[Vendor] Update directly used dependencys (#15593)

* update github.com/blevesearch/bleve v2.0.2 -> v2.0.3 * github.com/denisenkom/go-mssqldb v0.9.0 -> v0.10.0 * github.com/editorconfig/editorconfig-core-go v2.4.1 -> v2.4.2 * github.com/go-chi/cors v1.1.1 -> v1.2.0 * github.com/go-git/go-billy v5.0.0 -> v5.1.0 * github.com/go-git/go-git v5.2.0 -> v5.3.0 * github.com/go-ldap/ldap v3.2.4 -> v3.3.0 * github.com/go-redis/redis v8.6.0 -> v8.8.2 * github.com/go-sql-driver/mysql v1.5.0 -> v1.6.0 * github.com/go-swagger/go-swagger v0.26.1 -> v0.27.0 * github.com/lib/pq v1.9.0 -> v1.10.1 * github.com/mattn/go-sqlite3 v1.14.6 -> v1.14.7 * github.com/go-testfixtures/testfixtures v3.5.0 -> v3.6.0 * github.com/issue9/identicon v1.0.1 -> v1.2.0 * github.com/klauspost/compress v1.11.8 -> v1.12.1 * github.com/mgechev/revive v1.0.3 -> v1.0.6 * github.com/microcosm-cc/bluemonday v1.0.7 -> v1.0.8 * github.com/niklasfasching/go-org v1.4.0 -> v1.5.0 * github.com/olivere/elastic v7.0.22 -> v7.0.24 * github.com/pelletier/go-toml v1.8.1 -> v1.9.0 * github.com/prometheus/client_golang v1.9.0 -> v1.10.0 * github.com/xanzy/go-gitlab v0.44.0 -> v0.48.0 * github.com/yuin/goldmark v1.3.3 -> v1.3.5 * github.com/6543/go-version v1.2.4 -> v1.3.1 * do github.com/lib/pq v1.10.0 -> v1.10.1 again ...
2021-04-23 02:08:53 +02:00 · 2021-04-23 02:08:53 +02:00 · 792b4dba2c
commit 792b4dba2c
parent 834fc74873
558 changed files with 32080 additions and 24669 deletions
--- a/vendor/github.com/chavacava/garif/.gitignore
+++ b/vendor/github.com/chavacava/garif/.gitignore
@ -0,0 +1,3 @@
+*.test
+*.out
+.devcontainer/
--- a/vendor/github.com/chavacava/garif/LICENSE
+++ b/vendor/github.com/chavacava/garif/LICENSE
@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2021 Salvador Cavadini
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
--- a/vendor/github.com/chavacava/garif/README.md
+++ b/vendor/github.com/chavacava/garif/README.md
@ -0,0 +1,52 @@
+# garif
+
+A GO package to create and manipulate SARIF logs.
+
+SARIF, from _Static Analysis Results Interchange Format_, is a standard JSON-based format for the output of static analysis tools defined and promoted by [OASIS](https://www.oasis-open.org/).
+
+Current supported version of the standard is [SARIF-v2.1.0](https://docs.oasis-open.org/sarif/sarif/v2.1.0/csprd01/sarif-v2.1.0-csprd01.html
+).
+
+## Usage
+
+The package provides access to every element of the SARIF model, therefore you are free to manipulate it at every detail.
+
+The package also provides constructors functions (`New...`) and decorators methods (`With...`) that simplify the creation of SARIF files for common use cases.
+
+Using these constructors and decorators we can easily create the example SARIF file of the [Microsoft SARIF pages](https://github.com/microsoft/sarif-tutorials/blob/master/docs/1-Introduction.md)
+
+
+```go
+import to `github.com/chavacava/garif`
+
+// ...
+
+rule := garif.NewRule("no-unused-vars").
+		WithHelpUri("https://eslint.org/docs/rules/no-unused-vars").
+		WithShortDescription("disallow unused variables").
+		WithProperties("category", "Variables")
+
+driver := garif.NewDriver("ESLint").
+		WithInformationUri("https://eslint.org").
+		WithRules(rule)
+
+run := garif.NewRun(NewTool(driver)).
