Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

gzhttp: Use SHA256 as paranoid option #769

Merged
merged 1 commit into from
Mar 8, 2023
Merged

Conversation

klauspost
Copy link
Owner

Paranoid?

The padding size is determined by the remainder of a CRC32 of the content.

Since the payload contains elements unknown to the attacker, there is no reason to believe they can derive any information from this remainder, or predict it.

However, for those that feel uncomfortable with a CRC32 being used for this can enable "paranoid" mode which will use SHA256 for determining the padding.

The hashing itself is about 2 orders of magnitude slower, but in overall terms will maybe only reduce speed by 10%.

Paranoid mode has no effect if buffer is < 0 (non-content aware padding).

2K payload roundtrip difference:

Benchmark2kJitter-32    	   67309	     17580 ns/op	 116.50 MB/s	    3478 B/op	      17 allocs/op
Benchmark2kJitterParanoid-32    	   54398	     21564 ns/op	  94.97 MB/s	    3438 B/op	      16 allocs

```
Benchmark2kJitter-32    	   67309	     17580 ns/op	 116.50 MB/s	    3478 B/op	      17 allocs/op
Benchmark2kJitterParanoid-32    	   54398	     21564 ns/op	  94.97 MB/s	    3438 B/op	      16 allocs
```

### Paranoid?

The padding size is determined by the remainder of a CRC32 of the content.

Since the payload contains elements unknown to the attacker, there is no reason to believe they can derive any information
from this remainder, or predict it.

However, for those that feel uncomfortable with a CRC32 being used for this can enable "paranoid" mode which will use SHA256 for determining the padding.

The hashing itself is about 2 orders of magnitude slower, but in overall terms will maybe only reduce speed by 10%.

Paranoid mode has no effect if buffer is < 0 (non-content aware padding).
@klauspost klauspost changed the title gzhttp: Add SHA256 as paranoid option gzhttp: Use SHA256 as paranoid option Mar 7, 2023
@greatroar
Copy link
Contributor

Wouldn't xxhash serve just as well? That's ~4x faster, according to xxhashbench.

@klauspost
Copy link
Owner Author

@greatroar

Not here:

Benchmark1KSum64-32    	16388875	        72.98 ns/op	14031.83 MB/s
BenchmarkCRC32/poly=Castagnoli/size=1kB/align=0-32      23923491                49.85 ns/op     20543.17 MB/s

Benchie similar to the CRC32 one:

func Benchmark1KSum64(b *testing.B) {
	data := make([]byte, 1024)
	b.SetBytes(1024)

	h := New()
	in := make([]byte, 0, h.Size())

	// Warm up
	h.Reset()
	h.Write(data)
	h.Sum(in)
	in = in[:0]
	for i := 0; i < b.N; i++ {
		h.Reset()
		h.Write(data)
		h.Sum(in)
	}
}

@klauspost klauspost merged commit 0f734cf into master Mar 8, 2023
@klauspost klauspost deleted the add-paranoid-option branch March 8, 2023 09:25
kodiakhq bot referenced this pull request in cloudquery/filetypes Apr 1, 2023
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/klauspost/compress](https://togithub.com/klauspost/compress) | indirect | patch | `v1.16.0` -> `v1.16.3` |

---

### ⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the Dependency Dashboard for more information.

---

### Release Notes

<details>
<summary>klauspost/compress</summary>

### [`v1.16.3`](https://togithub.com/klauspost/compress/releases/tag/v1.16.3)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.2...v1.16.3)

**Full Changelog**: klauspost/compress@v1.16.2...v1.16.3

### [`v1.16.2`](https://togithub.com/klauspost/compress/releases/tag/v1.16.2)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.1...v1.16.2)

#### What's Changed

-   Fix Goreleaser permissions by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/777](https://togithub.com/klauspost/compress/pull/777)

**Full Changelog**: klauspost/compress@v1.16.1...v1.16.2

### [`v1.16.1`](https://togithub.com/klauspost/compress/releases/tag/v1.16.1)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.0...v1.16.1)

