diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index c232120a..da8ca358 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -1,7 +1,7 @@ 'name': 'build' 'env': - 'GO_VERSION': '1.19.11' + 'GO_VERSION': '1.20.7' 'NODE_VERSION': '14' 'on': diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 900a1478..773f0494 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -1,7 +1,7 @@ 'name': 'lint' 'env': - 'GO_VERSION': '1.19.11' + 'GO_VERSION': '1.20.7' 'on': 'push': diff --git a/CHANGELOG.md b/CHANGELOG.md index 1046812f..ee42ca76 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -23,6 +23,15 @@ See also the [v0.107.36 GitHub milestone][ms-v0.107.36]. NOTE: Add new changes BELOW THIS COMMENT. --> +### Security + +- Go version has been updated to prevent the possibility of exploiting the + CVE-2023-29409 Go vulnerability fixed in [Go 1.20.7][go-1.20.7]. + +### Deprecated + +- Go 1.20 support. Future versions will require at least Go 1.21 to build. + ### Fixed - Inability to block queries for the root domain, such as `NS .` queries, using @@ -35,6 +44,8 @@ NOTE: Add new changes BELOW THIS COMMENT. [#6046]: https://github.com/AdguardTeam/AdGuardHome/issues/6046 [#6049]: https://github.com/AdguardTeam/AdGuardHome/issues/6049 +[go-1.20.7]: https://groups.google.com/g/golang-announce/c/X0b6CsSAaYI/m/Efv5DbZ9AwAJ + diff --git a/README.md b/README.md index 47ab9fc4..16f94b6f 100644 --- a/README.md +++ b/README.md @@ -261,7 +261,7 @@ Run `make init` to prepare the development environment. You will need this to build AdGuard Home: - * [Go](https://golang.org/dl/) v1.19 or later; + * [Go](https://golang.org/dl/) v1.20 or later; * [Node.js](https://nodejs.org/en/download/) v10.16.2 or later; * [npm](https://www.npmjs.com/) v6.14 or later; * [yarn](https://yarnpkg.com/) v1.22.5 or later. diff --git a/bamboo-specs/release.yaml b/bamboo-specs/release.yaml index 5ca1f8c0..d4efb97b 100644 --- a/bamboo-specs/release.yaml +++ b/bamboo-specs/release.yaml @@ -7,7 +7,7 @@ # Make sure to sync any changes with the branch overrides below. 'variables': 'channel': 'edge' - 'dockerGo': 'adguard/golang-ubuntu:6.8' + 'dockerGo': 'adguard/golang-ubuntu:7.0' 'stages': - 'Build frontend': @@ -272,7 +272,7 @@ # need to build a few of these. 'variables': 'channel': 'beta' - 'dockerGo': 'adguard/golang-ubuntu:6.8' + 'dockerGo': 'adguard/golang-ubuntu:7.0' # release-vX.Y.Z branches are the branches from which the actual final # release is built. - '^release-v[0-9]+\.[0-9]+\.[0-9]+': @@ -287,4 +287,4 @@ # are the ones that actually get released. 'variables': 'channel': 'release' - 'dockerGo': 'adguard/golang-ubuntu:6.8' + 'dockerGo': 'adguard/golang-ubuntu:7.0' diff --git a/bamboo-specs/snapcraft.yaml b/bamboo-specs/snapcraft.yaml index ac8a2217..7d8c5f38 100644 --- a/bamboo-specs/snapcraft.yaml +++ b/bamboo-specs/snapcraft.yaml @@ -10,7 +10,7 @@ # Make sure to sync any changes with the branch overrides below. 