go.mod: update golangci-lint to 1.53.3

9 files changed, 597 insertions, 424 deletions

diff --git a/vendor/github.com/OpenPeeDeeP/depguard/README.md b/vendor/github.com/OpenPeeDeeP/depguard/README.md
deleted file mode 100644
index 07e9f915d..000000000
--- a/vendor/github.com/OpenPeeDeeP/depguard/README.md
+++ /dev/null
@@ -1,111 +0,0 @@
-# Depguard
-
-Go linter that checks package imports are in a list of acceptable packages. It
-can also deny a list of packages and can do prefix or glob matching.
-This allows you to allow imports from a whole organization or only
-allow specific packages within a repository. It is recommended to use prefix
-matching as it is faster than glob matching. The fewer glob matches the better.
-
-> If a pattern is matched by prefix it does not try to match via glob.
-
-## Install
-
-```bash
-go get -u github.com/OpenPeeDeeP/depguard
-```
-
-## Config
-
-By default, Depguard looks for a file named `.depguard.json` in the current
-current working directory. If it is somewhere else, pass in the `-c` flag with
-the location of your configuration file.
-
-The following is an example configuration file.
-
-```json
-{
-  "type": "allowlist",
-  "packages": ["github.com/OpenPeeDeeP/depguard"],
-  "packageErrorMessages": {
-    "github.com/OpenPeeDeeP/depguards": "Please use \"github.com/OpenPeeDeeP/depguard\","
-  },
-  "inTests": ["github.com/stretchr/testify"],
-  "includeGoStdLib": true
-}
-```
-
-- `type` can be either `allowlist` or `denylist`. This check is case insensitive.
-  If not specified the default is `denylist`. The values `whitelist` and `blacklist`
-  are also accepted for backwards compatibility.
-- `packages` is a list of packages for the list type specified.
-- `packageErrorMessages` is a mapping from packages to the error message to display
-- `inTests` is a list of packages allowed/disallowed only in test files.
-- Set `includeGoStdLib` (`includeGoRoot` for backwards compatibility) to true if you want to check the list against standard lib.
-  If not specified the default is false.
-
-### Ignore File Rules
-
-The configuration also allows us to specify rules to ignore certain files considered by the linter. This means that we need not apply package import checks across our entire code base.
-
-For example, consider the following configuration to block a test package:
-```json
-{
-  "type": "denylist",
-  "packages": ["github.com/stretchr/testify"],
-  "inTests": ["github.com/stretchr/testify"]
-}
-```
-
-We can use a `ignoreFileRules` field to write a configuration that only considers test files:
-```json
-{
-  "type": "denylist",
-  "packages": ["github.com/stretchr/testify"],
-  "ignoreFileRules": ["!**/*_test.go"]
-}
-```
-
-Or if we wanted to consider only non-test files:
-```json
-{
-  "type": "denylist",
-  "packages": ["github.com/stretchr/testify"],
-  "ignoreFileRules": ["**/*_test.go"]
-}
-```
-
-Like the `packages` field, the `ignoreFileRules` field can accept both string prefixes and string glob patterns. Note in the first example above, the use of the `!` character in front of the rule. This is a special character which signals that the linter should negate the rule. This allows for more precise control, but it is only available for glob patterns.
-
-## Gometalinter
-
-The binary installation of this linter can be used with
-[Gometalinter](https://github.com/alecthomas/gometalinter).
-
-If you use a configuration file for Gometalinter then the following will need to
-be added to your configuration file.
-
-```json
-{
-  "linters": {
-    "depguard": {
-      "command": "depguard -c path/to/config.json",
-      "pattern": "PATH:LINE:COL:MESSAGE",
-      "installFrom": "github.com/OpenPeeDeeP/depguard",
-      "isFast": true,
-      "partitionStrategy": "packages"
-    }
-  }
-}
-```
-
-If you prefer the command line way the following will work for you as well.
-
-```bash
-gometalinter --linter='depguard:depguard -c path/to/config.json:PATH:LINE:COL:MESSAGE'
-```
-
-## Golangci-lint
-
-This linter was built with
-[Golangci-lint](https://github.com/golangci/golangci-lint) in mind. It is compatible
-and read their docs to see how to implement all their linters, including this one.
