-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BUG] Inconsistent HTTP status code on query mismatch #712
Conversation
The logical behavour of a router should return http status code of 404 when a request fails to stisfy a route validation logics. Before this, mux was returning 405 http status code in some rare scenarios which is not a valid on its case. For more info, See: gorilla#704
Codecov Report
@@ Coverage Diff @@
## main #712 +/- ##
==========================================
- Coverage 78.44% 78.01% -0.44%
==========================================
Files 5 5
Lines 877 887 +10
==========================================
+ Hits 688 692 +4
- Misses 135 140 +5
- Partials 54 55 +1
|
Hey @coreydaley 👋 Is there anything that I can help you with in here? |
@soheilrt Thank you for the pull request, we will prioritize it's review based on the priority/severity of the associated github issue during one of our upcoming community meetings. |
[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [github.com/aws/aws-sdk-go](https://togithub.com/aws/aws-sdk-go) | require | minor | `v1.46.6` -> `v1.47.3` | | [github.com/bufbuild/protovalidate-go](https://togithub.com/bufbuild/protovalidate-go) | require | minor | `v0.3.1` -> `v0.4.0` | | [github.com/cerbos/cerbos/api/genpb](https://togithub.com/cerbos/cerbos) | require | digest | `f134903` -> `761a3dc` | | [github.com/cerbos/cloud-api](https://togithub.com/cerbos/cloud-api) | require | patch | `v0.1.8` -> `v0.1.9` | | [github.com/go-logr/zapr](https://togithub.com/go-logr/zapr) | require | minor | `v1.2.4` -> `v1.3.0` | | [github.com/gorilla/mux](https://togithub.com/gorilla/mux) | require | patch | `v1.8.0` -> `v1.8.1` | | [github.com/jackc/pgx/v5](https://togithub.com/jackc/pgx) | require | minor | `v5.4.3` -> `v5.5.0` | | [github.com/lestrrat-go/jwx/v2](https://togithub.com/lestrrat-go/jwx) | require | patch | `v2.0.15` -> `v2.0.16` | | [github.com/pterm/pterm](https://togithub.com/pterm/pterm) | require | patch | `v0.12.69` -> `v0.12.70` | | [github.com/rivo/tview](https://togithub.com/rivo/tview) | require | digest | `8b7bcf9` -> `1b91b81` | | [github.com/twmb/franz-go](https://togithub.com/twmb/franz-go) | require | patch | `v1.15.1` -> `v1.15.2` | | [github.com/vektra/mockery/v2](https://togithub.com/vektra/mockery) | require | patch | `v2.36.0` -> `v2.36.1` | | golang.org/x/sync | require | minor | `v0.4.0` -> `v0.5.0` | | [google.golang.org/genproto/googleapis/api](https://togithub.com/googleapis/go-genproto) | require | digest | `49dd2c1` -> `d783a09` | | [modernc.org/sqlite](https://gitlab.com/cznic/sqlite) | require | minor | `v1.26.0` -> `v1.27.0` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Release Notes <details> <summary>aws/aws-sdk-go (github.com/aws/aws-sdk-go)</summary> ### [`v1.47.3`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1473-2023-11-03) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.47.2...v1.47.3) \=== ##### Service Client Updates - `service/config`: Updates service API - `service/connect`: Updates service API and documentation - `service/iotwireless`: Updates service API and documentation - `service/launch-wizard`: Adds new service ### [`v1.47.2`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1472-2023-11-02) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.47.1...v1.47.2) \=== ##### Service Client Updates - `service/apprunner`: Updates service API and documentation - `service/connect`: Updates service documentation - `service/gamelift`: Updates service API and documentation - Amazon GameLift adds support for shared credentials, which allows applications that are deployed on managed EC2 fleets to interact with other AWS resources. - `service/glue`: Updates service API and documentation - This release introduces Google BigQuery Source and Target in AWS Glue CodeGenConfigurationNode. - `service/network-firewall`: Updates service API and documentation - `service/quicksight`: Updates service API and documentation - Got confirmed from qmeixua@ about custom week features, and tested locally with aws cli and java sdk that the subtypes are showing up. ##### SDK Enhancements - `aws/ec2metadata`: Added environment and shared config support for disabling IMDSv1 fallback. - Use env `AWS_EC2_METADATA_V1_DISABLED` or