Merge protobuf-go and vtprotobuf and remove reflection dependency

This is a version of protobuf-go that does not use reflection.

Reflection adds weight to the compiled binary and is not supported fully by
tinygo. We can eliminate the requirement on reflect with vtprotobuf, which
generates static code for Marshal and Unmarshal.

tinygo-org/tinygo#2667

This commit merges vtprotobuf and protobuf-go-lite into a single repo.
This allows tightly integrating the protobuf-go compiler and the vtprotobuf
compiler, generating a single .pb.go file instead of multiple files. This also
allows radical simplifications of the protobuf compiler plugin and the generated
vtprotobuf code, eliminating the need for extra wrapper code.

Major changes from upstream:

- Drop all unused code and fix linter warnings.
- Drop pooling
- Add link to protobuf-go-lite
- Drop grpc
- Drop exts
- Drop references to ProtoPkg
- Dropped pool from vtprotobuf
- Dropped MessageSet (deprecated)
- Dropped any (requires reflect)
- Dropped fieldmask (requires reflect)
- Dropped the -wrap option for vtprotobuf
- Allow import paths without slashes in protogen
- Derive Go package name from the proto3 package name
- Derive Go import path from the proto3 adjacency to Go packages
- Generate a String() for enums which does not use reflect

Signed-off-by: Christian Stewart <christian@aperture.us>

.github/renovate.json

@@ -0,0 +1,19 @@
+{
+ "$schema": "https://docs.renovatebot.com/renovate-schema.json",
+ "extends": [
+ ":semanticPrefixFixDepsChoreOthers",
+ ":ignoreModulesAndTests",
+ "group:all",
+ "workarounds:all"
+ ],
+ "forkProcessing": "enabled",
+ "branchConcurrentLimit": 0,
+ "packageRules": [{
+ "matchManagers": ["gomod"],
+ "matchDepTypes": ["replace"],
+ "enabled": false
+ }, {
+ "matchPackageNames": ["github.com/libp2p/go-libp2p"],
+ "allowedVersions": ["^v0.*"]
+ }]
+}

.github/workflows/codeql-analysis.yml

@@ -0,0 +1,55 @@
+name: "CodeQL"
+
+on:
+ push:
+ branches: [ "master" ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ "master" ]
+ schedule:
+ - cron: '41 13 * * 6'
+
+permissions:
+ contents: read
+
+jobs:
+ analyze:
+ name: Analyze
+ runs-on: ubuntu-latest
+ permissions:
+ actions: read
+ contents: read
+ security-events: write
+
+ strategy:
+ fail-fast: false
+ matrix:
+ language: [ 'go' ]
+ go: ['1.22']
+ # CodeQL supports [ 'cpp', 'csharp', 'go', 'java', 'javascript', 'python', 'ruby' ]
+ # Learn more about CodeQL language support at https://aka.ms/codeql-docs/language-support
+
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+ with:
+ egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+
+ - name: Checkout repository
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+
+ - name: Setup Go ${{ matrix.go }}
+ uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+ with:
+ go-version: ${{ matrix.go }}
+
+ - name: Initialize CodeQL
+ uses: github/codeql-action/init@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
+ with:
+ languages: ${{ matrix.language }}
+
+ - name: Autobuild
+ uses: github/codeql-action/autobuild@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10
+
+ - name: Perform CodeQL Analysis
+ uses: github/codeql-action/analyze@4355270be187e1b672a7a1c7c7bae5afdc1ab94a # v3.24.10

.github/workflows/dependency-review.yml

@@ -0,0 +1,25 @@
+# Dependency Review Action
+#
+# This Action will scan dependency manifest files that change as part of a Pull Request, surfacing known-vulnerable versions of the packages declared or updated in the PR. Once installed, if the workflow run is marked as required, PRs introducing known-vulnerable packages will be blocked from merging.
+#
+# Source repository: https://github.com/actions/dependency-review-action
+# Public documentation: https://docs.github.com/en/code-security/supply-chain-security/understanding-your-software-supply-chain/about-dependency-review#dependency-review-enforcement
+name: 'Dependency Review'
+on: [pull_request]
+
+permissions:
+ contents: read
+
+jobs:
+ dependency-review:
+ runs-on: ubuntu-latest
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+ with:
+ egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+
+ - name: 'Checkout Repository'
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ - name: 'Dependency Review'
+ uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v4.2.5

