From a55a9f1d63648808bdda303d6bee24156d5bb308 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 21 Aug 2023 09:30:13 +0000
Subject: [PATCH] Bump github.com/go-chi/chi/v5 from 5.0.8 to 5.0.10

Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.0.8 to 5.0.10.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.0.8...v5.0.10)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 go.mod                                        |  2 +-
 go.sum                                        |  3 ++-
 vendor/github.com/go-chi/chi/v5/CHANGELOG.md  | 17 +++++++++---
 vendor/github.com/go-chi/chi/v5/README.md     |  2 +-
 vendor/github.com/go-chi/chi/v5/context.go    |  1 +
 .../go-chi/chi/v5/middleware/compress.go      | 10 ++++---
 .../go-chi/chi/v5/middleware/nocache.go       |  2 +-
 .../go-chi/chi/v5/middleware/recoverer.go     |  4 ++-
 .../go-chi/chi/v5/middleware/request_size.go  | 18 +++++++++++++
 .../go-chi/chi/v5/middleware/throttle.go      |  2 +-
 vendor/github.com/go-chi/chi/v5/mux.go        | 22 ++++++++++------
 vendor/github.com/go-chi/chi/v5/tree.go       | 26 +++++++++++++++++++
 vendor/modules.txt                            |  2 +-
 13 files changed, 90 insertions(+), 21 deletions(-)
 create mode 100644 vendor/github.com/go-chi/chi/v5/middleware/request_size.go

diff --git a/go.mod b/go.mod
index 8338d3e8ed..e8ce48d18b 100644
--- a/go.mod
+++ b/go.mod
@@ -19,7 +19,7 @@ require (
 	github.com/egirna/icap-client v0.1.1
 	github.com/gabriel-vasile/mimetype v1.4.2
 	github.com/ggwhite/go-masker v1.0.9
-	github.com/go-chi/chi/v5 v5.0.8
+	github.com/go-chi/chi/v5 v5.0.10
 	github.com/go-chi/cors v1.2.1
 	github.com/go-chi/render v1.0.2
 	github.com/go-ldap/ldap/v3 v3.4.5
diff --git a/go.sum b/go.sum
index 47cffda6f8..dc39911ceb 100644
--- a/go.sum
+++ b/go.sum
@@ -975,8 +975,9 @@ github.com/go-asn1-ber/asn1-ber v1.4.1/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkPro
 github.com/go-asn1-ber/asn1-ber v1.5.4 h1:vXT6d/FNDiELJnLb6hGNa309LMsrCoYFvpwHDF0+Y1A=
 github.com/go-asn1-ber/asn1-ber v1.5.4/go.mod h1:hEBeB/ic+5LoWskz+yKT7vGhhPYkProFKoKdwZRWMe0=
 github.com/go-chi/chi v4.0.2+incompatible/go.mod h1:eB3wogJHnLi3x/kFX2A+IbTBlXxmMeXJVKy9tTv1XzQ=
-github.com/go-chi/chi/v5 v5.0.8 h1:lD+NLqFcAi1ovnVZpsnObHGW4xb4J8lNmoYVfECH1Y0=
 github.com/go-chi/chi/v5 v5.0.8/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
+github.com/go-chi/chi/v5 v5.0.10 h1:rLz5avzKpjqxrYwXNfmjkrYYXOyLJd37pz53UFHC6vk=
+github.com/go-chi/chi/v5 v5.0.10/go.mod h1:DslCQbL2OYiznFReuXYUmQ2hGd1aDpCnlMNITLSKoi8=
 github.com/go-chi/cors v1.2.1 h1:xEC8UT3Rlp2QuWNEr4Fs/c2EAGVKBwy/1vHx3bppil4=
 github.com/go-chi/cors v1.2.1/go.mod h1:sSbTewc+6wYHBBCW7ytsFSn836hqM7JxpglAy2Vzc58=
 github.com/go-chi/render v1.0.2 h1:4ER/udB0+fMWB2Jlf15RV3F4A2FDuYi/9f+lFttR/Lg=
diff --git a/vendor/github.com/go-chi/chi/v5/CHANGELOG.md b/vendor/github.com/go-chi/chi/v5/CHANGELOG.md
index a1feeec055..f6eb7e6e40 100644
--- a/vendor/github.com/go-chi/chi/v5/CHANGELOG.md
+++ b/vendor/github.com/go-chi/chi/v5/CHANGELOG.md
@@ -1,5 +1,16 @@
 # Changelog
 