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/depguard.go b/vendor/github.com/OpenPeeDeeP/depguard/depguard.go
deleted file mode 100644
index d7011cd9f..000000000
--- a/vendor/github.com/OpenPeeDeeP/depguard/depguard.go
+++ /dev/null
@@ -1,313 +0,0 @@
-package depguard
-
-import (
-	"go/build"
-	"go/token"
-	"io/ioutil"
-	"path"
-	"sort"
-	"strings"
-	"sync"
-
-	"github.com/gobwas/glob"
-	"golang.org/x/tools/go/loader"
-)
-
-// ListType states what kind of list is passed in.
-type ListType int
-
-const (
-	// LTBlacklist states the list given is a blacklist. (default)
-	LTBlacklist ListType = iota
-	// LTWhitelist states the list given is a whitelist.
-	LTWhitelist
-)
-
-// StringToListType makes it easier to turn a string into a ListType.
-// It assumes that the string representation is lower case.
-var StringToListType = map[string]ListType{
-	"allowlist": LTWhitelist,
-	"denylist":  LTBlacklist,
-	"whitelist": LTWhitelist,
-	"blacklist": LTBlacklist,
-}
-
-// Issue with the package with PackageName at the Position.
-type Issue struct {
-	PackageName string
-	Position    token.Position
-}
-
-// Wrapper for glob patterns that allows for custom negation
-type negatableGlob struct {
-	g      glob.Glob
-	negate bool
-}
-
-// Depguard checks imports to make sure they follow the given list and constraints.
-type Depguard struct {
-	ListType      ListType
-	IncludeGoRoot bool
-
-	Packages       []string
-	prefixPackages []string
-	globPackages   []glob.Glob
-
-	TestPackages       []string
-	prefixTestPackages []string
-	globTestPackages   []glob.Glob
-
-	IgnoreFileRules       []string
-	prefixIgnoreFileRules []string
-	globIgnoreFileRules   []negatableGlob
-
-	prefixRoot []string
-
-	isInitialized      bool
-	isInitializedMutex sync.Mutex
-}
-
-// Run checks for dependencies given the program and validates them against
-// Packages.
-func (dg *Depguard) Run(config *loader.Config, prog *loader.Program) ([]*Issue, error) {
-	// Shortcut execution on an empty blacklist as that means every package is allowed
-	if dg.ListType == LTBlacklist && len(dg.Packages) == 0 {
-		return nil, nil
-	}
-
-	if err := dg.initialize(config, prog); err != nil {
-		return nil, err
-	}
-	directImports, err := dg.createImportMap(prog)
-	if err != nil {
-		return nil, err
-	}
-	var issues []*Issue
-	for pkg, positions := range directImports {
-		for _, pos := range positions {
-			if ignoreFile(pos.Filename, dg.prefixIgnoreFileRules, dg.globIgnoreFileRules) {
-				continue
-			}
-
-			prefixList, globList := dg.prefixPackages, dg.globPackages
-			if len(dg.TestPackages) > 0 && strings.Index(pos.Filename, "_test.go") != -1 {
-				prefixList, globList = dg.prefixTestPackages, dg.globTestPackages
-			}
-
-			if dg.flagIt(pkg, prefixList, globList) {
-				issues = append(issues, &Issue{
-					PackageName: pkg,
-					Position:    pos,
-				})
-			}
-		}
-	}
-	return issues, nil
-}
-
-func (dg *Depguard) initialize(config *loader.Config, prog *loader.Program) error {
-	dg.isInitializedMutex.Lock()
-	defer dg.isInitializedMutex.Unlock()
-
-	if dg.isInitialized {
-		return nil
-	}
-
-	// parse ordinary guarded packages
-	for _, pkg := range dg.Packages {
-		if strings.ContainsAny(pkg, "!?*[]{}") {
-			g, err := glob.Compile(pkg, '/')
-			if err != nil {
-				return err
-			}
-			dg.globPackages = append(dg.globPackages, g)
-		} else {
-			dg.prefixPackages = append(dg.prefixPackages, pkg)
-		}
-	}
-
-	// Sort the packages so we can have a faster search in the array
-	sort.Strings(dg.prefixPackages)
-
-	// parse guarded tests packages
-	for _, pkg := range dg.TestPackages {
-		if strings.ContainsAny(pkg, "!?*[]{}") {
-			g, err := glob.Compile(pkg, '/')
-			if err != nil {
-				return err
-			}
-			dg.globTestPackages = append(dg.globTestPackages, g)
-		} else {
-			dg.prefixTestPackages = append(dg.prefixTestPackages, pkg)
-		}
-	}
-
-	// Sort the test packages so we can have a faster search in the array
-	sort.Strings(dg.prefixTestPackages)
-
-	// parse ignore file rules
-	for _, rule := range dg.IgnoreFileRules {
-		if strings.ContainsAny(rule, "!?*[]{}") {
-			ng := negatableGlob{}
-			if strings.HasPrefix(rule, "!") {
-				ng.negate = true
-				rule = rule[1:] // Strip out the leading '!'
