Update module structure to use workspaces (#809)

* Update module structure to use workspaces * fix usage order * Remove t.Parallel * Update go versions * Update golangci-lint version * go1.19 -> golangci-lint run upgrade -> gave us a lot of new warnings * turn GOWORK=off, tweak * Add gofmt.sh * Fix tests * tweak Changes * only run gofmt for go1.19 * fix generation source * tweak order * tweak spacing * tweak spacing * tweak spacing * tweak spacing * tweak spacing * tweak spacing
lestrrat-go · Nov 15, 2022 · 8682818 · 8682818
1 parent cabe318
commit 8682818
Show file tree

Hide file tree

Showing 56 changed files with 256 additions and 164 deletions.
diff --git a/.github/workflows/benchmark.yml b/.github/workflows/benchmark.yml
@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        go: [ '1.18', '1.17', '1.16' ]
+        go: [ '1.19', '1.18', '1.17' ]
     name: "Test [ Go ${{ matrix.go }} / JSON Backend ${{ matrix.json_backend }} ]"
     steps:
       - name: Checkout repository

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -11,7 +11,7 @@ jobs:
     strategy:
       matrix:
         go_tags: [ 'stdlib', 'goccy', 'es256k', 'all']
-        go: [ '1.18', '1.17', '1.16' ]
+        go: [ '1.19', '1.18', '1.17' ]
     name: "Test [ Go ${{ matrix.go }} / Tags ${{ matrix.go_tags }} ]"
     steps:
       - name: Checkout repository
@@ -45,10 +45,12 @@ jobs:
       - name: Install jose
         run: sudo apt-get install -y --no-install-recommends jose
       - run: make generate
+      - name: make tidy
+        run: make tidy
       - name: Test with coverage
         run: make cover-${{ matrix.go_tags }}
       - name: Upload code coverage to codecov
-        if: matrix.go == '1.18'
+        if: matrix.go == '1.19'
         uses: codecov/codecov-action@v1
         with:
           file: ./coverage.out

diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -8,11 +8,11 @@ jobs:
       - uses: actions/checkout@v3
       - uses: actions/setup-go@v3
         with:
-          go-version: 1.18
+          go-version: 1.19
           check-latest: true
       - uses: golangci/golangci-lint-action@v3
         with:
-          version: v1.45.2
+          version: v1.49.0
       - name: Run go vet
         run: |
           go vet ./...
diff --git a/.github/workflows/smoke.yml b/.github/workflows/smoke.yml
@@ -14,7 +14,7 @@ jobs:
     strategy:
       matrix:
         go_tags: [ 'stdlib', 'goccy', 'es256k', 'all' ]
-        go: [ '1.18', '1.17', '1.16' ]
+        go: [ '1.19', '1.18', '1.17' ]
     name: "Smoke [ Go ${{ matrix.go }} / Tags ${{ matrix.go_tags }} ]"
     steps:
       - name: Checkout repository
@@ -41,9 +41,9 @@ jobs:
       - name: Install jose
         run: sudo apt-get install -y --no-install-recommends jose
       - run: make generate
+      - name: make tidy
+        run: make tidy
       - name: Run smoke tests
         run: make smoke-${{ matrix.go_tags }}
       - name: Check difference between generation code and commit code
         run: make check_diffs
-      - name: Run go mod tidy
-        run: go mod tidy
diff --git a/.golangci.yml b/.golangci.yml
@@ -40,6 +40,8 @@ linters:
     - nakedret
     - nestif
     - nlreturn
+    - nonamedreturns # visit this back later
+    - nosnakecase
     - paralleltest
     - scopelint # deprecated
     - tagliatelle
@@ -60,6 +62,10 @@ issues:
       text: "don't use an underscore in package name"
       linters:
         - revive
+    - path: /*.go
+      linters:
+        - contextcheck
+        - exhaustruct
     - path: /main.go
       linters:
         - errcheck

diff --git a/Changes b/Changes
@@ -4,6 +4,21 @@ Changes
 v2 has many incompatibilities with v1. To see the full list of differences between
 v1 and v2, please read the Changes-v2.md file (https://github.com/lestrrat-go/jwx/blob/develop/v2/Changes-v2.md)
 
