[chore]: Bump github.com/gin-contrib/sessions from 0.0.5 to 1.0.0 (#2782)

vendor/github.com/gorilla/sessions/.editorconfig

@@ -0,0 +1,20 @@
+; https://editorconfig.org/
+
+root = true
+
+[*]
+insert_final_newline = true
+charset = utf-8
+trim_trailing_whitespace = true
+indent_style = space
+indent_size = 2
+
+[{Makefile,go.mod,go.sum,*.go,.gitmodules}]
+indent_style = tab
+indent_size = 4
+
+[*.md]
+indent_size = 4
+trim_trailing_whitespace = false
+
+eclint_indent_style = unset

vendor/github.com/gorilla/sessions/.gitignore

@@ -0,0 +1 @@
+coverage.coverprofile

vendor/github.com/gorilla/sessions/AUTHORS

@@ -1,43 +0,0 @@
-# This is the official list of gorilla/sessions authors for copyright purposes.
-#
-# Please keep the list sorted.
-
-Ahmadreza Zibaei <ahmadrezazibaei@hotmail.com>
-Anton Lindström <lindztr@gmail.com>
-Brian Jones <mojobojo@gmail.com>
-Collin Stedman <kronion@users.noreply.github.com>
-Deniz Eren <dee.116@gmail.com>
-Dmitry Chestnykh <dmitry@codingrobots.com>
-Dustin Oprea <myselfasunder@gmail.com>
-Egon Elbre <egonelbre@gmail.com>
-enumappstore <appstore@enumapps.com>
-Geofrey Ernest <geofreyernest@live.com>
-Google LLC (https://opensource.google.com/)
-Jerry Saravia <SaraviaJ@gmail.com>
-Jonathan Gillham <jonathan.gillham@gamil.com>
-Justin Clift <justin@postgresql.org>
-Justin Hellings <justin.hellings@gmail.com>
-Kamil Kisiel <kamil@kamilkisiel.net>
-Keiji Yoshida <yoshida.keiji.84@gmail.com>
-kliron <kliron@gmail.com>
-Kshitij Saraogi <KshitijSaraogi@gmail.com>
-Lauris BH <lauris@nix.lv>
-Lukas Rist <glaslos@gmail.com>
-Mark Dain <ancarda@users.noreply.github.com>
-Matt Ho <matt.ho@gmail.com>
-Matt Silverlock <matt@eatsleeprepeat.net>
-Mattias Wadman <mattias.wadman@gmail.com>
-Michael Schuett <michaeljs1990@gmail.com>
-Michael Stapelberg <stapelberg@users.noreply.github.com>
-Mirco Zeiss <mirco.zeiss@gmail.com>
-moraes <rodrigo.moraes@gmail.com>
-nvcnvn <nguyen@open-vn.org>
-pappz <zoltan.pmail@gmail.com>
-Pontus Leitzler <leitzler@users.noreply.github.com>
-QuaSoft <info@quasoft.net>
-rcadena <robert.cadena@gmail.com>
-rodrigo moraes <rodrigo.moraes@gmail.com>
-Shawn Smith <shawnpsmith@gmail.com>
-Taylor Hurt <taylor.a.hurt@gmail.com>
-Tortuoise <sanyasinp@gmail.com>
-Vitor De Mario <vitordemario@gmail.com>

vendor/github.com/gorilla/sessions/LICENSE

@@ -1,4 +1,4 @@
-Copyright (c) 2012-2018 The Gorilla Authors. All rights reserved.
+Copyright (c) 2023 The Gorilla Authors. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
 modification, are permitted provided that the following conditions are

vendor/github.com/gorilla/sessions/Makefile

@@ -0,0 +1,34 @@
+GO_LINT=$(shell which golangci-lint 2> /dev/null || echo '')
+GO_LINT_URI=github.com/golangci/golangci-lint/cmd/golangci-lint@latest
+
+GO_SEC=$(shell which gosec 2> /dev/null || echo '')
+GO_SEC_URI=github.com/securego/gosec/v2/cmd/gosec@latest
+
+GO_VULNCHECK=$(shell which govulncheck 2> /dev/null || echo '')
+GO_VULNCHECK_URI=golang.org/x/vuln/cmd/govulncheck@latest
+
+.PHONY: golangci-lint
+golangci-lint:
+	$(if $(GO_LINT), ,go install $(GO_LINT_URI))
+	@echo "##### Running golangci-lint"
+	golangci-lint run -v
+
+.PHONY: gosec
+gosec:
+	$(if $(GO_SEC), ,go install $(GO_SEC_URI))
+	@echo "##### Running gosec"
+	gosec ./...
+
+.PHONY: govulncheck
+govulncheck:
+	$(if $(GO_VULNCHECK), ,go install $(GO_VULNCHECK_URI))
+	@echo "##### Running govulncheck"
+	govulncheck ./...
+
+.PHONY: verify
+verify: golangci-lint gosec govulncheck
+
+.PHONY: test
+test:
+	@echo "##### Running tests"
+	go test -race -cover -coverprofile=coverage.coverprofile -covermode=atomic -v ./...

