chore(nix): fix hash for updated go dependencies

chore(deps): bump actions/stale from 10.1.1 to 10.2.0
Bumps [actions/stale](https://github.com/actions/stale) from 10.1.1 to 10.2.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](997185467f...b5d41d4e1d) --- updated-dependencies: - dependency-name: actions/stale dependency-version: 10.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2026-03-13 02:14:56 -05:00 · 2026-03-09 10:29:37 +00:00 · 2026-03-09 10:27:46 +00:00 · 2026-03-08 11:28:56 -07:00 · 2026-03-07 12:34:55 -08:00
7 changed files with 69 additions and 338 deletions
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -269,6 +269,7 @@ jobs:
          context: .
          push: true
          platforms: linux/amd64
+          build-args: VERSION=${{ env.TAG }}
          tags: |
            ${{ env.GHCR_IMAGE }}:amd64-${{ env.TAG }}
            ${{ env.DOCKERHUB_IMAGE }}:amd64-${{ env.TAG }}
@@ -393,6 +394,7 @@ jobs:
          context: .
          push: true
          platforms: linux/arm64
+          build-args: VERSION=${{ env.TAG }}
          tags: |
            ${{ env.GHCR_IMAGE }}:arm64-${{ env.TAG }}
            ${{ env.DOCKERHUB_IMAGE }}:arm64-${{ env.TAG }}
@@ -509,6 +511,7 @@ jobs:
          context: .
          push: true
          platforms: linux/arm/v7
+          build-args: VERSION=${{ env.TAG }}
          tags: |
            ${{ env.GHCR_IMAGE }}:armv7-${{ env.TAG }}
            ${{ env.DOCKERHUB_IMAGE }}:armv7-${{ env.TAG }}
--- a/.github/workflows/stale-bot.yml
+++ b/.github/workflows/stale-bot.yml
@@ -14,7 +14,7 @@ jobs:
  stale:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/stale@997185467fa4f803885201cee163a9f38240193d # v10.1.1
+      - uses: actions/stale@b5d41d4e1d5dceea10e7104786b73624c18a190f # v10.2.0
        with:
          days-before-stale: 14
          days-before-close: 14
--- a/3
+++ b/3
@@ -17,7 +17,8 @@ RUN go mod download
 COPY . .

 # Build the application
-RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w" -o /newt
+ARG VERSION=dev
+RUN CGO_ENABLED=0 GOOS=linux go build -ldflags="-s -w -X main.newtVersion=${VERSION}" -o /newt

 FROM public.ecr.aws/docker/library/alpine:3.23 AS runner

--- a/common.go
+++ b/common.go
@@ -5,7 +5,6 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
-	"net"
 	"os"
 	"os/exec"
 	"strings"
@@ -364,62 +363,27 @@ func parseTargetData(data interface{}) (TargetData, error) {
 	return targetData, nil
 }

