From 30f6e6c7fe8a9264ba5d4e30d1e858cdb90b35b0 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 19 Feb 2024 07:23:08 +0000 Subject: [PATCH] [chore]: Bump github.com/tdewolff/minify/v2 from 2.20.16 to 2.20.17 (#2661) --- go.mod | 6 +++--- go.sum | 8 ++++---- vendor/github.com/tdewolff/minify/v2/html/html.go | 2 +- vendor/github.com/tdewolff/parse/v2/html/util.go | 12 ++++-------- vendor/modules.txt | 4 ++-- 5 files changed, 14 insertions(+), 18 deletions(-) diff --git a/go.mod b/go.mod index 4e15c06dd..5a9fe5d83 100644 --- a/go.mod +++ b/go.mod @@ -49,7 +49,7 @@ require ( github.com/superseriousbusiness/activity v1.6.0-gts github.com/superseriousbusiness/httpsig v1.2.0-SSB github.com/superseriousbusiness/oauth2/v4 v4.3.2-SSB.0.20230227143000-f4900831d6c8 - github.com/tdewolff/minify/v2 v2.20.16 + github.com/tdewolff/minify/v2 v2.20.17 github.com/technologize/otel-go-contrib v1.1.0 github.com/tomnomnom/linkheader v0.0.0-20180905144013-02ca5825eb80 github.com/ulule/limiter/v3 v3.11.2 @@ -63,6 +63,7 @@ require ( go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc v1.20.0 go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracehttp v1.20.0 go.opentelemetry.io/otel/exporters/prometheus v0.43.0 + go.opentelemetry.io/otel/metric v1.20.0 go.opentelemetry.io/otel/sdk v1.20.0 go.opentelemetry.io/otel/sdk/metric v1.20.0 go.opentelemetry.io/otel/trace v1.20.0 @@ -163,7 +164,7 @@ require ( github.com/subosito/gotenv v1.6.0 // indirect github.com/superseriousbusiness/go-jpeg-image-structure/v2 v2.0.0-20220321154430-d89a106fdabe // indirect github.com/superseriousbusiness/go-png-image-structure/v2 v2.0.1-SSB // indirect - github.com/tdewolff/parse/v2 v2.7.11 // indirect + github.com/tdewolff/parse/v2 v2.7.12 // indirect github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc // indirect github.com/twitchyliquid64/golang-asm v0.15.1 // indirect github.com/ugorji/go/codec v1.2.11 // indirect @@ -172,7 +173,6 @@ require ( github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect github.com/zeebo/xxh3 v1.0.2 // indirect go.opentelemetry.io/otel/exporters/otlp/otlptrace v1.20.0 // indirect - go.opentelemetry.io/otel/metric v1.20.0 // indirect go.opentelemetry.io/proto/otlp v1.0.0 // indirect go.uber.org/multierr v1.11.0 // indirect golang.org/x/arch v0.5.0 // indirect diff --git a/go.sum b/go.sum index 79c417209..738d7914a 100644 --- a/go.sum +++ b/go.sum @@ -493,10 +493,10 @@ github.com/superseriousbusiness/httpsig v1.2.0-SSB h1:BinBGKbf2LSuVT5+MuH0XynHN9 github.com/superseriousbusiness/httpsig v1.2.0-SSB/go.mod h1:+rxfATjFaDoDIVaJOTSP0gj6UrbicaYPEptvCLC9F28= github.com/superseriousbusiness/oauth2/v4 v4.3.2-SSB.0.20230227143000-f4900831d6c8 h1:nTIhuP157oOFcscuoK1kCme1xTeGIzztSw70lX9NrDQ= github.com/superseriousbusiness/oauth2/v4 v4.3.2-SSB.0.20230227143000-f4900831d6c8/go.mod h1:uYC/W92oVRJ49Vh1GcvTqpeFqHi+Ovrl2sMllQWRAEo= -github.com/tdewolff/minify/v2 v2.20.16 h1:/C8dtRkxLTIyUlKlBz46gDiktCrE8a6+c1gTrnPFz+U= -github.com/tdewolff/minify/v2 v2.20.16/go.mod h1:/FvxV9KaTrFu35J9I2FhRvWSBxcHj8sDSdwBFh5voxM= -github.com/tdewolff/parse/v2 v2.7.11 h1:v+W45LnzmjndVlfqPCT5gGjAAZKd1GJGOPJveTIkBY8= -github.com/tdewolff/parse/v2 v2.7.11/go.mod h1:3FbJWZp3XT9OWVN3Hmfp0p/a08v4h8J9W1aghka0soA= +github.com/tdewolff/minify/v2 v2.20.17 h1:zGqEDhspr3XjSrQI/56vw9IdAhLAaKTLXWnDBsxNVt8= +github.com/tdewolff/minify/v2 v2.20.17/go.mod h1:ulkFoeAVWMLEyjuDz1ZIWOA31g5aWOawCFRp9R/MudM= +github.com/tdewolff/parse/v2 v2.7.12 h1:tgavkHc2ZDEQVKy1oWxwIyh5bP4F5fEh/JmBwPP/3LQ= +github.com/tdewolff/parse/v2 