fix: vendoring and print parameter

source/commandline.go

@@ -37,7 +37,7 @@ type commandLineOptions struct {
 		ExitCode bool `short:"e" long:"exit-code-if-no-bump" description:"exit code to use if no notable changes are found"`
 	} `command:"predict" description:"predict the next version based on the git history. This implies --git"`
 	Print struct {
-		ExitCode bool `short:"e" long:"exit-code-if-no-bump" description:"exit code to use if no notable changes are found"`
+		ExitCode bool `short:"e" long:"exit-code-on-error" description:"exit code to use if an error occurs"`
 	} `command:"print" description:"print the current version, you can combine this with --git to print the last tag"`
 	Version struct {
 	} `command:"version" description:"print the version of this tool"`

source/vendor/dario.cat/mergo/CODE_OF_CONDUCT.md

@@ -8,19 +8,19 @@ In the interest of fostering an open and welcoming environment, we as contributo
 
 Examples of behavior that contributes to creating a positive environment include:
 
-- Using welcoming and inclusive language
-- Being respectful of differing viewpoints and experiences
-- Gracefully accepting constructive criticism
-- Focusing on what is best for the community
-- Showing empathy towards other community members
+* Using welcoming and inclusive language
+* Being respectful of differing viewpoints and experiences
+* Gracefully accepting constructive criticism
+* Focusing on what is best for the community
+* Showing empathy towards other community members
 
 Examples of unacceptable behavior by participants include:
 
-- The use of sexualized language or imagery and unwelcome sexual attention or advances
-- Trolling, insulting/derogatory comments, and personal or political attacks
-- Public or private harassment
-- Publishing others' private information, such as a physical or electronic address, without explicit permission
-- Other conduct which could reasonably be considered inappropriate in a professional setting
+* The use of sexualized language or imagery and unwelcome sexual attention or advances
+* Trolling, insulting/derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or electronic address, without explicit permission
+* Other conduct which could reasonably be considered inappropriate in a professional setting
 
 ## Our Responsibilities
 

source/vendor/dario.cat/mergo/CONTRIBUTING.md

 <!-- omit in toc -->
-
 # Contributing to mergo
 
 First off, thanks for taking the time to contribute! ❤️
@@ -7,14 +6,12 @@ First off, thanks for taking the time to contribute! ❤️
 All types of contributions are encouraged and valued. See the [Table of Contents](#table-of-contents) for different ways to help and details about how this project handles them. Please make sure to read the relevant section before making your contribution. It will make it a lot easier for us maintainers and smooth out the experience for all involved. The community looks forward to your contributions. 🎉
 
 > And if you like the project, but just don't have time to contribute, that's fine. There are other easy ways to support the project and show your appreciation, which we would also be very happy about:
->
 > - Star the project
 > - Tweet about it
 > - Refer this project in your project's readme
 > - Mention the project at local meetups and tell your friends/colleagues
 
 <!-- omit in toc -->
-
 ## Table of Contents
 
 - [Code of Conduct](#code-of-conduct)
@@ -30,6 +27,7 @@ This project and everyone participating in it is governed by the
 By participating, you are expected to uphold this code. Please report unacceptable behavior
 to <>.
 
+
 ## I Have a Question
 
 > If you want to ask a question, we assume that you have read the available [Documentation](https://pkg.go.dev/github.com/imdario/mergo).
@@ -47,13 +45,11 @@ We will then take care of the issue as soon as possible.
 ## I Want To Contribute
 
 > ### Legal Notice <!-- omit in toc -->
->
 > When contributing to this project, you must agree that you have authored 100% of the content, that you have the necessary rights to the content and that the content you contribute may be provided under the project license.
 
 ### Reporting Bugs
 
 <!-- omit in toc -->
-
 #### Before Submitting a Bug Report
 
 A good bug report shouldn't leave others needing to chase you up for more information. Therefore, we ask you to investigate carefully, collect information and describe the issue in detail in your report. Please complete the following steps in advance to help us fix any potential bug as fast as possible.
@@ -70,18 +66,16 @@ A good bug report shouldn't leave others needing to chase you up for more inform
 - Can you reliably reproduce the issue? And can you also reproduce it with older versions?
 
 <!-- omit in toc -->
-
 #### How Do I Submit a Good Bug Report?
 
