fix(deps): update go non-major dependencies

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
cloud.google.com/go/datastore	v1.10.0 -> v1.17.0
github.com/GoogleCloudPlatform/opentelemetry-operations-go/exporter/trace	v1.11.1 -> v1.23.0
github.com/gin-contrib/cors	v1.4.0 -> v1.7.2
github.com/gin-gonic/gin	v1.8.2 -> v1.10.0
github.com/golang-jwt/jwt/v4	v4.4.3 -> v4.5.0
github.com/google/uuid	v1.3.0 -> v1.6.0
github.com/pdfcpu/pdfcpu	v0.3.14-0.20221101223428-07d97625e3fa -> v0.8.0
github.com/stretchr/testify	v1.8.1 -> v1.9.0
github.com/swaggo/files	v1.0.0 -> v1.0.1
github.com/swaggo/gin-swagger	v1.5.3 -> v1.6.0
github.com/swaggo/swag	v1.8.10 -> v1.16.3
go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin	v0.39.0 -> v0.52.0
go.opentelemetry.io/otel	v1.13.0 -> v1.27.0
go.opentelemetry.io/otel/exporters/stdout/stdouttrace	v1.13.0 -> v1.27.0
go.opentelemetry.io/otel/sdk	v1.13.0 -> v1.27.0
go.opentelemetry.io/otel/trace	v1.13.0 -> v1.27.0
golang.org/x/crypto	v0.6.0 -> v0.23.0

---

Release Notes

gin-contrib/cors (github.com/gin-contrib/cors)

v1.7.2

Compare Source

Changelog

Enhancements

• f952c06: chore: improve changelog generation and categorization (@​appleboy)
• c4d5284: chore: update dependencies and refactor imports (@​appleboy)

Build process updates

• 064064f: ci: update Go workflow linting action to v5 (@​appleboy)

v1.7.1

Compare Source

Changelog

Enhancements

• 71a48a2 chore: update third-party dependencies to latest versions

Others

• 88cbcd0 ci: update GitHub Actions workflows for Go projects
• 84d0919 test: refactor CORS tests and expand coverage

v1.7.0

Compare Source

Changelog

Bug fixes

• 7f30a1f fix: improve error handling and test robustness

Enhancements

• 9d49f16 chore(cors): Allow a custom validation function which receives the full gin context (#​140)

Others

• 4447aeb refactor: refactor request handling and improve CORS checks

v1.6.0

Compare Source

Changelog

Features

• eac6c48 feat(schema): allow usage of custom schemas (#​139)

Bug fixes

• 27b723a fixe(domain): wildcard parse bug (#​106 and #​57) @​maxshine and @​Hvitgar

Enhancements

• f41df75 chore: update GitHub actions to latest versions
• 2451987 chore: update dependencies to latest versions
• 7d356c2 chore: update dependencies to latest versions
• 5da0aee chore: update third-party dependencies
• 8263fce chore: update version of actions/setup-go in GitHub workflows

Others

• fcbd06f ci: enhance testing matrix and tolerance limits
• f08c1bc ci: refactor CI workflows and improve tests
• 30792dc ci: refactor GitHub Actions workflows
• 0e993b7 ci: update GitHub Actions to Version 3
• 90a7c66 test(cors): enhance CORS wildcard handling tests (#​145)
• 85bf9fb test: improve CORS wildcard handling and testing (#​144)
• d5002f2 test: refactor tests and update CI configurations

v1.5.0

Compare Source

Changelog

Features

• 0eaf9a0 feat: adds support for private network header (#​128)

Enhancements

• c1983b2 chore(CI): add go1.20 version
• 1d5e083 chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#​112)
• f8b2357 chore(options): Added availability to set 200/204 for OPTIONS request status (#​129)
• f92a222 chore: Add go 1.19 and upgrade lint version to v1.49
• 95df7c6 chore: remove depguard linter and rename example file
• 7ac4445 chore: update GitHub Actions configuration files
• bbf67cd chore: update Go version and setup-go action
• b216599 chore: update goreleaser/goreleaser-action to version v4
• 765e44e chore: update dependencies to latest versions
• bf2c9df chore: update linter configuration and changelog titles
• bbb26b0 chore: update supported versions of Go