-// parseTargetString parses a target string in the format "listenPort:host:targetPort"
-// It properly handles IPv6 addresses which must be in brackets: "listenPort:[ipv6]:targetPort"
-// Examples:
-//   - IPv4: "3001:192.168.1.1:80"
-//   - IPv6: "3001:[::1]:8080" or "3001:[fd70:1452:b736:4dd5:caca:7db9:c588:f5b3]:80"
-//
-// Returns listenPort, targetAddress (in host:port format suitable for net.Dial), and error
-func parseTargetString(target string) (int, string, error) {
-	// Find the first colon to extract the listen port
-	firstColon := strings.Index(target, ":")
-	if firstColon == -1 {
-		return 0, "", fmt.Errorf("invalid target format, no colon found: %s", target)
-	}
-
-	listenPortStr := target[:firstColon]
-	var listenPort int
-	_, err := fmt.Sscanf(listenPortStr, "%d", &listenPort)
-	if err != nil {
-		return 0, "", fmt.Errorf("invalid listen port: %s", listenPortStr)
-	}
-	if listenPort <= 0 || listenPort > 65535 {
-		return 0, "", fmt.Errorf("listen port out of range: %d", listenPort)
-	}
-
-	// The remainder is host:targetPort - use net.SplitHostPort which handles IPv6 brackets
-	remainder := target[firstColon+1:]
-	host, targetPort, err := net.SplitHostPort(remainder)
-	if err != nil {
-		return 0, "", fmt.Errorf("invalid host:port format '%s': %w", remainder, err)
-	}
-
-	// Reject empty host or target port
-	if host == "" {
-		return 0, "", fmt.Errorf("empty host in target: %s", target)
-	}
-	if targetPort == "" {
-		return 0, "", fmt.Errorf("empty target port in target: %s", target)
-	}
-
-	// Reconstruct the target address using JoinHostPort (handles IPv6 properly)
-	targetAddr := net.JoinHostPort(host, targetPort)
-
-	return listenPort, targetAddr, nil
-}
-
 func updateTargets(pm *proxy.ProxyManager, action string, tunnelIP string, proto string, targetData TargetData) error {
 	for _, t := range targetData.Targets {
-		// Parse the target string, handling both IPv4 and IPv6 addresses
-		port, target, err := parseTargetString(t)
+		// Split the first number off of the target with : separator and use as the port
+		parts := strings.Split(t, ":")
+		if len(parts) != 3 {
+			logger.Info("Invalid target format: %s", t)
+			continue
+		}
+
+		// Get the port as an int
+		port := 0
+		_, err := fmt.Sscanf(parts[0], "%d", &port)
 		if err != nil {
-			logger.Info("Invalid target format: %s (%v)", t, err)
+			logger.Info("Invalid port: %s", parts[0])
 			continue
 		}

 		switch action {
 		case "add":
+			target := parts[1] + ":" + parts[2]
+
 			// Call updown script if provided
 			processedTarget := target
 			if updownScript != "" {
@@ -446,6 +410,8 @@ func updateTargets(pm *proxy.ProxyManager, action string, tunnelIP string, proto
 		case "remove":
 			logger.Info("Removing target with port %d", port)

+			target := parts[1] + ":" + parts[2]
+
 			// Call updown script if provided
 			if updownScript != "" {
 				_, err := executeUpdownScript(action, proto, target)
@@ -454,7 +420,7 @@ func updateTargets(pm *proxy.ProxyManager, action string, tunnelIP string, proto
 				}
 			}