shared config `ec2_metadata_v1_disabled` accordingly. ### [`v1.47.1`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1471-2023-11-01) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.47.0...v1.47.1) \=== ##### Service Client Updates - `service/connect`: Updates service API, documentation, and paginators - `service/globalaccelerator`: Updates service API, documentation, and paginators - `service/rds`: Updates service API, documentation, waiters, paginators, and examples - This release adds support for customized networking resources to Amazon RDS Custom. - `service/redshift`: Updates service API and documentation - Added support for Multi-AZ deployments for Provisioned RA3 clusters that provide 99.99% SLA availability. - `service/sagemaker`: Updates service API and documentation - Support for batch transform input in Model dashboard ### [`v1.47.0`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1470-2023-10-31) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.46.7...v1.47.0) \=== ##### Service Client Updates - `service/amplify`: Updates service API, documentation, and paginators - `service/application-insights`: Updates service API and documentation - `service/ec2`: Updates service API, documentation, and paginators - Capacity Blocks for ML are a new EC2 purchasing option for reserving GPU instances on a future date to support short duration machine learning (ML) workloads. Capacity Blocks automatically place instances close together inside Amazon EC2 UltraClusters for low-latency, high-throughput networking. - `service/m2`: Updates service API and documentation - `service/neptunedata`: Updates service API and documentation - `service/translate`: Updates service API and documentation ##### SDK Features - `aws`: Bump minimum go version to 1.19. - See https://aws.amazon.com/blogs/developer/aws-sdk-for-go-aligns-with-go-release-policy-on-supported-runtimes/. ### [`v1.46.7`](https://togithub.com/aws/aws-sdk-go/blob/HEAD/CHANGELOG.md#Release-v1467-2023-10-30) [Compare Source](https://togithub.com/aws/aws-sdk-go/compare/v1.46.6...v1.46.7) \=== ##### Service Client Updates - `service/connect`: Updates service API and documentation - `service/dataexchange`: Updates service API and documentation - `service/datasync`: Updates service API and documentation - `service/finspace`: Updates service API and documentation - `service/mediapackagev2`: Updates service API and documentation - `service/rds`: Updates service API, documentation, waiters, paginators, and examples - This release launches the CreateIntegration, DeleteIntegration, and DescribeIntegrations APIs to manage zero-ETL Integrations. - `service/redshift-serverless`: Updates service API, documentation, and paginators - `service/resiliencehub`: Updates service API and documentation - `service/s3outposts`: Updates service API and documentation - `service/wisdom`: Updates service documentation </details> <details> <summary>bufbuild/protovalidate-go (github.com/bufbuild/protovalidate-go)</summary> ### [`v0.4.0`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.4.0) [Compare Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.4...v0.4.0) #### What's Changed - Fix bug where cel expression cannot compile for fields of type google.protobuf.Any by [@​oliversun9](https://togithub.com/oliversun9) in [https://github.com/bufbuild/protovalidate-go/pull/65](https://togithub.com/bufbuild/protovalidate-go/pull/65) - Link to connect/validate-go by [@​emcfarlane](https://togithub.com/emcfarlane) in [https://github.com/bufbuild/protovalidate-go/pull/66](https://togithub.com/bufbuild/protovalidate-go/pull/66) - Run CI on Go 1.19 by [@​akshayjshah](https://togithub.com/akshayjshah) in [https://github.com/bufbuild/protovalidate-go/pull/72](https://togithub.com/bufbuild/protovalidate-go/pull/72) - Use make lint in CI instead of golangci-lint action by [@​oliversun9](https://togithub.com/oliversun9) in [https://github.com/bufbuild/protovalidate-go/pull/70](https://togithub.com/bufbuild/protovalidate-go/pull/70) - Add isIpPrefix by [@​higebu](https://togithub.com/higebu) in [https://github.com/bufbuild/protovalidate-go/pull/53](https://togithub.com/bufbuild/protovalidate-go/pull/53) #### New Contributors - [@​higebu](https://togithub.com/higebu) made