status-go/Gopkg.toml

173 lines
4.5 KiB
TOML
Raw Normal View History

[prune]
unused-packages = true
go-tests = true
2018-02-21 14:37:46 +00:00
non-go = true
[[prune.project]]
name = "github.com/karalabe/hid"
non-go = false
unused-packages = false
[[prune.project]]
name = "github.com/ethereum/go-ethereum"
unused-packages = false
2018-02-21 14:37:46 +00:00
non-go = false
# * * * * * constrained `status-go` dependencies * * * * *
# (for the full dependency list see `Gopkg.lock`)
[[constraint]]
# `btcutil` is required to be compatible with `btcd`
name = "github.com/btcsuite/btcutil"
revision = "dcd4997b0664bcfd6ef48e4ae9da8396e08b1cd9"
[[constraint]]
name = "github.com/ethereum/go-ethereum"
2018-12-19 10:02:07 +00:00
version = "=v1.8.20"
source = "github.com/status-im/go-ethereum"
[[constraint]]
name = "github.com/status-im/whisper"
2018-12-19 10:02:07 +00:00
version = "=v1.4.5"
[[override]]
name = "github.com/golang/protobuf"
version = "1.1.0"
[[constraint]]
name = "github.com/NaySoftware/go-fcm"
revision = "024ca6a2c5444c93980f558f91c35a2defebd362"
source = "github.com/status-im/go-fcm"
# * * * * * `go-ethereum` dependencies * * * * *
# Pinned down SHAs from `go-ethereum/vendor/vendor.json`
# When upgrading upstream, upgrade these values too.
[[override]]
name = "github.com/aristanetworks/goarista"
revision = "ea17b1a17847fb6e4c0a91de0b674704693469b0"
[[override]]
name = "github.com/btcsuite/btcd"
revision = "d06c0bb181529331be8f8d9350288c420d9e60e4"
[[override]]
name = "github.com/davecgh/go-spew"
revision = "346938d642f2ec3594ed81d874461961cd0faa76"
[[override]]
name = "github.com/edsrzf/mmap-go"
revision = "935e0e8a636ca4ba70b713f3e38a19e1b77739e8"
[[override]]
name = "github.com/go-stack/stack"
revision = "54be5f394ed2c3e19dac9134a40a95ba5a017f7b"
[[override]]
name = "github.com/golang/snappy"
revision = "553a641470496b2327abcac10b36396bd98e45c9"
[[override]]
name = "github.com/hashicorp/golang-lru"
revision = "0a025b7e63adc15a622f29b0b2c4c3848243bbf6"
[[override]]
name = "github.com/huin/goupnp"
revision = "679507af18f3c7ba2bcc7905392ce23e148661c3"
[[override]]
name = "github.com/jackpal/go-nat-pmp"
revision = "1fa385a6f45828c83361136b45b1a21a12139493"
[[override]]
name = "github.com/karalabe/hid"
revision = "f00545f9f3748e591590be3732d913c77525b10f"
[[override]]
name = "github.com/mattn/go-colorable"
revision = "5411d3eea5978e6cdc258b30de592b60df6aba96"
[[override]]
name = "github.com/mattn/go-isatty"
revision = "3fb116b820352b7f0c281308a4d6250c22d94e27"
[[override]]
name = "github.com/pborman/uuid"
revision = "1b00554d822231195d1babd97ff4a781231955c9"
[[override]]
name = "github.com/pmezard/go-difflib"
revision = "792786c7400a136282c1664665ae0a8db921c6c2"
[[override]]
name = "github.com/prometheus/prometheus"
revision = "3101606756c53221ed58ba94ecba6b26adf89dcc"
[[override]]
name = "github.com/rcrowley/go-metrics"
revision = "1f30fe9094a513ce4c700b9a54458bbb0c96996c"
[[override]]
name = "github.com/rjeczalik/notify"
version="=v0.9.2"
[[override]]
name = "github.com/robertkrimen/otto"
# (@mandrigin): This supposed to be contrained as:
#
# revision = "6a77b7cbc37d0c39f7d5fa5766826e541df31fd5"
#
# but it has relative imports that break everything.
# The following revision only differs from the source
# with fixing relative imports.
revision = "9c716adcc8cedb0c0e3c02be549f4ad20e0b216c"
[[override]]
name = "github.com/rs/cors"
revision = "a62a804a8a009876ca59105f7899938a1349f4b3"
[[override]]
name = "github.com/rs/xhandler"
revision = "ed27b6fd65218132ee50cd95f38474a3d8a2cd12"
[[override]]
name = "github.com/stretchr/testify"
revision = "890a5c3458b43e6104ff5da8dfa139d013d77544"
[[override]]
name = "github.com/syndtr/goleveldb"
revision = "5d6fca44a948d2be89a9702de7717f0168403d3d"
[[constraint]]
name = "github.com/beevik/ntp"
version = "0.2.0"
[[override]]
name = "github.com/multiformats/go-multiaddr"
revision = "f36800afeb9c141e1adb7da099e6f010dfd4c419"
# 1.0.8
[[override]]
name = "github.com/multiformats/go-multihash"
revision = "8be2a682ab9f254311de1375145a2f78a809b07d"
[[override]]
name = "github.com/satori/go.uuid"
revision = "36e9d2ebbde5e3f13ab2e25625fd453271d6522e"
[[constraint]]
name = "github.com/status-im/rendezvous"
branch = "master"
2018-08-07 13:31:06 +00:00
[[override]]
name = "github.com/deckarep/golang-set"
revision = "504e848d77ea4752b3057b8fb46da0e7f746ccf3"
[[constraint]]
name = "github.com/status-im/doubleratchet"
Change handling of skipped/deleted keys & add version (#1261) - Skipped keys The purpose of limiting the number of skipped keys generated is to avoid a dos attack whereby an attacker would send a large N, forcing the device to compute all the keys between currentN..N . Previously the logic for handling skipped keys was: - If in the current receiving chain there are more than maxSkip keys, throw an error This is problematic as in long-lived session dropped/unreceived messages starts piling up, eventually reaching the threshold (1000 dropped/unreceived messages). This logic has been changed to be more inline with signals spec, and now it is: - If N is > currentN + maxSkip, throw an error The purpose of limiting the number of skipped keys stored is to avoid a dos attack whereby an attacker would force us to store a large number of keys, filling up our storage. Previously the logic for handling old keys was: - Once you have maxKeep ratchet steps, delete any key from currentRatchet - maxKeep. This, in combination with the maxSkip implementation, capped the number of stored keys to maxSkip * maxKeep. The logic has been changed to: - Keep a maximum of MaxMessageKeysPerSession and additionally we delete any key that has a sequence number < currentSeqNum - maxKeep - Version We check now the version of the bundle so that when we get a bundle from the same installationID with a higher version, we mark the previous bundle as expired and use the new bundle the next time a message is sent
2018-11-05 19:00:04 +00:00
revision = "4dcb6cba284ae9f97129e2a98b9277f629d9dbc4"
[[constraint]]
name = "github.com/status-im/migrate"
branch = "master"