-			} else {
-				ng.negate = false
-			}
-
-			g, err := glob.Compile(rule, '/')
-			if err != nil {
-				return err
-			}
-			ng.g = g
-
-			dg.globIgnoreFileRules = append(dg.globIgnoreFileRules, ng)
-		} else {
-			dg.prefixIgnoreFileRules = append(dg.prefixIgnoreFileRules, rule)
-		}
-	}
-
-	// Sort the rules so we can have a faster search in the array
-	sort.Strings(dg.prefixIgnoreFileRules)
-
-	if !dg.IncludeGoRoot {
-		var err error
-		dg.prefixRoot, err = listRootPrefixs(config.Build)
-		if err != nil {
-			return err
-		}
-	}
-
-	dg.isInitialized = true
-	return nil
-}
-
-func (dg *Depguard) createImportMap(prog *loader.Program) (map[string][]token.Position, error) {
-	importMap := make(map[string][]token.Position)
-	// For the directly imported packages
-	for _, imported := range prog.InitialPackages() {
-		// Go through their files
-		for _, file := range imported.Files {
-			// And populate a map of all direct imports and their positions
-			// This will filter out GoRoot depending on the Depguard.IncludeGoRoot
-			for _, fileImport := range file.Imports {
-				fileImportPath := cleanBasicLitString(fileImport.Path.Value)
-				if !dg.IncludeGoRoot && dg.isRoot(fileImportPath) {
-					continue
-				}
-				position := prog.Fset.Position(fileImport.Pos())
-				positions, found := importMap[fileImportPath]
-				if !found {
-					importMap[fileImportPath] = []token.Position{
-						position,
-					}
-					continue
-				}
-				importMap[fileImportPath] = append(positions, position)
-			}
-		}
-	}
-	return importMap, nil
-}
-
-func ignoreFile(filename string, prefixList []string, negatableGlobList []negatableGlob) bool {
-	if strInPrefixList(filename, prefixList) {
-		return true
-	}
-	return strInNegatableGlobList(filename, negatableGlobList)
-}
-
-func pkgInList(pkg string, prefixList []string, globList []glob.Glob) bool {
-	if strInPrefixList(pkg, prefixList) {
-		return true
-	}
-	return strInGlobList(pkg, globList)
-}
-
-func strInPrefixList(str string, prefixList []string) bool {
-	// Idx represents where in the prefix slice the passed in string would go
-	// when sorted. -1 Just means that it would be at the very front of the slice.
-	idx := sort.Search(len(prefixList), func(i int) bool {
-		return prefixList[i] > str
-	}) - 1
-	// This means that the string passed in has no way to be prefixed by anything
-	// in the prefix list as it is already smaller then everything
-	if idx == -1 {
-		return false
-	}
-	return strings.HasPrefix(str, prefixList[idx])
-}
-
-func strInGlobList(str string, globList []glob.Glob) bool {
-	for _, g := range globList {
-		if g.Match(str) {
-			return true
-		}
-	}
-	return false
-}
-
-func strInNegatableGlobList(str string, negatableGlobList []negatableGlob) bool {
-	for _, ng := range negatableGlobList {
-		// Return true when:
-		//  - Match is true and negate is off
-		//  - Match is false and negate is on
-		if ng.g.Match(str) != ng.negate {
-			return true
-		}
-	}
-	return false
-}
-
-// InList | WhiteList | BlackList
-//   y   |           |     x
-//   n   |     x     |
-func (dg *Depguard) flagIt(pkg string, prefixList []string, globList []glob.Glob) bool {
-	return pkgInList(pkg, prefixList, globList) == (dg.ListType == LTBlacklist)
-}
-
-func cleanBasicLitString(value string) string {
-	return strings.Trim(value, "\"\\")
-}
-
-// We can do this as all imports that are not root are either prefixed with a domain
-// or prefixed with `./` or `/` to dictate it is a local file reference
-func listRootPrefixs(buildCtx *build.Context) ([]string, error) {
-	if buildCtx == nil {
-		buildCtx = &build.Default
-	}
-	root := path.Join(buildCtx.GOROOT, "src")
-	fs, err := ioutil.ReadDir(root)
-	if err != nil {
-		return nil, err
-	}
-	var pkgPrefix []string
-	for _, f := range fs {
-		if !f.IsDir() {
-			continue
-		}
-		pkgPrefix = append(pkgPrefix, f.Name())
-	}
-	return pkgPrefix, nil
-}
-
-func (dg *Depguard) isRoot(importPath string) bool {
-	// Idx represents where in the package slice the passed in package would go
-	// when sorted. -1 Just means that it would be at the very front of the slice.
