Update workflows for new GitHub Action Runner Images

.clang-tidy

@@ -20,7 +20,8 @@ Checks: '-*,
          readability-*,
          -readability-magic-numbers,
          -readability-braces-around-statements,
-         -readability-uppercase-literal-suffix'
+         -readability-uppercase-literal-suffix,
+         -misc-include-cleaner'
 
 CheckOptions:
   - key: readability-identifier-naming.TypedefCase

.github/actions/install/cmake/action.yml

@@ -12,7 +12,7 @@ runs:
   steps:
   - name: Cache CMake
     id: cache-cmake
-    uses: actions/cache@v3
+    uses: actions/cache@v4
     with:
       path: cmake-${{ inputs.version }}
       key: ${{ runner.name }}-${{ runner.os }}-${{ runner.arch }}-${{ job.container.id }}-cmake-${{ inputs.version }}

.github/workflows/cmake.yml

@@ -71,7 +71,7 @@ jobs:
           cmake --build .
 
   min-req:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - uses: ./.github/actions/install/cmake

.github/workflows/lint.yml

@@ -30,7 +30,7 @@ jobs:
           linter_name: clang-format
 
   cmake-format:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     strategy:
       fail-fast: false
       matrix:
@@ -48,9 +48,8 @@ jobs:
           linter_name: cmake-format
 
   clang-tidy:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
-      - run: sudo apt-get install clang-tidy
       - uses: lukka/get-cmake@latest
       - uses: actions/checkout@v4
       - name: configure
@@ -118,7 +117,7 @@ jobs:
           linter_name: render-tests
 
   line-ending:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v4
       - run: git add --renormalize .

README.md

@@ -49,11 +49,11 @@ A simple example is decoding a token and printing all of its [claims](https://to
 #include <iostream>
 
 int main() {
-    std::string token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCIsInNhbXBsZSI6InRlc3QifQ.lQm3N2bVlqt2-1L-FsOjtR6uE-L4E9zJutMWKIe1v1M";
+    std::string const token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCIsInNhbXBsZSI6InRlc3QifQ.lQm3N2bVlqt2-1L-FsOjtR6uE-L4E9zJutMWKIe1v1M";
     auto decoded = jwt::decode(token);
 
