From 2eb8a6a7fa9dd18c6d6202ac36288312e0ae1a2c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 12 Dec 2024 14:39:28 +0000 Subject: [PATCH] Bump github.com/getkin/kin-openapi from 0.127.0 to 0.128.0 (#402) Bumps [github.com/getkin/kin-openapi](https://github.com/getkin/kin-openapi) from 0.127.0 to 0.128.0. - [Release notes](https://github.com/getkin/kin-openapi/releases) - [Commits](https://github.com/getkin/kin-openapi/compare/v0.127.0...v0.128.0) --- updated-dependencies: - dependency-name: github.com/getkin/kin-openapi dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- go.mod | 2 +- go.sum | 4 ++-- .../getkin/kin-openapi/openapi3/schema.go | 7 +++---- .../getkin/kin-openapi/openapi3/schema_pattern.go | 10 ++++++++-- .../openapi3/schema_validation_settings.go | 13 +++++++++++++ .../kin-openapi/openapi3/validation_options.go | 9 +++++++++ .../getkin/kin-openapi/openapi3filter/options.go | 3 +++ .../kin-openapi/openapi3filter/validate_request.go | 9 ++++----- vendor/modules.txt | 2 +- 9 files changed, 44 insertions(+), 15 deletions(-) diff --git a/go.mod b/go.mod index 91b77866a..c24edd2bf 100644 --- a/go.mod +++ b/go.mod @@ -8,7 +8,7 @@ replace github.com/openshift/assisted-service/models => github.com/openshift/ass require ( github.com/PaesslerAG/jsonpath v0.1.1 github.com/coreos/go-semver v0.3.1 - github.com/getkin/kin-openapi v0.127.0 + github.com/getkin/kin-openapi v0.128.0 github.com/go-logr/logr v1.4.2 github.com/go-task/slim-sprig/v3 v3.0.0 github.com/golang-jwt/jwt/v4 v4.5.1 diff --git a/go.sum b/go.sum index f9cd5e7bb..d268a8d1d 100644 --- a/go.sum +++ b/go.sum @@ -87,8 +87,8 @@ github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyT github.com/fxamacker/cbor/v2 v2.7.0 h1:iM5WgngdRBanHcxugY4JySA0nk1wZorNOpTgCMedv5E= github.com/fxamacker/cbor/v2 v2.7.0/go.mod h1:pxXPTn3joSm21Gbwsv0w9OSA2y1HFR9qXEeXQVeNoDQ= github.com/getkin/kin-openapi v0.76.0/go.mod h1:660oXbgy5JFMKreazJaQTw7o+X00qeSyhcnluiMv+Xg= -github.com/getkin/kin-openapi v0.127.0 h1:Mghqi3Dhryf3F8vR370nN67pAERW+3a95vomb3MAREY= -github.com/getkin/kin-openapi v0.127.0/go.mod h1:OZrfXzUfGrNbsKj+xmFBx6E5c6yH3At/tAKSc2UszXM= +github.com/getkin/kin-openapi v0.128.0 h1:jqq3D9vC9pPq1dGcOCv7yOp1DaEe7c/T1vzcLbITSp4= +github.com/getkin/kin-openapi v0.128.0/go.mod h1:OZrfXzUfGrNbsKj+xmFBx6E5c6yH3At/tAKSc2UszXM= github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04= github.com/go-logr/logr v0.1.0/go.mod h1:ixOQHD9gLJUVQQ2ZOR7zLEifBX6tGkNJF4QyIY7sIas= github.com/go-logr/logr v0.2.0/go.mod h1:z6/tIYblkpsD+a4lm/fGIIU9mZ+XfAiaFtq7xTgseGU= diff --git a/vendor/github.com/getkin/kin-openapi/openapi3/schema.go b/vendor/github.com/getkin/kin-openapi/openapi3/schema.go index 7be6bd38e..f81196066 100644 --- a/vendor/github.com/getkin/kin-openapi/openapi3/schema.go +++ b/vendor/github.com/getkin/kin-openapi/openapi3/schema.go @@ -9,7 +9,6 @@ import ( "math" "math/big" "reflect" - "regexp" "sort" "strconv" "strings" @@ -1019,7 +1018,7 @@ func (schema *Schema) validate(ctx context.Context, stack []*Schema) ([]*Schema, } } if !validationOpts.schemaPatternValidationDisabled && schema.Pattern != "" { - if _, err := schema.compilePattern(); err != nil { + if _, err := schema.compilePattern(validationOpts.regexCompilerFunc); err != nil { return stack, err } } @@ -1729,10 +1728,10 @@ func (schema *Schema) visitJSONString(settings *schemaValidationSettings, value // "pattern" if !settings.patternValidationDisabled && schema.Pattern != "" { cpiface, _ := compiledPatterns.Load(schema.Pattern) - cp, _ := cpiface.