their first contribution in [https://github.com/bufbuild/protovalidate-go/pull/53](https://togithub.com/bufbuild/protovalidate-go/pull/53) **Full Changelog**: bufbuild/protovalidate-go@v0.3.4...v0.4.0 ### [`v0.3.4`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.3.4) [Compare Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.3...v0.3.4) #### What's Changed - Make DefaultResolver public by [@​oliversun9](https://togithub.com/oliversun9) in [https://github.com/bufbuild/protovalidate-go/pull/59](https://togithub.com/bufbuild/protovalidate-go/pull/59) - Update minimum required Go version from 1.18 to 1.19 by [@​nicksnyder](https://togithub.com/nicksnyder) in [https://github.com/bufbuild/protovalidate-go/pull/62](https://togithub.com/bufbuild/protovalidate-go/pull/62) - Fix ignore path for resolver.go by [@​nicksnyder](https://togithub.com/nicksnyder) in [https://github.com/bufbuild/protovalidate-go/pull/63](https://togithub.com/bufbuild/protovalidate-go/pull/63) #### New Contributors - [@​nicksnyder](https://togithub.com/nicksnyder) made their first contribution in [https://github.com/bufbuild/protovalidate-go/pull/62](https://togithub.com/bufbuild/protovalidate-go/pull/62) **Full Changelog**: bufbuild/protovalidate-go@v0.3.3...v0.3.4 ### [`v0.3.3`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.3.3) [Compare Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.2...v0.3.3) #### What's Changed - Update benchmarks by [@​rodaine](https://togithub.com/rodaine) in [https://github.com/bufbuild/protovalidate-go/pull/50](https://togithub.com/bufbuild/protovalidate-go/pull/50) - Bug: transitive field CEL expressions fail to resolve types during type checking by [@​rodaine](https://togithub.com/rodaine) in [https://github.com/bufbuild/protovalidate-go/pull/51](https://togithub.com/bufbuild/protovalidate-go/pull/51) - Fix loading field message when dependency is more than one step by [@​oliversun9](https://togithub.com/oliversun9) in [https://github.com/bufbuild/protovalidate-go/pull/54](https://togithub.com/bufbuild/protovalidate-go/pull/54) - Bump github.com/google/cel-go from 0.18.0 to 0.18.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bufbuild/protovalidate-go/pull/55](https://togithub.com/bufbuild/protovalidate-go/pull/55) - Make constraint resolution more flexible to different concrete extension types by [@​rodaine](https://togithub.com/rodaine) in [https://github.com/bufbuild/protovalidate-go/pull/57](https://togithub.com/bufbuild/protovalidate-go/pull/57) - Move package `celext` out of internal by [@​oliversun9](https://togithub.com/oliversun9) in [https://github.com/bufbuild/protovalidate-go/pull/56](https://togithub.com/bufbuild/protovalidate-go/pull/56) #### New Contributors - [@​oliversun9](https://togithub.com/oliversun9) made their first contribution in [https://github.com/bufbuild/protovalidate-go/pull/54](https://togithub.com/bufbuild/protovalidate-go/pull/54) **Full Changelog**: bufbuild/protovalidate-go@v0.3.2...v0.3.3 ### [`v0.3.2`](https://togithub.com/bufbuild/protovalidate-go/releases/tag/v0.3.2) [Compare Source](https://togithub.com/bufbuild/protovalidate-go/compare/v0.3.1...v0.3.2) #### What's Changed - Build validator copy cache on write by [@​emcfarlane](https://togithub.com/emcfarlane) in [https://github.com/bufbuild/protovalidate-go/pull/31](https://togithub.com/bufbuild/protovalidate-go/pull/31) - Bump github.com/google/cel-go from 0.17.4 to 0.17.6 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bufbuild/protovalidate-go/pull/39](https://togithub.com/bufbuild/protovalidate-go/pull/39) - Bump github.com/google/cel-go from 0.17.6 to 0.18.