An opinionated production-ready SQL-/Swagger-first RESTful JSON API written in Go, highly integrated with VSCode DevContainers by allaboutapps.

go-starter

go-starter is an opinionated production-ready RESTful JSON backend template written in Go, highly integrated with VSCode DevContainers by allaboutapps.

License: MIT Build and Test codecov Go Report Card Swagger Validator GitHub contributors Mentioned in Awesome Go

go starter overview

Demo: https://go-starter.allaboutapps.at
FAQ: https://github.com/allaboutapps/go-starter/wiki/FAQ

Table of Contents

Features

  • Full local golang service development environment using Docker Compose and VSCode devcontainers that just works with Linux, MacOS and Windows.
  • Adheres to the project layout defined in golang-standard/project-layout.
  • Provides database migration (sql-migrate) and models generation (SQLBoiler) workflows for PostgreSQL databases.
  • Integrates IntegreSQL for fast, concurrent and isolated integration testing with real PostgreSQL databases.
  • Auto-installs our recommended VSCode extensions for golang development.
  • Integrates go-swagger for compile-time generation of swagger.yml, structs and request/response validation functions.
  • Integrates MailHog for easy SMTP-based email testing.
  • Integrates SwaggerUI for live-previewing your Swagger v2 schema.
  • Integrates pgFormatter and vscode-pgFormatter for SQL formatting.
  • Comes with fully implemented auth package, an OAuth2 RESTful JSON API ready to be extended according to your requirements.
  • Implements OAuth 2.0 Bearer Tokens and password authentication using argon2id hashes.
  • Comes with a tested mock and FCM provider for sending push notifications and storing push tokens.
  • CLI layer provided by spf13/cobra. It's exceptionally easy to add additional sub-commands.
  • Comes with an initial PostgreSQL database structure (see /migrations), covering:
    • auth tokens (access-, refresh-, password-reset-tokens),
    • a generic auth-related user model
    • an app-specific bare-bones app_user_profile model,
    • push notification tokens and
    • a health check sequence (for performing writeable checks).
  • API endpoints and CLI for liveness (/-/healthy) and readiness (/-/ready) probes
  • Parallel jobs optimized Makefile and various convenience scripts (see all targets and its description via make help). A full rebuild only takes seconds.
  • Multi-staged Dockerfile (development -> builder -> app).

Usage

Please find more detailed information regarding the history, usage and other whys? of this project in our FAQ.

Demo

A demo go-starter service is deployed at https://go-starter.allaboutapps.at for you to play around with.

Please visit our FAQ to find out more about the limitations of this demo environment.

Requirements

Requires the following local setup for development:

This project makes use of the Remote - Containers extension provided by Visual Studio Code. A local installation of the Go tool-chain is no longer required when using this setup.

Please refer to the official installation guide how this works for your host OS and head to our FAQ: How does our VSCode setup work? if you encounter issues.

Quickstart

Create a new git repository through the GitHub template repository feature (use this template). You will then start with a single initial commit in your own repository.

# Clone your new repository, cd into it, then easily start the docker-compose dev environment through our helper
./docker-helper.sh --up

You should be inside the 'service' docker container with a bash shell.

development@94242c61cf2b:/app$ # inside your container...

# Shortcut for make init, make build, make info and make test
make all

# Print all available make targets
make help

Merge with the go-starter template repository to get future updates

These steps are not necessary if you have a "real" fork.

If your new project is generated from a template project (you have a single commit), you want to run the following command immediately and before applying any changes. Otherwise you won't be able to easily merge upstream go-starter changes into your own repository (see GitHub Template Repositories, Refusing to merge unrelated histories and FAQ: I want to compare or update my project/fork to the latest go-starter master).

make git-merge-go-starter
# Attempting to execute 'git merge --no-commit --no-ff go-starter/master' into your current HEAD.
# Are you sure? [y/N]y
# git merge --no-commit --no-ff --allow-unrelated-histories go-starter/master

git commit -m "Initial merge of unrelated go-starter template history"

Set project module name for your new project

To replace all occurrences of allaboutapps.dev/aw/go-stater (our internal module name of this project) with your desired projects' module name, do the following:

development@94242c61cf2b:/app$ # inside your container...

# Set a new go project module name.
make set-module-name
# allaboutapps.dev/<GIT_PROJECT>/<GIT_REPO> (internal only)
# github.com/<USER>/<PROJECT>
# e.g. github.com/majodev/my-service

The above command writes your new go module name to tmp/.modulename, go.mod. It actually sets it everywhere in **/* - thus this step is typically only required once. If you need to merge changes from the upstream go-starter later, we may want to run make force-module-name to set your own go module name everywhere again (especially relevant for new files / import paths). See our FAQ for more information about this update flow.

Optionally you may want to move the original README.md and LICENSE away:

development@94242c61cf2b:/app$ # inside your container...

# Optionally you may want to move our LICENSE and README.md away.
mv README.md README-go-starter.md
mv LICENSE LICENSE-go-starter

# Optionally create a new README.md for your project.
make get-module-name > README.md

Visual Studio Code

If you are new to VSCode Remote - Containers feature, see our FAQ: How does our VSCode setup work?.

Run CMD+SHIFT+P Go: Install/Update Tools after attaching to the container with VSCode to auto-install all golang related vscode extensions.

Building and testing

Other useful commands while developing your service:

development@94242c61cf2b:/app$ # inside your container...

