debt: Upgraded dependencies

CHANGELOG/CHANGELOG-1.x.md

@@ -19,6 +19,20 @@ Date format: `YYYY-MM-DD`
 
 ---
 
+## [1.35.0] - 2025-09-10
+
+### Added
+### Changed
+- **debt:** Upgraded dependencies to their latest stable versions.
+- **debt:** Upgraded to [sixafter/nanoid@v1.50.0](https://github.com/sixafter/nanoid/releases/tag/v1.50.0).
+
+### Deprecated
+### Removed
+### Fixed
+### Security
+
+---
+
 ## [1.34.0] - 2025-09-09
 
 ### Added
@@ -579,7 +593,8 @@ Date format: `YYYY-MM-DD`
 ### Fixed
 ### Security
 
-[Unreleased]: https://github.com/sixafter/nanoid-cli/compare/v1.34.0...HEAD
+[Unreleased]: https://github.com/sixafter/nanoid-cli/compare/v1.35.0...HEAD
+[1.35.0]: https://github.com/sixafter/nanoid-cli/compare/v1.33.0...v1.34.0
 [1.34.0]: https://github.com/sixafter/nanoid-cli/compare/v1.33.0...v1.34.0
 [1.33.0]: https://github.com/sixafter/nanoid-cli/compare/v1.32.0...v1.33.0
 [1.32.0]: https://github.com/sixafter/nanoid-cli/compare/v1.31.2...v1.32.0

cmd/generate/generate.go

@@ -7,6 +7,7 @@ package generate
 
 import (
 	"bufio"
+	"crypto/fips140"
 	"fmt"
 	"math"
 	"runtime"
@@ -47,7 +48,7 @@ If --count is not specified, one Nano ID is generated.`,
 }
 
 // runGenerate is the main execution function for the generate command
-func runGenerate(cmd *cobra.Command, args []string) error {
+func runGenerate(cmd *cobra.Command, _ []string) error {
 	// Validate id-length
 	if idLength <= 0 {
 		return writeString(cmd, "--id-length must be a positive integer")
@@ -58,6 +59,10 @@ func runGenerate(cmd *cobra.Command, args []string) error {
 		return writeString(cmd, "--count must be a positive integer")
 	}
 
+	if fips140.Enabled() {
+		_, _ = fmt.Fprintln(cmd.OutOrStderr(), "FIPS 140 mode is enabled; Nano ID generation is using a FIPS 140 compliant AES-CTR DRBG source.")
+	}
+
 	// Configure the Nano ID generator using ConfigOptions
 	var configOpts []nanoid.Option
 	configOpts = append(configOpts, nanoid.WithLengthHint(uint16(idLength)))

cmd/generate/generate_test.go

@@ -8,6 +8,7 @@ package generate
 import (
 	"bufio"
 	"bytes"
+	"crypto/fips140"
 	"errors"
 	"fmt"
 	"strings"
@@ -175,3 +176,41 @@ func TestGenerateCommand_WriteString(t *testing.T) {
 	is.Contains(rawStderrBuf.String(), expectedOutput, "stderr should contain the error message")
 	is.ErrorContains(returnedErr, errMsg)
 }
+
+func runFIPSTest(t *testing.T, expectFIPS bool) {
+	is := assert.New(t)
+
+	if fips140.Enabled() != expectFIPS {
+		t.Skipf("FIPS mode expectation mismatch (got %v, want %v)", fips140.Enabled(), expectFIPS)
+	}
+
+	cmd := NewGenerateCommand()
+	cmd.SetArgs([]string{"--count", "1"})
+
+	var outBuf bytes.Buffer
+	var errBuf bytes.Buffer
+	cmd.SetOut(&outBuf)
+	cmd.SetErr(&errBuf)
+
+	err := cmd.Execute()
+	is.NoError(err)
+
+	stderr := errBuf.String()
+	if expectFIPS {
+		is.Contains(stderr, "FIPS 140 mode is enabled")
+	} else {
+		is.NotContains(stderr, "FIPS 140 mode is enabled")
+	}
+
+	output := strings.TrimSpace(outBuf.String())
+	is.NotEmpty(output)
+	is.Equal(21, len(output))
+}
+
+func TestFIPS140_On(t *testing.T) {
+	runFIPSTest(t, true)
+}
+
+func TestFIPS140_Off(t *testing.T) {
+	runFIPSTest(t, false)
+}

go.mod

@@ -9,7 +9,7 @@ go 1.25
 
 require (
 	github.com/dustin/go-humanize v1.0.1
-	github.com/sixafter/nanoid v1.49.0
+	github.com/sixafter/nanoid v1.50.0
 	github.com/sixafter/semver v1.7.0
 	github.com/spf13/cobra v1.10.1
 	github.com/stretchr/testify v1.11.1
@@ -19,6 +19,7 @@ require (
 	github.com/davecgh/go-spew v1.1.1 // indirect
 	github.com/inconshreveable/mousetrap v1.1.0 // indirect
 	github.com/pmezard/go-difflib v1.0.0 // indirect
+	github.com/sixafter/aes-ctr-drbg v1.8.0 // indirect
 	github.com/sixafter/prng-chacha v1.4.0 // indirect
 	github.com/spf13/pflag v1.0.10 // indirect
 	golang.org/x/crypto v0.42.0 // indirect

go.sum

@@ -10,8 +10,10 @@ github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLf
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/russross/blackfriday/v2 v2.1.0/go.mod h1:+Rmxgy9KzJVeS9/2gXHxylqXiyQDYRxCVz55jmeOWTM=
-github.com/sixafter/nanoid v1.49.0 h1:iNlPKeaPDCPAgldyl9sly7rOq9WgAKDSYxTy1Y4Qj3I=
-github.com/sixafter/nanoid v1.49.0/go.mod h1:7X8fUEqGRf+OGqEnOyIEBk7oWqOjx9Bvgtau43psWWo=
+github.com/sixafter/aes-ctr-drbg v1.8.0 h1:cwhSmyTw8U+P01Zm+1ky64vu3VKB1YCaAOTwRvsmNSo=
+github.com/sixafter/aes-ctr-drbg v1.8.0/go.mod h1:k0MnzFOGf7ks7ixN/N72wQAT/7u+lIknQWa7H9Iqew4=
+github.com/sixafter/nanoid v1.50.0 h1:UGZUdl75wmox1ZVXZ97d0siD4Czigs+RvEpjnVV7DeY=
+github.com/sixafter/nanoid v1.50.0/go.mod h1:lQw1S4YVwoSPQXH4SWDbsKtNY3i7nUHp6/Y5NS6pg9A=
 github.com/sixafter/prng-chacha v1.4.0 h1:24MWhVL1hAF759TnFANdV4+CqhZXOltPxZuWnmV/aFI=
 github.com/sixafter/prng-chacha v1.4.0/go.mod h1:/qgtGyz1ueWauLV6JgIi6a2BNc/9IkLWXL98U2GEM7o=
 github.com/sixafter/semver v1.7.0 h1:kz3RPsy92e/WRD6kYi9/r1zdmC768ne9S9586KRD5pg=