Update dependencies

- Remove a couple of insecure packages - Upgrade CI/CD workflows - Use improved instrumentation code - Minor adjustments
aidtechnology · Jan 23, 2023 · 8bfe11a · 8bfe11a
1 parent 8e55065
commit 8bfe11a
Show file tree

Hide file tree

Showing 16 changed files with 340 additions and 733 deletions.
diff --git a/.github/ISSUE_TEMPLATE/bug_report.md b/.github/ISSUE_TEMPLATE/bug_report.md
diff --git a/.github/ISSUE_TEMPLATE/bug_report.yml b/.github/ISSUE_TEMPLATE/bug_report.yml
@@ -0,0 +1,53 @@
+name: "\U0001F41E Bug report"
+description: Report an issue
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report! **Before you start, make sure you have the latest versions of the packages you're using.**
+  - type: textarea
+    id: bug-description
+    attributes:
+      label: Describe the bug
+      description: Please provide a clear and concise description of what the bug is. If you intend to submit a PR for this issue, tell us in the description. Thanks!
+      placeholder: Bug description
+    validations:
+      required: true
+  - type: textarea
+    id: reproduction
+    attributes:
+      label: Reproduction
+      description: A link to a repository that reproduces the issue. Reproductions must be [short, self-contained and correct](http://sscce.org/) and must not contain files or code that aren't relevant to the issue — please do NOT just paste a link to your project. Explaining how to reproduce is generally not enough. It pushes the burden of creating a reproduction project onto a small set of volunteer maintainers and isn't scalable. If no reproduction is provided, the issue will be closed.
+      placeholder: Reproduction
+    validations:
+      required: true
+  - type: textarea
+    id: logs
+    attributes:
+      label: Logs
+      description: Please include available logs around the time this bug occurred. Please try not to insert an image but copy and paste the actual log text.
+      render: Shell
+  - type: textarea
+    id: system-info
+    attributes:
+      label: System Info
+      description: Include the output of `go env`; and any additional contextual details. For example if your are using Docker or Kubernetes, make sure to specify the details here.
+      render: Shell
+      placeholder: System, Binaries, Browsers
+    validations:
+      required: true
+  - type: dropdown
+    id: severity
+    attributes:
+      label: Severity
+      options:
+        - Annoyance
+        - Serious, but I can work around it
+        - Blocking an upgrade
+        - Blocking all usage of the package
+    validations:
+      required: true
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional information
diff --git a/.github/ISSUE_TEMPLATE/feature_request.md b/.github/ISSUE_TEMPLATE/feature_request.md
diff --git a/.github/ISSUE_TEMPLATE/feature_request.yml b/.github/ISSUE_TEMPLATE/feature_request.yml
@@ -0,0 +1,44 @@
+name: "\U0001F4A1 Feature Request"
+description: Suggest an idea for this project
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to request this feature! If your feature request is complex or substantial enough to warrant in-depth discussion, maintainers may close the issue and ask you to open an RFC.
+  - type: textarea
+    id: problem
+    attributes:
+      label: Describe the problem
+      description: Please provide a clear and concise description the problem this feature would solve. The more information you can provide here, the better.
+      placeholder: I'm always frustrated when...
+    validations:
+      required: true
+  - type: textarea
+    id: solution
+    attributes:
+      label: Describe the proposed solution
+      description: Please provide a clear and concise description of what you would like to happen.
+      placeholder: I would like to see...
+    validations:
+      required: true
+  - type: textarea
+    id: alternatives
+    attributes:
+      label: Alternatives considered
+      description: "Please provide a clear and concise description of any alternative solutions or features you've considered."
+  - type: dropdown
+    id: importance
+    attributes:
+      label: Importance
+      description: How important is this feature to you?
+      options:
+        - Nice to have
+        - Would make my life easier
+        - Cannot use this project without it
+    validations:
+      required: true
+  - type: textarea
+    id: additional-context
+    attributes:
+      label: Additional information
+      description: Add any other context or screenshots about the feature request here.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -42,11 +42,10 @@ jobs:
         run: go list -mod=readonly -f '{{if not .Indirect}}{{.}}{{end}}' -m all > go.list
 
       # Scan dependencies using Nancy
-      # Can be excluded if the commit message contains: [scan-deps skip]
+      # Can be excluded if the commit message contains: [skip scan-deps]
       # https://github.com/sonatype-nexus-community/nancy-github-action
       - name: Scan dependencies
-        id: scan-deps
-        if: ${{ !contains(env.commit_msg, '[scan-deps skip]') }}
+        if: ${{ !contains(env.commit_msg, '[skip scan-deps]') }}
         uses: sonatype-nexus-community/[email protected]
 