-			err = pm.RemoveTarget(proto, tunnelIP, port)
+			err := pm.RemoveTarget(proto, tunnelIP, port)
 			if err != nil {
 				logger.Error("Failed to remove target: %v", err)
 				return err
--- a/common_test.go
+++ b/common_test.go
@@ -1,212 +0,0 @@
-package main
-
-import (
-	"net"
-	"testing"
-)
-
-func TestParseTargetString(t *testing.T) {
-	tests := []struct {
-		name           string
-		input          string
-		wantListenPort int
-		wantTargetAddr string
-		wantErr        bool
-	}{
-		// IPv4 test cases
-		{
-			name:           "valid IPv4 basic",
-			input:          "3001:192.168.1.1:80",
-			wantListenPort: 3001,
-			wantTargetAddr: "192.168.1.1:80",
-			wantErr:        false,
-		},
-		{
-			name:           "valid IPv4 localhost",
-			input:          "8080:127.0.0.1:3000",
-			wantListenPort: 8080,
-			wantTargetAddr: "127.0.0.1:3000",
-			wantErr:        false,
-		},
-		{
-			name:           "valid IPv4 same ports",
-			input:          "443:10.0.0.1:443",
-			wantListenPort: 443,
-			wantTargetAddr: "10.0.0.1:443",
-			wantErr:        false,
-		},
-
-		// IPv6 test cases
-		{
-			name:           "valid IPv6 loopback",
-			input:          "3001:[::1]:8080",
-			wantListenPort: 3001,
-			wantTargetAddr: "[::1]:8080",
-			wantErr:        false,
-		},
-		{
-			name:           "valid IPv6 full address",
-			input:          "80:[fd70:1452:b736:4dd5:caca:7db9:c588:f5b3]:8080",
-			wantListenPort: 80,
-			wantTargetAddr: "[fd70:1452:b736:4dd5:caca:7db9:c588:f5b3]:8080",
-			wantErr:        false,
-		},
-		{
-			name:           "valid IPv6 link-local",
-			input:          "443:[fe80::1]:443",
-			wantListenPort: 443,
-			wantTargetAddr: "[fe80::1]:443",
-			wantErr:        false,
-		},
-		{
-			name:           "valid IPv6 all zeros compressed",
-			input:          "8000:[::]:9000",
-			wantListenPort: 8000,
-			wantTargetAddr: "[::]:9000",
-			wantErr:        false,
-		},
-		{
-			name:           "valid IPv6 mixed notation",
-			input:          "5000:[::ffff:192.168.1.1]:6000",
-			wantListenPort: 5000,
-			wantTargetAddr: "[::ffff:192.168.1.1]:6000",
-			wantErr:        false,
-		},
-
-		// Hostname test cases
-		{
-			name:           "valid hostname",
-			input:          "8080:example.com:80",
-			wantListenPort: 8080,
-			wantTargetAddr: "example.com:80",
-			wantErr:        false,
-		},
-		{
-			name:           "valid hostname with subdomain",
-			input:          "443:api.example.com:8443",
-			wantListenPort: 443,
-			wantTargetAddr: "api.example.com:8443",
-			wantErr:        false,
-		},
-		{
-			name:           "valid localhost hostname",
-			input:          "3000:localhost:3000",
-			wantListenPort: 3000,
-			wantTargetAddr: "localhost:3000",
-			wantErr:        false,
-		},
-
-		// Error cases
-		{
-			name:    "invalid - no colons",
-			input:   "invalid",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - empty string",
-			input:   "",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - non-numeric listen port",
-			input:   "abc:192.168.1.1:80",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - missing target port",
-			input:   "3001:192.168.1.1",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - IPv6 without brackets",
-			input:   "3001:fd70:1452:b736:4dd5:caca:7db9:c588:f5b3:80",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - only listen port",
-			input:   "3001:",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - missing host",
-			input:   "3001::80",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - IPv6 unclosed bracket",
-			input:   "3001:[::1:80",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - listen port zero",
-			input:   "0:192.168.1.1:80",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - listen port negative",
-			input:   "-1:192.168.1.1:80",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - listen port out of range",
-			input:   "70000:192.168.1.1:80",
-			wantErr: true,
-		},
-		{
-			name:    "invalid - empty target port",
-			input:   "3001:192.168.1.1:",
-			wantErr: true,
-		},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			listenPort, targetAddr, err := parseTargetString(tt.input)
-
-			if (err != nil) != tt.wantErr {
-				t.Errorf("parseTargetString(%q) error = %v, wantErr %v", tt.input, err, tt.wantErr)
-				return
-			}
-
-			if tt.wantErr {
-				return // Don't check other values if we expected an error
-			}
-
-			if listenPort != tt.wantListenPort {
-				t.Errorf("parseTargetString(%q) listenPort = %d, want %d", tt.input, listenPort, tt.wantListenPort)
-			}
-
-			if targetAddr != tt.wantTargetAddr {
-				t.Errorf("parseTargetString(%q) targetAddr = %q, want %q", tt.input, targetAddr, tt.wantTargetAddr)
-			}
-		})
-	}
-}
-
-// TestParseTargetStringNetDialCompatibility verifies that the output is compatible with net.Dial
-func TestParseTargetStringNetDialCompatibility(t *testing.T) {
-	tests := []struct {
-		name  string
-		input string
-	}{
-		{"IPv4", "8080:127.0.0.1:80"},
-		{"IPv6 loopback", "8080:[::1]:80"},
-		{"IPv6 full", "8080:[2001:db8::1]:80"},
-	}
-
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			_, targetAddr, err := parseTargetString(tt.input)
-			if err != nil {
-				t.Fatalf("parseTargetString(%q) unexpected error: %v", tt.input, err)
-			}
-
-			// Verify the format is valid for net.Dial by checking it can be split back
-			// This doesn't actually dial, just validates the format
-			_, _, err = net.SplitHostPort(targetAddr)
-			if err != nil {
-				t.Errorf("parseTargetString(%q) produced invalid net.Dial format %q: %v", tt.input, targetAddr, err)
-			}
-		})
-	}
-}
--- a/flake.nix
+++ b/flake.nix
@@ -35,7 +35,7 @@
            inherit version;
            src = pkgs.nix-gitignore.gitignoreSource [ ] ./.;

