Bump flake.nix version to match latest tag

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

ARCHITECTURE.md

@@ -1377,7 +1377,7 @@ Error types exposed by every library:
 
 #### Go (`clients/go/`)
 
-- Module: `git.wntrmute.dev/kyle/mcias/clients/go`
+- Module: `git.wntrmute.dev/mc/mcias/clients/go`
 - Package: `mciasgoclient`
 - HTTP: `net/http` with custom `*tls.Config` for CA cert
 - Token state: guarded by `sync.RWMutex`

INTEGRATION.md

@@ -381,7 +381,7 @@ expose the same API surface:
 
 | Language | Location | Install |
 |----------|----------|---------|
-| Go | `clients/go/` | `go get git.wntrmute.dev/kyle/mcias/clients/go` |
+| Go | `clients/go/` | `go get git.wntrmute.dev/mc/mcias/clients/go` |
 | Python | `clients/python/` | `pip install ./clients/python` |
 | Rust | `clients/rust/` | `cargo add mcias-client` |
 | Common Lisp | `clients/lisp/` | ASDF `mcias-client` |
@@ -389,7 +389,7 @@ expose the same API surface:
 ### Go
 
 ```go
-import mcias "git.wntrmute.dev/kyle/mcias/clients/go"
+import mcias "git.wntrmute.dev/mc/mcias/clients/go"
 
 c, err := mcias.New("https://auth.example.com:8443", "/etc/mcias/server.crt", "")
 if err != nil { ... }

Makefile

@@ -19,7 +19,7 @@
 # ---------------------------------------------------------------------------
 # Variables
 # ---------------------------------------------------------------------------
-MODULE     := git.wntrmute.dev/kyle/mcias
+MODULE     := git.wntrmute.dev/mc/mcias
 BINARIES   := mciassrv mciasctl mciasdb mciasgrpcctl
 BIN_DIR    := bin
 MAN_DIR    := man/man1

PROJECT_PLAN.md

@@ -21,7 +21,7 @@ features implemented beyond the original plan scope.
 
 ### Step 0.1: Go module and dependency setup
 **Acceptance criteria:**
-- `go.mod` exists with module path `git.wntrmute.dev/kyle/mcias`
+- `go.mod` exists with module path `git.wntrmute.dev/mc/mcias`
 - Required dependencies declared: `modernc.org/sqlite` (CGo-free SQLite),
   `golang.org/x/crypto` (Argon2, Ed25519 helpers), `github.com/golang-jwt/jwt/v5`,
   `github.com/pelletier/go-toml/v2`, `github.com/google/uuid`,
@@ -543,7 +543,7 @@ implementation notes.
 
 ### Step 9.2: Go client library
 **Acceptance criteria:**
-- `clients/go/` — Go module `git.wntrmute.dev/kyle/mcias/clients/go`
+- `clients/go/` — Go module `git.wntrmute.dev/mc/mcias/clients/go`
 - Package `mciasgoclient` exposes the canonical API surface from Step 9.1
 - Uses `net/http` with `crypto/tls`; custom CA cert supported via `x509.CertPool`
 - Token stored in-memory; `Client.Token()` accessor returns current token

README.md

@@ -17,7 +17,7 @@ See [ARCHITECTURE.md](ARCHITECTURE.md) for the technical design and
 **Prerequisites:** Go 1.26+, a C compiler (required by modernc.org/sqlite).
 
 ```sh
-git clone https://git.wntrmute.dev/kyle/mcias
+git clone https://git.wntrmute.dev/mc/mcias
 cd mcias
 make build        # produces bin/mciassrv, other binaries
 sudo make install

RUNBOOK.md

@@ -461,6 +461,19 @@ See `dist/mcias.conf.docker.example` for the full annotated Docker config.
 
 ---
 
+## MCP Deployment
+
+MCIAS is **not** managed by MCP and does not run on rift. Because MCIAS is the
+authentication root for the entire platform — including MCP itself — running it
+under MCP would create a circular dependency. Instead, MCIAS runs as a systemd
+service on a separate VPS (`svc.metacircular.net`).
+
+All deployment, upgrades, and operational tasks use systemd directly on the VPS.
+See the [Installation](#installation), [Routine Operations](#routine-operations),
+and [Upgrading](#upgrading) sections above for the relevant procedures.
+
+---
+
 ## Troubleshooting
 
 ### Server fails to start: "open database"

clients/README.md

@@ -29,7 +29,7 @@ set_pg_creds(account_id, host, port, database, username, password) → void
 | `MciasConflictError` | 409 | Conflict (e.g. duplicate username) |
 | `MciasServerError` | 5xx | Unexpected server error |
 `testdata/` contains canonical JSON response fixtures shared across language tests.
-- `go/` — Go module `git.wntrmute.dev/kyle/mcias/clients/go`
+- `go/` — Go module `git.wntrmute.dev/mc/mcias/clients/go`
 - `rust/` — Rust crate `mcias-client`
 - `lisp/` — ASDF system `mcias-client`
 - `python/` — Python package `mcias_client`

clients/go/README.md

@@ -9,13 +9,13 @@ Go client library for the [MCIAS](../../README.md) identity and access managemen
 ## Installation
 
 ```sh
-go get git.wntrmute.dev/kyle/mcias/clients/go
+go get git.wntrmute.dev/mc/mcias/clients/go
 ```
 