+## v5.0.10 (2023-07-13)
+
+- Fixed small edge case in tests of v5.0.9 for older Go versions
+- History of changes: see https://github.com/go-chi/chi/compare/v5.0.8...v5.0.10
+
+
+## v5.0.9 (2023-07-13)
+
+- History of changes: see https://github.com/go-chi/chi/compare/v5.0.8...v5.0.9
+
+
 ## v5.0.8 (2022-12-07)
 
 - History of changes: see https://github.com/go-chi/chi/compare/v5.0.7...v5.0.8
@@ -90,14 +101,14 @@ incremental, with the architecture and api being the same today as it was origin
 makes chi a pretty easy project to maintain, as well thanks to the many amazing community contributions over the years
 to who all help make chi better (total of 86 contributors to date -- thanks all!).
 
-Chi has been an labour of love, art and engineering, with the goals to offer beautiful ergonomics, flexibility, performance
+Chi has been a labour of love, art and engineering, with the goals to offer beautiful ergonomics, flexibility, performance
 and simplicity when building HTTP services with Go. I've strived to keep the router very minimal in surface area / code size,
 and always improving the code wherever possible -- and as of today the `chi` package is just 1082 lines of code (not counting
 middlewares, which are all optional). As well, I don't have the exact metrics, but from my analysis and email exchanges from
 companies and developers, chi is used by thousands of projects around the world -- thank you all as there is no better form of
 joy for me than to have art I had started be helpful and enjoyed by others. And of course I use chi in all of my own projects too :)
 
-For me, the asthetics of chi's code and usage are very important. With the introduction of Go's module support 
+For me, the aesthetics of chi's code and usage are very important. With the introduction of Go's module support
 (which I'm a big fan of), chi's past versioning scheme choice to v2, v3 and v4 would mean I'd require the import path
 of "github.com/go-chi/chi/v4", leading to the lengthy discussion at https://github.com/go-chi/chi/issues/462.
 Haha, to some, you may be scratching your head why I've spent > 1 year stalling to adopt "/vXX" convention in the import
@@ -289,7 +300,7 @@ Cheers all, happy coding!
 
 ## v2.0.0-rc1 (2016-07-26)
 
-- Huge update! chi v2 is a large refactor targetting Go 1.7+. As of Go 1.7, the popular
+- Huge update! chi v2 is a large refactor targeting Go 1.7+. As of Go 1.7, the popular
   community `"net/context"` package has been included in the standard library as `"context"` and
   utilized by `"net/http"` and `http.Request` to managing deadlines, cancelation signals and other
   request-scoped values. We're very excited about the new context addition and are proud to
diff --git a/vendor/github.com/go-chi/chi/v5/README.md b/vendor/github.com/go-chi/chi/v5/README.md
index 3e4cc4a2e1..718e373fa0 100644
--- a/vendor/github.com/go-chi/chi/v5/README.md
+++ b/vendor/github.com/go-chi/chi/v5/README.md
@@ -1,7 +1,7 @@
 # <img alt="chi" src="https://cdn.rawgit.com/go-chi/chi/master/_examples/chi.svg" width="220" />
 
 
-[![GoDoc Widget]][GoDoc] [![Travis Widget]][Travis]
+[![GoDoc Widget]][GoDoc]
 
