drop support for go1.17 and older

thaJeztah · thaJeztah · commit c564c210e140 · 2023-11-10T22:01:35.000+01:00
Signed-off-by: Sebastiaan van Stijn &lt;github@gone.nl&gt;
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -14,7 +14,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        go: ["1.13.x", "1.20.x", "1.21.x"]
+        go: ["1.18.x", "1.20.x", "1.21.x"]
         platform: [ubuntu-20.04]
     runs-on: ${{ matrix.platform }}
     steps:
@@ -37,7 +37,7 @@ jobs:
     strategy:
       fail-fast: false
       matrix:
-        go: ["1.13.x", "1.20.x", "1.21.x"]
+        go: ["1.18.x", "1.20.x", "1.21.x"]
         platform: [windows-latest, macos-latest]
     runs-on: ${{ matrix.platform }}
     steps:
diff --git a/go.mod b/go.mod
@@ -1,5 +1,7 @@
 module github.com/docker/go-connections
 
-go 1.13
+go 1.18
 
 require github.com/Microsoft/go-winio v0.4.14
+
+require golang.org/x/sys v0.1.0 // indirect
diff --git a/go.sum b/go.sum
@@ -8,5 +8,6 @@ github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMB
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b h1:ag/x1USPSsqHud38I9BAC88qdNLDHHtQ4mlgQIZPPNA=
 golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.1.0 h1:kunALQeHf1/185U1i0GOB/fy1IPRDDpuoOOqRReG57U=
+golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
diff --git a/nat/nat_test.go b/nat/nat_test.go
@@ -94,7 +94,6 @@ func TestParsePortRangeToInt(t *testing.T) {
 
 func TestPort(t *testing.T) {
 	p, err := NewPort("tcp", "1234")
-
 	if err != nil {
 		t.Fatalf("tcp, 1234 had a parsing issue: %v", err)
 	}
diff --git a/proxy/network_proxy_test.go b/proxy/network_proxy_test.go
@@ -11,8 +11,10 @@ import (
 	"time"
 )
 
-var testBuf = []byte("Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo")
-var testBufSize = len(testBuf)
+var (
+	testBuf     = []byte("Buffalo buffalo Buffalo buffalo buffalo buffalo Buffalo buffalo")
+	testBufSize = len(testBuf)
+)
 
 type EchoServer interface {
 	Run()
diff --git a/proxy/tcp_proxy.go b/proxy/tcp_proxy.go
@@ -46,7 +46,7 @@ func (proxy *TCPProxy) clientLoop(client *net.TCPConn, quit chan bool) {
 	}
 
 	event := make(chan int64)
-	var broker = func(to, from *net.TCPConn) {
+	broker := func(to, from *net.TCPConn) {
 		written, err := io.Copy(to, from)
 		if err != nil {
 			// If the socket we are writing to is shutdown with
diff --git a/sockets/sockets_unix.go b/sockets/sockets_unix.go
@@ -1,4 +1,4 @@
-// +build !windows
+//go:build !windows
 
 package sockets
 
diff --git a/sockets/unix_socket.go b/sockets/unix_socket.go
@@ -1,9 +1,9 @@
-// +build !windows
+//go:build !windows
 
 /*
 Package sockets is a simple unix domain socket wrapper.
 
-Usage
+# Usage
 
 For example:
 
@@ -103,7 +103,7 @@ func NewUnixSocketWithOpts(path string, opts ...SockOption) (net.Listener, error
 	// We don't use "defer" here, to reset the umask to its original value as soon
 	// as possible. Ideally we'd be able to detect if WithChmod() was passed as
 	// an option, and skip changing umask if default permissions are used.
-	origUmask := syscall.Umask(0777)
+	origUmask := syscall.Umask(0o777)
 	l, err := net.Listen("unix", path)
 	syscall.Umask(origUmask)
 	if err != nil {
@@ -122,5 +122,5 @@ func NewUnixSocketWithOpts(path string, opts ...SockOption) (net.Listener, error
 