Others

• 5914b2f build: update Go version and dependencies

gin-gonic/gin (github.com/gin-gonic/gin)

v1.10.0

Compare Source

Changelog

Features

• 5f458dd: feat(auth): add proxy-server authentication (#​3877) (@​EndlessParadox1)
• 7a865dc: feat(bind): ShouldBindBodyWith shortcut and change doc (#​3871) (@​RedCrazyGhost)
• a182195: feat(binding): Support custom BindUnmarshaler for binding. (#​3933) (@​dkkb)
• fd1faad: feat(binding): support override default binding implement (#​3514) (@​ssfyn)
• ac5e84d: feat(engine): Added OptionFunc and With (#​3572) (@​flc1125)
• c6ae2e6: feat(logger): ability to skip logs based on user-defined logic (#​3593) (@​palvaneh)

Bug fixes

• d4e4136: Revert "fix(uri): query binding bug (#​3236)" (#​3899) (@​appleboy)
• 3dc1cd6: fix(binding): binding error while not upload file (#​3819) (#​3820) (@​clearcodecn)
• 82bcd6d: fix(binding): dereference pointer to struct (#​3199) (@​echovl)
• 2b1da2b: fix(context): make context Value method adhere to Go standards (#​3897) (@​FarmerChillax)
• f70dd00: fix(engine): fix unit test (#​3878) (@​flc1125)
• 86ff4a6: fix(header): Allow header according to RFC 7231 (HTTP 405) (#​3759) (@​Crocmagnon)
• 09f8224: fix(route): Add fullPath in context copy (#​3784) (@​KarthikReddyPuli)
• 9f598a3: fix(router): catch-all conflicting wildcard (#​3812) (@​FirePing32)
• 4a40f8f: fix(sec): upgrade golang.org/x/crypto to 0.17.0 (#​3832) (@​chncaption)
• 386d244: fix(tree): correctly expand the capacity of params (#​3502) (@​georgijd-form3)
• 8790d08: fix(uri): query binding bug (#​3236) (@​illiafox)
• 44d0dd7: fix: Add pointer support for url query params (#​3659) (#​3666) (@​omkar-foss)
• 646312a: fix: protect Context.Keys map when call Copy method (#​3873) (@​kingcanfish)

Enhancements

• d4a6426: chore(CI): update release args (#​3595) (@​qloog)
• bb3519d: chore(IP): add TrustedPlatform constant for Fly.io. (#​3839) (@​ab)
• 1b3c085: chore(debug): add ability to override the debugPrint statement (#​2337) (@​josegonzalez)
• a64286a: chore(deps): update dependencies to latest versions (#​3835) (@​appleboy)
• 9c61295: chore(header): Add support for RFC 9512: application/yaml (#​3851) (@​vincentbernat)
• a481ee2: chore(http): use white color for HTTP 1XX (#​3741) (@​viralparmarme)
• c964ad3: chore(optimize): the ShouldBindUri method of the Context struct (#​3911) (@​1911860538)
• 739d2d9: chore(perf): Optimize the Copy method of the Context struct (#​3859) (@​1911860538)
• 3ea8bd9: chore(refactor): modify interface check way (#​3855) (@​demoManito)
• ab8042e: chore(request): check reader if it's nil before reading (#​3419) (@​noahyao1024)
• 0d9dbbb: chore(security): upgrade Protobuf for CVE-2024-24786 (#​3893) (@​Fotkurz)
• ecdbbbe: chore: refactor CI and update dependencies (#​3848) (@​appleboy)
• 39089af: chore: refactor configuration files for better readability (#​3951) (@​appleboy)
• 160c173: chore: update GitHub Actions configuration (#​3792) (@​appleboy)
• 0397e5e: chore: update changelog categories and improve documentation (#​3917) (@​appleboy)
• 62b50cf: chore: update dependencies to latest versions (#​3694) (@​appleboy)
• 638aa19: chore: update external dependencies to latest versions (#​3950) (@​appleboy)
• c6f90df: chore: update various Go dependencies to latest versions (#​3901) (@​appleboy)