# Print all available make targets
make help

# Shortcut for make init, make build, make info and make test
make all

# Init install/cache dependencies and install tools to bin
make init

# Rebuild only after changes to files (generate, format, build, lint)
make

# Execute all tests
make test

Running

To run the service locally you may:

development@94242c61cf2b:/app$ # inside your development container...

# First ensure you have a fresh `app` executable available
make build

# Check if all requirements for becoming are met (db is available, mnt path is writeable)
app probe readiness -v

# Migrate up the database
app db migrate

# Seed the database (if you have any fixtures defined in `/internal/data/fixtures.go`)
app db seed

# Start the locally-built server
app server

# Now available at http://127.0.0.1:8080

# You may also run all the above commands in a single command
app server --probe --migrate --seed # or `app server -pms`

Uninstall

Simply run ./docker-helper --destroy in your working directory (on your host machine) to wipe all docker related traces of this project (and its volumes!).

Additional resources

Contributing

Pull requests are welcome. For major changes, please open an issue first to discuss what you would like to change.

Please make sure to update tests as appropriate.

Maintainers

License

MIT © 2021 aaa – all about apps GmbH | Michael Farkas | Nick Müller | Mario Ranftl | Manuel Wieser and the "go-starter" project contributors

Comments
  • Bump google.golang.org/api from 0.74.0 to 0.103.0

    Bump google.golang.org/api from 0.74.0 to 0.103.0

    Bumps google.golang.org/api from 0.74.0 to 0.103.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.103.0

    0.103.0 (2022-11-08)

    Features

    v0.102.0

    0.102.0 (2022-11-02)

    Features

    v0.101.0

    0.101.0 (2022-10-25)

    Features

    v0.100.0

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    v0.99.0

    0.99.0 (2022-10-14)

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.103.0 (2022-11-08)

    Features

    0.102.0 (2022-11-02)

    Features

    0.101.0 (2022-10-25)

    Features

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    0.99.0 (2022-10-14)

    Features

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump google.golang.org/api from 0.74.0 to 0.102.0

    Bump google.golang.org/api from 0.74.0 to 0.102.0

    Bumps google.golang.org/api from 0.74.0 to 0.102.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.102.0

    0.102.0 (2022-11-02)

    Features

    v0.101.0

    0.101.0 (2022-10-25)

    Features

    v0.100.0

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    v0.99.0

    0.99.0 (2022-10-14)

    Features

    v0.98.0

    0.98.0 (2022-09-27)

    Features

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.102.0 (2022-11-02)

    Features

    0.101.0 (2022-10-25)

    Features

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    0.99.0 (2022-10-14)

    Features

    0.98.0 (2022-09-27)

    Features

    0.97.0 (2022-09-21)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump google.golang.org/api from 0.74.0 to 0.101.0

    Bump google.golang.org/api from 0.74.0 to 0.101.0

    Bumps google.golang.org/api from 0.74.0 to 0.101.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.101.0

    0.101.0 (2022-10-25)

    Features

    v0.100.0

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    v0.99.0

    0.99.0 (2022-10-14)

    Features

    v0.98.0

    0.98.0 (2022-09-27)

    Features

    v0.97.0

    0.97.0 (2022-09-21)

    Features

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.101.0 (2022-10-25)

    Features

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    0.99.0 (2022-10-14)

    Features

    0.98.0 (2022-09-27)

    Features

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump google.golang.org/api from 0.74.0 to 0.100.0

    Bump google.golang.org/api from 0.74.0 to 0.100.0

    Bumps google.golang.org/api from 0.74.0 to 0.100.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.100.0

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    v0.99.0

    0.99.0 (2022-10-14)

    Features

    v0.98.0

    0.98.0 (2022-09-27)

    Features

    v0.97.0

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    v0.96.0

    0.96.0 (2022-09-14)

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.100.0 (2022-10-18)

    Features

    • all: Auto-regenerate discovery clients (#1712) (f9e15f2)
    • all: Auto-regenerate discovery clients (#1717) (f990a2a)
    • internal/gensupport: Remove DetermineContentType, use gax-go copy (#1716) (37f90e9)

    Bug Fixes

    • idtoken: Allow missing age in http response header (#1715) (b235b1f)

    0.99.0 (2022-10-14)

    Features

    0.98.0 (2022-09-27)

    Features

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    0.96.0 (2022-09-14)

    Features

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump github.com/go-openapi/runtime from 0.23.3 to 0.24.2

    Bump github.com/go-openapi/runtime from 0.23.3 to 0.24.2

    Bumps github.com/go-openapi/runtime from 0.23.3 to 0.24.2.

