Update github.com/google/go-github (#53)

migrate github.com/google/go-github from v33.0.0 -> v39.1.0

Author: 6543

go.mod

@@ -4,36 +4,34 @@ go 1.15
 
 require (
 	github.com/BurntSushi/toml v0.3.1
-	github.com/dgrijalva/jwt-go v2.2.1-0.20150401180636-c48cfd5d9711+incompatible
+	github.com/dgrijalva/jwt-go v3.2.0+incompatible
 	github.com/elazarl/go-bindata-assetfs v1.0.1
-	github.com/franela/goblin v0.0.0-20201006155558-6240afcb2eb7
+	github.com/franela/goblin v0.0.0-20210519012713-85d372ac71e2
 	github.com/gin-gonic/contrib v0.0.0-20201101042839-6a891bf89f19
-	github.com/gin-gonic/gin v1.6.3
-	github.com/go-playground/validator/v10 v10.4.1 // indirect
-	github.com/go-sql-driver/mysql v1.5.0
-	github.com/golang/protobuf v1.4.3 // indirect
-	github.com/google/go-github/v33 v33.0.0
+	github.com/gin-gonic/gin v1.7.2
+	github.com/go-playground/validator/v10 v10.6.1 // indirect
+	github.com/go-sql-driver/mysql v1.6.0
+	github.com/golang/protobuf v1.5.2 // indirect
+	github.com/google/go-github/v39 v39.1.0
 	github.com/ianschenck/envflag v0.0.0-20140720210342-9111d830d133
 	github.com/joho/godotenv v1.3.0
-	github.com/json-iterator/go v1.1.10 // indirect
+	github.com/json-iterator/go v1.1.11 // indirect
 	github.com/koding/cache v0.0.0-20161222233015-e8a81b0b3f20
-	github.com/lib/pq v1.9.0
+	github.com/leodido/go-urn v1.2.1 // indirect
+	github.com/lib/pq v1.10.2
+	github.com/mattn/go-isatty v0.0.13 // indirect
 	github.com/mattn/go-sqlite3 v2.0.3+incompatible
 	github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
 	github.com/modern-go/reflect2 v1.0.1 // indirect
-	github.com/rubenv/sql-migrate v0.0.0-20150713140751-53184e1edfb4
-	github.com/russross/meddler v1.0.0
-	github.com/sirupsen/logrus v1.7.0
-	github.com/stretchr/testify v1.4.0
-	github.com/ugorji/go v1.2.1 // indirect
+	github.com/rubenv/sql-migrate v0.0.0-20210408115534-a32ed26c37ea
+	github.com/russross/meddler v1.0.1
+	github.com/sirupsen/logrus v1.8.1
+	github.com/stretchr/objx v0.3.0 // indirect
+	github.com/stretchr/testify v1.7.0
+	github.com/ugorji/go v1.2.6 // indirect
 	github.com/ziutek/mymysql v1.5.4 // indirect
-	golang.org/x/crypto v0.0.0-20201203163018-be400aefbc4c // indirect
-	golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3
-	golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be
-	golang.org/x/sys v0.0.0-20201204225414-ed752295db88 // indirect
-	google.golang.org/protobuf v1.25.0 // indirect
-	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c // indirect
-	gopkg.in/gorp.v1 v1.7.1 // indirect
+	golang.org/x/net v0.0.0-20210525063256-abc453219eb5
+	golang.org/x/oauth2 v0.0.0-20210514164344-f6687ab2804c
 	gopkg.in/mgo.v2 v2.0.0-20190816093944-a6b53ec6cb22 // indirect
-	gopkg.in/yaml.v2 v2.4.0 // indirect
+	gopkg.in/yaml.v3 v3.0.0-20210107192922-496545a6307b // indirect
 )

go.sum

@@ -8,7 +8,7 @@ import (
 
 	"github.com/go-gitea/lgtm/model"
 	"github.com/go-gitea/lgtm/shared/httputil"
-	"github.com/google/go-github/v33/github"
+	"github.com/google/go-github/v39/github"
 	log "github.com/sirupsen/logrus"
 	"golang.org/x/net/context"
 	"golang.org/x/oauth2"
@@ -148,9 +148,9 @@ func (g *Github) GetPerm(c context.Context, user *model.User, owner, name string
 		return nil, fmt.Errorf("Error fetching repository. %s", err)
 	}
 	m := &model.Perm{}
-	m.Admin = (*repo.Permissions)["admin"]
-	m.Push = (*repo.Permissions)["push"]
-	m.Pull = (*repo.Permissions)["pull"]
+	m.Admin = repo.Permissions["admin"]
+	m.Push = repo.Permissions["push"]
+	m.Pull = repo.Permissions["pull"]
 	return m, nil
 }
 