Build process updates

• 78f4687: build(codecov): Added a codecov configuration (#​3891) (@​flc1125)
• 56dc72c: ci(Makefile): vet command add .PHONY (#​3915) (@​imalasong)
• 8ab47c6: ci(lint): update tooling and workflows for consistency (#​3834) (@​appleboy)
• 8acbe65: ci(release): refactor changelog regex patterns and exclusions (#​3914) (@​appleboy)
• 000fdb3: ci(testing): add go1.22 version (#​3842) (@​appleboy)

Documentation updates

• 990c44a: docs(context): Added deprecation comments to BindWith (#​3880) (@​flc1125)
• 861ffb9: docs(middleware): comments to function BasicAuthForProxy (#​3881) (@​EndlessParadox1)
• ee70b30: docs: Add document to constant AuthProxyUserKey and BasicAuthForProxy. (#​3887) (@​EndlessParadox1)
• f75144a: docs: fix typo in comment (#​3868) (@​testwill)
• 83fc767: docs: fix typo in function documentation (#​3872) (@​TotomiEcio)
• 49f45a5: docs: remove redundant comments (#​3765) (@​WeiTheShinobi)
• 75ccf94: feat: update version constant to v1.10.0 (#​3952) (@​appleboy)

Others

• 02e754b: Upgrade golang.org/x/net -> v0.13.0 (#​3684) (@​cpcf)
• 97eab7d: test(git): gitignore add develop tools (#​3370) (@​demoManito)
• ae15646: test(http): use constant instead of numeric literal (#​3863) (@​testwill)
• fd60a24: test(path): Optimize unit test execution results (#​3883) (@​flc1125)
• bb2d8cf: test(render): increased unit tests coverage (#​3691) (@​araujo88)

v1.9.1

Compare Source

BUG FIXES

• fix Request.Context() checks #​3512

SECURITY

• fix lack of escaping of filename in Content-Disposition #​3556

ENHANCEMENTS

• refactor: use bytes.ReplaceAll directly #​3455
• convert strings and slices using the officially recommended way #​3344
• improve render code coverage #​3525

DOCS

• docs: changed documentation link for trusted proxies #​3575
• chore: improve linting, testing, and GitHub Actions setup #​3583

v1.9.0

Compare Source

BREAK CHANGES

• Stop useless panicking in context and render #​2150

BUG FIXES

• fix(router): tree bug where loop index is not decremented. #​3460
• fix(context): panic on NegotiateFormat - index out of range #​3397
• Add escape logic for header #​3500 and #​3503

SECURITY

• Fix the GO-2022-0969 and GO-2022-0288 vulnerabilities #​3333
• fix(security): vulnerability GO-2023-1571 #​3505

ENHANCEMENTS

• feat: add sonic json support #​3184
• chore(file): Creates a directory named path #​3316
• fix: modify interface check way #​3327
• remove deprecated of package io/ioutil #​3395
• refactor: avoid calling strings.ToLower twice #​3343
• console logger HTTP status code bug fixed #​3453
• chore(yaml): upgrade dependency to v3 version #​3456
• chore(router): match method added to routergroup for multiple HTTP methods supporting #​3464
• chore(http): add support for go1.20 http.rwUnwrapper to gin.responseWriter #​3489

DOCS

• docs: update markdown format #​3260
• docs(readme): Add the TOML rendering example #​3400
• docs(readme): move more example to docs/doc.md #​3449
• docs: update markdown format #​3446

golang-jwt/jwt (github.com/golang-jwt/jwt/v4)

v4.5.0

Compare Source

What's Changed

• Allow strict base64 decoding by @​AlexanderYastrebov in https://github.com/golang-jwt/jwt/pull/259

Full Changelog: golang-jwt/jwt@v4.4.3...v4.5.0

google/uuid (github.com/google/uuid)

v1.6.0

Compare Source

Features

• add Max UUID constant (#​149) (c58770e)