    Commits
    • c12369b Merge pull request #250 from Kunde21/custom_clientresponse
    • 53ffffd Merge pull request #251 from xmac1/fix-produces-with-type-parameters
    • 1c6d707 fix produces with type parameter
    • a7d5226 client: enable configuration of client response interface
    • 5bcfe65 Merge pull request #248 from MakarandNsd/246-fix-optional-file-paramter
    • c677fec adds additional test cases for go-openapi#246
    • 930a130 Fixes #246
    • 3f9800f Merge pull request #243 from eluv-io/fix-api-errors
    • 87042d5 fix APIError to always report errors
    • 6df43e7 fix golangci-lint
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump google.golang.org/api from 0.74.0 to 0.99.0

    Bump google.golang.org/api from 0.74.0 to 0.99.0

    Bumps google.golang.org/api from 0.74.0 to 0.99.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.99.0

    0.99.0 (2022-10-14)

    Features

    v0.98.0

    0.98.0 (2022-09-27)

    Features

    v0.97.0

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    v0.96.0

    0.96.0 (2022-09-14)

    Features

    Bug Fixes

    v0.95.0

    0.95.0 (2022-09-06)

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.99.0 (2022-10-14)

    Features

    0.98.0 (2022-09-27)

    Features

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    0.96.0 (2022-09-14)

    Features

    Bug Fixes

    0.95.0 (2022-09-06)

    Features

    ... (truncated)

    Commits
    • 977e871 chore(main): release 0.99.0 (#1710)
    • 6b81c83 feat(all): auto-regenerate discovery clients (#1701)
    • 1aa1deb chore(all): update all (#1707)
    • 69fb474 chore: Update ECP dependency to 0.2.0 (#1704)
    • a4ae94d chore(main): release 0.98.0 (#1700)
    • 25b7450 feat(all): auto-regenerate discovery clients (#1699)
    • aa775b4 feat(all): auto-regenerate discovery clients (#1696)
    • faa845a chore(main): release 0.97.0 (#1694)
    • 2c3e863 fix(gensupport): allow initial request for resumable uploads to retry w/ non-...
    • f427ee3 feat(internal/gensupport): wrap retry failures with context and prev error (#...
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump github.com/labstack/echo/v4 from 4.7.2 to 4.9.1

    Bump github.com/labstack/echo/v4 from 4.7.2 to 4.9.1

    Bumps github.com/labstack/echo/v4 from 4.7.2 to 4.9.1.

    Release notes

    Sourced from github.com/labstack/echo/v4's releases.

    v4.9.1

    Fixes

    • Fix logger panicing (when template is set to empty) by bumping dependency version #2295

    Enhancements

    • Improve CORS documentation #2272
    • Update readme about supported Go versions #2291
    • Tests: improve error handling on closing body #2254
    • Tests: refactor some of the assertions in tests #2275
    • Tests: refactor assertions #2301

    v4.9.0

    Security

    • Fix open redirect vulnerability in handlers serving static directories (e.Static, e.StaticFs, echo.StaticDirectoryHandler) #2260

    Enhancements

    • Allow configuring ErrorHandler in CSRF middleware #2257
    • Replace HTTP method constants in tests with stdlib constants #2247

    v4.8.0

    Most notable things

    You can now add any arbitrary HTTP method type as a route #2237

    e.Add("COPY", "/*", func(c echo.Context) error 
      return c.String(http.StatusOK, "OK COPY")
    })
    

    You can add custom 404 handler for specific paths #2217

    e.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })
    

    g := e.Group("/images") g.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })

    Enhancements

    • Add new value binding methods (UnixTimeMilli,TextUnmarshaler,JSONUnmarshaler) to Valuebinder #2127
    • Refactor: body_limit middleware unit test #2145
    • Refactor: Timeout mw: rework how test waits for timeout. #2187
    • BasicAuth middleware returns 500 InternalServerError on invalid base64 strings but should return 400 #2191
    • Refactor: duplicated findStaticChild process at findChildWithLabel #2176
    • Allow different param names in different methods with same path scheme #2209

    ... (truncated)

    Changelog

    Sourced from github.com/labstack/echo/v4's changelog.

    v4.9.1 - 2022-10-12

    Fixes

    • Fix logger panicing (when template is set to empty) by bumping dependency version #2295

    Enhancements

    • Improve CORS documentation #2272
    • Update readme about supported Go versions #2291
    • Tests: improve error handling on closing body #2254
    • Tests: refactor some of the assertions in tests #2275
    • Tests: refactor assertions #2301

    v4.9.0 - 2022-09-04

    Security

    • Fix open redirect vulnerability in handlers serving static directories (e.Static, e.StaticFs, echo.StaticDirectoryHandler) #2260

    Enhancements

    • Allow configuring ErrorHandler in CSRF middleware #2257
    • Replace HTTP method constants in tests with stdlib constants #2247

    v4.8.0 - 2022-08-10

    Most notable things

    You can now add any arbitrary HTTP method type as a route #2237

    e.Add("COPY", "/*", func(c echo.Context) error 
      return c.String(http.StatusOK, "OK COPY")
    })
    

    You can add custom 404 handler for specific paths #2217

    e.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })
    

    g := e.Group("/images") g.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })

    Enhancements

    • Add new value binding methods (UnixTimeMilli,TextUnmarshaler,JSONUnmarshaler) to Valuebinder #2127
    • Refactor: body_limit middleware unit test #2145
    • Refactor: Timeout mw: rework how test waits for timeout. #2187

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump actions/checkout from 2.3.4 to 3.1.0

    Bump actions/checkout from 2.3.4 to 3.1.0

    Bumps actions/checkout from 2.3.4 to 3.1.0.

