Commit Graph

10 Commits

Author SHA1 Message Date
Canelo Hill ac1b326ac0
Set min Go version to 1.20 (#930)
Update go.mod and CI to Go version 1.20.
2024-06-19 14:40:57 +10:00
Daniel Holmes 227456c3cc chore: Retract v1.5.2 from go.mod
Maintainers accidentally changed the reference commit
for v1.5.2. This change retracts v1.5.2 which also
includes a number of avoidable issues.

Fixes #927
2024-06-19 04:30:55 +00:00
apoorvajagtap ce903f6d1d Reverts to v1.5.0
This commit reverts the changes back till 8983b96324.
And inherits the README.md changes of 931041c5ee
Relates to:
- https://github.com/gorilla/websocket/issues/880#issuecomment-2081189055
2024-06-13 23:18:03 -04:00
apoorvajagtap 1bddf2e0db bumps go version & removes deprecated module usage 2024-05-01 18:51:54 +05:30
apoorvajagtap b2c246b2ec Revert " Update go version & add verification/testing tools (#840)"
This reverts commit 666c197fc9.
2024-05-01 18:51:54 +05:30
Corey Daley ac0789be11
update GitHub workflows (#857)
<!--
For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.

     For a timely review/response, please avoid force-pushing additional
     commits if your PR already received reviews or comments.

     Before submitting a Pull Request, please ensure that you have:
- 📖 Read the Contributing guide:
https://github.com/gorilla/.github/blob/main/CONTRIBUTING.md
- 📖 Read the Code of Conduct:
https://github.com/gorilla/.github/blob/main/CODE_OF_CONDUCT.md

     - Provide tests for your changes.
     - Use descriptive commit messages.
	 - Comment your code where appropriate.
	 - Squash your commits
     - Update any related documentation.

     - Add gorilla/pull-request-reviewers as a Reviewer
-->

## What type of PR is this? (check all applicable)

- [x] Refactor
- [ ] Feature
- [ ] Bug Fix
- [ ] Optimization
- [ ] Documentation Update
- [ ] Go Version Update
- [ ] Dependency Update

## Description

## Related Tickets & Documents

<!--
For pull requests that relate or close an issue, please include them
below. We like to follow [Github's guidance on linking issues to pull
requests](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue).

For example having the text: "closes #1234" would connect the current
pull
request to issue 1234.  And when we merge the pull request, Github will
automatically close the issue.
-->

- Related Issue #
- Closes #

## Added/updated tests?

- [ ] Yes
- [ ] No, and this is why: _please replace this line with details on why
tests
      have not been included_
- [ ] I need help with writing tests

## Run verifications and test

- [x] `make verify` is passing
- [x] `make test` is passing
2023-10-18 17:57:41 +05:30
Corey Daley 78c34874c8
update golang.org/x/net (#856)
<!--
For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.

     For a timely review/response, please avoid force-pushing additional
     commits if your PR already received reviews or comments.

     Before submitting a Pull Request, please ensure that you have:
- 📖 Read the Contributing guide:
https://github.com/gorilla/.github/blob/main/CONTRIBUTING.md
- 📖 Read the Code of Conduct:
https://github.com/gorilla/.github/blob/main/CODE_OF_CONDUCT.md

     - Provide tests for your changes.
     - Use descriptive commit messages.
	 - Comment your code where appropriate.
	 - Squash your commits
     - Update any related documentation.

     - Add gorilla/pull-request-reviewers as a Reviewer
-->

## What type of PR is this? (check all applicable)

- [ ] Refactor
- [ ] Feature
- [ ] Bug Fix
- [ ] Optimization
- [ ] Documentation Update
- [ ] Go Version Update
- [x] Dependency Update

## Description

## Related Tickets & Documents

<!--
For pull requests that relate or close an issue, please include them
below. We like to follow [Github's guidance on linking issues to pull
requests](https://docs.github.com/en/issues/tracking-your-work-with-issues/linking-a-pull-request-to-an-issue).

For example having the text: "closes #1234" would connect the current
pull
request to issue 1234.  And when we merge the pull request, Github will
automatically close the issue.
-->

- Related Issue #
- Closes #

## Added/updated tests?

- [ ] Yes
- [ ] No, and this is why: _please replace this line with details on why
tests
      have not been included_
- [ ] I need help with writing tests

## Run verifications and test

- [ ] `make verify` is passing
- [ ] `make test` is passing
2023-10-17 19:57:41 -04:00
Corey Daley 666c197fc9
Update go version & add verification/testing tools (#840)
Fixes #

**Summary of Changes**

1.
2. 
3.

> PS: Make sure your PR includes/updates tests! If you need help with
this part, just ask!
2023-08-27 01:31:45 +05:30
Matt Silverlock 5b740c2926
Read Limit Fix (#537)
This fix addresses a potential denial-of-service (DoS) vector that can cause an integer overflow in the presence of malicious WebSocket frames.

The fix adds additional checks against the remaining bytes on a connection, as well as a test to prevent regression.

Credit to Max Justicz (https://justi.cz/) for discovering and reporting this, as well as providing a robust PoC and review.

* build: go.mod to go1.12
* bugfix: fix DoS vector caused by readLimit bypass
* test: update TestReadLimit sub-test
* bugfix: payload length 127 should read bytes as uint64
* bugfix: defend against readLength overflows
2019-08-24 18:17:28 -07:00
Saddam H 7c8e298727 Add support for go-module 2019-02-04 16:44:14 -08:00