Update dependencies and some small improvements

2023-02-13 22:39:35 +01:00 · 2023-02-13 22:39:35 +01:00 · 2f18e1d214
parent e9e03c2fc7
commit 2f18e1d214
14 changed files with 63 additions and 40 deletions
--- a/app.go
+++ b/app.go
@ -11,7 +11,7 @@ import (
 	ct "github.com/elnormous/contenttype"
 	apc "github.com/go-ap/client"
 	"github.com/go-fed/httpsig"
-	"github.com/hacdias/indieauth/v2"
+	"github.com/hacdias/indieauth/v3"
 	rotatelogs "github.com/lestrrat-go/file-rotatelogs"
 	"github.com/yuin/goldmark"
 	"go.goblog.app/app/pkgs/minify"
--- a/commentsAdmin.go
+++ b/commentsAdmin.go
@ -8,7 +8,7 @@ import (
 	"sync"

 	"github.com/go-chi/chi/v5"
-	"github.com/vcraescu/go-paginator"
+	"github.com/vcraescu/go-paginator/v2"
 )

 type commentsPaginationAdapter struct {
--- a/go.mod
+++ b/go.mod
@ -30,7 +30,7 @@ require (
 	github.com/gorilla/handlers v1.5.1
 	github.com/gorilla/sessions v1.2.1
 	github.com/gorilla/websocket v1.5.0
-	github.com/hacdias/indieauth/v2 v2.1.0
+	github.com/hacdias/indieauth/v3 v3.0.1
 	github.com/jlaffaye/ftp v0.1.0
 	// master
 	github.com/jlelse/feeds v1.2.1-0.20210704161900-189f94254ad4
@ -58,7 +58,7 @@ require (
 	github.com/tkrajina/gpxgo v1.2.2-0.20220217201249-321f19554eec
 	github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80
 	github.com/traefik/yaegi v0.15.0
-	github.com/vcraescu/go-paginator v1.0.1-0.20201114172518-2cfc59fe05c2
+	github.com/vcraescu/go-paginator/v2 v2.0.0
 	github.com/xhit/go-simple-mail/v2 v2.13.0
 	github.com/yuin/goldmark v1.5.4
 	// master
@ -133,7 +133,7 @@ require (
 	github.com/valyala/fastjson v1.6.3 // indirect
 	golang.org/x/exp v0.0.0-20220303212507-bbda1eaf7a17 // indirect
 	golang.org/x/image v0.0.0-20191009234506-e7c1f5e7dbb8 // indirect
-	golang.org/x/oauth2 v0.1.0 // indirect
+	golang.org/x/oauth2 v0.4.0 // indirect
 	golang.org/x/sys v0.5.0 // indirect
 	google.golang.org/appengine v1.6.7 // indirect
 	google.golang.org/protobuf v1.28.1 // indirect
--- a/go.sum
+++ b/go.sum
@ -293,8 +293,8 @@ github.com/gorilla/websocket v1.4.0/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoA
 github.com/gorilla/websocket v1.4.1/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
 github.com/gorilla/websocket v1.5.0 h1:PPwGk2jz7EePpoHN/+ClbZu8SPxiqlu12wZP/3sWmnc=
 github.com/gorilla/websocket v1.5.0/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
-github.com/hacdias/indieauth/v2 v2.1.0 h1:LTR9raUs4SYZbgak0E8EOGHwz4ctvyW9VkOd5/hDRPM=
-github.com/hacdias/indieauth/v2 v2.1.0/go.mod h1:OHEsGRgWcZgbzzT84yxX0V0qYAWOuNZ9Iy+rIDvHC1s=
+github.com/hacdias/indieauth/v3 v3.0.1 h1:b/C2VlqOzijvVJuezFcGhEmMZyCvZgdHgLZIb9BOlxk=
+github.com/hacdias/indieauth/v3 v3.0.1/go.mod h1:mVMKFOoVMYgGb06HgXiSevyIJu3/GoRo/EujEXSpAKs=
 github.com/hashicorp/errwrap v1.0.0 h1:hLrqtEDnRye3+sgx6z4qVLNuviH3MR5aQ0ykNJa/UYA=
 github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
 github.com/hashicorp/go-multierror v1.1.1 h1:H5DkEtf6CXdFp0N0Em5UCwQpXMWke8IA0+lD48awMYo=
@ -570,8 +570,8 @@ github.com/valyala/fastjson v1.6.3/go.mod h1:CLCAqky6SMuOcxStkYQvblddUtoRxhYMGLr
 github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
 github.com/valyala/fasttemplate v1.2.1/go.mod h1:KHLXt3tVN2HBp8eijSv/kGJopbvo7S+qRAEEKiv+SiQ=
 github.com/valyala/tcplisten v0.0.0-20161114210144-ceec8f93295a/go.mod h1:v3UYOV9WzVtRmSR+PDvWpU/qWl4Wa5LApYYX4ZtKbio=
-github.com/vcraescu/go-paginator v1.0.1-0.20201114172518-2cfc59fe05c2 h1:l5j4nE6rosbObXB/uPmzxOQ2z5uXlFOgttlHJ2YL/0w=
-github.com/vcraescu/go-paginator v1.0.1-0.20201114172518-2cfc59fe05c2/go.mod h1:NEDNuq1asYbAeX+uy6w56MDQSFmBQz9k+N9Hy6m4r2U=
+github.com/vcraescu/go-paginator/v2 v2.0.0 h1:m9If0wF7pSjYfocrJZcyWNiWn7OfIeLFVQLbiDvHf3k=
+github.com/vcraescu/go-paginator/v2 v2.0.0/go.mod h1:qsrC8+/YgRL0LfurxeY3gCAtsN7oOthkIbmBdqpMX9U=
 github.com/wsxiaoys/terminal v0.0.0-20160513160801-0940f3fc43a0/go.mod h1:IXCdmsXIht47RaVFLEdVnh1t+pgYtTAhQGj73kz+2DM=
 github.com/xeipuuv/gojsonpointer v0.0.0-20180127040702-4e3ac2762d5f/go.mod h1:N2zxlSyiKSe5eX1tZViRH5QA0qijqEDrYZiPEAiq3wU=
 github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415/go.mod h1:GwrjFmJcFw6At/Gs6z4yjiIwzuJ1/+UwLxMQDVQXShQ=
@ -707,8 +707,8 @@ golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43/go.mod h1:KelEdhl1UZF7XfJ
 golang.org/x/oauth2 v0.0.0-20201109201403-9fd604954f58/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20201208152858-08078c50e5b5/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
 golang.org/x/oauth2 v0.0.0-20210218202405-ba52d332ba99/go.mod h1:KelEdhl1UZF7XfJ4dDtk6s++YSgaE7mD/BuKKDLBl4A=
-golang.org/x/oauth2 v0.1.0 h1:isLCZuhj4v+tYv7eskaN4v/TM+A1begWWgyVJDdl1+Y=
-golang.org/x/oauth2 v0.1.0/go.mod h1:G9FE4dLTsbXUu90h/Pf85g4w1D+SSAgR+q46nJZ8M4A=
+golang.org/x/oauth2 v0.4.0 h1:NF0gk8LVPg1Ml7SSbGyySuoxdsXitj7TvgvuRxIMc/M=
+golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@ -978,7 +978,7 @@ gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
 gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gorm.io/driver/sqlite v1.1.3/go.mod h1:AKDgRWk8lcSQSw+9kxCJnX/yySj8G3rdwYlU57cB45c=
 gorm.io/gorm v1.20.1/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw=
-gorm.io/gorm v1.20.2/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw=
+gorm.io/gorm v1.20.6/go.mod h1:0HFTzE/SqkGTzK6TlDPPQbAYCluiVvhzoA1+aVyzenw=
 honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190106161140-3f1c8253044a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
 honnef.co/go/tools v0.0.0-20190418001031-e561f6794a2a/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
--- a/indexnow.go
+++ b/indexnow.go
@ -76,7 +76,7 @@ func (a *goBlog) indexNowKey() []byte {
 		}
 		if keyBytes == nil {
 			// Generate 128 character key with hexadecimal characters
-			keyBytes = []byte(randomString(128, []rune("0123456789abcdef")))
+			keyBytes = []byte(randomString(128, []rune("0123456789abcdef")...))
 			// Store key in database
 			err = a.db.cachePersistently("indexnowkey", keyBytes)
 			if err != nil {
--- a/indieAuth.go
+++ b/indieAuth.go
@ -5,7 +5,7 @@ import (
 	"net/http"
 	"strings"

