553 files changed, 21663 insertions, 5799 deletions

diff --git a/vendor/github.com/Microsoft/go-winio/README.md b/vendor/github.com/Microsoft/go-winio/README.md
index 5680010575..60c93fe506 100644
--- a/vendor/github.com/Microsoft/go-winio/README.md
+++ b/vendor/github.com/Microsoft/go-winio/README.md
@@ -1,4 +1,4 @@
-# go-winio
+# go-winio [![Build Status](https://github.com/microsoft/go-winio/actions/workflows/ci.yml/badge.svg)](https://github.com/microsoft/go-winio/actions/workflows/ci.yml)
 
 This repository contains utilities for efficiently performing Win32 IO operations in
 Go. Currently, this is focused on accessing named pipes and other file handles, and
diff --git a/vendor/github.com/ProtonMail/go-crypto/AUTHORS b/vendor/github.com/ProtonMail/go-crypto/AUTHORS
new file mode 100644
index 0000000000..2b00ddba0d
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/AUTHORS
@@ -0,0 +1,3 @@
+# This source code refers to The Go Authors for copyright purposes.
+# The master list of authors is in the main Go distribution,
+# visible at https://tip.golang.org/AUTHORS.
diff --git a/vendor/github.com/ProtonMail/go-crypto/CONTRIBUTORS b/vendor/github.com/ProtonMail/go-crypto/CONTRIBUTORS
new file mode 100644
index 0000000000..1fbd3e976f
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/CONTRIBUTORS
@@ -0,0 +1,3 @@
+# This source code was written by the Go contributors.
+# The master list of contributors is in the main Go distribution,
+# visible at https://tip.golang.org/CONTRIBUTORS.
diff --git a/vendor/github.com/ProtonMail/go-crypto/LICENSE b/vendor/github.com/ProtonMail/go-crypto/LICENSE
new file mode 100644
index 0000000000..6a66aea5ea
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/LICENSE
@@ -0,0 +1,27 @@
+Copyright (c) 2009 The Go Authors. All rights reserved.
+
+Redistribution and use in source and binary forms, with or without
+modification, are permitted provided that the following conditions are
+met:
+
+   * Redistributions of source code must retain the above copyright
+notice, this list of conditions and the following disclaimer.
+   * Redistributions in binary form must reproduce the above
+copyright notice, this list of conditions and the following disclaimer
+in the documentation and/or other materials provided with the
+distribution.
+   * Neither the name of Google Inc. nor the names of its
+contributors may be used to endorse or promote products derived from
+this software without specific prior written permission.
+
+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
+"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
+LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
+A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
+OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
+LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
+DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
+THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
+(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
+OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
diff --git a/vendor/github.com/ProtonMail/go-crypto/PATENTS b/vendor/github.com/ProtonMail/go-crypto/PATENTS
new file mode 100644
index 0000000000..733099041f
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/PATENTS
@@ -0,0 +1,22 @@
+Additional IP Rights Grant (Patents)
+
+"This implementation" means the copyrightable works distributed by
+Google as part of the Go project.
+
+Google hereby grants to You a perpetual, worldwide, non-exclusive,
+no-charge, royalty-free, irrevocable (except as stated in this section)
+patent license to make, have made, use, offer to sell, sell, import,
+transfer and otherwise run, modify and propagate the contents of this
+implementation of Go, where such license applies only to those patent
+claims, both currently owned or controlled by Google and acquired in
+the future, licensable by Google that are necessarily infringed by this
+implementation of Go.  This grant does not include claims that would be
+infringed only as a consequence of further modification of this
+implementation.  If you or your agent or exclusive licensee institute or
+order or agree to the institution of patent litigation against any
+entity (including a cross-claim or counterclaim in a lawsuit) alleging
+that this implementation of Go or any code incorporated within this
+implementation of Go constitutes direct or contributory patent
+infringement, or inducement of patent infringement, then any patent
+rights granted to you under this License for this implementation of Go
+shall terminate as of the date such litigation is filed.
diff --git a/vendor/github.com/ProtonMail/go-crypto/bitcurves/bitcurve.go b/vendor/github.com/ProtonMail/go-crypto/bitcurves/bitcurve.go
new file mode 100644
index 0000000000..3ed3f43573
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/bitcurves/bitcurve.go
@@ -0,0 +1,381 @@
+package bitcurves
+
+// Copyright 2010 The Go Authors. All rights reserved.
+// Copyright 2011 ThePiachu. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package bitelliptic implements several Koblitz elliptic curves over prime
+// fields.
+
+// This package operates, internally, on Jacobian coordinates. For a given
+// (x, y) position on the curve, the Jacobian coordinates are (x1, y1, z1)
+// where x = x1/z1² and y = y1/z1³. The greatest speedups come when the whole
+// calculation can be performed within the transform (as in ScalarMult and
+// ScalarBaseMult). But even for Add and Double, it's faster to apply and
+// reverse the transform than to operate in affine coordinates.
+
+import (
+	"crypto/elliptic"
+	"io"
+	"math/big"
+	"sync"
+)
+
+// A BitCurve represents a Koblitz Curve with a=0.
+// See http://www.hyperelliptic.org/EFD/g1p/auto-shortw.html
+type BitCurve struct {
+	Name    string
+	P       *big.Int // the order of the underlying field
+	N       *big.Int // the order of the base point
+	B       *big.Int // the constant of the BitCurve equation
+	Gx, Gy  *big.Int // (x,y) of the base point
+	BitSize int      // the size of the underlying field
+}
+
+// Params returns the parameters of the given BitCurve (see BitCurve struct)
+func (bitCurve *BitCurve) Params() (cp *elliptic.CurveParams) {
+	cp = new(elliptic.CurveParams)
+	cp.Name = bitCurve.Name
+	cp.P = bitCurve.P
+	cp.N = bitCurve.N
+	cp.Gx = bitCurve.Gx
+	cp.Gy = bitCurve.Gy
+	cp.BitSize = bitCurve.BitSize
+	return cp
+}
+
+// IsOnCurve returns true if the given (x,y) lies on the BitCurve.
+func (bitCurve *BitCurve) IsOnCurve(x, y *big.Int) bool {
+	// y² = x³ + b
+	y2 := new(big.Int).Mul(y, y) //y²
+	y2.Mod(y2, bitCurve.P)       //y²%P
+
+	x3 := new(big.Int).Mul(x, x) //x²
+	x3.Mul(x3, x)                //x³
+
+	x3.Add(x3, bitCurve.B) //x³+B
+	x3.Mod(x3, bitCurve.P) //(x³+B)%P
+
+	return x3.Cmp(y2) == 0
+}
+
+// affineFromJacobian reverses the Jacobian transform. See the comment at the
+// top of the file.
+func (bitCurve *BitCurve) affineFromJacobian(x, y, z *big.Int) (xOut, yOut *big.Int) {
+	if z.Cmp(big.NewInt(0)) == 0 {
+		panic("bitcurve: Can't convert to affine with Jacobian Z = 0")
+	}
+	// x = YZ^2 mod P
+	zinv := new(big.Int).ModInverse(z, bitCurve.P)
+	zinvsq := new(big.Int).Mul(zinv, zinv)
+
+	xOut = new(big.Int).Mul(x, zinvsq)
+	xOut.Mod(xOut, bitCurve.P)
+	// y = YZ^3 mod P
+	zinvsq.Mul(zinvsq, zinv)
+	yOut = new(big.Int).Mul(y, zinvsq)
+	yOut.Mod(yOut, bitCurve.P)
+	return xOut, yOut
+}
+
+// Add returns the sum of (x1,y1) and (x2,y2)
+func (bitCurve *BitCurve) Add(x1, y1, x2, y2 *big.Int) (*big.Int, *big.Int) {
+	z := new(big.Int).SetInt64(1)
+	x, y, z := bitCurve.addJacobian(x1, y1, z, x2, y2, z)
+	return bitCurve.affineFromJacobian(x, y, z)
+}
+
+// addJacobian takes two points in Jacobian coordinates, (x1, y1, z1) and
+// (x2, y2, z2) and returns their sum, also in Jacobian form.
