Merge upstream changes from klzgrad's repository

Co-authored-by: Qwen-Coder <qwen-coder@alibabacloud.com>

Author: root

.github/dependabot.yml

@@ -0,0 +1,14 @@
+version: 2
+updates:
+  - package-ecosystem: "gomod"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "github-actions"
+    directory: "/"
+    schedule:
+      interval: "daily"
+  - package-ecosystem: "docker"
+    directory: "/"
+    schedule:
+      interval: "daily"

.github/workflows/build.yml

@@ -0,0 +1,38 @@
+name: Build
+on:
+  push:
+    branches: [naive]
+    paths-ignore: [README.md]
+  release:
+    types: [published]
+defaults:
+  run:
+    shell: bash
+jobs:
+  build_caddy_with_naive:
+    runs-on: ubuntu-22.04
+    env:
+      BUNDLE: caddy-forwardproxy-naive
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: ^1.21.9
+      - run: go install github.com/caddyserver/xcaddy/cmd/xcaddy@latest
+      - run: ~/go/bin/xcaddy build --with github.com/caddyserver/forwardproxy@master=$PWD
+      - name: Pack naiveproxy assets
+        run: |
+          mkdir ${{ env.BUNDLE }}
+          cp caddy LICENSE README.md ${{ env.BUNDLE }}
+          tar cJf ${{ env.BUNDLE }}.tar.xz ${{ env.BUNDLE }}
+          openssl sha256 ./caddy >sha256sum.txt
+          echo "SHA256SUM=$(cut -d' ' -f2 sha256sum.txt)" >>$GITHUB_ENV
+      - uses: actions/upload-artifact@v4
+        with:
+          name: ${{ env.BUNDLE }}.tar.xz caddy executable sha256 ${{ env.SHA256SUM }}
+          path: sha256sum.txt
+      - name: Upload caddy assets
+        if: ${{ github.event_name == 'release' }}
+        run: gh release upload "${GITHUB_REF##*/}"  ${{ env.BUNDLE }}.tar.xz --clobber
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/lint.yml

@@ -0,0 +1,61 @@
+name: Lint
+
+on:
+  push:
+    branches:
+      - master
+      - main
+    paths-ignore:
+      - "**.md"
+  pull_request:
+    branches:
+      - master
+      - main
+    paths-ignore:
+      - "**.md"
+
+permissions:
+  contents: read
+
+jobs:
+  # From https://github.com/golangci/golangci-lint-action
+  golangci:
+    permissions:
+      contents: read # for actions/checkout to fetch code
+      pull-requests: read # for golangci/golangci-lint-action to fetch pull requests
+    name: lint
+    strategy:
+      matrix:
+        os:
+          - linux
+          - windows
+
+        include:
+        - os: linux
+          OS_LABEL: ubuntu-latest
+
+        - os: windows
+          OS_LABEL: windows-latest
+    runs-on: ${{ matrix.OS_LABEL }}
+    steps:
+      - uses: actions/checkout@v4
+      - uses: actions/setup-go@v5
+        with:
+          go-version: '~1.22.0'
+          check-latest: true
+          cache: false
+
+      - name: golangci-lint
+        uses: golangci/golangci-lint-action@v6
+        with:
+          version: v1.55.2
+          args: --timeout 10m
+
+  # govulncheck:
+  #   runs-on: ubuntu-latest
+  #   steps:
+  #     - name: govulncheck
+  #       uses: golang/govulncheck-action@v1
+  #       with:
+  #         go-version-input: '~1.22.0'
+  #         check-latest: true

.github/workflows/tests.yml

@@ -0,0 +1,35 @@
+name: "Tests"
+
+on:
+  push:
+    branches:
+      - "master"
+      - "main"
+    paths-ignore:
+      - "**.md"
+  pull_request:
+    branches:
+      - "*"
+    paths-ignore:
+      - "**.md"
+
+jobs:
+  Tests:
+    strategy:
+      matrix:
+        go-version:
+          - 1.21.x
+          - 1.22.x
+        platform:
+          - ubuntu-latest
+          - windows-latest
+    runs-on: ${{ matrix.platform }}
+    steps:
+      - name: Fetch Repository
+        uses: actions/checkout@v4
+      - name: Install Go
+        uses: actions/setup-go@v5
+        with:
+          go-version: '${{ matrix.go-version }}'
+      - name: Run test
+        run: go test -v -race ./...