(*regexp.Regexp) + cp, _ := cpiface.(RegexMatcher) if cp == nil { var err error - if cp, err = schema.compilePattern(); err != nil { + if cp, err = schema.compilePattern(settings.regexCompiler); err != nil { if !settings.multiError { return err } diff --git a/vendor/github.com/getkin/kin-openapi/openapi3/schema_pattern.go b/vendor/github.com/getkin/kin-openapi/openapi3/schema_pattern.go index 4794b6a0d..581971378 100644 --- a/vendor/github.com/getkin/kin-openapi/openapi3/schema_pattern.go +++ b/vendor/github.com/getkin/kin-openapi/openapi3/schema_pattern.go @@ -13,9 +13,14 @@ func intoGoRegexp(re string) string { } // NOTE: racey WRT [writes to schema.Pattern] vs [reads schema.Pattern then writes to compiledPatterns] -func (schema *Schema) compilePattern() (cp *regexp.Regexp, err error) { +func (schema *Schema) compilePattern(c RegexCompilerFunc) (cp RegexMatcher, err error) { pattern := schema.Pattern - if cp, err = regexp.Compile(intoGoRegexp(pattern)); err != nil { + if c != nil { + cp, err = c(pattern) + } else { + cp, err = regexp.Compile(intoGoRegexp(pattern)) + } + if err != nil { err = &SchemaError{ Schema: schema, SchemaField: "pattern", @@ -24,6 +29,7 @@ func (schema *Schema) compilePattern() (cp *regexp.Regexp, err error) { } return } + var _ bool = compiledPatterns.CompareAndSwap(pattern, nil, cp) return } diff --git a/vendor/github.com/getkin/kin-openapi/openapi3/schema_validation_settings.go b/vendor/github.com/getkin/kin-openapi/openapi3/schema_validation_settings.go index 17aad2fa7..e9c1422bd 100644 --- a/vendor/github.com/getkin/kin-openapi/openapi3/schema_validation_settings.go +++ b/vendor/github.com/getkin/kin-openapi/openapi3/schema_validation_settings.go @@ -7,6 +7,12 @@ import ( // SchemaValidationOption describes options a user has when validating request / response bodies. type SchemaValidationOption func(*schemaValidationSettings) +type RegexCompilerFunc func(expr string) (RegexMatcher, error) + +type RegexMatcher interface { + MatchString(s string) bool +} + type schemaValidationSettings struct { failfast bool multiError bool @@ -16,6 +22,8 @@ type schemaValidationSettings struct { readOnlyValidationDisabled bool writeOnlyValidationDisabled bool + regexCompiler RegexCompilerFunc + onceSettingDefaults sync.Once defaultsSet func() @@ -70,6 +78,11 @@ func SetSchemaErrorMessageCustomizer(f func(err *SchemaError) string) SchemaVali return func(s *schemaValidationSettings) { s.customizeMessageError = f } } +// SetSchemaRegexCompiler allows to override the regex implementation used to validate field "pattern". +func SetSchemaRegexCompiler(c RegexCompilerFunc) SchemaValidationOption { + return func(s *schemaValidationSettings) { s.regexCompiler = c } +} + func newSchemaValidationSettings(opts ...SchemaValidationOption) *schemaValidationSettings { settings := &schemaValidationSettings{} for _, opt := range opts { diff --git a/vendor/github.com/getkin/kin-openapi/openapi3/validation_options.go b/vendor/github.com/getkin/kin-openapi/openapi3/validation_options.go index 45563256a..1d141d40a 100644 --- a/vendor/github.com/getkin/kin-openapi/openapi3/validation_options.go +++ b/vendor/github.com/getkin/kin-openapi/openapi3/validation_options.go @@ -13,6 +13,7 @@ type ValidationOptions struct { schemaFormatValidationEnabled bool schemaPatternValidationDisabled bool schemaExtensionsInRefProhibited bool + regexCompilerFunc RegexCompilerFunc extraSiblingFieldsAllowed map[string]struct{} } @@ -113,6 +114,14 @@ func ProhibitExtensionsWithRef() ValidationOption { } } +// SetRegexCompiler allows to override the regex implementation used to validate +// field "pattern". +func SetRegexCompiler(c RegexCompilerFunc) ValidationOption { + return func(options *ValidationOptions) { + options.regexCompilerFunc = c + } +} + // WithValidationOptions allows adding validation options to a context object that can be used when validating any OpenAPI type. func WithValidationOptions(ctx context.Context, opts ...ValidationOption) context.Context { if len(opts) == 0 { diff --git a/vendor/github.com/getkin/kin-openapi/openapi3filter/options.go b/vendor/github.com/getkin/kin-openapi/openapi3filter/options.go index 9b915c50b..e7fad8321 100644 --- a/vendor/github.com/getkin/kin-openapi/openapi3filter/options.go +++ b/vendor/github.com/getkin/kin-openapi/openapi3filter/options.go @@ -25,6 +25,9 @@ type Options struct { MultiError bool + // Set RegexCompiler to override the regex implementation + RegexCompiler openapi3.RegexCompilerFunc + // A document with security schemes defined will not pass validation // unless an AuthenticationFunc is defined. // See NoopAuthenticationFunc diff --git a/vendor/github.com/getkin/kin-openapi/openapi3filter/validate_request.go b/vendor/github.com/getkin/kin-openapi/openapi3filter/validate_request.go index 296403c9e..bf4771a98 100644 --- a/vendor/github.com/getkin/kin-openapi/openapi3filter/validate_request.go +++ b/vendor/github.com/getkin/kin-openapi/openapi3filter/validate_request.go @@ -114,11 +114,7 @@ func appendToQueryValues[T any](q url.Values, parameterName string, v []T) { // populateDefaultQueryParameters populates default values inside query parameters, while ensuring types are respected func populateDefaultQueryParameters(q url.Values, parameterName string, value any) { switch t := value.(type) { - case []string: - appendToQueryValues(q, parameterName, t) - case []float64: - appendToQueryValues(q, parameterName, t) - case []int: + case []interface{}: appendToQueryValues(q, parameterName, t) default: q.Add(parameterName, fmt.Sprintf("%v", value)) @@ -320,6 +316,9 @@ func ValidateRequestBody(ctx context.Context, input *RequestValidationInput, req if options.ExcludeReadOnlyValidations { opts = append(opts, openapi3.DisableReadOnlyValidation()) } + if options.RegexCompiler != nil { + opts = append(opts, openapi3.SetSchemaRegexCompiler(options.RegexCompiler)) + } // Validate JSON with the schema if err := contentType.Schema.Value.VisitJSON(value, opts...); err != nil { diff --git a/vendor/modules.txt b/vendor/modules.txt index 28fcb5c17..ca7b57b7d 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -47,7 +47,7 @@ github.com/evanphx/json-patch/v5/internal/json # github.com/fxamacker/cbor/v2 v2.7.0 ## explicit; go 1.17 github.com/fxamacker/cbor/v2 -# github.com/getkin/kin-openapi v0.127.0 +# github.com/getkin/kin-openapi v0.128.0 ## explicit; go 1.20 github.com/getkin/kin-openapi/openapi3 github.com/getkin/kin-openapi/openapi3filter