+		WithArtifactsURIs("file:///C:/dev/sarif/sarif-tutorials/samples/Introduction/simple-example.js")
+
+run.WithResult(rule.Id, "'x' is assigned a value but never used.", "file:///C:/dev/sarif/sarif-tutorials/samples/Introduction/simple-example.js", 1, 5)
+
+logFile := garif.NewLogFile([]*Run{run}, Version210)
+
+logFile.Write(os.Stdout)
+```
+
+## Why this package?
+This package was initiated during my works on adding to [`revive`](https://github.com/mgechev/revive) a SARIF output formatter.
+I've tried to use [go-sarif](https://github.com/owenrumney/go-sarif) by [Owen Rumney](https://github.com/owenrumney) but it is too focused in the use case of the static analyzer [tfsec](https://tfsec.dev) so I've decided to create a package flexible enough to generate SARIF files in broader cases.
+
+## More information about SARIF
+For more information about SARIF, you can visit the [Oasis Open](https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=sarif) site.
+
+
+## Contributing 
+Of course, contributions are welcome!
--- a/vendor/github.com/chavacava/garif/constructors.go
+++ b/vendor/github.com/chavacava/garif/constructors.go
@ -0,0 +1,338 @@
+package garif
+
+// NewAddress creates a valid Address
+func NewAddress() *Address {
+	return &Address{}
+}
+
+// NewArtifact creates a valid Artifact
+func NewArtifact() *Artifact {
+	return &Artifact{}
+}
+
+// NewArtifactChange creates a valid ArtifactChange
+func NewArtifactChange(location *ArtifactLocation, replacements ...*Replacement) *ArtifactChange {
+	return &ArtifactChange{
+		ArtifactLocation: location,
+		Replacements:     replacements,
+	}
+}
+
+// NewArtifactContent creates a valid ArtifactContent
+func NewArtifactContent() *ArtifactContent {
+	return &ArtifactContent{}
+}
+
+// NewArtifactLocation creates a valid ArtifactLocation
+func NewArtifactLocation() *ArtifactLocation {
+	return &ArtifactLocation{}
+}
+
+// NewAttachment creates a valid Attachment
+func NewAttachment(location *ArtifactLocation) *Attachment {
+	return &Attachment{ArtifactLocation: location}
+}
+
+// NewCodeFlow creates a valid CodeFlow
+func NewCodeFlow(threadFlows ...*ThreadFlow) *CodeFlow {
+	return &CodeFlow{ThreadFlows: threadFlows}
+}
+
+// NewConfigurationOverride creates a valid ConfigurationOverride
+func NewConfigurationOverride(configuration *ReportingConfiguration, descriptor *ReportingDescriptorReference) *ConfigurationOverride {
+	return &ConfigurationOverride{
+		Configuration: configuration,
+		Descriptor:    descriptor,
+	}
+}
+
+// NewConversion creates a valid Conversion
+func NewConversion(tool *Tool) *Conversion {
+	return &Conversion{Tool: tool}
+}
+
+// NewEdge creates a valid Edge
+func NewEdge(id, sourceNodeId, targetNodeId string) *Edge {
+	return &Edge{
+		Id:           id,
+		SourceNodeId: sourceNodeId,
+		TargetNodeId: targetNodeId,
+	}
+}
+
+// NewEdgeTraversal creates a valid EdgeTraversal
+func NewEdgeTraversal(edgeId string) *EdgeTraversal {
+	return &EdgeTraversal{
+		EdgeId: edgeId,
+	}
+}
+
+// NewException creates a valid Exception
+func NewException() *Exception {
+	return &Exception{}
+}
+
+// NewExternalProperties creates a valid ExternalProperties
+func NewExternalProperties() *ExternalProperties {
+	return &ExternalProperties{}
+}
+
+// NewExternalPropertyFileReference creates a valid ExternalPropertyFileReference
+func NewExternalPropertyFileReference() *ExternalPropertyFileReference {
+	return &ExternalPropertyFileReference{}
+}
+
+// NewExternalPropertyFileReferences creates a valid ExternalPropertyFileReferences
+func NewExternalPropertyFileReferences() *ExternalPropertyFileReferences {