+v2.0.7 - UNRELEASED
+[Miscellaneous]
+  * WithCompact's stringification should have been that of the
+    internal indentity struct ("WithSerialization"), but it was
+    wrongly producing "WithCompact". This has been fixed.
+  * Go Workspaces have been enabled within this module.
+    - When developing, modules will refer to the main jwx module that they
+      are part of. This allows us to explicitly specify the dependency version
+      in, for example, ./cmd/jwx/go.mod but still develop against the local version.
+    - If you are using `goimports` and other tools, you might want to upgrade
+      binaries -- for example, when using vim-go's auto-format-on-save feature,
+      my old binaries took well over 5~10 seconds to compute the import paths.
+      This was fixed when I switched to using go1.19, and upgraded the binaries
+      used by vim-go
+
 v2.0.6 - 25 Aug 2022
 [Bug fixes][Security]
   * [jwe] Agreement Party UInfo and VInfo (apv/apu) were not properly being

diff --git a/Makefile b/Makefile
@@ -2,6 +2,7 @@
 generate: 
 	@go generate
 	@$(MAKE) generate-jwa generate-jwe generate-jwk generate-jws generate-jwt
+	@./tools/cmd/gofmt.sh
 
 generate-%:
 	@go generate $(shell pwd -P)/$(patsubst generate-%,%,$@)

diff --git a/bench/performance/go.mod b/bench/performance/go.mod
@@ -1,7 +1,5 @@
 module github.com/lestrrat-go/jwx/v2/bench/performance
 
-go 1.15
+go 1.16
 
-replace github.com/lestrrat-go/jwx/v2 => ../..
-
-require github.com/lestrrat-go/jwx/v2 v2.0.0-00010101000000-000000000000
+require github.com/lestrrat-go/jwx/v2 v2.0.6
diff --git a/bench/performance/go.sum b/bench/performance/go.sum
@@ -14,6 +14,8 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG
 github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
+github.com/lestrrat-go/jwx/v2 v2.0.6 h1:RlyYNLV892Ed7+FTfj1ROoF6x7WxL965PGTHso/60G0=
+github.com/lestrrat-go/jwx/v2 v2.0.6/go.mod h1:aVrGuwEr3cp2Prw6TtQvr8sQxe+84gruID5C9TxT64Q=
 github.com/lestrrat-go/option v1.0.0 h1:WqAWL8kh8VcSoD6xjSH34/1m8yxluXQbDeKNfvFeEO4=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

diff --git a/cert/cert_test.go b/cert/cert_test.go
@@ -45,11 +45,7 @@ func TestCert(t *testing.T) {
 
 	commonName := "test.example.com"
 	template := x509.Certificate{
-		// SerialNumber is negative to ensure that negative
-		// values are parsed. This is due to the prevalence of
-		// buggy code that produces certificates with negative
-		// serial numbers.
-		SerialNumber: big.NewInt(-1),
+		SerialNumber: big.NewInt(1), // SerialNumbers must be non-negative since go1.19
 		Subject: pkix.Name{
 			CommonName:   commonName,
 			Organization: []string{"Σ Acme Co"},

diff --git a/cmd/jwx/go.mod b/cmd/jwx/go.mod
@@ -3,7 +3,7 @@ module github.com/lestrrat-go/jwx/v2/cmd/jwx
 go 1.17
 