+func (bitCurve *BitCurve) addJacobian(x1, y1, z1, x2, y2, z2 *big.Int) (*big.Int, *big.Int, *big.Int) {
+	// See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#addition-add-2007-bl
+	z1z1 := new(big.Int).Mul(z1, z1)
+	z1z1.Mod(z1z1, bitCurve.P)
+	z2z2 := new(big.Int).Mul(z2, z2)
+	z2z2.Mod(z2z2, bitCurve.P)
+
+	u1 := new(big.Int).Mul(x1, z2z2)
+	u1.Mod(u1, bitCurve.P)
+	u2 := new(big.Int).Mul(x2, z1z1)
+	u2.Mod(u2, bitCurve.P)
+	h := new(big.Int).Sub(u2, u1)
+	if h.Sign() == -1 {
+		h.Add(h, bitCurve.P)
+	}
+	i := new(big.Int).Lsh(h, 1)
+	i.Mul(i, i)
+	j := new(big.Int).Mul(h, i)
+
+	s1 := new(big.Int).Mul(y1, z2)
+	s1.Mul(s1, z2z2)
+	s1.Mod(s1, bitCurve.P)
+	s2 := new(big.Int).Mul(y2, z1)
+	s2.Mul(s2, z1z1)
+	s2.Mod(s2, bitCurve.P)
+	r := new(big.Int).Sub(s2, s1)
+	if r.Sign() == -1 {
+		r.Add(r, bitCurve.P)
+	}
+	r.Lsh(r, 1)
+	v := new(big.Int).Mul(u1, i)
+
+	x3 := new(big.Int).Set(r)
+	x3.Mul(x3, x3)
+	x3.Sub(x3, j)
+	x3.Sub(x3, v)
+	x3.Sub(x3, v)
+	x3.Mod(x3, bitCurve.P)
+
+	y3 := new(big.Int).Set(r)
+	v.Sub(v, x3)
+	y3.Mul(y3, v)
+	s1.Mul(s1, j)
+	s1.Lsh(s1, 1)
+	y3.Sub(y3, s1)
+	y3.Mod(y3, bitCurve.P)
+
+	z3 := new(big.Int).Add(z1, z2)
+	z3.Mul(z3, z3)
+	z3.Sub(z3, z1z1)
+	if z3.Sign() == -1 {
+		z3.Add(z3, bitCurve.P)
+	}
+	z3.Sub(z3, z2z2)
+	if z3.Sign() == -1 {
+		z3.Add(z3, bitCurve.P)
+	}
+	z3.Mul(z3, h)
+	z3.Mod(z3, bitCurve.P)
+
+	return x3, y3, z3
+}
+
+// Double returns 2*(x,y)
+func (bitCurve *BitCurve) Double(x1, y1 *big.Int) (*big.Int, *big.Int) {
+	z1 := new(big.Int).SetInt64(1)
+	return bitCurve.affineFromJacobian(bitCurve.doubleJacobian(x1, y1, z1))
+}
+
+// doubleJacobian takes a point in Jacobian coordinates, (x, y, z), and
+// returns its double, also in Jacobian form.
+func (bitCurve *BitCurve) doubleJacobian(x, y, z *big.Int) (*big.Int, *big.Int, *big.Int) {
+	// See http://hyperelliptic.org/EFD/g1p/auto-shortw-jacobian-0.html#doubling-dbl-2009-l
+
+	a := new(big.Int).Mul(x, x) //X1²
+	b := new(big.Int).Mul(y, y) //Y1²
+	c := new(big.Int).Mul(b, b) //B²
+
+	d := new(big.Int).Add(x, b) //X1+B
+	d.Mul(d, d)                 //(X1+B)²
+	d.Sub(d, a)                 //(X1+B)²-A
+	d.Sub(d, c)                 //(X1+B)²-A-C
+	d.Mul(d, big.NewInt(2))     //2*((X1+B)²-A-C)
+
+	e := new(big.Int).Mul(big.NewInt(3), a) //3*A
+	f := new(big.Int).Mul(e, e)             //E²
+
+	x3 := new(big.Int).Mul(big.NewInt(2), d) //2*D
+	x3.Sub(f, x3)                            //F-2*D
+	x3.Mod(x3, bitCurve.P)
+
+	y3 := new(big.Int).Sub(d, x3)                  //D-X3
+	y3.Mul(e, y3)                                  //E*(D-X3)
+	y3.Sub(y3, new(big.Int).Mul(big.NewInt(8), c)) //E*(D-X3)-8*C
+	y3.Mod(y3, bitCurve.P)
+
+	z3 := new(big.Int).Mul(y, z) //Y1*Z1
+	z3.Mul(big.NewInt(2), z3)    //3*Y1*Z1
+	z3.Mod(z3, bitCurve.P)
+
+	return x3, y3, z3
+}
+
+//TODO: double check if it is okay
+// ScalarMult returns k*(Bx,By) where k is a number in big-endian form.
+func (bitCurve *BitCurve) ScalarMult(Bx, By *big.Int, k []byte) (*big.Int, *big.Int) {
+	// We have a slight problem in that the identity of the group (the
+	// point at infinity) cannot be represented in (x, y) form on a finite
+	// machine. Thus the standard add/double algorithm has to be tweaked
+	// slightly: our initial state is not the identity, but x, and we
+	// ignore the first true bit in |k|.  If we don't find any true bits in
+	// |k|, then we return nil, nil, because we cannot return the identity
+	// element.
+
+	Bz := new(big.Int).SetInt64(1)
+	x := Bx
+	y := By
+	z := Bz
+
+	seenFirstTrue := false
+	for _, byte := range k {
+		for bitNum := 0; bitNum < 8; bitNum++ {
+			if seenFirstTrue {
+				x, y, z = bitCurve.doubleJacobian(x, y, z)
+			}
+			if byte&0x80 == 0x80 {
+				if !seenFirstTrue {
+					seenFirstTrue = true
+				} else {
+					x, y, z = bitCurve.addJacobian(Bx, By, Bz, x, y, z)
+				}
+			}
+			byte <<= 1
+		}
+	}
+
+	if !seenFirstTrue {
+		return nil, nil
+	}
+
+	return bitCurve.affineFromJacobian(x, y, z)
+}
+
+// ScalarBaseMult returns k*G, where G is the base point of the group and k is
+// an integer in big-endian form.
+func (bitCurve *BitCurve) ScalarBaseMult(k []byte) (*big.Int, *big.Int) {
+	return bitCurve.ScalarMult(bitCurve.Gx, bitCurve.Gy, k)
+}
+
+var mask = []byte{0xff, 0x1, 0x3, 0x7, 0xf, 0x1f, 0x3f, 0x7f}
+
+//TODO: double check if it is okay
+// GenerateKey returns a public/private key pair. The private key is generated
+// using the given reader, which must return random data.
+func (bitCurve *BitCurve) GenerateKey(rand io.Reader) (priv []byte, x, y *big.Int, err error) {
+	byteLen := (bitCurve.BitSize + 7) >> 3
+	priv = make([]byte, byteLen)
+
+	for x == nil {
+		_, err = io.ReadFull(rand, priv)
+		if err != nil {
+			return
+		}
+		// We have to mask off any excess bits in the case that the size of the
+		// underlying field is not a whole number of bytes.
+		priv[0] &= mask[bitCurve.BitSize%8]
+		// This is because, in tests, rand will return all zeros and we don't
+		// want to get the point at infinity and loop forever.
+		priv[1] ^= 0x42
+		x, y = bitCurve.ScalarBaseMult(priv)
+	}
+	return
+}
+
+// Marshal converts a point into the form specified in section 4.3.6 of ANSI
+// X9.62.
+func (bitCurve *BitCurve) Marshal(x, y *big.Int) []byte {
+	byteLen := (bitCurve.BitSize + 7) >> 3
+
+	ret := make([]byte, 1+2*byteLen)
+	ret[0] = 4 // uncompressed point
+
+	xBytes := x.Bytes()
+	copy(ret[1+byteLen-len(xBytes):], xBytes)
+	yBytes := y.Bytes()
+	copy(ret[1+2*byteLen-len(yBytes):], yBytes)
+	return ret
+}
+
+// Unmarshal converts a point, serialised by Marshal, into an x, y pair. On
+// error, x = nil.