 > You must never report security related issues, vulnerabilities or bugs including sensitive information to the issue tracker, or elsewhere in public. Instead sensitive bugs must be sent by email to .
-
 <!-- You may add a PGP key to allow the messages to be sent encrypted as well. -->
 
 We use GitHub issues to track bugs and errors. If you run into an issue with the project:
 
 - Open an [Issue](https://github.com/imdario/mergo/issues/new). (Since we can't be sure at this point whether it is a bug or not, we ask you not to talk about a bug yet and not to label the issue.)
 - Explain the behavior you would expect and the actual behavior.
-- Please provide as much context as possible and describe the _reproduction steps_ that someone else can follow to recreate the issue on their own. This usually includes your code. For good bug reports you should isolate the problem and create a reduced test case.
+- Please provide as much context as possible and describe the *reproduction steps* that someone else can follow to recreate the issue on their own. This usually includes your code. For good bug reports you should isolate the problem and create a reduced test case.
 - Provide the information you collected in the previous section.
 
 Once it's filed:
@@ -95,7 +89,6 @@ Once it's filed:
 This section guides you through submitting an enhancement suggestion for mergo, **including completely new features and minor improvements to existing functionality**. Following these guidelines will help maintainers and the community to understand your suggestion and find related suggestions.
 
 <!-- omit in toc -->
-
 #### Before Submitting an Enhancement
 
 - Make sure that you are using the latest version.
@@ -104,7 +97,6 @@ This section guides you through submitting an enhancement suggestion for mergo,
 - Find out whether your idea fits with the scope and aims of the project. It's up to you to make a strong case to convince the project's developers of the merits of this feature. Keep in mind that we want features that will be useful to the majority of our users and not just a small subset. If you're just targeting a minority of users, consider writing an add-on/plugin library.
 
 <!-- omit in toc -->
-
 #### How Do I Submit a Good Enhancement Suggestion?
 
 Enhancement suggestions are tracked as [GitHub issues](https://github.com/imdario/mergo/issues).
@@ -116,7 +108,5 @@ Enhancement suggestions are tracked as [GitHub issues](https://github.com/imdari
 - **Explain why this enhancement would be useful** to most mergo users. You may also want to point out the other projects that solved it better and which could serve as inspiration.
 
 <!-- omit in toc -->
-
 ## Attribution
-
 This guide is based on the **contributing-gen**. [Make your own](https://github.com/bttger/contributing-gen)!

source/vendor/dario.cat/mergo/README.md

@@ -58,7 +58,7 @@ Please keep in mind that a problematic PR broke [0.3.9](//github.com/imdario/mer
 
 Keep in mind that in [0.3.2](//github.com/imdario/mergo/releases/tag/0.3.2), Mergo changed `Merge()`and `Map()` signatures to support [transformers](#transformers). I added an optional/variadic argument so that it won't break the existing code.
 
-If you were using Mergo before April 6th, 2015, please check your project works as intended after updating your local copy with `go get -u dario.cat/mergo`. I apologize for any issue caused by its previous behavior and any future bug that Mergo could cause in existing projects after the change (release 0.2.0).
+If you were using Mergo before April 6th, 2015, please check your project works as intended after updating your local copy with ```go get -u dario.cat/mergo```. I apologize for any issue caused by its previous behavior and any future bug that Mergo could cause in existing projects after the change (release 0.2.0).
 
 ### Donations
 

source/vendor/github.com/Masterminds/semver/CHANGELOG.md

@@ -18,81 +18,68 @@
 - #78: Fix unchecked error in example code (thanks @ravron)
 - #70: Fix the handling of pre-releases and the 0.0.0 release edge case
 - #97: Fixed copyright file for proper display on GitHub
-- #107: Fix handling prerelease when sorting alphanum and num
+- #107: Fix handling prerelease when sorting alphanum and num 
 - #109: Fixed where Validate sometimes returns wrong message on error
 
 # 1.4.2 (2018-04-10)
 
 ## Changed
-
 - #72: Updated the docs to point to vert for a console appliaction
 - #71: Update the docs on pre-release comparator handling
 
 ## Fixed
-
 - #70: Fix the handling of pre-releases and the 0.0.0 release edge case
 
 # 1.4.1 (2018-04-02)
 
 ## Fixed
-
 - Fixed #64: Fix pre-release precedence issue (thanks @uudashr)
 
 # 1.4.0 (2017-10-04)
 
 ## Changed
-
 - #61: Update NewVersion to parse ints with a 64bit int size (thanks @zknill)
 
 # 1.3.1 (2017-07-10)
 
 ## Fixed
-
 - Fixed #57: number comparisons in prerelease sometimes inaccurate
 
 # 1.3.0 (2017-05-02)
 
 ## Added
-
 - #45: Added json (un)marshaling support (thanks @mh-cbon)
 - Stability marker. See https://masterminds.github.io/stability/
 