#### What's Changed

-   zstd: Speed up + improve best encoder by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/776](https://togithub.com/klauspost/compress/pull/776)
-   s2: Add Intel LZ4s converter by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/766](https://togithub.com/klauspost/compress/pull/766)
-   gzhttp: Add BREACH mitigation by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/762](https://togithub.com/klauspost/compress/pull/762)
-   gzhttp: Remove a few unneeded allocs by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/768](https://togithub.com/klauspost/compress/pull/768)
-   gzhttp: Fix crypto/rand.Read usage by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/770](https://togithub.com/klauspost/compress/pull/770)
-   gzhttp: Use SHA256 as paranoid option by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/769](https://togithub.com/klauspost/compress/pull/769)
-   gzhttp: Use strings for randomJitter to skip a copy by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/767](https://togithub.com/klauspost/compress/pull/767)
-   zstd: Fix ineffective block size check by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/771](https://togithub.com/klauspost/compress/pull/771)
-   zstd: Check FSE init values by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/772](https://togithub.com/klauspost/compress/pull/772)
-   zstd: Report EOF from byteBuf.readBig by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/773](https://togithub.com/klauspost/compress/pull/773)
-   huff0: Speed up compress1xDo by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/774](https://togithub.com/klauspost/compress/pull/774)
-   tests: Remove fuzz printing by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/775](https://togithub.com/klauspost/compress/pull/775)
-   tests: Add CICD Fuzz testing by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/763](https://togithub.com/klauspost/compress/pull/763)
-   ci: set minimal permissions to GitHub Workflows by [@&#8203;diogoteles08](https://togithub.com/diogoteles08) in [https://github.com/klauspost/compress/pull/765](https://togithub.com/klauspost/compress/pull/765)

#### New Contributors

-   [@&#8203;diogoteles08](https://togithub.com/diogoteles08) made their first contribution in [https://github.com/klauspost/compress/pull/765](https://togithub.com/klauspost/compress/pull/765)

**Full Changelog**: klauspost/compress@v1.16.0...v1.16.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 3am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNC4xNTQuMCIsInVwZGF0ZWRJblZlciI6IjM0LjE1NC4wIn0=-->
kodiakhq bot referenced this pull request in cloudquery/plugin-sdk Jul 1, 2023
)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/klauspost/compress](https://togithub.com/klauspost/compress) | indirect | patch | `v1.16.0` -> `v1.16.6` |

---

### Release Notes

<details>
<summary>klauspost/compress (github.com/klauspost/compress)</summary>

### [`v1.16.6`](https://togithub.com/klauspost/compress/releases/tag/v1.16.6)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.5...v1.16.6)

#### What's Changed

-   zstd: correctly ignore WithEncoderPadding(1) by [@&#8203;ianlancetaylor](https://togithub.com/ianlancetaylor) in [https://github.com/klauspost/compress/pull/806](https://togithub.com/klauspost/compress/pull/806)
-   gzhttp: Handle informational headers by [@&#8203;rtribotte](https://togithub.com/rtribotte) in [https://github.com/klauspost/compress/pull/815](https://togithub.com/klauspost/compress/pull/815)
-   zstd: Add amd64 match length assembly by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/824](https://togithub.com/klauspost/compress/pull/824)
-   s2: Improve Better compression slightly by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/663](https://togithub.com/klauspost/compress/pull/663)
-   s2: Clean up matchlen assembly by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/825](https://togithub.com/klauspost/compress/pull/825)

#### New Contributors

-   [@&#8203;rtribotte](https://togithub.com/rtribotte) made their first contribution in [https://github.com/klauspost/compress/pull/815](https://togithub.com/klauspost/compress/pull/815)
-   [@&#8203;dveeden](https://togithub.com/dveeden) made their first contribution in [https://github.com/klauspost/compress/pull/816](https://togithub.com/klauspost/compress/pull/816)

