| Age | Commit message (Collapse) | Author |
|---|
|
If file size less than half of 1024, the rest of bytes will be `0` and it
will counted as binary character.
|
|
With help of spdxconv tool [1], we able to bulk update all files license
and copyright format to comply with SPDX formats.
[1] https://kilabit.info/project/spdxconv/
|
|
The IsBinaryStream return true if the content has more than 75%
non-printable characters, excluding spaces.
While at it, replace the body of IsBinary with it and update the
test cases to use the internal files.
|
|
The "nolint" tag is used to ignore lines from being processed by
golangci-lint.
Since we are not using golangci-lint anymore, now and in the
future, those lines can be removed.
|
|
Go 1.22 now support for-range on numeric value.
|
|
While at it, temporary disable gosec due to excessive report for G115,
which may be true, but may also break the current working program.
We should alter and fix once we can test and make sure that it does not
breaks.
|
|
Some of warnings from those linter are false positives, so we just
annotated them.
|
|
For HTTP server that use TLS, set the minimum TLS version and
ReadHeaderTimeout to mitigate slowloris attack.
For HTTP client or server that parameterize the use of InsecureSkipVerify,
annotate the line with "nolint:gosec" to allow the code pass the check.
Library that still use sha1, in example in DKIM and TOTP, skip the
warnings by annotating the line with "nolint:gosec".
A pointer variable now allocated their address before assigning its
value.
Any error that returned now wrapped using "%w".
Also, replace error checking using [errors.Is] or [errors.As] instead of
using equal or not-equal operators.
In "lib/http", replace any usage of "math/rand" with "crypto/rand".
Any call of [math/big.Rat.SetString] now annotated with "nolint:gosec"
since its false positive, the issue has been fixed in Go >= 1.17.7.
Any switch case that does not cover the rest of the possible values now
handled by adding the cases or by replacing the "default" case with
the rest of values.
|
|
HTTP request now implicitly create request with context.
Any false positive related to not closing HTTP response body has been
annotated with "nolint:bodyclose".
In the example code, use consistent "// Output:" comment format, by
prefixing with single space.
Any comment on code now also prefixing with single space.
An error returned without variables now use [errors.New] instead of
[fmt.Errorf].
Any error returned using [fmt.Errorf] now wrapped using "%w" instead of
"%s".
Also, replace error checking using [errors.Is] or [errors.As], instead
of using equal/not-equal operator.
Any statement like "x = x OP y" now replaced with "x OP= y".
Also, swap statement is simplified using "x, y = y, x".
Any switch statement with single case now replaced with if-condition.
Any call to defer on function or program that call [os.Exit], now
replaced by calling the deferred function directly.
Any if-else condition now replaced with switch statement, if possible.
|
|
There are several reasons that why we move from github.com.
First, related to the name of package.
We accidentally name the package with "share" a common word in English
that does not reflect the content of repository.
By moving to other repository, we can rename it to better and unique
name, in this "pakakeh.go".
Pakakeh is Minang word for tools, and ".go" suffix indicate that the
repository related to Go programming language.
Second, supporting open source.
The new repository is hosted under sourcehut.org, the founder is known
to support open source, and all their services are licensed under AGPL,
unlike GitHub that are closed sources.
Third, regarding GitHub CoPilot.
The GitHub Terms of Service [1], allow any public content that are hosted
there granted them to parse the content.
On one side, GitHub helps and flourish the open source, but on another
side have an issues regarding scraping the copyleft license [2].
[1]: https://docs.github.com/en/site-policy/github-terms/github-terms-of-service#4-license-grant-to-us
[2]: https://githubcopilotinvestigation.com
|
|
The shadow tool [1] report a variable where its name is declared twice
or more, in different scope.
[1] https://pkg.go.dev/golang.org/x/tools@v0.13.0/go/analysis/passes/shadow
|
|
Using bytes.Buffer is efficient since its use memory rather than
mock.Stdin that use file.
|
|
If ReadByte return an error EOF, do not print it to stderr.
|
|
The Environments function return list of system environment as map of
key and value.
|
|
Once we Join-ed the directory output with the file name, we check if
the result of join is still under directory output, if its not, return
an error to prevent Zip Slip vulnerability [1].
[1] https://cwe.mitre.org/data/definitions/22.html
|
|
|
|
The PathFold replace the path "in" with tilde "~" if its prefix match
with user's home directory from [os.UserHomeDir].
The PathUnfold expand the tilde "~/" prefix into user's home directory
using [os.UserHomeDir] and environment variables using [os.ExpandEnv]
inside the string path "in".
|
|
The lib/io package will be deprecated in the future.
|
|
|
|
Functions like Copy, IsBinary, IsDirEmpty, IsFileExist, RmdirEmptyAll
are read and operate on file and directory on operating system level, so
it is not correct to put it in package io.
|
|
|
|
|
|
The Extract function uncompress and/or unarchive file from fileInput
into directory defined by dirOutput.
This is the high level API that combine standard archive/zip, archive/tar,
compress/bzip2, and/or compress/gzip.
The compression and archive format is detected automatically based on
the following fileInput extension:
* .bz2: decompress using compress/bzip2.
* .gz: decompress using compress/gzip.
* .tar: unarchive using archive/tar.
* .zip: unarchive using archive/zip.
* .tar.bz2: decompress using compress/bzip2 and unarchive using
archive/tar.
* .tar.gz: decompress using compress/gzip and unarchive using
archive/tar.
The output directory, dirOutput, where the decompressed and/or unarchived
file stored. will be created if not exist.
If its empty, it will set to current directory.
On success, the compressed and/or archived file will be removed from the
file system.
|
|
Shell quote is a hell of complex. For example, one can write
shell that execute command that contains quote,
sh -c "psql -c 'CREATE ... IDENTIFIED BY PASSWORD '\''pass'\'''"
or to simplify,
sh -c "psql -c \"CREATE ... IDENTIFIED BY PASSWORD 'pass'\""
|
|
This reverts commit 1adcb7901dc62ef288cf82f504f8fae30068b21b.
Reason for revert:
Given the following string statement: `sh -c "echo a"`, the
ParseCommandArgs will return
cmd: "sh"
args: []string{`-c`, `"echo a"`}
If we pass this to exec.Command(cmd, args) and call Run, it will return
an error
sh: line 1: echo a: command not found
|
|
Previously, if we pass `a "b c"` to ParseCommanArgs, it will return
`a` as command and `b c` in args.
Now, it will return `"b c"` in args with double quotes.
|
|
Given the following string "cmd /a\ b" to ParseCommandArgs now it should
return "cmd" and ["/a b"] not ["/a\", "b"], because the space after a
is escaped using backslash.
|
|
Previously, the test.Assert and test.AssertBench functions has the
boolean parameter to print the stack trace of test in case its not equal.
Since this parameter is not mandatory and its usually always set to
"true", we remove them from function signature to simplify the call
to Assert and AssertBench.
|
|
New extension to standard package is function ParseCommandArgs() that
receive input as string and return itas command and list of arguments.
Unlike strings.Fields() which only separated the field by space,
ParseCommandArgs can detect possible single, double, or back quotes.
Another extension is Run() function that accept the string command
to be executed and their standard output and error.
|