 // NewUnixSocket creates a unix socket with the specified path and group.
 func NewUnixSocket(path string, gid int) (net.Listener, error) {
-	return NewUnixSocketWithOpts(path, WithChown(0, gid), WithChmod(0660))
+	return NewUnixSocketWithOpts(path, WithChown(0, gid), WithChmod(0o660))
 }
diff --git a/sockets/unix_socket_test.go b/sockets/unix_socket_test.go
@@ -1,4 +1,4 @@
-// +build !windows
+//go:build !windows
 
 package sockets
 
@@ -53,7 +53,7 @@ func TestNewUnixSocket(t *testing.T) {
 
 func TestUnixSocketWithOpts(t *testing.T) {
 	uid, gid := os.Getuid(), os.Getgid()
-	perms := os.FileMode(0660)
+	perms := os.FileMode(0o660)
 	path := "/tmp/test.sock"
 	echoStr := "hello"
 	l, err := NewUnixSocketWithOpts(path, WithChown(uid, gid), WithChmod(perms))
diff --git a/tlsconfig/config_test.go b/tlsconfig/config_test.go
@@ -127,7 +127,7 @@ func TestConfigServerTLSServerCertsOnly(t *testing.T) {
 	if !reflect.DeepEqual(tlsConfig.CipherSuites, DefaultServerAcceptedCiphers) {
 		t.Fatal("Unexpected server cipher suites")
 	}
-	if !tlsConfig.PreferServerCipherSuites {
+	if !tlsConfig.PreferServerCipherSuites { //nolint:staticcheck // Ignore SA1019: tlsConfig.PreferServerCipherSuites has been deprecated since Go 1.18: PreferServerCipherSuites is ignored.
 		t.Fatal("Expected server to prefer cipher suites")
 	}
 	if tlsConfig.MinVersion != tls.VersionTLS12 {
@@ -158,7 +158,7 @@ func TestConfigServerTLSClientCANotSetIfClientAuthTooLow(t *testing.T) {
 	if tlsConfig.ClientAuth != tls.RequestClientCert {
 		t.Fatal("ClientAuth was not set to what was in the options")
 	}
-	if tlsConfig.ClientCAs != nil {
+	if tlsConfig.ClientCAs != nil { //nolint:staticcheck // Ignore SA1019: tlsConfig.ClientCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.
 		t.Fatalf("Client CAs should never have been set")
 	}
 }
@@ -191,7 +191,7 @@ func TestConfigServerTLSClientCASet(t *testing.T) {
 		basePool = x509.NewCertPool()
 	}
 	// because we are not enabling `ExclusiveRootPools`, any root pool will also contain the system roots
-	if tlsConfig.ClientCAs == nil || len(tlsConfig.ClientCAs.Subjects()) != len(basePool.Subjects())+2 {
+	if tlsConfig.ClientCAs == nil || len(tlsConfig.ClientCAs.Subjects()) != len(basePool.Subjects())+2 { //nolint:staticcheck // Ignore SA1019: tlsConfig.ClientCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.
 		t.Fatalf("Client CAs were never set correctly")
 	}
 }
@@ -394,7 +394,7 @@ func TestConfigClientTLSNoVerify(t *testing.T) {
 		t.Fatal("Unable to configure client TLS", err)
 	}
 
-	if tlsConfig.RootCAs != nil {
+	if tlsConfig.RootCAs != nil { //nolint:staticcheck // Ignore SA1019: tlsConfig.RootCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.
 		t.Fatal("Should not have set Root CAs", err)
 	}
 
@@ -449,7 +449,7 @@ func TestConfigClientTLSRootCAFileWithOneCert(t *testing.T) {
 		basePool = x509.NewCertPool()
 	}
 	// because we are not enabling `ExclusiveRootPools`, any root pool will also contain the system roots
-	if tlsConfig.RootCAs == nil || len(tlsConfig.RootCAs.Subjects()) != len(basePool.Subjects())+2 {
+	if tlsConfig.RootCAs == nil || len(tlsConfig.RootCAs.Subjects()) != len(basePool.Subjects())+2 { //nolint:staticcheck // Ignore SA1019: tlsConfig.ClientCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.
 		t.Fatal("Root CAs not set properly", err)
 	}
 	if tlsConfig.Certificates != nil {