-	idx := sort.Search(len(dg.prefixRoot), func(i int) bool {
-		return dg.prefixRoot[i] > importPath
-	}) - 1
-	// This means that the package passed in has no way to be prefixed by anything
-	// in the package list as it is already smaller then everything
-	if idx == -1 {
-		return false
-	}
-	// if it is prefixed by a root prefix we need to check if it is an exact match
-	// or prefix with `/` as this could return false posative if the domain was
-	// `archive.com` for example as `archive` is a go root package.
-	if strings.HasPrefix(importPath, dg.prefixRoot[idx]) {
-		return strings.HasPrefix(importPath, dg.prefixRoot[idx]+"/") || importPath == dg.prefixRoot[idx]
-	}
-	return false
-}
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/.gitignore b/vendor/github.com/OpenPeeDeeP/depguard/v2/.gitignore
index 97cca67c6..97cca67c6 100644
--- a/vendor/github.com/OpenPeeDeeP/depguard/.gitignore
+++ b/vendor/github.com/OpenPeeDeeP/depguard/v2/.gitignore
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/LICENSE b/vendor/github.com/OpenPeeDeeP/depguard/v2/LICENSE
index 94a9ed024..94a9ed024 100644
--- a/vendor/github.com/OpenPeeDeeP/depguard/LICENSE
+++ b/vendor/github.com/OpenPeeDeeP/depguard/v2/LICENSE
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/v2/README.md b/vendor/github.com/OpenPeeDeeP/depguard/v2/README.md
new file mode 100644
index 000000000..3de3f6317
--- /dev/null
+++ b/vendor/github.com/OpenPeeDeeP/depguard/v2/README.md
@@ -0,0 +1,146 @@
+# Depguard
+
+A Go linter that checks package imports are in a list of acceptable packages.
+This allows you to allow imports from a whole organization or only
+allow specific packages within a repository. 
+
+## Install
+
+```bash
+go get github.com/OpenPeeDeeP/depguard/v2
+```
+
+## Config
+
+The Depguard binary looks for a file named `^\.?depguard\.(yaml|yml|json|toml)$` in the current
+current working directory. Examples include (`.depguard.yml` or `depguard.toml`).
+
+The following is an example configuration file.
+
+```json
+{
+  "main": {
+    "files": [
+      "$all",
+      "!$test"
+    ],
+    "allow": [
+      "$gostd",
+      "github.com/OpenPeeDeeP"
+    ],
+    "deny": {
+      "reflect": "Who needs reflection",
+    }
+  },
+  "tests": {
+    "files": [
+      "$test"
+    ],
+    "deny": {
+      "github.com/stretchr/testify": "Please use standard library for tests"
+    }
+  }
+}
+```
+
+- The top level is a map of lists. The key of the map is a name that shows up in 
+the linter's output.
+- `files` - list of file globs that will match this list of settings to compare against
+- `allow` - list of allowed packages
+- `deny` - map of packages that are not allowed where the value is a suggestion
+
+Files are matched using [Globs](https://github.com/gobwas/glob). If the files 
+list is empty, then all files will match that list. Prefixing a file
+with an exclamation mark `!` will put that glob in a "don't match" list. A file
+will match a list if it is allowed and not denied.
+
+> Should always prefix a file glob with `**/` as files are matched against absolute paths.
+
+Allow is a prefix of packages to allow. A dollar sign `$` can be used at the end
+of a package to specify it must be exact match only.