+func (bitCurve *BitCurve) Unmarshal(data []byte) (x, y *big.Int) {
+	byteLen := (bitCurve.BitSize + 7) >> 3
+	if len(data) != 1+2*byteLen {
+		return
+	}
+	if data[0] != 4 { // uncompressed form
+		return
+	}
+	x = new(big.Int).SetBytes(data[1 : 1+byteLen])
+	y = new(big.Int).SetBytes(data[1+byteLen:])
+	return
+}
+
+//curve parameters taken from:
+//http://www.secg.org/collateral/sec2_final.pdf
+
+var initonce sync.Once
+var secp160k1 *BitCurve
+var secp192k1 *BitCurve
+var secp224k1 *BitCurve
+var secp256k1 *BitCurve
+
+func initAll() {
+	initS160()
+	initS192()
+	initS224()
+	initS256()
+}
+
+func initS160() {
+	// See SEC 2 section 2.4.1
+	secp160k1 = new(BitCurve)
+	secp160k1.Name = "secp160k1"
+	secp160k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73", 16)
+	secp160k1.N, _ = new(big.Int).SetString("0100000000000000000001B8FA16DFAB9ACA16B6B3", 16)
+	secp160k1.B, _ = new(big.Int).SetString("0000000000000000000000000000000000000007", 16)
+	secp160k1.Gx, _ = new(big.Int).SetString("3B4C382CE37AA192A4019E763036F4F5DD4D7EBB", 16)
+	secp160k1.Gy, _ = new(big.Int).SetString("938CF935318FDCED6BC28286531733C3F03C4FEE", 16)
+	secp160k1.BitSize = 160
+}
+
+func initS192() {
+	// See SEC 2 section 2.5.1
+	secp192k1 = new(BitCurve)
+	secp192k1.Name = "secp192k1"
+	secp192k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37", 16)
+	secp192k1.N, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D", 16)
+	secp192k1.B, _ = new(big.Int).SetString("000000000000000000000000000000000000000000000003", 16)
+	secp192k1.Gx, _ = new(big.Int).SetString("DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D", 16)
+	secp192k1.Gy, _ = new(big.Int).SetString("9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D", 16)
+	secp192k1.BitSize = 192
+}
+
+func initS224() {
+	// See SEC 2 section 2.6.1
+	secp224k1 = new(BitCurve)
+	secp224k1.Name = "secp224k1"
+	secp224k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D", 16)
+	secp224k1.N, _ = new(big.Int).SetString("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7", 16)
+	secp224k1.B, _ = new(big.Int).SetString("00000000000000000000000000000000000000000000000000000005", 16)
+	secp224k1.Gx, _ = new(big.Int).SetString("A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C", 16)
+	secp224k1.Gy, _ = new(big.Int).SetString("7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5", 16)
+	secp224k1.BitSize = 224
+}
+
+func initS256() {
+	// See SEC 2 section 2.7.1
+	secp256k1 = new(BitCurve)
+	secp256k1.Name = "secp256k1"
+	secp256k1.P, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F", 16)
+	secp256k1.N, _ = new(big.Int).SetString("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141", 16)
+	secp256k1.B, _ = new(big.Int).SetString("0000000000000000000000000000000000000000000000000000000000000007", 16)
+	secp256k1.Gx, _ = new(big.Int).SetString("79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798", 16)
+	secp256k1.Gy, _ = new(big.Int).SetString("483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8", 16)
+	secp256k1.BitSize = 256
+}
+
+// S160 returns a BitCurve which implements secp160k1 (see SEC 2 section 2.4.1)
+func S160() *BitCurve {
+	initonce.Do(initAll)
+	return secp160k1
+}
+
+// S192 returns a BitCurve which implements secp192k1 (see SEC 2 section 2.5.1)
+func S192() *BitCurve {
+	initonce.Do(initAll)
+	return secp192k1
+}
+
+// S224 returns a BitCurve which implements secp224k1 (see SEC 2 section 2.6.1)
+func S224() *BitCurve {
+	initonce.Do(initAll)
+	return secp224k1
+}
+
+// S256 returns a BitCurve which implements bitcurves (see SEC 2 section 2.7.1)
+func S256() *BitCurve {
+	initonce.Do(initAll)
+	return secp256k1
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/brainpool/brainpool.go b/vendor/github.com/ProtonMail/go-crypto/brainpool/brainpool.go
new file mode 100644
index 0000000000..77fb8b9a04
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/brainpool/brainpool.go
@@ -0,0 +1,134 @@
+// Package brainpool implements Brainpool elliptic curves.
+// Implementation of rcurves is from github.com/ebfe/brainpool
+// Note that these curves are implemented with naive, non-constant time operations
+// and are likely not suitable for enviroments where timing attacks are a concern.
+package brainpool
+
+import (
+	"crypto/elliptic"
+	"math/big"
+	"sync"
+)
+
+var (
+	once                   sync.Once
+	p256t1, p384t1, p512t1 *elliptic.CurveParams
+	p256r1, p384r1, p512r1 *rcurve
+)
+
+func initAll() {
+	initP256t1()
+	initP384t1()
+	initP512t1()
+	initP256r1()
+	initP384r1()
+	initP512r1()
+}
+
+func initP256t1() {
+	p256t1 = &elliptic.CurveParams{Name: "brainpoolP256t1"}
+	p256t1.P, _ = new(big.Int).SetString("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16)
+	p256t1.N, _ = new(big.Int).SetString("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16)
+	p256t1.B, _ = new(big.Int).SetString("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16)
+	p256t1.Gx, _ = new(big.Int).SetString("A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F4", 16)
+	p256t1.Gy, _ = new(big.Int).SetString("2D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE", 16)
+	p256t1.BitSize = 256
+}
+
+func initP256r1() {
+	twisted := p256t1
+	params := &elliptic.CurveParams{
+		Name:    "brainpoolP256r1",
+		P:       twisted.P,
+		N:       twisted.N,
+		BitSize: twisted.BitSize,
+	}
+	params.Gx, _ = new(big.Int).SetString("8BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262", 16)
+	params.Gy, _ = new(big.Int).SetString("547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997", 16)
+	z, _ := new(big.Int).SetString("3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0", 16)
+	p256r1 = newrcurve(twisted, params, z)
+}
+
+func initP384t1() {
+	p384t1 = &elliptic.CurveParams{Name: "brainpoolP384t1"}
+	p384t1.P, _ = new(big.Int).SetString("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16)
+	p384t1.N, _ = new(big.Int).SetString("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16)
+	p384t1.B, _ = new(big.Int).SetString("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16)
+	p384t1.Gx, _ = new(big.Int).SetString("18DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC", 16)
+	p384t1.Gy, _ = new(big.Int).SetString("25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928", 16)
+	p384t1.BitSize = 384
+}
+
+func initP384r1() {
+	twisted := p384t1
+	params := &elliptic.CurveParams{
+		Name:    "brainpoolP384r1",
+		P:       twisted.P,
+		N:       twisted.N,
+		BitSize: twisted.BitSize,
+	}
+	params.Gx, _ = new(big.Int).SetString("1D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E", 16)
+	params.Gy, _ = new(big.Int).SetString("8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315", 16)
+	z, _ := new(big.Int).SetString("41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C", 16)
+	p384r1 = newrcurve(twisted, params, z)
+}
+
+func initP512t1() {
+	p512t1 = &elliptic.CurveParams{Name: "brainpoolP512t1"}
+	p512t1.P, _ = new(big.Int).SetString("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16)
+	p512t1.N, _ = new(big.Int).SetString("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16)
+	p512t1.B, _ = new(big.Int).SetString("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16)
+	p512t1.Gx, _ = new(big.Int).SetString("640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA", 16)
+	p512t1.Gy, _ = new(big.Int).SetString("5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332", 16)
+	p512t1.BitSize = 512
+}
+
+func initP512r1() {
+	twisted := p512t1
+	params := &elliptic.CurveParams{
+		Name:    "brainpoolP512r1",
+		P:       twisted.P,
+		N:       twisted.N,
+		BitSize: twisted.BitSize,
+	}
+	params.Gx, _ = new(big.Int).SetString("81AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F822", 16)
+	params.Gy, _ = new(big.Int).SetString("7DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892", 16)
+	z, _ := new(big.Int).SetString("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB", 16)
+	p512r1 = newrcurve(twisted, params, z)
+}
+
+// P256t1 returns a Curve which implements Brainpool P256t1 (see RFC 5639, section 3.4)
+func P256t1() elliptic.Curve {
+	once.Do(initAll)
+	return p256t1
+}
+
