[Release] General Golang Related Maintenance - November 2024

This update aims to address the following:

* Update for golang-JWT for CVE-2024-51744.

docs/docs.go

@@ -1,5 +1,5 @@
-// Code generated by swaggo/swag. DO NOT EDIT.
-
+// Package docs GENERATED BY SWAG; DO NOT EDIT
+// This file was generated by swaggo/swag
 package docs
 
 import "github.com/swaggo/swag"
@@ -1016,17 +1016,6 @@ const docTemplate = `{
                 }
             }
         },
-        "model_http.Metadata": {
-            "type": "object",
-            "properties": {
-                "num_records": {
-                    "type": "integer"
-                },
-                "quiz_id": {
-                    "type": "string"
-                }
-            }
-        },
         "model_http.StatsResponse": {
             "type": "object",
             "properties": {
@@ -1038,8 +1027,11 @@ const docTemplate = `{
                         }
                     }
                 },
-                "metadata": {
-                    "$ref": "#/definitions/model_http.Metadata"
+                "num_records": {
+                    "type": "integer"
+                },
+                "quiz_id": {
+                    "type": "string"
                 },
                 "records": {
                     "type": "array",
@@ -1070,7 +1062,7 @@ const docTemplate = `{
 
 // SwaggerInfo holds exported Swagger Info so clients can modify it
 var SwaggerInfo = &swag.Spec{
-	Version:          "1.7.5",
+	Version:          "1.7.6",
 	Host:             "localhost:44243",
 	BasePath:         "/api/rest/v1",
 	Schemes:          []string{"http"},

docs/swagger.json

@@ -21,7 +21,7 @@
             "name": "GPL-3.0",
             "url": "https://opensource.org/licenses/GPL-3.0"
         },
-        "version": "1.7.5"
+        "version": "1.7.6"
     },
     "host": "localhost:44243",
     "basePath": "/api/rest/v1",
@@ -1012,17 +1012,6 @@
                 }
             }
         },
-        "model_http.Metadata": {
-            "type": "object",
-            "properties": {
-                "num_records": {
-                    "type": "integer"
-                },
-                "quiz_id": {
-                    "type": "string"
-                }
-            }
-        },
         "model_http.StatsResponse": {
             "type": "object",
             "properties": {
@@ -1034,8 +1023,11 @@
                         }
                     }
                 },
-                "metadata": {
-                    "$ref": "#/definitions/model_http.Metadata"
+                "num_records": {
+                    "type": "integer"
+                },
+                "quiz_id": {
+                    "type": "string"
                 },
                 "records": {
                     "type": "array",

docs/swagger.yaml

@@ -171,22 +171,17 @@ definitions:
     - threshold
     - token
     type: object
-  model_http.Metadata:
-    properties:
-      num_records:
-        type: integer
-      quiz_id:
-        type: string
-    type: object
   model_http.StatsResponse:
     properties:
       links:
         properties:
           next_page:
             type: string
         type: object
-      metadata:
-        $ref: '#/definitions/model_http.Metadata'
+      num_records:
+        type: integer
+      quiz_id:
+        type: string
       records:
         items:
           $ref: '#/definitions/model_cassandra.Response'
@@ -211,7 +206,7 @@ info:
     name: GPL-3.0
     url: https://opensource.org/licenses/GPL-3.0
   title: Multiple Choice Question Platform.
-  version: 1.7.5
+  version: 1.7.6
 paths:
   /health:
     get:

go.mod

@@ -7,7 +7,7 @@ require (
 	github.com/gin-gonic/gin v1.10.0
 	github.com/go-playground/validator/v10 v10.22.0
 	github.com/gocql/gocql v1.6.0
-	github.com/golang-jwt/jwt/v4 v4.5.0
+	github.com/golang-jwt/jwt/v4 v4.5.1
 	github.com/golang/mock v1.6.0
 	github.com/pkg/errors v0.9.1
 	github.com/redis/go-redis/v9 v9.6.1