+
+Deny is a map where the key is a prefix of the package to deny, and the value
+is a suggestion on what to use instead. A dollar sign `$` can be used at the end
+of a package to specify it must be exact match only.
+
+A Prefix List just means that a package will match a value, if the value is a 
+prefix of the package. Example `github.com/OpenPeeDeeP/depguard` package will match
+a value of `github.com/OpenPeeDeeP` but won't match `github.com/OpenPeeDeeP/depguard/v2`.
+
+### Variables
+
+There are variable replacements for each type of list (file or package). This is
+to reduce repetition and tedious behaviors.
+
+#### File Variables
+
+> you can still use and exclamation mark `!` in front of a variable to say not to 
+use it. Example `!$test` will match any file that is not a go test file.
+
+- `$all` - matches all go files
+- `$test` - matches all go test files
+
+#### Package Variables
+
+- `$gostd` - matches all of go's standard library (Pulled from GOROOT)
+
+### Example Configs
+
+Below:
+
+- non-test go files will match `Main` and test go files will match `Test`.
+- both allow all of go standard library except for the `reflect` package which will
+tell the user "Please don't use reflect package".
+- go test files are also allowed to use https://github.com/stretchr/testify package
+and any sub-package of it.
+
+```yaml
+Main:
+  files:
+  - $all
+  - "!$test"
+  allow:
+  - $gostd
+  deny:
+    reflect: Please don't use reflect package
+Test:
+  files:
+  - $test
+  allow:
+  - $gostd
+  - github.com/stretchr/testify
+  deny:
+    reflect: Please don't use reflect package
+```
+
+Below:
+
+- All go files will match `Main`
+- Go files in internal will match both `Main` and `Internal`
+
+```yaml
+Main:
+  files:
+  - $all
+Internal:
+  files:
+  - "**/internal/**/*.go"
+```
+
+Below:
+
+- All packages are allowed except for `github.com/OpenPeeDeeP/depguard`. Though
+`github.com/OpenPeeDeeP/depguard/v2` and `github.com/OpenPeeDeeP/depguard/somepackage`
+would be allowed.
+
+```yaml
+Main:
+  deny:
+  - github.com/OpenPeeDeeP/depguard$
+```
+
+## Golangci-lint
+
+This linter was built with
+[Golangci-lint](https://github.com/golangci/golangci-lint) in mind. It is compatible
+and read their docs to see how to implement all their linters, including this one.
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/v2/depguard.go b/vendor/github.com/OpenPeeDeeP/depguard/v2/depguard.go
new file mode 100644
index 000000000..2729091e8
--- /dev/null
+++ b/vendor/github.com/OpenPeeDeeP/depguard/v2/depguard.go
@@ -0,0 +1,95 @@
+package depguard
+
+import (
+	"fmt"
+	"go/ast"
+	"path/filepath"
+	"strings"
+
+	"golang.org/x/tools/go/analysis"
+)
+
+// NewAnalyzer creates a new analyzer from the settings passed in.
+// This can fail if the passed in LinterSettings does not compile.
+// Use NewUncompiledAnalyzer if you need control when the compile happens.
+func NewAnalyzer(settings *LinterSettings) (*analysis.Analyzer, error) {
+	s, err := settings.compile()
+	if err != nil {
+		return nil, err
+	}
+	analyzer := newAnalyzer(s.run)
+	return analyzer, nil
+}
+
+type UncompiledAnalyzer struct {
+	Analyzer *analysis.Analyzer
+	settings *LinterSettings
+}
+
+// NewUncompiledAnalyzer creates a new analyzer from the settings passed in.
+// This can never error unlike NewAnalyzer.
+// It is advised to call the Compile method on the returned Analyzer before running.
+func NewUncompiledAnalyzer(settings *LinterSettings) *UncompiledAnalyzer {
+	return &UncompiledAnalyzer{
+		Analyzer: newAnalyzer(settings.run),
+		settings: settings,
+	}
+}
+
+// Compile the settings ahead of time so each subsuquent run of the analyzer doesn't
+// need to do this work.
