Merge pull request #56 from gofiber/ci-fixes

Fixes and refactoring of CI files

.github/dependabot.yml

@@ -1,9 +1,7 @@
-# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
-
 version: 2
 updates:
   - package-ecosystem: "gomod"
-    directory: "/" # Location of package manifests
+    directory: "/"
     labels:
       - "🤖 Dependencies"
     schedule:

.github/workflows/benchmark.yml

@@ -1,5 +1,24 @@
-on: [push]
 name: Benchmark
+
+on:
+  push:
+    branches:
+      - "master"
+      - "main"
+    paths-ignore:
+      - "**.md"
+      - LICENSE
+      - ".github/ISSUE_TEMPLATE/*.yml"
+      - ".github/dependabot.yml"
+  pull_request:
+    branches:
+      - "*"
+    paths-ignore:
+      - "**.md"
+      - LICENSE
+      - ".github/ISSUE_TEMPLATE/*.yml"
+      - ".github/dependabot.yml"
+
 jobs:
   Compare:
     runs-on: ubuntu-latest
@@ -8,15 +27,19 @@ jobs:
       uses: actions/setup-go@v5
       with:
         go-version: 1.19.x
+
     - name: Fetch Repository
-      uses: actions/checkout@v3
+      uses: actions/checkout@v4
+
     - name: Run Benchmark
       run: set -o pipefail; go test ./... -benchmem -run=^$ -bench . | tee output.txt
+
     - name: Get Previous Benchmark Results
       uses: actions/cache@v3
       with:
         path: ./cache
         key: ${{ runner.os }}-benchmark
+
     - name: Save Benchmark Results
       uses: benchmark-action/github-action-benchmark@v1
       with:

.github/workflows/codeql-analysis.yml

@@ -29,15 +29,15 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@v2
+      uses: github/codeql-action/init@v3
       # Override language selection by uncommenting this and choosing your languages
       with:
         languages: go
 
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@v2
+      uses: github/codeql-action/autobuild@v3
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -51,4 +51,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v2
+      uses: github/codeql-action/analyze@v3

.github/workflows/dependabot-automerge.yml

@@ -28,7 +28,7 @@ jobs:
     steps:
       - name: Dependabot metadata
         id: metadata
-        uses: dependabot/fetch-metadata@v1.4.0
+        uses: dependabot/fetch-metadata@v1.6.0
         with:
           github-token: "${{ secrets.PR_TOKEN }}"
       - name: Enable auto-merge for Dependabot PRs

.github/workflows/linter.yml

@@ -1,11 +1,31 @@
-on: [push, pull_request]
-name: Linter
+name: Golangci Lint Check
+
+on:
+  push:
+    branches:
+      - "master"
+      - "main"
+    paths-ignore:
+      - "**.md"
+      - LICENSE
+      - ".github/ISSUE_TEMPLATE/*.yml"
+      - ".github/dependabot.yml"
+  pull_request:
+    branches:
+      - "*"
+    paths-ignore:
+      - "**.md"
+      - LICENSE
+      - ".github/ISSUE_TEMPLATE/*.yml"
+      - ".github/dependabot.yml"
+
 jobs:
   Golint:
     runs-on: ubuntu-latest
     steps:
       - name: Fetch Repository
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
+
       - name: Run Golint
         uses: reviewdog/action-golangci-lint@v2
         with:

.github/workflows/security.yml

@@ -1,12 +1,42 @@
-on: [push, pull_request]
-name: Security
+name: Gosec Security Scan
+
+on:
+  push:
+    branches:
+      - "master"
+      - "main"
+    paths-ignore:
+      - "**.md"
+      - LICENSE
+      - ".github/ISSUE_TEMPLATE/*.yml"
+      - ".github/dependabot.yml"
+  pull_request:
+    branches:
+      - "*"
+    paths-ignore:
+      - "**.md"
+      - LICENSE
+      - ".github/ISSUE_TEMPLATE/*.yml"
+      - ".github/dependabot.yml"
+
 jobs:
-  Gosec:
+  gosec-scan:
     runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
     steps:
       - name: Fetch Repository
-        uses: actions/checkout@v3
-      - name: Run Gosec
-        uses: securego/gosec@master
+        uses: actions/checkout@v4
+
+      - name: Install Go
+        uses: actions/setup-go@v5
         with:
-          args: -exclude-dir=internal/*/ ./...
+          go-version: 'oldstable'
+          check-latest: true
+          cache: false
+
+      - name: Install Gosec
+        run: go install github.com/securego/gosec/v2/cmd/gosec@latest
+
+      - name: Run Gosec
+        run: gosec -exclude-dir=internal ./...

