Update README.md

.github/workflows/release.yml

@@ -105,9 +105,9 @@ jobs:
           echo "ASSET_NAME=$_NAME" >> $GITHUB_ENV
 
       - name: Set up Go
-        uses: actions/setup-go@v5
+        uses: actions/setup-go@v2
         with:
-          go-version: ^1.22
+          go-version: ^1.18
 
       - name: Get project dependencies
         run: go mod download

.github/workflows/test.yml

@@ -13,9 +13,9 @@ jobs:
       fail-fast: false
       matrix:
         go_version:
-          - '1.22'
-          - '1.23'
-          - '1.24'
+          - '1.18'
+          - '1.19'
+          - '1.20'
           - tip
     name: Test with ${{ matrix.go_version }}
     steps:
@@ -29,20 +29,16 @@ jobs:
       - name: Install Go ${{ matrix.go_version }}
         if: ${{ matrix.go_version == 'tip' }}
         run: |
-          go install golang.org/dl/gotip@latest
-          `go env GOPATH`/bin/gotip download
-      - name: Vet and test no tip
-        if: ${{ matrix.go_version != 'tip' }}
+          curl -sL https://storage.googleapis.com/go-build-snap/go/linux-amd64/$(git ls-remote https://github.com/golang/go.git HEAD | awk '{print $1;}').tar.gz -o gotip.tar.gz
+          ls -lah gotip.tar.gz
+          mkdir -p ~/sdk/gotip
+          tar -C ~/sdk/gotip -xzf gotip.tar.gz
+          echo "PATH=$HOME/go/bin:$HOME/sdk/gotip/bin/:$PATH" >> $GITHUB_ENV
+      - name: Vet and test
         run: |
           go version
           go vet ./...
           go test ./...
-      - name: Vet and test gotip
-        if: ${{ matrix.go_version == 'tip' }}
-        run: |
-          `go env GOPATH`/bin/gotip version
-          `go env GOPATH`/bin/gotip vet ./...
-          `go env GOPATH`/bin/gotip test ./...
   golangci:
     name: Linting
     runs-on: ubuntu-latest
@@ -50,7 +46,7 @@ jobs:
       - uses: actions/checkout@v2
       - uses: actions/setup-go@master
         with:
-          go-version: '1.24'
+          go-version: '1.20'
           check-latest: true
       - name: golangci-lint
         uses: golangci/golangci-lint-action@v2

Dockerfile

@@ -1,5 +1,5 @@
-# Default to Go 1.24
-ARG GO_VERSION=1.24
+# Default to Go 1.20
+ARG GO_VERSION=1.20
 FROM golang:${GO_VERSION}-alpine as build
 
 # Necessary to run 'go get' and to compile the linked binary

README.md

@@ -6,9 +6,9 @@ Transfer.sh currently supports the s3 (Amazon S3), gdrive (Google Drive), storj
 
 ## Disclaimer
 
-@stefanbenten happens to be a maintainer of this repository _and_ the person who host a well known public installation of the software in the repo.
+@stefanbenten happens to be a maintainer of this repository _and_ the person who a well known public installation of the software in the repo.
 
-The two are anyway unrelated, and the repo is not the place to direct requests and issues for any of the pubblic installation.
+The two are anyway unrelated, and the repo is not the place to direct requests and issues for the any of the pubblic installation.
 
 No third-party public installation of the software in the repo will be advertised or mentioned in the repo itself, for security reasons.
 
@@ -165,42 +165,15 @@ For easy deployment, we've created an official Docker container. There are two v
 
 The default one will run as `root`:
 
-> [!WARNING]
-> It is discouraged to use `latest` tag for WatchTower or similar tools. The `latest` tag can reference unreleased developer, test builds, and patch releases for older versions. Use an actual version tag until transfer.sh supports major or minor version tags.
-
 ```bash
 docker run --publish 8080:8080 dutchcoders/transfer.sh:latest --provider local --basedir /tmp/
 ```
 
-### No root
-
-The `-noroot` tags indicate image builds that run with least priviledge to reduce the attack surface might an application get compromised.
-> [!NOTE]
-> Using `-noroot` is **recommended**
-
 The one tagged with the suffix `-noroot` will use `5000` as both UID and GID:
 ```bash
 docker run --publish 8080:8080 dutchcoders/transfer.sh:latest-noroot --provider local --basedir /tmp/
 ```
 