     for(auto& e : decoded.get_payload_json())
-        std::cout << e.first << " = " << e.second << std::endl;
+        std::cout << e.first << " = " << e.second << '\n';
 }
 ```
 

example/es256k.cpp

@@ -24,7 +24,7 @@ K9EDZi0mZ7VUeeNKq476CU5X940yusahgneePQrDMF2nWFEtBCOiXQ==
 					 .set_payload_claim("sample", jwt::claim(std::string{"test"}))
 					 .sign(jwt::algorithm::es256k(es256k_pub_key, es256k_priv_key, "", ""));
 
-	std::cout << "token:\n" << token << std::endl;
+	std::cout << "token:\n" << token << '\n';
 
 	auto verify = jwt::verify()
 					  .allow_algorithm(jwt::algorithm::es256k(es256k_pub_key, es256k_priv_key, "", ""))
@@ -35,7 +35,7 @@ K9EDZi0mZ7VUeeNKq476CU5X940yusahgneePQrDMF2nWFEtBCOiXQ==
 	verify.verify(decoded);
 
 	for (auto& e : decoded.get_header_json())
-		std::cout << e.first << " = " << e.second << std::endl;
+		std::cout << e.first << " = " << e.second << '\n';
 	for (auto& e : decoded.get_payload_json())
-		std::cout << e.first << " = " << e.second << std::endl;
+		std::cout << e.first << " = " << e.second << '\n';
 }

example/jwks-verify.cpp

@@ -111,7 +111,7 @@ ARS9Ln8Wh5RsFuw/Y7Grg8FsoAVzV/Pns4cwjZG75ezXfk4UVpr4oO4B5jzazzCR
 	auto x5c = jwk.get_x5c_key_value();
 
 	if (!x5c.empty() && !issuer.empty()) {
-		std::cout << "Verifying with 'x5c' key" << std::endl;
+		std::cout << "Verifying with 'x5c' key" << '\n';
 		auto verifier =
 			jwt::verify()
 				.allow_algorithm(jwt::algorithm::rs256(jwt::helper::convert_base64_der_to_pem(x5c), "", "", ""))
@@ -123,7 +123,7 @@ ARS9Ln8Wh5RsFuw/Y7Grg8FsoAVzV/Pns4cwjZG75ezXfk4UVpr4oO4B5jzazzCR
 	}
 	// else if the optional 'x5c' was not present
 	{
-		std::cout << "Verifying with RSA components" << std::endl;
+		std::cout << "Verifying with RSA components" << '\n';
 		const auto modulus = jwk.get_jwk_claim("n").as_string();
 		const auto exponent = jwk.get_jwk_claim("e").as_string();
 		auto verifier = jwt::verify()

example/partial-claim-verifier.cpp

@@ -4,7 +4,7 @@
 #include <iostream>
 
 int main() {
-	std::string rsa_priv_key = R"(-----BEGIN PRIVATE KEY-----
+	std::string const rsa_priv_key = R"(-----BEGIN PRIVATE KEY-----
 MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC4ZtdaIrd1BPIJ
 tfnF0TjIK5inQAXZ3XlCrUlJdP+XHwIRxdv1FsN12XyMYO/6ymLmo9ryoQeIrsXB
 XYqlET3zfAY+diwCb0HEsVvhisthwMU4gZQu6TYW2s9LnXZB5rVtcBK69hcSlA2k
@@ -44,9 +44,9 @@ rK0/Ikt5ybqUzKCMJZg2VKGTxg==
 					 .set_payload_claim("resource-access", role_claim)
 					 .sign(jwt::algorithm::rs256("", rsa_priv_key, "", ""));
 
-	std::cout << "token: " << token << std::endl;
+	std::cout << "token: " << token << '\n';
 
-	std::string rsa_pub_key = R"(-----BEGIN PUBLIC KEY-----
+	std::string const rsa_pub_key = R"(-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGbXWiK3dQTyCbX5xdE4
 yCuYp0AF2d15Qq1JSXT/lx8CEcXb9RbDddl8jGDv+spi5qPa8qEHiK7FwV2KpRE9
 83wGPnYsAm9BxLFb4YrLYcDFOIGULuk2FtrPS512Qea1bXASuvYXEpQNpGbnTGVs
@@ -59,9 +59,9 @@ YwIDAQAB
 	auto decoded = jwt::decode(token);
 
 	for (const auto& e : decoded.get_payload_json())
-		std::cout << e.first << " = " << e.second << std::endl;
+		std::cout << e.first << " = " << e.second << '\n';
 
-	std::cout << std::endl;
+	std::cout << '\n';
 
 	auto role_verifier = [](const jwt::verify_context& ctx, std::error_code& ec) {
 		using error = jwt::error::token_verification_error;
@@ -88,8 +88,8 @@ YwIDAQAB
 
 	try {
 		verifier.verify(decoded);
-		std::cout << "Success!" << std::endl;
-	} catch (const std::exception& ex) { std::cout << "Error: " << ex.what() << std::endl; }
+		std::cout << "Success!" << '\n';
+	} catch (const std::exception& ex) { std::cout << "Error: " << ex.what() << '\n'; }
 
 	return 0;
 }

example/print-claims.cpp

@@ -3,10 +3,11 @@
 #include <jwt-cpp/jwt.h>
 
 int main() {
-	std::string token = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCIsInNhbXBsZSI6InRlc3QifQ.lQm3N2bVlqt2-"
-						"1L-FsOjtR6uE-L4E9zJutMWKIe1v1M";
+	const std::string token =
