build(deps): bump github.com/gin-gonic/gin from 1.5.0 to 1.7.7

[dependabot]

Bumps github.com/gin-gonic/gin from 1.5.0 to 1.7.7.

Release notes

Sourced from github.com/gin-gonic/gin's releases.

Release v1.7.7

BUGFIXES

• Fixed X-Forwarded-For unsafe handling of CVE-2020-28483 #2844, closed issue #2862
• Tree: updated the code logic for latestNode #2897, closed issue #2894 #2878
• Tree: fixed the misplacement of adding slashes #2847, closed issue #2843
• Tree: fixed tsr with mixed static and wildcard paths #2924, closed issue #2918

ENHANCEMENTS

• TrustedProxies: make it backward-compatible #2887, closed issue #2819
• TrustedPlatform: provide custom options for another CDN services #2906

DOCS

• NoMethod: added usage annotation (#2832)

Release v1.7.6

Handle pre release v1.7.5 error, so release v1.7.6 but still use v1.7.4 codes.

bump new release to fix checksum mismatch

No release notes provided.

v1.7.3

BUGFIXES

• fix level 1 router match #2767, #2796

release v1.7.2

BUGFIXES

• Fix conflict between param and exact path #2706. Close issue #2682 #2696.

v1.7.1

BUGFIXES

• fix: data race with trustedCIDRs from #2674(#2675)

Release v1.7.0

BUGFIXES

• fix compile error from #2572 (#2600)
• fix: print headers without Authorization header on broken pipe (#2528)
• fix(tree): reassign fullpath when register new node (#2366)

ENHANCEMENTS

• Support params and exact routes without creating conflicts (#2663)
• chore: improve render string performance (#2365)
• Sync route tree to httprouter latest code (#2368)

... (truncated)

Changelog

Sourced from github.com/gin-gonic/gin's changelog.

Gin v1.7.7

BUGFIXES

• Fixed X-Forwarded-For unsafe handling of CVE-2020-28483 #2844, closed issue #2862.
• Tree: updated the code logic for latestNode #2897, closed issue #2894 #2878.
• Tree: fixed the misplacement of adding slashes #2847, closed issue #2843.
• Tree: fixed tsr with mixed static and wildcard paths #2924, closed issue #2918.

ENHANCEMENTS

• TrustedProxies: make it backward-compatible #2887, closed issue #2819.
• TrustedPlatform: provide custom options for another CDN services #2906.

DOCS

• NoMethod: added usage annotation (#2832).

Gin v1.7.6

BUGFIXES

• bump new release to fix v1.7.5 release error by using v1.7.4 codes.

Gin v1.7.4

BUGFIXES

• bump new release to fix checksum mismatch

Gin v1.7.3

BUGFIXES

• fix level 1 router match #2767, #2796

Gin v1.7.2

BUGFIXES

• Fix conflict between param and exact path #2706. Close issue #2682 #2696.

Gin v1.7.1

BUGFIXES

• fix: data race with trustedCIDRs from #2674(#2675)

Gin v1.7.0

... (truncated)

Commits

• 84d927b chore(docs): Bump to v1.7.7 (#2952)
• 2d3572a Update version.go (#2923)
• ae6f7a3 fix tsr with mixed static and wildcard paths (#2924)
• bb945cf fix the misplacement of adding slashes (#2847)
• a3f0872 Provide custom options of TrustedPlatform for another CDN services (#2906)
• b5ad462 Update the code logic for latestNode in tree.go (#2897)
• 3b555a5 ClientIP: check every proxy for trustiness (#2844)
• fc5d6dd Tidy: Complete TrustedProxies feature (#2887)
• 7d20914 Quick Fix c.ClientIP() mistakely parsing to 127.0.0.1 for who not using r.Run...
• 4ad9526 Fix grammatical and spelling errors in context.go (#2883)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

The following labels could not be found: dependencies.

[akijakya]

Tested with end-to-end manual test.

[pregnor]

(Also request Márk's review on this please, this is a bit riskier change and he has substantially more experience with Gin than I do.)

[sagikazarmark]

I don't see anything out of the ordinary. A couple thoughts though:

• I'd probably try to check why the response size changes (just to be sure), but it's probably nothing.
• Given this is a high-risk update, I'd probably upgrade one minor version at a time

[akijakya]

I don't see anything out of the ordinary. A couple thoughts though:

• I'd probably try to check why the response size changes (just to be sure), but it's probably nothing.

I think I found it in the meantime, there was a bug resulting in an extra new line character which was fixed in version 1.6.0.

• Given this is a high-risk update, I'd probably upgrade one minor version at a time

That is probably wise, I will do so!

Thanks for the feedback!