+	return &ExternalPropertyFileReferences{}
+}
+
+// NewFix creates a valid Fix
+func NewFix(artifactChanges ...*ArtifactChange) *Fix {
+	return &Fix{
+		ArtifactChanges: artifactChanges,
+	}
+}
+
+// NewGraph creates a valid Graph
+func NewGraph() *Graph {
+	return &Graph{}
+}
+
+// NewGraphTraversal creates a valid GraphTraversal
+func NewGraphTraversal() *GraphTraversal {
+	return &GraphTraversal{}
+}
+
+// NewInvocation creates a valid Invocation
+func NewInvocation(executionSuccessful bool) *Invocation {
+	return &Invocation{
+		ExecutionSuccessful: executionSuccessful,
+	}
+}
+
+// NewLocation creates a valid Location
+func NewLocation() *Location {
+	return &Location{}
+}
+
+// NewLocationRelationship creates a valid LocationRelationship
+func NewLocationRelationship(target int) *LocationRelationship {
+	return &LocationRelationship{
+		Target: target,
+	}
+}
+
+type LogFileVersion string
+
+const Version210 LogFileVersion = "2.1.0"
+
+// NewLogFile creates a valid LogFile
+func NewLogFile(runs []*Run, version LogFileVersion) *LogFile {
+	return &LogFile{
+		Runs:    runs,
+		Version: version,
+	}
+}
+
+// NewLogicalLocation creates a valid LogicalLocation
+func NewLogicalLocation() *LogicalLocation {
+	return &LogicalLocation{}
+}
+
+// NewMessage creates a valid Message
+func NewMessage() *Message {
+	return &Message{}
+}
+
+// NewMessageFromText creates a valid Message with the given text
+func NewMessageFromText(text string) *Message {
+	return &Message{
+		Text: text,
+	}
+}
+
+// NewMultiformatMessageString creates a valid MultiformatMessageString
+func NewMultiformatMessageString(text string) *MultiformatMessageString {
+	return &MultiformatMessageString{
+		Text: text,
+	}
+}
+
+// NewNode creates a valid Node
+func NewNode(id string) *Node {
+	return &Node{
+		Id: id,
+	}
+}
+
+// NewNotification creates a valid Notification
+func NewNotification(message *Message) *Notification {
+	return &Notification{
+		Message: message,
+	}
+}
+
+// NewPhysicalLocation creates a valid PhysicalLocation
+func NewPhysicalLocation() *PhysicalLocation {
+	return &PhysicalLocation{}
+}
+
+// NewPropertyBag creates a valid PropertyBag
+func NewPropertyBag() *PropertyBag {
+	return &PropertyBag{}
+}
+
+// NewRectangle creates a valid Rectangle
+func NewRectangle() *Rectangle {
+	return &Rectangle{}
+}
+
+// NewRegion creates a valid Region
+func NewRegion() *Region {
+	return &Region{}
+}
+
+// NewReplacement creates a valid Replacement
+func NewReplacement(deletedRegion *Region) *Replacement {
+	return &Replacement{
+		DeletedRegion: deletedRegion,
+	}
+}
+
+// NewReportingConfiguration creates a valid ReportingConfiguration
+func NewReportingConfiguration() *ReportingConfiguration {
+	return &ReportingConfiguration{}
+}
+
+// NewReportingDescriptor creates a valid ReportingDescriptor
+func NewReportingDescriptor(id string) *ReportingDescriptor {
+	return &ReportingDescriptor{
+		Id: id,
+	}
+}
+
+// NewRule is an alias for NewReportingDescriptor
+func NewRule(id string) *ReportingDescriptor {
+	return NewReportingDescriptor(id)
+}
+
+// NewReportingDescriptorReference creates a valid ReportingDescriptorReference
+func NewReportingDescriptorReference() *ReportingDescriptorReference {
+	return &ReportingDescriptorReference{}
+}
+
+// NewReportingDescriptorRelationship creates a valid ReportingDescriptorRelationship
+func NewReportingDescriptorRelationship(target *ReportingDescriptorReference) *ReportingDescriptorRelationship {
+	return &ReportingDescriptorRelationship{
+		Target: target,
+	}
+}
+
