From f387547749c72a712c99b61236735e00ee93e723 Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Thu, 14 Mar 2024 22:14:48 +0100 Subject: [PATCH 1/5] Add sanity check for split strings in password handling In order to avoid potential indexing issues in password handling, a conditional statement has been added. This ensures that there are two resultant parts after the string splitting operation; if the condition isn't met, the operation simply continues without processing further. This enhances code robustness and reliability. --- password.go | 3 +++ 1 file changed, 3 insertions(+) diff --git a/password.go b/password.go index 319a143..36ab11f 100644 --- a/password.go +++ b/password.go @@ -205,6 +205,9 @@ func (p *PwnedPassAPI) ListHashesPrefix(pf string) ([]Match, *http.Response, err so := bufio.NewScanner(hr.Body) for so.Scan() { hp := strings.SplitN(so.Text(), ":", 2) + if len(hp) != 2 { + continue + } fh := fmt.Sprintf("%s%s", strings.ToLower(pf), strings.ToLower(hp[0])) hc, err := strconv.ParseInt(hp[1], 10, 64) if err != nil { From e616a81c38975596e2f85d3febc19aaa9bb4f0c2 Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Thu, 14 Mar 2024 22:15:00 +0100 Subject: [PATCH 2/5] Add .idea to .gitignore file The .idea directory, created by JetBrains IDEs, has been added to the .gitignore file. This prevents any local IDE settings from being added to the git repository, which is crucial for working with other developers and keeping the repository clean. --- .gitignore | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.gitignore b/.gitignore index bcf94ba..cacb374 100644 --- a/.gitignore +++ b/.gitignore @@ -14,4 +14,5 @@ # Dependency directories (remove the comment below to include it) # vendor/ -examples/ \ No newline at end of file +examples/ +.idea/ \ No newline at end of file From 5a7b9012e661d332924337b228c0231be3411938 Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Thu, 14 Mar 2024 22:15:14 +0100 Subject: [PATCH 3/5] Remove .idea directory from versioning and add to .gitignore Deleted all .idea directory files from the repository as these files pertain to individual IDE settings and should not be versioned. The .idea directory has been added to the .gitignore file to keep local IDE settings private and maintain overall repository cleanliness. --- .idea/.gitignore | 8 -------- .idea/go-hibp.iml | 9 --------- .idea/inspectionProfiles/Project_Default.xml | 12 ------------ .idea/modules.xml | 8 -------- .idea/vcs.xml | 6 ------ 5 files changed, 43 deletions(-) delete mode 100644 .idea/.gitignore delete mode 100644 .idea/go-hibp.iml delete mode 100644 .idea/inspectionProfiles/Project_Default.xml delete mode 100644 .idea/modules.xml delete mode 100644 .idea/vcs.xml diff --git a/.idea/.gitignore b/.idea/.gitignore deleted file mode 100644 index 73f69e0..0000000 --- a/.idea/.gitignore +++ /dev/null @@ -1,8 +0,0 @@ -# Default ignored files -/shelf/ -/workspace.xml -# Datasource local storage ignored files -/dataSources/ -/dataSources.local.xml -# Editor-based HTTP Client requests -/httpRequests/ diff --git a/.idea/go-hibp.iml b/.idea/go-hibp.iml deleted file mode 100644 index 5e764c4..0000000 --- a/.idea/go-hibp.iml +++ /dev/null @@ -1,9 +0,0 @@ - - - - - - - - - \ No newline at end of file diff --git a/.idea/inspectionProfiles/Project_Default.xml b/.idea/inspectionProfiles/Project_Default.xml deleted file mode 100644 index 09dbac8..0000000 --- a/.idea/inspectionProfiles/Project_Default.xml +++ /dev/null @@ -1,12 +0,0 @@ - - - - \ No newline at end of file diff --git a/.idea/modules.xml b/.idea/modules.xml deleted file mode 100644 index 082fe35..0000000 --- a/.idea/modules.xml +++ /dev/null @@ -1,8 +0,0 @@ - - - - - - - - \ No newline at end of file diff --git a/.idea/vcs.xml b/.idea/vcs.xml deleted file mode 100644 index 94a25f7..0000000 --- a/.idea/vcs.xml +++ /dev/null @@ -1,6 +0,0 @@ - - - - - - \ No newline at end of file From 71b68f79a35922b374cdb6943cd4d95a8f9be4c8 Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Thu, 14 Mar 2024 22:19:50 +0100 Subject: [PATCH 4/5] Update password hash count in test output The expected output counts for password hash matches in the pwned passwords database have been updated in multiple test scenarios. The changes reflect recent statistics, ensuring the tests' output aligns with current data for greater test accuracy. --- password_test.go | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/password_test.go b/password_test.go index b02721f..c36fba1 100644 --- a/password_test.go +++ b/password_test.go @@ -431,7 +431,7 @@ func ExamplePwnedPassAPI_CheckPassword() { if m != nil && m.Count != 0 { fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", m.Hash, m.Count) - // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86495 times in the pwned passwords DB + // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 142835 times in the pwned passwords DB } } @@ -446,7 +446,7 @@ func ExamplePwnedPassAPI_CheckPassword_withPadding() { if m != nil && m.Count != 0 { fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", m.Hash, m.Count) - // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86495 times in the pwned passwords DB + // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 142835 times in the pwned passwords DB } } @@ -462,7 +462,7 @@ func ExamplePwnedPassAPI_checkSHA1() { if m != nil && m.Count != 0 { fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", m.Hash, m.Count) - // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 86495 times in the pwned passwords DB + // Output: Your password with the hash "a94a8fe5ccb19ba61c4c0873d391e987982fbbd3" was found 142835 times in the pwned passwords DB } } @@ -478,6 +478,6 @@ func ExamplePwnedPassAPI_checkNTLM() { if m != nil && m.Count != 0 { fmt.Printf("Your password with the hash %q was found %d times in the pwned passwords DB\n", m.Hash, m.Count) - // Output: Your password with the hash "0cb6948805f797bf2a82807973b89537" was found 86495 times in the pwned passwords DB + // Output: Your password with the hash "0cb6948805f797bf2a82807973b89537" was found 142835 times in the pwned passwords DB } } From b66183134dbd72d51e284524e1353a675c635bb2 Mon Sep 17 00:00:00 2001 From: Winni Neessen Date: Thu, 14 Mar 2024 22:23:07 +0100 Subject: [PATCH 5/5] Update Go versions in GitHub Actions workflows This commit updates the Go versions specified in the GitHub Actions workflows. The versions in 'codecov_testonly.yml', 'golangci-lint.yml', 'codecov.yml', and 'sonarqube.yml' files have been updated to more recent versions. These updates ensure the workflows use up-to-date Go language features and maintain compatibility with the latest Go releases. --- .github/workflows/codecov.yml | 4 ++-- .github/workflows/codecov_testonly.yml | 2 +- .github/workflows/golangci-lint.yml | 2 +- .github/workflows/sonarqube.yml | 2 +- 4 files changed, 5 insertions(+), 5 deletions(-) diff --git a/.github/workflows/codecov.yml b/.github/workflows/codecov.yml index df1de10..92525c0 100644 --- a/.github/workflows/codecov.yml +++ b/.github/workflows/codecov.yml @@ -24,7 +24,7 @@ jobs: strategy: matrix: os: [ubuntu-latest] - go: [1.18] + go: ['1.22'] steps: - name: Checkout Code uses: actions/checkout@master @@ -34,7 +34,7 @@ jobs: go test -v -race --coverprofile=coverage.coverprofile --covermode=atomic . - name: Upload coverage to Codecov - if: success() && matrix.go == 1.18 && matrix.os == 'ubuntu-latest' + if: success() && matrix.go == '1.22' && matrix.os == 'ubuntu-latest' uses: codecov/codecov-action@v2 with: token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos diff --git a/.github/workflows/codecov_testonly.yml b/.github/workflows/codecov_testonly.yml index 9dcdbe7..64e2c3a 100644 --- a/.github/workflows/codecov_testonly.yml +++ b/.github/workflows/codecov_testonly.yml @@ -22,7 +22,7 @@ jobs: strategy: matrix: os: [ubuntu-latest, macos-latest, windows-latest] - go: [1.15, 1.16, 1.17, 1.18] + go: ['1.19', '1.20', '1.21', '1.22'] steps: - name: Checkout Code uses: actions/checkout@master diff --git a/.github/workflows/golangci-lint.yml b/.github/workflows/golangci-lint.yml index 2d0a327..3700e65 100644 --- a/.github/workflows/golangci-lint.yml +++ b/.github/workflows/golangci-lint.yml @@ -21,7 +21,7 @@ jobs: steps: - uses: actions/setup-go@v3 with: - go-version: 1.19 + go-version: '1.22' - uses: actions/checkout@v3 - name: golangci-lint uses: golangci/golangci-lint-action@v3 diff --git a/.github/workflows/sonarqube.yml b/.github/workflows/sonarqube.yml index 63e15d3..3843b01 100644 --- a/.github/workflows/sonarqube.yml +++ b/.github/workflows/sonarqube.yml @@ -17,7 +17,7 @@ jobs: - name: Setup Go uses: actions/setup-go@v2.1.3 with: - go-version: 1.18.x + go-version: 1.22.x - name: Run unit Tests run: |