Skip to content

Commit

Permalink
Pull in new versions from makego (#3342)
Browse files Browse the repository at this point in the history
  • Loading branch information
doriable authored Sep 24, 2024
1 parent 1e73ead commit ee73df5
Show file tree
Hide file tree
Showing 55 changed files with 2,055 additions and 8,872 deletions.
55 changes: 55 additions & 0 deletions .golangci.yml
Original file line number Diff line number Diff line change
Expand Up @@ -287,3 +287,58 @@ issues:
# trip this off.
path: private/pkg/oauth2/device.go
text: "G101:"
# G115 checks for integer overflow from integer conversions. There are known false
# positives from the check (https://github.com/securego/gosec/issues/1212) that are
# actively being worked on. Each exemption below is a false positive or for a safe operation,
# such as parsing indices from descriptors and/or images.
- linters:
- gosec
# Loop index conversion to uint64.
path: private/buf/bufgen/features.go
text: "G115:"
- linters:
- gosec
# Converting result from utf8.RuneCountInString to uint64.
path: private/bufpkg/bufcheck/bufcheckserver/internal/buflintvalidate/field.go
text: "G115:"
- linters:
- gosec
# PluginReference revision is validated with a bounds check at construction time.
path: private/bufpkg/bufremoteplugin/bufremoteplugin.go
text: "G115:"
- linters:
- gosec
# A bounds check has been added for int32 -> uint32 conversion this is being flagged
# as a false positive.
path: private/buf/bufcurl/reflection_resolver.go
text: "G115:"
- linters:
- gosec
# bufprotosource converts indices to int32 to form the source path. Since it is parsing
# from the fileDescriptor set, the operation should be safe.
path: private/bufpkg/bufprotosource/paths.go
text: "G115:"
- linters:
- gosec
# bufimageutil is handling images and converting loop indices to int32. Since it is
# parsing from an Image, the operation should be safe.
path: private/bufpkg/bufimage/bufimageutil/bufimageutil.go
text: "G115:"
- linters:
- gosec
# Bounds checks have been added with assertion statements to ensure safe int -> int32
# conversions, this is a false positive.
path: private/bufpkg/bufprotosource/option_extension_descriptor_test.go
text: "G115:"
- linters:
- gosec
# This converts results from strconv.ParseInt with the bit size set to 32 to int32,
# so it should be a safe conversion, this is a false positive.
path: private/buf/bufprotopluginexec/version.go
text: "G115:"
- linters:
- gosec
# This checks the cel constraints from an Image, and converts loop indices to int32
# to set the source path for the location, this operation should be safe.
path: private/bufpkg/bufcheck/bufcheckserver/internal/buflintvalidate/cel.go
text: "G115:"
6 changes: 3 additions & 3 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -7,11 +7,11 @@ toolchain go1.23.1
require (
buf.build/gen/go/bufbuild/bufplugin/protocolbuffers/go v1.34.2-20240920201003-06b7587d0fdf.2
buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.34.2-20240920164238-5a7b106cbb87.2
buf.build/gen/go/bufbuild/registry/connectrpc/go v1.16.2-20240821192916-45ba72cdd479.1
buf.build/gen/go/bufbuild/registry/connectrpc/go v1.17.0-20240821192916-45ba72cdd479.1
buf.build/gen/go/bufbuild/registry/protocolbuffers/go v1.34.2-20240821192916-45ba72cdd479.2
buf.build/go/bufplugin v0.3.0
buf.build/go/protoyaml v0.2.0
connectrpc.com/connect v1.16.2
connectrpc.com/connect v1.17.0
connectrpc.com/otelconnect v0.7.1
github.com/bufbuild/protocompile v0.14.1
github.com/bufbuild/protoplugin v0.0.0-20240911180120-7bb73e41a54a
Expand Down Expand Up @@ -47,7 +47,7 @@ require (
golang.org/x/sync v0.8.0
golang.org/x/term v0.24.0
golang.org/x/tools v0.25.0
google.golang.org/protobuf v1.34.3-0.20240816073751-94ecbc261689
