diff --git a/go.mod b/go.mod index d07a8cb6..48d9c773 100644 --- a/go.mod +++ b/go.mod @@ -10,7 +10,7 @@ require ( github.com/docker/docker v28.1.1+incompatible github.com/google/uuid v1.6.0 github.com/jedib0t/go-pretty/v6 v6.6.7 - github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4 + github.com/neuvector/neuvector v0.0.0-20260212014602-e1434ffaa549 github.com/opencontainers/go-digest v1.0.0 github.com/quay/clair/v2 v2.1.8 github.com/sirupsen/logrus v1.9.3 diff --git a/go.sum b/go.sum index a80acf37..a578aa45 100644 --- a/go.sum +++ b/go.sum @@ -210,8 +210,8 @@ github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822 h1:C3w9PqII01/Oq github.com/munnerz/goautoneg v0.0.0-20191010083416-a7dc8b61c822/go.mod h1:+n7T8mK8HuQTcFwEeznm/DIxMOiR9yIdICNftLE1DvQ= github.com/neuvector/go-rpmdb v0.0.0-20240605184921-0db4de14c27a h1:lmvuJ3uQVRk14exDRLu1Oq78iz8dLE7CJo+QodD+tos= github.com/neuvector/go-rpmdb v0.0.0-20240605184921-0db4de14c27a/go.mod h1:tQW+vmxLXFPfI1HuRjoiIxOh8A7JudpfWl8xmezEGSs= -github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4 h1:Woeh/pgIRGKFvxaCBHE4SPhbRzvKz7E5Es3JPjO0dKI= -github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4/go.mod h1:NA53DA2APMLJa9Pdk3cuVlL+6hrjEsgfB5oJHEYljdI= +github.com/neuvector/neuvector v0.0.0-20260212014602-e1434ffaa549 h1:Zpe6+o3vnGD/N7Algr1/3/98vgqNhvMp7bdugADXJw4= +github.com/neuvector/neuvector v0.0.0-20260212014602-e1434ffaa549/go.mod h1:NA53DA2APMLJa9Pdk3cuVlL+6hrjEsgfB5oJHEYljdI= github.com/onsi/ginkgo/v2 v2.21.0 h1:7rg/4f3rB88pb5obDgNZrNHrQ4e6WpjonchcpuBRnZM= github.com/onsi/ginkgo/v2 v2.21.0/go.mod h1:7Du3c42kxCUegi0IImZ1wUQzMBVecgIHjR1C+NkhLQo= github.com/onsi/gomega v1.35.1 h1:Cwbd75ZBPxFSuZ6T+rN/WCb/gOc6YgFBXLlZLhC7Ds4= diff --git a/vendor/github.com/neuvector/neuvector/share/cluster/consul.go b/vendor/github.com/neuvector/neuvector/share/cluster/consul.go index 17710618..c48ed27d 100644 --- a/vendor/github.com/neuvector/neuvector/share/cluster/consul.go +++ b/vendor/github.com/neuvector/neuvector/share/cluster/consul.go @@ -284,7 +284,7 @@ func (m *consulMethod) Start(cc *ClusterConfig, eCh chan error, recover bool) { if isBootstrap(cc) { args = append(args, "-bootstrap") } else { - var haveSelf bool = false + var haveSelf = false for _, ip := range cc.joinAddrList { if ip == cc.AdvertiseAddr { haveSelf = true @@ -965,7 +965,7 @@ func (m *consulMethod) GetAllMembers() []ClusterMemberInfo { return nil } - var nodes []ClusterMemberInfo = make([]ClusterMemberInfo, len(curMembers)) + var nodes = make([]ClusterMemberInfo, len(curMembers)) for i, mem := range curMembers { nodes[i].Name = mem.Name if mem.Tags["role"] == "consul" { @@ -1201,11 +1201,12 @@ func stateUpdateCallback(checks []*api.HealthCheck) { } log.WithFields(log.Fields{"Node": check.Node, "Status": check.Status}).Debug("") - if check.Status == "passing" { + switch check.Status { + case "passing": notif = ClusterNotifyStateOnline - } else if check.Status == "critical" { + case "critical": notif = ClusterNotifyStateOffline - } else { + default: continue } for _, watcher := range stateWatchers { @@ -1308,7 +1309,7 @@ func storeUpdateCallback(idx uint64, store string, data interface{}) { // Found new or modified key/value pairs for _, kv := range kvs { - var notify bool = false + var notify = false _, ok = cache[kv.Key] if !ok { diff --git a/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go