caddy-cgi - fork of caddy for nix to build it with the cgi plugin

Age	Commit message (Collapse)	Author
2023-08-14	ci: use gci linter (#5708)	Jacob Gadikian
	* use gofmput to format code * use gci to format imports * reconfigure gci * linter autofixes * rearrange imports a little * export GOOS=windows golangci-lint run ./... --fix
2023-02-24	cmd: Expand cobra support, add short flags (#5379)	Francis Lavoie
	* cmd: Expand cobra support * Convert commands to cobra, add short flags * Fix version command typo Co-authored-by: Emily Lange <git@indeednotjames.com> * Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> --------- Co-authored-by: Emily Lange <git@indeednotjames.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2022-09-05	caddyauth: Speed up basicauth provision, deprecate scrypt (#4720)	Francis Lavoie
	* caddyauth: Speed up basicauth provisioning, precalculate fake password * Deprecate scrypt, allow using decoded bcrypt hashes * Add TODO note Co-authored-by: Matt Holt <mholt@users.noreply.github.com> Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2021-03-29	go.mod: Migrate to golang.org/x/term (#4073)	Simão Gomes Viana
	golang.org/x/crypto/ssh/terminal is deprecated in favor of golang.org/x/term See https://github.com/caddyserver/caddy/pull/4073/checks?check_run_id=2152150495 Error: SA1019: package golang.org/x/crypto/ssh/terminal is deprecated: this package moved to golang.org/x/term. (staticcheck) See https://github.com/caddyserver/caddy/pull/4073/checks?check_run_id=2152228516 Error: SA1019: package golang.org/x/crypto/ssh/terminal is deprecated: this package moved to golang.org/x/term. (staticcheck) Test: go test -count=1 './...'
2020-12-01	caddyauth: Use buffered channel passed to signal.Notify (#3895)	Cuong Manh Le
	The docs at os/signal.Notify warn about this signal delivery loss bug at https://golang.org/pkg/os/signal/#Notify, which says: Package signal will not block sending to c: the caller must ensure that c has sufficient buffer space to keep up with the expected signal rate. For a channel used for notification of just one signal value, a buffer of size 1 is sufficient. Caught by a static analysis tool from Orijtech, Inc. called "sigchanyzer"
2020-10-31	caddyauth: Prevent user enumeration by timing	Matthew Holt
	Always follow the code path of hashing and comparing a plaintext password even if the account is not found by the given username; this ensures that similar CPU cycles are spent for both valid and invalid usernames. Thanks to @tylerlm for helping and looking into this!
2020-07-17	caddyauth: hash-password: Set bcrypt cost to 14 (#3580)	Matthew Holt

2020-05-21	cmd: hash-password: Fix broken terminal state on SIGINT (#3416)	Francis Lavoie
	* caddyauth: Fix hash-password broken terminal state on SIGINT * caddycmd: Move TrapSignals calls to only subcommands that run long
2020-05-11	cmd: hash-password: Support reading from stdin (#3373)	Andrew Zhou
	Closes #3365 * http: Add support in hash-password for reading from terminals/stdin * FIXUP: Run gofmt -s * FIXUP * FIXUP: Apply suggestions from code review Co-authored-by: Matt Holt <mholt@users.noreply.github.com> * FIXUP Co-authored-by: Matt Holt <mholt@users.noreply.github.com>
2020-04-08	chore: make the linter happier (#3245)	Mohammed Al Sahaf
	* chore: make the linter happier * chore: remove reference to maligned linter in .golangci.yml
2019-10-28	caddyhttp: Minor cleanup and fix nil pointer deref in caddyfile adapter	Matthew Holt

2019-10-10	http: authentication module; hash-password cmd; http_basic provider	Matthew Holt
	This implements HTTP basicauth into Caddy 2. The basic auth module will not work with passwords that are not securely hashed, so a subcommand hash-password was added to make it convenient to produce those hashes. Also included is Caddyfile support. Closes #2747.