 `chi` is a lightweight, idiomatic and composable router for building Go HTTP services. It's
 especially good at helping you write large REST API services that are kept maintainable as your
diff --git a/vendor/github.com/go-chi/chi/v5/context.go b/vendor/github.com/go-chi/chi/v5/context.go
index e78a2385d8..88f8e221a1 100644
--- a/vendor/github.com/go-chi/chi/v5/context.go
+++ b/vendor/github.com/go-chi/chi/v5/context.go
@@ -76,6 +76,7 @@ type Context struct {
 
 	// methodNotAllowed hint
 	methodNotAllowed bool
+	methodsAllowed   []methodTyp // allowed methods in case of a 405
 }
 
 // Reset a routing context to its initial state.
diff --git a/vendor/github.com/go-chi/chi/v5/middleware/compress.go b/vendor/github.com/go-chi/chi/v5/middleware/compress.go
index 52f4e0b539..773d47a161 100644
--- a/vendor/github.com/go-chi/chi/v5/middleware/compress.go
+++ b/vendor/github.com/go-chi/chi/v5/middleware/compress.go
@@ -135,12 +135,12 @@ func NewCompressor(level int, types ...string) *Compressor {
 // The encoding should be a standardised identifier. See:
 // https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Accept-Encoding
 //
-// For example, add the Brotli algortithm:
+// For example, add the Brotli algorithm:
 //
 //  import brotli_enc "gopkg.in/kothar/brotli-go.v0/enc"
 //
 //  compressor := middleware.NewCompressor(5, "text/html")
-//  compressor.SetEncoder("br", func(w http.ResponseWriter, level int) io.Writer {
+//  compressor.SetEncoder("br", func(w io.Writer, level int) io.Writer {
 //    params := brotli_enc.NewBrotliParams()
 //    params.SetQuality(level)
 //    return brotli_enc.NewBrotliWriter(params, w)
@@ -285,7 +285,7 @@ func (cw *compressResponseWriter) isCompressable() bool {
 		contentType = contentType[0:idx]
 	}
 
-	// Is the content type compressable?
+	// Is the content type compressible?
 	if _, ok := cw.contentTypes[contentType]; ok {
 		return true
 	}
@@ -382,6 +382,10 @@ func (cw *compressResponseWriter) Close() error {
 	return errors.New("chi/middleware: io.WriteCloser is unavailable on the writer")
 }
 
+func (cw *compressResponseWriter) Unwrap() http.ResponseWriter {
+	return cw.ResponseWriter
+}
+
 func encoderGzip(w io.Writer, level int) io.Writer {
 	gw, err := gzip.NewWriterLevel(w, level)
 	if err != nil {
diff --git a/vendor/github.com/go-chi/chi/v5/middleware/nocache.go b/vendor/github.com/go-chi/chi/v5/middleware/nocache.go
index 2412829e1b..7353448d69 100644
--- a/vendor/github.com/go-chi/chi/v5/middleware/nocache.go
+++ b/vendor/github.com/go-chi/chi/v5/middleware/nocache.go
@@ -9,7 +9,7 @@ import (
 )
 
 // Unix epoch time
-var epoch = time.Unix(0, 0).Format(time.RFC1123)
+var epoch = time.Unix(0, 0).UTC().Format(http.TimeFormat)
 
 // Taken from https://github.com/mytrile/nocache
 var noCacheHeaders = map[string]string{
diff --git a/vendor/github.com/go-chi/chi/v5/middleware/recoverer.go b/vendor/github.com/go-chi/chi/v5/middleware/recoverer.go
index 8fa69baddb..612e155a78 100644
--- a/vendor/github.com/go-chi/chi/v5/middleware/recoverer.go
+++ b/vendor/github.com/go-chi/chi/v5/middleware/recoverer.go
@@ -36,7 +36,9 @@ func Recoverer(next http.Handler) http.Handler {
 					PrintPrettyStack(rvr)
 				}
 