+// P256r1 returns a Curve which implements Brainpool P256r1 (see RFC 5639, section 3.4)
+func P256r1() elliptic.Curve {
+	once.Do(initAll)
+	return p256r1
+}
+
+// P384t1 returns a Curve which implements Brainpool P384t1 (see RFC 5639, section 3.6)
+func P384t1() elliptic.Curve {
+	once.Do(initAll)
+	return p384t1
+}
+
+// P384r1 returns a Curve which implements Brainpool P384r1 (see RFC 5639, section 3.6)
+func P384r1() elliptic.Curve {
+	once.Do(initAll)
+	return p384r1
+}
+
+// P512t1 returns a Curve which implements Brainpool P512t1 (see RFC 5639, section 3.7)
+func P512t1() elliptic.Curve {
+	once.Do(initAll)
+	return p512t1
+}
+
+// P512r1 returns a Curve which implements Brainpool P512r1 (see RFC 5639, section 3.7)
+func P512r1() elliptic.Curve {
+	once.Do(initAll)
+	return p512r1
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/brainpool/rcurve.go b/vendor/github.com/ProtonMail/go-crypto/brainpool/rcurve.go
new file mode 100644
index 0000000000..2d5355085f
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/brainpool/rcurve.go
@@ -0,0 +1,83 @@
+package brainpool
+
+import (
+	"crypto/elliptic"
+	"math/big"
+)
+
+var _ elliptic.Curve = (*rcurve)(nil)
+
+type rcurve struct {
+	twisted elliptic.Curve
+	params  *elliptic.CurveParams
+	z       *big.Int
+	zinv    *big.Int
+	z2      *big.Int
+	z3      *big.Int
+	zinv2   *big.Int
+	zinv3   *big.Int
+}
+
+var (
+	two   = big.NewInt(2)
+	three = big.NewInt(3)
+)
+
+func newrcurve(twisted elliptic.Curve, params *elliptic.CurveParams, z *big.Int) *rcurve {
+	zinv := new(big.Int).ModInverse(z, params.P)
+	return &rcurve{
+		twisted: twisted,
+		params:  params,
+		z:       z,
+		zinv:    zinv,
+		z2:      new(big.Int).Exp(z, two, params.P),
+		z3:      new(big.Int).Exp(z, three, params.P),
+		zinv2:   new(big.Int).Exp(zinv, two, params.P),
+		zinv3:   new(big.Int).Exp(zinv, three, params.P),
+	}
+}
+
+func (curve *rcurve) toTwisted(x, y *big.Int) (*big.Int, *big.Int) {
+	var tx, ty big.Int
+	tx.Mul(x, curve.z2)
+	tx.Mod(&tx, curve.params.P)
+	ty.Mul(y, curve.z3)
+	ty.Mod(&ty, curve.params.P)
+	return &tx, &ty
+}
+
+func (curve *rcurve) fromTwisted(tx, ty *big.Int) (*big.Int, *big.Int) {
+	var x, y big.Int
+	x.Mul(tx, curve.zinv2)
+	x.Mod(&x, curve.params.P)
+	y.Mul(ty, curve.zinv3)
+	y.Mod(&y, curve.params.P)
+	return &x, &y
+}
+
+func (curve *rcurve) Params() *elliptic.CurveParams {
+	return curve.params
+}
+
+func (curve *rcurve) IsOnCurve(x, y *big.Int) bool {
+	return curve.twisted.IsOnCurve(curve.toTwisted(x, y))
+}
+
+func (curve *rcurve) Add(x1, y1, x2, y2 *big.Int) (x, y *big.Int) {
+	tx1, ty1 := curve.toTwisted(x1, y1)
+	tx2, ty2 := curve.toTwisted(x2, y2)
+	return curve.fromTwisted(curve.twisted.Add(tx1, ty1, tx2, ty2))
+}
+
+func (curve *rcurve) Double(x1, y1 *big.Int) (x, y *big.Int) {
+	return curve.fromTwisted(curve.twisted.Double(curve.toTwisted(x1, y1)))
+}
+
+func (curve *rcurve) ScalarMult(x1, y1 *big.Int, scalar []byte) (x, y *big.Int) {
+	tx1, ty1 := curve.toTwisted(x1, y1)
+	return curve.fromTwisted(curve.twisted.ScalarMult(tx1, ty1, scalar))
+}
+
+func (curve *rcurve) ScalarBaseMult(scalar []byte) (x, y *big.Int) {
+	return curve.fromTwisted(curve.twisted.ScalarBaseMult(scalar))
+}
\ No newline at end of file
diff --git a/vendor/github.com/ProtonMail/go-crypto/eax/eax.go b/vendor/github.com/ProtonMail/go-crypto/eax/eax.go
new file mode 100644
index 0000000000..6b6bc7aed0
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/eax/eax.go
@@ -0,0 +1,162 @@
+// Copyright (C) 2019 ProtonTech AG
+
+// Package eax provides an implementation of the EAX
+// (encrypt-authenticate-translate) mode of operation, as described in
+// Bellare, Rogaway, and Wagner "THE EAX MODE OF OPERATION: A TWO-PASS
+// AUTHENTICATED-ENCRYPTION SCHEME OPTIMIZED FOR SIMPLICITY AND EFFICIENCY."
+// In FSE'04, volume 3017 of LNCS, 2004
+package eax
+
+import (
+	"crypto/cipher"
+	"crypto/subtle"
+	"errors"
+	"github.com/ProtonMail/go-crypto/internal/byteutil"
+)
+
+const (
+	defaultTagSize   = 16
+	defaultNonceSize = 16
+)
+
+type eax struct {
+	block     cipher.Block // Only AES-{128, 192, 256} supported
+	tagSize   int          // At least 12 bytes recommended
+	nonceSize int
+}
+
+func (e *eax) NonceSize() int {
+	return e.nonceSize
+}
+
+func (e *eax) Overhead() int {
+	return e.tagSize
+}
+
+// NewEAX returns an EAX instance with AES-{KEYLENGTH} and default nonce and
+// tag lengths. Supports {128, 192, 256}- bit key length.
+func NewEAX(block cipher.Block) (cipher.AEAD, error) {
+	return NewEAXWithNonceAndTagSize(block, defaultNonceSize, defaultTagSize)
+}
+
+// NewEAXWithNonceAndTagSize returns an EAX instance with AES-{keyLength} and
+// given nonce and tag lengths in bytes. Panics on zero nonceSize and
+// exceedingly long tags.
+//
+// It is recommended to use at least 12 bytes as tag length (see, for instance,
+// NIST SP 800-38D).
+//
+// Only to be used for compatibility with existing cryptosystems with
+// non-standard parameters. For all other cases, prefer NewEAX.
+func NewEAXWithNonceAndTagSize(
+	block cipher.Block, nonceSize, tagSize int) (cipher.AEAD, error) {
+	if nonceSize < 1 {
+		return nil, eaxError("Cannot initialize EAX with nonceSize = 0")
+	}
+	if tagSize > block.BlockSize() {
+		return nil, eaxError("Custom tag length exceeds blocksize")
+	}
+	return &eax{
+		block:     block,
+		tagSize:   tagSize,
+		nonceSize: nonceSize,
+	}, nil
+}
+
+func (e *eax) Seal(dst, nonce, plaintext, adata []byte) []byte {
+	if len(nonce) > e.nonceSize {
+		panic("crypto/eax: Nonce too long for this instance")
+	}
+	ret, out := byteutil.SliceForAppend(dst, len(plaintext) + e.tagSize)
+	omacNonce := e.omacT(0, nonce)
+	omacAdata := e.omacT(1, adata)
+
+	// Encrypt message using CTR mode and omacNonce as IV
+	ctr := cipher.NewCTR(e.block, omacNonce)
+	ciphertextData := out[:len(plaintext)]
+	ctr.XORKeyStream(ciphertextData, plaintext)
+
+	omacCiphertext := e.omacT(2, ciphertextData)
+
+	tag := out[len(plaintext):]
+	for i := 0; i < e.tagSize; i++ {
+		tag[i] = omacCiphertext[i] ^ omacNonce[i] ^ omacAdata[i]
+	}
+	return ret
+}
+
+func (e* eax) Open(dst, nonce, ciphertext, adata []byte) ([]byte, error) {
+	if len(nonce) > e.nonceSize {
+		panic("crypto/eax: Nonce too long for this instance")
+	}
+	if len(ciphertext) < e.tagSize {
+		return nil, eaxError("Ciphertext shorter than tag length")
+	}
+	sep := len(ciphertext) - e.tagSize
+
+	// Compute tag
+	omacNonce := e.omacT(0, nonce)
+	omacAdata := e.omacT(1, adata)
+	omacCiphertext := e.omacT(2, ciphertext[:sep])
+
+	tag := make([]byte, e.tagSize)
+	for i := 0; i < e.tagSize; i++ {
+		tag[i] = omacCiphertext[i] ^ omacNonce[i] ^ omacAdata[i]
+	}
+
+	// Compare tags
+	if subtle.ConstantTimeCompare(ciphertext[sep:], tag) != 1 {
+		return nil, eaxError("Tag authentication failed")
+	}
+
+	// Decrypt ciphertext
+	ret, out := byteutil.SliceForAppend(dst, len(ciphertext))
+	ctr := cipher.NewCTR(e.block, omacNonce)
+	ctr.XORKeyStream(out, ciphertext[:sep])
+
+	return ret[:sep], nil
+}
+
+// Tweakable OMAC - Calls OMAC_K([t]_n || plaintext)
+func (e *eax) omacT(t byte, plaintext []byte) []byte {
+	blockSize := e.block.BlockSize()
+	byteT := make([]byte, blockSize)
+	byteT[blockSize-1] = t
+	concat := append(byteT, plaintext...)
+	return e.omac(concat)
+}
+
+func (e *eax) omac(plaintext []byte) []byte {
+	blockSize := e.block.BlockSize()
+	// L ← E_K(0^n); B ← 2L; P ← 4L
+	L := make([]byte, blockSize)
+	e.block.Encrypt(L, L)
+	B := byteutil.GfnDouble(L)
+	P := byteutil.GfnDouble(B)
+
+	// CBC with IV = 0
+	cbc := cipher.NewCBCEncrypter(e.block, make([]byte, blockSize))
+	padded := e.pad(plaintext, B, P)
+	cbcCiphertext := make([]byte, len(padded))
+	cbc.CryptBlocks(cbcCiphertext, padded)
+
+	return cbcCiphertext[len(cbcCiphertext)-blockSize:]
+}
+
+func (e *eax) pad(plaintext, B, P []byte) []byte {
+	// if |M| in {n, 2n, 3n, ...}
+	blockSize := e.block.BlockSize()
+	if len(plaintext) != 0 && len(plaintext)%blockSize == 0 {
+		return byteutil.RightXor(plaintext, B)
+	}
+
+	// else return (M || 1 || 0^(n−1−(|M| % n))) xor→ P
+	ending := make([]byte, blockSize-len(plaintext)%blockSize)
+	ending[0] = 0x80
+	padded := append(plaintext, ending...)