**Full Changelog**: klauspost/compress@v1.16.5...v1.16.6

### [`v1.16.5`](https://togithub.com/klauspost/compress/releases/tag/v1.16.5)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.4...v1.16.5)

#### What's Changed

-   zstd: readByte needs to use io.ReadFull by [@&#8203;jnoxon](https://togithub.com/jnoxon) in [https://github.com/klauspost/compress/pull/802](https://togithub.com/klauspost/compress/pull/802)
-   gzip: Fix WriterTo after initial read by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/804](https://togithub.com/klauspost/compress/pull/804)

#### New Contributors

-   [@&#8203;jnoxon](https://togithub.com/jnoxon) made their first contribution in [https://github.com/klauspost/compress/pull/802](https://togithub.com/klauspost/compress/pull/802)

**Full Changelog**: klauspost/compress@v1.16.4...v1.16.5

### [`v1.16.4`](https://togithub.com/klauspost/compress/releases/tag/v1.16.4)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.3...v1.16.4)

#### What's Changed

-   s2: Fix huge block overflow by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/779](https://togithub.com/klauspost/compress/pull/779)
-   s2: Allow CustomEncoder fallback by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/780](https://togithub.com/klauspost/compress/pull/780)
-   zstd: Fix amd64 not always detecting corrupt data by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/785](https://togithub.com/klauspost/compress/pull/785)
-   zstd: Improve zstd best efficiency by [@&#8203;klauspost](https://togithub.com/klauspost) and [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/784](https://togithub.com/klauspost/compress/pull/784)
-   zstd: Make load(32|64)32 safer and smaller by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/788](https://togithub.com/klauspost/compress/pull/788)
-   zstd: Fix quick reject on long backmatches by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/787](https://togithub.com/klauspost/compress/pull/787)
-   zstd: Revert table size change  by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/789](https://togithub.com/klauspost/compress/pull/789)
-   zstd: Respect WithAllLitEntropyCompression by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/792](https://togithub.com/klauspost/compress/pull/792)
-   zstd: Fix back-referenced offset by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/793](https://togithub.com/klauspost/compress/pull/793)
-   zstd: Load source value at start of loop by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/794](https://togithub.com/klauspost/compress/pull/794)
-   zstd: Shorten checksum code by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/795](https://togithub.com/klauspost/compress/pull/795)
-   zstd: Fix fallback on incompressible block by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/798](https://togithub.com/klauspost/compress/pull/798)
-   gzhttp: Suppport ResponseWriter Unwrap() in gzhttp handler by [@&#8203;jgimenez](https://togithub.com/jgimenez) in [https://github.com/klauspost/compress/pull/799](https://togithub.com/klauspost/compress/pull/799)

#### New Contributors

-   [@&#8203;jgimenez](https://togithub.com/jgimenez) made their first contribution in [https://github.com/klauspost/compress/pull/799](https://togithub.com/klauspost/compress/pull/799)

**Full Changelog**: klauspost/compress@v1.16.3...v1.16.4

### [`v1.16.3`](https://togithub.com/klauspost/compress/releases/tag/v1.16.3)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.2...v1.16.3)

**Full Changelog**: klauspost/compress@v1.16.2...v1.16.3

### [`v1.16.2`](https://togithub.com/klauspost/compress/releases/tag/v1.16.2)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.1...v1.16.2)

#### What's Changed

-   Fix Goreleaser permissions by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/777](https://togithub.com/klauspost/compress/pull/777)

**Full Changelog**: klauspost/compress@v1.16.1...v1.16.2

### [`v1.16.1`](https://togithub.com/klauspost/compress/releases/tag/v1.16.1)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.0...v1.16.1)