    Release notes

    Sourced from actions/checkout's releases.

    v3.1.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.0.2...v3.1.0

    v3.0.2

    What's Changed

    Full Changelog: https://github.com/actions/checkout/compare/v3...v3.0.2

    v3.0.1

    v3.0.0

    • Updated to the node16 runtime by default
      • This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

    v2.4.2

    What's Changed

    Full Changelog: https://github.com/actions/checkout/compare/v2...v2.4.2

    v2.4.1

    • Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

    v2.4.0

    • Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

    v2.3.5

    Update dependencies

    Changelog

    Sourced from actions/checkout's changelog.

    v3.1.0

    v3.0.2

    v3.0.1

    v3.0.0

    v2.3.1

    v2.3.0

    v2.2.0

    v2.1.1

    • Changes to support GHES (here and here)

    v2.1.0

    v2.0.0

    v2 (beta)

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump github.com/labstack/echo/v4 from 4.7.2 to 4.9.0

    Bump github.com/labstack/echo/v4 from 4.7.2 to 4.9.0

    Bumps github.com/labstack/echo/v4 from 4.7.2 to 4.9.0.

    Release notes

    Sourced from github.com/labstack/echo/v4's releases.

    v4.9.0

    Security

    • Fix open redirect vulnerability in handlers serving static directories (e.Static, e.StaticFs, echo.StaticDirectoryHandler) #2260

    Enhancements

    • Allow configuring ErrorHandler in CSRF middleware #2257
    • Replace HTTP method constants in tests with stdlib constants #2247

    v4.8.0

    Most notable things

    You can now add any arbitrary HTTP method type as a route #2237

    e.Add("COPY", "/*", func(c echo.Context) error 
      return c.String(http.StatusOK, "OK COPY")
    })
    

    You can add custom 404 handler for specific paths #2217

    e.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })
    

    g := e.Group("/images") g.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })

    Enhancements

    • Add new value binding methods (UnixTimeMilli,TextUnmarshaler,JSONUnmarshaler) to Valuebinder #2127
    • Refactor: body_limit middleware unit test #2145
    • Refactor: Timeout mw: rework how test waits for timeout. #2187
    • BasicAuth middleware returns 500 InternalServerError on invalid base64 strings but should return 400 #2191
    • Refactor: duplicated findStaticChild process at findChildWithLabel #2176
    • Allow different param names in different methods with same path scheme #2209
    • Add support for registering handlers for different 404 routes #2217
    • Middlewares should use errors.As() instead of type assertion on HTTPError #2227
    • Allow arbitrary HTTP method types to be added as routes #2237
    Changelog

    Sourced from github.com/labstack/echo/v4's changelog.

    v4.9.0 - 2022-09-04

    Security

    • Fix open redirect vulnerability in handlers serving static directories (e.Static, e.StaticFs, echo.StaticDirectoryHandler) #2260

    Enhancements

    • Allow configuring ErrorHandler in CSRF middleware #2257
    • Replace HTTP method constants in tests with stdlib constants #2247

    v4.8.0 - 2022-08-10

    Most notable things

    You can now add any arbitrary HTTP method type as a route #2237

    e.Add("COPY", "/*", func(c echo.Context) error 
      return c.String(http.StatusOK, "OK COPY")
    })
    

    You can add custom 404 handler for specific paths #2217

    e.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })
    

    g := e.Group("/images") g.RouteNotFound("/*", func(c echo.Context) error { return c.NoContent(http.StatusNotFound) })

    Enhancements

    • Add new value binding methods (UnixTimeMilli,TextUnmarshaler,JSONUnmarshaler) to Valuebinder #2127
    • Refactor: body_limit middleware unit test #2145
    • Refactor: Timeout mw: rework how test waits for timeout. #2187
    • BasicAuth middleware returns 500 InternalServerError on invalid base64 strings but should return 400 #2191
    • Refactor: duplicated findStaticChild process at findChildWithLabel #2176
    • Allow different param names in different methods with same path scheme #2209
    • Add support for registering handlers for different 404 routes #2217
    • Middlewares should use errors.As() instead of type assertion on HTTPError #2227
    • Allow arbitrary HTTP method types to be added as routes #2237
    Commits
    • 16d3b65 Changelog for 4.9.0
    • 0ac4d74 Fix #2259 open redirect vulnerability in echo.StaticDirectoryHandler (used by...
    • d77e8c0 Added ErrorHandler and ErrorHandlerWithContext in CSRF middleware (#2257)
    • 534bbb8 replace POST constance with stdlib constance
    • fb57d96 replace GET constance with stdlib constance
    • d48197d Changelog for 4.8.0
    • cba12a5 Allow arbitrary HTTP method types to be added as routes
    • a327884 add:README.md-Third-party middlewares-github.com/go-woo/protoc-gen-echo
    • 61422dd Update CI-flow (Go 1.19 +deps)
    • a9879ff Middlewares should use errors.As() instead of type assertion on HTTPError
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the Security Alerts page.
  • Bump google.golang.org/api from 0.74.0 to 0.98.0

    Bump google.golang.org/api from 0.74.0 to 0.98.0

    Bumps google.golang.org/api from 0.74.0 to 0.98.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.98.0

    0.98.0 (2022-09-27)

    Features

    v0.97.0

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    v0.96.0

    0.96.0 (2022-09-14)

    Features

    Bug Fixes

    v0.95.0

    0.95.0 (2022-09-06)

    Features

    • all: Auto-regenerate discovery clients (#1677) (8757dbf)
    • all: Auto-regenerate discovery clients (#1680) (8c72fb3)
    • option: Officially deprecate ImpersonateCredentials (#1683) (9a84077)

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.98.0 (2022-09-27)

    Features

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    0.96.0 (2022-09-14)

    Features

    Bug Fixes

    0.95.0 (2022-09-06)