+	return byteutil.RightXor(padded, P)
+}
+
+func eaxError(err string) error {
+	return errors.New("crypto/eax: " + err)
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/eax/eax_test_vectors.go b/vendor/github.com/ProtonMail/go-crypto/eax/eax_test_vectors.go
new file mode 100644
index 0000000000..ddb53d0790
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/eax/eax_test_vectors.go
@@ -0,0 +1,58 @@
+package eax
+
+// Test vectors from
+// https://web.cs.ucdavis.edu/~rogaway/papers/eax.pdf
+var testVectors = []struct {
+	msg, key, nonce, header, ciphertext string
+}{
+	{"",
+		"233952DEE4D5ED5F9B9C6D6FF80FF478",
+		"62EC67F9C3A4A407FCB2A8C49031A8B3",
+		"6BFB914FD07EAE6B",
+		"E037830E8389F27B025A2D6527E79D01"},
+	{"F7FB",
+		"91945D3F4DCBEE0BF45EF52255F095A4",
+		"BECAF043B0A23D843194BA972C66DEBD",
+		"FA3BFD4806EB53FA",
+		"19DD5C4C9331049D0BDAB0277408F67967E5"},
+	{"1A47CB4933",
+		"01F74AD64077F2E704C0F60ADA3DD523",
+		"70C3DB4F0D26368400A10ED05D2BFF5E",
+		"234A3463C1264AC6",
+		"D851D5BAE03A59F238A23E39199DC9266626C40F80"},
+	{"481C9E39B1",
+		"D07CF6CBB7F313BDDE66B727AFD3C5E8",
+		"8408DFFF3C1A2B1292DC199E46B7D617",
+		"33CCE2EABFF5A79D",
+		"632A9D131AD4C168A4225D8E1FF755939974A7BEDE"},
+	{"40D0C07DA5E4",
+		"35B6D0580005BBC12B0587124557D2C2",
+		"FDB6B06676EEDC5C61D74276E1F8E816",
+		"AEB96EAEBE2970E9",
+		"071DFE16C675CB0677E536F73AFE6A14B74EE49844DD"},
+	{"4DE3B35C3FC039245BD1FB7D",
+		"BD8E6E11475E60B268784C38C62FEB22",
+		"6EAC5C93072D8E8513F750935E46DA1B",
+		"D4482D1CA78DCE0F",
+		"835BB4F15D743E350E728414ABB8644FD6CCB86947C5E10590210A4F"},
+	{"8B0A79306C9CE7ED99DAE4F87F8DD61636",
+		"7C77D6E813BED5AC98BAA417477A2E7D",
+		"1A8C98DCD73D38393B2BF1569DEEFC19",
+		"65D2017990D62528",
+		"02083E3979DA014812F59F11D52630DA30137327D10649B0AA6E1C181DB617D7F2"},
+	{"1BDA122BCE8A8DBAF1877D962B8592DD2D56",
+		"5FFF20CAFAB119CA2FC73549E20F5B0D",
+		"DDE59B97D722156D4D9AFF2BC7559826",
+		"54B9F04E6A09189A",
+		"2EC47B2C4954A489AFC7BA4897EDCDAE8CC33B60450599BD02C96382902AEF7F832A"},
+	{"6CF36720872B8513F6EAB1A8A44438D5EF11",
+		"A4A4782BCFFD3EC5E7EF6D8C34A56123",
+		"B781FCF2F75FA5A8DE97A9CA48E522EC",
+		"899A175897561D7E",
+		"0DE18FD0FDD91E7AF19F1D8EE8733938B1E8E7F6D2231618102FDB7FE55FF1991700"},
+	{"CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7",
+		"8395FCF1E95BEBD697BD010BC766AAC3",
+		"22E7ADD93CFC6393C57EC0B3C17D6B44",
+		"126735FCC320D25A",
+		"CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC253B4652B1AF3795B124AB6E"},
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/eax/random_vectors.go b/vendor/github.com/ProtonMail/go-crypto/eax/random_vectors.go
new file mode 100644
index 0000000000..4eb19f28d9
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/eax/random_vectors.go
@@ -0,0 +1,131 @@
+// These vectors include key length in {128, 192, 256}, tag size 128, and
+// random nonce, header, and plaintext lengths.
+
+// This file was automatically generated.
+
+package eax
+
+var randomVectors = []struct {
+	key, nonce, header, plaintext, ciphertext string
+}{
+	{"DFDE093F36B0356E5A81F609786982E3",
+		"1D8AC604419001816905BA72B14CED7E",
+		"152A1517A998D7A24163FCDD146DE81AC347C8B97088F502093C1ABB8F6E33D9A219C34D7603A18B1F5ABE02E56661B7D7F67E81EC08C1302EF38D80A859486D450E94A4F26AD9E68EEBBC0C857A0FC5CF9E641D63D565A7E361BC8908F5A8DC8FD6",
+		"1C8EAAB71077FE18B39730A3156ADE29C5EE824C7EE86ED2A253B775603FB237116E654F6FEC588DD27F523A0E01246FE73FE348491F2A8E9ABC6CA58D663F71CDBCF4AD798BE46C42AE6EE8B599DB44A1A48D7BBBBA0F7D2750181E1C5E66967F7D57CBD30AFBDA5727",
+		"79E7E150934BBEBF7013F61C60462A14D8B15AF7A248AFB8A344EF021C1500E16666891D6E973D8BB56B71A371F12CA34660C4410C016982B20F547E3762A58B7BF4F20236CADCF559E2BE7D783B13723B2741FC7CDC8997D839E39A3DDD2BADB96743DD7049F1BDB0516A262869915B3F70498AFB7B191BF960"},
+	{"F10619EF02E5D94D7550EB84ED364A21",
+		"8DC0D4F2F745BBAE835CC5574B942D20",
+		"FE561358F2E8DF7E1024FF1AE9A8D36EBD01352214505CB99D644777A8A1F6027FA2BDBFC529A9B91136D5F2416CFC5F0F4EC3A1AFD32BDDA23CA504C5A5CB451785FABF4DFE4CD50D817491991A60615B30286361C100A95D1712F2A45F8E374461F4CA2B",
+		"D7B5A971FC219631D30EFC3664AE3127D9CF3097DAD9C24AC7905D15E8D9B25B026B31D68CAE00975CDB81EB1FD96FD5E1A12E2BB83FA25F1B1D91363457657FC03875C27F2946C5",
+		"2F336ED42D3CC38FC61660C4CD60BA4BD438B05F5965D8B7B399D2E7167F5D34F792D318F94DB15D67463AC449E13D568CC09BFCE32A35EE3EE96A041927680AE329811811E27F2D1E8E657707AF99BA96D13A478D695D59"},
+	{"429F514EFC64D98A698A9247274CFF45",
+		"976AA5EB072F912D126ACEBC954FEC38",
+		"A71D89DC5B6CEDBB7451A27C3C2CAE09126DB4C421",
+		"5632FE62AB1DC549D54D3BC3FC868ACCEDEFD9ECF5E9F8",
+		"848AE4306CA8C7F416F8707625B7F55881C0AB430353A5C967CDA2DA787F581A70E34DBEBB2385"},
+	{"398138F309085F47F8457CDF53895A63",
+		"F8A8A7F2D28E5FFF7BBC2F24353F7A36",
+		"5D633C21BA7764B8855CAB586F3746E236AD486039C83C6B56EFA9C651D38A41D6B20DAEE3418BFEA44B8BD6",
+		"A3BBAA91920AF5E10659818B1B3B300AC79BFC129C8329E75251F73A66D3AE0128EB91D5031E0A65C329DB7D1E9C0493E268",
+		"D078097267606E5FB07CFB7E2B4B718172A82C6A4CEE65D549A4DFB9838003BD2FBF64A7A66988AC1A632FD88F9E9FBB57C5A78AD2E086EACBA3DB68511D81C2970A"},
+	{"7A4151EBD3901B42CBA45DAFB2E931BA",
+		"0FC88ACEE74DD538040321C330974EB8",
+		"250464FB04733BAB934C59E6AD2D6AE8D662CBCFEFBE61E5A308D4211E58C4C25935B72C69107722E946BFCBF416796600542D76AEB73F2B25BF53BAF97BDEB36ED3A7A51C31E7F170EB897457E7C17571D1BA0A908954E9",
+		"88C41F3EBEC23FAB8A362D969CAC810FAD4F7CA6A7F7D0D44F060F92E37E1183768DD4A8C733F71C96058D362A39876D183B86C103DE",
+		"74A25B2182C51096D48A870D80F18E1CE15867778E34FCBA6BD7BFB3739FDCD42AD0F2D9F4EBA29085285C6048C15BCE5E5166F1F962D3337AA88E6062F05523029D0A7F0BF9"},
+	{"BFB147E1CD5459424F8C0271FC0E0DC5",
+		"EABCC126442BF373969EA3015988CC45",
+		"4C0880E1D71AA2C7",
+		"BE1B5EC78FBF73E7A6682B21BA7E0E5D2D1C7ABE",
+		"5660D7C1380E2F306895B1402CB2D6C37876504276B414D120F4CF92FDDDBB293A238EA0"},