#### What's Changed

-   zstd: Speed up + improve best encoder by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/776](https://togithub.com/klauspost/compress/pull/776)
-   s2: Add Intel LZ4s converter by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/766](https://togithub.com/klauspost/compress/pull/766)
-   gzhttp: Add BREACH mitigation by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/762](https://togithub.com/klauspost/compress/pull/762)
-   gzhttp: Remove a few unneeded allocs by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/768](https://togithub.com/klauspost/compress/pull/768)
-   gzhttp: Fix crypto/rand.Read usage by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/770](https://togithub.com/klauspost/compress/pull/770)
-   gzhttp: Use SHA256 as paranoid option by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/769](https://togithub.com/klauspost/compress/pull/769)
-   gzhttp: Use strings for randomJitter to skip a copy by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/767](https://togithub.com/klauspost/compress/pull/767)
-   zstd: Fix ineffective block size check by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/771](https://togithub.com/klauspost/compress/pull/771)
-   zstd: Check FSE init values by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/772](https://togithub.com/klauspost/compress/pull/772)
-   zstd: Report EOF from byteBuf.readBig by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/773](https://togithub.com/klauspost/compress/pull/773)
-   huff0: Speed up compress1xDo by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/774](https://togithub.com/klauspost/compress/pull/774)
-   tests: Remove fuzz printing by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/775](https://togithub.com/klauspost/compress/pull/775)
-   tests: Add CICD Fuzz testing by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/763](https://togithub.com/klauspost/compress/pull/763)
-   ci: set minimal permissions to GitHub Workflows by [@&#8203;diogoteles08](https://togithub.com/diogoteles08) in [https://github.com/klauspost/compress/pull/765](https://togithub.com/klauspost/compress/pull/765)

#### New Contributors

-   [@&#8203;diogoteles08](https://togithub.com/diogoteles08) made their first contribution in [https://github.com/klauspost/compress/pull/765](https://togithub.com/klauspost/compress/pull/765)

**Full Changelog**: klauspost/compress@v1.16.0...v1.16.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNS4xNTEuMCIsInVwZGF0ZWRJblZlciI6IjM1LjE1MS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->
kodiakhq bot referenced this pull request in cloudquery/plugin-pb-go Aug 1, 2023
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/klauspost/compress](https://togithub.com/klauspost/compress) | indirect | minor | `v1.15.15` -> `v1.16.7` |

---

### Release Notes

<details>
<summary>klauspost/compress (github.com/klauspost/compress)</summary>

### [`v1.16.7`](https://togithub.com/klauspost/compress/releases/tag/v1.16.7)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.6...v1.16.7)

#### What's Changed

-   zstd: Fix default level first dictionary encode by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/829](https://togithub.com/klauspost/compress/pull/829)
-   docs: Fix typo in security advisory URL by [@&#8203;vcabbage](https://togithub.com/vcabbage) in [https://github.com/klauspost/compress/pull/830](https://togithub.com/klauspost/compress/pull/830)
-   s2: add GetBufferCapacity() method by [@&#8203;GiedriusS](https://togithub.com/GiedriusS) in [https://github.com/klauspost/compress/pull/832](https://togithub.com/klauspost/compress/pull/832)

#### New Contributors

-   [@&#8203;vcabbage](https://togithub.com/vcabbage) made their first contribution in [https://github.com/klauspost/compress/pull/830](https://togithub.com/klauspost/compress/pull/830)
-   [@&#8203;GiedriusS](https://togithub.com/GiedriusS) made their first contribution in [https://github.com/klauspost/compress/pull/832](https://togithub.com/klauspost/compress/pull/832)

**Full Changelog**: klauspost/compress@v1.16.6...v1.16.7

### [`v1.16.6`](https://togithub.com/klauspost/compress/releases/tag/v1.16.6)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.5...v1.16.6)

#### What's Changed

-   zstd: correctly ignore WithEncoderPadding(1) by [@&#8203;ianlancetaylor](https://togithub.com/ianlancetaylor) in [https://github.com/klauspost/compress/pull/806](https://togithub.com/klauspost/compress/pull/806)
-   gzhttp: Handle informational headers by [@&#8203;rtribotte](https://togithub.com/rtribotte) in [https://github.com/klauspost/compress/pull/815](https://togithub.com/klauspost/compress/pull/815)
-   zstd: Add amd64 match length assembly by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/824](https://togithub.com/klauspost/compress/pull/824)
-   s2: Improve Better compression slightly by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/663](https://togithub.com/klauspost/compress/pull/663)
-   s2: Clean up matchlen assembly by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/825](https://togithub.com/klauspost/compress/pull/825)