 ## Fixed
-
 - #51: Fix handling of single digit tilde constraint (thanks @dgodd)
 
 ## Changed
-
 - #55: The godoc icon moved from png to svg
 
 # 1.2.3 (2017-04-03)
 
 ## Fixed
-
-- #46: Fixed 0.x.x and 0.0.x in constraints being treated as \*
+- #46: Fixed 0.x.x and 0.0.x in constraints being treated as *
 
 # Release 1.2.2 (2016-12-13)
 
 ## Fixed
-
 - #34: Fixed issue where hyphen range was not working with pre-release parsing.
 
 # Release 1.2.1 (2016-11-28)
 
 ## Fixed
-
 - #24: Fixed edge case issue where constraint "> 0" does not handle "0.0.1-alpha"
   properly.
 
 # Release 1.2.0 (2016-11-04)
 
 ## Added
-
 - #20: Added MustParse function for versions (thanks @adamreese)
 - #15: Added increment methods on versions (thanks @mh-cbon)
 
 ## Fixed
-
 - Issue #21: Per the SemVer spec (section 9) a pre-release is unstable and
   might not satisfy the intended compatibility. The change here ignores pre-releases
   on constraint checks (e.g., ~ or ^) when a pre-release is not part of the
@@ -102,7 +89,6 @@
 # Release 1.1.1 (2016-06-30)
 
 ## Changed
-
 - Issue #9: Speed up version comparison performance (thanks @sdboyer)
 - Issue #8: Added benchmarks (thanks @sdboyer)
 - Updated Go Report Card URL to new location
@@ -116,7 +102,7 @@
 
 # Release 1.0.1 (2015-12-31)
 
-- Fixed #1: \* constraint failing on valid versions.
+- Fixed #1: * constraint failing on valid versions.
 
 # Release 1.0.0 (2015-10-20)
 

source/vendor/github.com/Masterminds/semver/README.md

@@ -2,10 +2,10 @@
 
 The `semver` package provides the ability to work with [Semantic Versions](http://semver.org) in Go. Specifically it provides the ability to:
 
-- Parse semantic versions
-- Sort semantic versions
-- Check if a semantic version fits within a set of constraints
-- Optionally work with a `v` prefix
+* Parse semantic versions
+* Sort semantic versions
+* Check if a semantic version fits within a set of constraints
+* Optionally work with a `v` prefix
 
 [![Stability:
 Active](https://masterminds.github.io/stability/active.svg)](https://masterminds.github.io/stability/active.html)
@@ -76,12 +76,12 @@ greater than or equal to 4.2.3.
 
 The basic comparisons are:
 
-- `=`: equal (aliased to no operator)
-- `!=`: not equal
-- `>`: greater than
-- `<`: less than
-- `>=`: greater than or equal to
-- `<=`: less than or equal to
+* `=`: equal (aliased to no operator)
+* `!=`: not equal
+* `>`: greater than
+* `<`: less than
+* `>=`: greater than or equal to
+* `<=`: less than or equal to
 
 ## Working With Pre-release Versions
 
@@ -115,8 +115,8 @@ the spec specifies.
 There are multiple methods to handle ranges and the first is hyphens ranges.
 These look like:
 
-- `1.2 - 1.4.5` which is equivalent to `>= 1.2, <= 1.4.5`
-- `2.3.4 - 4.5` which is equivalent to `>= 2.3.4, <= 4.5`
+* `1.2 - 1.4.5` which is equivalent to `>= 1.2, <= 1.4.5`
+* `2.3.4 - 4.5` which is equivalent to `>= 2.3.4, <= 4.5`
 
 ## Wildcards In Comparisons
 
@@ -124,10 +124,10 @@ The `x`, `X`, and `*` characters can be used as a wildcard character. This works
 for all comparison operators. When used on the `=` operator it falls
 back to the pack level comparison (see tilde below). For example,
 
