All other ranges and slicing uses exclusive end so i think it make sense
to make it consistent.
Update docs and add additional example for non-byte-aligned field.
Also fixes issue showing zero bit ranges as start-NA.
For fromjson and other "value" decode values fq make then behave both like
a normal jq value and decode value. This is to make tobytes, format etc work.
Before all _* would be treated as special keys. Now they are first looked up in
the wrapped value and then as decode values.
Also now ._key that don't exist reutrn null instead of throw error.
$ fq -n '`{"_format": 123}` | fromjson | ._format'
Now:
123
Before:
"json"
$ fq -n '`{}` | fromjson | ._missing'
Now:
null
Before
error
Remove -0 short arg, now it means the expression "-0".
This is to be in sync with jq 1.7 https://github.com/jqlang/jq/pull/2684
Correct and clarify that NUL and new lines are outputted after and not between each output.
Still missing is to abort on output containing zero when using --raw-output0
Changes from upstream:
8fcc90e implement abs function
cbbd4bb fix default module paths assuming gojq is located in a bin directory
45d4c5b change behavior of walk with multiple outputs
846cf99 fix stderr to output strings in raw format
c352d50 change zero division to produce an error when dividend is zero
d579009 fix empty string repeating with the maximum integer
d4de65c fix string multiplication by zero to emit empty string
04b48fd remove deprecated leaf_paths function
c882861 bump up version to 0.12.13
c310d5d update CHANGELOG.md for v0.12.13
8fb5cc3 update dependencies
fb00b66 improve error message of indices, setpath, delpaths functions
From upstream:
e940c43 update GitHub action dependencies
2d97ddb update jq links to the new jqlang organization
2a6cb00 improve error message of various functions
5e26bef add a note on differences of supported functions missing in jq
96c4843 fix functions returning arrays not to emit nil slices
4a681c8 improve .dockerignore
850177b Merge pull request #213 from movableink/uri-decode
dbba5e7 add urid to decode URI values, mirroring uri
As decoder now can know they are decoding as part of probing we can now
use some heuristics to see if we should decode as html.
The reason heuristics is needed is that x/html parser will alwaus succeed.
Add lazyre package to help delay compile of RE and make it concurrency safe.
I think this is closer to what one would expect.
With this fq -d bytes 'scan("...")' will match as a binary and also return binaries,
before as raw decode value one would have to use tobytes to get the binary.
So raw binay is only outputted if stdout is not a terminal and "... | d" is not used..
fq -n '[1,2,3] | tobytes' | cat > binary
fq -n '[1,2,3] | tobytes | d' | cat > hexdump
Skips gap fields in struct and arrays.
Gaps fields are bit ranges that a decoder did not add any fields for.
Note that skipping gaps in arrays will affect indexes.
Now ex "tovalue | .some.thing" on a decode value will make some.thing be jq value
instead of a decode value which woud be displayed as a decode treee, seems confusing.
I think this is more intuetive and make more sense.
Replaces []Format with a Group type.
A bit more type safe.
Breaking change for RegisterFormat, now takes a first argument that is a "single" format group.
Lots of naming cleanup.
This is also preparation for decode group argument which will enable doing intresting
probing, ex a format decoder could know it's decode as part of probe group (html could
be probed possibly), or have "arg probe" group for decoder who inspect args to know
if they should probe (-d /path/to/schema etc) to enable nice CLI-ergonomics.
Before it failed when passing a decode value, like an integer, string etc, as a object value
to an internal function (written in go), ex some_function({name: <decode value>}).
A future improvement could be to allow an internal function to say that it wants a "raw"
decode value etc and not one converted to primitive type.
This preserves the callstack on non-recoverable panics so that using
a debugger and fuzzing is much easier.
Add vscode debug config.
Remove fuzz stacktrace log workaround.
readline Config was used to pass completer function per readline call,
was changed in #612 and caused regression. Now use our own member in
stdOS to pass it instead.
Add a test but test script completer is implemented differently.
What it can do:
- Decodes records and most standard messages and extensions.
- Decryptes records and reassemples application data stream if a keylog is provided
and the cipher suite is supported.
- Supports most recommended and used ciphers and a bunch of older ones.
What it can't do:
- SSL v3 maybe supported, is similar to TLS 1.0, not tested.
- Decryption and renegotiation/cipher change.
- Record defragmentation not supported, seems rare over TCP.
- TLS 1.3
- SSL v2 but v2 compat header is supported.
- Some key exchange messages not decoded yet
Decryption code is heavly based on golang crypto/tls and zmap/zcrypto.
Will be base for decoding http2 and other TLS based on protocols.
Fixes#587
This will allow passing both cli options and format options to sub decoder.
Ex: pass keylog option to a tls decoder when decoding a pcap.
Ex: pass decode options to a format inside a http body inside a pcap.
Add ArgAs method to lookup argument based on type. This also makes the format
decode function have same signature as sub decoders in the decode API.
This change decode.Format a bit:
DecodeFn is now just func(d *D) any
DecodeInArg renamed to DefaultInArg
Feels less cluttered, easier to read and more consistent.
Still keep tovalue, tobytes etc that are more basic functions this
only renamed format related functions.
Also there is an exceptin for to/fromjson as it comes from jq.
Also fixes lots of spelling errors while reading thru.