+func (ua *UncompiledAnalyzer) Compile() error {
+	s, err := ua.settings.compile()
+	if err != nil {
+		return err
+	}
+	ua.Analyzer.Run = s.run
+	return nil
+}
+
+func (settings LinterSettings) run(pass *analysis.Pass) (interface{}, error) {
+	s, err := settings.compile()
+	if err != nil {
+		return nil, err
+	}
+	return s.run(pass)
+}
+
+func newAnalyzer(run func(*analysis.Pass) (interface{}, error)) *analysis.Analyzer {
+	return &analysis.Analyzer{
+		Name:             "depguard",
+		Doc:              "Go linter that checks if package imports are in a list of acceptable packages",
+		URL:              "https://github.com/OpenPeeDeeP/depguard",
+		Run:              run,
+		RunDespiteErrors: false,
+	}
+}
+
+func (s linterSettings) run(pass *analysis.Pass) (interface{}, error) {
+	for _, file := range pass.Files {
+		// For Windows need to replace separator with '/'
+		fileName := filepath.ToSlash(pass.Fset.Position(file.Pos()).Filename)
+		lists := s.whichLists(fileName)
+		for _, imp := range file.Imports {
+			for _, l := range lists {
+				if allowed, sugg := l.importAllowed(rawBasicLit(imp.Path)); !allowed {
+					diag := analysis.Diagnostic{
+						Pos:     imp.Pos(),
+						End:     imp.End(),
+						Message: fmt.Sprintf("import '%s' is not allowed from list '%s'", rawBasicLit(imp.Path), l.name),
+					}
+					if sugg != "" {
+						diag.Message = fmt.Sprintf("%s: %s", diag.Message, sugg)
+						diag.SuggestedFixes = append(diag.SuggestedFixes, analysis.SuggestedFix{Message: sugg})
+					}
+					pass.Report(diag)
+				}
+			}
+		}
+	}
+	return nil, nil
+}
+
+func rawBasicLit(lit *ast.BasicLit) string {
+	return strings.Trim(lit.Value, "\"")
+}
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/v2/internal/utils/errors.go b/vendor/github.com/OpenPeeDeeP/depguard/v2/internal/utils/errors.go
new file mode 100644
index 000000000..65325f612
--- /dev/null
+++ b/vendor/github.com/OpenPeeDeeP/depguard/v2/internal/utils/errors.go
@@ -0,0 +1,18 @@
+package utils
+
+import (
+	"strings"
+)
+
+type MultiError []error
+
+func (me MultiError) Error() string {
+	b := strings.Builder{}
+	for i, e := range me {
+		b.WriteString(e.Error())
+		if i < len(me)-1 {
+			b.WriteByte('\n')
+		}
+	}
+	return b.String()
+}
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/v2/internal/utils/variables.go b/vendor/github.com/OpenPeeDeeP/depguard/v2/internal/utils/variables.go
new file mode 100644
index 000000000..3363bd840
--- /dev/null
+++ b/vendor/github.com/OpenPeeDeeP/depguard/v2/internal/utils/variables.go
@@ -0,0 +1,131 @@
+package utils
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"path"
+	"path/filepath"
+	"runtime"
+	"strings"
+)
+
+type Expander interface {
+	Expand() ([]string, error)
+}
+
+type ExpanderMap map[string]Expander
+
+var (
+	PathExpandable = ExpanderMap{
+		"$all":  &allExpander{},
+		"$test": &testExpander{},
+	}
+	PackageExpandable = ExpanderMap{
+		"$gostd": &gostdExpander{},
+	}
+)
+
+type allExpander struct{}
+
+func (*allExpander) Expand() ([]string, error) {
+	return []string{"**/*.go"}, nil
+}
+
+type testExpander struct{}
+
+func (*testExpander) Expand() ([]string, error) {
+	return []string{"**/*_test.go"}, nil
+}
+
+type gostdExpander struct {
+	cache []string
+}
+
+// We can do this as all imports that are not root are either prefixed with a domain
+// or prefixed with `./` or `/` to dictate it is a local file reference
+func (e *gostdExpander) Expand() ([]string, error) {
+	if len(e.cache) != 0 {
+		return e.cache, nil
+	}
+	root := path.Join(findGOROOT(), "src")
+	fs, err := os.ReadDir(root)
+	if err != nil {
+		return nil, fmt.Errorf("could not read GOROOT directory: %w", err)
+	}
+	var pkgPrefix []string
+	for _, f := range fs {
+		if !f.IsDir() {
+			continue
+		}
+		pkgPrefix = append(pkgPrefix, f.Name())
+	}
+	e.cache = pkgPrefix
+	return pkgPrefix, nil
+}
+
+func findGOROOT() string {
+	// code borrowed from https://github.com/golang/tools/blob/86c93e8732cce300d0270bce23117456ce92bb17/cmd/godoc/goroot.go#L15-L30
+	if env := os.Getenv("GOROOT"); env != "" {
+		return filepath.Clean(env)
+	}
+	def := filepath.Clean(runtime.GOROOT())
+	if runtime.Compiler == "gccgo" {
+		// gccgo has no real GOROOT, and it certainly doesn't
+		// depend on the executable's location.