-- `1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
-- `>= 1.2.x` is equivalent to `>= 1.2.0`
-- `<= 2.x` is equivalent to `< 3`
-- `*` is equivalent to `>= 0.0.0`
+* `1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
+* `>= 1.2.x` is equivalent to `>= 1.2.0`
+* `<= 2.x` is equivalent to `< 3`
+* `*` is equivalent to `>= 0.0.0`
 
 ## Tilde Range Comparisons (Patch)
 
@@ -135,22 +135,22 @@ The tilde (`~`) comparison operator is for patch level ranges when a minor
 version is specified and major level changes when the minor number is missing.
 For example,
 
-- `~1.2.3` is equivalent to `>= 1.2.3, < 1.3.0`
-- `~1` is equivalent to `>= 1, < 2`
-- `~2.3` is equivalent to `>= 2.3, < 2.4`
-- `~1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
-- `~1.x` is equivalent to `>= 1, < 2`
+* `~1.2.3` is equivalent to `>= 1.2.3, < 1.3.0`
+* `~1` is equivalent to `>= 1, < 2`
+* `~2.3` is equivalent to `>= 2.3, < 2.4`
+* `~1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
+* `~1.x` is equivalent to `>= 1, < 2`
 
 ## Caret Range Comparisons (Major)
 
 The caret (`^`) comparison operator is for major level changes. This is useful
 when comparisons of API versions as a major change is API breaking. For example,
 
-- `^1.2.3` is equivalent to `>= 1.2.3, < 2.0.0`
-- `^0.0.1` is equivalent to `>= 0.0.1, < 1.0.0`
-- `^1.2.x` is equivalent to `>= 1.2.0, < 2.0.0`
-- `^2.3` is equivalent to `>= 2.3, < 3`
-- `^2.x` is equivalent to `>= 2.0.0, < 3`
+* `^1.2.3` is equivalent to `>= 1.2.3, < 2.0.0`
+* `^0.0.1` is equivalent to `>= 0.0.1, < 1.0.0`
+* `^1.2.x` is equivalent to `>= 1.2.0, < 2.0.0`
+* `^2.3` is equivalent to `>= 2.3, < 3`
+* `^2.x` is equivalent to `>= 2.0.0, < 3`
 
 # Validation
 
@@ -183,7 +183,7 @@ version didn't meet the constraint is returned. For example,
 
 # Fuzzing
 
-[dvyukov/go-fuzz](https://github.com/dvyukov/go-fuzz) is used for fuzzing.
+ [dvyukov/go-fuzz](https://github.com/dvyukov/go-fuzz) is used for fuzzing.
 
 1. `go-fuzz-build`
 2. `go-fuzz -workdir=fuzz`

source/vendor/github.com/Masterminds/semver/doc.go

@@ -3,58 +3,58 @@ Package semver provides the ability to work with Semantic Versions (http://semve
 
 Specifically it provides the ability to:
 
-  - Parse semantic versions
-  - Sort semantic versions
-  - Check if a semantic version fits within a set of constraints
-  - Optionally work with a `v` prefix
+    * Parse semantic versions
+    * Sort semantic versions
+    * Check if a semantic version fits within a set of constraints
+    * Optionally work with a `v` prefix
 
-# Parsing Semantic Versions
+Parsing Semantic Versions
 
 To parse a semantic version use the `NewVersion` function. For example,
 
-	v, err := semver.NewVersion("1.2.3-beta.1+build345")
+    v, err := semver.NewVersion("1.2.3-beta.1+build345")
 
 If there is an error the version wasn't parseable. The version object has methods
 to get the parts of the version, compare it to other versions, convert the
 version back into a string, and get the original string. For more details
 please see the documentation at https://godoc.org/github.com/Masterminds/semver.
 
-# Sorting Semantic Versions
+Sorting Semantic Versions
 
 A set of versions can be sorted using the `sort` package from the standard library.
 For example,
 
-	    raw := []string{"1.2.3", "1.0", "1.3", "2", "0.4.2",}
-	    vs := make([]*semver.Version, len(raw))
-		for i, r := range raw {
-			v, err := semver.NewVersion(r)
-			if err != nil {
-				t.Errorf("Error parsing version: %s", err)
-			}
-
-			vs[i] = v
+    raw := []string{"1.2.3", "1.0", "1.3", "2", "0.4.2",}
+    vs := make([]*semver.Version, len(raw))
+	for i, r := range raw {
+		v, err := semver.NewVersion(r)
+		if err != nil {
+			t.Errorf("Error parsing version: %s", err)
 		}
 
-		sort.Sort(semver.Collection(vs))
+		vs[i] = v
+	}
+
+	sort.Sort(semver.Collection(vs))
 
-# Checking Version Constraints
+Checking Version Constraints
 
 Checking a version against version constraints is one of the most featureful
 parts of the package.
 
