Go v1.20

.github/workflows/ci.yml

@@ -14,7 +14,7 @@ jobs:
     timeout-minutes: 1
     strategy:
       matrix:
-        go-version: ['>1.19.3']
+        go-version: ['>=1.20']
         platform: [ubuntu-22.04]
     runs-on: ${{ matrix.platform }}
     steps:
@@ -61,7 +61,7 @@ jobs:
     timeout-minutes: 7
     strategy:
       matrix:
-        go-version: ['>1.19.3']
+        go-version: ['>=1.20']
         platform: [ubuntu-22.04]
     runs-on: ${{ matrix.platform }}
     steps:
@@ -103,7 +103,7 @@ jobs:
     timeout-minutes: 5
     strategy:
       matrix:
-        go-version: ['>1.19.3']
+        go-version: ['>=1.20']
         platform: [ubuntu-22.04]
     runs-on: ${{ matrix.platform }}
     steps:
@@ -130,7 +130,7 @@ jobs:
       - name: install tools
         run: |
           set -x
-          go install honnef.co/go/tools/cmd/staticcheck@latest
+          go install honnef.co/go/tools/cmd/staticcheck@master
           go install github.com/securego/gosec/cmd/gosec@latest
           go install github.com/quasilyte/go-ruleguard/cmd/ruleguard@latest
           go install github.com/orijtech/structslop/cmd/structslop@latest
@@ -158,10 +158,10 @@ jobs:
 
           go vet -all ./...
           go vet -vettool=/home/runner/go/bin/shadow -strict ./...
-          /home/runner/go/bin/staticcheck -tests -go 1.19 ./...
+          /home/runner/go/bin/staticcheck -tests -go 1.20 ./...
           govulncheck ./...
-          # /home/runner/go/bin/gosec ./... # does not seem to work with Go1.19
-          # /home/runner/go/bin/structslop ./... # does not seem to work with Go1.19
+          # /home/runner/go/bin/gosec ./... # does not seem to work with Go1.20
+          # /home/runner/go/bin/structslop ./... # does not seem to work with Go1.20
           /home/runner/go/bin/httperroryzer ./...
           # see: https://github.com/golang/go/commit/a98589711da5e9d935e8d690cfca92892e86d557
           /home/runner/go/bin/errcheck -ignoregenerated -ignoretests -asserts ./...
@@ -175,7 +175,7 @@ jobs:
           wget -nc --output-document=/tmp/semgrep-go.zip https://github.com/dgryski/semgrep-go/archive/refs/heads/master.zip
           unzip -o /tmp/semgrep-go.zip -d /tmp/semgrep-go
           go get github.com/quasilyte/go-ruleguard/dsl
-          golangci-lint run --config .golangci.yml ./...
+          # golangci-lint run --config .golangci.yml ./...
           go mod tidy
           python -m venv /tmp/.venv
           . /tmp/.venv/bin/activate
@@ -200,12 +200,56 @@ jobs:
           ONG_RUNNING_IN_TESTS: 'YES'
 
 
+  # https://go.dev/testing/coverage/
+  integration_test_coverage:
+    name: integration_test_coverage
+    timeout-minutes: 2
+    strategy:
+      matrix:
+        go-version: ['>=1.20']
+        platform: [ubuntu-22.04]
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Check out code into the Go module directory
+        uses: actions/checkout@v3
+        with:
+          # For pull requests, build and test the PR head not a merge of the PR with the destination.
+          ref: ${{ github.event.pull_request.head.sha || github.ref }}
+          # We need to full history for git-restore-mtime to know what modification dates to use.
+          # Otherwise, the Go test cache will fail (due to the modification time of fixtures changing).
+          fetch-depth: '0'
+
+      - name: custom setupGo
+        uses: ./.github/actions/setup-go
+        with:
+          go-version: ${{ matrix.go-version }}
+
+      - name: whole program coverage
+        run: |
+          pwd; ls -lsha
+          sudo apt -y update
+          sudo apt -y install libnss3-tools # certutil
+          mkdir -p coverage/
+          rm -rf coverage/* ongExample
+          go build -cover -o ongExample github.com/komuw/ong/example
+          GOCOVERDIR=coverage/ ./ongExample &
+          sleep 10 && kill -15 $(pidof ongExample) && sleep 26
+          GOCOVERDIR=coverage/ ./ongExample &
+          sleep 10
+          ls -lsha coverage/
+          curl -vkL -X GET http://127.0.0.1:65080/health  # http redirection
+          curl -vkL -X GET https://127.0.0.1:65081/health # https
+          curl -vkL "http://127.0.0.1:65060/debug/pprof/profile?seconds=3" # pprof
+          curl -vkL https://127.0.0.1:65081/check/67
+          kill -15 $(pidof ongExample)
+          go tool covdata percent -i=coverage
+
   # run_stress_test:
   #   name: run_stress_test
   #   timeout-minutes: 2
   #   strategy:
   #     matrix:
-  #       go-version: ['>1.19.3']
+  #       go-version: ['>=1.20']
   #       platform: [ubuntu-22.04]
   #   runs-on: ${{ matrix.platform }}
   #   steps:

.gitignore

@@ -4,6 +4,7 @@ debug.test
 coverage.txt
 coverage.html
 coverage.out
+coverage/
 .DS_Store
 
 # go-pry debug stuff
@@ -14,6 +15,7 @@ coverage.out
 
 # binary
 ong
+ongExample
 
 # debug stuff
 debug.test

CHANGELOG.md

@@ -3,6 +3,9 @@
 Most recent version is listed first.  
 
 
+## v0.0.30
+- Update to Go v1.20: https://github.com/komuw/ong/pull/209
+
 ## v0.0.29
 - WithCtx should only use the id from context, if that ctx actually contains an Id: https://github.com/komuw/ong/pull/196
 - ong/errors; wrap as deep as possible: https://github.com/komuw/ong/pull/199

example/main.go

@@ -19,7 +19,7 @@ func main() {
 		nil,
 		mux.NewRoute(
 			"/health",
-			mux.MethodPost,
+			mux.MethodGet,
 			api.health(secretKey),
 		),
 		mux.NewRoute(

go.mod

@@ -1,30 +1,30 @@
 module github.com/komuw/ong
 
-go 1.19
+go 1.20
 
 require (
-	golang.org/x/crypto v0.4.0
-	golang.org/x/exp v0.0.0-20221211140036-ad323defaf05
-	golang.org/x/net v0.4.0
-	golang.org/x/sys v0.3.0
+	golang.org/x/crypto v0.5.0
+	golang.org/x/exp v0.0.0-20230131160201-f062dba9d201
+	golang.org/x/net v0.5.0
+	golang.org/x/sys v0.4.0
 )
 
 require (
 	github.com/google/go-cmp v0.5.9 // indirect
 	github.com/mattn/go-colorable v0.1.13 // indirect
-	github.com/mattn/go-isatty v0.0.16 // indirect
+	github.com/mattn/go-isatty v0.0.17 // indirect
 	github.com/tmthrgd/httputils v0.0.0-20190904060602-27fdf7d93acd // indirect
 	go.uber.org/atomic v1.10.0 // indirect
-	go.uber.org/multierr v1.8.0 // indirect
+	go.uber.org/multierr v1.9.0 // indirect
 	golang.org/x/sync v0.1.0 // indirect
-	golang.org/x/text v0.5.0 // indirect
+	golang.org/x/text v0.6.0 // indirect
 )
 
 require (
 	github.com/NYTimes/gziphandler v1.1.1 // test
 	github.com/akshayjshah/attest v0.4.0 // test
-	github.com/klauspost/compress v1.15.13 // test
-	github.com/rs/zerolog v1.28.0 // test
+	github.com/klauspost/compress v1.15.15 // test
+	github.com/rs/zerolog v1.29.0 // test
 	github.com/sirupsen/logrus v1.9.0 // test
 	github.com/tmthrgd/gziphandler v0.0.0-20210130054451-9e3dc377f14f // test
 	go.uber.org/zap v1.24.0 // test