google.golang.org/protobuf v1.34.3-0.20240906163944-03df6c145d96
gopkg.in/yaml.v3 v3.0.1
pluginrpc.com/pluginrpc v0.3.0
)
Expand Down
12 changes: 6 additions & 6 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -2,8 +2,8 @@ buf.build/gen/go/bufbuild/bufplugin/protocolbuffers/go v1.34.2-20240920201003-06
buf.build/gen/go/bufbuild/bufplugin/protocolbuffers/go v1.34.2-20240920201003-06b7587d0fdf.2/go.mod h1:B+9TKHRYqoAUW57pLjhkLOnBCu0DQYMV+f7imQ9nXwI=
buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.34.2-20240920164238-5a7b106cbb87.2 h1:hl0FrmGlNpQZIGvU1/jDz0lsPDd0BhCE0QDRwPfLZcA=
buf.build/gen/go/bufbuild/protovalidate/protocolbuffers/go v1.34.2-20240920164238-5a7b106cbb87.2/go.mod h1:ylS4c28ACSI59oJrOdW4pHS4n0Hw4TgSPHn8rpHl4Yw=
buf.build/gen/go/bufbuild/registry/connectrpc/go v1.16.2-20240821192916-45ba72cdd479.1 h1:QaJ6UkpvlGo4dBXR41vLRfPiKungbg7brjmbBC/k6Ig=
buf.build/gen/go/bufbuild/registry/connectrpc/go v1.16.2-20240821192916-45ba72cdd479.1/go.mod h1:oQsMFNU3YzxxjRS6O68UkcF/A+pXdXqQNcUfQEBTWcw=
buf.build/gen/go/bufbuild/registry/connectrpc/go v1.17.0-20240821192916-45ba72cdd479.1 h1:XFW5E+4pdF3SY0MRtnID+Ycv2QdH4OKVtoLCLsQoXac=
buf.build/gen/go/bufbuild/registry/connectrpc/go v1.17.0-20240821192916-45ba72cdd479.1/go.mod h1:uYzs3OHgVkINg9WZ/ISnGzOUaKfQ9Q70n6dascgz5lo=
buf.build/gen/go/bufbuild/registry/protocolbuffers/go v1.34.2-20240821192916-45ba72cdd479.2 h1:C3CTZTucEUm7i0O2tAM8GSlg23GnQYcljX1b1Jcpsro=
buf.build/gen/go/bufbuild/registry/protocolbuffers/go v1.34.2-20240821192916-45ba72cdd479.2/go.mod h1:psseUmlKRo9v5LZJtR/aTpdTLuyp9o3X7rnLT87SZEo=
buf.build/gen/go/pluginrpc/pluginrpc/protocolbuffers/go v1.34.2-20240828222655-5345c0a56177.2 h1:oSi+Adw4xvIjXrW8eY8QGR3sBdfWeY5HN/RefnRt52M=
Expand All @@ -13,8 +13,8 @@ buf.build/go/bufplugin v0.3.0/go.mod h1:Znx3zF4ThDWGN1eGFMsbVT9LkMcVV4MKeAC9hiGd
buf.build/go/protoyaml v0.2.0 h1:2g3OHjtLDqXBREIOjpZGHmQ+U/4mkN1YiQjxNB68Ip8=
buf.build/go/protoyaml v0.2.0/go.mod h1:L/9QvTDkTWcDTzAL6HMfN+mYC6CmZRm2KnsUA054iL0=
cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
connectrpc.com/connect v1.16.2 h1:ybd6y+ls7GOlb7Bh5C8+ghA6SvCBajHwxssO2CGFjqE=
connectrpc.com/connect v1.16.2/go.mod h1:n2kgwskMHXC+lVqb18wngEpF95ldBHXjZYJussz5FRc=
connectrpc.com/connect v1.17.0 h1:W0ZqMhtVzn9Zhn2yATuUokDLO5N+gIuBWMOnsQrfmZk=
connectrpc.com/connect v1.17.0/go.mod h1:0292hj1rnx8oFrStN7cB4jjVBeqs+Yx5yDIC2prWDO8=
connectrpc.com/otelconnect v0.7.1 h1:scO5pOb0i4yUE66CnNrHeK1x51yq0bE0ehPg6WvzXJY=
connectrpc.com/otelconnect v0.7.1/go.mod h1:dh3bFgHBTb2bkqGCeVVOtHJreSns7uu9wwL2Tbz17ms=
github.com/AdaLogics/go-fuzz-headers v0.0.0-20230811130428-ced1acdcaa24 h1:bvDV9vkmnHYOMsOr4WLk+Vo07yKIzd94sVoIqshQ4bU=
Expand Down Expand Up @@ -375,8 +375,8 @@ google.golang.org/protobuf v1.22.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2
google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.23.1-0.20200526195155-81db48ad09cc/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
google.golang.org/protobuf v1.25.0/go.mod h1:9JNX74DMeImyA3h4bdi1ymwjUzf21/xIlbajtzgsN7c=
google.golang.org/protobuf v1.34.3-0.20240816073751-94ecbc261689 h1:hNwajDgT0MlsxZzlUajZVmUYFpts8/CYe4BSNx503ZE=
google.golang.org/protobuf v1.34.3-0.20240816073751-94ecbc261689/go.mod h1:qYOHts0dSfpeUzUFpOMr/WGzszTmLH+DiWniOlNbLDw=
google.golang.org/protobuf v1.34.3-0.20240906163944-03df6c145d96 h1:gqpvySYmKe3qf25lfA3WIEMTXBU+lfISbNkPH2BA844=
google.golang.org/protobuf v1.34.3-0.20240906163944-03df6c145d96/go.mod h1:9fA7Ob0pmnwhb644+1+CVWFRbNajQ6iRojtC/QF5bRE=
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
Expand Down
4 changes: 2 additions & 2 deletions make/go/dep_buf.mk
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ $(call _assert_var,CACHE_VERSIONS)
$(call _assert_var,CACHE_BIN)