go.sum

@@ -79,8 +79,8 @@ github.com/goccy/go-json v0.10.2 h1:CrxCmQqYDkv1z7lO7Wbh2HN93uovUHgrECaO5ZrCXAU=
 github.com/goccy/go-json v0.10.2/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
 github.com/gocql/gocql v1.6.0 h1:IdFdOTbnpbd0pDhl4REKQDM+Q0SzKXQ1Yh+YZZ8T/qU=
 github.com/gocql/gocql v1.6.0/go.mod h1:3gM2c4D3AnkISwBxGnMMsS8Oy4y2lhbPRsH4xnJrHG8=
-github.com/golang-jwt/jwt/v4 v4.5.0 h1:7cYmW1XlMY7h7ii7UhUyChSgS5wUJEnm9uZVTGqOWzg=
-github.com/golang-jwt/jwt/v4 v4.5.0/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
+github.com/golang-jwt/jwt/v4 v4.5.1 h1:JdqV9zKUdtaa9gdPlywC3aeoEsR681PlKC+4F5gQgeo=
+github.com/golang-jwt/jwt/v4 v4.5.1/go.mod h1:m21LjoU+eqJr34lmDMbreY2eSTRJ1cv77w39/MY0Ch0=
 github.com/golang/mock v1.6.0 h1:ErTB+efbowRARo13NNdxyJji2egdxLGQhRaY+DUumQc=
 github.com/golang/mock v1.6.0/go.mod h1:p6yTPP+5HYm5mzsMV8JkE6ZKdX+/wYM6Hr+LicevLPs=
 github.com/golang/snappy v0.0.3/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=

pkg/http/rest/handlers/healthcheck.go

@@ -12,14 +12,14 @@ import (
 )
 
 // Healthcheck checks if the service is healthy.
-//	@Summary		Healthcheck for service liveness.
-//	@Description	This endpoint is exposed to allow load balancers etc. to check the health of the service.
-//	@Tags			health healthcheck liveness
-//	@Id				healthcheck
-//	@Produce		json
-//	@Success		200	{object}	model_http.Success	"message: healthy"
-//	@Failure		503	{object}	model_http.Error	"error message with any available details"
-//	@Router			/health [get]
+// @Summary     Healthcheck for service liveness.
+// @Description This endpoint is exposed to allow load balancers etc. to check the health of the service.
+// @Tags        health healthcheck liveness
+// @Id          healthcheck
+// @Produce     json
+// @Success     200 {object} model_http.Success "message: healthy"
+// @Failure     503 {object} model_http.Error   "error message with any available details"
+// @Router      /health [get]
 func Healthcheck(logger *logger.Logger, db cassandra.Cassandra, cache redis.Redis) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var err error

pkg/http/rest/handlers/quiz.go

@@ -18,18 +18,18 @@ import (
 )
 
 // ViewQuiz will retrieve a test using a variable in the URL.
-//	@Summary		View a quiz.
-//	@Description	This endpoint will retrieve a quiz with a provided quiz ID if it is published.
-//	@Tags			view test quiz
-//	@Id				viewQuiz
-//	@Produce		json
-//	@Security		ApiKeyAuth
-//	@Param			quiz_id	path		string				true	"The quiz ID for the quiz being requested."
-//	@Success		200		{object}	model_http.Success	"The message will contain the quiz ID and the payload will contain the quiz"
-//	@Failure		403		{object}	model_http.Error	"Error message with any available details in payload"
-//	@Failure		404		{object}	model_http.Error	"Error message with any available details in payload"
-//	@Failure		500		{object}	model_http.Error	"Error message with any available details in payload"
-//	@Router			/quiz/view/{quiz_id} [get]
+// @Summary     View a quiz.
+// @Description This endpoint will retrieve a quiz with a provided quiz ID if it is published.
+// @Tags        view test quiz
+// @Id          viewQuiz
+// @Produce     json
+// @Security    ApiKeyAuth
+// @Param       quiz_id path          string                true "The quiz ID for the quiz being requested."
+// @Success     200          {object} model_http.Success "The message will contain the quiz ID and the payload will contain the quiz"
+// @Failure     403          {object} model_http.Error   "Error message with any available details in payload"
+// @Failure     404          {object} model_http.Error   "Error message with any available details in payload"
+// @Failure     500          {object} model_http.Error   "Error message with any available details in payload"
+// @Router      /quiz/view/{quiz_id} [get]
 func ViewQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra, cache redis.Redis) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var err error
@@ -79,20 +79,20 @@ func ViewQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra, cac
 }
 