.github/workflows/test.yml

@@ -2,41 +2,37 @@ on:
   push:
     branches:
       - master
+      - main
+    paths:
+      - "**"
+      - "!docs/**"
+      - "!**.md"
   pull_request:
-name: Tests
+    paths:
+      - "**"
+      - "!docs/**"
+      - "!**.md"
+
+name: Test
 jobs:
-  Tests:
+  Build:
     strategy:
       matrix:
-        go-version: [1.19.x, 1.20.x]
+        go-version: [1.19.x, 1.20.x, 1.21.x]
         platform: [ubuntu-latest, windows-latest, macos-latest]
     runs-on: ${{ matrix.platform }}
     steps:
-    - name: Install Go
-      uses: actions/setup-go@v5
-      with:
-        go-version: ${{ matrix.go-version }}
-    - name: Setup Golang caches
-      uses: actions/cache@v3
-      with:
-          # In order:
-          # * Module download cache
-          # * Build cache (Linux)
-          # * Build cache (Mac)
-          # * Build cache (Windows)
-          path: |
-              ~/go/pkg/mod
-              ~/.cache/go-build
-              ~/Library/Caches/go-build
-              ~\AppData\Local\go-build
-          key: ${{ runner.os }}-go-${{ matrix.go-version }}-${{ hashFiles('**/go.sum') }}
-          restore-keys: |
-              ${{ runner.os }}-go-${{ matrix.go-version }}-
-    - name: Fetch Repository
-      uses: actions/checkout@v3
-    - name: Run Test
-      uses: nick-fields/retry@v2
-      with:
-        max_attempts: 3
-        timeout_minutes: 15
-        command: go test ./... -v -race
+      - name: Fetch Repository
+        uses: actions/checkout@v4
+
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - name: Run Test
+        uses: nick-fields/retry@v2
+        with:
+          max_attempts: 3
+          timeout_minutes: 15
+          command: go test ./... -v -race -count=1

.github/workflows/vulncheck.yml

@@ -1,19 +1,38 @@
-on: [push, pull_request_target]
 name: Vulnerability Check
+
+on:
+  push:
+    branches:
+      - master
+      - main
+    paths:
+      - "**"
+      - "!docs/**"
+      - "!**.md"
+  pull_request:
+    paths:
+      - "**"
+      - "!docs/**"
+      - "!**.md"
+
 jobs:
-  Security:
+  govulncheck-check:
     runs-on: ubuntu-latest
+    env:
+      GO111MODULE: on
     steps:
-    - name: Install Go
-      uses: actions/setup-go@v5
-      with:
-        go-version: 1.19.x
-    - name: Fetch Repository
-      uses: actions/checkout@v3
-    - name: Install Govulncheck
-      run: |
-          export GO111MODULE=on
-          export PATH=${PATH}:`go env GOPATH`/bin
-          go install golang.org/x/vuln/cmd/govulncheck@latest
-    - name: Run Govulncheck
-      run: "`go env GOPATH`/bin/govulncheck ./..."
+      - name: Fetch Repository
+        uses: actions/checkout@v4
+
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: "stable"
+          check-latest: true
+          cache: false
+
+      - name: Install Govulncheck
+        run: go install golang.org/x/vuln/cmd/govulncheck@latest
+
+      - name: Run Govulncheck
+        run: govulncheck ./...

file_test.go

@@ -4,6 +4,7 @@ import (
 	"io/fs"
 	"net/http"
 	"os"
+	"runtime"
 	"testing"
 
 	"github.com/stretchr/testify/require"
@@ -15,7 +16,13 @@ func Test_ReadFile(t *testing.T) {
 	testFS := http.FS(os.DirFS(".github/tests"))
 	file, err := ReadFile("john.txt", testFS)
 
-	require.Equal(t, string(file), "doe\n")
+	switch runtime.GOOS {
+	case "windows":
+		require.Equal(t, string(file), "doe\r\n")
+	default:
+		require.Equal(t, string(file), "doe\n")
+	}
+
 	require.NoError(t, err)
 }
 

go.mod

@@ -3,8 +3,8 @@ module github.com/gofiber/utils/v2
 go 1.19
 
 require (
-	github.com/google/uuid v1.3.0
-	github.com/stretchr/testify v1.8.3
+	github.com/google/uuid v1.5.0
+	github.com/stretchr/testify v1.8.4
 )
 
 require (

go.sum

@@ -1,11 +1,11 @@
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
-github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
+github.com/google/uuid v1.5.0 h1:1p67kYwdtXjb0gL0BPiP1Av9wiZPo5A8z2cWkTZ+eyU=
+github.com/google/uuid v1.5.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
-github.com/stretchr/testify v1.8.3 h1:RP3t2pwF7cMEbC1dqtB6poj3niw/9gnV4Cjg5oW5gtY=
-github.com/stretchr/testify v1.8.3/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
+github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
+github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=