 ## Quick Start
 
 ```go
-import "git.wntrmute.dev/kyle/mcias/clients/go/mcias"
+import "git.wntrmute.dev/mc/mcias/clients/go/mcias"
 
 // Connect to the MCIAS server.
 client, err := mcias.New("https://auth.example.com", mcias.Options{})

clients/go/client_test.go

@@ -11,7 +11,7 @@ import (
 	"strings"
 	"testing"
 
-	mcias "git.wntrmute.dev/kyle/mcias/clients/go"
+	mcias "git.wntrmute.dev/mc/mcias/clients/go"
 )
 
 // ---------------------------------------------------------------------------

clients/go/go.mod

@@ -1,3 +1,3 @@
-module git.wntrmute.dev/kyle/mcias/clients/go
+module git.wntrmute.dev/mc/mcias/clients/go
 
 go 1.21

cmd/mciasdb/account.go

@@ -6,8 +6,8 @@ import (
 	"os"
 	"strings"
 
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 	"golang.org/x/term"
 )
 

cmd/mciasdb/audit.go

@@ -7,8 +7,8 @@ import (
 	"os"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 func (t *tool) runAudit(args []string) {

cmd/mciasdb/main.go

@@ -49,9 +49,9 @@ import (
 	"fmt"
 	"os"
 
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
 )
 
 func main() {

cmd/mciasdb/mciasdb_test.go

@@ -9,9 +9,9 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // newTestTool creates a tool backed by an in-memory SQLite database with a

cmd/mciasdb/pgcreds.go

@@ -6,8 +6,8 @@ import (
 	"fmt"
 	"os"
 
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
 )
 
 func (t *tool) runPGCreds(args []string) {

cmd/mciasdb/rekey.go

@@ -4,8 +4,8 @@ import (
 	"fmt"
 	"os"
 
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
 )
 
 // runRekey re-encrypts all secrets under a new passphrase-derived master key.

cmd/mciasdb/schema.go

@@ -4,7 +4,7 @@ import (
 	"flag"
 	"fmt"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/db"
 )
 
 func (t *tool) runSchema(args []string) {

cmd/mciasdb/snapshot.go

@@ -5,8 +5,8 @@ import (
 	"fmt"
 	"path/filepath"
 
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/db"
 )
 
 // runSnapshot handles the "snapshot" command.

cmd/mciasgrpcctl/main.go

@@ -64,7 +64,7 @@ import (
 	"google.golang.org/grpc/credentials"
 	"google.golang.org/grpc/metadata"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
 )
 
 func main() {

cmd/mciassrv/main.go

@@ -31,12 +31,12 @@ import (
 	"google.golang.org/grpc"
 	"google.golang.org/grpc/credentials"
 
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/grpcserver"
-	"git.wntrmute.dev/kyle/mcias/internal/server"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/grpcserver"
+	"git.wntrmute.dev/mc/mcias/internal/server"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 func main() {

flake.lock

@@ -0,0 +1,27 @@
+{
+  "nodes": {
+    "nixpkgs": {
+      "locked": {
+        "lastModified": 1774273680,
+        "narHash": "sha256-a++tZ1RQsDb1I0NHrFwdGuRlR5TORvCEUksM459wKUA=",
+        "owner": "NixOS",
+        "repo": "nixpkgs",
+        "rev": "fdc7b8f7b30fdbedec91b71ed82f36e1637483ed",
+        "type": "github"
+      },
+      "original": {
+        "owner": "NixOS",
+        "ref": "nixpkgs-unstable",
+        "repo": "nixpkgs",
+        "type": "github"
+      }
+    },
+    "root": {
+      "inputs": {
+        "nixpkgs": "nixpkgs"
+      }
+    }
+  },
+  "root": "root",
+  "version": 7
+}

flake.nix

@@ -0,0 +1,34 @@
+{
+  description = "mcias - Metacircular Identity and Access Service";
+
+  inputs = {
+    nixpkgs.url = "github:NixOS/nixpkgs/nixpkgs-unstable";
+  };
+
+  outputs =
+    { self, nixpkgs }:
+    let
+      system = "x86_64-linux";
+      pkgs = nixpkgs.legacyPackages.${system};
+      version = "1.8.0";
+    in
+    {
+      packages.${system} = {
+        default = pkgs.buildGoModule {
+          pname = "mciasctl";
+          inherit version;
+          src = ./.;
+          vendorHash = null;
+          subPackages = [
+            "cmd/mciasctl"
+            "cmd/mciasgrpcctl"
+          ];
+          ldflags = [
+            "-s"
+            "-w"
+            "-X main.version=${version}"
+          ];
+        };
+      };
+    };
+}

gen/mcias/v1/account.pb.go

@@ -1080,7 +1080,7 @@ const file_mcias_v1_account_proto_rawDesc = "" +
 	"\n" +
 	"GetPGCreds\x12\x1b.mcias.v1.GetPGCredsRequest\x1a\x1c.mcias.v1.GetPGCredsResponse\x12G\n" +
 	"\n" +
-	"SetPGCreds\x12\x1b.mcias.v1.SetPGCredsRequest\x1a\x1c.mcias.v1.SetPGCredsResponseB2Z0git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1b\x06proto3"
+	"SetPGCreds\x12\x1b.mcias.v1.SetPGCredsRequest\x1a\x1c.mcias.v1.SetPGCredsResponseB2Z0git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1b\x06proto3"
 
 var (
 	file_mcias_v1_account_proto_rawDescOnce sync.Once

gen/mcias/v1/admin.pb.go

@@ -238,7 +238,7 @@ const file_mcias_v1_admin_proto_rawDesc = "" +
 	"\x01x\x18\x05 \x01(\tR\x01x2\x9a\x01\n" +
 	"\fAdminService\x12;\n" +
 	"\x06Health\x12\x17.mcias.v1.HealthRequest\x1a\x18.mcias.v1.HealthResponse\x12M\n" +
-	"\fGetPublicKey\x12\x1d.mcias.v1.GetPublicKeyRequest\x1a\x1e.mcias.v1.GetPublicKeyResponseB2Z0git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1b\x06proto3"
+	"\fGetPublicKey\x12\x1d.mcias.v1.GetPublicKeyRequest\x1a\x1e.mcias.v1.GetPublicKeyResponseB2Z0git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1b\x06proto3"
 
 var (
 	file_mcias_v1_admin_proto_rawDescOnce sync.Once

gen/mcias/v1/auth.pb.go

@@ -919,7 +919,7 @@ const file_mcias_v1_auth_proto_rawDesc = "" +
 	"\n" +
 	"RemoveTOTP\x12\x1b.mcias.v1.RemoveTOTPRequest\x1a\x1c.mcias.v1.RemoveTOTPResponse\x12n\n" +
 	"\x17ListWebAuthnCredentials\x12(.mcias.v1.ListWebAuthnCredentialsRequest\x1a).mcias.v1.ListWebAuthnCredentialsResponse\x12q\n" +
-	"\x18RemoveWebAuthnCredential\x12).mcias.v1.RemoveWebAuthnCredentialRequest\x1a*.mcias.v1.RemoveWebAuthnCredentialResponseB2Z0git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1b\x06proto3"
+	"\x18RemoveWebAuthnCredential\x12).mcias.v1.RemoveWebAuthnCredentialRequest\x1a*.mcias.v1.RemoveWebAuthnCredentialResponseB2Z0git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1b\x06proto3"
 
 var (
 	file_mcias_v1_auth_proto_rawDescOnce sync.Once

gen/mcias/v1/common.pb.go

@@ -349,7 +349,7 @@ const file_mcias_v1_common_proto_rawDesc = "" +
 	"\x04port\x18\x05 \x01(\x05R\x04port\"5\n" +
 	"\x05Error\x12\x18\n" +
 	"\amessage\x18\x01 \x01(\tR\amessage\x12\x12\n" +
-	"\x04code\x18\x02 \x01(\tR\x04codeB2Z0git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1b\x06proto3"
+	"\x04code\x18\x02 \x01(\tR\x04codeB2Z0git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1b\x06proto3"
 
 var (
 	file_mcias_v1_common_proto_rawDescOnce sync.Once

gen/mcias/v1/policy.pb.go

@@ -703,7 +703,7 @@ const file_mcias_v1_policy_proto_rawDesc = "" +
 	"\x10CreatePolicyRule\x12!.mcias.v1.CreatePolicyRuleRequest\x1a\".mcias.v1.CreatePolicyRuleResponse\x12P\n" +
 	"\rGetPolicyRule\x12\x1e.mcias.v1.GetPolicyRuleRequest\x1a\x1f.mcias.v1.GetPolicyRuleResponse\x12Y\n" +
 	"\x10UpdatePolicyRule\x12!.mcias.v1.UpdatePolicyRuleRequest\x1a\".mcias.v1.UpdatePolicyRuleResponse\x12Y\n" +
-	"\x10DeletePolicyRule\x12!.mcias.v1.DeletePolicyRuleRequest\x1a\".mcias.v1.DeletePolicyRuleResponseB2Z0git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1b\x06proto3"
+	"\x10DeletePolicyRule\x12!.mcias.v1.DeletePolicyRuleRequest\x1a\".mcias.v1.DeletePolicyRuleResponseB2Z0git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1b\x06proto3"
 
 var (
 	file_mcias_v1_policy_proto_rawDescOnce sync.Once

gen/mcias/v1/token.pb.go

@@ -346,7 +346,7 @@ const file_mcias_v1_token_proto_rawDesc = "" +
 	"\fTokenService\x12P\n" +
 	"\rValidateToken\x12\x1e.mcias.v1.ValidateTokenRequest\x1a\x1f.mcias.v1.ValidateTokenResponse\x12\\\n" +
 	"\x11IssueServiceToken\x12\".mcias.v1.IssueServiceTokenRequest\x1a#.mcias.v1.IssueServiceTokenResponse\x12J\n" +
-	"\vRevokeToken\x12\x1c.mcias.v1.RevokeTokenRequest\x1a\x1d.mcias.v1.RevokeTokenResponseB2Z0git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1b\x06proto3"
+	"\vRevokeToken\x12\x1c.mcias.v1.RevokeTokenRequest\x1a\x1d.mcias.v1.RevokeTokenResponseB2Z0git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1b\x06proto3"
 
 var (
 	file_mcias_v1_token_proto_rawDescOnce sync.Once

go.mod

@@ -1,12 +1,14 @@
-module git.wntrmute.dev/kyle/mcias
+module git.wntrmute.dev/mc/mcias
 
 go 1.26.0
 
 require (
+	github.com/go-webauthn/webauthn v0.16.1
 	github.com/golang-jwt/jwt/v5 v5.3.1
 	github.com/golang-migrate/migrate/v4 v4.19.1
 	github.com/google/uuid v1.6.0
 	github.com/pelletier/go-toml/v2 v2.2.4
+	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e
 	golang.org/x/crypto v0.49.0
 	golang.org/x/term v0.41.0
 	google.golang.org/grpc v1.74.2
@@ -18,14 +20,11 @@ require (
 	github.com/dustin/go-humanize v1.0.1 // indirect
 	github.com/fxamacker/cbor/v2 v2.9.0 // indirect
 	github.com/go-viper/mapstructure/v2 v2.5.0 // indirect
-	github.com/go-webauthn/webauthn v0.16.1 // indirect
 	github.com/go-webauthn/x v0.2.2 // indirect
 	github.com/google/go-tpm v0.9.8 // indirect
 	github.com/mattn/go-isatty v0.0.20 // indirect
 	github.com/ncruces/go-strftime v1.0.0 // indirect
 	github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