#### New Contributors

-   [@&#8203;rtribotte](https://togithub.com/rtribotte) made their first contribution in [https://github.com/klauspost/compress/pull/815](https://togithub.com/klauspost/compress/pull/815)
-   [@&#8203;dveeden](https://togithub.com/dveeden) made their first contribution in [https://github.com/klauspost/compress/pull/816](https://togithub.com/klauspost/compress/pull/816)

**Full Changelog**: klauspost/compress@v1.16.5...v1.16.6

### [`v1.16.5`](https://togithub.com/klauspost/compress/releases/tag/v1.16.5)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.4...v1.16.5)

#### What's Changed

-   zstd: readByte needs to use io.ReadFull by [@&#8203;jnoxon](https://togithub.com/jnoxon) in [https://github.com/klauspost/compress/pull/802](https://togithub.com/klauspost/compress/pull/802)
-   gzip: Fix WriterTo after initial read by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/804](https://togithub.com/klauspost/compress/pull/804)

#### New Contributors

-   [@&#8203;jnoxon](https://togithub.com/jnoxon) made their first contribution in [https://github.com/klauspost/compress/pull/802](https://togithub.com/klauspost/compress/pull/802)

**Full Changelog**: klauspost/compress@v1.16.4...v1.16.5

### [`v1.16.4`](https://togithub.com/klauspost/compress/releases/tag/v1.16.4)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.3...v1.16.4)

#### What's Changed

-   s2: Fix huge block overflow by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/779](https://togithub.com/klauspost/compress/pull/779)
-   s2: Allow CustomEncoder fallback by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/780](https://togithub.com/klauspost/compress/pull/780)
-   zstd: Fix amd64 not always detecting corrupt data by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/785](https://togithub.com/klauspost/compress/pull/785)
-   zstd: Improve zstd best efficiency by [@&#8203;klauspost](https://togithub.com/klauspost) and [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/784](https://togithub.com/klauspost/compress/pull/784)
-   zstd: Make load(32|64)32 safer and smaller by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/788](https://togithub.com/klauspost/compress/pull/788)
-   zstd: Fix quick reject on long backmatches by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/787](https://togithub.com/klauspost/compress/pull/787)
-   zstd: Revert table size change  by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/789](https://togithub.com/klauspost/compress/pull/789)
-   zstd: Respect WithAllLitEntropyCompression by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/792](https://togithub.com/klauspost/compress/pull/792)
-   zstd: Fix back-referenced offset by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/793](https://togithub.com/klauspost/compress/pull/793)
-   zstd: Load source value at start of loop by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/794](https://togithub.com/klauspost/compress/pull/794)
-   zstd: Shorten checksum code by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/795](https://togithub.com/klauspost/compress/pull/795)
-   zstd: Fix fallback on incompressible block by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/798](https://togithub.com/klauspost/compress/pull/798)
-   gzhttp: Suppport ResponseWriter Unwrap() in gzhttp handler by [@&#8203;jgimenez](https://togithub.com/jgimenez) in [https://github.com/klauspost/compress/pull/799](https://togithub.com/klauspost/compress/pull/799)

#### New Contributors

-   [@&#8203;jgimenez](https://togithub.com/jgimenez) made their first contribution in [https://github.com/klauspost/compress/pull/799](https://togithub.com/klauspost/compress/pull/799)

**Full Changelog**: klauspost/compress@v1.16.3...v1.16.4

### [`v1.16.3`](https://togithub.com/klauspost/compress/releases/tag/v1.16.3)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.2...v1.16.3)

**Full Changelog**: klauspost/compress@v1.16.2...v1.16.3

### [`v1.16.2`](https://togithub.com/klauspost/compress/releases/tag/v1.16.2)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.1...v1.16.2)

