M .go-arch-lint.yml => .go-arch-lint.yml +5 -1
@@ 17,6 17,8 @@ vendors:
in: golang.org/x/term
getopt:
in: git.sr.ht/~sircmpwn/getopt
+ uniseg:
+ in: github.com/rivo/uniseg
components:
moac:
@@ 44,6 46,7 @@ deps:
pwgen-cli:
canUse:
- getopt
+ - uniseg
mayDependOn:
- moac
- cliShared
@@ 54,6 57,7 @@ deps:
canUse:
- getopt
- term
+ - uniseg
mayDependOn:
- moac
- cliShared
@@ 67,7 71,7 @@ deps:
- charsets
pwgen:
mayDependOn:
- - moac # just needs DefaultEntropy, should be defined somewhere else
+ - moac # just needs const moac.DefaultEntropy, should be defined somewhere else in v3?
- charsets
- entropy
- bounds
M cmd/moac-pwgen/testdata/scripts/success.txt => cmd/moac-pwgen/testdata/scripts/success.txt +10 -0
@@ 78,3 78,13 @@ stdout '^........$'
moac-pwgen -t 3.1536e8 -G 1e18
! stderr '.'
stdout '^..............$'
+
+# grapheme clusters
+moac-pwgen -s 128 ascii 'ƩȞ6FÕʂ🏳️🌈.'
+stderr 'warning: charsets contain grapheme clusters, will be treated as distinct codepoints'
+stderr 'warning: charsets ƩȞ6FÕʂ🏳️🌈. contained invalid codepoints, removing them'
+stdout '^....................$'
+
+moac-pwgen ascii latin '🇩🇪'
+stderr 'warning: charsets contain grapheme clusters, will be treated as distinct codepoints'
+stdout '^............................$'
M cmd/moac/testdata/scripts/success.txt => cmd/moac/testdata/scripts/success.txt +5 -0
@@ 56,3 56,8 @@ stdout '^0\.962$'
moac -t 3.1536e8 -s 128 -G 1e18
! stderr '.'
stdout '^9\.27e-13$'
+
+# grapheme clusters
+moac -p '$ʙŤmÊÂçYɑ!ƨƍǽƅƣʤǟl?Ã🇩🇪ǖȣā3ɪ]Ó' entropy
+stderr 'warning: charsets contain grapheme clusters, will be treated as distinct codepoints'
+stdout '^269$'
M doc/SECURITY.md => doc/SECURITY.md +1 -1
@@ 17,7 17,7 @@ Security features users can and cannot expect:
Third-party dependencies
------------------------
-MOAC is split into a library and two CLI utilities. The library has no third-party dependencies; the CLI utilities have two direct third-party dependencies and a third one just for tests. A CI job scans these dependencies and indirect dependencies against Sonatype's OSS Index on every push.
+MOAC is split into a library and two CLI utilities. The library has no third-party dependencies; the CLI utilities have a few. A CI job scans these dependencies and indirect dependencies against Sonatype's OSS Index on every push.
Builds
------
M go.mod => go.mod +1 -0
@@ 4,6 4,7 @@ go 1.15
require (
git.sr.ht/~sircmpwn/getopt v1.0.0
+ github.com/rivo/uniseg v0.2.0
github.com/rogpeppe/go-internal v1.8.1-0.20210923151022-86f73c517451
golang.org/x/sys v0.0.0-20211029165221-6e7872819dc8 // indirect
golang.org/x/term v0.0.0-20210927222741-03fcf44c2211
M go.sum => go.sum +2 -0
@@ 11,6 11,8 @@ github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e h1:aoZm08cpOy4WuID//EZDgc
github.com/pkg/diff v0.0.0-20210226163009-20ebb0f2a09e/go.mod h1:pJLUxLENpZxwdsKMEsNbx1VGcRFpLqf3715MtcvvzbA=
github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
github.com/rogpeppe/go-internal v1.8.1-0.20210923151022-86f73c517451 h1:d1PiN4RxzIFXCJTvRkvSkKqwtRAl5ZV4lATKtQI0B7I=
github.com/rogpeppe/go-internal v1.8.1-0.20210923151022-86f73c517451/go.mod h1:JeRgkft04UBgHMgCIwADu4Pn6Mtm5d4nPKWu0nJ5d+o=
github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=