go.sum

@@ -10,21 +10,22 @@ github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/godbus/dbus/v5 v5.0.4/go.mod h1:xhWf0FNVPg57R7Z0UbKHbJfkEywrmjJnf7w5xrFpKfA=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
 github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
-github.com/klauspost/compress v1.15.13 h1:NFn1Wr8cfnenSJSA46lLq4wHCcBzKTSjnBIexDMMOV0=
-github.com/klauspost/compress v1.15.13/go.mod h1:QPwzmACJjUTFsnSHH934V6woptycfrDDJnH7hvFVbGM=
+github.com/klauspost/compress v1.15.15 h1:EF27CXIuDsYJ6mmvtBRlEuB2UVOqHG1tAXgZ7yIO+lw=
+github.com/klauspost/compress v1.15.15/go.mod h1:ZcK2JAFqKOpnBlxcLsJzYfrS9X1akm9fHZNnD9+Vo/4=
 github.com/mattn/go-colorable v0.1.12/go.mod h1:u5H1YNBxpqRaxsYJYSkiCWKzEfiAb1Gb520KVy5xxl4=
 github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
 github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
 github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
-github.com/mattn/go-isatty v0.0.16 h1:bq3VjFmv/sOjHtdEhmkEV4x1AJtvUvOJ2PFAZ5+peKQ=
 github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
+github.com/mattn/go-isatty v0.0.17 h1:BTarxUcIeDqL27Mc+vyvdWYSL28zpIhv3RoTdsLMPng=
+github.com/mattn/go-isatty v0.0.17/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
 github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/rs/xid v1.4.0/go.mod h1:trrq9SKmegXys3aeAKXMUTdJsYXVwGY3RLcfgqegfbg=
-github.com/rs/zerolog v1.28.0 h1:MirSo27VyNi7RJYP3078AA1+Cyzd2GB66qy3aUHvsWY=
-github.com/rs/zerolog v1.28.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0=
+github.com/rs/zerolog v1.29.0 h1:Zes4hju04hjbvkVkOhdl2HpZa+0PmVwigmo8XoORE5w=
+github.com/rs/zerolog v1.29.0/go.mod h1:NILgTygv/Uej1ra5XxGf82ZFSLk58MFGAUS2o6usyD0=
 github.com/sirupsen/logrus v1.9.0 h1:trlNQbNUG3OdDrDil03MCb1H2o9nJ1x4/5LYw7byDE0=
 github.com/sirupsen/logrus v1.9.0/go.mod h1:naHLuLoDiP4jHNo9R0sCBMtWGeIprob74mVsIT4qYEQ=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
@@ -35,31 +36,29 @@ github.com/tmthrgd/gziphandler v0.0.0-20210130054451-9e3dc377f14f h1:B4j9Igh7cCz
 github.com/tmthrgd/gziphandler v0.0.0-20210130054451-9e3dc377f14f/go.mod h1:Eaxip7qwz21YwJBuTby3jRNfqsmXseMMPQQqlku1jrk=
 github.com/tmthrgd/httputils v0.0.0-20190904060602-27fdf7d93acd h1:guOHSdClhT9FnFM7KkyrZmUMbCBYG1VeU73/QLZIpNI=
 github.com/tmthrgd/httputils v0.0.0-20190904060602-27fdf7d93acd/go.mod h1:8/hVmIZ6TizbEnBWYbs6KT+SazQ4St36+7yVBjxvk0I=
-go.uber.org/atomic v1.7.0/go.mod h1:fEN4uk6kAWBTFdckzkM89CLk9XfWZrxpCo0nPH17wJc=
 go.uber.org/atomic v1.10.0 h1:9qC72Qh0+3MqyJbAn8YU5xVq1frD8bn3JtD2oXtafVQ=
 go.uber.org/atomic v1.10.0/go.mod h1:LUxbIzbOniOlMKjJjyPfpl4v+PKK2cNJn91OQbhoJI0=
 go.uber.org/goleak v1.1.11 h1:wy28qYRKZgnJTxGxvye5/wgWr1EKjmUDGYox5mGlRlI=
-go.uber.org/multierr v1.8.0 h1:dg6GjLku4EH+249NNmoIciG9N/jURbDG+pFlTkhzIC8=
-go.uber.org/multierr v1.8.0/go.mod h1:7EAYxJLBy9rStEaz58O2t4Uvip6FSURkq8/ppBp95ak=
+go.uber.org/multierr v1.9.0 h1:7fIwc/ZtS0q++VgcfqFDxSBZVv/Xo49/SYnDFupUwlI=
+go.uber.org/multierr v1.9.0/go.mod h1:X2jQV1h+kxSjClGpnseKVIxpmcjrj7MNnI0bnlfKTVQ=
 go.uber.org/zap v1.24.0 h1:FiJd5l1UOLj0wCgbSE0rwwXHzEdAZS6hiiSnxJN/D60=
 go.uber.org/zap v1.24.0/go.mod h1:2kMP+WWQ8aoFoedH3T2sq6iJ2yDWpHbP0f6MQbS9Gkg=
-golang.org/x/crypto v0.4.0 h1:UVQgzMY87xqpKNgb+kDsll2Igd33HszWHFLmpaRMq/8=
-golang.org/x/crypto v0.4.0/go.mod h1:3quD/ATkf6oY+rnes5c3ExXTbLc8mueNue5/DoinL80=
-golang.org/x/exp v0.0.0-20221211140036-ad323defaf05 h1:T8EldfGCcveFMewH5xAYxxoX3PSQMrsechlUGVFlQBU=
-golang.org/x/exp v0.0.0-20221211140036-ad323defaf05/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc=
-golang.org/x/net v0.4.0 h1:Q5QPcMlvfxFTAPV0+07Xz/MpK9NTXu2VDUuy0FeMfaU=
-golang.org/x/net v0.4.0/go.mod h1:MBQ8lrhLObU/6UmLb4fmbmk5OcyYmqtbGd/9yIeKjEE=
+golang.org/x/crypto v0.5.0 h1:U/0M97KRkSFvyD/3FSmdP5W5swImpNgle/EHFhOsQPE=
+golang.org/x/crypto v0.5.0/go.mod h1:NK/OQwhpMQP3MwtdjgLlYHnH9ebylxKWv3e0fK+mkQU=
+golang.org/x/exp v0.0.0-20230131160201-f062dba9d201 h1:BEABXpNXLEz0WxtA+6CQIz2xkg80e+1zrhWyMcq8VzE=
+golang.org/x/exp v0.0.0-20230131160201-f062dba9d201/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc=
+golang.org/x/net v0.5.0 h1:GyT4nK/YDHSqa1c4753ouYCDajOYKTja9Xb/OHtgvSw=
+golang.org/x/net v0.5.0/go.mod h1:DivGGAXEgPSlEBzxGzZI+ZLohi+xUj054jfeKui00ws=
 golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o=
 golang.org/x/sync v0.1.0/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20210927094055-39ccf1dd6fa6/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
 golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/sys v0.3.0 h1:w8ZOecv6NaNa/zC8944JTU3vz4u6Lagfk4RPQxv92NQ=
-golang.org/x/sys v0.3.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
-golang.org/x/text v0.5.0 h1:OLmvp0KP+FVG99Ct/qFiL/Fhk4zp4QQnZ7b2U+5piUM=
-golang.org/x/text v0.5.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
+golang.org/x/sys v0.4.0 h1:Zr2JFtRQNX3BCZ8YtxRE9hNJYC8J6I1MVbMg6owUp18=
+golang.org/x/sys v0.4.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
+golang.org/x/text v0.6.0 h1:3XmdazWV+ubf7QgHSTWeykHOci5oeekaGJBLkrkaw4k=
+golang.org/x/text v0.6.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
-gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
 gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=