b/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go index ab43831e..a34bf8c0 100644 --- a/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go +++ b/vendor/github.com/neuvector/neuvector/share/cluster/grpc.go @@ -246,10 +246,11 @@ func (c *GRPCClient) monitorGRPCConnectivity(ctx context.Context) { log.WithFields(log.Fields{"state": s}).Debug("grpc connection state") // Even when server shutdown, client grpc channel is in TransientFailure state. - if s == connectivity.Shutdown { + switch s { + case connectivity.Shutdown: c.shutdown() return - } else if s == connectivity.TransientFailure { + case connectivity.TransientFailure: // In case the connection is in transient state, wait a second and check state again. time.Sleep(time.Second) s = c.conn.GetState() diff --git a/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go b/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go index 17ee9373..7c4c0ecb 100644 --- a/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go +++ b/vendor/github.com/neuvector/neuvector/share/cluster/intfs.go @@ -144,7 +144,7 @@ func StartCluster(cc *ClusterConfig) (string, error) { log.WithFields(log.Fields{"lead": lead}).Info() // Monitor cluster lead - var noLeadChan chan interface{} = make(chan interface{}, 1) + var noLeadChan = make(chan interface{}, 1) RegisterLeadChangeWatcher(func(newLead, oldLead string) { log.WithFields(log.Fields{"newLead": newLead, "oldLead": oldLead}).Info() if newLead == "" { @@ -351,7 +351,7 @@ Wait: type LeadChangeCallback func(string, string) func RegisterLeadChangeWatcher(fn LeadChangeCallback, lead string) { - var leaveChan chan string = make(chan string, 1) + var leaveChan = make(chan string, 1) RegisterNodeWatcher(func(nType ClusterNotifyType, memberAddr string, member string) { if nType == ClusterNotifyDelete { @@ -360,7 +360,7 @@ func RegisterLeadChangeWatcher(fn LeadChangeCallback, lead string) { }) go func() { - //nolint:staticcheck // SA1015 + leadMonitorTicker := time.Tick(time.Second * 5) for { select { diff --git a/vendor/github.com/neuvector/neuvector/share/container/crio.go b/vendor/github.com/neuvector/neuvector/share/container/crio.go index 8fdea495..12bde601 100644 --- a/vendor/github.com/neuvector/neuvector/share/container/crio.go +++ b/vendor/github.com/neuvector/neuvector/share/container/crio.go @@ -63,11 +63,11 @@ func getPauseImageRepoDigests(sys *system.SystemTools) (string, error) { scanner := bufio.NewScanner(strings.NewReader(string(dat))) for scanner.Scan() { // removing whitespaces, tabs and quote - line := strings.Replace(scanner.Text(), " ", "", -1) - line = strings.Replace(line, "\t", "", -1) + line := strings.ReplaceAll(scanner.Text(), " ", "") + line = strings.ReplaceAll(line, "\t", "") // log.WithFields(log.Fields{"line": line}).Debug("CRIO:") if strings.HasPrefix(line, "pause_image=") { - line = strings.Replace(line, "\"", "", -1) + line = strings.ReplaceAll(line, "\"", "") return line[len("pause_image="):], nil } } diff --git a/vendor/github.com/neuvector/neuvector/share/container/stub.go b/vendor/github.com/neuvector/neuvector/share/container/stub.go index 6fe58c3e..d6cb72ce 100644 --- a/vendor/github.com/neuvector/neuvector/share/container/stub.go +++ b/vendor/github.com/neuvector/neuvector/share/container/stub.go @@ -66,7 +66,7 @@ func InitStubRtDriver(sys *system.SystemTools) (Runtime, error) { podname = strings.TrimSpace(string(dat)) if dat, err = os.ReadFile("/etc/hosts"); err == nil { for _, line := range strings.Split(strings.Trim(string(dat), " \t\r\n"), "\n") { - line = strings.Replace(strings.Trim(line, " \t"), "\t", " ", -1) + line = strings.ReplaceAll(strings.Trim(line, " \t"), "\t", " ") if len(line) == 0 || line[0] == ';' || line[0] == '#' { continue } diff --git a/vendor/github.com/neuvector/neuvector/share/criteria.go b/vendor/github.com/neuvector/neuvector/share/criteria.go index b04c22ab..1c62d440 100644 --- a/vendor/github.com/neuvector/neuvector/share/criteria.go +++ b/vendor/github.com/neuvector/neuvector/share/criteria.go @@ -123,8 +123,8 @@ func IsSvcIpGroupMember(usergroup *CLUSGroup, svcipgroup *CLUSGroup) bool { func IsSvcIpGroupSelected(svcipgroup *CLUSGroup, selector []CLUSCriteriaEntry) bool { var ret, positive bool - var rets map[string]bool = make(map[string]bool) - var poss map[string]bool = make(map[string]bool) + var rets = make(map[string]bool) + var poss = make(map[string]bool) for _, crt := range selector { key := crt.Key @@ -185,8 +185,8 @@ func IsGroupMember(group *CLUSGroup, workload *CLUSWorkload, domain *CLUSDomain) // For different criteria type, apply 'and' func IsWorkloadSelected(workload *CLUSWorkload, selector []CLUSCriteriaEntry, domain *CLUSDomain) bool { var ret, positive bool - var rets map[string]bool = make(map[string]bool) - var poss map[string]bool = make(map[string]bool) + var rets = make(map[string]bool) + var poss = make(map[string]bool) for _, crt := range selector { key := crt.Key switch key { @@ -252,9 +252,9 @@ func EqualMatch(match, value string) bool { return match == value } - re := strings.Replace(match, ".", "\\.", -1) - re = strings.Replace(re, "?", ".", -1) - re = strings.Replace(re, "*", ".*", -1) + re := strings.ReplaceAll(match, ".", "\\.") + re = strings.ReplaceAll(re, "?", ".") + re = strings.ReplaceAll(re, "*", ".*") re = fmt.Sprintf("^%s$", re) if regex, err := regexp.Compile(re); err != nil { diff --git a/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go b/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go index 395bfa8e..0d3aa282 100644 --- a/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go +++ b/vendor/github.com/neuvector/neuvector/share/k8sutils/k8sutils.go @@ -15,9 +15,10 @@ const ALL_NAMESPACE = "{all_namespace}" func CanI(clientset *kubernetes.Clientset, ra authorizationv1.ResourceAttributes, namespace string) (bool, error) { - if ra.Namespace == NV_NAMESPACE { + switch ra.Namespace { + case NV_NAMESPACE: ra.Namespace = namespace - } else if ra.Namespace == ALL_NAMESPACE { + case ALL_NAMESPACE: ra.Namespace = "" } diff --git a/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go b/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go index c49540d1..20e0056a 100644 --- a/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go +++ b/vendor/github.com/neuvector/neuvector/share/osutil/user_linux.go @@ -65,7 +65,7 @@ func CheckUidAuthority(user string, pid int) (bool, error) { // get the non-privileged user uid start value func getUserStartUid(pid int) int { - var uidStart int = UserUidMin + var uidStart = UserUidMin dat, err := global.SYS.ReadContainerFile("/etc/login.defs", pid, 0, 0) if err != nil { //log.WithFields(log.Fields{"err": err, "pid": pid}).Debug("Get login.defs fail") @@ -75,7 +75,7 @@ func getUserStartUid(pid int) int { scanner := bufio.NewScanner(strings.NewReader(string(dat))) for scanner.Scan() { line := scanner.Text() - line = strings.Replace(line, "\t", " ", -1) + line = strings.ReplaceAll(line, "\t", " ") fields := strings.Split(line, " ") if len(fields) > 1 && strings.HasPrefix(fields[0], "UID_MIN") { for _, field := range fields[1:] { diff --git a/vendor/github.com/neuvector/neuvector/share/scan/apps.go b/vendor/github.com/neuvector/neuvector/share/scan/apps.go index 4038e7b3..6fb6d60e 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/apps.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/apps.go @@ -162,13 +162,13 @@ func (s *ScanApps) marshal() []byte { // write by 64-entry chunk, so we don't hit the scanner limit when reading it for len(pkg) > 64 { if b, err := json.Marshal(pkg[:64]); err == nil { - buf.WriteString(fmt.Sprintf("%s\n", string(b))) + fmt.Fprintf(buf, "%s\n", string(b)) } pkg = pkg[64:] } if len(pkg) > 0 { if b, err := json.Marshal(pkg); err == nil { - buf.WriteString(fmt.Sprintf("%s\n", string(b))) + fmt.Fprintf(buf, "%s\n", string(b)) } } } @@ -419,9 +419,10 @@ func parseJarManifestFile(path string, rc io.Reader) (*AppPackage, error) { } // NVSHAS-9942 - if title == "org.elasticsearch#server" { + switch title { + case "org.elasticsearch#server": title = "elasticsearch" - } else if title == "Spring Boot" { + case "Spring Boot": title = "spring-boot" } diff --git a/vendor/github.com/neuvector/neuvector/share/scan/compliance.go b/vendor/github.com/neuvector/neuvector/share/scan/compliance.go index fc4f9cc8..9d516c3f 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/compliance.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/compliance.go @@ -2952,19 +2952,19 @@ func updateComplianceMetasFromMap(metas *[]api.RESTBenchMeta, metaMap map[string for id, item := range metaMapV2 { *metasV2 = append(*metasV2, item) var tags []string - for compliance := range item.RESTBenchCheck.TagsV2 { + for compliance := range item.TagsV2 { tags = append(tags, compliance) } benchMeta = api.RESTBenchMeta{ RESTBenchCheck: api.RESTBenchCheck{ - TestNum: item.RESTBenchCheck.TestNum, - Type: item.RESTBenchCheck.Type, - Category: item.RESTBenchCheck.Category, - Scored: item.RESTBenchCheck.Scored, - Profile: item.RESTBenchCheck.Profile, - Automated: item.RESTBenchCheck.Automated, - Description: item.RESTBenchCheck.Description, - Remediation: item.RESTBenchCheck.Remediation, + TestNum: item.TestNum, + Type: item.Type, + Category: item.Category, + Scored: item.Scored, + Profile: item.Profile, + Automated: item.Automated, + Description: item.Description, + Remediation: item.Remediation, Tags: tags, }, } diff --git a/vendor/github.com/neuvector/neuvector/share/scan/golang.go b/vendor/github.com/neuvector/neuvector/share/scan/golang.go index 353b1c78..e2ddbc36 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/golang.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/golang.go @@ -108,11 +108,12 @@ func readRawBuildInfo(x exe, checkOnly bool) (string, string, error) { bo = binary.LittleEndian } var readPtr func([]byte) uint64 - if ptrSize == 4 { + switch ptrSize { + case 4: readPtr = func(b []byte) uint64 { return uint64(bo.Uint32(b)) } - } else if ptrSize == 8 { + case 8: readPtr = bo.Uint64 - } else { + default: return "", "", errNotGoExe } vers = readString(x, ptrSize, readPtr, readPtr(data[16:])) diff --git a/vendor/github.com/neuvector/neuvector/share/scan/quote.go b/vendor/github.com/neuvector/neuvector/share/scan/quote.go index 101a3c83..a69da060 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/quote.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/quote.go @@ -117,7 +117,7 @@ func unquote(in string, unescape bool) (out, rem string, err error) { } // Verify that the string ends with a terminating quote. - if !(len(in) > 0 && in[0] == quote) { + if len(in) <= 0 || in[0] != quote { return "", in0, strconv.ErrSyntax } in = in[1:] // skip terminating quote diff --git a/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go b/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go index 87fe432e..eb8dca42 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/scan_report.go @@ -357,12 +357,12 @@ func ScanRepoResult2REST(result *share.ScanResult, tagMap map[string][]string) * }, } if result.SignatureInfo != nil { - report.RESTScanReport.SignatureInfo = &api.RESTScanSignatureInfo{ + report.SignatureInfo = &api.RESTScanSignatureInfo{ Verifiers: result.SignatureInfo.Verifiers, VerificationTimestamp: result.SignatureInfo.VerificationTimestamp, } } else { - report.RESTScanReport.SignatureInfo = &api.RESTScanSignatureInfo{} + report.SignatureInfo = &api.RESTScanSignatureInfo{} } return report @@ -409,15 +409,16 @@ func fillVulFields(vr *share.ScanVulnerability, v *api.RESTVulnerability) { func normalizeBaseOS(baseOS string) string { if a := strings.Index(baseOS, ":"); a > 0 { baseOS = baseOS[:a] - if baseOS == "rhel" || baseOS == "server" || baseOS == "centos" { + switch baseOS { + case "rhel", "server", "centos": baseOS = "centos" - } else if baseOS == "rhcos" { + case "rhcos": baseOS = "" - } else if baseOS == "ol" { + case "ol": baseOS = "oracle" - } else if baseOS == "amzn" { + case "amzn": baseOS = "amazon" - } else if baseOS == "sles" { + case "sles": baseOS = "suse" } } @@ -619,14 +620,14 @@ func MakeVulnerabilityProfileFilter(vf *api.RESTVulnerabilityProfile) VPFInterfa if f.isNameRegexp = strings.Contains(e.Name, "*"); f.isNameRegexp { // case insensitive - f.name = regexp.MustCompile("(?i)" + strings.Replace(e.Name, "*", ".*", -1)) + f.name = regexp.MustCompile("(?i)" + strings.ReplaceAll(e.Name, "*", ".*")) } f.isDomainRegexp = make([]bool, len(e.Domains)) f.domains = make([]*regexp.Regexp, len(e.Domains)) for j, domain := range e.Domains { if f.isDomainRegexp[j] = strings.Contains(domain, "*"); f.isDomainRegexp[j] { - f.domains[j] = regexp.MustCompile(strings.Replace(domain, "*", ".*", -1)) + f.domains[j] = regexp.MustCompile(strings.ReplaceAll(domain, "*", ".*")) } } @@ -634,7 +635,7 @@ func MakeVulnerabilityProfileFilter(vf *api.RESTVulnerabilityProfile) VPFInterfa f.images = make([]*regexp.Regexp, len(e.Images)) for j, image := range e.Images { if f.isImageRegexp[j] = strings.Contains(image, "*"); f.isImageRegexp[j] { - f.images[j] = regexp.MustCompile(strings.Replace(image, "*", ".*", -1)) + f.images[j] = regexp.MustCompile(strings.ReplaceAll(image, "*", ".