   # Validate the protocol buffer definitions on the project
@@ -83,22 +82,22 @@ jobs:
       # Setup buf
       - name: Setup buf
         id: buf-setup
-        uses: bufbuild/buf-setup-action@v1.7.0
+        uses: bufbuild/buf-setup-action@v1.11.0
         with:
-          version: 1.7.0
+          version: 1.11.0
           github_token: ${{ github.token }}
 
       # Static analysis
       - name: Static analysis
         id: buf-lint
-        uses: bufbuild/[email protected].1
+        uses: bufbuild/[email protected].3
         if: ${{ steps.buf-setup.outcome == 'success' }}
 
       # Detect breaking changes
       - name: Detect breaking changes
         id: buf-breaking
-        if: steps.buf-lint.outcome == 'success' && !contains(env.commit_msg, '[buf-breaking skip]')
-        uses: bufbuild/buf-[email protected]
+        uses: bufbuild/buf-[email protected]
+        if: steps.buf-lint.outcome == 'success' && !contains(env.commit_msg, '[skip buf-breaking]')
         with:
           against: 'https://github.com/${{ github.repository }}.git#branch=master'
         env:
@@ -112,7 +111,7 @@ jobs:
     needs: protos
     strategy:
       matrix:
-        go-version: [1.17.x, 1.18.x, 1.19.x]
+        go-version: [1.18.x, 1.19.x]
         os: [ubuntu-latest]
     runs-on: ${{ matrix.os }}
     timeout-minutes: 15
@@ -156,17 +155,17 @@ jobs:
       # Style consistency and static analysis using 'golangci-lint'
       # https://github.com/marketplace/actions/run-golangci-lint
       - name: Static analysis
-        uses: golangci/golangci-lint-action@v3.2.0
+        uses: golangci/golangci-lint-action@v3
         with:
-          version: v1.48.0
+          version: v1.50.1
 
       # Run unit tests
       - name: Test
         run: make test
 
       # Ensure project compile and build successfully
       - name: Build
-        run: make build-for os=linux arch=amd64
+        run: make build
 
       # Save artifacts
       - name: Save artifacts

diff --git a/.github/workflows/maintenance.yml b/.github/workflows/maintenance.yml
@@ -8,7 +8,7 @@ jobs:
     name: "close stale issues and pull requests"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/stale@v5
+      - uses: actions/stale@v7
         with:
           # On the 'debug' mode the action will not perform any operation.
           # Add the secret ACTIONS_STEP_DEBUG with a value of 'true' in the repository.

diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
@@ -46,7 +46,7 @@ jobs:
       # Use goreleaser to create the new release
       # https://github.com/goreleaser/goreleaser-action
       - name: Create release
-        uses: goreleaser/goreleaser-action@v3
+        uses: goreleaser/goreleaser-action@v4
         if: startsWith(github.ref, 'refs/tags/')
         with:
           version: latest

diff --git a/.golangci.yml b/.golangci.yml
@@ -3,13 +3,7 @@ run:
   issues-exit-code: 1
   tests: true
   build-tags: []
-  skip-dirs:
-    - vendor$
-    - third_party$
-    - testdata$
-    - examples$
-    - Godeps$
-    - builtin$
+  skip-dirs-use-default: true
   skip-files:
     - ".*\\.pb\\.go$"
     - ".*\\.pb\\.gw\\.go$"
@@ -28,9 +22,7 @@ linters:
     - gofmt
     - ineffassign
     - staticcheck
-    - structcheck
     - typecheck
-    - varcheck
     - gocyclo
     - goconst
     - depguard
@@ -52,16 +44,20 @@ linters:
     - noctx
     - predeclared
     - exportloopref
-    - wastedassign
     - whitespace
+    # Deprecated linters
     #- wrapcheck
     #- nestif
     #- funlen
     #- ifshort
+    #- varcheck
   disable:
     - deadcode
     - unused
     - dupl
+    # https://github.com/golangci/golangci-lint/issues/2649
+    - structcheck
+    - wastedassign
 issues:
   exclude-use-default: false
   exclude-rules:

diff --git a/.goreleaser.yml b/.goreleaser.yml
@@ -45,6 +45,7 @@ builds:
 archives:
   # a single project can produce multiple archives
   - name_template: "{{ .ProjectName }}_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
+    rlcp: true
     builds:
       # artifacts to pack
       - didctl
@@ -68,6 +69,7 @@ checksum:
 # https://goreleaser.com/customization/source/
 source:
   enabled: true
+  rlcp: true
 # produce test releases
 # https://goreleaser.com/customization/snapshots/
 snapshot: