diff --git a/go.mod b/go.mod index 456aaa2248..2fe4f7d9ab 100644 --- a/go.mod +++ b/go.mod @@ -332,7 +332,7 @@ require ( github.com/prometheus/statsd_exporter v0.22.8 // indirect github.com/rcrowley/go-metrics v0.0.0-20250401214520-65e299d6c5c9 // indirect github.com/rs/xid v1.6.0 // indirect - github.com/russellhaering/goxmldsig v1.5.0 // indirect + github.com/russellhaering/goxmldsig v1.6.0 // indirect github.com/russross/blackfriday/v2 v2.1.0 // indirect github.com/rwcarlsen/goexif v0.0.0-20190401172101-9e8deecbddbd // indirect github.com/sagikazarmark/locafero v0.11.0 // indirect diff --git a/go.sum b/go.sum index d321a6dab8..d4895711d6 100644 --- a/go.sum +++ b/go.sum @@ -1084,8 +1084,8 @@ github.com/rs/xid v1.6.0 h1:fV591PaemRlL6JfRxGDEPl69wICngIQ3shQtzfy2gxU= github.com/rs/xid v1.6.0/go.mod h1:7XoLgs4eV+QndskICGsho+ADou8ySMSjJKDIan90Nz0= github.com/rs/zerolog v1.34.0 h1:k43nTLIwcTVQAncfCw4KZ2VY6ukYoZaBPNOE8txlOeY= github.com/rs/zerolog v1.34.0/go.mod h1:bJsvje4Z08ROH4Nhs5iH600c3IkWhwp44iRc54W6wYQ= -github.com/russellhaering/goxmldsig v1.5.0 h1:AU2UkkYIUOTyZRbe08XMThaOCelArgvNfYapcmSjBNw= -github.com/russellhaering/goxmldsig v1.5.0/go.mod h1:x98CjQNFJcWfMxeOrMnMKg70lvDP6tE0nTaeUnjXDmk= +github.com/russellhaering/goxmldsig v1.6.0 h1:8fdWXEPh2k/NZNQBPFNoVfS3JmzS4ZprY/sAOpKQLks= +github.com/russellhaering/goxmldsig v1.6.0/go.mod h1:TrnaquDcYxWXfJrOjeMBTX4mLBeYAqaHEyUeWPxZlBM= github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= github.com/russross/blackfriday/v2 v2.1.0 h1:JIOH55/0cWyOuilr9/qlrm0BSXldqnqwMsf35Ld67mk= github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM= diff --git a/vendor/github.com/russellhaering/goxmldsig/canonicalize.go b/vendor/github.com/russellhaering/goxmldsig/canonicalize.go index 4d51f4a086..aaeb9bd5a5 100644 --- a/vendor/github.com/russellhaering/goxmldsig/canonicalize.go +++ b/vendor/github.com/russellhaering/goxmldsig/canonicalize.go @@ -1,6 +1,7 @@ package dsig import ( + "maps" "sort" "github.com/beevik/etree" @@ -164,9 +165,7 @@ func canonicalPrep(el *etree.Element, strip bool, comments bool) *etree.Element func canonicalPrepInner(el *etree.Element, seenSoFar map[string]string, strip bool, comments bool) *etree.Element { _seenSoFar := make(map[string]string) - for k, v := range seenSoFar { - _seenSoFar[k] = v - } + maps.Copy(_seenSoFar, seenSoFar) ne := el.Copy() sort.Sort(etreeutils.SortedAttrs(ne.Attr)) diff --git a/vendor/github.com/russellhaering/goxmldsig/etreeutils/namespace.go b/vendor/github.com/russellhaering/goxmldsig/etreeutils/namespace.go index 6a5be03630..a5b3c75c77 100644 --- a/vendor/github.com/russellhaering/goxmldsig/etreeutils/namespace.go +++ b/vendor/github.com/russellhaering/goxmldsig/etreeutils/namespace.go @@ -3,6 +3,7 @@ package etreeutils import ( "errors" "fmt" + "maps" "sort" "github.com/beevik/etree" @@ -63,9 +64,7 @@ func (ctx NSContext) CheckLimit() error { func (ctx NSContext) Copy() NSContext { prefixes := make(map[string]string, len(ctx.prefixes)+4) - for k, v := range ctx.prefixes { - prefixes[k] = v - } + maps.Copy(prefixes, ctx.prefixes) return NSContext{prefixes: prefixes, limit: ctx.limit} } @@ -127,9 +126,7 @@ func (ctx NSContext) SubContext(el *etree.Element) (NSContext, error) { // Prefixes returns a copy of this context's prefix map. func (ctx NSContext) Prefixes() map[string]string { prefixes := make(map[string]string, len(ctx.prefixes)) - for k, v := range ctx.prefixes { - prefixes[k] = v - } + maps.Copy(prefixes, ctx.prefixes) return prefixes } diff --git a/vendor/github.com/russellhaering/goxmldsig/etreeutils/unmarshal.go b/vendor/github.com/russellhaering/goxmldsig/etreeutils/unmarshal.go index b1fecf85a4..0bac318741 100644 --- a/vendor/github.com/russellhaering/goxmldsig/etreeutils/unmarshal.go +++ b/vendor/github.com/russellhaering/goxmldsig/etreeutils/unmarshal.go @@ -9,7 +9,7 @@ import ( // NSUnmarshalElement unmarshals the passed etree Element into the value pointed to by // v using encoding/xml in the context of the passed NSContext. If v implements // ElementKeeper, SetUnderlyingElement will be called on v with a reference to el. -func NSUnmarshalElement(ctx NSContext, el *etree.Element, v interface{}) error { +func NSUnmarshalElement(ctx NSContext, el *etree.Element, v any) error { detatched, err := NSDetatch(ctx, el) if err != nil { return err diff --git a/vendor/github.com/russellhaering/goxmldsig/validate.go b/vendor/github.com/russellhaering/goxmldsig/validate.go index e64891ccc3..5056bb9ad7 100644 --- a/vendor/github.com/russellhaering/goxmldsig/validate.go +++ b/vendor/github.com/russellhaering/goxmldsig/validate.go @@ -306,9 +306,10 @@ func (ctx *ValidationContext) validateSignature(el *etree.Element, sig *types.Si var ref *types.Reference // Find the first reference which references the top-level element - for _, _ref := range signedInfo.References { - if _ref.URI == "" || _ref.URI[1:] == idAttr { - ref = &_ref + for i := range signedInfo.References { + if signedInfo.References[i].URI == "" || signedInfo.References[i].URI[1:] == idAttr { + ref = &signedInfo.References[i] + break } } diff --git a/vendor/modules.txt b/vendor/modules.txt index 6008877a14..d05c8865e4 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -1883,8 +1883,8 @@ github.com/rs/zerolog/internal/cbor github.com/rs/zerolog/internal/json github.com/rs/zerolog/log github.com/rs/zerolog/pkgerrors -# github.com/russellhaering/goxmldsig v1.5.0 -## explicit; go 1.21.0 +# github.com/russellhaering/goxmldsig v1.6.0 +## explicit; go 1.23.0 github.com/russellhaering/goxmldsig github.com/russellhaering/goxmldsig/etreeutils github.com/russellhaering/goxmldsig/types