id/id.go

@@ -1,11 +1,11 @@
-// Package id generates unique random strings
+// Package id generates unique random strings.
+// It however should not be used for cryptography purposes.
 package id
 
 import (
 	cryptoRand "crypto/rand"
 	"encoding/base64"
 	mathRand "math/rand"
-	"time"
 )
 
 // encodeURL is like [base64.EncodeURL] except we replace:
@@ -23,7 +23,7 @@ func encoding() *base64.Encoding {
 
 var enc = encoding() //nolint:gochecknoglobals
 
-// New returns a new random string
+// New returns a new random string.
 func New() string {
 	return Random(16)
 }
@@ -48,8 +48,9 @@ func Random(n int) string {
 	b := make([]byte, byteSize)
 	if _, err := cryptoRand.Read(b); err != nil {
 		b = make([]byte, byteSize)
-		// this codepath is rarely executed so we can put all the code here instead of global var.
-		mathRand.Seed(time.Now().UTC().UnixNano())
+		//lint:ignore SA1019 `mathRand.Read` is deprecated.
+		// However, for our case here is okay since the func id.Random is not used for cryptography.
+		// Also we like the property of `mathRand.Read` always returning a nil error.
 		_, _ = mathRand.Read(b) // docs say that it always returns a nil error.
 	}
 

log/log_test.go

@@ -612,8 +612,6 @@ func BenchmarkAverageCase(b *testing.B) {
 	str := fmt.Sprintf("%s", sl)
 	logErr := stdlibErrors.New("hey")
 
-	rand.Seed(time.Now().UnixNano())
-
 	b.Logf("average case")
 
 	b.Run("Zap", func(b *testing.B) {

middleware/loadshed.go

@@ -42,7 +42,6 @@ const (
 
 // loadShedder is a middleware that sheds load based on http response latencies.
 func loadShedder(wrappedHandler http.HandlerFunc) http.HandlerFunc {
-	mathRand.Seed(time.Now().UTC().UnixNano())
 	// lq should not be a global variable, we want it to be per handler.
 	// This is because different handlers(URIs) could have different latencies and we want each to be loadshed independently.
 	lq := newLatencyQueue()

middleware/loadshed_test.go

@@ -183,7 +183,6 @@ func TestLatencyQueue(t *testing.T) {
 }
 
 func loadShedderBenchmarkHandler() http.HandlerFunc {
-	rand.Seed(time.Now().UTC().UnixNano())
 	return func(w http.ResponseWriter, r *http.Request) {
 		latency := time.Duration(rand.Intn(100)+1) * time.Millisecond
 		time.Sleep(latency)

middleware/log.go

@@ -25,7 +25,6 @@ func logger(wrappedHandler http.HandlerFunc, domain string, l log.Logger) http.H
 	//
 	// However, each request should get its own context. That's why we call `logger.WithCtx` for every request.
 
-	mathRand.Seed(time.Now().UTC().UnixNano())
 	pid := os.Getpid()
 
 	return func(w http.ResponseWriter, r *http.Request) {