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bufbuild/protovalidate-go/pull/42](https://togithub.com/bufbuild/protovalidate-go/pull/42) - Bump buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go from 1.31.0-20230824200731-b9b8148056b9.1 to 1.31.0-20230830185350-7a34d6557349.1 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bufbuild/protovalidate-go/pull/41](https://togithub.com/bufbuild/protovalidate-go/pull/41) - Bypass deprecation lint warning by [@​akshayjshah](https://togithub.com/akshayjshah) in [https://github.com/bufbuild/protovalidate-go/pull/45](https://togithub.com/bufbuild/protovalidate-go/pull/45) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/bufbuild/protovalidate-go/pull/46](https://togithub.com/bufbuild/protovalidate-go/pull/46) - Cleanup: replace deprecated OptCheckStringFormat by [@​rodaine](https://togithub.com/rodaine) in [https://github.com/bufbuild/protovalidate-go/pull/48](https://togithub.com/bufbuild/protovalidate-go/pull/48) - Conformance: support for multiple uniques by [@​rodaine](https://togithub.com/rodaine) in [https://github.com/bufbuild/protovalidate-go/pull/49](https://togithub.com/bufbuild/protovalidate-go/pull/49) #### New Contributors - [@​emcfarlane](https://togithub.com/emcfarlane) made their first contribution in [https://github.com/bufbuild/protovalidate-go/pull/31](https://togithub.com/bufbuild/protovalidate-go/pull/31) - [@​akshayjshah](https://togithub.com/akshayjshah) made their first contribution in [https://github.com/bufbuild/protovalidate-go/pull/45](https://togithub.com/bufbuild/protovalidate-go/pull/45) **Full Changelog**: bufbuild/protovalidate-go@v0.3.1...v0.3.2 </details> <details> <summary>cerbos/cloud-api (github.com/cerbos/cloud-api)</summary> ### [`v0.1.9`](https://togithub.com/cerbos/cloud-api/compare/v0.1.8...v0.1.9) [Compare Source](https://togithub.com/cerbos/cloud-api/compare/v0.1.8...v0.1.9) </details> <details> <summary>go-logr/zapr (github.com/go-logr/zapr)</summary> ### [`v1.3.0`](https://togithub.com/go-logr/zapr/releases/tag/v1.3.0) [Compare Source](https://togithub.com/go-logr/zapr/compare/v1.2.4...v1.3.0) This release adds [support for slog](https://togithub.com/go-logr/logr#slog-interoperability). zapr implements `slogr.SlogSink` and therefore can be used through [`slogr.NewSlogHandler`](https://pkg.go.dev/github.com/go-logr/[email protected]/slogr#NewSlogHandler) as backend for slog. #### What's Changed - Added dependabot by [@​Neo2308](https://togithub.com/Neo2308) in [https://github.com/go-logr/zapr/pull/63](https://togithub.com/go-logr/zapr/pull/63) - Updated min supported version to go 1.18 by [@​Neo2308](https://togithub.com/Neo2308) in [https://github.com/go-logr/zapr/pull/62](https://togithub.com/go-logr/zapr/pull/62) - update linter config and fix issues by [@​pohly](https://togithub.com/pohly) in [https://github.com/go-logr/zapr/pull/61](https://togithub.com/go-logr/zapr/pull/61) - Bump github.com/go-logr/logr from 1.2.4 to 1.3.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/71](https://togithub.com/go-logr/zapr/pull/71) - support slog by [@​pohly](https://togithub.com/pohly) in [https://github.com/go-logr/zapr/pull/60](https://togithub.com/go-logr/zapr/pull/60) *** - Bump github.com/stretchr/testify from 1.8.0 to 1.8.4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/65](https://togithub.com/go-logr/zapr/pull/65) - Bump actions/checkout from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/66](https://togithub.com/go-logr/zapr/pull/66) - Bump actions/setup-go from 2 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/67](https://togithub.com/go-logr/zapr/pull/67) - Bump golangci/golangci-lint-action from 2 to 3 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/68](https://togithub.com/go-logr/zapr/pull/68) - Bump actions/checkout from 3 to 4 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/69](https://togithub.com/go-logr/zapr/pull/69) - Bump go.uber.org/zap from 1.24.0 to 1.25.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/64](https://togithub.com/go-logr/zapr/pull/64) - Bump go.uber.org/zap from 1.25.0 to 1.26.0 by [@​dependabot](https://togithub.com/dependabot) in [https://github.com/go-logr/zapr/pull/70](https://togithub.com/go-logr/zapr/pull/70) #### New Contributors - [@​Neo2308](https://togithub.com/Neo2308) made their first contribution in [https://github.com/go-logr/zapr/pull/63](https://togithub.com/go-logr/zapr/pull/63) - [@​dependabot](https://togithub.com/dependabot) made their first contribution in [https://github.com/go-logr/zapr/pull/65](https://togithub.com/go-logr/zapr/pull/65) **Full Changelog**: go-logr/zapr@v1.2.4...v1.3.0 </details> <details> <summary>google/cel-go (github.com/google/cel-go)</summary> ### [`v0.18.1`](https://togithub.com/google/cel-go/releases/tag/v0.18.1) [Compare Source](https://togithub.com/google/cel-go/compare/v0.18.0...v0.18.1) #### What's