+		return def
+	}
+	out, err := exec.Command("go", "env", "GOROOT").Output()
+	if err != nil {
+		return def
+	}
+	return strings.TrimSpace(string(out))
+}
+
+func ExpandSlice(sl []string, exp ExpanderMap) ([]string, error) {
+	for i, s := range sl {
+		f, found := exp[s]
+		if !found {
+			continue
+		}
+		e, err := f.Expand()
+		if err != nil {
+			return nil, fmt.Errorf("couldn't expand %s: %w", s, err)
+		}
+		sl = insertSlice(sl, i, e...)
+	}
+	return sl, nil
+}
+
+func ExpandMap(m map[string]string, exp ExpanderMap) error {
+	for k, v := range m {
+		f, found := exp[k]
+		if !found {
+			continue
+		}
+		e, err := f.Expand()
+		if err != nil {
+			return fmt.Errorf("couldn't expand %s: %w", k, err)
+		}
+		for _, ex := range e {
+			m[ex] = v
+		}
+		delete(m, k)
+	}
+	return nil
+}
+
+func insertSlice(a []string, k int, b ...string) []string {
+	n := len(a) + len(b) - 1
+	if n <= cap(a) {
+		a2 := a[:n]
+		copy(a2[k+len(b):], a[k+1:])
+		copy(a2[k:], b)
+		return a2
+	}
+	a2 := make([]string, n)
+	copy(a2, a[:k])
+	copy(a2[k:], b)
+	copy(a2[k+len(b):], a[k+1:])
+	return a2
+}
diff --git a/vendor/github.com/OpenPeeDeeP/depguard/v2/settings.go b/vendor/github.com/OpenPeeDeeP/depguard/v2/settings.go
new file mode 100644
index 000000000..440f32985
--- /dev/null
+++ b/vendor/github.com/OpenPeeDeeP/depguard/v2/settings.go
@@ -0,0 +1,207 @@
+package depguard
+
+import (
+	"errors"
+	"fmt"
+	"sort"
+	"strings"
+
+	"github.com/OpenPeeDeeP/depguard/v2/internal/utils"
+	"github.com/gobwas/glob"
+)
+
+type List struct {
+	Files []string          `json:"files" yaml:"files" toml:"files" mapstructure:"files"`
+	Allow []string          `json:"allow" yaml:"allow" toml:"allow" mapstructure:"allow"`
+	Deny  map[string]string `json:"deny" yaml:"deny" toml:"deny" mapstructure:"deny"`
+}
+
+type list struct {
+	name        string
+	files       []glob.Glob
+	negFiles    []glob.Glob
+	allow       []string
+	deny        []string
+	suggestions []string
+}
+
+func (l *List) compile() (*list, error) {
+	if l == nil {
+		return nil, nil
+	}
+	li := &list{}
+	var errs utils.MultiError
+	var err error
+
+	// Compile Files
+	for _, f := range l.Files {
+		var negate bool
+		if len(f) > 0 && f[0] == '!' {
+			negate = true
+			f = f[1:]
+		}
+		// Expand File if needed
+		fs, err := utils.ExpandSlice([]string{f}, utils.PathExpandable)
+		if err != nil {
+			errs = append(errs, err)
+		}
+		for _, exp := range fs {
+			g, err := glob.Compile(exp, '/')
+			if err != nil {
+				errs = append(errs, fmt.Errorf("%s could not be compiled: %w", exp, err))
+				continue
+			}
+			if negate {
+				li.negFiles = append(li.negFiles, g)
+				continue
+			}
+			li.files = append(li.files, g)
+		}
+	}
+
+	if len(l.Allow) > 0 {
+		// Expand Allow
+		l.Allow, err = utils.ExpandSlice(l.Allow, utils.PackageExpandable)
+		if err != nil {
+			errs = append(errs, err)
+		}
+
+		// Sort Allow
+		li.allow = make([]string, len(l.Allow))
+		copy(li.allow, l.Allow)
+		sort.Strings(li.allow)
+	}
+
+	if l.Deny != nil {
+		// Expand Deny Map (to keep suggestions)
+		err = utils.ExpandMap(l.Deny, utils.PackageExpandable)
+		if err != nil {