Bug Fixes

• fix typo in version 7 uuid documentation (#​153) (016b199)
• Monotonicity in UUIDv7 (#​150) (a2b2b32)

v1.5.0

Compare Source

Features

• Validate UUID without creating new UUID (#​141) (9ee7366)

v1.4.0

Compare Source

Features

• UUIDs slice type with Strings() convenience method (#​133) (cd5fbbd)

Fixes

• Clarify that Parse's job is to parse but not necessarily validate strings. (Documents current behavior)

v1.3.1

Compare Source

Bug Fixes

• Use .EqualFold() to parse urn prefixed UUIDs (#​118) (574e687)

pdfcpu/pdfcpu (github.com/pdfcpu/pdfcpu)

v0.8.0

Compare Source

Maintenance Release

PDF 2.0 Support

PDF 2.0 encryption is now supported and you are free to use the following commands with your PDF 2.0 input files:

• encrypt
• decrypt
• changeopw
• changeupw
• permissions

Performance

We can report another 🚀 @​fancycode parser improvement resulting in a significant performance boost and lower memory overhead especially for large files:

Before:

$ time go run test.go 
2024/03/21 09:03:55.874443 Parsing ...
2024/03/21 09:04:07.947987 Done, uses 4244 MiBytes heap memory, 6755 MiBytes system memory
2024/03/21 09:04:07.948013 Parsed 1133 pages

real	0m12,743s
user	0m21,830s
sys	0m2,589s

After:

$ time go run test.go 
2024/03/21 09:04:30.639673 Parsing ...
2024/03/21 09:04:30.899588 Done, uses 12 MiBytes heap memory, 11 MiBytes system memory
2024/03/21 09:04:30.899609 Parsed 1133 pages

real	0m0,568s
user	0m0,881s
sys	0m0,228s

Configuration Changes

We have added options to skip some optimization steps or disable internal optimization alltogether:

If you disable the following option there will be no internal optimization of the cross reference table once it is loaded into memory.
This will only affect commands that do not rely on optimization like e.g. optimize

### toggle optimization
optimize: true

The following will disable the parsing of page content streams in order to detect unused resources like images or fonts.

### optimize page resources via content stream analysis.
optimizeResourceDicts: true

The following option decides if pdfcpu will scan for and remove duplicate content streams.

### optimize duplicate content streams across pages.
optimizeDuplicateContentStreams: false

⚡ Caution is advised and you have to know what you are doing when using these options.
Tuning or turning optimization off can make sense in environments where you deal with large PDF files that usually look the same structure wise so there are no surprises.

Since the pdfcpu configuration has changed you are encouraged to recreate your config.yml:

1. Locate your config.yml using pdfcpu conf
2. Remove/backup your config.yml
3. Create a new config.yml from scratch by executing any pdfcpu cmd on the CLI eg. execute one more time pdfcpu conf
4. Edit your configuration

Thanks

for all of you test driving pdfcpu and reporting 🐛 s along the way.
Special PR thanks 👍🏻 also to @​adamgreenhall for improving the booklet command and to @​xelan as well.

Changelog

• 576f15e Bump version
• 38b2992 Fix #​851
• 41333df Cancel parsing in "buffer" if context is cancelled.
• b462c01 Handle case where referenced stream length does not exist.
• ca6d15e Avoid pointer receiver and don't call PDFString of lazy objects internally.
• 91619f0 Write out LazyObjectStreamObject without temporary decoding.
• df5d53d Lazily decode data of StreamObject objects.
• 82f1929 filter: Add API to partially decode data.
• fc09c1f Lazily parse ObjectStream objects.
• 7188e6a Fix #​852
• 5bafded Merge PR #​855
• 2d06bc7 Add missing author info
• 0988c5e Add PDF 2.0 encryption
• f783bf2 Fix #​834
• 87abdcc Fix #​849
• d568466 Fix #​844
• deb697d Fix #​847
• a647579 Fix #​843
• 05d2d1f Fix #​841
• 6d95797 Fix #​839
• 9d76f84 Merge in PR #​817
• b9c7a89 Fix #​838
• c5db1d9 Fix #​826
• 26c5fb2 Fix #​826
• aff022f Fix #​835, Add config flags for optimization
• 3282d8a Fix #​823
• 6158a91 Another fix for #​828
• 57030ec Fix #​828
• 5ccea97 Fix #​135
• fd34b05 Fix #​821

v0.7.0

Compare Source

Hello!