 require (
-	github.com/lestrrat-go/jwx/v2 v2.0.0-00010101000000-000000000000
+	github.com/lestrrat-go/jwx/v2 v2.0.6
 	github.com/urfave/cli/v2 v2.3.0
 	golang.org/x/crypto v0.0.0-20220427172511-eb4f295cb31f
 )
@@ -19,5 +19,3 @@ require (
 	github.com/lestrrat-go/option v1.0.0 // indirect
 	github.com/russross/blackfriday/v2 v2.1.0 // indirect
 )
-
-replace github.com/lestrrat-go/jwx/v2 => ../..
diff --git a/cmd/jwx/go.sum b/cmd/jwx/go.sum
@@ -18,6 +18,8 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG
 github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
+github.com/lestrrat-go/jwx/v2 v2.0.6 h1:RlyYNLV892Ed7+FTfj1ROoF6x7WxL965PGTHso/60G0=
+github.com/lestrrat-go/jwx/v2 v2.0.6/go.mod h1:aVrGuwEr3cp2Prw6TtQvr8sQxe+84gruID5C9TxT64Q=
 github.com/lestrrat-go/option v1.0.0 h1:WqAWL8kh8VcSoD6xjSH34/1m8yxluXQbDeKNfvFeEO4=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

diff --git a/examples/go.mod b/examples/go.mod
@@ -1,12 +1,10 @@
 module github.com/lestrrat-go/jwx/v2/examples
 
-go 1.15
+go 1.16
 
 require (
 	github.com/cloudflare/circl v1.1.0
-	github.com/lestrrat-go/jwx/v2 v2.0.0-00010101000000-000000000000
+	github.com/lestrrat-go/jwx/v2 v2.0.6
 )
 
-replace github.com/lestrrat-go/jwx/v2 => ../
-
 replace github.com/cloudflare/circl v1.0.0 => github.com/cloudflare/circl v1.0.1-0.20210104183656-96a0695de3c3
diff --git a/examples/go.sum b/examples/go.sum
@@ -17,6 +17,8 @@ github.com/lestrrat-go/httprc v1.0.4 h1:bAZymwoZQb+Oq8MEbyipag7iSq6YIga8Wj6GOiJG
 github.com/lestrrat-go/httprc v1.0.4/go.mod h1:mwwz3JMTPBjHUkkDv/IGJ39aALInZLrhBp0X7KGUZlo=
 github.com/lestrrat-go/iter v1.0.2 h1:gMXo1q4c2pHmC3dn8LzRhJfP1ceCbgSiT9lUydIzltI=
 github.com/lestrrat-go/iter v1.0.2/go.mod h1:Momfcq3AnRlRjI5b5O8/G5/BvpzrhoFTZcn06fEOPt4=
+github.com/lestrrat-go/jwx/v2 v2.0.6 h1:RlyYNLV892Ed7+FTfj1ROoF6x7WxL965PGTHso/60G0=
+github.com/lestrrat-go/jwx/v2 v2.0.6/go.mod h1:aVrGuwEr3cp2Prw6TtQvr8sQxe+84gruID5C9TxT64Q=
 github.com/lestrrat-go/option v1.0.0 h1:WqAWL8kh8VcSoD6xjSH34/1m8yxluXQbDeKNfvFeEO4=
 github.com/lestrrat-go/option v1.0.0/go.mod h1:5ZHFbivi4xwXxhxY9XHDe2FHo6/Z7WWmtT7T5nBBp3I=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=

diff --git a/examples/jwx_with_number_example_test.go b/examples/jwx_with_number_example_test.go
@@ -1,3 +1,4 @@
+//go:build ignore
 // +build ignore
 
 package examples_test

diff --git a/internal/json/goccy.go b/internal/json/goccy.go
@@ -1,3 +1,4 @@
+//go:build jwx_goccy
 // +build jwx_goccy
 
 package json

diff --git a/jwa/elliptic_gen.go b/jwa/elliptic_gen.go
@@ -8,7 +8,7 @@ import (
 	"sync"
 )
 
-//  EllipticCurveAlgorithm represents the algorithms used for EC keys
+// EllipticCurveAlgorithm represents the algorithms used for EC keys
 type EllipticCurveAlgorithm string
 
 // Supported values for EllipticCurveAlgorithm

diff --git a/jwa/secp2561k.go b/jwa/secp2561k.go
@@ -1,3 +1,4 @@
+//go:build jwx_es256k
 // +build jwx_es256k
 
 package jwa

diff --git a/jwa/secp2561k_test.go b/jwa/secp2561k_test.go
@@ -1,3 +1,4 @@
+//go:build jwx_es256k
 // +build jwx_es256k
 
 package jwa_test

diff --git a/jwe/decrypt.go b/jwe/decrypt.go
@@ -22,6 +22,7 @@ import (
 
 // decrypter is responsible for taking various components to decrypt a message.
 // its operation is not concurrency safe. You must provide locking yourself
+//
 //nolint:govet
 type decrypter struct {
 	aad         []byte

diff --git a/jwe/interface.go b/jwe/interface.go
@@ -49,15 +49,16 @@ type stdRecipient struct {
 // For example, it is totally valid for if the protected header's
 // integrity was calculated using a non-standard line breaks:
 //
-//    {"a dummy":
-//      "protected header"}
+//	{"a dummy":
+//	  "protected header"}
 //
 // Once parsed, though, we can only serialize the protected header as:
 //
-//    {"a dummy":"protected header"}
+//	{"a dummy":"protected header"}
 //
 // which would obviously result in a contradicting integrity value
 // if we tried to re-calculate it from a parsed message.
+//
 //nolint:govet
 type Message struct {
 	// Comments on each field are taken from https://datatracker.ietf.org/doc/html/rfc7516

diff --git a/jwe/jwe.go b/jwe/jwe.go
@@ -213,8 +213,8 @@ func (b *recipientBuilder) Build(cek []byte, calg jwa.ContentEncryptionAlgorithm
 // You must pass at least one key to `jwe.Encrypt()` by using `jwe.WithKey()`
 // option.
 //
-//   jwe.Encrypt(payload, jwe.WithKey(alg, key))
-//   jwe.Encrypt(payload, jws.WithJSON(), jws.WithKey(alg1, key1), jws.WithKey(alg2, key2))
+//	jwe.Encrypt(payload, jwe.WithKey(alg, key))
+//	jwe.Encrypt(payload, jws.WithJSON(), jws.WithKey(alg1, key1), jws.WithKey(alg2, key2))
 //
 // Note that in the second example the `jws.WithJSON()` option is
 // specified as well. This is because the compact serialization
@@ -793,13 +793,13 @@ func parseCompact(buf []byte, storeProtectedHeaders bool) (*Message, error) {
 //
 // In that case you would register a custom field as follows
 //
-//   jwe.RegisterCustomField(`x-birthday`, timeT)
+//	jwe.RegisterCustomField(`x-birthday`, timeT)
 //
 // Then `hdr.Get("x-birthday")` will still return an `interface{}`,
 // but you can convert its type to `time.Time`
 //
-//   bdayif, _ := hdr.Get(`x-birthday`)
-//   bday := bdayif.(time.Time)
+//	bdayif, _ := hdr.Get(`x-birthday`)
+//	bday := bdayif.(time.Time)
 func RegisterCustomField(name string, object interface{}) {
 	registry.Register(name, object)
 }
diff --git a/jwe/key_provider.go b/jwe/key_provider.go
@@ -30,18 +30,18 @@ import (
 // The first thing that `jwe.Decrypt()` needs to do is to collect the
 // KeyProviders from the option list that the user provided (presented in pseudocode):
 //
-//   keyProviders := filterKeyProviders(options)
+//	keyProviders := filterKeyProviders(options)
 //
 // Then, remember that a JWE message may contain multiple recipients in the
 // message. For each recipient, we call on the KeyProviders to give us
 // the key(s) to use on this signature:
 //
-//   for r in msg.Recipients {
-//     for kp in keyProviders {
-//       kp.FetcKeys(ctx, sink, r, msg)
-//       ...
-//     }
-//   }
+//	for r in msg.Recipients {
+//	  for kp in keyProviders {
+//	    kp.FetcKeys(ctx, sink, r, msg)
+//	    ...
+//	  }
+//	}
 //
 // The `sink` argument passed to the KeyProvider is a temporary storage
 // for the keys (either a jwk.Key or a "raw" key). The `KeyProvider`
@@ -54,17 +54,17 @@ import (
 // you should execute the necessary checks or retrieval of keys, and
 // then send the key(s) to the sink:
 //
-//   sink.Key(alg, key)
+//	sink.Key(alg, key)
 //
 // These keys are then retrieved and tried for each signature, until
 // a match is found:
 //
-//   keys := sink.Keys()
-//   for key in keys {
-//     if decryptJWEKey(recipient.EncryptedKey(), key) {
-//       return OK
-//     }
-//   }
+//	keys := sink.Keys()
+//	for key in keys {
+//	  if decryptJWEKey(recipient.EncryptedKey(), key) {
+//	    return OK
+//	  }
+//	}
 type KeyProvider interface {
 	FetchKeys(context.Context, KeySink, Recipient, *Message) error
 }

diff --git a/jwe/options_gen.go b/jwe/options_gen.go
@@ -173,7 +173,7 @@ func (identRequireKid) String() string {
 }
 
 func (identSerialization) String() string {
-	return "WithCompact"
+	return "WithSerialization"
 }
 
 // WithCompress specifies the compression algorithm to use when encrypting

diff --git a/jwe/options_gen_test.go b/jwe/options_gen_test.go
@@ -21,5 +21,5 @@ func TestOptionIdent(t *testing.T) {
 	require.Equal(t, "WithPretty", identPretty{}.String())
 	require.Equal(t, "WithProtectedHeaders", identProtectedHeaders{}.String())
 	require.Equal(t, "WithRequireKid", identRequireKid{}.String())
-	require.Equal(t, "WithCompact", identSerialization{}.String())
+	require.Equal(t, "WithSerialization", identSerialization{}.String())
 }
diff --git a/jwk/cache.go b/jwk/cache.go
@@ -24,8 +24,8 @@ type Whitelist = httprc.Whitelist
 // Before retrieving the Set objects, the user must pre-register the
 // URLs they intend to use by calling `Register()`
 //
-//  c := jwk.NewCache(ctx)
-//  c.Register(url, options...)
+//	c := jwk.NewCache(ctx)
+//	c.Register(url, options...)
 //
 // Once registered, you can call `Get()` to retrieve the Set object.
 //
@@ -310,7 +310,6 @@ func (cs *CachedSet) Index(key Key) int {
 }
 
 func (cs *CachedSet) Keys(ctx context.Context) KeyIterator {
-	//nolint:contextcheck
 	set, err := cs.cached()
 	if err != nil {
 		return arrayiter.New(nil)
@@ -320,7 +319,6 @@ func (cs *CachedSet) Keys(ctx context.Context) KeyIterator {
 }
 
 func (cs *CachedSet) Iterate(ctx context.Context) HeaderIterator {
-	//nolint:contextcheck
 	set, err := cs.cached()
 	if err != nil {
 		return mapiter.New(nil)

diff --git a/jwk/es256k.go b/jwk/es256k.go
@@ -1,3 +1,4 @@
+//go:build jwx_es256k
 // +build jwx_es256k
 
 package jwk

diff --git a/jwk/es256k_test.go b/jwk/es256k_test.go
@@ -1,3 +1,4 @@
+//go:build jwx_es256k
 // +build jwx_es256k
 
 package jwk_test

diff --git a/jwk/interface.go b/jwk/interface.go
@@ -48,6 +48,7 @@ const (
 // If a resource contains a single JWK instead of a JWK set, private parameters
 // are stored in _both_ the resulting `jwk.Set` object and the `jwk.Key` object .
 //
+//nolint:interfacebloat
 type Set interface {
 	// AddKey adds the specified key. If the key already exists in the set,
 	// an error is returned.