vendor/github.com/gorilla/sessions/README.md

@@ -1,7 +1,11 @@
 # sessions
 
-[![GoDoc](https://godoc.org/github.com/gorilla/sessions?status.svg)](https://godoc.org/github.com/gorilla/sessions) [![Build Status](https://travis-ci.org/gorilla/sessions.svg?branch=master)](https://travis-ci.org/gorilla/sessions)
-[![Sourcegraph](https://sourcegraph.com/github.com/gorilla/sessions/-/badge.svg)](https://sourcegraph.com/github.com/gorilla/sessions?badge)
+![testing](https://github.com/gorilla/sessions/actions/workflows/test.yml/badge.svg)
+[![codecov](https://codecov.io/github/gorilla/sessions/branch/main/graph/badge.svg)](https://codecov.io/github/gorilla/sessions)
+[![godoc](https://godoc.org/github.com/gorilla/sessions?status.svg)](https://godoc.org/github.com/gorilla/sessions)
+[![sourcegraph](https://sourcegraph.com/github.com/gorilla/sessions/-/badge.svg)](https://sourcegraph.com/github.com/gorilla/sessions?badge)
+
+![Gorilla Logo](https://github.com/gorilla/.github/assets/53367916/d92caabf-98e0-473e-bfbf-ab554ba435e5)
 
 gorilla/sessions provides cookie and filesystem sessions and infrastructure for
 custom session backends.
@@ -84,6 +88,7 @@ Other implementations of the `sessions.Store` interface:
 - [github.com/lafriks/xormstore](https://github.com/lafriks/xormstore) - XORM (MySQL, PostgreSQL, SQLite, Microsoft SQL Server, TiDB)
 - [github.com/GoogleCloudPlatform/firestore-gorilla-sessions](https://github.com/GoogleCloudPlatform/firestore-gorilla-sessions) - Cloud Firestore
 - [github.com/stephenafamo/crdbstore](https://github.com/stephenafamo/crdbstore) - CockroachDB
+- [github.com/ryicoh/tikvstore](github.com/ryicoh/tikvstore) - TiKV
 
 ## License
 

vendor/github.com/gorilla/sessions/cookie.go

@@ -1,3 +1,4 @@
+//go:build !go1.11
 // +build !go1.11
 
 package sessions

vendor/github.com/gorilla/sessions/cookie_go111.go

@@ -1,3 +1,4 @@
+//go:build go1.11
 // +build go1.11
 
 package sessions

vendor/github.com/gorilla/sessions/options.go

@@ -1,3 +1,4 @@
+//go:build !go1.11
 // +build !go1.11
 
 package sessions

vendor/github.com/gorilla/sessions/options_go111.go

@@ -1,3 +1,4 @@
+//go:build go1.11
 // +build go1.11
 
 package sessions

vendor/github.com/gorilla/sessions/store.go

@@ -6,11 +6,9 @@ package sessions
 
 import (
 	"encoding/base32"
-	"io/ioutil"
 	"net/http"
 	"os"
 	"path/filepath"
-	"strings"
 	"sync"
 
 	"github.com/gorilla/securecookie"
@@ -201,6 +199,8 @@ func (s *FilesystemStore) New(r *http.Request, name string) (*Session, error) {
 	return session, err
 }
 
+var base32RawStdEncoding = base32.StdEncoding.WithPadding(base32.NoPadding)
+
 // Save adds a single session to the response.
 //
 // If the Options.MaxAge of the session is <= 0 then the session file will be
@@ -211,7 +211,7 @@ func (s *FilesystemStore) Save(r *http.Request, w http.ResponseWriter,
 	session *Session) error {
 	// Delete if max-age is <= 0
 	if session.Options.MaxAge <= 0 {
-		if err := s.erase(session); err != nil {
+		if err := s.erase(session); err != nil && !os.IsNotExist(err) {
 			return err
 		}
 		http.SetCookie(w, NewCookie(session.Name(), "", session.Options))
@@ -221,9 +221,8 @@ func (s *FilesystemStore) Save(r *http.Request, w http.ResponseWriter,
 	if session.ID == "" {
 		// Because the ID is used in the filename, encode it to
 		// use alphanumeric characters only.
-		session.ID = strings.TrimRight(
-			base32.StdEncoding.EncodeToString(
-				securecookie.GenerateRandomKey(32)), "=")
+		session.ID = base32RawStdEncoding.EncodeToString(
+			securecookie.GenerateRandomKey(32))
 	}
 	if err := s.save(session); err != nil {
 		return err
@@ -261,7 +260,7 @@ func (s *FilesystemStore) save(session *Session) error {
 	filename := filepath.Join(s.path, "session_"+session.ID)
 	fileMutex.Lock()
 	defer fileMutex.Unlock()
-	return ioutil.WriteFile(filename, []byte(encoded), 0600)
+	return os.WriteFile(filename, []byte(encoded), 0600)
 }
 
 // load reads a file and decodes its content into session.Values.
@@ -269,7 +268,7 @@ func (s *FilesystemStore) load(session *Session) error {
 	filename := filepath.Join(s.path, "session_"+session.ID)
 	fileMutex.RLock()
 	defer fileMutex.RUnlock()
-	fdata, err := ioutil.ReadFile(filename)
+	fdata, err := os.ReadFile(filepath.Clean(filename))
 	if err != nil {
 		return err
 	}