-> [!NOTE]
-> Development history details at:
-> - https://github.com/dutchcoders/transfer.sh/pull/418
-
-### Tags
-
-Name | Usage
---|--
-latest| Latest CI build, can be nightly, at commit, at tag, etc.
-latest-noroot| Latest CI build, can be nightly, at commit, at tag, etc. using [no root]
-nightly| Scheduled CI build every midnight UTC
-nightly-noroot| Scheduled CI build every midnight UTC using [no root]
-edge| Latest CI build after every commit on `main`
-edge-noroot| Latest CI build after every commit on `main` using [no root]
-x.y.z| CI build after tagging a release
-x.y.z-noroot| CI build after tagging a release using [no root]
-
-
 ### Building the Container
 You can also build the container yourself. This allows you to choose which UID/GID will be used, e.g. when using NFS mounts:
 ```bash

go.mod

@@ -1,6 +1,6 @@
 module github.com/dutchcoders/transfer.sh
 
-go 1.22.0
+go 1.18
 
 require (
 	github.com/ProtonMail/go-crypto v0.0.0-20230217124315-7d5c6f04bbb8
@@ -56,7 +56,7 @@ require (
 	github.com/aws/smithy-go v1.13.5 // indirect
 	github.com/aymerick/douceur v0.2.0 // indirect
 	github.com/calebcase/tmpfile v1.0.3 // indirect
-	github.com/cloudflare/circl v1.6.1 // indirect
+	github.com/cloudflare/circl v1.3.7 // indirect
 	github.com/cpuguy83/go-md2man/v2 v2.0.2 // indirect
 	github.com/felixge/httpsnoop v1.0.3 // indirect
 	github.com/flynn/noise v1.0.0 // indirect

go.sum

@@ -6,7 +6,6 @@ cloud.google.com/go/compute v1.19.1/go.mod h1:6ylj3a05WF8leseCdIf77NK0g1ey+nj5IK
 cloud.google.com/go/compute/metadata v0.2.3 h1:mg4jlk7mCAj6xXp9UJ4fjI9VUI5rubuGBW5aJ7UnBMY=
 cloud.google.com/go/compute/metadata v0.2.3/go.mod h1:VAV5nSsACxMJvgaAuX6Pk2AawlZn8kiOGuCv6gTkwuA=
 cloud.google.com/go/longrunning v0.4.1 h1:v+yFJOfKC3yZdY6ZUI933pIYdhyhV8S3NpWrXWmg7jM=
-cloud.google.com/go/longrunning v0.4.1/go.mod h1:4iWDqhBZ70CvZ6BfETbvam3T8FMvLK+eFj0E6AaRQTo=
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/BurntSushi/xgb v0.0.0-20160522181843-27f122750802/go.mod h1:IVnqGOEym/WlBOVXweHU+Q+/VP0lqqI8lqeDx9IjBqo=
 github.com/GehirnInc/crypt v0.0.0-20200316065508-bb7000b8a962 h1:KeNholpO2xKjgaaSyd+DyQRrsQjhbSeS7qe4nEw8aQw=
@@ -68,8 +67,8 @@ github.com/calebcase/tmpfile v1.0.3/go.mod h1:UAUc01aHeC+pudPagY/lWvt2qS9ZO5Zzof
 github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 github.com/cloudflare/circl v1.1.0/go.mod h1:prBCrKB9DV4poKZY1l9zBXg2QJY7mvgRvtMxxK7fi4I=
-github.com/cloudflare/circl v1.6.1 h1:zqIqSPIndyBh1bjLVVDHMPpVKqp8Su/V+6MeDzzQBQ0=
-github.com/cloudflare/circl v1.6.1/go.mod h1:uddAzsPgqdMAYatqJ0lsjX1oECcQLIlRpzZh3pJrofs=
+github.com/cloudflare/circl v1.3.7 h1:qlCDlTPz2n9fu58M0Nh1J/JzcFpfgkFHHX3O35r5vcU=
+github.com/cloudflare/circl v1.3.7/go.mod h1:sRTcRWXGLrKw6yIGJ+l7amYJFfAXbZG0kBSc8r4zxgA=
 github.com/cncf/udpa/go v0.0.0-20191209042840-269d4d468f6f/go.mod h1:M8M6+tZqaGXZJjfX53e64911xZQV5JYwmTeXPW+k8Sc=
 github.com/cpuguy83/go-md2man/v2 v2.0.2 h1:p1EgwI/C7NhT0JmVkwCD2ZBK8j4aeHQX2pMHHBfMQ6w=
 github.com/cpuguy83/go-md2man/v2 v2.0.2/go.mod h1:tgQtvFlXSQOSOSIRvRPT7W67SCa46tRHOmNcaadrF8o=
@@ -78,7 +77,6 @@ github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSs
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dsnet/try v0.0.3 h1:ptR59SsrcFUYbT/FhAbKTV6iLkeD6O18qfIWRml2fqI=
