqxd3WDWwi/6WhDvacvH1XsN3rOLXyHM1uhvIx6FI=
 github.com/foxcpp/go-mockdns v1.0.0/go.mod h1:lgRN6+KxQBawyIghpnl5CezHFGS9VLzvtVlwxvzXTQ4=
+github.com/miekg/dns v1.1.25 h1:dFwPR6SfLtrSwgDcIq2bcU/gVutB4sNApq2HBdqcakg=
 github.com/miekg/dns v1.1.25/go.mod h1:bPDLeHnStXmXAq1m/Ch/hvfNHr14JKNPMBo3VZKjuso=
-github.com/miekg/dns v1.1.50 h1:DQUfb9uc6smULcREF09Uc+/Gd46YWqJd5DbpPE9xkcA=
-github.com/miekg/dns v1.1.50/go.mod h1:e3IlAVfNqAllflbibAZEWOXOQ+Ynzk/dDozDxY7XnME=
-github.com/mocktools/go-smtp-mock/v2 v2.0.1 h1:tbzqsuPs3d7mpB/yXBizDBE/9LpysXHdKx9Lj8ZqQuc=
-github.com/mocktools/go-smtp-mock/v2 v2.0.1/go.mod h1:n8aNpDYncZHH/cZHtJKzQyeYT/Dut00RghVM+J1Ed94=
+github.com/mocktools/go-smtp-mock/v2 v2.0.5 h1:4Y6ZZkumWad8c9YSQjcInSgGbmwOQ2QhwLImywBzuPo=
+github.com/mocktools/go-smtp-mock/v2 v2.0.5/go.mod h1:n8aNpDYncZHH/cZHtJKzQyeYT/Dut00RghVM+J1Ed94=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -20,50 +19,28 @@ github.com/stretchr/testify v1.7.1/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/
 github.com/stretchr/testify v1.8.0/go.mod h1:yNjHg4UonilssWZ8iaSj1OCr/vHnekPRkoO+kdMU+MU=
 github.com/stretchr/testify v1.8.1 h1:w7B6lhMri9wdJUVmEZPGGhZzrYTPvgJArz7wNPgYKsk=
 github.com/stretchr/testify v1.8.1/go.mod h1:w2LPCIKwWwSfY2zedu0+kehJoqGctiVI29o6fzry7u4=
-github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392 h1:ACG4HJsFiNMf47Y4PeRoebLNy/2lXT9EtprMuTFWt1M=
 golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
-golang.org/x/mod v0.6.0 h1:b9gGHsz9/HhJ3HF5DHQytPpuwocVTChQJK3AvoLRD5I=
-golang.org/x/mod v0.6.0/go.mod h1:4mET923SAdbXp2ki8ey+zGs1SLqsuM2Y0uvdZR/fUNI=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
-golang.org/x/net v0.0.0-20210726213435-c6fcb2dbf985/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
-golang.org/x/net v0.1.0 h1:hZ/3BUoy5aId7sCpA/Tc5lt8DkFgdVS2onTpJsZ/fl0=
-golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco=
+golang.org/x/net v0.7.0 h1:rJrUqqhjsgNp7KqAIc25s9pZnjU7TUcSY7HcVZjdn1g=
+golang.org/x/net v0.7.0/go.mod h1:2Tu9+aMcznHK/AK1HMvgo6xiTLG5rD5rZLDS+rp2Bjs=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
-golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
-golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/sys v0.5.0 h1:MUK/U/4lj1t1oPg0HfuXDN/Z1wv31ZJ/YcPiGccS4DU=
+golang.org/x/sys v0.5.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
-golang.org/x/text v0.4.0 h1:BrVqGRd7+k1DiOgtnFvAkoQEWQvBc25ouMJM6429SFg=
-golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/text v0.7.0 h1:4BRB4x83lYWy72KwLD/qYDuTu7q9PjSagHvijDw7cLo=
+golang.org/x/text v0.7.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.1.6-0.20210726203631-07bc1bf47fb2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
-golang.org/x/tools v0.2.0 h1:G6AHpWxTMGY1KyEYoAQ5WTtIekUUvDNjan3ugu60JvE=
-golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=