+	{"595DD6F52D18BC2CA8EB4EDAA18D9FA3",
+		"0F84B5D36CF4BC3B863313AF3B4D2E97",
+		"30AE6CC5F99580F12A779D98BD379A60948020C0B6FBD5746B30BA3A15C6CD33DAF376C70A9F15B6C0EB410A93161F7958AE23",
+		"8EF3687A1642B070970B0B91462229D1D76ABC154D18211F7152AA9FF368",
+		"317C1DDB11417E5A9CC4DDE7FDFF6659A5AC4B31DE025212580A05CDAC6024D3E4AE7C2966E52B9129E9ECDBED86"},
+	{"44E6F2DC8FDC778AD007137D11410F50",
+		"270A237AD977F7187AA6C158A0BAB24F",
+		"509B0F0EB12E2AA5C5BA2DE553C07FAF4CE0C9E926531AA709A3D6224FCB783ACCF1559E10B1123EBB7D52E8AB54E6B5352A9ED0D04124BF0E9D9BACFD7E32B817B2E625F5EE94A64EDE9E470DE7FE6886C19B294F9F828209FE257A78",
+		"8B3D7815DF25618A5D0C55A601711881483878F113A12EC36CF64900549A3199555528559DC118F789788A55FAFD944E6E99A9CA3F72F238CD3F4D88223F7A745992B3FAED1848",
+		"1CC00D79F7AD82FDA71B58D286E5F34D0CC4CEF30704E771CC1E50746BDF83E182B078DB27149A42BAE619DF0F85B0B1090AD55D3B4471B0D6F6ECCD09C8F876B30081F0E7537A9624F8AAF29DA85E324122EFB4D68A56"},
+	{"BB7BC352A03044B4428D8DBB4B0701FDEC4649FD17B81452",
+		"8B4BBE26CCD9859DCD84884159D6B0A4",
+		"2212BEB0E78E0F044A86944CF33C8D5C80D9DBE1034BF3BCF73611835C7D3A52F5BD2D81B68FD681B68540A496EE5DA16FD8AC8824E60E1EC2042BE28FB0BFAD4E4B03596446BDD8C37D936D9B3D5295BE19F19CF5ACE1D33A46C952CE4DE5C12F92C1DD051E04AEED",
+		"9037234CC44FFF828FABED3A7084AF40FA7ABFF8E0C0EFB57A1CC361E18FC4FAC1AB54F3ABFE9FF77263ACE16C3A",
+		"A9391B805CCD956081E0B63D282BEA46E7025126F1C1631239C33E92AA6F92CD56E5A4C56F00FF9658E93D48AF4EF0EF81628E34AD4DB0CDAEDCD2A17EE7"},
+	{"99C0AD703196D2F60A74E6B378B838B31F82EA861F06FC4E",
+		"92745C018AA708ECFEB1667E9F3F1B01",
+		"828C69F376C0C0EC651C67749C69577D589EE39E51404D80EBF70C8660A8F5FD375473F4A7C611D59CB546A605D67446CE2AA844135FCD78BB5FBC90222A00D42920BB1D7EEDFB0C4672554F583EF23184F89063CDECBE482367B5F9AF3ACBC3AF61392BD94CBCD9B64677",
+		"A879214658FD0A5B0E09836639BF82E05EC7A5EF71D4701934BDA228435C68AC3D5CEB54997878B06A655EEACEFB1345C15867E7FE6C6423660C8B88DF128EBD6BCD85118DBAE16E9252FFB204324E5C8F38CA97759BDBF3CB0083",
+		"51FE87996F194A2585E438B023B345439EA60D1AEBED4650CDAF48A4D4EEC4FC77DC71CC4B09D3BEEF8B7B7AF716CE2B4EFFB3AC9E6323C18AC35E0AA6E2BBBC8889490EB6226C896B0D105EAB42BFE7053CCF00ED66BA94C1BA09A792AA873F0C3B26C5C5F9A936E57B25"},
+	{"7086816D00D648FB8304AA8C9E552E1B69A9955FB59B25D1",
+		"0F45CF7F0BF31CCEB85D9DA10F4D749F",
+		"93F27C60A417D9F0669E86ACC784FC8917B502DAF30A6338F11B30B94D74FEFE2F8BE1BBE2EAD10FAB7EED3C6F72B7C3ECEE1937C32ED4970A6404E139209C05",
+		"877F046601F3CBE4FB1491943FA29487E738F94B99AF206262A1D6FF856C9AA0B8D4D08A54370C98F8E88FA3DCC2B14C1F76D71B2A4C7963AEE8AF960464C5BEC8357AD00DC8",
+		"FE96906B895CE6A8E72BC72344E2C8BB3C63113D70EAFA26C299BAFE77A8A6568172EB447FB3E86648A0AF3512DEB1AAC0819F3EC553903BF28A9FB0F43411237A774BF9EE03E445D280FBB9CD12B9BAAB6EF5E52691"},
+	{"062F65A896D5BF1401BADFF70E91B458E1F9BD4888CB2E4D",
+		"5B11EA1D6008EBB41CF892FCA5B943D1",
+		"BAF4FF5C8242",
+		"A8870E091238355984EB2F7D61A865B9170F440BFF999A5993DD41A10F4440D21FF948DDA2BF663B2E03AC3324492DC5E40262ECC6A65C07672353BE23E7FB3A9D79FF6AA38D97960905A38DECC312CB6A59E5467ECF06C311CD43ADC0B543EDF34FE8BE611F176460D5627CA51F8F8D9FED71F55C",
+		"B10E127A632172CF8AA7539B140D2C9C2590E6F28C3CB892FC498FCE56A34F732FBFF32E79C7B9747D9094E8635A0C084D6F0247F9768FB5FF83493799A9BEC6C39572120C40E9292C8C947AE8573462A9108C36D9D7112E6995AE5867E6C8BB387D1C5D4BEF524F391B9FD9F0A3B4BFA079E915BCD920185CFD38D114C558928BD7D47877"},
+	{"38A8E45D6D705A11AF58AED5A1344896998EACF359F2E26A",
+		"FD82B5B31804FF47D44199B533D0CF84",
+		"DE454D4E62FE879F2050EE3E25853623D3E9AC52EEC1A1779A48CFAF5ECA0BFDE44749391866D1",
+		"B804",
+		"164BB965C05EBE0931A1A63293EDF9C38C27"},
+	{"34C33C97C6D7A0850DA94D78A58DC61EC717CD7574833068",
+		"343BE00DA9483F05C14F2E9EB8EA6AE8",
+		"78312A43EFDE3CAE34A65796FF059A3FE15304EEA5CF1D9306949FE5BF3349D4977D4EBE76C040FE894C5949E4E4D6681153DA87FB9AC5062063CA2EA183566343362370944CE0362D25FC195E124FD60E8682E665D13F2229DDA3E4B2CB1DCA",
+		"CC11BB284B1153578E4A5ED9D937B869DAF00F5B1960C23455CA9CC43F486A3BE0B66254F1041F04FDF459C8640465B6E1D2CF899A381451E8E7FCB50CF87823BE77E24B132BBEEDC72E53369B275E1D8F49ECE59F4F215230AC4FE133FC80E4F634EE80BA4682B62C86",
+		"E7F703DC31A95E3A4919FF957836CB76C063D81702AEA4703E1C2BF30831E58C4609D626EC6810E12EAA5B930F049FF9EFC22C3E3F1EBD4A1FB285CB02A1AC5AD46B425199FC0A85670A5C4E3DAA9636C8F64C199F42F18AAC8EA7457FD377F322DD7752D7D01B946C8F0A97E6113F0D50106F319AFD291AAACE"},
+	{"C6ECF7F053573E403E61B83052A343D93CBCC179D1E835BE",
+		"E280E13D7367042E3AA09A80111B6184",
+		"21486C9D7A9647",
+		"5F2639AFA6F17931853791CD8C92382BBB677FD72D0AB1A080D0E49BFAA21810E963E4FACD422E92F65CBFAD5884A60CD94740DF31AF02F95AA57DA0C4401B0ED906",
+		"5C51DB20755302070C45F52E50128A67C8B2E4ED0EACB7E29998CCE2E8C289DD5655913EC1A51CC3AABE5CDC2402B2BE7D6D4BF6945F266FBD70BA9F37109067157AE7530678B45F64475D4EBFCB5FFF46A5"},
+	{"5EC6CF7401BC57B18EF154E8C38ACCA8959E57D2F3975FF5",
+		"656B41CB3F9CF8C08BAD7EBFC80BD225",
+		"6B817C2906E2AF425861A7EF59BA5801F143EE2A139EE72697CDE168B4",
+		"2C0E1DDC9B1E5389BA63845B18B1F8A1DB062037151BCC56EF7C21C0BB4DAE366636BBA975685D7CC5A94AFBE89C769016388C56FB7B57CE750A12B718A8BDCF70E80E8659A8330EFC8F86640F21735E8C80E23FE43ABF23507CE3F964AE4EC99D",
+		"ED780CF911E6D1AA8C979B889B0B9DC1ABE261832980BDBFB576901D9EF5AB8048998E31A15BE54B3E5845A4D136AD24D0BDA1C3006168DF2F8AC06729CB0818867398150020131D8F04EDF1923758C9EABB5F735DE5EA1758D4BC0ACFCA98AFD202E9839B8720253693B874C65586C6F0"},
+	{"C92F678EB2208662F5BCF3403EC05F5961E957908A3E79421E1D25FC19054153",
+		"DA0F3A40983D92F2D4C01FED33C7A192",
+		"2B6E9D26DB406A0FAB47608657AA10EFC2B4AA5F459B29FF85AC9A40BFFE7AEB04F77E9A11FAAA116D7F6D4DA417671A9AB02C588E0EF59CB1BFB4B1CC931B63A3B3A159FCEC97A04D1E6F0C7E6A9CEF6B0ABB04758A69F1FE754DF4C2610E8C46B6CF413BDB31351D55BEDCB7B4A13A1C98E10984475E0F2F957853",
+		"F37326A80E08",