-	"github.com/hacdias/indieauth/v2"
+	"github.com/hacdias/indieauth/v3"
 )

 const indieAuthScope contextKey = "scope"
--- a/indieAuthServer.go
+++ b/indieAuthServer.go
@ -11,7 +11,7 @@ import (
 	"time"

 	"github.com/google/uuid"
-	"github.com/hacdias/indieauth/v2"
+	"github.com/hacdias/indieauth/v3"
 	"go.goblog.app/app/pkgs/contenttype"
 )

--- a/indieAuthServer_test.go
+++ b/indieAuthServer_test.go
@ -9,7 +9,7 @@ import (
 	"testing"

 	"github.com/PuerkitoBio/goquery"
-	"github.com/hacdias/indieauth/v2"
+	"github.com/hacdias/indieauth/v3"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 )
--- a/indieAuth_test.go
+++ b/indieAuth_test.go
@ -6,7 +6,7 @@ import (
 	"strings"
 	"testing"

-	"github.com/hacdias/indieauth/v2"
+	"github.com/hacdias/indieauth/v3"
 	"github.com/stretchr/testify/assert"
 )

--- a/notifications.go
+++ b/notifications.go
@ -10,7 +10,7 @@ import (
 	"time"

 	"github.com/go-chi/chi/v5"
-	"github.com/vcraescu/go-paginator"
+	"github.com/vcraescu/go-paginator/v2"
 	"go.goblog.app/app/pkgs/bufferpool"
 )

--- a/posts.go
+++ b/posts.go
@ -11,7 +11,7 @@ import (

 	"github.com/go-chi/chi/v5"
 	"github.com/samber/lo"
-	"github.com/vcraescu/go-paginator"
+	"github.com/vcraescu/go-paginator/v2"
 	"go.goblog.app/app/pkgs/bufferpool"
 )