-            vendorHash = "sha256-kmQM8Yy5TuOiNpMpUme/2gfE+vrhUK+0AphN+p71wGs=";
+            vendorHash = "sha256-vy6Dqjek7pLdASbCrM9snq5Dt9lbwNJ0AuQboy1JWNQ=";

            nativeInstallCheckInputs = [ pkgs.versionCheckHook ];

--- a/get-newt.sh
+++ b/get-newt.sh
@@ -1,7 +1,7 @@
-#!/bin/sh
+#!/bin/bash

 # Get Newt - Cross-platform installation script
-# Usage: curl -fsSL https://raw.githubusercontent.com/fosrl/newt/refs/heads/main/get-newt.sh | sh
+# Usage: curl -fsSL https://raw.githubusercontent.com/fosrl/newt/refs/heads/main/get-newt.sh | bash

 set -e

@@ -17,15 +17,15 @@ GITHUB_API_URL="https://api.github.com/repos/${REPO}/releases/latest"

 # Function to print colored output
 print_status() {
-    printf '%b[INFO]%b %s\n' "${GREEN}" "${NC}" "$1"
+    echo -e "${GREEN}[INFO]${NC} $1"
 }

 print_warning() {
-    printf '%b[WARN]%b %s\n' "${YELLOW}" "${NC}" "$1"
+    echo -e "${YELLOW}[WARN]${NC} $1"
 }

 print_error() {
-    printf '%b[ERROR]%b %s\n' "${RED}" "${NC}" "$1"
+    echo -e "${RED}[ERROR]${NC} $1"
 }

 # Function to get latest version from GitHub API
@@ -113,34 +113,16 @@ get_install_dir() {
    if [ "$OS" = "windows" ]; then
        echo "$HOME/bin"
    else
-        # Prefer /usr/local/bin for system-wide installation
-        echo "/usr/local/bin"
-    fi
-}
-
-# Check if we need sudo for installation
-needs_sudo() {
-    local install_dir="$1"
-    if [ -w "$install_dir" ] 2>/dev/null; then
-        return 1  # No sudo needed
-    else
-        return 0  # Sudo needed
-    fi
-}
-
-# Get the appropriate command prefix (sudo or empty)
-get_sudo_cmd() {
-    local install_dir="$1"
-    if needs_sudo "$install_dir"; then
-        if command -v sudo >/dev/null 2>&1; then
-            echo "sudo"
+        # Try to use a directory in PATH, fallback to ~/.local/bin
+        if echo "$PATH" | grep -q "/usr/local/bin"; then
+            if [ -w "/usr/local/bin" ] 2>/dev/null; then
+                echo "/usr/local/bin"
+            else
+                echo "$HOME/.local/bin"
+            fi
        else
-            print_error "Cannot write to ${install_dir} and sudo is not available."
-            print_error "Please run this script as root or install sudo."
-            exit 1
+            echo "$HOME/.local/bin"
        fi
-    else
-        echo ""
    fi
 }