v2.7.12/go.mod h1:3FbJWZp3XT9OWVN3Hmfp0p/a08v4h8J9W1aghka0soA= github.com/tdewolff/test v1.0.11-0.20231101010635-f1265d231d52/go.mod h1:6DAvZliBAAnD7rhVgwaM7DE5/d9NMOAJ09SqYqeK4QE= github.com/tdewolff/test v1.0.11-0.20240106005702-7de5f7df4739 h1:IkjBCtQOOjIn03u/dMQK9g+Iw9ewps4mCl1nB8Sscbo= github.com/tdewolff/test v1.0.11-0.20240106005702-7de5f7df4739/go.mod h1:XPuWBzvdUzhCuxWO1ojpXsyzsA5bFoS3tO/Q3kFuTG8= diff --git a/vendor/github.com/tdewolff/minify/v2/html/html.go b/vendor/github.com/tdewolff/minify/v2/html/html.go index 1ccc85be5..ab50ff650 100644 --- a/vendor/github.com/tdewolff/minify/v2/html/html.go +++ b/vendor/github.com/tdewolff/minify/v2/html/html.go @@ -504,7 +504,7 @@ func (o *Minifier) Minify(m *minify.M, w io.Writer, r io.Reader, _ map[string]st if 0 < len(attr.Data) && (attr.Data[len(attr.Data)-1] == '\'' || attr.Data[len(attr.Data)-1] == '"') { quote = attr.Data[len(attr.Data)-1] } - val = html.EscapeAttrVal(&attrByteBuffer, val, quote, o.KeepQuotes, isXML) + val = html.EscapeAttrVal(&attrByteBuffer, val, quote, o.KeepQuotes || isXML) w.Write(val) } } diff --git a/vendor/github.com/tdewolff/parse/v2/html/util.go b/vendor/github.com/tdewolff/parse/v2/html/util.go index 0dbd52ca0..1bebd6b06 100644 --- a/vendor/github.com/tdewolff/parse/v2/html/util.go +++ b/vendor/github.com/tdewolff/parse/v2/html/util.go @@ -6,7 +6,7 @@ var ( ) // EscapeAttrVal returns the escaped attribute value bytes with quotes. Either single or double quotes are used, whichever is shorter. If there are no quotes present in the value and the value is in HTML (not XML), it will return the value without quotes. -func EscapeAttrVal(buf *[]byte, b []byte, origQuote byte, mustQuote, isXML bool) []byte { +func EscapeAttrVal(buf *[]byte, b []byte, origQuote byte, mustQuote bool) []byte { singles := 0 doubles := 0 unquoted := true @@ -20,9 +20,9 @@ func EscapeAttrVal(buf *[]byte, b []byte, origQuote byte, mustQuote, isXML bool) } } } - if unquoted && (!mustQuote || origQuote == 0) && !isXML { + if unquoted && (!mustQuote || origQuote == 0) { return b - } else if singles == 0 && origQuote == '\'' && !isXML || doubles == 0 && origQuote == '"' { + } else if singles == 0 && origQuote == '\'' || doubles == 0 && origQuote == '"' { if len(b)+2 > cap(*buf) { *buf = make([]byte, 0, len(b)+2) } @@ -36,14 +36,10 @@ func EscapeAttrVal(buf *[]byte, b []byte, origQuote byte, mustQuote, isXML bool) n := len(b) + 2 var quote byte var escapedQuote []byte - if singles >= doubles || isXML { + if singles > doubles || singles == doubles && origQuote != '\'' { n += doubles * 4 quote = '"' escapedQuote = doubleQuoteEntityBytes - if singles == doubles && origQuote == '\'' && !isXML { - quote = '\'' - escapedQuote = singleQuoteEntityBytes - } } else { n += singles * 4 quote = '\'' diff --git a/vendor/modules.txt b/vendor/modules.txt index 262bffba7..676b5d4b0 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -689,11 +689,11 @@ github.com/superseriousbusiness/oauth2/v4/generates github.com/superseriousbusiness/oauth2/v4/manage github.com/superseriousbusiness/oauth2/v4/models github.com/superseriousbusiness/oauth2/v4/server -# github.com/tdewolff/minify/v2 v2.20.16 +# github.com/tdewolff/minify/v2 v2.20.17 ## explicit; go 1.18 github.com/tdewolff/minify/v2 github.com/tdewolff/minify/v2/html -# github.com/tdewolff/parse/v2 v2.7.11 +# github.com/tdewolff/parse/v2 v2.7.12 ## explicit; go 1.13 github.com/tdewolff/parse/v2 github.com/tdewolff/parse/v2/buffer