-github.com/dsnet/try v0.0.3/go.mod h1:WBM8tRpUmnXXhY1U6/S8dt6UWdHTQ7y8A5YSkRCkq40=
 github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e h1:rcHHSQqzCgvlwP0I/fQ8rQMn/MpHE5gWSLdtpxtP6KQ=
 github.com/dutchcoders/go-clamd v0.0.0-20170520113014-b970184f4d9e/go.mod h1:Byz7q8MSzSPkouskHJhX0er2mZY/m0Vj5bMeMCkkyY4=
 github.com/dutchcoders/go-virustotal v0.0.0-20140923143438-24cc8e6fa329 h1:ERqCkG/uSyT74P1m/j9yR+so+7ynY4fbTvLY/Mr1ZMg=
@@ -137,9 +135,7 @@ github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
 github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
 github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
-github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
 github.com/google/pprof v0.0.0-20211108044417-e9b028704de0 h1:rsq1yB2xiFLDYYaYdlGBsSkwVzsCo500wMhxvW5A/bk=
-github.com/google/pprof v0.0.0-20211108044417-e9b028704de0/go.mod h1:KgnwoLYCZ8IQu3XUZ8Nc/bM9CCZFOyjUNOSygVozoDg=
 github.com/google/uuid v1.1.2/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
 github.com/google/uuid v1.3.0 h1:t6JiXgmwXMjEs8VusXIJk2BXHsn+wx8BZdTaoZ5fu7I=
 github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
@@ -237,7 +233,6 @@ github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9dec
 github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
 github.com/zeebo/assert v1.1.0/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0=
 github.com/zeebo/assert v1.3.1 h1:vukIABvugfNMZMQO1ABsyQDJDTVQbn+LWSMy1ol1h6A=
-github.com/zeebo/assert v1.3.1/go.mod h1:Pq9JiuJQpG8JLJdtkwrJESF0Foym2/D9XMU5ciN/wJ0=
 github.com/zeebo/blake3 v0.2.3 h1:TFoLXsjeXqRNFxSbk35Dk4YtszE/MQQGK10BH4ptoTg=
 github.com/zeebo/blake3 v0.2.3/go.mod h1:mjJjZpnsyIVtVgTOSpJ9vmRE4wgDeyt2HU3qXvvKCaQ=
 github.com/zeebo/errs v1.3.0 h1:hmiaKqgYZzcVgRL1Vkc1Mn2914BbzB0IBxs+ebeutGs=

server/handlers_test.go

@@ -26,7 +26,7 @@ func (s *suiteRedirectWithForceHTTPS) SetUpTest(c *C) {
 	c.Assert(err, IsNil)
 
 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		_, _ = fmt.Fprintln(w, "Hello, client")
+		fmt.Fprintln(w, "Hello, client")
 	})
 
 	s.handler = srvr.RedirectHandler(handler)
@@ -83,7 +83,7 @@ func (s *suiteRedirectWithoutForceHTTPS) SetUpTest(c *C) {
 	c.Assert(err, IsNil)
 
 	handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
-		_, _ = fmt.Fprintln(w, "Hello, client")
+		fmt.Fprintln(w, "Hello, client")
 	})
 
 	s.handler = srvr.RedirectHandler(handler)

server/server.go

@@ -402,15 +402,12 @@ func New(options ...OptionFn) (*Server, error) {
 	return s, nil
 }
 
-var theRand *rand.Rand
-
 func init() {
 	var seedBytes [8]byte
 	if _, err := cryptoRand.Read(seedBytes[:]); err != nil {
 		panic("cannot obtain cryptographically secure seed")
 	}
-
-	theRand = rand.New(rand.NewSource(int64(binary.LittleEndian.Uint64(seedBytes[:]))))
+	rand.Seed(int64(binary.LittleEndian.Uint64(seedBytes[:])))
 }
 
 // Run starts Server

server/token.go

@@ -24,6 +24,10 @@ THE SOFTWARE.
 
 package server
 
+import (
+	"math/rand"
+)
+
 const (
 	// SYMBOLS characters used for short-urls
 	SYMBOLS = "0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ"
@@ -33,7 +37,7 @@ const (
 func token(length int) string {
 	result := ""
 	for i := 0; i < length; i++ {
-		x := theRand.Intn(len(SYMBOLS) - 1)
+		x := rand.Intn(len(SYMBOLS) - 1)
 		result = string(SYMBOLS[x]) + result
 	}