.github/workflows/tests.yml

@@ -0,0 +1,35 @@
+name: Tests
+
+on:
+ push:
+ branches: [ "master" ]
+ pull_request:
+ # The branches below must be a subset of the branches above
+ branches: [ "master" ]
+
+# Builds images for target boards.
+permissions:
+ contents: read
+
+jobs:
+ tests:
+ runs-on: ubuntu-latest
+ strategy:
+ matrix:
+ go: ['1.22']
+ timeout-minutes: 10
+ steps:
+ - name: Harden Runner
+ uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+ with:
+ egress-policy: audit # TODO: change to 'egress-policy: block' after couple of runs
+
+ - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+ - name: Setup Go ${{ matrix.go }}
+ uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+ with:
+ go-version: ${{ matrix.go }}
+ - name: Test Go
+ run: make test
+ - name: Lint Go
+ run: make lint

.gitignore

@@ -2,6 +2,7 @@
 /.gocache/
 /bin/
 /vendor/
+.#*
 
 # This file includes artifacts of the system test that should not be checked in.
 # For files created by specific development environment (e.g. editor),

.golangci.yml

@@ -0,0 +1,69 @@
+linters:
+ enable:
+ - depguard
+ - goimports
+ - gosec
+ - gosimple
+ - govet
+ - importas
+ - ineffassign
+ - misspell
+ - revive
+ - staticcheck
+ - typecheck
+ - unconvert
+ - unused
+
+ disable:
+ - errcheck
+
+ run:
+ concurrency: 4
+ modules-download-mode: vendor
+
+ skip-dirs:
+ - hack
+
+linters-settings:
+ staticcheck:
+ checks:
+ - all
+ - '-SA1012' # Allow passing nil contexts.
+ - '-SA1019' # Allow calling deprecated symbols.
+
+ importas:
+ # Do not allow unaliased imports of aliased packages.
+ no-unaliased: true
+
+ maligned:
+ suggest-new: true
+
+ depguard:
+ rules:
+ main:
+ deny:
+ - pkg: io/ioutil
+ desc: The io/ioutil package has been deprecated, see https://go.dev/doc/go1.16#ioutil
+ - pkg: "github.com/stretchr/testify/assert"
+ desc: Use "gotest.tools/v3/assert" instead
+ - pkg: "github.com/stretchr/testify/require"
+ desc: Use "gotest.tools/v3/assert" instead
+ - pkg: "github.com/stretchr/testify/suite"
+ desc: Do not use
+
+ revive:
+ rules:
+ - name: package-comments
+ disabled: true
+
+issues:
+ # Maximum issues count per one linter. Set to 0 to disable. Default is 50.
+ max-issues-per-linter: 0
+
+ # Maximum count of issues with the same text. Set to 0 to disable. Default is 3.
+ max-same-issues: 0
+
+ exclude:
+ - G601
+ - G306
+ - G204

.ignore

@@ -0,0 +1,4 @@
+# *.pb.go
+go.sum
+testdata
+thirdparty

LICENSE

@@ -1,3 +1,6 @@
+Copyright (c) 2024 Christian Stewart <christian@aperture.us>. All rights reserved.
+Copyright (c) 2021, PlanetScale Inc. All rights reserved.
+Copyright (c) 2013, The GoGo Authors. All rights reserved.
 Copyright (c) 2018 The Go Authors. All rights reserved.
 
 Redistribution and use in source and binary forms, with or without
@@ -24,4 +27,4 @@ LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
 THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
 (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
-OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.