+			errs = append(errs, err)
+		}
+
+		// Split Deny Into Package Slice
+		li.deny = make([]string, 0, len(l.Deny))
+		for pkg := range l.Deny {
+			li.deny = append(li.deny, pkg)
+		}
+
+		// Sort Deny
+		sort.Strings(li.deny)
+
+		// Populate Suggestions to match the Deny order
+		li.suggestions = make([]string, 0, len(li.deny))
+		for _, dp := range li.deny {
+			li.suggestions = append(li.suggestions, strings.TrimSpace(l.Deny[dp]))
+		}
+	}
+
+	// Populate the type of this list
+	if len(li.allow) == 0 && len(li.deny) == 0 {
+		errs = append(errs, errors.New("must have an Allow and/or Deny package list"))
+	}
+
+	if len(errs) > 0 {
+		return nil, errs
+	}
+	return li, nil
+}
+
+func (l *list) fileMatch(fileName string) bool {
+	inAllowed := len(l.files) == 0 || strInGlobList(fileName, l.files)
+	inDenied := strInGlobList(fileName, l.negFiles)
+	return inAllowed && !inDenied
+}
+
+func (l *list) importAllowed(imp string) (bool, string) {
+	inAllowed := len(l.allow) == 0
+	if !inAllowed {
+		inAllowed, _ = strInPrefixList(imp, l.allow)
+	}
+	inDenied, suggIdx := strInPrefixList(imp, l.deny)
+	sugg := ""
+	if inDenied && suggIdx != -1 {
+		sugg = l.suggestions[suggIdx]
+	}
+	return inAllowed && !inDenied, sugg
+}
+
+type LinterSettings map[string]*List
+
+type linterSettings []*list
+
+func (l LinterSettings) compile() (linterSettings, error) {
+	if len(l) == 0 {
+		// Only allow $gostd in all files
+		set := &List{
+			Files: []string{"$all"},
+			Allow: []string{"$gostd"},
+		}
+		li, err := set.compile()
+		if err != nil {
+			return nil, err
+		}
+		li.name = "Main"
+		return linterSettings{li}, nil
+	}
+	names := make([]string, 0, len(l))
+	for name := range l {
+		names = append(names, name)
+	}
+	sort.Strings(names)
+	li := make(linterSettings, 0, len(l))
+	var errs utils.MultiError
+	for _, name := range names {
+		c, err := l[name].compile()
+		if err != nil {
+			errs = append(errs, err)
+			continue
+		}
+		if c == nil {
+			continue
+		}
+		c.name = name
+		li = append(li, c)
+	}
+	if len(errs) > 0 {
+		return nil, errs
+	}
+
+	return li, nil
+}
+
+func (ls linterSettings) whichLists(fileName string) []*list {
+	var matches []*list
+	for _, l := range ls {
+		if l.fileMatch(fileName) {
+			matches = append(matches, l)
+		}
+	}
+	return matches
+}
+
+func strInGlobList(str string, globList []glob.Glob) bool {
+	for _, g := range globList {
+		if g.Match(str) {
+			return true
+		}
+	}
+	return false
+}
+
+func strInPrefixList(str string, prefixList []string) (bool, int) {
+	// Idx represents where in the prefix slice the passed in string would go
+	// when sorted. -1 Just means that it would be at the very front of the slice.
+	idx := sort.Search(len(prefixList), func(i int) bool {
+		return strings.TrimRight(prefixList[i], "$") > str
+	}) - 1
+	// This means that the string passed in has no way to be prefixed by anything
+	// in the prefix list as it is already smaller then everything
+	if idx == -1 {
+		return false, idx
+	}
+	ioc := prefixList[idx]
+	if ioc[len(ioc)-1] == '$' {
+		return str == ioc[:len(ioc)-1], idx
+	}
+	return strings.HasPrefix(str, prefixList[idx]), idx
+}