-				w.WriteHeader(http.StatusInternalServerError)
+				if r.Header.Get("Connection") != "Upgrade" {
+					w.WriteHeader(http.StatusInternalServerError)
+				}
 			}
 		}()
 
diff --git a/vendor/github.com/go-chi/chi/v5/middleware/request_size.go b/vendor/github.com/go-chi/chi/v5/middleware/request_size.go
new file mode 100644
index 0000000000..678248c461
--- /dev/null
+++ b/vendor/github.com/go-chi/chi/v5/middleware/request_size.go
@@ -0,0 +1,18 @@
+package middleware
+
+import (
+	"net/http"
+)
+
+// RequestSize is a middleware that will limit request sizes to a specified
+// number of bytes. It uses MaxBytesReader to do so.
+func RequestSize(bytes int64) func(http.Handler) http.Handler {
+	f := func(h http.Handler) http.Handler {
+		fn := func(w http.ResponseWriter, r *http.Request) {
+			r.Body = http.MaxBytesReader(w, r.Body, bytes)
+			h.ServeHTTP(w, r)
+		}
+		return http.HandlerFunc(fn)
+	}
+	return f
+}
diff --git a/vendor/github.com/go-chi/chi/v5/middleware/throttle.go b/vendor/github.com/go-chi/chi/v5/middleware/throttle.go
index 8dcb9440bc..bdf4f9f187 100644
--- a/vendor/github.com/go-chi/chi/v5/middleware/throttle.go
+++ b/vendor/github.com/go-chi/chi/v5/middleware/throttle.go
@@ -26,7 +26,7 @@ type ThrottleOpts struct {
 
 // Throttle is a middleware that limits number of currently processed requests
 // at a time across all users. Note: Throttle is not a rate-limiter per user,
-// instead it just puts a ceiling on the number of currentl in-flight requests
+// instead it just puts a ceiling on the number of currently in-flight requests
 // being processed from the point from where the Throttle middleware is mounted.
 func Throttle(limit int) func(http.Handler) http.Handler {
 	return ThrottleWithOpts(ThrottleOpts{Limit: limit, BacklogTimeout: defaultBacklogTimeout})
diff --git a/vendor/github.com/go-chi/chi/v5/mux.go b/vendor/github.com/go-chi/chi/v5/mux.go
index 47e64cf296..977aa52dd1 100644
--- a/vendor/github.com/go-chi/chi/v5/mux.go
+++ b/vendor/github.com/go-chi/chi/v5/mux.go
@@ -156,7 +156,7 @@ func (mx *Mux) Head(pattern string, handlerFn http.HandlerFunc) {
 	mx.handle(mHEAD, pattern, handlerFn)
 }
 
-// Options adds the route `pattern` that matches a OPTIONS http method to
+// Options adds the route `pattern` that matches an OPTIONS http method to
 // execute the `handlerFn` http.HandlerFunc.
 func (mx *Mux) Options(pattern string, handlerFn http.HandlerFunc) {
 	mx.handle(mOPTIONS, pattern, handlerFn)
@@ -378,11 +378,11 @@ func (mx *Mux) NotFoundHandler() http.HandlerFunc {
 
 // MethodNotAllowedHandler returns the default Mux 405 responder whenever
 // a method cannot be resolved for a route.
-func (mx *Mux) MethodNotAllowedHandler() http.HandlerFunc {
+func (mx *Mux) MethodNotAllowedHandler(methodsAllowed ...methodTyp) http.HandlerFunc {
 	if mx.methodNotAllowedHandler != nil {
 		return mx.methodNotAllowedHandler
 	}
-	return methodNotAllowedHandler
+	return methodNotAllowedHandler(methodsAllowed...)
 }
 
