Merge 10349b43d11e65ddb82a5b3e803c581cce4d534d into 81dba468722f41347ed74ee66e9c1781d72f68a5

chore(deps): bump github.com/go-playground/validator/v10 (#4509 )
Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.28.0 to 10.30.1. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](https://github.com/go-playground/validator/compare/v10.28.0...v10.30.1) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-version: 10.30.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-06-12 16:48:19 +08:00 · 2026-02-22 00:22:53 +00:00 · 2026-02-21 22:39:56 +08:00 · 2026-02-21 22:33:30 +08:00 · 2026-02-21 22:32:32 +08:00 · 2026-02-04 17:32:07 +03:30
5 changed files with 42 additions and 24 deletions
--- a/.github/workflows/gin.yml
+++ b/.github/workflows/gin.yml
@ -26,14 +26,14 @@ jobs:
      - name: Setup golangci-lint
        uses: golangci/golangci-lint-action@v9
        with:
-          version: v2.6
+          version: v2.9
          args: --verbose
  test:
    needs: lint
    strategy:
      matrix:
        os: [ubuntu-latest, macos-latest]
-        go: ["1.24", "1.25"]
+        go: ["1.24", "1.25", "1.26"]
        test-tags:
          [
            "",
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@ -9,7 +9,7 @@ on:
      - master
  schedule:
    # Run daily at 00:00 UTC
-    - cron: '0 0 * * *'
+    - cron: "0 0 * * *"
  workflow_dispatch: # Allow manual trigger

 permissions:
@ -27,30 +27,30 @@ jobs:
          fetch-depth: 0

      - name: Run Trivy vulnerability scanner (source code)
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.34.1
        with:
-          scan-type: 'fs'
-          scan-ref: '.'
-          scanners: 'vuln,secret,misconfig'
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH,MEDIUM'
+          scan-type: "fs"
+          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH,MEDIUM"
          ignore-unfixed: true

      - name: Upload Trivy results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v4
        if: always()
        with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: "trivy-results.sarif"

      - name: Run Trivy scanner (table output for logs)
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.34.1
        if: always()
        with:
-          scan-type: 'fs'
-          scan-ref: '.'
-          scanners: 'vuln,secret,misconfig'
-          format: 'table'
-          severity: 'CRITICAL,HIGH,MEDIUM'
+          scan-type: "fs"
+          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
+          format: "table"
+          severity: "CRITICAL,HIGH,MEDIUM"
          ignore-unfixed: true
-          exit-code: '1'
+          exit-code: "1"
--- a/go.mod
+++ b/go.mod
@ -7,7 +7,7 @@ toolchain go1.24.7
 require (
 	github.com/bytedance/sonic v1.15.0
 	github.com/gin-contrib/sse v1.1.0
-	github.com/go-playground/validator/v10 v10.28.0
+	github.com/go-playground/validator/v10 v10.30.1
 	github.com/goccy/go-json v0.10.5
 	github.com/goccy/go-yaml v1.19.2
 	github.com/json-iterator/go v1.1.12
@ -29,7 +29,7 @@ require (
 	github.com/bytedance/sonic/loader v0.5.0 // indirect
 	github.com/cloudwego/base64x v0.1.6 // indirect
 	github.com/davecgh/go-spew v1.1.1 // indirect
-	github.com/gabriel-vasile/mimetype v1.4.10 // indirect
+	github.com/gabriel-vasile/mimetype v1.4.12 // indirect
 	github.com/go-playground/locales v0.14.1 // indirect
 	github.com/go-playground/universal-translator v0.18.1 // indirect
 	github.com/klauspost/cpuid/v2 v2.3.0 // indirect
--- a/go.sum
+++ b/go.sum
@ -10,8 +10,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/gabriel-vasile/mimetype v1.4.10 h1:zyueNbySn/z8mJZHLt6IPw0KoZsiQNszIpU+bX4+ZK0=
-github.com/gabriel-vasile/mimetype v1.4.10/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
+github.com/gabriel-vasile/mimetype v1.4.12 h1:e9hWvmLYvtp846tLHam2o++qitpguFiYCKbn0w9jyqw=
+github.com/gabriel-vasile/mimetype v1.4.12/go.mod h1:d+9Oxyo1wTzWdyVUPMmXFvp4F9tea18J8ufA774AB3s=
 github.com/gin-contrib/sse v1.1.0 h1:n0w2GMuUpWDVp7qSpvze6fAu9iRxJY4Hmj6AmBOU05w=
 github.com/gin-contrib/sse v1.1.0/go.mod h1:hxRZ5gVpWMT7Z0B0gSNYqqsSCNIJMjzvm6fqCz9vjwM=
 github.com/go-playground/assert/v2 v2.2.0 h1:JvknZsQTYeFEAhQwI4qEt9cyV5ONwRHC+lYKSsYSR8s=
@ -20,8 +20,8 @@ github.com/go-playground/locales v0.14.1 h1:EWaQ/wswjilfKLTECiXz7Rh+3BjFhfDFKv/o
 github.com/go-playground/locales v0.14.1/go.mod h1:hxrqLVvrK65+Rwrd5Fc6F2O76J/NuW9t0sjnWqG1slY=
 github.com/go-playground/universal-translator v0.18.1 h1:Bcnm0ZwsGyWbCzImXv+pAJnYK9S473LQFuzCbDbfSFY=
 github.com/go-playground/universal-translator v0.18.1/go.mod h1:xekY+UJKNuX9WP91TpwSH2VMlDf28Uj24BCp08ZFTUY=
-github.com/go-playground/validator/v10 v10.28.0 h1:Q7ibns33JjyW48gHkuFT91qX48KG0ktULL6FgHdG688=
-github.com/go-playground/validator/v10 v10.28.0/go.mod h1:GoI6I1SjPBh9p7ykNE/yj3fFYbyDOpwMn5KXd+m2hUU=
+github.com/go-playground/validator/v10 v10.30.1 h1:f3zDSN/zOma+w6+1Wswgd9fLkdwy06ntQJp0BBvFG0w=
+github.com/go-playground/validator/v10 v10.30.1/go.mod h1:oSuBIQzuJxL//3MelwSLD5hc2Tu889bF0Idm9Dg26cM=
 github.com/goccy/go-json v0.10.5 h1:Fq85nIqj+gXn/S5ahsiTlK3TmC85qgirsdTP/+DeaC4=
 github.com/goccy/go-json v0.10.5/go.mod h1:oq7eo15ShAhp70Anwd5lgX2pLfOS3QCiwU/PULtXL6M=
 github.com/goccy/go-yaml v1.19.2 h1:PmFC1S6h8ljIz6gMRBopkjP1TVT7xuwrButHID66PoM=
--- a/render/render_test.go
+++ b/render/render_test.go
@ -249,6 +249,15 @@ func TestRenderPureJSON(t *testing.T) {
 	assert.Equal(t, "application/json; charset=utf-8", w.Header().Get("Content-Type"))
 }