-	c, err := semver.NewConstraint(">= 1.2.3")
-	if err != nil {
-	    // Handle constraint not being parseable.
-	}
+    c, err := semver.NewConstraint(">= 1.2.3")
+    if err != nil {
+        // Handle constraint not being parseable.
+    }
 
-	v, err := semver.NewVersion("1.3")
-	if err != nil {
-	    // Handle version not being parseable.
-	}
-	// Check if the version meets the constraints. The a variable will be true.
-	a := c.Check(v)
+    v, err := semver.NewVersion("1.3")
+    if err != nil {
+        // Handle version not being parseable.
+    }
+    // Check if the version meets the constraints. The a variable will be true.
+    a := c.Check(v)
 
-# Basic Comparisons
+Basic Comparisons
 
 There are two elements to the comparisons. First, a comparison string is a list
 of comma separated and comparisons. These are then separated by || separated or
@@ -64,31 +64,31 @@ greater than or equal to 4.2.3.
 
 The basic comparisons are:
 
-  - `=`: equal (aliased to no operator)
-  - `!=`: not equal
-  - `>`: greater than
-  - `<`: less than
-  - `>=`: greater than or equal to
-  - `<=`: less than or equal to
+    * `=`: equal (aliased to no operator)
+    * `!=`: not equal
+    * `>`: greater than
+    * `<`: less than
+    * `>=`: greater than or equal to
+    * `<=`: less than or equal to
 
-# Hyphen Range Comparisons
+Hyphen Range Comparisons
 
 There are multiple methods to handle ranges and the first is hyphens ranges.
 These look like:
 
-  - `1.2 - 1.4.5` which is equivalent to `>= 1.2, <= 1.4.5`
-  - `2.3.4 - 4.5` which is equivalent to `>= 2.3.4, <= 4.5`
+    * `1.2 - 1.4.5` which is equivalent to `>= 1.2, <= 1.4.5`
+    * `2.3.4 - 4.5` which is equivalent to `>= 2.3.4, <= 4.5`
 
-# Wildcards In Comparisons
+Wildcards In Comparisons
 
 The `x`, `X`, and `*` characters can be used as a wildcard character. This works
 for all comparison operators. When used on the `=` operator it falls
 back to the pack level comparison (see tilde below). For example,
 
-  - `1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
-  - `>= 1.2.x` is equivalent to `>= 1.2.0`
-  - `<= 2.x` is equivalent to `<= 3`
-  - `*` is equivalent to `>= 0.0.0`
+    * `1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
+    * `>= 1.2.x` is equivalent to `>= 1.2.0`
+    * `<= 2.x` is equivalent to `<= 3`
+    * `*` is equivalent to `>= 0.0.0`
 
 Tilde Range Comparisons (Patch)
 
@@ -96,20 +96,20 @@ The tilde (`~`) comparison operator is for patch level ranges when a minor
 version is specified and major level changes when the minor number is missing.
 For example,
 
-  - `~1.2.3` is equivalent to `>= 1.2.3, < 1.3.0`
-  - `~1` is equivalent to `>= 1, < 2`
-  - `~2.3` is equivalent to `>= 2.3, < 2.4`
-  - `~1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
-  - `~1.x` is equivalent to `>= 1, < 2`
+    * `~1.2.3` is equivalent to `>= 1.2.3, < 1.3.0`
+    * `~1` is equivalent to `>= 1, < 2`
+    * `~2.3` is equivalent to `>= 2.3, < 2.4`
+    * `~1.2.x` is equivalent to `>= 1.2.0, < 1.3.0`
+    * `~1.x` is equivalent to `>= 1, < 2`
 
 Caret Range Comparisons (Major)
 
 The caret (`^`) comparison operator is for major level changes. This is useful
 when comparisons of API versions as a major change is API breaking. For example,
 
-  - `^1.2.3` is equivalent to `>= 1.2.3, < 2.0.0`
-  - `^1.2.x` is equivalent to `>= 1.2.0, < 2.0.0`
-  - `^2.3` is equivalent to `>= 2.3, < 3`
-  - `^2.x` is equivalent to `>= 2.0.0, < 3`
+    * `^1.2.3` is equivalent to `>= 1.2.3, < 2.0.0`
+    * `^1.2.x` is equivalent to `>= 1.2.0, < 2.0.0`
+    * `^2.3` is equivalent to `>= 2.3, < 3`
+    * `^2.x` is equivalent to `>= 2.0.0, < 3`
 */
 package semver

source/vendor/github.com/Masterminds/semver/version_fuzz.go

-//go:build gofuzz
 // +build gofuzz
 
 package semver

source/vendor/github.com/Microsoft/go-winio/README.md

@@ -82,6 +82,8 @@ See [npipe](https://github.com/natefinch/npipe) for another named pipe implement
 [lint]: https://golangci-lint.run/
 [lint-ide]: https://golangci-lint.run/usage/integrations/#editor-integration
 [lint-install]: https://golangci-lint.run/usage/install/#local-installation
+
 [git-commit-s]: https://git-scm.com/docs/git-commit#Documentation/git-commit.txt--s
 [git-rebase-s]: https://git-scm.com/docs/git-rebase#Documentation/git-rebase.txt---signoff
+
 [natefinch]: https://github.com/natefinch

source/vendor/github.com/Microsoft/go-winio/SECURITY.md

@@ -12,19 +12,19 @@ If you believe you have found a security vulnerability in any Microsoft-owned re
 
 Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://aka.ms/opensource/security/create-report).
 
-If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey).
+If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com).  If possible, encrypt your message with our PGP key; please download it from the [Microsoft Security Response Center PGP Key page](https://aka.ms/opensource/security/pgpkey).
 
-You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc).
+You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://aka.ms/opensource/security/msrc). 
 
 Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
 
-- Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
-- Full paths of source file(s) related to the manifestation of the issue
-- The location of the affected source code (tag/branch/commit or direct URL)
-- Any special configuration required to reproduce the issue
-- Step-by-step instructions to reproduce the issue
-- Proof-of-concept or exploit code (if possible)
-- Impact of the issue, including how an attacker might exploit the issue
+  * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
+  * Full paths of source file(s) related to the manifestation of the issue
+  * The location of the affected source code (tag/branch/commit or direct URL)
+  * Any special configuration required to reproduce the issue
+  * Step-by-step instructions to reproduce the issue
+  * Proof-of-concept or exploit code (if possible)
+  * Impact of the issue, including how an attacker might exploit the issue
 
 This information will help us triage your report more quickly.
 

source/vendor/github.com/ProtonMail/go-crypto/openpgp/keys.go

@@ -259,7 +259,7 @@ func (e *Entity) EncryptPrivateKeys(passphrase []byte, config *packet.Config) er
 	var keysToEncrypt []*packet.PrivateKey
 	// Add entity private key to encrypt.
 	if e.PrivateKey != nil && !e.PrivateKey.Dummy() && !e.PrivateKey.Encrypted {
-		keysToEncrypt = append(keysToEncrypt, e.PrivateKey)
+		keysToEncrypt = append(keysToEncrypt,  e.PrivateKey)
 	}
 
 	// Add subkeys to encrypt.
@@ -284,7 +284,7 @@ func (e *Entity) DecryptPrivateKeys(passphrase []byte) error {
 	// Add subkeys to decrypt.
 	for _, sub := range e.Subkeys {
 		if sub.PrivateKey != nil && !sub.PrivateKey.Dummy() && sub.PrivateKey.Encrypted {
-			keysToDecrypt = append(keysToDecrypt, sub.PrivateKey)
+			keysToDecrypt = append(keysToDecrypt,  sub.PrivateKey)
 		}
 	}
 	return packet.DecryptPrivateKeys(keysToDecrypt, passphrase)

source/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key.go

@@ -458,7 +458,7 @@ func (pk *PrivateKey) Decrypt(passphrase []byte) error {
 }
 
 // DecryptPrivateKeys decrypts all encrypted keys with the given config and passphrase.
-// Avoids recomputation of similar s2k key derivations.
+// Avoids recomputation of similar s2k key derivations. 
 func DecryptPrivateKeys(keys []*PrivateKey, passphrase []byte) error {
 	// Create a cache to avoid recomputation of key derviations for the same passphrase.
 	s2kCache := &s2k.Cache{}
@@ -485,7 +485,7 @@ func (pk *PrivateKey) encrypt(key []byte, params *s2k.Params, cipherFunction Cip
 	if len(key) != cipherFunction.KeySize() {
 		return errors.InvalidArgumentError("supplied encryption key has the wrong size")
 	}
-
+	
 	priv := bytes.NewBuffer(nil)
 	err := pk.serializePrivateKey(priv)
 	if err != nil {
@@ -497,7 +497,7 @@ func (pk *PrivateKey) encrypt(key []byte, params *s2k.Params, cipherFunction Cip
 	pk.s2k, err = pk.s2kParams.Function()
 	if err != nil {
 		return err
-	}
+	} 
 
