build(deps): bump github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5

[dependabot]

Bumps github.com/go-ldap/ldap/v3 from 3.4.4 to 3.4.5.

Release notes

Sourced from github.com/go-ldap/ldap/v3's releases.

v3.4.5

What's New

• Add function to escape distinguished names by @​tsschaffert in go-ldap/ldap#393
• Add CLDAP (RFC1798 UDP/Connectionless) support to DialURL by @​dsnt02518 in go-ldap/ldap#397
• Add support for SSPI GSSAPI SASL mechanism bind by @​FlipB in go-ldap/ldap#402
• implement server side sorting controls (rfc2891) by @​m-vinc in go-ldap/ldap#414
• add unmarshalling of generalizedTimestamp and DN by @​vetinari in go-ldap/ldap#434
• feat: enable DirSync control in search operation by @​masato-sso in go-ldap/ldap#436

What's Changed

• chore: Update GitHub Actions dependencies and test matrix by @​cpuschma in go-ldap/ldap#400
• chore: deprecate unnecessary wrapper for DialWithDialer and DialWithTLSConfig by @​cpuschma in go-ldap/ldap#399
• fix: packet referral decoding by @​james-d-elliott in go-ldap/ldap#413
• fix: error and search result handling in SearchWithPaging by @​cpuschma in go-ldap/ldap#417
• Lint/gofmt fixes. by @​dsnt02518 in go-ldap/ldap#418
• Update dependencies by @​johnweldon in go-ldap/ldap#420
• fix: parsedn not handling attributes with equal char in value by @​james-d-elliott in go-ldap/ldap#425
• gofumpt by @​johnweldon in go-ldap/ldap#427
• Fix deadlocks caused by invalid connection state by @​cholland1989 in go-ldap/ldap#432
• fix: return errors upon panics or receiving unexpected responses by @​cpuschma in go-ldap/ldap#433

New Contributors

• @​tsschaffert made their first contribution in go-ldap/ldap#393
• @​dsnt02518 made their first contribution in go-ldap/ldap#397
• @​FlipB made their first contribution in go-ldap/ldap#402
• @​m-vinc made their first contribution in go-ldap/ldap#414
• @​cholland1989 made their first contribution in go-ldap/ldap#432
• @​masato-sso made their first contribution in go-ldap/ldap#436

Full Changelog: go-ldap/ldap@v3.4.4...v3.4.5

Commits

• cdb0754 feat: enable DirSync control in search operation (#436)
• 039466e add unmarshalling of generalizedTimestamp and DN (#434)
• b50d289 fix: return errors upon panics or receiving unexpected responses (#433)
• b0d0dcf Fix deadlocks caused by invalid connection state (#432)
• 83b8f31 gofumpt (#427)
• 6a543b2 Update actions
• 32d292e fix: parsedn not handling attributes with equal char in value (#425)
• 6668c06 Update dependencies (#420)
• b64a808 implement server side sorting controls (rfc2891) (#414)
• a79fb6b Lint/gofmt fixes. (#418)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #321 (dc6111c) into main (6df5e38) will not change coverage.
The diff coverage is n/a.

❗ Your organization is not using the GitHub App Integration. As a result you may experience degraded service beginning May 15th. Please install the Github App Integration for your organization. Read more.

@@           Coverage Diff           @@
##             main     #321   +/-   ##
=======================================
  Coverage   74.80%   74.80%           
=======================================
  Files          23       23           
  Lines        2203     2203           
=======================================
  Hits         1648     1648           
  Misses        437      437           
  Partials      118      118           

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more

[priteshbandi]

LGTM

[Two-Hearts]

LGTM

[JeyJeyGao]

LGTM

[Two-Hearts]

LGTM

[shizhMSFT]

@priteshbandi @JeyJeyGao @Two-Hearts I've read the release notes of v3.4.5. It includes the following change

fix: parsedn not handling attributes with equal char in value by @​james-d-elliott in go-ldap/ldap#425

which is critical to notation-go.

To prevent regression, we need to review the above code change in ldap. I'd like to put this PR on hold until we done the review.

[Two-Hearts]

I did a review on the code, Notation indeed needs to bump up the ldap/v3 version:
Under current version (github.com/go-ldap/ldap/v3 v3.4.4), trust identity x509.subject: CN=alpine, O=Notary=, L=Seattle, ST=WA, C=US won't work, note the intended value of O is Notary=. However, it would be parsed as Notary with empty value (essentially, the second = is taken as a new separator instead of a part of the value), and the error message from Notation is then distinguished name (DN) has no mandatory RDN attribute for "O", it must contain 'C', 'ST', and 'O' RDN attributes at a minimum. Since Notation's spec on Trusted Identities Constraints does not forbid = in the value, this should be a bug for current Notation.
After bumping up to github.com/go-ldap/ldap/v3 v3.4.5, this issue is fixed. /cc: @shizhMSFT @priteshbandi @JeyJeyGao

[JeyJeyGao]

Built Notation cli based on notation-go with ldap v3.4.5 and passed the E2E test cases, so the basic trust identity setting will still work after the bumping up to ldap v3.4.5.

The PR go-ldap/ldap#425 fixs the issue that also relates to notation, so we need to update it.

[shizhMSFT]

LGTM as the ParseDN() has been improved with reviews.

[shizhMSFT]

@dependabot merge