'variables': 'channel': 'edge' - 'dockerGo': 'adguard/golang-ubuntu:6.8' + 'dockerGo': 'adguard/golang-ubuntu:7.0' 'snapcraftChannel': 'edge' 'stages': @@ -191,7 +191,7 @@ # need to build a few of these. 'variables': 'channel': 'beta' - 'dockerGo': 'adguard/golang-ubuntu:6.8' + 'dockerGo': 'adguard/golang-ubuntu:7.0' 'snapcraftChannel': 'beta' # release-vX.Y.Z branches are the branches from which the actual final # release is built. @@ -207,5 +207,5 @@ # are the ones that actually get released. 'variables': 'channel': 'release' - 'dockerGo': 'adguard/golang-ubuntu:6.8' + 'dockerGo': 'adguard/golang-ubuntu:7.0' 'snapcraftChannel': 'candidate' diff --git a/bamboo-specs/test.yaml b/bamboo-specs/test.yaml index 39361afe..fe858950 100644 --- a/bamboo-specs/test.yaml +++ b/bamboo-specs/test.yaml @@ -5,7 +5,7 @@ 'key': 'AHBRTSPECS' 'name': 'AdGuard Home - Build and run tests' 'variables': - 'dockerGo': 'adguard/golang-ubuntu:6.8' + 'dockerGo': 'adguard/golang-ubuntu:7.0' 'stages': - 'Tests': diff --git a/go.mod b/go.mod index 42bc5aee..cf985173 100644 --- a/go.mod +++ b/go.mod @@ -1,6 +1,6 @@ module github.com/AdguardTeam/AdGuardHome -go 1.19 +go 1.20 require ( github.com/AdguardTeam/dnsproxy v0.52.1-0.20230726165924-30c459b0cdef diff --git a/internal/querylog/decode_test.go b/internal/querylog/decode_test.go index 8e557e50..3e4e4f0d 100644 --- a/internal/querylog/decode_test.go +++ b/internal/querylog/decode_test.go @@ -127,7 +127,7 @@ func TestDecodeLogEntry(t *testing.T) { }, { name: "bad_time", log: `{"IP":"127.0.0.1","T":"12/09/1998T15:00:00.000000+05:00","QH":"an.yandex.ru","QT":"A","QC":"IN","CP":"","Answer":"Qz+BgAABAAEAAAAAAmFuBnlhbmRleAJydQAAAQABwAwAAQABAAAACgAEAAAAAA==","Result":{"IsFiltered":true,"Reason":3},"Elapsed":837429}`, - want: "decodeLogEntry handler err: parsing time \"12/09/1998T15:00:00.000000+05:00\" as \"2006-01-02T15:04:05Z07:00\": cannot parse \"9/1998T15:00:00.000000+05:00\" as \"2006\"\n", + want: "decodeLogEntry handler err: parsing time \"12/09/1998T15:00:00.000000+05:00\" as \"2006-01-02T15:04:05Z07:00\": cannot parse \"12/09/1998T15:00:00.000000+05:00\" as \"2006\"\n", }, { name: "bad_host", log: `{"IP":"127.0.0.1","T":"2020-11-25T18:55:56.519796+03:00","QH":6,"QT":"A","QC":"IN","CP":"","Answer":"Qz+BgAABAAEAAAAAAmFuBnlhbmRleAJydQAAAQABwAwAAQABAAAACgAEAAAAAA==","Result":{"IsFiltered":true,"Reason":3},"Elapsed":837429}`, diff --git a/internal/tools/go.mod b/internal/tools/go.mod index 2dd18576..8cdd6e81 100644 --- a/internal/tools/go.mod +++ b/internal/tools/go.mod @@ -1,6 +1,6 @@ module github.com/AdguardTeam/AdGuardHome/internal/tools -go 1.19 +go 1.20 require ( github.com/fzipp/gocyclo v0.6.0 @@ -10,7 +10,7 @@ require ( github.com/kyoh86/looppointer v0.2.1 github.com/securego/gosec/v2 v2.16.0 github.com/uudashr/gocognit v1.0.7 - golang.org/x/tools v0.11.0 + golang.org/x/tools v0.11.1 golang.org/x/vuln v1.0.0 // TODO(a.garipov): Return to tagged