*")) } } } diff --git a/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go b/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go index de40f8fa..620d7049 100644 --- a/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go +++ b/vendor/github.com/neuvector/neuvector/share/scan/scan_utils.go @@ -413,11 +413,12 @@ func GetDpkgStatus(fullpath, kernel string) ([]byte, error) { // filter kernels that are not running if strings.HasPrefix(line, "Package: ") && kernel != "" { kpkg := isDpkgKernelPackage(line) - if kpkg == "" { + switch kpkg { + case "": skipPackage = false - } else if kpkg == kernel { + case kernel: skipPackage = false - } else { + default: skipPackage = true continue } @@ -639,7 +640,7 @@ func GetAwsFuncPackages(fileName string) ([]*share.ScanAppPackage, error) { for _, v := range apps.pkgs { for _, vt := range v { - filename := strings.Replace(vt.FileName, "/package.json", "", -1) + filename := strings.ReplaceAll(vt.FileName, "/package.json", "") pckg := &share.ScanAppPackage{ AppName: vt.AppName, ModuleName: vt.ModuleName, diff --git a/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go b/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go index c6c525f1..7c972f40 100644 --- a/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go +++ b/vendor/github.com/neuvector/neuvector/share/system/sidekick/net_linux.go @@ -60,7 +60,7 @@ func GetGlobalAddrs() map[string]NetIface { for _, addr := range addrs { // Don't check addr.flags, such as PERMANENT, interface flags on vagrant VM maybe different - if addr.Scope == syscall.RT_SCOPE_UNIVERSE || (addr.Scope == syscall.RT_SCOPE_LINK && utils.IsIPv4(addr.IPNet.IP)) { + if addr.Scope == syscall.RT_SCOPE_UNIVERSE || (addr.Scope == syscall.RT_SCOPE_LINK && utils.IsIPv4(addr.IP)) { iface.Addrs = append(iface.Addrs, NetAddr{IPNet: *addr.IPNet, Scope: addr.Scope}) //log.WithFields(log.Fields{"link": attrs.Name, "ip": addr.IP}).Debug("Add") } diff --git a/vendor/github.com/neuvector/neuvector/share/system/stats.go b/vendor/github.com/neuvector/neuvector/share/system/stats.go index 4e0c2fba..3cb1540c 100644 --- a/vendor/github.com/neuvector/neuvector/share/system/stats.go +++ b/vendor/github.com/neuvector/neuvector/share/system/stats.go @@ -7,8 +7,8 @@ import ( ) func calculateCPU(prevCPU, prevCPUSystem uint64, cpu, cpuSystem uint64) float64 { - var cDelta float64 = float64(cpu - prevCPU) - var sDelta float64 = float64(cpuSystem - prevCPUSystem) + var cDelta = float64(cpu - prevCPU) + var sDelta = float64(cpuSystem - prevCPUSystem) if sDelta > 0.0 { if cDelta > sDelta { diff --git a/vendor/github.com/neuvector/neuvector/share/utils/extract.go b/vendor/github.com/neuvector/neuvector/share/utils/extract.go index f5f5e27d..28826c91 100644 --- a/vendor/github.com/neuvector/neuvector/share/utils/extract.go +++ b/vendor/github.com/neuvector/neuvector/share/utils/extract.go @@ -221,7 +221,7 @@ func SelectivelyExtractToFile(r io.Reader, selected func(string) bool, dir strin files := make(map[string]string) extract := func(filename string, size int64, reader io.ReadCloser) error { - fpath := dir + "/" + strings.Replace(filename, "/", "_", -1) + fpath := dir + "/" + strings.ReplaceAll(filename, "/", "_") f, err := os.Create(fpath) if err != nil { return ErrCouldNotWriteToDisk diff --git a/vendor/github.com/neuvector/neuvector/share/utils/utils.go b/vendor/github.com/neuvector/neuvector/share/utils/utils.go index c0c6882a..478eccb0 100644 --- a/vendor/github.com/neuvector/neuvector/share/utils/utils.go +++ b/vendor/github.com/neuvector/neuvector/share/utils/utils.go @@ -114,7 +114,7 @@ func ResolveAddrList(addr string, skipLoopback bool) ([]string, bool) { if skipLoopback && ips[i].IsLoopback() { continue } - var dup bool = false + var dup = false for _, exist := range ipList { if exist == ips[i].String() { dup = true @@ -151,7 +151,7 @@ func GzipBytes(buf []byte) []byte { } func GetGuid() (string, error) { - return strings.Replace(uuid.NewString(), "-", "", -1), nil + return strings.ReplaceAll(uuid.NewString(), "-", ""), nil } func GetTimeUUID(t time.Time) string { @@ -309,7 +309,7 @@ func NewEnvironParser(envs []string) *EnvironParser { tokens := strings.Split(v, ";") for _, t := range tokens { t = strings.TrimSpace(t) - t = strings.Replace(t, "*", ".*", -1) + t = strings.ReplaceAll(t, "*", ".*") if r, err := regexp.Compile(fmt.Sprintf("^%s$", t)); err != nil { log.WithFields(log.Fields{"value": v}).Error("Failed to parse system group") } else { @@ -765,10 +765,11 @@ func MergeSubnet(subnets map[string]share.CLUSSubnet, snet share.CLUSSubnet) boo // such as 172.16.60.0/24, 172.16.14.0/24; and flannel IP has a bigger subnets, // 172.16.0.0/16. Here, we check if new subnet and existing subnets containers each other. if inc, v := SubnetContains(&sn.Subnet, &snet.Subnet); inc { - if v == 1 { + switch v { + case 1: // existing subnet is bigger, ignore new one return false - } else if v == -1 { + case -1: // new subnet is bigger, remove the existing one delete(subnets, key) } @@ -785,10 +786,11 @@ func MergeSpecialSubnet(subnets map[string]share.CLUSSpecSubnet, snet share.CLUS // such as 172.16.60.0/24, 172.16.14.0/24; and flannel IP has a bigger subnets, // 172.16.0.0/16. Here, we check if new subnet and existing subnets containers each other. if inc, v := SubnetContains(&sn.Subnet, &snet.Subnet); inc { - if v == 1 { + switch v { + case 1: // existing subnet is bigger, ignore new one return false - } else if v == -1 { + case -1: // new subnet is bigger, remove the existing one delete(subnets, key) } @@ -872,7 +874,7 @@ func (f *LogFormatter) Format(entry *log.Entry) ([]byte, error) { // Skip 2, 0: callers(), 1: GetCaller, 2: LogFormatter() fn := GetCaller(3, []string{"logrus"}) - var keys []string = make([]string, 0, len(entry.Data)) + var keys = make([]string, 0, len(entry.Data)) for k := range entry.Data { keys = append(keys, k) } @@ -1381,7 +1383,7 @@ func Dns1123NameChg(name string) string { name = replaceAtIndex(name, '0', i) } else if !regDns1122.MatchString(string(char)) { fmt.Println("char:", string(char), "failed regex") - name = strings.Replace(name, string(char), "-", -1) + name = strings.ReplaceAll(name, string(char), "-") } } } @@ -1391,7 +1393,7 @@ func Dns1123NameChg(name string) string { func RandomString(length int) string { const charset = "abcdefghijklmnopqrstuvwxyz" - var seededRand *mathrand.Rand = mathrand.New( + var seededRand = mathrand.New( mathrand.NewSource(time.Now().UnixNano())) b := make([]byte, length) diff --git a/vendor/modules.txt b/vendor/modules.txt index 416c69b5..2612cbe2 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -391,7 +391,7 @@ github.com/neuvector/go-rpmdb/pkg/bdb github.com/neuvector/go-rpmdb/pkg/db github.com/neuvector/go-rpmdb/pkg/ndb github.com/neuvector/go-rpmdb/pkg/sqlite3 -# github.com/neuvector/neuvector v0.0.0-20260206120806-b67a34aecea4 +# github.com/neuvector/neuvector v0.0.0-20260212014602-e1434ffaa549 ## explicit; go 1.24.0 github.com/neuvector/neuvector/controller/api github.com/neuvector/neuvector/share