@@ -148,24 +130,21 @@ get_sudo_cmd() {
 install_newt() {
    local platform="$1"
    local install_dir="$2"
-    local sudo_cmd="$3"
    local binary_name="newt_${platform}"
    local exe_suffix=""
-
+    
    # Add .exe suffix for Windows
-    case "$platform" in
-        *windows*)
-            binary_name="${binary_name}.exe"
-            exe_suffix=".exe"
-            ;;
-    esac
-
+    if [[ "$platform" == *"windows"* ]]; then
+        binary_name="${binary_name}.exe"
+        exe_suffix=".exe"
+    fi
+    
    local download_url="${BASE_URL}/${binary_name}"
    local temp_file="/tmp/newt${exe_suffix}"
    local final_path="${install_dir}/newt${exe_suffix}"
-
+    
    print_status "Downloading newt from ${download_url}"
-
+    
    # Download the binary
    if command -v curl >/dev/null 2>&1; then
        curl -fsSL "$download_url" -o "$temp_file"
@@ -175,22 +154,18 @@ install_newt() {
        print_error "Neither curl nor wget is available. Please install one of them."
        exit 1
    fi
-
-    # Make executable before moving
-    chmod +x "$temp_file"
-
+    
    # Create install directory if it doesn't exist
-    if [ -n "$sudo_cmd" ]; then
-        $sudo_cmd mkdir -p "$install_dir"
-        print_status "Using sudo to install to ${install_dir}"
-        $sudo_cmd mv "$temp_file" "$final_path"
-    else
-        mkdir -p "$install_dir"
-        mv "$temp_file" "$final_path"
-    fi
-
+    mkdir -p "$install_dir"
+    
+    # Move binary to install directory
+    mv "$temp_file" "$final_path"
+    
+    # Make executable (not needed on Windows, but doesn't hurt)
+    chmod +x "$final_path"
+    
    print_status "newt installed to ${final_path}"
-
+    
    # Check if install directory is in PATH
    if ! echo "$PATH" | grep -q "$install_dir"; then
        print_warning "Install directory ${install_dir} is not in your PATH."
@@ -204,9 +179,9 @@ verify_installation() {
    local install_dir="$1"
    local exe_suffix=""
    
-    case "$PLATFORM" in
-        *windows*) exe_suffix=".exe" ;;
-    esac
+    if [[ "$PLATFORM" == *"windows"* ]]; then
+        exe_suffix=".exe"
+    fi
    
    local newt_path="${install_dir}/newt${exe_suffix}"
    
@@ -223,36 +198,34 @@ verify_installation() {
 # Main installation process
 main() {
    print_status "Installing latest version of newt..."
-
+    
    # Get latest version
    print_status "Fetching latest version from GitHub..."
    VERSION=$(get_latest_version)
    print_status "Latest version: v${VERSION}"
-
+    
    # Set base URL with the fetched version
    BASE_URL="https://github.com/${REPO}/releases/download/${VERSION}"
-
+    
    # Detect platform
    PLATFORM=$(detect_platform)
    print_status "Detected platform: ${PLATFORM}"
-
+    
    # Get install directory
    INSTALL_DIR=$(get_install_dir)
    print_status "Install directory: ${INSTALL_DIR}"
-
-    # Check if we need sudo
-    SUDO_CMD=$(get_sudo_cmd "$INSTALL_DIR")
-    if [ -n "$SUDO_CMD" ]; then
-        print_status "Root privileges required for installation to ${INSTALL_DIR}"
-    fi
-
+    
    # Install newt
-    install_newt "$PLATFORM" "$INSTALL_DIR" "$SUDO_CMD"
-
+    install_newt "$PLATFORM" "$INSTALL_DIR"
+    
    # Verify installation
    if verify_installation "$INSTALL_DIR"; then
        print_status "newt is ready to use!"
-        print_status "Run 'newt --help' to get started"
+        if [[ "$PLATFORM" == *"windows"* ]]; then
+            print_status "Run 'newt --help' to get started"
+        else
+            print_status "Run 'newt --help' to get started"
+        fi
    else
        exit 1
    fi
Author	SHA1	Message	Date
dependabot[bot]	8f70cf5acf	chore(nix): fix hash for updated go dependencies	2026-03-09 10:29:37 +00:00
dependabot[bot]	ba019c45b3	chore(deps): bump actions/stale from 10.1.1 to 10.2.0 Bumps [actions/stale](https://github.com/actions/stale) from 10.1.1 to 10.2.0. - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](`997185467f...b5d41d4e1d`) --- updated-dependencies: - dependency-name: actions/stale dependency-version: 10.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>	2026-03-09 10:27:46 +00:00
Owen	44ca592a5c	Set newt version in dockerfile	2026-03-08 11:28:56 -07:00
Owen	e1edbcea07	Make sure to set version and fix prepare issue	2026-03-07 12:34:55 -08:00