    Features

    • all: Auto-regenerate discovery clients (#1677) (8757dbf)
    • all: Auto-regenerate discovery clients (#1680) (8c72fb3)
    • option: Officially deprecate ImpersonateCredentials (#1683) (9a84077)

    0.94.0 (2022-08-23)

    Features

    ... (truncated)

    Commits
    • a4ae94d chore(main): release 0.98.0 (#1700)
    • 25b7450 feat(all): auto-regenerate discovery clients (#1699)
    • aa775b4 feat(all): auto-regenerate discovery clients (#1696)
    • faa845a chore(main): release 0.97.0 (#1694)
    • 2c3e863 fix(gensupport): allow initial request for resumable uploads to retry w/ non-...
    • f427ee3 feat(internal/gensupport): wrap retry failures with context and prev error (#...
    • 6b0515b fix: build script bash error (#1697)
    • b8f2556 feat(all): auto-regenerate discovery clients (#1695)
    • a87400b feat(all): auto-regenerate discovery clients (#1693)
    • a039966 chore(main): release 0.96.0 (#1687)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump google.golang.org/api from 0.74.0 to 0.97.0

    Bump google.golang.org/api from 0.74.0 to 0.97.0

    Bumps google.golang.org/api from 0.74.0 to 0.97.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.97.0

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    v0.96.0

    0.96.0 (2022-09-14)

    Features

    Bug Fixes

    v0.95.0

    0.95.0 (2022-09-06)

    Features

    • all: Auto-regenerate discovery clients (#1677) (8757dbf)
    • all: Auto-regenerate discovery clients (#1680) (8c72fb3)
    • option: Officially deprecate ImpersonateCredentials (#1683) (9a84077)

    v0.94.0

    0.94.0 (2022-08-23)

    Features

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.97.0 (2022-09-21)

    Features

    • all: Auto-regenerate discovery clients (#1693) (a87400b)
    • all: Auto-regenerate discovery clients (#1695) (b8f2556)
    • internal/gensupport: Wrap retry failures with context and prev error (#1684) (f427ee3), refs #1685

    Bug Fixes

    • Build script bash error (#1697) (6b0515b)
    • gensupport: Allow initial request for resumable uploads to retry w/ non-nil getBody (#1690) (2c3e863)

    0.96.0 (2022-09-14)

    Features

    Bug Fixes

    0.95.0 (2022-09-06)

    Features

    • all: Auto-regenerate discovery clients (#1677) (8757dbf)
    • all: Auto-regenerate discovery clients (#1680) (8c72fb3)
    • option: Officially deprecate ImpersonateCredentials (#1683) (9a84077)

    0.94.0 (2022-08-23)

    Features

    Bug Fixes

    • storage: *int64 instead of int64 for Age cond (#1598) (9ea025d)

    ... (truncated)

    Commits
    • faa845a chore(main): release 0.97.0 (#1694)
    • 2c3e863 fix(gensupport): allow initial request for resumable uploads to retry w/ non-...
    • f427ee3 feat(internal/gensupport): wrap retry failures with context and prev error (#...
    • 6b0515b fix: build script bash error (#1697)
    • b8f2556 feat(all): auto-regenerate discovery clients (#1695)
    • a87400b feat(all): auto-regenerate discovery clients (#1693)
    • a039966 chore(main): release 0.96.0 (#1687)
    • 0f7c1ed fix: upgrade version of golang.org/x/net (#1692)
    • e801e10 feat(all): auto-regenerate discovery clients (#1689)
    • bc29a6b feat(all): auto-regenerate discovery clients (#1688)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump github.com/labstack/echo/v4 from 4.7.2 to 4.10.0

    Bump github.com/labstack/echo/v4 from 4.7.2 to 4.10.0

    Bumps github.com/labstack/echo/v4 from 4.7.2 to 4.10.0.

    Release notes

    Sourced from github.com/labstack/echo/v4's releases.

    v4.10.0

    Security

    • We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

      JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

    • This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

      Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

    Enhancements

    • Bump x/text to 0.3.8 #2305
    • Bump dependencies and add notes about Go releases we support #2336
    • Add helper interface for ProxyBalancer interface #2316
    • Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
    • Refactor func(Context) error to HandlerFunc #2315
    • Improve function comments #2329
    • Add new method HTTPError.WithInternal #2340
    • Replace io/ioutil package usages #2342
    • Add staticcheck to CI flow #2343
    • Replace relative path determination from proprietary to std #2345
    • Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
    • Add testcases for some BodyLimit middleware configuration options #2350
    • Additional configuration options for RequestLogger and Logger middleware #2341
    • Add route to request log #2162
    • GitHub Workflows security hardening #2358
    • Add govulncheck to CI and bump dependencies #2362
    • Fix rate limiter docs #2366
    • Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337

    v4.9.1

    Fixes

    • Fix logger panicing (when template is set to empty) by bumping dependency version #2295

    Enhancements

    • Improve CORS documentation #2272
    • Update readme about supported Go versions #2291
    • Tests: improve error handling on closing body #2254
    • Tests: refactor some of the assertions in tests #2275
    • Tests: refactor assertions #2301

    v4.9.0

    Security

    • Fix open redirect vulnerability in handlers serving static directories (e.Static, e.StaticFs, echo.StaticDirectoryHandler) #2260

    ... (truncated)

    Changelog

    Sourced from github.com/labstack/echo/v4's changelog.

    v4.10.0 - 2022-12-27

    Security

    • We are deprecating JWT middleware in this repository. Please use https://github.com/labstack/echo-jwt instead.