 // handle registers a http.Handler in the routing tree for a particular http method
@@ -445,7 +445,7 @@ func (mx *Mux) routeHTTP(w http.ResponseWriter, r *http.Request) {
 		return
 	}
 	if rctx.methodNotAllowed {
-		mx.MethodNotAllowedHandler().ServeHTTP(w, r)
+		mx.MethodNotAllowedHandler(rctx.methodsAllowed...).ServeHTTP(w, r)
 	} else {
 		mx.NotFoundHandler().ServeHTTP(w, r)
 	}
@@ -480,8 +480,14 @@ func (mx *Mux) updateRouteHandler() {
 }
 
 // methodNotAllowedHandler is a helper function to respond with a 405,
-// method not allowed.
-func methodNotAllowedHandler(w http.ResponseWriter, r *http.Request) {
-	w.WriteHeader(405)
-	w.Write(nil)
+// method not allowed. It sets the Allow header with the list of allowed
+// methods for the route.
+func methodNotAllowedHandler(methodsAllowed ...methodTyp) func(w http.ResponseWriter, r *http.Request) {
+	return func(w http.ResponseWriter, r *http.Request) {
+		for _, m := range methodsAllowed {
+			w.Header().Add("Allow", reverseMethodMap[m])
+		}
+		w.WriteHeader(405)
+		w.Write(nil)
+	}
 }
diff --git a/vendor/github.com/go-chi/chi/v5/tree.go b/vendor/github.com/go-chi/chi/v5/tree.go
index 4189b5228b..c7d3bc5704 100644
--- a/vendor/github.com/go-chi/chi/v5/tree.go
+++ b/vendor/github.com/go-chi/chi/v5/tree.go
@@ -43,6 +43,18 @@ var methodMap = map[string]methodTyp{
 	http.MethodTrace:   mTRACE,
 }
 
+var reverseMethodMap = map[methodTyp]string{
+	mCONNECT: http.MethodConnect,
+	mDELETE:  http.MethodDelete,
+	mGET:     http.MethodGet,
+	mHEAD:    http.MethodHead,
+	mOPTIONS: http.MethodOptions,
+	mPATCH:   http.MethodPatch,
+	mPOST:    http.MethodPost,
+	mPUT:     http.MethodPut,
+	mTRACE:   http.MethodTrace,
+}
+
 // RegisterMethod adds support for custom HTTP method handlers, available
 // via Router#Method and Router#MethodFunc
 func RegisterMethod(method string) {
@@ -454,6 +466,13 @@ func (n *node) findRoute(rctx *Context, method methodTyp, path string) *node {
 							return xn
 						}
 
+						for endpoints := range xn.endpoints {
+							if endpoints == mALL || endpoints == mSTUB {
+								continue
+							}
+							rctx.methodsAllowed = append(rctx.methodsAllowed, endpoints)
+						}
+
 						// flag that the routing context found a route, but not a corresponding
 						// supported method
 						rctx.methodNotAllowed = true
@@ -493,6 +512,13 @@ func (n *node) findRoute(rctx *Context, method methodTyp, path string) *node {
 					return xn
 				}
 
+				for endpoints := range xn.endpoints {
+					if endpoints == mALL || endpoints == mSTUB {
+						continue
+					}
+					rctx.methodsAllowed = append(rctx.methodsAllowed, endpoints)
+				}
+
 				// flag that the routing context found a route, but not a corresponding
 				// supported method
 				rctx.methodNotAllowed = true
diff --git a/vendor/modules.txt b/vendor/modules.txt
index 39cc0d9374..3bfa9b1800 100644
--- a/vendor/modules.txt
+++ b/vendor/modules.txt
@@ -786,7 +786,7 @@ github.com/go-acme/lego/v4/challenge
 # github.com/go-asn1-ber/asn1-ber v1.5.4
 ## explicit; go 1.13
 github.com/go-asn1-ber/asn1-ber
-# github.com/go-chi/chi/v5 v5.0.8
+# github.com/go-chi/chi/v5 v5.0.10
 ## explicit; go 1.14
 github.com/go-chi/chi/v5
 github.com/go-chi/chi/v5/middleware