-	github.com/skip2/go-qrcode v0.0.0-20200617195104-da1b6568686e // indirect
-	github.com/stretchr/testify v1.11.1 // indirect
 	github.com/x448/float16 v0.8.4 // indirect
 	golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 // indirect
 	golang.org/x/net v0.51.0 // indirect

go.sum

@@ -24,6 +24,8 @@ github.com/google/go-cmp v0.7.0 h1:wk8382ETsv4JYUZwIsn6YpYiWiBsYLSJiTsyBybVuN8=
 github.com/google/go-cmp v0.7.0/go.mod h1:pXiqmnSA92OHEEa9HXL2W4E7lf9JzCmGVUdgjX3N/iU=
 github.com/google/go-tpm v0.9.8 h1:slArAR9Ft+1ybZu0lBwpSmpwhRXaa85hWtMinMyRAWo=
 github.com/google/go-tpm v0.9.8/go.mod h1:h9jEsEECg7gtLis0upRBQU+GhYVH6jMjrFxI8u6bVUY=
+github.com/google/go-tpm-tools v0.3.13-0.20230620182252-4639ecce2aba h1:qJEJcuLzH5KDR0gKc0zcktin6KSAwL7+jWKBYceddTc=
+github.com/google/go-tpm-tools v0.3.13-0.20230620182252-4639ecce2aba/go.mod h1:EFYHy8/1y2KfgTAsx7Luu7NGhoxtuVHnNo8jE7FikKc=
 github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e h1:ijClszYn+mADRFY17kjQEVQ1XRhq2/JR1M3sGqeJoxs=
 github.com/google/pprof v0.0.0-20250317173921-a4b03ec1a45e/go.mod h1:boTsfXsheKC2y+lKOCMpSfarhxDeIzfZG1jqGcPl3cA=
 github.com/google/uuid v1.6.0 h1:NIvaJDMOsjHA8n1jAhLSgzrAzy1Hgr+hNrb57e+94F0=
@@ -60,6 +62,8 @@ go.opentelemetry.io/otel/sdk/metric v1.36.0 h1:r0ntwwGosWGaa0CrSt8cuNuTcccMXERFw
 go.opentelemetry.io/otel/sdk/metric v1.36.0/go.mod h1:qTNOhFDfKRwX0yXOqJYegL5WRaW376QbB7P4Pb0qva4=
 go.opentelemetry.io/otel/trace v1.37.0 h1:HLdcFNbRQBE2imdSEgm/kwqmQj1Or1l/7bW6mxVK7z4=
 go.opentelemetry.io/otel/trace v1.37.0/go.mod h1:TlgrlQ+PtQO5XFerSPUYG0JSgGyryXewPGyayAWSBS0=
+go.uber.org/mock v0.6.0 h1:hyF9dfmbgIX5EfOdasqLsWD6xqpNZlXblLB/Dbnwv3Y=
+go.uber.org/mock v0.6.0/go.mod h1:KiVJ4BqZJaMj4svdfmHM0AUx4NJYO8ZNpPnZn1Z+BBU=
 golang.org/x/crypto v0.49.0 h1:+Ng2ULVvLHnJ/ZFEq4KdcDd/cfjrrjjNSXNzxg0Y4U4=
 golang.org/x/crypto v0.49.0/go.mod h1:ErX4dUh2UM+CFYiXZRTcMpEcN8b/1gxEuv3nODoYtCA=
 golang.org/x/exp v0.0.0-20251023183803-a4bb9ffd2546 h1:mgKeJMpvi0yx/sU5GsxQ7p6s2wtOnGAHZWCHUM4KGzY=

internal/auth/auth.go

@@ -29,7 +29,7 @@ import (
 
 	"golang.org/x/crypto/argon2"
 
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
 )
 
 // ErrInvalidCredentials is returned for any authentication failure.

internal/db/accounts.go

@@ -6,7 +6,7 @@ import (
 	"fmt"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 	"github.com/google/uuid"
 )
 

internal/db/db_test.go

@@ -5,7 +5,7 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // openTestDB opens an in-memory SQLite database for testing.

internal/db/mciasdb_test.go

@@ -4,7 +4,7 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // openTestDB is defined in db_test.go in this package; reused here.

internal/db/pgcred_access.go

@@ -6,7 +6,7 @@ import (
 	"fmt"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // ListCredentialedAccountIDs returns the set of account IDs that already have

internal/db/policy.go

@@ -6,7 +6,7 @@ import (
 	"fmt"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // policyRuleCols is the column list for all policy rule SELECT queries.

internal/db/policy_test.go

@@ -5,7 +5,7 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 func TestCreateAndGetPolicyRule(t *testing.T) {

internal/db/tags_test.go

@@ -3,7 +3,7 @@ package db
 import (
 	"testing"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 func TestGetAccountTags_Empty(t *testing.T) {

internal/db/webauthn.go

@@ -5,7 +5,7 @@ import (
 	"errors"
 	"fmt"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // CreateWebAuthnCredential inserts a new WebAuthn credential record.

internal/db/webauthn_test.go

@@ -4,7 +4,7 @@ import (
 	"errors"
 	"testing"
 
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 func TestWebAuthnCRUD(t *testing.T) {

internal/grpcserver/accountservice.go

@@ -11,11 +11,11 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/timestamppb"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/validate"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/validate"
 )
 
 type accountServiceServer struct {

internal/grpcserver/admin.go

@@ -9,7 +9,7 @@ import (
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
 )
 
 type adminServiceServer struct {

internal/grpcserver/auth.go

@@ -13,12 +13,12 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/timestamppb"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/token"
 )
 
 type authServiceServer struct {

internal/grpcserver/credentialservice.go

@@ -9,10 +9,10 @@ import (
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 type credentialServiceServer struct {

internal/grpcserver/grpcserver.go

@@ -30,11 +30,11 @@ import (
 	"google.golang.org/grpc/peer"
 	"google.golang.org/grpc/status"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 // contextKey is the unexported context key type for this package.

internal/grpcserver/grpcserver_test.go

@@ -24,13 +24,13 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/grpc/test/bufconn"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 const (

internal/grpcserver/policyservice.go

@@ -13,10 +13,10 @@ import (
 	"google.golang.org/grpc/codes"
 	"google.golang.org/grpc/status"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/policy"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/policy"
 )
 
 type policyServiceServer struct {

internal/grpcserver/tokenservice.go

@@ -10,10 +10,10 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/timestamppb"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/token"
 )
 
 type tokenServiceServer struct {

internal/grpcserver/webauthn.go

@@ -11,8 +11,8 @@ import (
 	"google.golang.org/grpc/status"
 	"google.golang.org/protobuf/types/known/timestamppb"
 
-	mciasv1 "git.wntrmute.dev/kyle/mcias/gen/mcias/v1"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	mciasv1 "git.wntrmute.dev/mc/mcias/gen/mcias/v1"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // ListWebAuthnCredentials returns metadata for an account's WebAuthn credentials.

internal/middleware/middleware.go

@@ -23,10 +23,10 @@ import (
 	"sync"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/policy"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/policy"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 // contextKey is the unexported type for context keys in this package, preventing

internal/middleware/middleware_test.go

@@ -12,10 +12,10 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 func generateTestKey(t *testing.T) (ed25519.PublicKey, ed25519.PrivateKey) {

internal/server/handlers_policy.go

@@ -8,10 +8,10 @@ import (
 	"strconv"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/middleware"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/policy"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/middleware"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/policy"
 )
 
 // ---- Tag endpoints ----

internal/server/handlers_webauthn.go

@@ -23,14 +23,14 @@ import (
 	"github.com/go-webauthn/webauthn/protocol"
 	libwebauthn "github.com/go-webauthn/webauthn/webauthn"
 
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/middleware"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/policy"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	mciaswebauthn "git.wntrmute.dev/kyle/mcias/internal/webauthn"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/middleware"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/policy"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	mciaswebauthn "git.wntrmute.dev/mc/mcias/internal/webauthn"
 )
 
 const (

internal/server/server.go

@@ -21,19 +21,19 @@ import (
 	"strings"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/middleware"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/policy"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/ui"
-	"git.wntrmute.dev/kyle/mcias/internal/validate"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
-	"git.wntrmute.dev/kyle/mcias/web"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/middleware"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/policy"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/ui"
+	"git.wntrmute.dev/mc/mcias/internal/validate"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/web"
 )
 
 // Server holds the dependencies injected into all handlers.

internal/server/server_test.go

@@ -19,13 +19,13 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/policy"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/policy"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 // generateTOTPCode computes a valid RFC 6238 TOTP code for the current time

internal/server/vault.go

@@ -4,10 +4,10 @@ package server
 import (
 	"net/http"
 
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/middleware"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/middleware"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 // unsealRequest is the request body for POST /v1/vault/unseal.

internal/server/vault_test.go

@@ -7,7 +7,7 @@ import (
 	"strings"
 	"testing"
 