# Settable
# https://github.com/bufbuild/buf/releases 20240521 checked 20240524
BUF_VERSION ?= v1.32.1
# https://github.com/bufbuild/buf/releases 20240911 checked 20240916
BUF_VERSION ?= v1.41.0
# Settable
#
# If set, this path will be installed every time someone depends on $(BUF)
Expand Down
5 changes: 3 additions & 2 deletions make/go/dep_golangci_lint.mk
Original file line number Diff line number Diff line change
Expand Up @@ -10,10 +10,11 @@ $(call _assert_var,CACHE_BIN)
# We want to ensure we rebuild golangci-lint every time we require a new Go minor version.
# Otherwise, the cached version may not support the latest language features.
GOLANGCI_LINT_GO_VERSION := $(shell go mod edit -json | jq -r .Go | cut -d'.' -f1-2)

# Settable
# https://github.com/golangci/golangci-lint/releases 20240813 checked 20240815
# https://github.com/golangci/golangci-lint/releases 20240909 checked 20240916
# Contrast golangci-lint configuration with the one in https://github.com/connectrpc/connect-go/blob/main/.golangci.yml when upgrading
GOLANGCI_LINT_VERSION ?= v1.60.1
GOLANGCI_LINT_VERSION ?= v1.61.0

GOLANGCI_LINT := $(CACHE_VERSIONS)/golangci-lint/$(GOLANGCI_LINT_VERSION)-go$(GOLANGCI_LINT_GO_VERSION)
$(GOLANGCI_LINT):
Expand Down
4 changes: 2 additions & 2 deletions make/go/dep_protoc_gen_connect_go.mk
Original file line number Diff line number Diff line change
Expand Up @@ -7,8 +7,8 @@ $(call _assert_var,CACHE_VERSIONS)
$(call _assert_var,CACHE_BIN)

# Settable
# https://github.com/connectrpc/connect-go 20240513 checked 20240524
CONNECT_VERSION ?= v1.16.2
# https://github.com/connectrpc/connect-go 20240920 checked 20240920
CONNECT_VERSION ?= v1.17.0

GO_GET_PKGS := $(GO_GET_PKGS) \
connectrpc.com/connect@$(CONNECT_VERSION)
Expand Down
5 changes: 2 additions & 3 deletions make/go/dep_protoc_gen_go.mk
Original file line number Diff line number Diff line change
Expand Up @@ -7,9 +7,8 @@ $(call _assert_var,CACHE_VERSIONS)
$(call _assert_var,CACHE_BIN)

# Settable
# https://github.com/protocolbuffers/protobuf-go/releases 20240611 checked 20240612
# TODO: Change back to released version once bug is fixed
PROTOC_GEN_GO_VERSION ?= 94ecbc26168965a670a0f7cf86f658131c790a9c
# https://github.com/protocolbuffers/protobuf-go/releases 20240906 checked 20240916
PROTOC_GEN_GO_VERSION ?= v1.34.3-0.20240906163944-03df6c145d96