      JWT middleware is moved to separate repository to allow us to bump/upgrade version of JWT implementation (github.com/golang-jwt/jwt) we are using which we can not do in Echo core because this would break backwards compatibility guarantees we try to maintain.

    • This minor version bumps minimum Go version to 1.17 (from 1.16) due golang.org/x/ packages we depend on. There are several vulnerabilities fixed in these libraries.

      Echo still tries to support last 4 Go versions but there are occasions we can not guarantee this promise.

    Enhancements

    • Bump x/text to 0.3.8 #2305
    • Bump dependencies and add notes about Go releases we support #2336
    • Add helper interface for ProxyBalancer interface #2316
    • Expose middleware.CreateExtractors function so we can use it from echo-contrib repository #2338
    • Refactor func(Context) error to HandlerFunc #2315
    • Improve function comments #2329
    • Add new method HTTPError.WithInternal #2340
    • Replace io/ioutil package usages #2342
    • Add staticcheck to CI flow #2343
    • Replace relative path determination from proprietary to std #2345
    • Remove square brackets from ipv6 addresses in XFF (X-Forwarded-For header) #2182
    • Add testcases for some BodyLimit middleware configuration options #2350
    • Additional configuration options for RequestLogger and Logger middleware #2341
    • Add route to request log #2162
    • GitHub Workflows security hardening #2358
    • Add govulncheck to CI and bump dependencies #2362
    • Fix rate limiter docs #2366
    • Refactor how e.Routes() work and introduce e.OnAddRouteHandler callback #2337

    v4.9.1 - 2022-10-12

    Fixes

    • Fix logger panicing (when template is set to empty) by bumping dependency version #2295

    Enhancements

    • Improve CORS documentation #2272
    • Update readme about supported Go versions #2291
    • Tests: improve error handling on closing body #2254
    • Tests: refactor some of the assertions in tests #2275
    • Tests: refactor assertions #2301

    ... (truncated)

    Commits
    • f36d566 Changelog for 4.10.0
    • a69727e Mark JWT middleware deprecated
    • 0056cc8 Improve comments wording
    • 45402bb Add echo.OnAddRouteHandler field. As name says - this handler is called when ...
    • f1cf1ec Fix adding route with host overwrites default host route with same method+pat...
    • 895121d Fix rate limiter docs (#2366)
    • abecadc Merge pull request #2362 from aldas/add_govulncheck_2_ci
    • bc75cc2 Add govulncheck to CI and bump dependencies. Refactor GitHub workflows.
    • 40eb889 build: harden echo.yml permissions
    • 135c511 Add request route with "route" tag to logger middleware (#2162)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump github.com/volatiletech/sqlboiler/v4 from 4.9.2 to 4.14.0

    Bump github.com/volatiletech/sqlboiler/v4 from 4.9.2 to 4.14.0

    Bumps github.com/volatiletech/sqlboiler/v4 from 4.9.2 to 4.14.0.

    Release notes

    Sourced from github.com/volatiletech/sqlboiler/v4's releases.

    v4.14.0

    See https://github.com/volatiletech/sqlboiler/blob/HEAD/CHANGELOG.md for details.

    • Allow calling struct.Exists() without having to pass on PK fields (thanks @​MJacred)
    • Stop using deprecated methods from io/ioutil (thanks @​stefafafan)
    • Fixed correct hooks when loading relationships to-one (thanks @​parnic)

    v4.13.0

    See https://github.com/volatiletech/sqlboiler/blob/HEAD/CHANGELOG.md for details.

    • Generate IN/NIN whereHelpers for nullable types (thanks @​fdegiuli)
    • Fixed concurrent map writes in psql driver (thanks @​pavel-krush)
    • Force title case for enum null prefix (thanks @​optiman)

    v4.12.0

    See https://github.com/volatiletech/sqlboiler/blob/HEAD/CHANGELOG.md for details.

    • Fetch column and table info in parallel (thanks @​pavel-krush)
    • Generate IN/NIN methods for enum type query helpers (thanks @​optiman)
    • Improve psql performance by isolating uniqueness query (thanks @​peterldowns)
    • Support for psql materialized view (thanks @​severedsea)
    • Support loading model relationships when binding to a struct with an embedded model (thanks @​optiman)

    v4.11.0

    See https://github.com/volatiletech/sqlboiler/blob/HEAD/CHANGELOG.md for details.

    v4.10.2

    See https://github.com/volatiletech/sqlboiler/blob/HEAD/CHANGELOG.md for details.

    v4.10.1

    See https://github.com/volatiletech/sqlboiler/blob/HEAD/CHANGELOG.md for details.

    v4.10.0

    See https://github.com/volatiletech/sqlboiler/blob/HEAD/CHANGELOG.md for details.

    • Add config options to allow user defined rules for inflections
    Changelog

    Sourced from github.com/volatiletech/sqlboiler/v4's changelog.