Original file line number	Diff line number	Diff line change
`@@ -94,7 +94,6 @@ func TestParsePortRangeToInt(t *testing.T) {`
`94`	`94`
`95`	`95`	`func TestPort(t *testing.T) {`
`96`	`96`	`p, err := NewPort("tcp", "1234")`
`97`		`-`
`98`	`97`	`if err != nil {`
`99`	`98`	`t.Fatalf("tcp, 1234 had a parsing issue: %v", err)`
`100`	`99`	`}`
Original file line number	Diff line number	Diff line change
`@@ -46,7 +46,7 @@ func (proxy TCPProxy) clientLoop(client net.TCPConn, quit chan bool) {`
`46`	`46`	`}`
`47`	`47`
`48`	`48`	`event := make(chan int64)`
`49`		`- var broker = func(to, from *net.TCPConn) {`
	`49`	`+ broker := func(to, from *net.TCPConn) {`
`50`	`50`	`written, err := io.Copy(to, from)`
`51`	`51`	`if err != nil {`
`52`	`52`	`// If the socket we are writing to is shutdown with`
Original file line number	Diff line number	Diff line change
`@@ -1,4 +1,4 @@`
`1`		`-// +build !windows`
	`1`	`+//go:build !windows`
`2`	`2`
`3`	`3`	`package sockets`
`4`	`4`
Original file line number	Diff line number	Diff line change
`@@ -127,7 +127,7 @@ func TestConfigServerTLSServerCertsOnly(t *testing.T) {`
`127`	`127`	`if !reflect.DeepEqual(tlsConfig.CipherSuites, DefaultServerAcceptedCiphers) {`
`128`	`128`	`t.Fatal("Unexpected server cipher suites")`
`129`	`129`	`}`
`130`		`- if !tlsConfig.PreferServerCipherSuites {`
	`130`	`+ if !tlsConfig.PreferServerCipherSuites { //nolint:staticcheck // Ignore SA1019: tlsConfig.PreferServerCipherSuites has been deprecated since Go 1.18: PreferServerCipherSuites is ignored.`
`131`	`131`	`t.Fatal("Expected server to prefer cipher suites")`
`132`	`132`	`}`
`133`	`133`	`if tlsConfig.MinVersion != tls.VersionTLS12 {`
`@@ -158,7 +158,7 @@ func TestConfigServerTLSClientCANotSetIfClientAuthTooLow(t *testing.T) {`
`158`	`158`	`if tlsConfig.ClientAuth != tls.RequestClientCert {`
`159`	`159`	`t.Fatal("ClientAuth was not set to what was in the options")`
`160`	`160`	`}`
`161`		`- if tlsConfig.ClientCAs != nil {`
	`161`	`+ if tlsConfig.ClientCAs != nil { //nolint:staticcheck // Ignore SA1019: tlsConfig.ClientCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.`
`162`	`162`	`t.Fatalf("Client CAs should never have been set")`
`163`	`163`	`}`
`164`	`164`	`}`
`@@ -191,7 +191,7 @@ func TestConfigServerTLSClientCASet(t *testing.T) {`
`191`	`191`	`basePool = x509.NewCertPool()`
`192`	`192`	`}`
`193`	`193`	// because we are not enabling `ExclusiveRootPools`, any root pool will also contain the system roots
`194`		`- if tlsConfig.ClientCAs == nil \|\| len(tlsConfig.ClientCAs.Subjects()) != len(basePool.Subjects())+2 {`
	`194`	`+ if tlsConfig.ClientCAs == nil \|\| len(tlsConfig.ClientCAs.Subjects()) != len(basePool.Subjects())+2 { //nolint:staticcheck // Ignore SA1019: tlsConfig.ClientCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.`
`195`	`195`	`t.Fatalf("Client CAs were never set correctly")`
`196`	`196`	`}`
`197`	`197`	`}`
`@@ -394,7 +394,7 @@ func TestConfigClientTLSNoVerify(t *testing.T) {`
`394`	`394`	`t.Fatal("Unable to configure client TLS", err)`
`395`	`395`	`}`
`396`	`396`
`397`		`- if tlsConfig.RootCAs != nil {`
	`397`	`+ if tlsConfig.RootCAs != nil { //nolint:staticcheck // Ignore SA1019: tlsConfig.RootCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.`
`398`	`398`	`t.Fatal("Should not have set Root CAs", err)`
`399`	`399`	`}`
`400`	`400`
`@@ -449,7 +449,7 @@ func TestConfigClientTLSRootCAFileWithOneCert(t *testing.T) {`
`449`	`449`	`basePool = x509.NewCertPool()`
`450`	`450`	`}`
`451`	`451`	// because we are not enabling `ExclusiveRootPools`, any root pool will also contain the system roots
`452`		`- if tlsConfig.RootCAs == nil \|\| len(tlsConfig.RootCAs.Subjects()) != len(basePool.Subjects())+2 {`
	`452`	`+ if tlsConfig.RootCAs == nil \|\| len(tlsConfig.RootCAs.Subjects()) != len(basePool.Subjects())+2 { //nolint:staticcheck // Ignore SA1019: tlsConfig.ClientCAs.Subjects has been deprecated since Go 1.18: if s was returned by SystemCertPool, Subjects will not include the system roots.`
`453`	`453`	`t.Fatal("Root CAs not set properly", err)`
`454`	`454`	`}`
`455`	`455`	`if tlsConfig.Certificates != nil {`