From 1a157bc1502645f83e70e7afa30d5b1fd9caa437 Mon Sep 17 00:00:00 2001 From: k1LoW Date: Sat, 28 May 2022 12:52:53 +0900 Subject: [PATCH 1/3] Bump up go version --- .github/workflows/ci.yml | 6 +++--- go.mod | 2 +- go.sum | 2 -- 3 files changed, 4 insertions(+), 6 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 47574599e..5abef524c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -12,7 +12,7 @@ jobs: strategy: matrix: platform: [ubuntu-latest] - go_version: [1.17] + go_version: [1.18] runs-on: ${{ matrix.platform }} steps: - name: Set up Go ${{ matrix.go_version }} on ${{ matrix.platform }} @@ -29,7 +29,7 @@ jobs: uses: isbang/setup-awscli@v0.1.0 - name: Check out source code - uses: actions/checkout@v2 + uses: actions/checkout@v3 - name: Decrypt secrets run: gpg --quiet --batch --yes --decrypt --passphrase="$GCP_CLIENT_SECRETS_PASSPHRASE" --output $GITHUB_WORKSPACE/client_secrets.json $GITHUB_WORKSPACE/client_secrets.json.gpg @@ -65,7 +65,7 @@ jobs: strategy: matrix: platform: [windows-latest] - go_version: [1.17] + go_version: [1.18] runs-on: ${{ matrix.platform }} steps: - name: Set up Go ${{ matrix.go_version }} on ${{ matrix.platform }} diff --git a/go.mod b/go.mod index 5dc6decdb..0ca4418ad 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/k1LoW/tbls -go 1.17 +go 1.18 require ( cloud.google.com/go/bigquery v1.25.0 diff --git a/go.sum b/go.sum index db39c652d..4db5f2ed4 100644 --- a/go.sum +++ b/go.sum @@ -150,7 +150,6 @@ github.com/boombuler/barcode v1.0.0/go.mod h1:paBWMcWSl3LHKBqUq+rly7CNSldXjb2rDl github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= github.com/census-instrumentation/opencensus-proto v0.3.0 h1:t/LhUZLVitR1Ow2YOnduCsavhwFUklBMoGVYUCqmCqk= github.com/census-instrumentation/opencensus-proto v0.3.0/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU= -github.com/cespare/xxhash v1.1.0 h1:a6HrQnmkObjyL+Gs60czilIUGqrzKutQD6XZog3p+ko= github.com/cespare/xxhash v1.1.0/go.mod h1:XrSqR1VqqWfGrhpAt58auRo0WTKS1nRRg3ghfAqPWnc= github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cespare/xxhash/v2 v2.1.2 h1:YRXhKfTDauu4ajMg1TPgFO5jnlC2HCbmLXMcTG5cbYE= @@ -252,7 +251,6 @@ github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/me github.com/goccy/go-graphviz v0.0.9 h1:s/FMMJ1Joj6La3S5ApO3Jk2cwM4LpXECC2muFx3IPQQ= github.com/goccy/go-graphviz v0.0.9/go.mod h1:wXVsXxmyMQU6TN3zGRttjNn3h+iCAS7xQFC6TlNvLhk= github.com/goccy/go-json v0.4.8/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I= -github.com/goccy/go-yaml v1.9.3/go.mod h1:U/jl18uSupI5rdI2jmuCswEA2htH9eXfferR3KfscvA= github.com/goccy/go-yaml v1.9.4 h1:S0GCYjwHKVI6IHqio7QWNKNThUl6NLzFd/g8Z65Axw8= github.com/goccy/go-yaml v1.9.4/go.mod h1:U/jl18uSupI5rdI2jmuCswEA2htH9eXfferR3KfscvA= github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA= From cd84603470abe2b2dbdb7ce2e4c5a4098f848e41 Mon Sep 17 00:00:00 2001 From: k1LoW Date: Sat, 28 May 2022 13:06:12 +0900 Subject: [PATCH 2/3] Update gosec --- Makefile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Makefile b/Makefile index b039e0749..8dd8eaeb8 100644 --- a/Makefile +++ b/Makefile @@ -155,7 +155,7 @@ depsdev: go install github.com/Songmu/ghch/cmd/ghch@v0.10.2 go install github.com/xo/usql@v0.9.5 go install github.com/Songmu/gocredits/cmd/gocredits@v0.2.0 - go install github.com/securego/gosec/cmd/gosec@master + go install github.com/securego/gosec/v2/cmd/gosec@latest prerelease: git pull origin --tag From d75913a81036a21a49e16c0e61770d366043cb88 Mon Sep 17 00:00:00 2001 From: k1LoW Date: Sat, 28 May 2022 13:09:11 +0900 Subject: [PATCH 3/3] Fix gosec warn --- cmd/completion.go | 3 ++- output/md/md.go | 4 ++-- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cmd/completion.go b/cmd/completion.go index 16bb9e374..62428919f 100644 --- a/cmd/completion.go +++ b/cmd/completion.go @@ -24,6 +24,7 @@ package cmd import ( "fmt" "os" + "path/filepath" "github.com/pkg/errors" "github.com/spf13/cobra" @@ -66,7 +67,7 @@ tbls completion fish ~/.config/fish/completions/tbls.fish if out == "" { o = os.Stdout } else { - o, err = os.Create(out) + o, err = os.Create(filepath.Clean(out)) if err != nil { return errors.WithStack(err) } diff --git a/output/md/md.go b/output/md/md.go index 3c0f99be8..89db467fa 100644 --- a/output/md/md.go +++ b/output/md/md.go @@ -131,7 +131,7 @@ func Output(s *schema.Schema, c *config.Config, force bool) (e error) { } // README.md - file, err := os.Create(filepath.Join(fullPath, "README.md")) + file, err := os.Create(filepath.Clean(filepath.Join(fullPath, "README.md"))) defer func() { err := file.Close() if err != nil { @@ -156,7 +156,7 @@ func Output(s *schema.Schema, c *config.Config, force bool) (e error) { // tables for _, t := range s.Tables { - file, err := os.Create(filepath.Join(fullPath, fmt.Sprintf("%s.md", t.Name))) + file, err := os.Create(filepath.Clean(filepath.Join(fullPath, fmt.Sprintf("%s.md", t.Name)))) if err != nil { _ = file.Close() return errors.WithStack(err)