    [v4.14.0] - 2022-12-14

    Added

    • Allow calling struct.Exists() without having to pass on PK fields (thanks @​MJacred)

    Changed

    • Stop using deprecated methods from io/ioutil (thanks @​stefafafan)

    Fixed

    • Fixed correct hooks when loading relationships to-one (thanks @​parnic)

    [v4.13.0] - 2022-08-28

    Added

    • Generate IN/NIN whereHelpers for nullable types (thanks @​fdegiuli)

    Fixed

    [v4.12.0] - 2022-07-26

    Added

    • Fetch column and table info in parallel (thanks @​pavel-krush)
    • Generate IN/NIN methods for enum type query helpers (thanks @​optiman)
    • Improve psql performance by isolating uniqueness query (thanks @​peterldowns)
    • Support for psql materialized view (thanks @​severedsea)
    • Support loading model relationships when binding to a struct with embedded model (thanks @​optiman)

    Fixed

    • Fix panic when missing primary key in table (thanks @​zapo)
    • Fix some SQLite tests by enabling shared cache (thanks @​gabe565)
    • Fix(sqlite3): narrows column.AutoGenerated to columns with INT PKs (thanks @​pbedat)
    • Fix auto-columns.deleted not replace the default deleted_at column name (thanks @​shivaluma)
    • Trim whitespace for column comments (thanks @​arp242)

    [v4.11.0] - 2022-04-25

    Added

    ... (truncated)

    Commits
    • 21e935a Update changelog and bump version
    • 91c4f33 Merge pull request #1226 from eliecharra/fix/wherein_doc
    • 0cf73d7 Fix typo in README.md
    • 332721a Merge pull request #1165 from eliaperantoni/master
    • 6792ea9 fix: fix doc for the wherein clause
    • 22497a8 Merge pull request #1220 from stefafafan/fix-ioutil-deprecations
    • ac3043d io/ioutil not needed for imports anymore
    • 53fcc42 replace ioutil.WriteFile with os.WriteFile
    • e14a9f9 replace ioutil.TempFile with os.CreateTemp
    • 84bff88 replace ioutil.TempDir with os.MkdirTemp
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump actions/checkout from 2.3.4 to 3.2.0

    Bump actions/checkout from 2.3.4 to 3.2.0

    Bumps actions/checkout from 2.3.4 to 3.2.0.

    Release notes

    Sourced from actions/checkout's releases.

    v3.2.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3...v3.2.0

    v3.1.0

    What's Changed

    New Contributors

    Full Changelog: https://github.com/actions/checkout/compare/v3.0.2...v3.1.0

    v3.0.2

    What's Changed

    Full Changelog: https://github.com/actions/checkout/compare/v3...v3.0.2

    v3.0.1

    v3.0.0

    • Updated to the node16 runtime by default
      • This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

    v2.5.0

    What's Changed

    Full Changelog: https://github.com/actions/checkout/compare/v2...v2.5.0

    ... (truncated)

    Changelog

    Sourced from actions/checkout's changelog.

    Changelog

    v3.1.0

    v3.0.2

    v3.0.1

    v3.0.0

    v2.3.1

    v2.3.0

    v2.2.0

    v2.1.1

    • Changes to support GHES (here and here)

    v2.1.0

    v2.0.0

    ... (truncated)

    Commits

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump google.golang.org/api from 0.74.0 to 0.104.0

    Bump google.golang.org/api from 0.74.0 to 0.104.0

    Bumps google.golang.org/api from 0.74.0 to 0.104.0.

    Release notes

    Sourced from google.golang.org/api's releases.

    v0.104.0

    0.104.0 (2022-12-07)

    Features

    Bug Fixes

    • idtoken: Increase MaxIdleConnsPerHost to 100 in NewClient (#1754) (629e217), refs #1744
    • transport/grpc: Separate resolution of creds and certs (#1759) (c213153)

    Documentation

    v0.103.0

    0.103.0 (2022-11-08)

    Features

    v0.102.0

    0.102.0 (2022-11-02)

    Features

    ... (truncated)

    Changelog

    Sourced from google.golang.org/api's changelog.

    0.104.0 (2022-12-07)

    Features

    Bug Fixes

    • idtoken: Increase MaxIdleConnsPerHost to 100 in NewClient (#1754) (629e217), refs #1744
    • transport/grpc: Separate resolution of creds and certs (#1759) (c213153)

    Documentation

    0.103.0 (2022-11-08)

    Features

    0.102.0 (2022-11-02)

    Features

    0.101.0 (2022-10-25)

    ... (truncated)

    Commits
    • 9255b0b chore(main): release 0.104.0 (#1748)
    • 4238314 chore: ignore some golang.org/x/* dependencies in renovate (#1772)
    • 029b659 chore(all): update all (#1768)
    • f819644 feat(all): auto-regenerate discovery clients (#1771)
    • 2b596d9 feat(all): auto-regenerate discovery clients (#1767)
    • 3195ce1 feat(all): auto-regenerate discovery clients (#1766)
    • 97a9846 feat(all): auto-regenerate discovery clients (#1760)
    • 8d8f0a7 feat(transport): de-experiment google-c2p resolver (#1757)
    • c213153 fix(transport/grpc): separate resolution of creds and certs (#1759)
    • 629e217 fix(idtoken): increase MaxIdleConnsPerHost to 100 in NewClient (#1754)
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump golang from 1.17.9-buster to 1.19.4-buster

    Bump golang from 1.17.9-buster to 1.19.4-buster

    Bumps golang from 1.17.9-buster to 1.19.4-buster.

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  • Bump github.com/go-openapi/runtime from 0.23.3 to 0.25.0

    Bump github.com/go-openapi/runtime from 0.23.3 to 0.25.0

    Bumps github.com/go-openapi/runtime from 0.23.3 to 0.25.0.