--- a/ui.go
+++ b/ui.go
@ -4,7 +4,7 @@ import (
 	"fmt"
 	"time"

-	"github.com/hacdias/indieauth/v2"
+	"github.com/hacdias/indieauth/v3"
 	"github.com/kaorimatz/go-opml"
 	"github.com/mergestat/timediff"
 	"github.com/samber/lo"
--- a/utils.go
+++ b/utils.go
@ -5,7 +5,6 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"math/rand"
 	"net/http"
 	"net/http/httptest"
 	"net/url"
@ -25,7 +24,8 @@ import (
 	tdl "github.com/mergestat/timediff/locale"
 	"github.com/microcosm-cc/bluemonday"
 	"github.com/samber/lo"
-	"go.goblog.app/app/pkgs/bufferpool"
+	"go.goblog.app/app/pkgs/builderpool"
+	"golang.org/x/net/html"
 	"golang.org/x/text/language"
 )

@ -58,13 +58,11 @@ func sortedStrings(s []string) []string {

 var defaultLetters = []rune("abcdefghijklmnopqrstuvwxyz")

-func randomString(n int, allowedChars ...[]rune) string {
-	letters := append(allowedChars, defaultLetters)[0]
-	b := make([]rune, n)
-	for i := range b {
-		b[i] = letters[rand.Intn(len(letters))]
+func randomString(n int, allowedChars ...rune) string {
+	if len(allowedChars) == 0 {
+		allowedChars = append(allowedChars, defaultLetters...)
 	}
-	return string(b)
+	return lo.RandomString(n, allowedChars)
 }

 func isAbsoluteURL(s string) bool {
@ -242,20 +240,28 @@ func htmlText(s string) string {
 	return text
 }

+// Build policy to only allow a subset of HTML tags
+var textPolicy = bluemonday.StrictPolicy().
+	AllowElements("h1", "h2", "h3", "h4", "h5", "h6"). // Headers
+	AllowElements("p").                                // Paragraphs
+	AllowElements("ol", "ul", "li").                   // Lists
+	AllowElements("blockquote")                        // Blockquotes
+
 func htmlTextFromReader(r io.Reader) (string, error) {
-	// Build policy to only allow a subset of HTML tags
-	textPolicy := bluemonday.StrictPolicy()
-	textPolicy.AllowElements("h1", "h2", "h3", "h4", "h5", "h6") // Headers
-	textPolicy.AllowElements("p")                                // Paragraphs
-	textPolicy.AllowElements("ol", "ul", "li")                   // Lists
-	textPolicy.AllowElements("blockquote")                       // Blockquotes
-	// Read filtered HTML into document
-	doc, err := goquery.NewDocumentFromReader(textPolicy.SanitizeReader(r))
+	// Filter HTML
+	pr, pw := io.Pipe()
+	go func() {
+		_ = pw.CloseWithError(textPolicy.SanitizeReaderToWriter(r, pw))
+	}()
+	// Read into document
+	doc, err := goquery.NewDocumentFromReader(pr)
+	_ = pr.CloseWithError(err)
 	if err != nil {
 		return "", err
 	}
-	text := bufferpool.Get()
-	defer bufferpool.Put(text)
+	// Parse text
+	text := builderpool.Get()
+	defer builderpool.Put(text)
 	if bodyChild := doc.Find("body").Children(); bodyChild.Length() > 0 {
 		// Input was real HTML, so build the text from the body
 		// Declare recursive function to print childs
@ -272,7 +278,7 @@ func htmlTextFromReader(r io.Reader) (string, error) {
 				if sel.Children().Length() > 0 { // Has children
 					printChilds(sel.Children()) // Recursive call to print childs
 				} else {
-					_, _ = text.WriteString(sel.Text()) // Print text
+					gqSelectionTextToStringWriter(sel, text) // Print text
 				}
 			})
 		}
@ -285,6 +291,23 @@ func htmlTextFromReader(r io.Reader) (string, error) {
 	return strings.TrimSpace(text.String()), nil
 }

+func gqSelectionTextToStringWriter(sel *goquery.Selection, text io.StringWriter) {
+	var f func(*html.Node)
+	f = func(n *html.Node) {
+		if n.Type == html.TextNode {
+			_, _ = text.WriteString(n.Data)
+		}
+		if n.FirstChild != nil {
+			for c := n.FirstChild; c != nil; c = c.NextSibling {
+				f(c)
+			}
+		}
+	}
+	for _, n := range sel.Nodes {
+		f(n)
+	}
+}
+
 func cleanHTMLText(s string) string {
 	// Clean HTML with UGC policy and return text
 	pr, pw := io.Pipe()
--- a/webmentionAdmin.go
+++ b/webmentionAdmin.go
@ -9,7 +9,7 @@ import (
 	"sync"

 	"github.com/go-chi/chi/v5"
-	"github.com/vcraescu/go-paginator"
+	"github.com/vcraescu/go-paginator/v2"
 )

 type webmentionPaginationAdapter struct {