Skip to content

Commit 01dec75

Browse files
42wim42wim
authored
Remove SHA1 for support for ssh rsa signing (#31857)
https://github.com/go-fed/httpsig seems to be unmaintained. Switch to github.com/42wim/httpsig which has removed deprecated crypto and default sha256 signing for ssh rsa. No impact for those that use ed25519 ssh certificates. This is a breaking change for: - gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too - activitypub using deprecated crypto (is this actually used?)
1 parent d8f3498 commit 01dec75

File tree

8 files changed

+33
-25
lines changed

8 files changed

+33
-25
lines changed

assets/go-licenses.json

Lines changed: 9 additions & 4 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

go.mod

Lines changed: 6 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -14,6 +14,7 @@ require (
1414
gitea.com/go-chi/session v0.0.0-20240316035857-16768d98ec96
1515
gitea.com/lunny/dingtalk_webhook v0.0.0-20171025031554-e3534c89ef96
1616
gitea.com/lunny/levelqueue v0.4.2-0.20230414023320-3c0159fe0fe4
17+
github.com/42wim/httpsig v1.2.2
1718
github.com/42wim/sshsig v0.0.0-20211121163825-841cf5bbc121
1819
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.12.0
1920
github.com/Azure/azure-sdk-for-go/sdk/storage/azblob v1.3.2
@@ -45,7 +46,6 @@ require (
4546
github.com/go-chi/cors v1.2.1
4647
github.com/go-co-op/gocron v1.37.0
4748
github.com/go-enry/go-enry/v2 v2.8.8
48-
github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e
4949
github.com/go-git/go-billy/v5 v5.5.0
5050
github.com/go-git/go-git/v5 v5.12.0
5151
github.com/go-ldap/ldap/v3 v3.4.6
@@ -110,12 +110,12 @@ require (
110110
github.com/yuin/goldmark v1.7.2
111111
github.com/yuin/goldmark-highlighting/v2 v2.0.0-20230729083705-37449abec8cc
112112
github.com/yuin/goldmark-meta v1.1.0
113-
golang.org/x/crypto v0.24.0
113+
golang.org/x/crypto v0.26.0
114114
golang.org/x/image v0.18.0
115115
golang.org/x/net v0.26.0
116116
golang.org/x/oauth2 v0.21.0
117-
golang.org/x/sys v0.21.0
118-
golang.org/x/text v0.16.0
117+
golang.org/x/sys v0.23.0
118+
golang.org/x/text v0.17.0
119119
golang.org/x/tools v0.22.0
120120
google.golang.org/grpc v1.62.1
121121
google.golang.org/protobuf v1.34.2
@@ -190,6 +190,7 @@ require (
190190
github.com/go-enry/go-oniguruma v1.2.1 // indirect
191191
github.com/go-faster/city v1.0.1 // indirect
192192
github.com/go-faster/errors v0.7.1 // indirect
193+
github.com/go-fed/httpsig v1.1.1-0.20201223112313-55836744818e // indirect
193194
github.com/go-git/gcfg v1.5.1-0.20230307220236-3a3c6141e376 // indirect
194195
github.com/go-openapi/analysis v0.23.0 // indirect
195196
github.com/go-openapi/errors v0.22.0 // indirect
@@ -300,7 +301,7 @@ require (
300301
go.uber.org/zap v1.27.0 // indirect
301302
golang.org/x/exp v0.0.0-20240314144324-c7f7c6466f7f // indirect
302303
golang.org/x/mod v0.18.0 // indirect
303-
golang.org/x/sync v0.7.0 // indirect
304+
golang.org/x/sync v0.8.0 // indirect
304305
golang.org/x/time v0.5.0 // indirect
305306
google.golang.org/genproto/googleapis/rpc v0.0.0-20240314234333-6e1732d8331c // indirect
306307
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect

0 commit comments

Comments
 (0)