+		"83519E53E321D334F7C10B568183775C0E9AAE55F806"},
+	{"6847E0491BE57E72995D186D50094B0B3593957A5146798FCE68B287B2FB37B5",
+		"3EE1182AEBB19A02B128F28E1D5F7F99",
+		"D9F35ABB16D776CE",
+		"DB7566ED8EA95BDF837F23DB277BAFBC5E70D1105ADFD0D9EF15475051B1EF94709C67DCA9F8D5",
+		"2CDCED0C9EBD6E2A508822A685F7DCD1CDD99E7A5FCA786C234E7F7F1D27EC49751AD5DCFA30C5EDA87C43CAE3B919B6BBCFE34C8EDA59"},
+	{"82B019673642C08388D3E42075A4D5D587558C229E4AB8F660E37650C4C41A0A",
+		"336F5D681E0410FAE7B607246092C6DC",
+		"D430CBD8FE435B64214E9E9CDC5DE99D31CFCFB8C10AA0587A49DF276611",
+		"998404153AD77003E1737EDE93ED79859EE6DCCA93CB40C4363AA817ABF2DBBD46E42A14A7183B6CC01E12A577888141363D0AE011EB6E8D28C0B235",
+		"9BEF69EEB60BD3D6065707B7557F25292A8872857CFBD24F2F3C088E4450995333088DA50FD9121221C504DF1D0CD5EFE6A12666C5D5BB12282CF4C19906E9CFAB97E9BDF7F49DC17CFC384B"},
+	{"747B2E269B1859F0622C15C8BAD6A725028B1F94B8DB7326948D1E6ED663A8BC",
+		"AB91F7245DDCE3F1C747872D47BE0A8A",
+		"3B03F786EF1DDD76E1D42646DA4CD2A5165DC5383CE86D1A0B5F13F910DC278A4E451EE0192CBA178E13B3BA27FDC7840DF73D2E104B",
+		"6B803F4701114F3E5FE21718845F8416F70F626303F545BE197189E0A2BA396F37CE06D389EB2658BC7D56D67868708F6D0D32",
+		"1570DDB0BCE75AA25D1957A287A2C36B1A5F2270186DA81BA6112B7F43B0F3D1D0ED072591DCF1F1C99BBB25621FC39B896FF9BD9413A2845363A9DCD310C32CF98E57"},
+	{"02E59853FB29AEDA0FE1C5F19180AD99A12FF2F144670BB2B8BADF09AD812E0A",
+		"C691294EF67CD04D1B9242AF83DD1421",
+		"879334DAE3",
+		"1E17F46A98FEF5CBB40759D95354",
+		"FED8C3FF27DDF6313AED444A2985B36CBA268AAD6AAC563C0BA28F6DB5DB"},
+	{"F6C1FB9B4188F2288FF03BD716023198C3582CF2A037FC2F29760916C2B7FCDB",
+		"4228DA0678CA3534588859E77DFF014C",
+		"D8153CAF35539A61DD8D05B3C9B44F01E564FB9348BCD09A1C23B84195171308861058F0A3CD2A55B912A3AAEE06FF4D356C77275828F2157C2FC7C115DA39E443210CCC56BEDB0CC99BBFB227ABD5CC454F4E7F547C7378A659EEB6A7E809101A84F866503CB18D4484E1FA09B3EC7FC75EB2E35270800AA7",
+		"23B660A779AD285704B12EC1C580387A47BEC7B00D452C6570",
+		"5AA642BBABA8E49849002A2FAF31DB8FC7773EFDD656E469CEC19B3206D4174C9A263D0A05484261F6"},
+	{"8FF6086F1FADB9A3FBE245EAC52640C43B39D43F89526BB5A6EBA47710931446",
+		"943188480C99437495958B0AE4831AA9",
+		"AD5CD0BDA426F6EBA23C8EB23DC73FF9FEC173355EDBD6C9344C4C4383F211888F7CE6B29899A6801DF6B38651A7C77150941A",
+		"80CD5EA8D7F81DDF5070B934937912E8F541A5301877528EB41AB60C020968D459960ED8FB73083329841A",
+		"ABAE8EB7F36FCA2362551E72DAC890BA1BB6794797E0FC3B67426EC9372726ED4725D379EA0AC9147E48DCD0005C502863C2C5358A38817C8264B5"},
+	{"A083B54E6B1FE01B65D42FCD248F97BB477A41462BBFE6FD591006C022C8FD84",
+		"B0490F5BD68A52459556B3749ACDF40E",
+		"8892E047DA5CFBBDF7F3CFCBD1BD21C6D4C80774B1826999234394BD3E513CC7C222BB40E1E3140A152F19B3802F0D036C24A590512AD0E8",
+		"D7B15752789DC94ED0F36778A5C7BBB207BEC32BAC66E702B39966F06E381E090C6757653C3D26A81EC6AD6C364D66867A334C91BB0B8A8A4B6EACDF0783D09010AEBA2DD2062308FE99CC1F",
+		"C071280A732ADC93DF272BF1E613B2BB7D46FC6665EF2DC1671F3E211D6BDE1D6ADDD28DF3AA2E47053FC8BB8AE9271EC8BC8B2CFFA320D225B451685B6D23ACEFDD241FE284F8ADC8DB07F456985B14330BBB66E0FB212213E05B3E"},
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go b/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go
new file mode 100644
index 0000000000..a6bdf51232
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/internal/byteutil/byteutil.go
@@ -0,0 +1,92 @@
+// Copyright (C) 2019 ProtonTech AG
+// This file contains necessary tools for the aex and ocb packages.
+//
+// These functions SHOULD NOT be used elsewhere, since they are optimized for
+// specific input nature in the EAX and OCB modes of operation.
+
+package byteutil
+
+// GfnDouble computes 2 * input in the field of 2^n elements.
+// The irreducible polynomial in the finite field for n=128 is
+// x^128 + x^7 + x^2 + x + 1 (equals 0x87)
+// Constant-time execution in order to avoid side-channel attacks
+func GfnDouble(input []byte) []byte {
+	if len(input) != 16 {
+		panic("Doubling in GFn only implemented for n = 128")
+	}
+	// If the first bit is zero, return 2L = L << 1
+	// Else return (L << 1) xor 0^120 10000111
+	shifted := ShiftBytesLeft(input)
+	shifted[15] ^= ((input[0] >> 7) * 0x87)
+	return shifted
+}
+
+// ShiftBytesLeft outputs the byte array corresponding to x << 1 in binary.
+func ShiftBytesLeft(x []byte) []byte {
+	l := len(x)
+	dst := make([]byte, l)
+	for i := 0; i < l-1; i++ {
+		dst[i] = (x[i] << 1) | (x[i+1] >> 7)
+	}
+	dst[l-1] = x[l-1] << 1
+	return dst
+}
+
+// ShiftNBytesLeft puts in dst the byte array corresponding to x << n in binary.
+func ShiftNBytesLeft(dst, x []byte, n int) {
+	// Erase first n / 8 bytes
+	copy(dst, x[n/8:])
+
+	// Shift the remaining n % 8 bits
+	bits := uint(n % 8)
+	l := len(dst)
+	for i := 0; i < l-1; i++ {
+		dst[i] = (dst[i] << bits) | (dst[i+1] >> uint(8 - bits))
+	}
+	dst[l-1] = dst[l-1] << bits
+
+	// Append trailing zeroes
+	dst = append(dst, make([]byte, n/8)...)
+}
+
+// XorBytesMut assumes equal input length, replaces X with X XOR Y
+func XorBytesMut(X, Y []byte) {
+	for i := 0; i < len(X); i++ {
+		X[i] ^= Y[i]
+	}
+}
+
+
+// XorBytes assumes equal input length, puts X XOR Y into Z
+func XorBytes(Z, X, Y []byte) {
+	for i := 0; i < len(X); i++ {
+		Z[i] = X[i] ^ Y[i]
+	}
+}
+
+// RightXor XORs smaller input (assumed Y) at the right of the larger input (assumed X)
+func RightXor(X, Y []byte) []byte {
+	offset := len(X) - len(Y)
+	xored := make([]byte, len(X));
+	copy(xored, X)
+	for i := 0; i < len(Y); i++ {
+		xored[offset + i] ^= Y[i]
+	}
+	return xored
+}
+
+// SliceForAppend takes a slice and a requested number of bytes. It returns a
+// slice with the contents of the given slice followed by that many bytes and a
+// second slice that aliases into it and contains only the extra bytes. If the
+// original slice has sufficient capacity then no allocation is performed.