+		"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCIsInNhbXBsZSI6InRlc3QifQ.lQm3N2bVlqt2-"
+		"1L-FsOjtR6uE-L4E9zJutMWKIe1v1M";
 	auto decoded = jwt::decode(token);
 
 	for (auto& e : decoded.get_payload_json())
-		std::cout << e.first << " = " << e.second << std::endl;
+		std::cout << e.first << " = " << e.second << '\n';
 }

example/private-claims.cpp

@@ -34,7 +34,7 @@ int main() {
 	const auto decoded = jwt::decode(token);
 
 	const auto api_array = decoded.get_payload_claim("object").to_json().get("api").get("array");
-	std::cout << "api array = " << api_array << std::endl;
+	std::cout << "api array = " << api_array << '\n';
 
 	/* [verify exact claim] */
 	jwt::verify()

example/rsa-create.cpp

@@ -3,7 +3,7 @@
 #include <jwt-cpp/jwt.h>
 
 int main() {
-	std::string rsa_priv_key = R"(-----BEGIN PRIVATE KEY-----
+	std::string const rsa_priv_key = R"(-----BEGIN PRIVATE KEY-----
 MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC4ZtdaIrd1BPIJ
 tfnF0TjIK5inQAXZ3XlCrUlJdP+XHwIRxdv1FsN12XyMYO/6ymLmo9ryoQeIrsXB
 XYqlET3zfAY+diwCb0HEsVvhisthwMU4gZQu6TYW2s9LnXZB5rVtcBK69hcSlA2k
@@ -41,5 +41,5 @@ rK0/Ikt5ybqUzKCMJZg2VKGTxg==
 					 .set_payload_claim("sample", jwt::claim(std::string{"test"}))
 					 .sign(jwt::algorithm::rs256("", rsa_priv_key, "", ""));
 
-	std::cout << "token:\n" << token << std::endl;
+	std::cout << "token:\n" << token << '\n';
 }

example/rsa-verify.cpp

@@ -3,7 +3,7 @@
 #include <jwt-cpp/jwt.h>
 
 int main() {
-	std::string rsa_pub_key = R"(-----BEGIN PUBLIC KEY-----
+	const std::string rsa_pub_key = R"(-----BEGIN PUBLIC KEY-----
 MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuGbXWiK3dQTyCbX5xdE4
 yCuYp0AF2d15Qq1JSXT/lx8CEcXb9RbDddl8jGDv+spi5qPa8qEHiK7FwV2KpRE9
 83wGPnYsAm9BxLFb4YrLYcDFOIGULuk2FtrPS512Qea1bXASuvYXEpQNpGbnTGVs
@@ -13,14 +13,14 @@ AziMCxS+VrRPDM+zfvpIJg3JljAh3PJHDiLu902v9w+Iplu1WyoB2aPfitxEhRN0
 YwIDAQAB
 -----END PUBLIC KEY-----)";
 
-	std::string token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9."
-						"VA2i1ui1cnoD6I3wnji1WAVCf29EekysvevGrT2GXqK1dDMc8"
-						"HAZCTQxa1Q8NppnpYV-hlqxh-X3Bb0JOePTGzjynpNZoJh2aHZD-"
-						"GKpZt7OO1Zp8AFWPZ3p8Cahq8536fD8RiBES9jRsvChZvOqA7gMcFc4"
-						"YD0iZhNIcI7a654u5yPYyTlf5kjR97prCf_OXWRn-bYY74zna4p_bP9oWCL4BkaoRcMxi-"
-						"IR7kmVcCnvbYqyIrKloXP2qPO442RBGqU7Ov9"
-						"sGQxiVqtRHKXZR9RbfvjrErY1KGiCp9M5i2bsUHadZEY44FE2jiOmx-"
-						"uc2z5c05CCXqVSpfCjWbh9gQ";
+	const std::string token = "eyJhbGciOiJSUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9."
+							  "VA2i1ui1cnoD6I3wnji1WAVCf29EekysvevGrT2GXqK1dDMc8"
+							  "HAZCTQxa1Q8NppnpYV-hlqxh-X3Bb0JOePTGzjynpNZoJh2aHZD-"
+							  "GKpZt7OO1Zp8AFWPZ3p8Cahq8536fD8RiBES9jRsvChZvOqA7gMcFc4"
+							  "YD0iZhNIcI7a654u5yPYyTlf5kjR97prCf_OXWRn-bYY74zna4p_bP9oWCL4BkaoRcMxi-"
+							  "IR7kmVcCnvbYqyIrKloXP2qPO442RBGqU7Ov9"
+							  "sGQxiVqtRHKXZR9RbfvjrErY1KGiCp9M5i2bsUHadZEY44FE2jiOmx-"
+							  "uc2z5c05CCXqVSpfCjWbh9gQ";
 
 	/* [allow rsa algorithm] */
 	auto verify = jwt::verify()
@@ -35,7 +35,7 @@ YwIDAQAB
 	verify.verify(decoded);
 
 	for (auto& e : decoded.get_header_json())
-		std::cout << e.first << " = " << e.second << std::endl;
+		std::cout << e.first << " = " << e.second << '\n';
 	for (auto& e : decoded.get_payload_json())
-		std::cout << e.first << " = " << e.second << std::endl;
+		std::cout << e.first << " = " << e.second << '\n';
 }

example/traits/boost-json.cpp

@@ -35,11 +35,11 @@ int main() {
 	const auto decoded = jwt::decode<traits>(token);
 
 	for (auto& e : decoded.get_header_json())
-		std::cout << e.key() << " = " << e.value() << std::endl;
+		std::cout << e.key() << " = " << e.value() << '\n';
 
 	const auto array =
 		traits::as_array(decoded.get_payload_claim("object").to_json().as_object()["api"].as_object()["array"]);
-	std::cout << "payload /object/api/array = " << array << std::endl;
+	std::cout << "payload /object/api/array = " << array << '\n';
 
 	jwt::verify<traits>()
 		.allow_algorithm(jwt::algorithm::none{})

example/traits/danielaparker-jsoncons.cpp

@@ -34,7 +34,7 @@ int main() {
 	const auto decoded = jwt::decode<traits>(token);
 
 	const auto array = traits::as_array(decoded.get_payload_claim("object").to_json()["api"]["array"]);
-	std::cout << "payload /object/api/array = " << jsoncons::pretty_print(traits::json(array)) << std::endl;
+	std::cout << "payload /object/api/array = " << jsoncons::pretty_print(traits::json(array)) << '\n';
 
 	jwt::verify<traits>()
 		.allow_algorithm(jwt::algorithm::none{})

example/traits/kazuho-picojson.cpp

@@ -34,7 +34,7 @@ int main() {
 	const auto decoded = jwt::decode<traits>(token);
 
 	const auto api_array = decoded.get_payload_claim("object").to_json().get("api").get("array");
-	std::cout << "api array = " << api_array << std::endl;
+	std::cout << "api array = " << api_array << '\n';
 
 	jwt::verify<traits>()
 		.allow_algorithm(jwt::algorithm::none{})

example/traits/nlohmann-json.cpp

@@ -34,7 +34,7 @@ int main() {
 	const auto decoded = jwt::decode<traits>(token);
 
 	const auto array = traits::as_array(decoded.get_payload_claim("object").to_json()["api"]["array"]);
-	std::cout << "payload /object/api/array = " << array << std::endl;
+	std::cout << "payload /object/api/array = " << array << '\n';
 
 	jwt::verify<traits>()
 		.allow_algorithm(jwt::algorithm::none{})

example/traits/open-source-parsers-jsoncpp.cpp

@@ -34,7 +34,7 @@ int main() {
 	const auto decoded = jwt::decode<traits>(token);
 
 	const auto array = traits::as_array(decoded.get_payload_claim("object").to_json()["api"]["array"]);
-	std::cout << "payload /object/api/array = " << array << std::endl;
+	std::cout << "payload /object/api/array = " << array << '\n';
 
 	jwt::verify<traits>()
 		.allow_algorithm(jwt::algorithm::none{})

include/jwt-cpp/jwt.h

@@ -1819,7 +1819,7 @@ namespace jwt {
 				ERR_clear_error();
 				if (EVP_DigestSignUpdate(ctx.get(), reinterpret_cast<const unsigned char*>(data.data()), data.size()) !=
 					1) {
-					std::cout << ERR_error_string(ERR_get_error(), NULL) << std::endl;
+					std::cout << ERR_error_string(ERR_get_error(), NULL) << '\n';
 					ec = error::signature_generation_error::signupdate_failed;
 					return {};
 				}

tests/ClaimTest.cpp

@@ -2,7 +2,7 @@
 #include <gtest/gtest.h>
 
 TEST(ClaimTest, AudienceAsString) {
-	std::string token =
+	std::string const token =
 		"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJ0ZXN0In0.WZnM3SIiSRHsbO3O7Z2bmIzTJ4EC32HRBKfLznHhrh4";
 	auto decoded = jwt::decode(token);
 
@@ -32,7 +32,7 @@ TEST(ClaimTest, SetAudienceAsString) {
 }
 
 TEST(ClaimTest, AudienceAsSet) {
-	std::string token = "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJhdWQiOlsidGVzdCIsInRlc3QyIl19.";
+	std::string const token = "eyJhbGciOiJub25lIiwidHlwIjoiSldUIn0.eyJhdWQiOlsidGVzdCIsInRlc3QyIl19.";
 	auto decoded = jwt::decode(token);
 
 	ASSERT_TRUE(decoded.has_algorithm());

tests/OpenSSLErrorTest.cpp

@@ -1084,7 +1084,7 @@ TEST(OpenSSLErrorTest, LoadPrivateKeyFromStringErrorCode) {
 
 #if !defined(LIBWOLFSSL_VERSION_HEX) || LIBWOLFSSL_VERSION_HEX > 0x05007000
 TEST(OpenSSLErrorTest, HMACSign) {
-	std::string token =
+	std::string const token =
 		"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXUyJ9.eyJpc3MiOiJhdXRoMCJ9.AbIJTDMFc7yUa5MhvcP03nJPyCPzZtQcGEp-zWfOkEE";
 
 	auto verify = jwt::verify().allow_algorithm(jwt::algorithm::hs256{"secret"}).with_issuer("auth0");

tests/TokenFormatTest.cpp

@@ -18,7 +18,7 @@ TEST(TokenFormatTest, InvalidJSON) {
 #include "jwt-cpp/traits/nlohmann-json/traits.h"
 
 TEST(TokenFormatTest, GitHubIssue341) {
-	std::string token =
+	std::string const token =
 		"eyJhbGciOiJFUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJjYXV0aDAiLCJleHAiOjE3MTMzODgxNjgsInN1YiI6InRlc3RfdXNlciJ9."
 		"dlAk0mSWk1Clzfi1PMq7Omxun3EyEqh-AAu-fTkpabA67ZKenawAQhZO8glY93flukpJCqHLVtukaes6ZSOjGw";
 	auto decoded = jwt::decoded_jwt<jwt::traits::nlohmann_json>(token);