#### What's Changed

-   Fix Goreleaser permissions by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/777](https://togithub.com/klauspost/compress/pull/777)

**Full Changelog**: klauspost/compress@v1.16.1...v1.16.2

### [`v1.16.1`](https://togithub.com/klauspost/compress/releases/tag/v1.16.1)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.16.0...v1.16.1)

#### What's Changed

-   zstd: Speed up + improve best encoder by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/776](https://togithub.com/klauspost/compress/pull/776)
-   s2: Add Intel LZ4s converter by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/766](https://togithub.com/klauspost/compress/pull/766)
-   gzhttp: Add BREACH mitigation by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/762](https://togithub.com/klauspost/compress/pull/762)
-   gzhttp: Remove a few unneeded allocs by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/768](https://togithub.com/klauspost/compress/pull/768)
-   gzhttp: Fix crypto/rand.Read usage by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/770](https://togithub.com/klauspost/compress/pull/770)
-   gzhttp: Use SHA256 as paranoid option by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/769](https://togithub.com/klauspost/compress/pull/769)
-   gzhttp: Use strings for randomJitter to skip a copy by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/767](https://togithub.com/klauspost/compress/pull/767)
-   zstd: Fix ineffective block size check by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/771](https://togithub.com/klauspost/compress/pull/771)
-   zstd: Check FSE init values by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/772](https://togithub.com/klauspost/compress/pull/772)
-   zstd: Report EOF from byteBuf.readBig by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/773](https://togithub.com/klauspost/compress/pull/773)
-   huff0: Speed up compress1xDo by [@&#8203;greatroar](https://togithub.com/greatroar) in [https://github.com/klauspost/compress/pull/774](https://togithub.com/klauspost/compress/pull/774)
-   tests: Remove fuzz printing by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/775](https://togithub.com/klauspost/compress/pull/775)
-   tests: Add CICD Fuzz testing by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/763](https://togithub.com/klauspost/compress/pull/763)
-   ci: set minimal permissions to GitHub Workflows by [@&#8203;diogoteles08](https://togithub.com/diogoteles08) in [https://github.com/klauspost/compress/pull/765](https://togithub.com/klauspost/compress/pull/765)

#### New Contributors

-   [@&#8203;diogoteles08](https://togithub.com/diogoteles08) made their first contribution in [https://github.com/klauspost/compress/pull/765](https://togithub.com/klauspost/compress/pull/765)

**Full Changelog**: klauspost/compress@v1.16.0...v1.16.1

### [`v1.16.0`](https://togithub.com/klauspost/compress/releases/tag/v1.16.0)

[Compare Source](https://togithub.com/klauspost/compress/compare/v1.15.15...v1.16.0)

#### What's Changed

-   s2: Add Dictionary support by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/685](https://togithub.com/klauspost/compress/pull/685)
-   s2: Add Compression Size Estimate by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/752](https://togithub.com/klauspost/compress/pull/752)
-   s2: Add support for custom stream encoder by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/755](https://togithub.com/klauspost/compress/pull/755)
-   s2: Add LZ4 block converter by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/748](https://togithub.com/klauspost/compress/pull/748)
-   s2: Support io.ReaderAt in ReadSeeker by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/747](https://togithub.com/klauspost/compress/pull/747)
-   s2c/s2sx: Use concurrent decoding by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/746](https://togithub.com/klauspost/compress/pull/746)
-   tests: Upgrade to Go 1.20 by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/749](https://togithub.com/klauspost/compress/pull/749)
-   Update all (command) dependencies by [@&#8203;klauspost](https://togithub.com/klauspost) in [https://github.com/klauspost/compress/pull/758](https://togithub.com/klauspost/compress/pull/758)

**Full Changelog**: klauspost/compress@v1.15.15...v1.16.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://togithub.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi4yNi4xIiwidXBkYXRlZEluVmVyIjoiMzYuMjYuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants