Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 (#1269)

* Bump golangci/golangci-lint-action from 6.1.1 to 6.2.0 Bumps [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) from 6.1.1 to 6.2.0. - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@971e284...ec5d184) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]> * appease linter --------- Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Daisuke Maki <[email protected]>
lestrrat-go · Jan 20, 2025 · fea42b5 · fea42b5
1 parent 19d4fae
commit fea42b5
Show file tree

Hide file tree

Showing 8 changed files with 27 additions and 33 deletions.
diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml
@@ -9,7 +9,7 @@ jobs:
       - uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
           go-version-file: "go.mod"
-      - uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
+      - uses: golangci/golangci-lint-action@ec5d18412c0aeab7936cb16880d708ba2a64e1ae # v6.2.0
       - name: Run go vet
         run: |
           go vet ./...
diff --git a/internal/jose/jose.go b/internal/jose/jose.go
@@ -125,7 +125,7 @@ func Algorithms(ctx context.Context, t *testing.T) (*AlgorithmSet, error) {
 func GenerateJwk(ctx context.Context, t *testing.T, template string) (string, func(), error) {
 	t.Helper()
 
-	file, cleanup, err := jwxtest.CreateTempFile("jwx-jose-key-*.jwk")
+	file, cleanup, err := jwxtest.CreateTempFile(t.TempDir(), "jwx-jose-key-*.jwk")
 	if err != nil {
 		return "", nil, fmt.Errorf(`failed to create temporary file: %w`, err)
 	}
@@ -158,7 +158,7 @@ func EncryptJwe(ctx context.Context, t *testing.T, payload []byte, alg string, k
 
 	var pfile string
 	if len(payload) > 0 {
-		fn, pcleanup, perr := jwxtest.WriteFile("jwx-jose-payload-*", bytes.NewReader(payload))
+		fn, pcleanup, perr := jwxtest.WriteFile(t.TempDir(), "jwx-jose-payload-*", bytes.NewReader(payload))
 		if perr != nil {
 			return "", nil, fmt.Errorf(`failed to write payload to file: %w`, perr)
 		}
@@ -168,7 +168,7 @@ func EncryptJwe(ctx context.Context, t *testing.T, payload []byte, alg string, k
 		defer pcleanup()
 	}
 
-	ofile, ocleanup, oerr := jwxtest.CreateTempFile(`jwx-jose-key-*.jwe`)
+	ofile, ocleanup, oerr := jwxtest.CreateTempFile(t.TempDir(), `jwx-jose-key-*.jwe`)
 	if oerr != nil {
 		return "", nil, fmt.Errorf(`failed to create temporary file: %w`, oerr)
 	}
@@ -205,7 +205,7 @@ func DecryptJwe(ctx context.Context, t *testing.T, cfile, kfile string) ([]byte,
 func FmtJwe(ctx context.Context, t *testing.T, data []byte) ([]byte, error) {
 	t.Helper()
 
-	fn, pcleanup, perr := jwxtest.WriteFile("jwx-jose-fmt-data-*", bytes.NewReader(data))
+	fn, pcleanup, perr := jwxtest.WriteFile(t.TempDir(), "jwx-jose-fmt-data-*", bytes.NewReader(data))
 	if perr != nil {
 		return nil, fmt.Errorf(`failed to write data to file: %w`, perr)
 	}
@@ -237,7 +237,7 @@ func SignJws(ctx context.Context, t *testing.T, payload []byte, keyfile string,
 
 	var pfile string
 	if len(payload) > 0 {
-		fn, pcleanup, perr := jwxtest.WriteFile("jwx-jose-payload-*", bytes.NewReader(payload))
+		fn, pcleanup, perr := jwxtest.WriteFile(t.TempDir(), "jwx-jose-payload-*", bytes.NewReader(payload))
 		if perr != nil {
 			return "", nil, fmt.Errorf(`failed to write payload to file: %w`, perr)
 		}
@@ -247,7 +247,7 @@ func SignJws(ctx context.Context, t *testing.T, payload []byte, keyfile string,
 		defer pcleanup()
 	}
 
-	ofile, ocleanup, oerr := jwxtest.CreateTempFile(`jwx-jose-sig-*.jws`)
+	ofile, ocleanup, oerr := jwxtest.CreateTempFile(t.TempDir(), `jwx-jose-sig-*.jws`)
 	if oerr != nil {
 		return "", nil, fmt.Errorf(`failed to create temporary file: %w`, oerr)
 	}

diff --git a/internal/jwxtest/jwxtest.go b/internal/jwxtest/jwxtest.go
@@ -135,8 +135,8 @@ func GenerateX25519Jwk() (jwk.Key, error) {
 	return k, nil
 }
 
-func WriteFile(template string, src io.Reader) (string, func(), error) {
-	file, cleanup, err := CreateTempFile(template)
+func WriteFile(dir, template string, src io.Reader) (string, func(), error) {
+	file, cleanup, err := CreateTempFile(dir, template)
 	if err != nil {
 		return "", nil, fmt.Errorf(`failed to create temporary file: %w`, err)
 	}
@@ -153,14 +153,14 @@ func WriteFile(template string, src io.Reader) (string, func(), error) {
 	return file.Name(), cleanup, nil
 }
 
-func WriteJSONFile(template string, v interface{}) (string, func(), error) {
+func WriteJSONFile(dir, template string, v interface{}) (string, func(), error) {
 	var buf bytes.Buffer
 
 	enc := json.NewEncoder(&buf)
 	if err := enc.Encode(v); err != nil {
 		return "", nil, fmt.Errorf(`failed to encode object to JSON: %w`, err)
 	}
-	return WriteFile(template, &buf)
+	return WriteFile(dir, template, &buf)
 }
 
 func DumpFile(t *testing.T, file string) {
@@ -206,8 +206,8 @@ func DumpFile(t *testing.T, file string) {
 	t.Logf("=== END   %s (formatted JSON) ===", file)
 }
 
-func CreateTempFile(template string) (*os.File, func(), error) {
-	file, err := os.CreateTemp("", template)
+func CreateTempFile(dir, template string) (*os.File, func(), error) {
+	file, err := os.CreateTemp(dir, template)
 	if err != nil {
 		return nil, nil, fmt.Errorf(`failed to create temporary file: %w`, err)
 	}
@@ -268,7 +268,7 @@ func DecryptJweFile(ctx context.Context, file string, alg jwa.KeyEncryptionAlgor
 	return jwe.Decrypt(buf, jwe.WithKey(alg, rawkey))
 }
 
-func EncryptJweFile(ctx context.Context, payload []byte, keyalg jwa.KeyEncryptionAlgorithm, keyfile string, contentalg jwa.ContentEncryptionAlgorithm, compressalg jwa.CompressionAlgorithm) (string, func(), error) {
+func EncryptJweFile(ctx context.Context, dir string, payload []byte, keyalg jwa.KeyEncryptionAlgorithm, keyfile string, contentalg jwa.ContentEncryptionAlgorithm, compressalg jwa.CompressionAlgorithm) (string, func(), error) {
 	key, err := ParseJwkFile(ctx, keyfile)
 	if err != nil {
 		return "", nil, fmt.Errorf(`failed to parse keyfile %s: %w`, keyfile, err)
@@ -302,7 +302,7 @@ func EncryptJweFile(ctx context.Context, payload []byte, keyalg jwa.KeyEncryptio
 		return "", nil, fmt.Errorf(`failed to encrypt payload: %w`, err)
 	}
 
-	return WriteFile("jwx-test-*.jwe", bytes.NewReader(buf))
+	return WriteFile(dir, "jwx-test-*.jwe", bytes.NewReader(buf))
 }
 
 func VerifyJwsFile(ctx context.Context, file string, alg jwa.SignatureAlgorithm, jwkfile string) ([]byte, error) {
@@ -333,7 +333,7 @@ func VerifyJwsFile(ctx context.Context, file string, alg jwa.SignatureAlgorithm,
 	return jws.Verify(buf, jws.WithKey(alg, pubkey))
 }
 
-func SignJwsFile(ctx context.Context, payload []byte, alg jwa.SignatureAlgorithm, keyfile string) (string, func(), error) {
+func SignJwsFile(ctx context.Context, dir string, payload []byte, alg jwa.SignatureAlgorithm, keyfile string) (string, func(), error) {
 	key, err := ParseJwkFile(ctx, keyfile)
 	if err != nil {
 		return "", nil, fmt.Errorf(`failed to parse keyfile %s: %w`, keyfile, err)
@@ -344,5 +344,5 @@ func SignJwsFile(ctx context.Context, payload []byte, alg jwa.SignatureAlgorithm
 		return "", nil, fmt.Errorf(`failed to sign payload: %w`, err)
 	}
 
-	return WriteFile("jwx-test-*.jws", bytes.NewReader(buf))
+	return WriteFile(dir, "jwx-test-*.jws", bytes.NewReader(buf))
 }
diff --git a/jwe/jwe_test.go b/jwe/jwe_test.go
@@ -535,7 +535,7 @@ func TestGHIssue230(t *testing.T) {
 func TestReadFile(t *testing.T) {
 	const s = `eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.OKOawDo13gRp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JGeipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDbSv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaVmqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je81860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi6UklfCpIMfIjf7iGdXKHzg.48V1_ALb6US04U3b.5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A.XFBoMYUZodetZdvTiFvSkQ`
 
-	f, err := os.CreateTemp("", "test-read-file-*.jwe")
+	f, err := os.CreateTemp(t.TempDir(), "test-read-file-*.jwe")
 	require.NoError(t, err, `os.CreateTemp should succeed`)
 	defer f.Close()
 

diff --git a/jwe/speed_test.go b/jwe/speed_test.go
@@ -8,14 +8,14 @@ import (
 var s = []byte(`eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00ifQ.OKOawDo13gRp2ojaHV7LFpZcgV7T6DVZKTyKOMTYUmKoTCVJRgckCL9kiMT03JGeipsEdY3mx_etLbbWSrFr05kLzcSr4qKAq7YN7e9jwQRb23nfa6c9d-StnImGyFDbSv04uVuxIp5Zms1gNxKKK2Da14B8S4rzVRltdYwam_lDp5XnZAYpQdb76FdIKLaVmqgfwX7XWRxv2322i-vDxRfqNzo_tETKzpVLzfiwQyeyPGLBIO56YJ7eObdv0je81860ppamavo35UgoRdbYaBcoh9QcfylQr66oc6vFWXRcZ_ZT2LawVCWTIy3brGPi6UklfCpIMfIjf7iGdXKHzg.48V1_ALb6US04U3b.5eym8TW_c8SuK0ltJ3rpYIzOeDQz7TALvtu6UG9oMo4vpzs9tX_EFShS8iB7j6jiSdiwkIr3ajwQzaBtQD_A.XFBoMYUZodetZdvTiFvSkQ`)
 
 func BenchmarkSplitLib(b *testing.B) {
-	for i := 0; i < b.N; i++ {
+	for range b.N {
 		SplitLib(s)
 	}
 }
 
 func BenchmarkSplitManual(b *testing.B) {
 	ret := make([][]byte, 5)
-	for i := 0; i < b.N; i++ {
+	for range b.N {
 		SplitManual(ret, s)
 	}
 }

diff --git a/jws/jws_test.go b/jws/jws_test.go
@@ -923,7 +923,7 @@ func TestDecode_ES384Compact_NoSigTrim(t *testing.T) {
 func TestReadFile(t *testing.T) {
 	t.Parallel()
 
-	f, err := os.CreateTemp("", "test-read-file-*.jws")
+	f, err := os.CreateTemp(t.TempDir(), "test-read-file-*.jws")
 	require.NoError(t, err, `io.CreateTemp should succeed`)
 	defer f.Close()
 

diff --git a/jwt/jwt_test.go b/jwt/jwt_test.go
@@ -614,7 +614,7 @@ func TestSignTyp(t *testing.T) {
 func TestReadFile(t *testing.T) {
 	t.Parallel()
 
-	f, err := os.CreateTemp("", "test-read-file-*.jwt")
+	f, err := os.CreateTemp(t.TempDir(), "test-read-file-*.jwt")
 	require.NoError(t, err, `os.CreateTemp should succeed`)
 	defer f.Close()
 

diff --git a/jwx_test.go b/jwx_test.go
@@ -78,8 +78,6 @@ func TestDecoderSetting(t *testing.T) {
 
 // Test compatibility against `jose` tool
 func TestJoseCompatibility(t *testing.T) {
-	t.Parallel()
-
 	if testing.Short() {
 		t.Logf("Skipped during short tests")
 		return
@@ -90,8 +88,10 @@ func TestJoseCompatibility(t *testing.T) {
 		return
 	}
 
+	jwe.Settings(jwe.WithMaxPBES2Count(32768))
+	t.Cleanup(func() { jwe.WithMaxPBES2Count(10000) })
+
 	t.Run("jwk", func(t *testing.T) {
-		t.Parallel()
 		testcases := []struct {
 			Name      string
 			Raw       interface{}
@@ -127,8 +127,6 @@ func TestJoseCompatibility(t *testing.T) {
 
 		for _, tc := range testcases {
 			t.Run(tc.Name, func(t *testing.T) {
-				t.Parallel()
-
 				ctx, cancel := context.WithCancel(context.Background())
 				defer cancel()
 
@@ -152,8 +150,6 @@ func TestJoseCompatibility(t *testing.T) {
 		// In order to avoid doing this in an ad-hoc way, we're just going to
 		// ask our jose package for the algorithms that it supports, and generate
 		// the list dynamically
-
-		t.Parallel()
 		ctx, cancel := context.WithCancel(context.Background())
 		defer cancel()
 		set, err := jose.Algorithms(ctx, t)
@@ -203,15 +199,13 @@ func TestJoseCompatibility(t *testing.T) {
 
 		for _, test := range tests {
 			t.Run(fmt.Sprintf("%s-%s", test.alg, test.enc), func(t *testing.T) {
-				t.Parallel()
 				ctx, cancel := context.WithCancel(context.Background())
 				defer cancel()
 				joseInteropTest(ctx, test, t)
 			})
 		}
 	})
 	t.Run("jws", func(t *testing.T) {
-		t.Parallel()
 		tests := []jwa.SignatureAlgorithm{
 			jwa.ES256(),
 			//jwa.ES256K,
@@ -289,7 +283,7 @@ func joseInteropTest(ctx context.Context, spec interopTest, t *testing.T) {
 		require.Equal(t, expected, payload, `decrypted payloads should match`)
 	})
 	t.Run("Encrypt with jwx, Decrypt with jose", func(t *testing.T) {
-		jwxCryptFile, jwxCryptCleanup, err := jwxtest.EncryptJweFile(ctx, expected, spec.alg, joseJwkFile, spec.enc, jwa.NoCompress())
+		jwxCryptFile, jwxCryptCleanup, err := jwxtest.EncryptJweFile(ctx, t.TempDir(), expected, spec.alg, joseJwkFile, spec.enc, jwa.NoCompress())
 		require.NoError(t, err, `jwxtest.EncryptJweFile should succeed`)
 		defer jwxCryptCleanup()
 
@@ -325,7 +319,7 @@ func joseJwsInteropTest(ctx context.Context, alg jwa.SignatureAlgorithm, t *test
 		require.Equal(t, expected, payload, `decrypted payloads should match`)
 	})
 	t.Run("Sign with jwx, Verify with jose", func(t *testing.T) {
-		jwxCryptFile, jwxCryptCleanup, err := jwxtest.SignJwsFile(ctx, expected, alg, joseJwkFile)
+		jwxCryptFile, jwxCryptCleanup, err := jwxtest.SignJwsFile(ctx, t.TempDir(), expected, alg, joseJwkFile)
 		require.NoError(t, err, `jwxtest.SignJwsFile should succeed`)
 		defer jwxCryptCleanup()