Changed - Add support for a relative offset within ast.SourceInfo by \[[#​836](https://togithub.com/google/cel-go/issues/836)] - Fix last optional element to be retained as an optional index while folding \[[#​841](https://togithub.com/google/cel-go/issues/841)] - Fix deprecation notice for string format validation \[[#​840](https://togithub.com/google/cel-go/issues/840)] - Update cel-spec and enable wrappers conformance tests \[[#​842](https://togithub.com/google/cel-go/issues/842)] - refactor: remove lexer and parser pools \[[#​838](https://togithub.com/google/cel-go/issues/838)] #### New Contributors - [@​TulgaCG](https://togithub.com/TulgaCG) made their first contribution in [https://github.com/google/cel-go/pull/835](https://togithub.com/google/cel-go/pull/835) - [@​aimuz](https://togithub.com/aimuz) made their first contribution in [https://github.com/google/cel-go/pull/838](https://togithub.com/google/cel-go/pull/838) **Full Changelog**: google/cel-go@v0.18.0...v0.18.1 ### [`v0.18.0`](https://togithub.com/google/cel-go/releases/tag/v0.18.0) [Compare Source](https://togithub.com/google/cel-go/compare/v0.17.7...v0.18.0) #### Features The latest release of CEL introduces validators ([#​775](https://togithub.com/google/cel-go/issues/775)) and optimizers ([#​804](https://togithub.com/google/cel-go/issues/804), [#​827](https://togithub.com/google/cel-go/issues/827)) and migrates the core CEL internals off of the protobuf expression and type representations ([#​789](https://togithub.com/google/cel-go/issues/789)). - String format validator \[[#​775](https://togithub.com/google/cel-go/issues/775)] - Create a Function that Reverses a String \[[#​796](https://togithub.com/google/cel-go/issues/796)] - Introduce pre-order / post-order visitor pattern \[[#​813](https://togithub.com/google/cel-go/issues/813)] - Add Libraries() function to Env \[[#​822](https://togithub.com/google/cel-go/issues/822)] - Static optimizer for constant folding \[[#​804](https://togithub.com/google/cel-go/issues/804)] - Inlining optimizer \[[#​827](https://togithub.com/google/cel-go/issues/827)] - FindStructTypeFields support for types.Provider \[[#​814](https://togithub.com/google/cel-go/issues/814)] #### Breaking Changes The following PR changes the API signature of the `checker.AstNode` method `Expr` to return an `ast.Expr`. - Migrate the checker.Coster to the ast.Expr \[[#​798](https://togithub.com/google/cel-go/issues/798)] #### Fixes - Nil safety checks for cel.Ast \[[#​784](https://togithub.com/google/cel-go/issues/784)] - Fix cost estimates to propagate result sizes \[[#​787](https://togithub.com/google/cel-go/issues/787)] - Catch invalid literals created from expression factories \[[#​810](https://togithub.com/google/cel-go/issues/810)] - Ensure stable ordering of overload candidates \[[#​817](https://togithub.com/google/cel-go/issues/817)] - Clarify replace with/by empty string \[[#​820](https://togithub.com/google/cel-go/issues/820)] - Fix functional exemptions for homogeneous literal checks \[[#​832](https://togithub.com/google/cel-go/issues/832)] - Fix logical operator folding that only involve literals \[[#​833](https://togithub.com/google/cel-go/issues/833)] - Upgrade go-genproto to latest \[[#​831](https://togithub.com/google/cel-go/issues/831)] #### New Contributors - [@​bboogler](https://togithub.com/bboogler) made their first contribution in [https://github.com/google/cel-go/pull/796](https://togithub.com/google/cel-go/pull/796) **Full Changelog**: google/cel-go@v0.17.1...v0.18.0 ### [`v0.17.7`](https://togithub.com/google/cel-go/releases/tag/v0.17.7) [Compare Source](https://togithub.com/google/cel-go/compare/v0.17.6...v0.17.7) #### What's Changed - Backport [#​850](https://togithub.com/google/cel-go/issues/850): Sets cost estimation and tracking options \[[#​852](https://togithub.com/google/cel-go/issues/852)] **Full Changelog**: google/cel-go@v0.17.6...v0.17.7 </details> <details> <summary>gorilla/mux (github.com/gorilla/mux)</summary> ### [`v1.8.1`](https://togithub.com/gorilla/mux/releases/tag/v1.8.1) [Compare Source](https://togithub.com/gorilla/mux/compare/v1.8.0...v1.8.1) #### What's Changed - build: CircleCI 2.1 + build matrix by [@​elithrar](https://togithub.com/elithrar) in [https://github.com/gorilla/mux/pull/595](https://togithub.com/gorilla/mux/pull/595) - Include "404" and "405" in the docs by [@​Jille](https://togithub.com/Jille) in [https://github.com/gorilla/mux/pull/602](https://togithub.com/gorilla/mux/pull/602) - docs: update README w.r.t new maintainer ask by [@​elithrar](https://togithub.com/elithrar) in [https://github.com/gorilla/mux/pull/660](https://togithub.com/gorilla/mux/pull/660) - regexp: use iota instead of hardcoded values for regexType\* by [@​michaelgrigoryan25](https://togithub.com/michaelgrigoryan25) in [https://github.com/gorilla/mux/pull/679](https://togithub.com/gorilla/mux/pull/679) - Fix `authenticationMiddleware` initialization in the `README.md` file by [@​amustaque97](https://togithub.com/amustaque97) in [https://github.com/gorilla/mux/pull/693](https://togithub.com/gorilla/mux/pull/693) - Update README.md by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/713](https://togithub.com/gorilla/mux/pull/713) - \[GPT-95] Update go version, add tools for verification and testing by [@​apoorvajagtap](https://togithub.com/apoorvajagtap) in [https://github.com/gorilla/mux/pull/718](https://togithub.com/gorilla/mux/pull/718) - Delete release-drafter.yml by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/719](https://togithub.com/gorilla/mux/pull/719) - Delete stale.yml by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/720](https://togithub.com/gorilla/mux/pull/720) - Delete AUTHORS by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/721](https://togithub.com/gorilla/mux/pull/721) - Update LICENSE by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/722](https://togithub.com/gorilla/mux/pull/722) - Updated the logo in README.md by [@​shamkarthik](https://togithub.com/shamkarthik) in [https://github.com/gorilla/mux/pull/724](https://togithub.com/gorilla/mux/pull/724) - Update LICENSE by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/723](https://togithub.com/gorilla/mux/pull/723) - Update issues.yml by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/726](https://togithub.com/gorilla/mux/pull/726) - Update issues.yml by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/727](https://togithub.com/gorilla/mux/pull/727) - run go fmt with Go 1.20 by [@​shogo82148](https://togithub.com/shogo82148) in [https://github.com/gorilla/mux/pull/725](https://togithub.com/gorilla/mux/pull/725) - Fix `Single Page Application` example in `README.md` file by [@​amustaque97](https://togithub.com/amustaque97) in [https://github.com/gorilla/mux/pull/678](https://togithub.com/gorilla/mux/pull/678) - \[BUG] Inconsistent HTTP status code on query mismatch by [@​soheilrt](https://togithub.com/soheilrt) in [https://github.com/gorilla/mux/pull/712](https://togithub.com/gorilla/mux/pull/712) - Clarify documentation examples of Route methods by [@​andrew-werdna](https://togithub.com/andrew-werdna) in [https://github.com/gorilla/mux/pull/672](https://togithub.com/gorilla/mux/pull/672) - changed the routeVariables text content. by [@​sumanpaikdev](https://togithub.com/sumanpaikdev) in [https://github.com/gorilla/mux/pull/708](https://togithub.com/gorilla/mux/pull/708) - Add GetVarNames() by [@​eh-steve](https://togithub.com/eh-steve) in [https://github.com/gorilla/mux/pull/676](https://togithub.com/gorilla/mux/pull/676) - fix SPA handler in README.md by [@​sy9](https://togithub.com/sy9) in [https://github.com/gorilla/mux/pull/733](https://togithub.com/gorilla/mux/pull/733) - update GitHub workflows by [@​coreydaley](https://togithub.com/coreydaley) in [https://github.com/gorilla/mux/pull/734](https://togithub.com/gorilla/mux/pull/734) #### New Contributors - [@​Jille](https://togithub.com/Jille) made their first contribution in [https://github.com/gorilla/mux/pull/602](https://togithub.com/gorilla/mux/pull/602) - [@​michaelgrigoryan25](https://togithub.com/michaelgrigoryan25) made their first contribution in [https://github.com/gorilla/mux/pull/679](https://togithub.com/gorilla/mux/pull/679) - [@​amustaque97](https://togithub.com/amustaque97) made their first contribution in [https://github.com/gorilla/mux/pull/693](https://togithub.com/gorilla/mux/pull/693) - [@​coreydaley](https://togithub.com/coreydaley) made their