@@ -165,7 +165,7 @@ func (g *Github) GetRepos(c context.Context, u *model.User) ([]*model.Repo, erro
 	repos := []*model.Repo{}
 	for _, repo := range all {
 		// only list repositories that I can admin
-		if repo.Permissions == nil || (*repo.Permissions)["admin"] == false {
+		if repo.Permissions == nil || !repo.Permissions["admin"] {
 			continue
 		}
 		repos = append(repos, &model.Repo{

remote/github/github.go

@@ -4,7 +4,7 @@ import (
 	"fmt"
 	"net/url"
 
-	"github.com/google/go-github/v33/github"
+	"github.com/google/go-github/v39/github"
 	"golang.org/x/net/context"
 	"golang.org/x/oauth2"
 )

remote/github/utils.go

@@ -33,8 +33,8 @@ type Token struct {
 	Text string
 }
 
-// Parse parses a raw JWT.
-func Parse(raw string, fn SecretFunc) (*Token, error) {
+// parse parses a raw JWT.
+func parse(raw string, fn SecretFunc) (*Token, error) {
 	token := &Token{}
 	parsed, err := jwt.Parse(raw, keyFunc(token, fn))
 	if err != nil {
@@ -54,14 +54,14 @@ func ParseRequest(r *http.Request, fn SecretFunc) (*Token, error) {
 	if len(token) != 0 {
 		token = r.Header.Get("Authorization")
 		fmt.Sscanf(token, "Bearer %s", &token)
-		return Parse(token, fn)
+		return parse(token, fn)
 	}
 
 	// then we attempt to get the token from the
 	// access_token url query parameter
 	token = r.FormValue("access_token")
 	if len(token) != 0 {
-		return Parse(token, fn)
+		return parse(token, fn)
 	}
 
 	// and finally we attempt to get the token from
@@ -70,7 +70,7 @@ func ParseRequest(r *http.Request, fn SecretFunc) (*Token, error) {
 	if err != nil {
 		return nil, err
 	}
-	return Parse(cookie.Value, fn)
+	return parse(cookie.Value, fn)
 }
 
 // CheckCsrf checks the validity of the JWT.
@@ -85,7 +85,7 @@ func CheckCsrf(r *http.Request, fn SecretFunc) error {
 
 	// parse the raw CSRF token value and validate
 	raw := r.Header.Get("X-CSRF-TOKEN")
-	_, err := Parse(raw, fn)
+	_, err := parse(raw, fn)
 	return err
 }
 
@@ -104,11 +104,13 @@ func (t *Token) Sign(secret string) (string, error) {
 // with an expiration date.
 func (t *Token) SignExpires(secret string, exp int64) (string, error) {
 	token := jwt.New(jwt.SigningMethodHS256)
-	token.Claims["type"] = t.Kind
-	token.Claims["text"] = t.Text
+	mapClaims := make(jwt.MapClaims)
+	mapClaims["type"] = t.Kind
+	mapClaims["text"] = t.Text
 	if exp > 0 {
-		token.Claims["exp"] = float64(exp)
+		mapClaims["exp"] = float64(exp)
 	}
+	token.Claims = mapClaims
 	return token.SignedString([]byte(secret))
 }
 
@@ -119,17 +121,22 @@ func keyFunc(token *Token, fn SecretFunc) jwt.Keyfunc {
 			return nil, jwt.ErrSignatureInvalid
 		}
 
+		mapClaims, isMapClaims := t.Claims.(jwt.MapClaims)
+		if !isMapClaims {
+			return nil, fmt.Errorf("token claims are not stored as map")
+		}
+
 		// extract the token kind and cast to
 		// the expected type.
-		kindv, ok := t.Claims["type"]
+		kindv, ok := mapClaims["type"]
 		if !ok {
 			return nil, jwt.ValidationError{}
 		}
 		token.Kind, _ = kindv.(string)
 
 		// extract the token value and cast to
 		// exepected type.
-		textv, ok := t.Claims["text"]
+		textv, ok := mapClaims["text"]
 		if !ok {
 			return nil, jwt.ValidationError{}
 		}