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 func TestHandleHealthSealed(t *testing.T) {

internal/ui/context.go

@@ -3,7 +3,7 @@ package ui
 import (
 	"context"
 
-	"git.wntrmute.dev/kyle/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/token"
 )
 
 // uiContextKey is the unexported type for UI context values, preventing

internal/ui/csrf.go

@@ -10,7 +10,7 @@ import (
 	"fmt"
 	"sync"
 
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 // CSRFManager implements HMAC-signed Double-Submit Cookie CSRF protection.

internal/ui/handlers_accounts.go

@@ -7,11 +7,11 @@ import (
 	"strconv"
 	"strings"
 
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/validate"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/validate"
 )
 
 // knownRoles lists the built-in roles shown as checkboxes in the roles editor.

internal/ui/handlers_audit.go

@@ -4,8 +4,8 @@ import (
 	"net/http"
 	"strconv"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 const auditPageSize = 50

internal/ui/handlers_auth.go

@@ -3,12 +3,12 @@ package ui
 import (
 	"net/http"
 
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/validate"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/validate"
 )
 
 // handleLoginPage renders the login form.

internal/ui/handlers_dashboard.go

@@ -3,8 +3,8 @@ package ui
 import (
 	"net/http"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // handleDashboard renders the main dashboard page.  Admin users see account

internal/ui/handlers_policy.go

@@ -9,9 +9,9 @@ import (
 	"strings"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/policy"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/policy"
 )
 
 // ---- Policies page ----

internal/ui/handlers_totp.go

@@ -9,10 +9,10 @@ import (
 
 	qrcode "github.com/skip2/go-qrcode"
 
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // handleTOTPEnrollStart processes the password re-auth step and generates

internal/ui/handlers_vault.go

@@ -4,10 +4,10 @@ package ui
 import (
 	"net/http"
 
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/middleware"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/middleware"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 // UnsealData is the view model for the unseal page.

internal/ui/handlers_webauthn.go

@@ -12,12 +12,12 @@ import (
 	"github.com/go-webauthn/webauthn/protocol"
 	libwebauthn "github.com/go-webauthn/webauthn/webauthn"
 
-	"git.wntrmute.dev/kyle/mcias/internal/audit"
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	mciaswebauthn "git.wntrmute.dev/kyle/mcias/internal/webauthn"
+	"git.wntrmute.dev/mc/mcias/internal/audit"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	mciaswebauthn "git.wntrmute.dev/mc/mcias/internal/webauthn"
 )
 
 const (

internal/ui/session.go

@@ -5,7 +5,7 @@ import (
 	"fmt"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/token"
 )
 
 // validateSessionToken wraps token.ValidateToken for use by UI session middleware.

internal/ui/ui.go

@@ -27,13 +27,13 @@ import (
 	"sync"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/middleware"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
-	"git.wntrmute.dev/kyle/mcias/web"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/middleware"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/web"
 )
 
 const (

internal/ui/ui_test.go

@@ -13,11 +13,11 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 const testIssuer = "https://auth.example.com"

internal/vault/derive.go

@@ -5,8 +5,8 @@ import (
 	"errors"
 	"fmt"
 
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/db"
 )
 
 // DeriveFromPassphrase derives the master encryption key from a passphrase

internal/webauthn/adapter.go

@@ -8,7 +8,7 @@ import (
 
 	"github.com/go-webauthn/webauthn/webauthn"
 
-	"git.wntrmute.dev/kyle/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/config"
 )
 
 // NewWebAuthn creates a configured go-webauthn instance from MCIAS config.

internal/webauthn/adapter_test.go

@@ -5,7 +5,7 @@ import (
 
 	libwebauthn "github.com/go-webauthn/webauthn/webauthn"
 
-	"git.wntrmute.dev/kyle/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/config"
 )
 
 func TestNewWebAuthn(t *testing.T) {

internal/webauthn/convert.go

@@ -8,8 +8,8 @@ import (
 	"github.com/go-webauthn/webauthn/protocol"
 	"github.com/go-webauthn/webauthn/webauthn"
 
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 // DecryptCredential decrypts a stored WebAuthn credential's ID and public key

internal/webauthn/convert_test.go

@@ -7,8 +7,8 @@ import (
 	"github.com/go-webauthn/webauthn/protocol"
 	libwebauthn "github.com/go-webauthn/webauthn/webauthn"
 
-	"git.wntrmute.dev/kyle/mcias/internal/crypto"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/crypto"
+	"git.wntrmute.dev/mc/mcias/internal/model"
 )
 
 func testMasterKey(t *testing.T) []byte {

proto/mcias/v1/account.proto

@@ -4,7 +4,7 @@ syntax = "proto3";
 
 package mcias.v1;
 
-option go_package = "git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1";
+option go_package = "git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1";
 
 import "mcias/v1/common.proto";
 

proto/mcias/v1/admin.proto

@@ -4,7 +4,7 @@ syntax = "proto3";
 
 package mcias.v1;
 
-option go_package = "git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1";
+option go_package = "git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1";
 
 // HealthRequest carries no parameters.
 message HealthRequest {}

proto/mcias/v1/auth.proto

@@ -3,7 +3,7 @@ syntax = "proto3";
 
 package mcias.v1;
 
-option go_package = "git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1";
+option go_package = "git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1";
 
 import "google/protobuf/timestamp.proto";
 

proto/mcias/v1/common.proto

@@ -3,7 +3,7 @@ syntax = "proto3";
 
 package mcias.v1;
 
-option go_package = "git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1";
+option go_package = "git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1";
 
 import "google/protobuf/timestamp.proto";
 

proto/mcias/v1/policy.proto

@@ -3,7 +3,7 @@ syntax = "proto3";
 
 package mcias.v1;
 
-option go_package = "git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1";
+option go_package = "git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1";
 
 // PolicyRule is the wire representation of a policy rule record.
 message PolicyRule {

proto/mcias/v1/token.proto

@@ -3,7 +3,7 @@ syntax = "proto3";
 
 package mcias.v1;
 
-option go_package = "git.wntrmute.dev/kyle/mcias/gen/mcias/v1;mciasv1";
+option go_package = "git.wntrmute.dev/mc/mcias/gen/mcias/v1;mciasv1";
 
 import "google/protobuf/timestamp.proto";
 

test/e2e/e2e_test.go

@@ -30,13 +30,13 @@ import (
 	"testing"
 	"time"
 
-	"git.wntrmute.dev/kyle/mcias/internal/auth"
-	"git.wntrmute.dev/kyle/mcias/internal/config"
-	"git.wntrmute.dev/kyle/mcias/internal/db"
-	"git.wntrmute.dev/kyle/mcias/internal/model"
-	"git.wntrmute.dev/kyle/mcias/internal/server"
-	"git.wntrmute.dev/kyle/mcias/internal/token"
-	"git.wntrmute.dev/kyle/mcias/internal/vault"
+	"git.wntrmute.dev/mc/mcias/internal/auth"
+	"git.wntrmute.dev/mc/mcias/internal/config"
+	"git.wntrmute.dev/mc/mcias/internal/db"
+	"git.wntrmute.dev/mc/mcias/internal/model"
+	"git.wntrmute.dev/mc/mcias/internal/server"
+	"git.wntrmute.dev/mc/mcias/internal/token"
+	"git.wntrmute.dev/mc/mcias/internal/vault"
 )
 
 const e2eIssuer = "https://auth.e2e.test"

vendor/github.com/dustin/go-humanize/.travis.yml

@@ -0,0 +1,21 @@
+sudo: false
+language: go
+go_import_path: github.com/dustin/go-humanize
+go:
+  - 1.13.x
+  - 1.14.x
+  - 1.15.x
+  - 1.16.x
+  - stable
+  - master
+matrix:
+  allow_failures:
+    - go: master
+  fast_finish: true
+install:
+  - # Do nothing. This is needed to prevent default install action "go get -t -v ./..." from happening here (we want it to happen inside script step).
+script:
+  - diff -u <(echo -n) <(gofmt -d -s .)
+  - go vet .
+  - go install -v -race ./...
+  - go test -v -race ./...

vendor/github.com/dustin/go-humanize/LICENSE

@@ -0,0 +1,21 @@
+Copyright (c) 2005-2008  Dustin Sallings <dustin@spy.net>
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.
+
+<http://www.opensource.org/licenses/mit-license.php>

vendor/github.com/dustin/go-humanize/README.markdown

@@ -0,0 +1,124 @@
+# Humane Units [![Build Status](https://travis-ci.org/dustin/go-humanize.svg?branch=master)](https://travis-ci.org/dustin/go-humanize) [![GoDoc](https://godoc.org/github.com/dustin/go-humanize?status.svg)](https://godoc.org/github.com/dustin/go-humanize)
+
+Just a few functions for helping humanize times and sizes.
+
+`go get` it as `github.com/dustin/go-humanize`, import it as
+`"github.com/dustin/go-humanize"`, use it as `humanize`.
+
+See [godoc](https://pkg.go.dev/github.com/dustin/go-humanize) for
+complete documentation.
+
+## Sizes
+
+This lets you take numbers like `82854982` and convert them to useful
+strings like, `83 MB` or `79 MiB` (whichever you prefer).
+
+Example:
+
+```go
+fmt.Printf("That file is %s.", humanize.Bytes(82854982)) // That file is 83 MB.