    Commits
    • da56347 clear golangci-lint warnings/errors
    • 93d335a Merge pull request #254 from josephwoodward/add-opentelemetry-support
    • f454d66 Bump go to 1.18
    • 0ebe6da Bump go version in github ci
    • f318eb6 Clean up implementation
    • 601824c Add support for setting span name
    • eef3104 Remove unused package reference
    • d09ae3b Address remaining test implementation, add functional options
    • 9aa3bfd Add scheme
    • b3ce5f1 Ensure status captures error message
    • Additional commits viewable in compare view

    Dependabot compatibility score

    Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


    Dependabot commands and options

    You can trigger Dependabot actions by commenting on this PR:

    • @dependabot rebase will rebase this PR
    • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
    • @dependabot merge will merge this PR after your CI passes on it
    • @dependabot squash and merge will squash and merge this PR after your CI passes on it
    • @dependabot cancel merge will cancel a previously requested merge and block automerging
    • @dependabot reopen will reopen this PR if it is closed
    • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
    • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
    • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
JSON Web Token library

About … a JSON Web Token (JWT) library for the Go programming language. Feature complete Full test coverage Dependency free Key management The API enf

Dec 19, 2022
Safe, simple and fast JSON Web Tokens for Go

jwt JSON Web Token for Go RFC 7519, also see jwt.io for more. The latest version is v3. Rationale There are many JWT libraries, but many of them are h

Jan 4, 2023
This package provides json web token (jwt) middleware for goLang http servers

jwt-auth jwt auth middleware in goLang. If you're interested in using sessions, checkout my sessions library! README Contents: Quickstart Performance

Dec 5, 2022
Golang implementation of JSON Web Tokens (JWT)

jwt-go A go (or 'golang' for search engine friendliness) implementation of JSON Web Tokens NEW VERSION COMING: There have been a lot of improvements s

Jan 6, 2023
A go implementation of JSON Web Tokens

jwt-go A go (or 'golang' for search engine friendliness) implementation of JSON Web Tokens NEW VERSION COMING: There have been a lot of improvements s

Jan 7, 2023
A simple and lightweight library for creating, formatting, manipulating, signing, and validating JSON Web Tokens in Go.

GoJWT - JSON Web Tokens in Go GoJWT is a simple and lightweight library for creating, formatting, manipulating, signing and validating Json Web Tokens

Nov 15, 2022
Microservice generates pair of access and refresh JSON web tokens signed by user identifier.

go-jwt-issuer Microservice generates pair access and refresh JSON web tokens signed by user identifier. ?? Deployed on Heroku Run tests: export SECRET

Nov 21, 2022
Bui api login - Bui api login in golang

bui-api-login Project setup go mod tidy -compat=1.17 .env.local OAUTH2_REDIRECT

Jan 7, 2022
A standalone, specification-compliant, OAuth2 server written in Golang.
A standalone, specification-compliant,  OAuth2 server written in Golang.

Go OAuth2 Server This service implements OAuth 2.0 specification. Excerpts from the specification are included in this README file to describe differe

Dec 28, 2022
GOAuth An Oauth consumer Written in Go V 0.0.5

GOAuth ====== This is the source code repository for the GOAuth an OAuth consumer written on the Go programming language. Copyright 2010 The GOAuth

Feb 11, 2021
HMAC-based JWT written in Go

JWT JSON Web Tokens JSON Web Tokens are an open, industry standard RFC 7519 method for representing claims securely between two parties. Usage of jwt:

Nov 16, 2021
A command-line tool to visualize a JWT token's content, written in Go

jat A command-line tool to visualize a JWT token's content, written in Go. Usage jat <some-jwt> Install Navigate to the Releases page; Download the co

Jan 6, 2022
Example App written in Golang for provide AuthZ/N using JWT

RCK Auth Application Example App written in Golang for provide Authentication & Authorization using Json Web Tokens. Run with Docker / Podman Run a Po

Feb 25, 2022
Example of a simple application which is powered by a third-party oAuth 2.0 server for it's authentication / authorization. Written in Golang.

go mod init github.com/bartmika/osin-thirdparty-example go get github.com/spf13/cobra go get github.com/openshift/osin go get github.com/openshift/osi

Jan 4, 2022
Msg is gRPC-based backend for messaging written in golang.

Msg Msg is gRPC-based backend for messaging written in golang. Goals Future goals: Implement message service which will allow users to send messages t

Jun 8, 2022
:key: Secure alternative to JWT. Authenticated Encrypted API Tokens for Go.

branca branca is a secure alternative to JWT, This implementation is written in pure Go (no cgo dependencies) and implements the branca token specific

Dec 29, 2022
Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to create powerful modern API and web authentication.

❗ Cache package has been moved to libcache repository Go-Guardian Go-Guardian is a golang library that provides a simple, clean, and idiomatic way to

Dec 23, 2022
Key-Checker - Go scripts for checking API key / access token validity
Key-Checker - Go scripts for checking API key / access token validity

Key-Checker Go scripts for checking API key / access token validity Update V1.0.0 ?? Added 37 checkers! Screenshoot ?? How to Install go get github.co

Dec 19, 2022
fiber api key authentication middleware

fiber-key-auth Secure your fiber endpoints using API keys. Report Bug · Request Feature Table of Contents About The Project Built With Getting Started

Dec 14, 2022