first contribution in [https://github.com/gorilla/mux/pull/713](https://togithub.com/gorilla/mux/pull/713) - [@​apoorvajagtap](https://togithub.com/apoorvajagtap) made their first contribution in [https://github.com/gorilla/mux/pull/718](https://togithub.com/gorilla/mux/pull/718) - [@​shamkarthik](https://togithub.com/shamkarthik) made their first contribution in [https://github.com/gorilla/mux/pull/724](https://togithub.com/gorilla/mux/pull/724) - [@​shogo82148](https://togithub.com/shogo82148) made their first contribution in [https://github.com/gorilla/mux/pull/725](https://togithub.com/gorilla/mux/pull/725) - [@​soheilrt](https://togithub.com/soheilrt) made their first contribution in [https://github.com/gorilla/mux/pull/712](https://togithub.com/gorilla/mux/pull/712) - [@​andrew-werdna](https://togithub.com/andrew-werdna) made their first contribution in [https://github.com/gorilla/mux/pull/672](https://togithub.com/gorilla/mux/pull/672) - [@​sumanpaikdev](https://togithub.com/sumanpaikdev) made their first contribution in [https://github.com/gorilla/mux/pull/708](https://togithub.com/gorilla/mux/pull/708) - [@​eh-steve](https://togithub.com/eh-steve) made their first contribution in [https://github.com/gorilla/mux/pull/676](https://togithub.com/gorilla/mux/pull/676) - [@​sy9](https://togithub.com/sy9) made their first contribution in [https://github.com/gorilla/mux/pull/733](https://togithub.com/gorilla/mux/pull/733) **Full Changelog**: gorilla/mux@v1.8.0...v1.8.1 </details> <details> <summary>jackc/pgx (github.com/jackc/pgx/v5)</summary> ### [`v5.5.0`](https://togithub.com/jackc/pgx/compare/v5.4.3...v5.5.0) [Compare Source](https://togithub.com/jackc/pgx/compare/v5.4.3...v5.5.0) </details> <details> <summary>lestrrat-go/jwx (github.com/lestrrat-go/jwx/v2)</summary> ### [`v2.0.16`](https://togithub.com/lestrrat-go/jwx/releases/tag/v2.0.16) [Compare Source](https://togithub.com/lestrrat-go/jwx/compare/v2.0.15...v2.0.16) v2.0.16 31 Oct 2023 [Security] * [jws] ECDSA signature verification requires us to check if the signature is of the desired length of bytes, but this check that used to exist before had been removed in #​65, resulting in certain malformed signatures to pass verification. One of the ways this could happen if R is a 31 byte integer and S is 32 byte integer, both containing the correct signature values, but R is not zero-padded. Correct = R: [ 0 , ... ] (32 bytes) S: [ ... ] (32 bytes) Wrong = R: [ ... ] (31 bytes) S: [ ... ] (32 bytes) In order for this check to pass, you would still need to have all 63 bytes populated with the correct signature. The only modification a bad actor may be able to do is to add one more byte at the end, in which case the first 32 bytes (including what would have been S's first byte) is used for R, and S would contain the rest. But this will only result in the verification to fail. Therefore this in itself should not pose any security risk, albeit allowing some illegally formated messages to be verified. * [jwk] `jwk.Key` objects now have a `Validate()` method to validate the data stored in the keys. However, this still does not necessarily mean that the key's are valid for use in cryptographic operations. If `Validate()` is successful, it only means that the keys are in the right _format_, including the presence of required fields and that certain fields have proper length, etc. [New Features] * [jws] Added `jws.WithValidateKey()` to force calling `key.Validate()` before signing or verification. * [jws] `jws.Sign()` now returns a special type of error that can hold the individual errors from the signers. The stringification is still the same as before to preserve backwards compatibility. * [jwk] Added `jwk.IsKeyValidationError` that checks if an error is an error from `key.Validate()`. [Bug Fixes] * [jwt] `jwt.ParseInsecure()` was running verification if you provided a key via `jwt.WithKey()` or `jwt.WithKeySet()` (#​1007) </details> <details> <summary>pterm/pterm (github.com/pterm/pterm)</summary> ### [`v0.12.70`](https://togithub.com/pterm/pterm/releases/tag/v0.12.70): Heatmap Printer 🎉 [Compare Source](https://togithub.com/pterm/pterm/compare/v0.12.69...v0.12.70) <!-- Release notes generated using configuration in .github/release.yml at master --> #### What's Changed ##### Exciting New Features 🎉 - Feature: Default value for interactive text input by [@​KarolosLykos](https://togithub.com/KarolosLykos) in [https://github.com/pterm/pterm/pull/577](https://togithub.com/pterm/pterm/pull/577) - Added a heatmap printer by [@​floaust](https://togithub.com/floaust) in [https://github.com/pterm/pterm/pull/487](https://togithub.com/pterm/pterm/pull/487) <img width="800" src="https://github.com/pterm/pterm/assets/56639481/c994c395-3b94-4b27-af20-4ae5fd6fc0be" /> ##### Fixes 🔧 * fix(heatmap): fix bug legend was not fully boxed by @​floau[https://github.com/pterm/pterm/pull/583](https://togithub.com/pterm/pterm/pull/583)ll/583 * fix(heatmap): fix bug legend was too long by @​floau[https://github.com/pterm/pterm/pull/585](https://togithub.com/pterm/pterm/pull/585)ll/585 **Full Changelog**: pterm/pterm@v0.12.69...v0.12.70 </details> <details> <summary>twmb/franz-go (github.com/twmb/franz-go)</summary> ### [`v1.15.2`](https://togithub.com/twmb/franz-go/blob/HEAD/CHANGELOG.md#v1152) [Compare Source](https://togithub.com/twmb/franz-go/compare/v1.15.1...v1.15.2) \=== This patch release fixes two bugs and changes Mark functions to be no-ops when not using AutoCommitMarks to avoid confusion. This also includes a minor commit further improving the sticky balancer. See the commits for more details. - [`72778cb`](https://togithub.com/twmb/franz-go/commit/72778cb) **behavior change** kgo: no-op mark functions when not using AutoCommitMarks - [`e209bb6`](https://togithub.com/twmb/franz-go/commit/e209bb6) **bugfix** kgo: pin AddPartitionsToTxn to v3 when using one transaction - [`36b4437`](https://togithub.com/twmb/franz-go/commit/36b4437) sticky: further improvements - [`af5bc1f`](https://togithub.com/twmb/franz-go/commit/af5bc1f) **bugfix** kgo: be sure to use topics when other topics are paused </details> <details> <summary>vektra/mockery (github.com/vektra/mockery/v2)</summary> ### [`v2.36.1`](https://togithub.com/vektra/mockery/releases/tag/v2.36.1) [Compare Source](https://togithub.com/vektra/mockery/compare/v2.36.0...v2.36.1) #### Changelog - [`b648c23`](https://togithub.com/vektra/mockery/commit/b648c23) Add additional test - [`0310201`](https://togithub.com/vektra/mockery/commit/0310201) Add fix for showconfig command - [`d3515d1`](https://togithub.com/vektra/mockery/commit/d3515d1) Fix bug with sub-package inheritance - [`77064ad`](https://togithub.com/vektra/mockery/commit/77064ad) Fix config bug where mockery crashes when package map is nil - [`5978bc5`](https://togithub.com/vektra/mockery/commit/5978bc5) Fix test with config initialization - [`deb4860`](https://togithub.com/vektra/mockery/commit/deb4860) Merge pull request [#​730](https://togithub.com/vektra/mockery/issues/730) from LandonTClipp/issue\_726 - [`e86d230`](https://togithub.com/vektra/mockery/commit/e86d230) Simplifying some config in interface copying code - [`726d76c`](https://togithub.com/vektra/mockery/commit/726d76c) Update running.md - [`2dd8f00`](https://togithub.com/vektra/mockery/commit/2dd8f00) Use gotestsum for better testing output </details> <details> <summary>cznic/sqlite (modernc.org/sqlite)</summary> ### [`v1.27.0`](https://gitlab.com/cznic/sqlite/compare/v1.26.0...v1.27.0) [Compare Source](https://gitlab.com/cznic/sqlite/compare/v1.26.0...v1.27.0) </details> --- ### Configuration 📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://togithub.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/cerbos/cerbos). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMS41IiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> --------- Signed-off-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Signed-off-by: Oğuzhan Durgun <[email protected]> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Oğuzhan Durgun <[email protected]>
…brary (#1034) * Use local requests instead of HTTP requests in the flow library * Update test due to behaviour change in mux See gorilla/mux#712
The logical behavior of a router should return an HTTP status code of 404 when a request fails to satisfy route validation logic. Previously, MUX was returning a 405 HTTP status code in some rare scenarios, which was not valid in its case.
For more info, See: #704
Fixes #704
Summary of Changes