+```
+
+## Times
+
+This lets you take a `time.Time` and spit it out in relative terms.
+For example, `12 seconds ago` or `3 days from now`.
+
+Example:
+
+```go
+fmt.Printf("This was touched %s.", humanize.Time(someTimeInstance)) // This was touched 7 hours ago.
+```
+
+Thanks to Kyle Lemons for the time implementation from an IRC
+conversation one day. It's pretty neat.
+
+## Ordinals
+
+From a [mailing list discussion][odisc] where a user wanted to be able
+to label ordinals.
+
+    0 -> 0th
+    1 -> 1st
+    2 -> 2nd
+    3 -> 3rd
+    4 -> 4th
+    [...]
+
+Example:
+
+```go
+fmt.Printf("You're my %s best friend.", humanize.Ordinal(193)) // You are my 193rd best friend.
+```
+
+## Commas
+
+Want to shove commas into numbers? Be my guest.
+
+    0 -> 0
+    100 -> 100
+    1000 -> 1,000
+    1000000000 -> 1,000,000,000
+    -100000 -> -100,000
+
+Example:
+
+```go
+fmt.Printf("You owe $%s.\n", humanize.Comma(6582491)) // You owe $6,582,491.
+```
+
+## Ftoa
+
+Nicer float64 formatter that removes trailing zeros.
+
+```go
+fmt.Printf("%f", 2.24)                // 2.240000
+fmt.Printf("%s", humanize.Ftoa(2.24)) // 2.24
+fmt.Printf("%f", 2.0)                 // 2.000000
+fmt.Printf("%s", humanize.Ftoa(2.0))  // 2
+```
+
+## SI notation
+
+Format numbers with [SI notation][sinotation].
+
+Example:
+
+```go
+humanize.SI(0.00000000223, "M") // 2.23 nM
+```
+
+## English-specific functions
+
+The following functions are in the `humanize/english` subpackage.
+
+### Plurals
+
+Simple English pluralization
+
+```go
+english.PluralWord(1, "object", "") // object
+english.PluralWord(42, "object", "") // objects
+english.PluralWord(2, "bus", "") // buses
+english.PluralWord(99, "locus", "loci") // loci
+
+english.Plural(1, "object", "") // 1 object
+english.Plural(42, "object", "") // 42 objects
+english.Plural(2, "bus", "") // 2 buses
+english.Plural(99, "locus", "loci") // 99 loci
+```
+
+### Word series
+
+Format comma-separated words lists with conjuctions:
+
+```go
+english.WordSeries([]string{"foo"}, "and") // foo
+english.WordSeries([]string{"foo", "bar"}, "and") // foo and bar
+english.WordSeries([]string{"foo", "bar", "baz"}, "and") // foo, bar and baz
+
+english.OxfordWordSeries([]string{"foo", "bar", "baz"}, "and") // foo, bar, and baz
+```
+
+[odisc]: https://groups.google.com/d/topic/golang-nuts/l8NhI74jl-4/discussion
+[sinotation]: http://en.wikipedia.org/wiki/Metric_prefix

vendor/github.com/dustin/go-humanize/big.go

@@ -0,0 +1,31 @@
+package humanize
+
+import (
+	"math/big"
+)
+
+// order of magnitude (to a max order)
+func oomm(n, b *big.Int, maxmag int) (float64, int) {
+	mag := 0
+	m := &big.Int{}
+	for n.Cmp(b) >= 0 {
+		n.DivMod(n, b, m)
+		mag++
+		if mag == maxmag && maxmag >= 0 {
+			break
+		}
+	}
+	return float64(n.Int64()) + (float64(m.Int64()) / float64(b.Int64())), mag
+}
+
+// total order of magnitude
+// (same as above, but with no upper limit)
+func oom(n, b *big.Int) (float64, int) {
+	mag := 0
+	m := &big.Int{}
+	for n.Cmp(b) >= 0 {
+		n.DivMod(n, b, m)
+		mag++
+	}
+	return float64(n.Int64()) + (float64(m.Int64()) / float64(b.Int64())), mag
+}

vendor/github.com/dustin/go-humanize/bigbytes.go

@@ -0,0 +1,189 @@
+package humanize
+
+import (
+	"fmt"
+	"math/big"
+	"strings"
+	"unicode"
+)
+
+var (
+	bigIECExp = big.NewInt(1024)
+
+	// BigByte is one byte in bit.Ints
+	BigByte = big.NewInt(1)
+	// BigKiByte is 1,024 bytes in bit.Ints
+	BigKiByte = (&big.Int{}).Mul(BigByte, bigIECExp)
+	// BigMiByte is 1,024 k bytes in bit.Ints
+	BigMiByte = (&big.Int{}).Mul(BigKiByte, bigIECExp)
+	// BigGiByte is 1,024 m bytes in bit.Ints
+	BigGiByte = (&big.Int{}).Mul(BigMiByte, bigIECExp)
+	// BigTiByte is 1,024 g bytes in bit.Ints
+	BigTiByte = (&big.Int{}).Mul(BigGiByte, bigIECExp)
+	// BigPiByte is 1,024 t bytes in bit.Ints
+	BigPiByte = (&big.Int{}).Mul(BigTiByte, bigIECExp)
+	// BigEiByte is 1,024 p bytes in bit.Ints
+	BigEiByte = (&big.Int{}).Mul(BigPiByte, bigIECExp)
+	// BigZiByte is 1,024 e bytes in bit.Ints
+	BigZiByte = (&big.Int{}).Mul(BigEiByte, bigIECExp)
+	// BigYiByte is 1,024 z bytes in bit.Ints
+	BigYiByte = (&big.Int{}).Mul(BigZiByte, bigIECExp)
+	// BigRiByte is 1,024 y bytes in bit.Ints
+	BigRiByte = (&big.Int{}).Mul(BigYiByte, bigIECExp)
+	// BigQiByte is 1,024 r bytes in bit.Ints
+	BigQiByte = (&big.Int{}).Mul(BigRiByte, bigIECExp)
+)
+
+var (
+	bigSIExp = big.NewInt(1000)
+
+	// BigSIByte is one SI byte in big.Ints
+	BigSIByte = big.NewInt(1)
+	// BigKByte is 1,000 SI bytes in big.Ints
+	BigKByte = (&big.Int{}).Mul(BigSIByte, bigSIExp)
+	// BigMByte is 1,000 SI k bytes in big.Ints
+	BigMByte = (&big.Int{}).Mul(BigKByte, bigSIExp)
+	// BigGByte is 1,000 SI m bytes in big.Ints
+	BigGByte = (&big.Int{}).Mul(BigMByte, bigSIExp)
+	// BigTByte is 1,000 SI g bytes in big.Ints
+	BigTByte = (&big.Int{}).Mul(BigGByte, bigSIExp)
+	// BigPByte is 1,000 SI t bytes in big.Ints
+	BigPByte = (&big.Int{}).Mul(BigTByte, bigSIExp)
+	// BigEByte is 1,000 SI p bytes in big.Ints
+	BigEByte = (&big.Int{}).Mul(BigPByte, bigSIExp)
+	// BigZByte is 1,000 SI e bytes in big.Ints
+	BigZByte = (&big.Int{}).Mul(BigEByte, bigSIExp)
+	// BigYByte is 1,000 SI z bytes in big.Ints
+	BigYByte = (&big.Int{}).Mul(BigZByte, bigSIExp)
+	// BigRByte is 1,000 SI y bytes in big.Ints
+	BigRByte = (&big.Int{}).Mul(BigYByte, bigSIExp)
+	// BigQByte is 1,000 SI r bytes in big.Ints
+	BigQByte = (&big.Int{}).Mul(BigRByte, bigSIExp)
+)
+
+var bigBytesSizeTable = map[string]*big.Int{
+	"b":   BigByte,
+	"kib": BigKiByte,
+	"kb":  BigKByte,
+	"mib": BigMiByte,
+	"mb":  BigMByte,
+	"gib": BigGiByte,
+	"gb":  BigGByte,
+	"tib": BigTiByte,
+	"tb":  BigTByte,
+	"pib": BigPiByte,
+	"pb":  BigPByte,
+	"eib": BigEiByte,
+	"eb":  BigEByte,
+	"zib": BigZiByte,
+	"zb":  BigZByte,
+	"yib": BigYiByte,
+	"yb":  BigYByte,
+	"rib": BigRiByte,
+	"rb":  BigRByte,
+	"qib": BigQiByte,
+	"qb":  BigQByte,
+	// Without suffix
+	"":   BigByte,
+	"ki": BigKiByte,
+	"k":  BigKByte,
+	"mi": BigMiByte,
+	"m":  BigMByte,
+	"gi": BigGiByte,
+	"g":  BigGByte,
+	"ti": BigTiByte,
+	"t":  BigTByte,
+	"pi": BigPiByte,
+	"p":  BigPByte,
+	"ei": BigEiByte,
+	"e":  BigEByte,
+	"z":  BigZByte,
+	"zi": BigZiByte,
+	"y":  BigYByte,
+	"yi": BigYiByte,
+	"r":  BigRByte,
+	"ri": BigRiByte,
+	"q":  BigQByte,
+	"qi": BigQiByte,
+}
+
+var ten = big.NewInt(10)
+
+func humanateBigBytes(s, base *big.Int, sizes []string) string {
+	if s.Cmp(ten) < 0 {
+		return fmt.Sprintf("%d B", s)
+	}
+	c := (&big.Int{}).Set(s)
+	val, mag := oomm(c, base, len(sizes)-1)
+	suffix := sizes[mag]
+	f := "%.0f %s"
+	if val < 10 {
+		f = "%.1f %s"
+	}
+
+	return fmt.Sprintf(f, val, suffix)
+
+}
+
+// BigBytes produces a human readable representation of an SI size.
+//
+// See also: ParseBigBytes.
+//
+// BigBytes(82854982) -> 83 MB
+func BigBytes(s *big.Int) string {
+	sizes := []string{"B", "kB", "MB", "GB", "TB", "PB", "EB", "ZB", "YB", "RB", "QB"}
+	return humanateBigBytes(s, bigSIExp, sizes)
+}
+
+// BigIBytes produces a human readable representation of an IEC size.
+//
+// See also: ParseBigBytes.
+//
+// BigIBytes(82854982) -> 79 MiB
+func BigIBytes(s *big.Int) string {
+	sizes := []string{"B", "KiB", "MiB", "GiB", "TiB", "PiB", "EiB", "ZiB", "YiB", "RiB", "QiB"}
+	return humanateBigBytes(s, bigIECExp, sizes)
+}
+
+// ParseBigBytes parses a string representation of bytes into the number
+// of bytes it represents.
+//
+// See also: BigBytes, BigIBytes.
+//
+// ParseBigBytes("42 MB") -> 42000000, nil
+// ParseBigBytes("42 mib") -> 44040192, nil
+func ParseBigBytes(s string) (*big.Int, error) {
+	lastDigit := 0
+	hasComma := false
+	for _, r := range s {
+		if !(unicode.IsDigit(r) || r == '.' || r == ',') {
+			break
+		}
+		if r == ',' {
+			hasComma = true
+		}
+		lastDigit++
+	}
+
+	num := s[:lastDigit]
+	if hasComma {
+		num = strings.Replace(num, ",", "", -1)
+	}
+
+	val := &big.Rat{}
+	_, err := fmt.Sscanf(num, "%f", val)
+	if err != nil {
+		return nil, err
+	}
+
+	extra := strings.ToLower(strings.TrimSpace(s[lastDigit:]))
+	if m, ok := bigBytesSizeTable[extra]; ok {
+		mv := (&big.Rat{}).SetInt(m)
+		val.Mul(val, mv)
+		rv := &big.Int{}
+		rv.Div(val.Num(), val.Denom())
+		return rv, nil
+	}
+
+	return nil, fmt.Errorf("unhandled size name: %v", extra)
+}

vendor/github.com/dustin/go-humanize/bytes.go

@@ -0,0 +1,143 @@
+package humanize
+
+import (
+	"fmt"
+	"math"
+	"strconv"
+	"strings"
+	"unicode"
+)
+
+// IEC Sizes.
+// kibis of bits
+const (
+	Byte = 1 << (iota * 10)
+	KiByte
+	MiByte
+	GiByte
+	TiByte
+	PiByte
+	EiByte
+)
+
+// SI Sizes.
+const (
+	IByte = 1
+	KByte = IByte * 1000
+	MByte = KByte * 1000
+	GByte = MByte * 1000
+	TByte = GByte * 1000
+	PByte = TByte * 1000
+	EByte = PByte * 1000
+)
+
+var bytesSizeTable = map[string]uint64{
+	"b":   Byte,
+	"kib": KiByte,
+	"kb":  KByte,
+	"mib": MiByte,
+	"mb":  MByte,
+	"gib": GiByte,
+	"gb":  GByte,
+	"tib": TiByte,
+	"tb":  TByte,
+	"pib": PiByte,
+	"pb":  PByte,
+	"eib": EiByte,
+	"eb":  EByte,
+	// Without suffix
+	"":   Byte,
+	"ki": KiByte,
+	"k":  KByte,