 // CreateQuiz will submit a quiz and write back the GetScore ID.
-//	@Summary		Create a quiz.
-//	@Description	This endpoint will create a quiz with randomly generated Test ID and associate it with the requester.
-//	@Description	The username will be extracted from the JWT and associated with the Test ID.
-//	@Tags			create test quiz
-//	@Id				createQuiz
-//	@Accept			json
-//	@Produce		json
-//	@Security		ApiKeyAuth
-//	@Param			quiz	body		model_cassandra.QuizCore	true	"The Quiz to be created as unpublished"
-//	@Success		200		{object}	model_http.Success			"The message will contain the Quiz ID of the newly generated quiz"
-//	@Failure		400		{object}	model_http.Error			"Error message with any available details in payload"
-//	@Failure		409		{object}	model_http.Error			"Error message with any available details in payload"
-//	@Failure		500		{object}	model_http.Error			"Error message with any available details in payload"
-//	@Router			/quiz/create/ [post]
+// @Summary     Create a quiz.
+// @Description This endpoint will create a quiz with randomly generated Test ID and associate it with the requester.
+// @Description The username will be extracted from the JWT and associated with the Test ID.
+// @Tags        create test quiz
+// @Id          createQuiz
+// @Accept      json
+// @Produce     json
+// @Security    ApiKeyAuth
+// @Param       quiz body          model_cassandra.QuizCore true "The Quiz to be created as unpublished"
+// @Success     200       {object} model_http.Success             "The message will contain the Quiz ID of the newly generated quiz"
+// @Failure     400       {object} model_http.Error               "Error message with any available details in payload"
+// @Failure     409       {object} model_http.Error               "Error message with any available details in payload"
+// @Failure     500       {object} model_http.Error               "Error message with any available details in payload"
+// @Router      /quiz/create/ [post]
 func CreateQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var err error
@@ -136,20 +136,20 @@ func CreateQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra) g
 }
 
 // UpdateQuiz will update a quiz.
-//	@Summary		Update a quiz.
-//	@Description	This endpoint will update a quiz with the provided Test ID if it was created by the requester and is not published.
-//	@Tags			update modify test quiz
-//	@Id				updateQuiz
-//	@Accept			json
-//	@Produce		json
-//	@Security		ApiKeyAuth
-//	@Param			quiz_id	path		string						true	"The Test ID for the quiz being updated."
-//	@Param			quiz	body		model_cassandra.QuizCore	true	"The Quiz to replace the one already submitted"
-//	@Success		200		{object}	model_http.Success			"The message will contain a confirmation of the update"
-//	@Failure		400		{object}	model_http.Error			"Error message with any available details in payload"
-//	@Failure		403		{object}	model_http.Error			"Error message with any available details in payload"
-//	@Failure		500		{object}	model_http.Error			"Error message with any available details in payload"
-//	@Router			/quiz/update/{quiz_id} [patch]
+// @Summary     Update a quiz.
+// @Description This endpoint will update a quiz with the provided Test ID if it was created by the requester and is not published.
+// @Tags        update modify test quiz
+// @Id          updateQuiz
+// @Accept      json
+// @Produce     json
+// @Security    ApiKeyAuth
+// @Param       quiz_id path          string                            true "The Test ID for the quiz being updated."
+// @Param       quiz    body          model_cassandra.QuizCore true "The Quiz to replace the one already submitted"
+// @Success     200          {object} model_http.Success             "The message will contain a confirmation of the update"
+// @Failure     400          {object} model_http.Error               "Error message with any available details in payload"
+// @Failure     403          {object} model_http.Error               "Error message with any available details in payload"
+// @Failure     500          {object} model_http.Error               "Error message with any available details in payload"
+// @Router      /quiz/update/{quiz_id} [patch]
 func UpdateQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var err error
@@ -199,17 +199,17 @@ func UpdateQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra) g
 }
 
 // DeleteQuiz will delete a quiz using a variable in the URL.
-//	@Summary		Delete a quiz.
-//	@Description	This endpoint will mark a quiz as delete if it was created by the requester. The provided Test ID is provided is a path parameter.
-//	@Tags			delete remove test quiz
-//	@Id				deleteQuiz
-//	@Produce		json
-//	@Security		ApiKeyAuth
-//	@Param			quiz_id	path		string				true	"The Test ID for the quiz being deleted."
-//	@Success		200		{object}	model_http.Success	"The message will contain a confirmation of deletion"
-//	@Failure		403		{object}	model_http.Error	"Error message with any available details in payload"
-//	@Failure		500		{object}	model_http.Error	"Error message with any available details in payload"
-//	@Router			/quiz/delete/{quiz_id} [delete]
+// @Summary     Delete a quiz.
+// @Description This endpoint will mark a quiz as delete if it was created by the requester. The provided Test ID is provided is a path parameter.
+// @Tags        delete remove test quiz
+// @Id          deleteQuiz
+// @Produce     json
+// @Security    ApiKeyAuth
+// @Param       quiz_id path          string                true "The Test ID for the quiz being deleted."
+// @Success     200          {object} model_http.Success "The message will contain a confirmation of deletion"
+// @Failure     403          {object} model_http.Error   "Error message with any available details in payload"
+// @Failure     500          {object} model_http.Error   "Error message with any available details in payload"
+// @Router      /quiz/delete/{quiz_id} [delete]
 func DeleteQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra, cache redis.Redis) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var err error
@@ -272,18 +272,18 @@ func DeleteQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra, c
 }
 