.golanci-lint.yml

@@ -0,0 +1,168 @@
+linters-settings:
+  errcheck:
+    ignore: fmt:.*,go.uber.org/zap/zapcore:^Add.*
+    ignoretests: true
+  gci:
+    sections:
+      - standard # Standard section: captures all standard packages.
+      - default # Default section: contains all imports that could not be matched to another section type.
+      - prefix(github.com/caddyserver/caddy/v2/cmd) # ensure that this is always at the top and always has a line break.
+      - prefix(github.com/caddyserver/caddy) # Custom section: groups all imports with the specified Prefix.
+    # Skip generated files.
+    # Default: true
+    skip-generated: true
+    # Enable custom order of sections.
+    # If `true`, make the section order the same as the order of `sections`.
+    # Default: false
+    custom-order: true
+  exhaustive:
+    ignore-enum-types: reflect.Kind|svc.Cmd
+
+linters:
+  disable-all: true
+  enable:
+    - asasalint
+    - asciicheck
+    - bidichk
+    - bodyclose
+    - decorder
+    - dogsled
+    - dupl
+    - dupword
+    - durationcheck
+    - errcheck
+    - errname
+    - exhaustive
+    - exportloopref
+    - gci
+    - gofmt
+    - goimports
+    - gofumpt
+    - gosec
+    - gosimple
+    - govet
+    - ineffassign
+    - importas
+    - misspell
+    - prealloc
+    - promlinter
+    - sloglint
+    - sqlclosecheck
+    - staticcheck
+    - tenv
+    - testableexamples
+    - testifylint
+    - tparallel
+    - typecheck
+    - unconvert
+    - unused
+    - wastedassign
+    - whitespace
+    - zerologlint
+  # these are implicitly disabled:
+  # - containedctx
+  # - contextcheck
+  # - cyclop
+  # - depguard
+  # - errchkjson
+  # - errorlint
+  # - exhaustruct
+  # - execinquery
+  # - exhaustruct
+  # - forbidigo
+  # - forcetypeassert
+  # - funlen
+  # - ginkgolinter
+  # - gocheckcompilerdirectives
+  # - gochecknoglobals
+  # - gochecknoinits
+  # - gochecksumtype
+  # - gocognit
+  # - goconst
+  # - gocritic
+  # - gocyclo
+  # - godot
+  # - godox
+  # - goerr113
+  # - goheader
+  # - gomnd
+  # - gomoddirectives
+  # - gomodguard
+  # - goprintffuncname
+  # - gosmopolitan
+  # - grouper
+  # - inamedparam
+  # - interfacebloat
+  # - ireturn
+  # - lll
+  # - loggercheck
+  # - maintidx
+  # - makezero
+  # - mirror
+  # - musttag
+  # - nakedret
+  # - nestif
+  # - nilerr
+  # - nilnil
+  # - nlreturn
+  # - noctx
+  # - nolintlint
+  # - nonamedreturns
+  # - nosprintfhostport
+  # - paralleltest
+  # - perfsprint
+  # - predeclared
+  # - protogetter
+  # - reassign
+  # - revive
+  # - rowserrcheck
+  # - stylecheck
+  # - tagalign
+  # - tagliatelle
+  # - testpackage
+  # - thelper
+  # - unparam
+  # - usestdlibvars
+  # - varnamelen
+  # - wrapcheck
+  # - wsl
+
+run:
+  # default concurrency is a available CPU number.
+  # concurrency: 4 # explicitly omit this value to fully utilize available resources.
+  deadline: 5m
+  issues-exit-code: 1
+  tests: false
+
+# output configuration options
+output:
+  format: 'colored-line-number'
+  print-issued-lines: true
+  print-linter-name: true
+
+issues:
+  exclude-rules:
+    # we aren't calling unknown URL
+    - text: 'G107' # G107: Url provided to HTTP request as taint input
+      linters:
+        - gosec
+    # as a web server that's expected to handle any template, this is totally in the hands of the user.
+    - text: 'G203' # G203: Use of unescaped data in HTML templates
+      linters:
+        - gosec
+    # we're shelling out to known commands, not relying on user-defined input.
+    - text: 'G204' # G204: Audit use of command execution
+      linters:
+        - gosec
+    # the choice of weakrand is deliberate, hence the named import "weakrand"
+    - path: modules/caddyhttp/reverseproxy/selectionpolicies.go
+      text: 'G404' # G404: Insecure random number source (rand)
+      linters:
+        - gosec
+    - path: modules/caddyhttp/reverseproxy/streaming.go
+      text: 'G404' # G404: Insecure random number source (rand)
+      linters:
+        - gosec
+    - path: modules/logging/filters.go
+      linters:
+        - dupl