+	"mi": MiByte,
+	"m":  MByte,
+	"gi": GiByte,
+	"g":  GByte,
+	"ti": TiByte,
+	"t":  TByte,
+	"pi": PiByte,
+	"p":  PByte,
+	"ei": EiByte,
+	"e":  EByte,
+}
+
+func logn(n, b float64) float64 {
+	return math.Log(n) / math.Log(b)
+}
+
+func humanateBytes(s uint64, base float64, sizes []string) string {
+	if s < 10 {
+		return fmt.Sprintf("%d B", s)
+	}
+	e := math.Floor(logn(float64(s), base))
+	suffix := sizes[int(e)]
+	val := math.Floor(float64(s)/math.Pow(base, e)*10+0.5) / 10
+	f := "%.0f %s"
+	if val < 10 {
+		f = "%.1f %s"
+	}
+
+	return fmt.Sprintf(f, val, suffix)
+}
+
+// Bytes produces a human readable representation of an SI size.
+//
+// See also: ParseBytes.
+//
+// Bytes(82854982) -> 83 MB
+func Bytes(s uint64) string {
+	sizes := []string{"B", "kB", "MB", "GB", "TB", "PB", "EB"}
+	return humanateBytes(s, 1000, sizes)
+}
+
+// IBytes produces a human readable representation of an IEC size.
+//
+// See also: ParseBytes.
+//
+// IBytes(82854982) -> 79 MiB
+func IBytes(s uint64) string {
+	sizes := []string{"B", "KiB", "MiB", "GiB", "TiB", "PiB", "EiB"}
+	return humanateBytes(s, 1024, sizes)
+}
+
+// ParseBytes parses a string representation of bytes into the number
+// of bytes it represents.
+//
+// See Also: Bytes, IBytes.
+//
+// ParseBytes("42 MB") -> 42000000, nil
+// ParseBytes("42 mib") -> 44040192, nil
+func ParseBytes(s string) (uint64, error) {
+	lastDigit := 0
+	hasComma := false
+	for _, r := range s {
+		if !(unicode.IsDigit(r) || r == '.' || r == ',') {
+			break
+		}
+		if r == ',' {
+			hasComma = true
+		}
+		lastDigit++
+	}
+
+	num := s[:lastDigit]
+	if hasComma {
+		num = strings.Replace(num, ",", "", -1)
+	}
+
+	f, err := strconv.ParseFloat(num, 64)
+	if err != nil {
+		return 0, err
+	}
+
+	extra := strings.ToLower(strings.TrimSpace(s[lastDigit:]))
+	if m, ok := bytesSizeTable[extra]; ok {
+		f *= float64(m)
+		if f >= math.MaxUint64 {
+			return 0, fmt.Errorf("too large: %v", s)
+		}
+		return uint64(f), nil
+	}
+
+	return 0, fmt.Errorf("unhandled size name: %v", extra)
+}

vendor/github.com/dustin/go-humanize/comma.go

@@ -0,0 +1,116 @@
+package humanize
+
+import (
+	"bytes"
+	"math"
+	"math/big"
+	"strconv"
+	"strings"
+)
+
+// Comma produces a string form of the given number in base 10 with
+// commas after every three orders of magnitude.
+//
+// e.g. Comma(834142) -> 834,142
+func Comma(v int64) string {
+	sign := ""
+
+	// Min int64 can't be negated to a usable value, so it has to be special cased.
+	if v == math.MinInt64 {
+		return "-9,223,372,036,854,775,808"
+	}
+
+	if v < 0 {
+		sign = "-"
+		v = 0 - v
+	}
+
+	parts := []string{"", "", "", "", "", "", ""}
+	j := len(parts) - 1
+
+	for v > 999 {
+		parts[j] = strconv.FormatInt(v%1000, 10)
+		switch len(parts[j]) {
+		case 2:
+			parts[j] = "0" + parts[j]
+		case 1:
+			parts[j] = "00" + parts[j]
+		}
+		v = v / 1000
+		j--
+	}
+	parts[j] = strconv.Itoa(int(v))
+	return sign + strings.Join(parts[j:], ",")
+}
+
+// Commaf produces a string form of the given number in base 10 with
+// commas after every three orders of magnitude.
+//
+// e.g. Commaf(834142.32) -> 834,142.32
+func Commaf(v float64) string {
+	buf := &bytes.Buffer{}
+	if v < 0 {
+		buf.Write([]byte{'-'})
+		v = 0 - v
+	}
+
+	comma := []byte{','}
+
+	parts := strings.Split(strconv.FormatFloat(v, 'f', -1, 64), ".")
+	pos := 0
+	if len(parts[0])%3 != 0 {
+		pos += len(parts[0]) % 3
+		buf.WriteString(parts[0][:pos])
+		buf.Write(comma)
+	}
+	for ; pos < len(parts[0]); pos += 3 {
+		buf.WriteString(parts[0][pos : pos+3])
+		buf.Write(comma)
+	}
+	buf.Truncate(buf.Len() - 1)
+
+	if len(parts) > 1 {
+		buf.Write([]byte{'.'})
+		buf.WriteString(parts[1])
+	}
+	return buf.String()
+}
+
+// CommafWithDigits works like the Commaf but limits the resulting
+// string to the given number of decimal places.
+//
+// e.g. CommafWithDigits(834142.32, 1) -> 834,142.3
+func CommafWithDigits(f float64, decimals int) string {
+	return stripTrailingDigits(Commaf(f), decimals)
+}
+
+// BigComma produces a string form of the given big.Int in base 10
+// with commas after every three orders of magnitude.
+func BigComma(b *big.Int) string {
+	sign := ""
+	if b.Sign() < 0 {
+		sign = "-"
+		b.Abs(b)
+	}
+
+	athousand := big.NewInt(1000)
+	c := (&big.Int{}).Set(b)
+	_, m := oom(c, athousand)
+	parts := make([]string, m+1)
+	j := len(parts) - 1
+
+	mod := &big.Int{}
+	for b.Cmp(athousand) >= 0 {
+		b.DivMod(b, athousand, mod)
+		parts[j] = strconv.FormatInt(mod.Int64(), 10)
+		switch len(parts[j]) {
+		case 2:
+			parts[j] = "0" + parts[j]
+		case 1:
+			parts[j] = "00" + parts[j]
+		}
+		j--
+	}
+	parts[j] = strconv.Itoa(int(b.Int64()))
+	return sign + strings.Join(parts[j:], ",")
+}

vendor/github.com/dustin/go-humanize/commaf.go

@@ -0,0 +1,41 @@
+//go:build go1.6
+// +build go1.6
+
+package humanize
+
+import (
+	"bytes"
+	"math/big"
+	"strings"
+)
+
+// BigCommaf produces a string form of the given big.Float in base 10
+// with commas after every three orders of magnitude.
+func BigCommaf(v *big.Float) string {
+	buf := &bytes.Buffer{}
+	if v.Sign() < 0 {
+		buf.Write([]byte{'-'})
+		v.Abs(v)
+	}
+
+	comma := []byte{','}
+
+	parts := strings.Split(v.Text('f', -1), ".")
+	pos := 0
+	if len(parts[0])%3 != 0 {
+		pos += len(parts[0]) % 3
+		buf.WriteString(parts[0][:pos])
+		buf.Write(comma)
+	}
+	for ; pos < len(parts[0]); pos += 3 {
+		buf.WriteString(parts[0][pos : pos+3])
+		buf.Write(comma)
+	}
+	buf.Truncate(buf.Len() - 1)
+
+	if len(parts) > 1 {
+		buf.Write([]byte{'.'})
+		buf.WriteString(parts[1])
+	}
+	return buf.String()
+}

vendor/github.com/dustin/go-humanize/ftoa.go

@@ -0,0 +1,49 @@
+package humanize
+
+import (
+	"strconv"
+	"strings"
+)
+
+func stripTrailingZeros(s string) string {
+	if !strings.ContainsRune(s, '.') {
+		return s
+	}
+	offset := len(s) - 1
+	for offset > 0 {
+		if s[offset] == '.' {
+			offset--
+			break
+		}
+		if s[offset] != '0' {
+			break
+		}
+		offset--
+	}
+	return s[:offset+1]
+}
+
+func stripTrailingDigits(s string, digits int) string {
+	if i := strings.Index(s, "."); i >= 0 {
+		if digits <= 0 {
+			return s[:i]
+		}
+		i++
+		if i+digits >= len(s) {
+			return s
+		}
+		return s[:i+digits]
+	}
+	return s
+}
+
+// Ftoa converts a float to a string with no trailing zeros.
+func Ftoa(num float64) string {
+	return stripTrailingZeros(strconv.FormatFloat(num, 'f', 6, 64))
+}
+
+// FtoaWithDigits converts a float to a string but limits the resulting string
+// to the given number of decimal places, and no trailing zeros.
+func FtoaWithDigits(num float64, digits int) string {
+	return stripTrailingZeros(stripTrailingDigits(strconv.FormatFloat(num, 'f', 6, 64), digits))
+}

vendor/github.com/dustin/go-humanize/humanize.go

@@ -0,0 +1,8 @@
+/*
+Package humanize converts boring ugly numbers to human-friendly strings and back.
+
+Durations can be turned into strings such as "3 days ago", numbers
+representing sizes like 82854982 into useful strings like, "83 MB" or
+"79 MiB" (whichever you prefer).
+*/
+package humanize

vendor/github.com/dustin/go-humanize/number.go

@@ -0,0 +1,192 @@
+package humanize
+
+/*
+Slightly adapted from the source to fit go-humanize.
+
+Author: https://github.com/gorhill
+Source: https://gist.github.com/gorhill/5285193
+
+*/
+
+import (
+	"math"
+	"strconv"
+)
+
+var (
+	renderFloatPrecisionMultipliers = [...]float64{
+		1,
+		10,
+		100,
+		1000,
+		10000,
+		100000,
+		1000000,
+		10000000,
+		100000000,
+		1000000000,
+	}
+
+	renderFloatPrecisionRounders = [...]float64{
+		0.5,
+		0.05,
+		0.005,
+		0.0005,
+		0.00005,
+		0.000005,
+		0.0000005,
+		0.00000005,
+		0.000000005,
+		0.0000000005,
+	}
+)
+
+// FormatFloat produces a formatted number as string based on the following user-specified criteria:
+// * thousands separator
+// * decimal separator
+// * decimal precision
+//
+// Usage: s := RenderFloat(format, n)
+// The format parameter tells how to render the number n.
+//
+// See examples: http://play.golang.org/p/LXc1Ddm1lJ
+//
+// Examples of format strings, given n = 12345.6789:
+// "#,###.##" => "12,345.67"
+// "#,###." => "12,345"
+// "#,###" => "12345,678"
+// "#\u202F###,##" => "12 345,68"
+// "#.###,###### => 12.345,678900
+// "" (aka default format) => 12,345.67
+//
+// The highest precision allowed is 9 digits after the decimal symbol.
+// There is also a version for integer number, FormatInteger(),
+// which is convenient for calls within template.
+func FormatFloat(format string, n float64) string {
+	// Special cases:
+	//   NaN = "NaN"
+	//   +Inf = "+Infinity"
+	//   -Inf = "-Infinity"
+	if math.IsNaN(n) {
+		return "NaN"
+	}
+	if n > math.MaxFloat64 {
+		return "Infinity"
+	}
+	if n < (0.0 - math.MaxFloat64) {
+		return "-Infinity"
+	}
+
+	// default format
+	precision := 2
+	decimalStr := "."
+	thousandStr := ","
+	positiveStr := ""
+	negativeStr := "-"
+
+	if len(format) > 0 {
+		format := []rune(format)
+
+		// If there is an explicit format directive,
+		// then default values are these:
+		precision = 9
+		thousandStr = ""
+