 // PublishQuiz will publish a quiz using a variable in the URL.
-//	@Summary		Publish a quiz.
-//	@Description	When a quiz is submitted it is not published by default and is thus unavailable to be taken.
-//	@Description	This endpoint will publish a quiz with the provided Test ID if it was created by the requester.
-//	@Tags			publish test quiz create
-//	@Id				publishQuiz
-//	@Produce		json
-//	@Security		ApiKeyAuth
-//	@Param			quiz_id	path		string				true	"The Test ID for the quiz being published."
-//	@Success		200		{object}	model_http.Success	"The message will contain a confirmation of publishing"
-//	@Failure		403		{object}	model_http.Error	"Error message with any available details in payload"
-//	@Failure		500		{object}	model_http.Error	"Error message with any available details in payload"
-//	@Router			/quiz/publish/{quiz_id} [patch]
+// @Summary     Publish a quiz.
+// @Description When a quiz is submitted it is not published by default and is thus unavailable to be taken.
+// @Description This endpoint will publish a quiz with the provided Test ID if it was created by the requester.
+// @Tags        publish test quiz create
+// @Id          publishQuiz
+// @Produce     json
+// @Security    ApiKeyAuth
+// @Param       quiz_id path          string                true "The Test ID for the quiz being published."
+// @Success     200          {object} model_http.Success "The message will contain a confirmation of publishing"
+// @Failure     403          {object} model_http.Error   "Error message with any available details in payload"
+// @Failure     500          {object} model_http.Error   "Error message with any available details in payload"
+// @Router      /quiz/publish/{quiz_id} [patch]
 func PublishQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra, cache redis.Redis) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var err error
@@ -338,20 +338,20 @@ func PublishQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra,
 }
 
 // TakeQuiz will submit the answers to a quiz using a variable in the URL.
-//	@Summary		Take a quiz.
-//	@Description	Take a quiz by submitting an answer sheet. The username will be extracted from the JWT and associated with the scorecard.
-//	@Tags			take test quiz submit answer
-//	@Id				takeQuiz
-//	@Accept			json
-//	@Produce		json
-//	@Security		ApiKeyAuth
-//	@Param			quiz_id	path		string							true	"The Test ID for the answers being submitted."
-//	@Param			answers	body		model_cassandra.QuizResponse	true	"The answer card to be submitted."
-//	@Success		200		{object}	model_http.Success				"Score will be in the payload"
-//	@Failure		400		{object}	model_http.Error				"Error message with any available details in payload"
-//	@Failure		403		{object}	model_http.Error				"Error message with any available details in payload"
-//	@Failure		500		{object}	model_http.Error				"Error message with any available details in payload"
-//	@Router			/quiz/take/{quiz_id} [post]
+// @Summary     Take a quiz.
+// @Description Take a quiz by submitting an answer sheet. The username will be extracted from the JWT and associated with the scorecard.
+// @Tags        take test quiz submit answer
+// @Id          takeQuiz
+// @Accept      json
+// @Produce     json
+// @Security    ApiKeyAuth
+// @Param       quiz_id path          string                                 true "The Test ID for the answers being submitted."
+// @Param       answers body          model_cassandra.QuizResponse true "The answer card to be submitted."
+// @Success     200          {object} model_http.Success                  "Score will be in the payload"
+// @Failure     400          {object} model_http.Error                    "Error message with any available details in payload"
+// @Failure     403          {object} model_http.Error                    "Error message with any available details in payload"
+// @Failure     500          {object} model_http.Error                    "Error message with any available details in payload"
+// @Router      /quiz/take/{quiz_id} [post]
 func TakeQuiz(logger *logger.Logger, auth auth.Auth, db cassandra.Cassandra, cache redis.Redis, grader grading.Grading) gin.HandlerFunc {
 	return func(context *gin.Context) {
 		var err error