releases once a new one appears. honnef.co/go/tools v0.5.0-0.dev.0.20230709092525-bc759185c5ee @@ -27,7 +27,7 @@ require ( github.com/nbutton23/zxcvbn-go v0.0.0-20210217022336-fa2cb2858354 // indirect github.com/xo/terminfo v0.0.0-20220910002029-abceb7e1c41e // indirect golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect - golang.org/x/exp/typeparams v0.0.0-20230725093048-515e97ebf090 // indirect + golang.org/x/exp/typeparams v0.0.0-20230801115018-d63ba01acd4b // indirect golang.org/x/mod v0.12.0 // indirect golang.org/x/sync v0.3.0 // indirect golang.org/x/sys v0.10.0 // indirect diff --git a/internal/tools/go.sum b/internal/tools/go.sum index 56a70261..609f4a84 100644 --- a/internal/tools/go.sum +++ b/internal/tools/go.sum @@ -52,8 +52,8 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20230321023759-10a507213a29 h1:ooxPy7fPvB4kwsA2h+iBNHkAbp/4JxTSwCmvdjEYmug= golang.org/x/exp v0.0.0-20230321023759-10a507213a29/go.mod h1:CxIveKay+FTh1D0yPZemJVgC/95VzuuOLq5Qi4xnoYc= -golang.org/x/exp/typeparams v0.0.0-20230725093048-515e97ebf090 h1:qOYhjyK9OeXREdh7Zrta8JRvnmnFIzhkosQpp+852Ag= -golang.org/x/exp/typeparams v0.0.0-20230725093048-515e97ebf090/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= +golang.org/x/exp/typeparams v0.0.0-20230801115018-d63ba01acd4b h1:3dfup1Bt5y1sKG6rbyAX4qNymwAtJcqx+Aqm1DPP/Qg= +golang.org/x/exp/typeparams v0.0.0-20230801115018-d63ba01acd4b/go.mod h1:AbB0pIl9nAr9wVwH+Z2ZpaocVmF5I4GyWCDIsVjR0bk= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.6.0-dev.0.20220106191415-9b9b3d81d5e3/go.mod h1:3p9vT2HGsQu2K1YbXdKPJLVgG5VJdoTa1poYQBtP1AY= @@ -96,8 +96,8 @@ golang.org/x/tools v0.0.0-20201007032633-0806396f153e/go.mod h1:z6u4i615ZeAfBE4X golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= golang.org/x/tools v0.1.10/go.mod h1:Uh6Zz+xoGYZom868N8YTex3t7RhtHDBrE8Gzo9bV56E= golang.org/x/tools v0.1.11/go.mod h1:SgwaegtQh8clINPpECJMqnxLv9I09HLqnW3RMqW0CA4= -golang.org/x/tools v0.11.0 h1:EMCa6U9S2LtZXLAMoWiR/R8dAQFRqbAitmbJ2UKhoi8= -golang.org/x/tools v0.11.0/go.mod h1:anzJrxPjNtfgiYQYirP2CPGzGLxrH2u2QBhn6Bf3qY8= +golang.org/x/tools v0.11.1 h1:ojD5zOW8+7dOGzdnNgersm8aPfcDjhMp12UfG93NIMc= +golang.org/x/tools v0.11.1/go.mod h1:anzJrxPjNtfgiYQYirP2CPGzGLxrH2u2QBhn6Bf3qY8= golang.org/x/vuln v1.0.0 h1:tYLAU3jD9LQr98Y+3el06lWyGMCnvzw06PIWP3LIy7g= golang.org/x/vuln v1.0.0/go.mod h1:V0eyhHwaAaHrt42J9bgrN6rd12f6GU4T0Lu0ex2wDg4= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/scripts/make/go-lint.sh b/scripts/make/go-lint.sh index 77df4af7..458a68cf 100644 --- a/scripts/make/go-lint.sh +++ b/scripts/make/go-lint.sh @@ -35,7 +35,7 @@ set -f -u go_version="$( "${GO:-go}" version )" readonly go_version -go_min_version='go1.19.11' +go_min_version='go1.20.7' go_version_msg=" warning: your go version (${go_version}) is different from the recommended minimal one (${go_min_version}). if you have the version installed, please set the GO environment variable.