 	privateKeyBytes := priv.Bytes()
 	pk.sha1Checksum = true
@@ -581,7 +581,7 @@ func (pk *PrivateKey) Encrypt(passphrase []byte) error {
 			S2KMode:  s2k.IteratedSaltedS2K,
 			S2KCount: 65536,
 			Hash:     crypto.SHA256,
-		},
+		} ,
 		DefaultCipher: CipherAES256,
 	}
 	return pk.EncryptWithConfig(passphrase, config)

source/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go

@@ -87,10 +87,10 @@ func decodeCount(c uint8) int {
 // encodeMemory converts the Argon2 "memory" in the range parallelism*8 to
 // 2**31, inclusive, to an encoded memory. The return value is the
 // octet that is actually stored in the GPG file. encodeMemory panics
-// if is not in the above range
+// if is not in the above range 
 // See OpenPGP crypto refresh Section 3.7.1.4.
 func encodeMemory(memory uint32, parallelism uint8) uint8 {
-	if memory < (8*uint32(parallelism)) || memory > uint32(2147483648) {
+	if memory < (8 * uint32(parallelism)) || memory > uint32(2147483648) {
 		panic("Memory argument memory is outside the required range")
 	}
 
@@ -199,8 +199,8 @@ func Generate(rand io.Reader, c *Config) (*Params, error) {
 		}
 
 		params = &Params{
-			mode:   SaltedS2K,
-			hashId: hashId,
+			mode:      SaltedS2K,
+			hashId:    hashId,
 		}
 	} else { // Enforce IteratedSaltedS2K method otherwise
 		hashId, ok := algorithm.HashToHashId(c.hash())
@@ -211,7 +211,7 @@ func Generate(rand io.Reader, c *Config) (*Params, error) {
 			c.S2KMode = IteratedSaltedS2K
 		}
 		params = &Params{
-			mode:      IteratedSaltedS2K,
+			mode:      IteratedSaltedS2K, 
 			hashId:    hashId,
 			countByte: c.EncodedCount(),
 		}
@@ -306,12 +306,9 @@ func (params *Params) Dummy() bool {
 
 func (params *Params) salt() []byte {
 	switch params.mode {
-	case SaltedS2K, IteratedSaltedS2K:
-		return params.saltBytes[:8]
-	case Argon2S2K:
-		return params.saltBytes[:Argon2SaltSize]
-	default:
-		return nil
+		case SaltedS2K, IteratedSaltedS2K: return params.saltBytes[:8]
+		case Argon2S2K: return params.saltBytes[:Argon2SaltSize]
+		default: return nil
 	}
 }
 

source/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_cache.go

@@ -5,7 +5,7 @@ package s2k
 // the same parameters.
 type Cache map[Params][]byte
 
-// GetOrComputeDerivedKey tries to retrieve the key
+// GetOrComputeDerivedKey tries to retrieve the key 
 // for the given s2k parameters from the cache.
 // If there is no hit, it derives the key with the s2k function from the passphrase,
 // updates the cache, and returns the key.

source/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k_config.go

@@ -50,9 +50,9 @@ type Config struct {
 type Argon2Config struct {
 	NumberOfPasses      uint8
 	DegreeOfParallelism uint8
-	// The memory parameter for Argon2 specifies desired memory usage in kibibytes.
+	// The memory parameter for Argon2 specifies desired memory usage in kibibytes. 
 	// For example memory=64*1024 sets the memory cost to ~64 MB.
-	Memory uint32
+	Memory      	    uint32 
 }
 
 func (c *Config) Mode() Mode {
@@ -115,7 +115,7 @@ func (c *Argon2Config) EncodedMemory() uint8 {
 	}
 
 	memory := c.Memory
-	lowerBound := uint32(c.Parallelism()) * 8
+	lowerBound := uint32(c.Parallelism())*8
 	upperBound := uint32(2147483648)
 
 	switch {

source/vendor/github.com/cyphar/filepath-securejoin/README.md

-## `filepath-securejoin`
+## `filepath-securejoin` ##
 
 [![Build Status](https://github.com/cyphar/filepath-securejoin/actions/workflows/ci.yml/badge.svg)](https://github.com/cyphar/filepath-securejoin/actions/workflows/ci.yml)
 
@@ -7,7 +7,7 @@ standard library][go#20126]. The purpose of this function is to be a "secure"
 alternative to `filepath.Join`, and in particular it provides certain
 guarantees that are not provided by `filepath.Join`.
 