🧑‍🔬 We packed lots of goodies into this release for you..

Performance

You will like this ✨
Thanks to @​fancycode we have improved PDF parsing significantly.
While this is not easily comparable running the pdfcpu testsuite is now 8 seconds faster under MacOS 14.2.1:

Before:

./coverage.sh  67.60s user 13.35s system 119% cpu 1:07.93 total

After:

./coverage.sh  59.64s user 12.55s system 107% cpu 1:07.01 total

PDF 2.0 Support

We now have basic support for writing back PDF 2.0 files.
This means you may start using all pdfcpu operations that update validated PDF 2.0 files.
Basic support means, your mileage may vary, especially when you try to process a file using one of the new 2.0 features.

Since it is hard to get a hand on PDF 2.0 files using a specific new 2.0 feature there is a disclaimer printed on the command line asking for your input and contribution. Please open an issue and share your file in case pdfcpu has a problem digesting your file.
The same applies if you just want to see some specific 2.0 feature supported.

In general, please 🙏🏻 report back any issues - there is no way to fix something that does not get reported!

New Zoom Command

pdfcpu zoom [-p(ages) selectedPages] -- description inFile [outFile]

Zoom in/out of selected pages either by magnification factor or corresponding margin.
When zooming out the unused page content space results into horizontal and vertical margins.
These are different from each other but correspond to a certain factor.

Examples:

Zoom into magnification of 200%

pdfcpu zoom -- "factor: 2"  in.pdf out.pdf

Zoom out to magnification of 50%

pdfcpu zoom -- "factor: .5" in.pdf out.pdf

Zoom out to a magnification equivalent to a horizontal margin of 1 cm

pdfcpu zoom -unit cm -- "hmargin: 1" in.pdf out.pdf

Zoom out to a magnification equivalent to a vertical margin of 30 points.
Draw a border around zoomed out page content and fill unused page space light gray

pdfcpu zoom -- "vmargin: 30, border:true, bgcolor:lightgray" in.pdf out.pdf ... 

Please consult pdfcpu help zoom for more and also the official documentation

Enhanced Booklet command

Thanks to @​adamgreenhall we have an even more powerful booklet command for producing zines:

We now have booklet styles 2, 4, 6 and 8 and you may choose one of the following booklet types, each representing a certain method for arranging pages into a booklet:

booklet, bookletadvanced, perfectbound

Examples:

Arrange pages of in.pdf 2 per sheet side (4 per sheet, back and front) onto out.pdf

pdfcpu booklet -- "formsize:Letter" out.pdf 2 in.pdf

Arrange pages of in.pdf 4 per sheet side (8 per sheet, back and front) onto out.pdf:

pdfcpu booklet -- "formsize:Ledger" out.pdf 4 in.pdf

Arrange pages of in.pdf 6 per sheet side (12 per sheet, back and front) onto out.pdf

pdfcpu booklet -- "formsize:Ledger" out.pdf 6 in.pdf

Arrange pages of in.pdf 8 per sheet side (16 per sheet, back and front) onto out.pdf

pdfcpu booklet -- "formsize:A3" out.pdf 8 in.pdf

Arrange pages of in.pdf 4 per sheet side, with short-edge binding onto out.pdf

pdfcpu booklet -- "formsize:A3, binding:short" out.pdf 4 in.pdf

Arrange pages of in.pdf 2 per sheetside as sequence of folios covering 4*foliosize pages each.

pdfcpu booklet -- "formsize:A4, multifolio:on" hardbackbook.pdf 2 in.pdf

Arrange pages of in.pdf 2 per sheet side, arranged for perfect binding, onto out.pdf

pdfcpu booklet -- "formsize:A4, btype:perfectbound" out.pdf 2 in.pdf

Arrange pages of in.pdf 4 per sheet side, arranged for advanced binding, onto out.pdf

pdfcpu booklet -- "formsize:A3, btype:bookletadvanced" out.pdf 4 in.pdf

Please consult pdfcpu help booklet for more and also the official documentation

Configuration Changes

There are two changes to the configuration:

1. validationNone was eliminated
2. postProcessValidate is new and enables safeguard validation

Validation mode ValidationNone has been eliminated for a couple of reasons.
First of all during validation there are a lot of things happening like internalizing and caching needed for command processing,
secondly PDF validation has become quite performant.