+func TestRenderPureJSONFail(t *testing.T) {
+	w := httptest.NewRecorder()
+	data := make(chan int)
+
+	// json: unsupported type: chan int
+	err := (PureJSON{data}).Render(w)
+	require.Error(t, err)
+}
+
 type xmlmap map[string]any

 // Allows type H to be used with xml.Marshal
@ -401,6 +410,15 @@ func TestRenderXML(t *testing.T) {
 	assert.Equal(t, "application/xml; charset=utf-8", w.Header().Get("Content-Type"))
 }

+func TestRenderXMLFail(t *testing.T) {
+	w := httptest.NewRecorder()
+	data := make(chan int)
+
+	// xml: unsupported type: chan int
+	err := (XML{data}).Render(w)
+	require.Error(t, err)
+}
+
 func TestRenderRedirect(t *testing.T) {
 	req, err := http.NewRequest(http.MethodGet, "/test-redirect", nil)
 	require.NoError(t, err)
Author	SHA1	Message	Date
ATUR	7c50fe51ae	Merge 10349b43d11e65ddb82a5b3e803c581cce4d534d into 81dba468722f41347ed74ee66e9c1781d72f68a5	2026-02-22 00:22:53 +00:00
dependabot[bot]	81dba46872	chore(deps): bump github.com/go-playground/validator/v10 (#4509 ) Bumps [github.com/go-playground/validator/v10](https://github.com/go-playground/validator) from 10.28.0 to 10.30.1. - [Release notes](https://github.com/go-playground/validator/releases) - [Commits](https://github.com/go-playground/validator/compare/v10.28.0...v10.30.1) --- updated-dependencies: - dependency-name: github.com/go-playground/validator/v10 dependency-version: 10.30.1 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-21 22:39:56 +08:00
dependabot[bot]	0c219e7902	chore(deps): bump aquasecurity/trivy-action in the actions group (#4544 ) Bumps the actions group with 1 update: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `aquasecurity/trivy-action` from 0.34.0 to 0.34.1 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.34.0...0.34.1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.34.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2026-02-21 22:33:30 +08:00
Bo-Yi Wu	00900fb3e1	ci: update CI workflows and standardize Trivy config quotes (#4531 ) - Update gin workflow to use v2.9 and add Go 1.26 to the matrix - Upgrade Trivy action to v0.34.0 in the scan workflow - Change all single quotes to double quotes in Trivy workflow configuration Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>	2026-02-21 22:32:32 +08:00
aturzone	10349b43d1	test: add error tests for PureJSON and XML render types Add missing error handling tests for PureJSON and XML render types to improve test coverage. This addresses the TODO comment requesting error tests in the render package. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>	2026-02-04 17:32:07 +03:30