+		// collect indices of meaningful formatting directives
+		formatIndx := []int{}
+		for i, char := range format {
+			if char != '#' && char != '0' {
+				formatIndx = append(formatIndx, i)
+			}
+		}
+
+		if len(formatIndx) > 0 {
+			// Directive at index 0:
+			//   Must be a '+'
+			//   Raise an error if not the case
+			// index: 0123456789
+			//        +0.000,000
+			//        +000,000.0
+			//        +0000.00
+			//        +0000
+			if formatIndx[0] == 0 {
+				if format[formatIndx[0]] != '+' {
+					panic("RenderFloat(): invalid positive sign directive")
+				}
+				positiveStr = "+"
+				formatIndx = formatIndx[1:]
+			}
+
+			// Two directives:
+			//   First is thousands separator
+			//   Raise an error if not followed by 3-digit
+			// 0123456789
+			// 0.000,000
+			// 000,000.00
+			if len(formatIndx) == 2 {
+				if (formatIndx[1] - formatIndx[0]) != 4 {
+					panic("RenderFloat(): thousands separator directive must be followed by 3 digit-specifiers")
+				}
+				thousandStr = string(format[formatIndx[0]])
+				formatIndx = formatIndx[1:]
+			}
+
+			// One directive:
+			//   Directive is decimal separator
+			//   The number of digit-specifier following the separator indicates wanted precision
+			// 0123456789
+			// 0.00
+			// 000,0000
+			if len(formatIndx) == 1 {
+				decimalStr = string(format[formatIndx[0]])
+				precision = len(format) - formatIndx[0] - 1
+			}
+		}
+	}
+
+	// generate sign part
+	var signStr string
+	if n >= 0.000000001 {
+		signStr = positiveStr
+	} else if n <= -0.000000001 {
+		signStr = negativeStr
+		n = -n
+	} else {
+		signStr = ""
+		n = 0.0
+	}
+
+	// split number into integer and fractional parts
+	intf, fracf := math.Modf(n + renderFloatPrecisionRounders[precision])
+
+	// generate integer part string
+	intStr := strconv.FormatInt(int64(intf), 10)
+
+	// add thousand separator if required
+	if len(thousandStr) > 0 {
+		for i := len(intStr); i > 3; {
+			i -= 3
+			intStr = intStr[:i] + thousandStr + intStr[i:]
+		}
+	}
+
+	// no fractional part, we can leave now
+	if precision == 0 {
+		return signStr + intStr
+	}
+
+	// generate fractional part
+	fracStr := strconv.Itoa(int(fracf * renderFloatPrecisionMultipliers[precision]))
+	// may need padding
+	if len(fracStr) < precision {
+		fracStr = "000000000000000"[:precision-len(fracStr)] + fracStr
+	}
+
+	return signStr + intStr + decimalStr + fracStr
+}
+
+// FormatInteger produces a formatted number as string.
+// See FormatFloat.
+func FormatInteger(format string, n int) string {
+	return FormatFloat(format, float64(n))
+}

vendor/github.com/dustin/go-humanize/ordinals.go

@@ -0,0 +1,25 @@
+package humanize
+
+import "strconv"
+
+// Ordinal gives you the input number in a rank/ordinal format.
+//
+// Ordinal(3) -> 3rd
+func Ordinal(x int) string {
+	suffix := "th"
+	switch x % 10 {
+	case 1:
+		if x%100 != 11 {
+			suffix = "st"
+		}
+	case 2:
+		if x%100 != 12 {
+			suffix = "nd"
+		}
+	case 3:
+		if x%100 != 13 {
+			suffix = "rd"
+		}
+	}
+	return strconv.Itoa(x) + suffix
+}

vendor/github.com/dustin/go-humanize/si.go

@@ -0,0 +1,127 @@
+package humanize
+
+import (
+	"errors"
+	"math"
+	"regexp"
+	"strconv"
+)
+
+var siPrefixTable = map[float64]string{
+	-30: "q", // quecto
+	-27: "r", // ronto
+	-24: "y", // yocto
+	-21: "z", // zepto
+	-18: "a", // atto
+	-15: "f", // femto
+	-12: "p", // pico
+	-9:  "n", // nano
+	-6:  "µ", // micro
+	-3:  "m", // milli
+	0:   "",
+	3:   "k", // kilo
+	6:   "M", // mega
+	9:   "G", // giga
+	12:  "T", // tera
+	15:  "P", // peta
+	18:  "E", // exa
+	21:  "Z", // zetta
+	24:  "Y", // yotta
+	27:  "R", // ronna
+	30:  "Q", // quetta
+}
+
+var revSIPrefixTable = revfmap(siPrefixTable)
+
+// revfmap reverses the map and precomputes the power multiplier
+func revfmap(in map[float64]string) map[string]float64 {
+	rv := map[string]float64{}
+	for k, v := range in {
+		rv[v] = math.Pow(10, k)
+	}
+	return rv
+}
+
+var riParseRegex *regexp.Regexp
+
+func init() {
+	ri := `^([\-0-9.]+)\s?([`
+	for _, v := range siPrefixTable {
+		ri += v
+	}
+	ri += `]?)(.*)`
+
+	riParseRegex = regexp.MustCompile(ri)
+}
+
+// ComputeSI finds the most appropriate SI prefix for the given number
+// and returns the prefix along with the value adjusted to be within
+// that prefix.
+//
+// See also: SI, ParseSI.
+//
+// e.g. ComputeSI(2.2345e-12) -> (2.2345, "p")
+func ComputeSI(input float64) (float64, string) {
+	if input == 0 {
+		return 0, ""
+	}
+	mag := math.Abs(input)
+	exponent := math.Floor(logn(mag, 10))
+	exponent = math.Floor(exponent/3) * 3
+
+	value := mag / math.Pow(10, exponent)
+
+	// Handle special case where value is exactly 1000.0
+	// Should return 1 M instead of 1000 k
+	if value == 1000.0 {
+		exponent += 3
+		value = mag / math.Pow(10, exponent)
+	}
+
+	value = math.Copysign(value, input)
+
+	prefix := siPrefixTable[exponent]
+	return value, prefix
+}
+
+// SI returns a string with default formatting.
+//
+// SI uses Ftoa to format float value, removing trailing zeros.
+//
+// See also: ComputeSI, ParseSI.
+//
+// e.g. SI(1000000, "B") -> 1 MB
+// e.g. SI(2.2345e-12, "F") -> 2.2345 pF
+func SI(input float64, unit string) string {
+	value, prefix := ComputeSI(input)
+	return Ftoa(value) + " " + prefix + unit
+}
+
+// SIWithDigits works like SI but limits the resulting string to the
+// given number of decimal places.
+//
+// e.g. SIWithDigits(1000000, 0, "B") -> 1 MB
+// e.g. SIWithDigits(2.2345e-12, 2, "F") -> 2.23 pF
+func SIWithDigits(input float64, decimals int, unit string) string {
+	value, prefix := ComputeSI(input)
+	return FtoaWithDigits(value, decimals) + " " + prefix + unit
+}
+
+var errInvalid = errors.New("invalid input")
+
+// ParseSI parses an SI string back into the number and unit.
+//
+// See also: SI, ComputeSI.
+//
+// e.g. ParseSI("2.2345 pF") -> (2.2345e-12, "F", nil)
+func ParseSI(input string) (float64, string, error) {
+	found := riParseRegex.FindStringSubmatch(input)
+	if len(found) != 4 {
+		return 0, "", errInvalid
+	}
+	mag := revSIPrefixTable[found[2]]
+	unit := found[3]
+
+	base, err := strconv.ParseFloat(found[1], 64)
+	return base * mag, unit, err
+}

vendor/github.com/dustin/go-humanize/times.go

@@ -0,0 +1,117 @@
+package humanize
+
+import (
+	"fmt"
+	"math"
+	"sort"
+	"time"
+)
+
+// Seconds-based time units
+const (
+	Day      = 24 * time.Hour
+	Week     = 7 * Day
+	Month    = 30 * Day
+	Year     = 12 * Month
+	LongTime = 37 * Year
+)
+
+// Time formats a time into a relative string.
+//
+// Time(someT) -> "3 weeks ago"
+func Time(then time.Time) string {
+	return RelTime(then, time.Now(), "ago", "from now")
+}
+
+// A RelTimeMagnitude struct contains a relative time point at which
+// the relative format of time will switch to a new format string.  A
+// slice of these in ascending order by their "D" field is passed to
+// CustomRelTime to format durations.
+//
+// The Format field is a string that may contain a "%s" which will be
+// replaced with the appropriate signed label (e.g. "ago" or "from
+// now") and a "%d" that will be replaced by the quantity.
+//
+// The DivBy field is the amount of time the time difference must be
+// divided by in order to display correctly.
+//
+// e.g. if D is 2*time.Minute and you want to display "%d minutes %s"
+// DivBy should be time.Minute so whatever the duration is will be
+// expressed in minutes.
+type RelTimeMagnitude struct {
+	D      time.Duration
+	Format string
+	DivBy  time.Duration
+}
+
+var defaultMagnitudes = []RelTimeMagnitude{
+	{time.Second, "now", time.Second},
+	{2 * time.Second, "1 second %s", 1},
+	{time.Minute, "%d seconds %s", time.Second},
+	{2 * time.Minute, "1 minute %s", 1},
+	{time.Hour, "%d minutes %s", time.Minute},
+	{2 * time.Hour, "1 hour %s", 1},
+	{Day, "%d hours %s", time.Hour},
+	{2 * Day, "1 day %s", 1},
+	{Week, "%d days %s", Day},
+	{2 * Week, "1 week %s", 1},
+	{Month, "%d weeks %s", Week},
+	{2 * Month, "1 month %s", 1},
+	{Year, "%d months %s", Month},
+	{18 * Month, "1 year %s", 1},
+	{2 * Year, "2 years %s", 1},
+	{LongTime, "%d years %s", Year},
+	{math.MaxInt64, "a long while %s", 1},
+}
+
+// RelTime formats a time into a relative string.
+//
+// It takes two times and two labels.  In addition to the generic time
+// delta string (e.g. 5 minutes), the labels are used applied so that
+// the label corresponding to the smaller time is applied.
+//
+// RelTime(timeInPast, timeInFuture, "earlier", "later") -> "3 weeks earlier"
+func RelTime(a, b time.Time, albl, blbl string) string {
+	return CustomRelTime(a, b, albl, blbl, defaultMagnitudes)
+}
+
+// CustomRelTime formats a time into a relative string.
+//
+// It takes two times two labels and a table of relative time formats.
+// In addition to the generic time delta string (e.g. 5 minutes), the
+// labels are used applied so that the label corresponding to the
+// smaller time is applied.
+func CustomRelTime(a, b time.Time, albl, blbl string, magnitudes []RelTimeMagnitude) string {
+	lbl := albl
+	diff := b.Sub(a)
+
+	if a.After(b) {
+		lbl = blbl
+		diff = a.Sub(b)
+	}
+
+	n := sort.Search(len(magnitudes), func(i int) bool {
+		return magnitudes[i].D > diff
+	})
+
+	if n >= len(magnitudes) {
+		n = len(magnitudes) - 1
+	}
+	mag := magnitudes[n]
+	args := []interface{}{}
+	escaped := false
+	for _, ch := range mag.Format {
+		if escaped {
+			switch ch {
+			case 's':
+				args = append(args, lbl)
+			case 'd':
+				args = append(args, diff/mag.DivBy)
+			}
+			escaped = false
+		} else {
+			escaped = ch == '%'
+		}
+	}
+	return fmt.Sprintf(mag.Format, args...)
+}

vendor/github.com/fxamacker/cbor/v2/.gitignore

@@ -0,0 +1,12 @@
+# Binaries for programs and plugins
+*.exe
+*.exe~
+*.dll
+*.so
+*.dylib
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out

vendor/github.com/fxamacker/cbor/v2/.golangci.yml

@@ -0,0 +1,104 @@
+# Do not delete linter settings. Linters like gocritic can be enabled on the command line.
+
+linters-settings:
+  depguard:
+    rules:
+      prevent_unmaintained_packages:
+        list-mode: strict
+        files:
+          - $all
+          - "!$test"
+        allow:
+          - $gostd
+          - github.com/x448/float16
+        deny:
+          - pkg: io/ioutil
+            desc: "replaced by io and os packages since Go 1.16: https://tip.golang.org/doc/go1.16#ioutil"
+  dupl:
+    threshold: 100
+  funlen:
+    lines: 100
+    statements: 50
+  goconst:
+    ignore-tests: true
+    min-len: 2
+    min-occurrences: 3
+  gocritic:
+    enabled-tags:
+      - diagnostic
+      - experimental
+      - opinionated
+      - performance
+      - style
+    disabled-checks:
+      - commentedOutCode
+      - dupImport # https://github.com/go-critic/go-critic/issues/845
+      - ifElseChain
+      - octalLiteral
+      - paramTypeCombine
+      - whyNoLint
+  gofmt:
+    simplify: false
+  goimports:
+    local-prefixes: github.com/fxamacker/cbor
+  golint:
+    min-confidence: 0
+  govet:
+    check-shadowing: true
+  lll:
+    line-length: 140
+  maligned:
+    suggest-new: true
+  misspell:
+    locale: US
+  staticcheck:
+    checks: ["all"]
+
+linters:
+  disable-all: true
+  enable:
+    - asciicheck
+    - bidichk
+    - depguard
+    - errcheck
+    - exportloopref
+    - goconst
+    - gocritic
+    - gocyclo
+    - gofmt
+    - goimports
+    - goprintffuncname
+    - gosec
+    - gosimple
+    - govet
+    - ineffassign
+    - misspell
+    - nilerr
+    - revive
+    - staticcheck
+    - stylecheck
+    - typecheck
+    - unconvert
+    - unused
+
+issues:
+  # max-issues-per-linter default is 50.  Set to 0 to disable limit.
+  max-issues-per-linter: 0
+  # max-same-issues default is 3.  Set to 0 to disable limit.
+  max-same-issues: 0
+
+  exclude-rules:
+    - path: decode.go
+      text: "string ` overflows ` has (\\d+) occurrences, make it a constant"
+    - path: decode.go
+      text: "string ` \\(range is \\[` has (\\d+) occurrences, make it a constant"
+    - path: decode.go
+      text: "string `, ` has (\\d+) occurrences, make it a constant"
+    - path: decode.go
+      text: "string ` overflows Go's int64` has (\\d+) occurrences, make it a constant"
+    - path: decode.go
+      text: "string `\\]\\)` has (\\d+) occurrences, make it a constant"
+    - path: valid.go
+      text: "string ` for type ` has (\\d+) occurrences, make it a constant"
+    - path: valid.go
+      text: "string `cbor: ` has (\\d+) occurrences, make it a constant"

vendor/github.com/fxamacker/cbor/v2/CODE_OF_CONDUCT.md

@@ -0,0 +1,133 @@
+
+# Contributor Covenant Code of Conduct
+
+## Our Pledge
+
+We as members, contributors, and leaders pledge to make participation in our
+community a harassment-free experience for everyone, regardless of age, body
+size, visible or invisible disability, ethnicity, sex characteristics, gender
+identity and expression, level of experience, education, socio-economic status,
+nationality, personal appearance, race, caste, color, religion, or sexual
+identity and orientation.
+
+We pledge to act and interact in ways that contribute to an open, welcoming,
+diverse, inclusive, and healthy community.
+
+## Our Standards
+
+Examples of behavior that contributes to a positive environment for our
+community include:
+
+* Demonstrating empathy and kindness toward other people
+* Being respectful of differing opinions, viewpoints, and experiences
+* Giving and gracefully accepting constructive feedback
+* Accepting responsibility and apologizing to those affected by our mistakes,
+  and learning from the experience
+* Focusing on what is best not just for us as individuals, but for the overall
+  community
+
+Examples of unacceptable behavior include:
+
+* The use of sexualized language or imagery, and sexual attention or advances of
+  any kind
+* Trolling, insulting or derogatory comments, and personal or political attacks
+* Public or private harassment
+* Publishing others' private information, such as a physical or email address,
+  without their explicit permission
+* Other conduct which could reasonably be considered inappropriate in a
+  professional setting
+
+## Enforcement Responsibilities
+
+Community leaders are responsible for clarifying and enforcing our standards of
+acceptable behavior and will take appropriate and fair corrective action in
+response to any behavior that they deem inappropriate, threatening, offensive,
+or harmful.
+
+Community leaders have the right and responsibility to remove, edit, or reject
+comments, commits, code, wiki edits, issues, and other contributions that are
+not aligned to this Code of Conduct, and will communicate reasons for moderation
+decisions when appropriate.
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when
+an individual is officially representing the community in public spaces.
+Examples of representing our community include using an official e-mail address,
+posting via an official social media account, or acting as an appointed
+representative at an online or offline event.
+
+## Enforcement
+
+Instances of abusive, harassing, or otherwise unacceptable behavior may be
+reported to the community leaders responsible for enforcement at
+faye.github@gmail.com.
+All complaints will be reviewed and investigated promptly and fairly.
+
+All community leaders are obligated to respect the privacy and security of the
+reporter of any incident.
+
+## Enforcement Guidelines
+
+Community leaders will follow these Community Impact Guidelines in determining
+the consequences for any action they deem in violation of this Code of Conduct:
+
+### 1. Correction
+
+**Community Impact**: Use of inappropriate language or other behavior deemed
+unprofessional or unwelcome in the community.
+
+**Consequence**: A private, written warning from community leaders, providing
+clarity around the nature of the violation and an explanation of why the
+behavior was inappropriate. A public apology may be requested.
+
+### 2. Warning
+
+**Community Impact**: A violation through a single incident or series of
+actions.
+
+**Consequence**: A warning with consequences for continued behavior. No
+interaction with the people involved, including unsolicited interaction with
+those enforcing the Code of Conduct, for a specified period of time. This
+includes avoiding interactions in community spaces as well as external channels
+like social media. Violating these terms may lead to a temporary or permanent
+ban.
+
+### 3. Temporary Ban
+
+**Community Impact**: A serious violation of community standards, including
+sustained inappropriate behavior.
+
+**Consequence**: A temporary ban from any sort of interaction or public
+communication with the community for a specified period of time. No public or
+private interaction with the people involved, including unsolicited interaction
+with those enforcing the Code of Conduct, is allowed during this period.
+Violating these terms may lead to a permanent ban.
+
+### 4. Permanent Ban
+
+**Community Impact**: Demonstrating a pattern of violation of community
+standards, including sustained inappropriate behavior, harassment of an
+individual, or aggression toward or disparagement of classes of individuals.
+
+**Consequence**: A permanent ban from any sort of public interaction within the
+community.
+
+## Attribution
+
+This Code of Conduct is adapted from the [Contributor Covenant][homepage],
+version 2.1, available at
+[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+
+Community Impact Guidelines were inspired by
+[Mozilla's code of conduct enforcement ladder][Mozilla CoC].
+
+For answers to common questions about this code of conduct, see the FAQ at
+[https://www.contributor-covenant.org/faq][FAQ]. Translations are available at
+[https://www.contributor-covenant.org/translations][translations].
+
+[homepage]: https://www.contributor-covenant.org
+[v2.1]: https://www.contributor-covenant.org/version/2/1/code_of_conduct.html
+[Mozilla CoC]: https://github.com/mozilla/diversity
+[FAQ]: https://www.contributor-covenant.org/faq
+[translations]: https://www.contributor-covenant.org/translations