We are introducing the new config flag postProcessValidate.
This flag which is turned on by default enables the validation of your processed cross reference table right before writing.
This is considered a useful safeguard, since in cases when writing back a problematic cross reference table without problems,
only the next read/parse/validation attempt will take notice of a problem.
If you disable this you will get an additional performance boost overall but with the caveat described above.

As usual please renew your configuration!

Form filling now expects the user font Roboto-Regular when using eastern european scripts.
You can do this manually or just remove your pdfcpu configuration all together and recreate it like so:

1. Locate the pdfcpu folder using pdfcpu conf
2. Remove/backup the pdfcpu folder
3. Recreate a brand new pdfcpu folder by executing any pdfcpu cmd on the CLI eg. execute one more time pdfcpu conf
4. Edit your configuration

Samples And Tests

This all is complementing the official documentation

To get a better understanding of pdfcpu's operations please make sure you check out all tests and the corresponding PDF output and all json input where appropriate:

pdfcpu/pkg/samples/* comes loaded with 230 MB worth of PDFs produced by corresponding tests and json input located at:

• pdfcpu/pkg/api/test
• pdfcpu/pkg/testdata/json

Thanks

🙏 to all bug reporters and feature requestors.
Special thanks for contributed PRs go to @​adamgreenhall, @​fancycode, @​kalimit, @​sivukhin and @​afh

Little Commercial Break

pdfcpu is in need of more frequent financial supporters!
Please consider becoming a sponsor especially if you are a (small) business 🙏
If you are a developer within a business please go to your superior or team lead and have them compare the benefits/costs vs. commercial solutions. If you prefer to operate in stealth mode that's fine - you can always become a private sponsor.
What's important is to keep the project funded and on a clear, steady path 🚀

Meet The Maintainer

I will be in the San Francisco Bay Area this fall.
If you are a recurring sponsor or not but a business using pdfcpu I would like to get to know you and your pdfcpu use case. I'll be happy to meet also one-on-one possibly over 🍻 for a technical chat/discussion and to get feedback right from the trenches.
Just get in touch with me: hhrutter@gmail.com

Next Steps

Support for PDF 2.0 encryption will be tackled next, after that digital signatures.
A Beta version is within reach 👍🏻

Have fun 💚 with pdfcpu!

Changelog

• dfaa588 Bump version, fix #​818
• c0a39e9 Add zoom cmd, fix #​756
• d581dc1 Fix #​809
• 5b7d844 Add config flag postProcessValidate
• 8735421 Fix #​815
• 88f1b3d Fix #​814
• 268e6bb Merge PR #​811
• da12eed Fix #​813
• dedaddc Merge #​795, cleanup
• 95c2d64 Avoid copying from "bytes.Buffer" to get underlying bytes.
• 044a6c0 Use type switch instead of long list of type tests.
• 3d4cbdb Further improve parsing of dictionaries / names.
• fc87a22 Fix #​794
• b4af9ea Eliminate model.ValidationNone
• d5fd063 Fix #​807
• 8f3e992 Fix #​628
• cfd7627 Finalize extended booklet cmd as contributed by Adam Greenhall
• a893411 Fix booklet cmd parsing, clean up
• d3e607d Fix #​807
• 4527ff4 Fix #​806
• 18b8e77 Fix #​805
• a8b4a4a Fix #​798
• 694f81f Fix #​794 , add PDF 2.0 disclaimer
• 1d5da77 cli documentation
• [032b32d](https://togit

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.