-> **NOTE**: This code is _only_ safe if you are not at risk of other processes
+> **NOTE**: This code is *only* safe if you are not at risk of other processes
 > modifying path components after you've used `SecureJoin`. If it is possible
 > for a malicious process to modify path components of the resolved path, then
 > you will be vulnerable to some fairly trivial TOCTOU race conditions. [There
@@ -28,20 +28,20 @@ func SecureJoin(root, unsafePath string) (string, error)
 
 This library **guarantees** the following:
 
-- If no error is set, the resulting string **must** be a child path of
+* If no error is set, the resulting string **must** be a child path of
   `root` and will not contain any symlink path components (they will all be
   expanded).
 
-- When expanding symlinks, all symlink path components **must** be resolved
+* When expanding symlinks, all symlink path components **must** be resolved
   relative to the provided root. In particular, this can be considered a
   userspace implementation of how `chroot(2)` operates on file paths. Note that
   these symlinks will **not** be expanded lexically (`filepath.Clean` is not
   called on the input before processing).
 
-- Non-existent path components are unaffected by `SecureJoin` (similar to
+* Non-existent path components are unaffected by `SecureJoin` (similar to
   `filepath.EvalSymlinks`'s semantics).
 
-- The returned path will always be `filepath.Clean`ed and thus not contain any
+* The returned path will always be `filepath.Clean`ed and thus not contain any
   `..` components.
 
 A (trivial) implementation of this function on GNU/Linux systems could be done
@@ -73,7 +73,7 @@ func SecureJoin(root, unsafePath string) (string, error) {
 [lwn-obeneath]: https://lwn.net/Articles/767547/
 [go#20126]: https://github.com/golang/go/issues/20126
 
-### License
+### License ###
 
 The license of this project is the same as Go, which is a BSD 3-clause license
 available in the `LICENSE` file.

source/vendor/github.com/dprotaso/go-yit/README.md

@@ -10,13 +10,12 @@ functional style methods for iterating over YAML documents.
 ## Usage
 
 Import the package
-
 ```go
 import "github.com/dprotaso/go-yit"
 ```
 
-Query your YAML document
 
+Query your YAML document
 ```go
 package main
 
@@ -52,3 +51,4 @@ func main() {
 	}
 }
 ```
+

source/vendor/github.com/emirpasic/gods/containers/iterator.go

@@ -72,7 +72,7 @@ type IteratorWithKey interface {
 //
 // Essentially it is the same as IteratorWithIndex, but provides additional:
 //
-// # Prev() function to enable traversal in reverse
+// Prev() function to enable traversal in reverse
 //
 // Last() function to move the iterator to the last element.
 //
@@ -105,7 +105,7 @@ type ReverseIteratorWithIndex interface {
 //
 // Essentially it is the same as IteratorWithKey, but provides additional:
 //
-// # Prev() function to enable traversal in reverse
+// Prev() function to enable traversal in reverse
 //
 // Last() function to move the iterator to the last element.
 type ReverseIteratorWithKey interface {

source/vendor/github.com/emirpasic/gods/lists/arraylist/arraylist.go

@@ -102,7 +102,7 @@ func (list *List) Values() []interface{} {
 	return newElements
 }
 
-// IndexOf returns index of provided element
+//IndexOf returns index of provided element
 func (list *List) IndexOf(value interface{}) int {
 	if list.size == 0 {
 		return -1

source/vendor/github.com/emirpasic/gods/utils/comparator.go

@@ -10,10 +10,9 @@ import "time"
 // which will panic if a or b are not of the asserted type.
 //
 // Should return a number:
-//
-//	negative , if a < b
-//	zero     , if a == b
-//	positive , if a > b
+//    negative , if a < b
+//    zero     , if a == b
+//    positive , if a > b
 type Comparator func(a, b interface{}) int
 
 // StringComparator provides a fast comparison on strings