+// NewResult creates a valid Result
+func NewResult(message *Message) *Result {
+	return &Result{
+		Message: message,
+	}
+}
+
+// NewResultProvenance creates a valid ResultProvenance
+func NewResultProvenance() *ResultProvenance {
+	return &ResultProvenance{}
+}
+
+// NewRun creates a valid Run
+func NewRun(tool *Tool) *Run {
+	return &Run{
+		Tool: tool,
+	}
+}
+
+// NewRunAutomationDetails creates a valid RunAutomationDetails
+func NewRunAutomationDetails() *RunAutomationDetails {
+	return &RunAutomationDetails{}
+}
+
+// New creates a valid
+func NewSpecialLocations() *SpecialLocations {
+	return &SpecialLocations{}
+}
+
+// NewStack creates a valid Stack
+func NewStack(frames ...*StackFrame) *Stack {
+	return &Stack{
+		Frames: frames,
+	}
+}
+
+// NewStackFrame creates a valid StackFrame
+func NewStackFrame() *StackFrame {
+	return &StackFrame{}
+}
+
+// NewSuppression creates a valid Suppression
+func NewSuppression(kind string) *Suppression {
+	return &Suppression{
+		Kind: kind,
+	}
+}
+
+// NewThreadFlow creates a valid ThreadFlow
+func NewThreadFlow(locations []*ThreadFlowLocation) *ThreadFlow {
+	return &ThreadFlow{
+		Locations: locations,
+	}
+}
+
+// NewThreadFlowLocation creates a valid ThreadFlowLocation
+func NewThreadFlowLocation() *ThreadFlowLocation {
+	return &ThreadFlowLocation{}
+}
+
+// NewTool creates a valid Tool
+func NewTool(driver *ToolComponent) *Tool {
+	return &Tool{
+		Driver: driver,
+	}
+}
+
+// NewToolComponent creates a valid ToolComponent
+func NewToolComponent(name string) *ToolComponent {
+	return &ToolComponent{
+		Name: name,
+	}
+}
+
+// NewDriver is an alias for NewToolComponent
+func NewDriver(name string) *ToolComponent {
+	return NewToolComponent(name)
+}
+
+// NewToolComponentReference creates a valid ToolComponentReference
+func NewToolComponentReference() *ToolComponentReference {
+	return &ToolComponentReference{}
+}
+
+// NewTranslationMetadata creates a valid TranslationMetadata
+func NewTranslationMetadata(name string) *TranslationMetadata {
+	return &TranslationMetadata{
+		Name: name,
+	}
+}
+
+// NewVersionControlDetails creates a valid VersionControlDetails
+func NewVersionControlDetails(repositoryUri string) *VersionControlDetails {
+	return &VersionControlDetails{
+		RepositoryUri: repositoryUri,
+	}
+}
+
+// NewWebRequest creates a valid WebRequest
+func NewWebRequest() *WebRequest {
+	return &WebRequest{}
+}
+
+// NewWebResponse creates a valid WebResponse
+func NewWebResponse() *WebResponse {
+	return &WebResponse{}
+}
--- a/vendor/github.com/chavacava/garif/decorators.go
+++ b/vendor/github.com/chavacava/garif/decorators.go
@ -0,0 +1,94 @@
+package garif
+
+// WithLineColumn sets a physical location with the given line and column
+func (l *Location) WithLineColumn(line, column int) *Location {
+	if l.PhysicalLocation == nil {
+		l.PhysicalLocation = NewPhysicalLocation()
+	}
+
+	l.PhysicalLocation.Region = NewRegion()
+	l.PhysicalLocation.Region.StartLine = line
+	l.PhysicalLocation.Region.StartColumn = column
+
+	return l
+}
+
+// WithURI sets a physical location with the given URI
+func (l *Location) WithURI(uri string) *Location {
+	if l.PhysicalLocation == nil {
+		l.PhysicalLocation = NewPhysicalLocation()
+	}
+
+	l.PhysicalLocation.ArtifactLocation = NewArtifactLocation()
+	l.PhysicalLocation.ArtifactLocation.Uri = uri
+
+	return l
+}
+
+// WithKeyValue sets (overwrites) the value of the given key
+func (b PropertyBag) WithKeyValue(key string, value interface{}) PropertyBag {
+	b[key] = value
+	return b
+}
+
+// WithHelpUri sets the help URI for this ReportingDescriptor