GO_GET_PKGS := $(GO_GET_PKGS) \
google.golang.org/protobuf/proto@$(PROTOC_GEN_GO_VERSION)
Expand Down
10 changes: 10 additions & 0 deletions private/buf/bufcurl/reflection_resolver.go
Original file line number Diff line number Diff line change
Expand Up @@ -164,6 +164,11 @@ func (r *reflectionResolver) ListServices() ([]protoreflect.FullName, error) {
}
switch response := resp.MessageResponse.(type) {
case *reflectionv1.ServerReflectionResponse_ErrorResponse:
// This should never happen, however we do a bounds check to ensure we are doing a safe
// conversion from int32 (ErrorResponse.ErrorCode) to uint32 (connect.Code).
if response.ErrorResponse.ErrorCode < 0 {
return nil, fmt.Errorf("server replied with unsupported error code: %v", response.ErrorResponse.ErrorCode)
}
return nil, connect.NewWireError(connect.Code(response.ErrorResponse.ErrorCode), errors.New(response.ErrorResponse.ErrorMessage))
case *reflectionv1.ServerReflectionResponse_ListServicesResponse:
serviceNames := make([]protoreflect.FullName, len(response.ListServicesResponse.Service))
Expand Down Expand Up @@ -338,6 +343,11 @@ func (r *reflectionResolver) fileByNameLocked(name string) ([]*descriptorpb.File
func descriptorsInResponse(resp *reflectionv1.ServerReflectionResponse) ([]*descriptorpb.FileDescriptorProto, error) {
switch response := resp.MessageResponse.(type) {
case *reflectionv1.ServerReflectionResponse_ErrorResponse:
// This should never happen, however we do a bounds check to ensure we are doing a safe
// conversion from int32 (ErrorResponse.ErrorCode) to uint32 (connect.Code).
if response.ErrorResponse.ErrorCode < 0 {
return nil, fmt.Errorf("server replied with unsupported error code: %v", response.ErrorResponse.ErrorCode)
}
return nil, connect.NewWireError(connect.Code(response.ErrorResponse.ErrorCode), errors.New(response.ErrorResponse.ErrorMessage))
case *reflectionv1.ServerReflectionResponse_FileDescriptorResponse:
files := make([]*descriptorpb.FileDescriptorProto, len(response.FileDescriptorResponse.FileDescriptorProto))
Expand Down
6 changes: 6 additions & 0 deletions private/bufpkg/bufimage/bufimage.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
"context"
"fmt"
"io/fs"
"math"
"slices"
"sort"
"strings"
Expand Down Expand Up @@ -703,6 +704,11 @@ func reparseImageProto(protoImage *imagev1.Image, resolver protoencoding.Resolve
}
}
if !isPublic {
// This should never happen, however we do a bounds check to ensure that we are
// doing a safe conversion for the index.
if i > math.MaxInt32 || i < math.MinInt32 {
return fmt.Errorf("unused dependency index out-of-bounds for int32 conversion: %v", i)
}
bufExt.UnusedDependency = append(bufExt.UnusedDependency, int32(i))
}
}
Expand Down
6 changes: 6 additions & 0 deletions private/bufpkg/bufimage/build_image.go
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,7 @@ import (
"context"
"errors"
"fmt"
"math"
"strings"

"github.com/bufbuild/buf/private/bufpkg/bufanalysis"
Expand Down Expand Up @@ -306,6 +307,11 @@ func getImageFilesRec(
dependency := fileDescriptor.Imports().Get(i).FileDescriptor
if unusedDependencyFilenames != nil {
if _, ok := unusedDependencyFilenames[dependency.Path()]; ok {
// This should never happen, however we do a bounds check to ensure that we are
// doing a safe conversion for the index.
if i > math.MaxInt32 || i < math.MinInt32 {
return nil, fmt.Errorf("unused dependency index out-of-bounds for int32 conversion: %v", i)
}
unusedDependencyIndexes = append(
unusedDependencyIndexes,
int32(i),
Expand Down
10 changes: 10 additions & 0 deletions private/bufpkg/bufprotosource/option_extension_descriptor_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -15,6 +15,7 @@
package bufprotosource

import (
"math"
"testing"

"github.com/stretchr/testify/assert"
Expand Down Expand Up @@ -121,10 +122,19 @@ func TestOptionExtensionLocation(t *testing.T) {
func checkLocation(t *testing.T, loc Location, sourceCodeInfoLoc *descriptorpb.SourceCodeInfo_Location) {
t.Helper()
assert.Equal(t, sourceCodeInfoLoc.GetLeadingComments(), loc.LeadingComments())
// Bounds assertions for int -> int32 conversion
assert.Less(t, loc.StartLine(), math.MaxInt32)
assert.Greater(t, loc.StartLine(), math.MinInt32)
assert.Less(t, loc.StartColumn(), math.MaxInt32)
assert.Greater(t, loc.StartLine(), math.MinInt32)
span := []int32{int32(loc.StartLine() - 1), int32(loc.StartColumn() - 1)}
if loc.EndLine() != loc.StartLine() {
assert.Less(t, loc.EndLine(), math.MaxInt32)
assert.Greater(t, loc.EndLine(), math.MinInt32)
span = append(span, int32(loc.EndLine()-1))
}
assert.Less(t, loc.EndColumn(), math.MaxInt32)
assert.Greater(t, loc.EndColumn(), math.MinInt32)
span = append(span, int32(loc.EndColumn()-1))
assert.Equal(t, sourceCodeInfoLoc.Span, span)
}
Expand Down
Loading

0 comments on commit ee73df5

Please sign in to comment.