+func (r *ReportingDescriptor) WithHelpUri(uri string) *ReportingDescriptor {
+	r.HelpUri = uri
+	return r
+}
+
+// WithProperties adds the key & value to the properties of this ReportingDescriptor
+func (r *ReportingDescriptor) WithProperties(key string, value interface{}) *ReportingDescriptor {
+	if r.Properties == nil {
+		r.Properties = NewPropertyBag()
+	}
+
+	r.Properties.WithKeyValue(key, value)
+
+	return r
+}
+
+// WithArtifactsURIs adds the given URI as artifacts of this Run
+func (r *Run) WithArtifactsURIs(uris ...string) *Run {
+	if r.Artifacts == nil {
+		r.Artifacts = []*Artifact{}
+	}
+
+	for _, uri := range uris {
+		a := NewArtifact()
+		a.Location = NewArtifactLocation()
+		a.Location.Uri = uri
+		r.Artifacts = append(r.Artifacts, a)
+	}
+
+	return r
+}
+
+// WithResult adds a result to this Run
+func (r *Run) WithResult(ruleId string, message string, uri string, line int, column int) *Run {
+	if r.Results == nil {
+		r.Results = []*Result{}
+	}
+
+	msg := NewMessage()
+	msg.Text = message
+	result := NewResult(msg)
+	location := NewLocation().WithURI(uri).WithLineColumn(line, column)
+
+	result.Locations = append(result.Locations, location)
+	result.RuleId = ruleId
+	r.Results = append(r.Results, result)
+	return r
+}
+
+// WithInformationUri sets the information URI
+func (t *ToolComponent) WithInformationUri(uri string) *ToolComponent {
+	t.InformationUri = uri
+	return t
+}
+
+// WithRules sets (overwrites) the rules
+func (t *ToolComponent) WithRules(rules ...*ReportingDescriptor) *ToolComponent {
+	t.Rules = rules
+	return t
+}
--- a/vendor/github.com/chavacava/garif/doc.go
+++ b/vendor/github.com/chavacava/garif/doc.go
@ -0,0 +1,11 @@
+// Package garif defines all the GO structures required to model a SARIF log file.
+// These structures were created using the JSON-schema sarif-schema-2.1.0.json of SARIF logfiles
+// available at https://github.com/oasis-tcs/sarif-spec/tree/master/Schemata.
+//
+// The package provides constructors for all structures (see constructors.go) These constructors
+// ensure that the returned structure instantiation is valid with respect to the JSON schema and
+// should be used in place of plain structure instantiation.
+// The root structure is LogFile.
+//
+// The package provides utility decorators for the most commonly used structures (see decorators.go)
+package garif
--- a/vendor/github.com/chavacava/garif/go.mod
+++ b/vendor/github.com/chavacava/garif/go.mod
@ -0,0 +1,5 @@
+module github.com/chavacava/garif
+
+go 1.16
+
+require github.com/stretchr/testify v1.7.0
--- a/vendor/github.com/chavacava/garif/go.sum
+++ b/vendor/github.com/chavacava/garif/go.sum
@ -0,0 +1,11 @@
+github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
+github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
+github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
+gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
--- a/vendor/github.com/chavacava/garif/io.go
+++ b/vendor/github.com/chavacava/garif/io.go
@ -0,0 +1,26 @@
+package garif
+
+import (
+	"encoding/json"
+	"io"
+)
+
+// Write writes the JSON
+func (l *LogFile) Write(w io.Writer) error {
+	marshal, err := json.Marshal(l)
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(marshal)
+	return err
+}
+
+// PrettyWrite writes indented JSON
+func (l *LogFile) PrettyWrite(w io.Writer) error {
+	marshal, err := json.MarshalIndent(l, "", "  ")
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(marshal)
+	return err
+}
--- a/vendor/github.com/chavacava/garif/models.go
+++ b/vendor/github.com/chavacava/garif/models.go