+func SliceForAppend(in []byte, n int) (head, tail []byte) {
+	if total := len(in) + n; cap(in) >= total {
+		head = in[:total]
+	} else {
+		head = make([]byte, total)
+		copy(head, in)
+	}
+	tail = head[len(in):]
+	return
+}
+
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/ocb.go b/vendor/github.com/ProtonMail/go-crypto/ocb/ocb.go
new file mode 100644
index 0000000000..7f78cfa759
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/ocb/ocb.go
@@ -0,0 +1,317 @@
+// Copyright (C) 2019 ProtonTech AG
+
+// Package ocb provides an implementation of the OCB (offset codebook) mode of
+// operation, as described in RFC-7253 of the IRTF and in Rogaway, Bellare,
+// Black and Krovetz - OCB: A BLOCK-CIPHER MODE OF OPERATION FOR EFFICIENT
+// AUTHENTICATED ENCRYPTION (2003).
+// Security considerations (from RFC-7253): A private key MUST NOT be used to
+// encrypt more than 2^48 blocks. Tag length should be at least 12 bytes (a
+// brute-force forging adversary succeeds after 2^{tag length} attempts). A
+// single key SHOULD NOT be used to decrypt ciphertext with different tag
+// lengths. Nonces need not be secret, but MUST NOT be reused.
+// This package only supports underlying block ciphers with 128-bit blocks,
+// such as AES-{128, 192, 256}, but may be extended to other sizes.
+package ocb
+
+import (
+	"bytes"
+	"crypto/cipher"
+	"crypto/subtle"
+	"errors"
+	"github.com/ProtonMail/go-crypto/internal/byteutil"
+	"math/bits"
+)
+
+type ocb struct {
+	block     cipher.Block
+	tagSize   int
+	nonceSize int
+	mask      mask
+	// Optimized en/decrypt: For each nonce N used to en/decrypt, the 'Ktop'
+	// internal variable can be reused for en/decrypting with nonces sharing
+	// all but the last 6 bits with N. The prefix of the first nonce used to
+	// compute the new Ktop, and the Ktop value itself, are stored in
+	// reusableKtop. If using incremental nonces, this saves one block cipher
+	// call every 63 out of 64 OCB encryptions, and stores one nonce and one
+	// output of the block cipher in memory only.
+	reusableKtop reusableKtop
+}
+
+type mask struct {
+	// L_*, L_$, (L_i)_{i ∈ N}
+	lAst []byte
+	lDol []byte
+	L    [][]byte
+}
+
+type reusableKtop struct {
+	noncePrefix []byte
+	Ktop        []byte
+}
+
+const (
+	defaultTagSize   = 16
+	defaultNonceSize = 15
+)
+
+const (
+	enc = iota
+	dec
+)
+
+func (o *ocb) NonceSize() int {
+	return o.nonceSize
+}
+
+func (o *ocb) Overhead() int {
+	return o.tagSize
+}
+
+// NewOCB returns an OCB instance with the given block cipher and default
+// tag and nonce sizes.
+func NewOCB(block cipher.Block) (cipher.AEAD, error) {
+	return NewOCBWithNonceAndTagSize(block, defaultNonceSize, defaultTagSize)
+}
+
+// NewOCBWithNonceAndTagSize returns an OCB instance with the given block
+// cipher, nonce length, and tag length. Panics on zero nonceSize and
+// exceedingly long tag size.
+//
+// It is recommended to use at least 12 bytes as tag length.
+func NewOCBWithNonceAndTagSize(
+	block cipher.Block, nonceSize, tagSize int) (cipher.AEAD, error) {
+	if block.BlockSize() != 16 {
+		return nil, ocbError("Block cipher must have 128-bit blocks")
+	}
+	if nonceSize < 1 {
+		return nil, ocbError("Incorrect nonce length")
+	}
+	if nonceSize >= block.BlockSize() {
+		return nil, ocbError("Nonce length exceeds blocksize - 1")
+	}
+	if tagSize > block.BlockSize() {
+		return nil, ocbError("Custom tag length exceeds blocksize")
+	}
+	return &ocb{
+		block:        block,
+		tagSize:      tagSize,
+		nonceSize:    nonceSize,
+		mask:         initializeMaskTable(block),
+		reusableKtop: reusableKtop{
+			noncePrefix: nil,
+			Ktop: nil,
+		},
+	}, nil
+}
+
+func (o *ocb) Seal(dst, nonce, plaintext, adata []byte) []byte {
+	if len(nonce) > o.nonceSize {
+		panic("crypto/ocb: Incorrect nonce length given to OCB")
+	}
+	ret, out := byteutil.SliceForAppend(dst, len(plaintext)+o.tagSize)
+	o.crypt(enc, out, nonce, adata, plaintext)
+	return ret
+}
+
+func (o *ocb) Open(dst, nonce, ciphertext, adata []byte) ([]byte, error) {
+	if len(nonce) > o.nonceSize {
+		panic("Nonce too long for this instance")
+	}
+	if len(ciphertext) < o.tagSize {
+		return nil, ocbError("Ciphertext shorter than tag length")
+	}
+	sep := len(ciphertext) - o.tagSize
+	ret, out := byteutil.SliceForAppend(dst, len(ciphertext))
+	ciphertextData := ciphertext[:sep]
+	tag := ciphertext[sep:]
+	o.crypt(dec, out, nonce, adata, ciphertextData)
+	if subtle.ConstantTimeCompare(ret[sep:], tag) == 1 {
+		ret = ret[:sep]
+		return ret, nil
+	}
+	for i := range out {
+		out[i] = 0
+	}
+	return nil, ocbError("Tag authentication failed")
+}
+
+// On instruction enc (resp. dec), crypt is the encrypt (resp. decrypt)
+// function. It returns the resulting plain/ciphertext with the tag appended.
+func (o *ocb) crypt(instruction int, Y, nonce, adata, X []byte) []byte {
+	//
+	// Consider X as a sequence of 128-bit blocks
+	//
+	// Note: For encryption (resp. decryption), X is the plaintext (resp., the
+	// ciphertext without the tag).
+	blockSize := o.block.BlockSize()
+
+	//
+	// Nonce-dependent and per-encryption variables
+	//
+	// Zero out the last 6 bits of the nonce into truncatedNonce to see if Ktop
+	// is already computed.
+	truncatedNonce := make([]byte, len(nonce))
+	copy(truncatedNonce, nonce)
+	truncatedNonce[len(truncatedNonce)-1] &= 192
+	Ktop := make([]byte, blockSize)
+	if bytes.Equal(truncatedNonce, o.reusableKtop.noncePrefix) {
+		Ktop = o.reusableKtop.Ktop
+	} else {
+		// Nonce = num2str(TAGLEN mod 128, 7) || zeros(120 - bitlen(N)) || 1 || N
+		paddedNonce := append(make([]byte, blockSize-1-len(nonce)), 1)
+		paddedNonce = append(paddedNonce, truncatedNonce...)
+		paddedNonce[0] |= byte(((8 * o.tagSize) % (8 * blockSize)) << 1)
+		// Last 6 bits of paddedNonce are already zero. Encrypt into Ktop
+		paddedNonce[blockSize-1] &= 192
+		Ktop = paddedNonce
+		o.block.Encrypt(Ktop, Ktop)
+		o.reusableKtop.noncePrefix = truncatedNonce
+		o.reusableKtop.Ktop = Ktop
+	}
+
+	// Stretch = Ktop || ((lower half of Ktop) XOR (lower half of Ktop << 8))
+	xorHalves := make([]byte, blockSize/2)
+	byteutil.XorBytes(xorHalves, Ktop[:blockSize/2], Ktop[1:1+blockSize/2])
+	stretch := append(Ktop, xorHalves...)
+	bottom := int(nonce[len(nonce)-1] & 63)
+	offset := make([]byte, len(stretch))
+	byteutil.ShiftNBytesLeft(offset, stretch, bottom)
+	offset = offset[:blockSize]
+
+	//
+	// Process any whole blocks
+	//
+	// Note: For encryption Y is ciphertext || tag, for decryption Y is
+	// plaintext || tag.
+	checksum := make([]byte, blockSize)
+	m := len(X) / blockSize
+	for i := 0; i < m; i++ {
+		index := bits.TrailingZeros(uint(i + 1))
+		if len(o.mask.L)-1 < index {
+			o.mask.extendTable(index)
+		}
+		byteutil.XorBytesMut(offset, o.mask.L[bits.TrailingZeros(uint(i+1))])
+		blockX := X[i*blockSize : (i+1)*blockSize]
+		blockY := Y[i*blockSize : (i+1)*blockSize]
+		byteutil.XorBytes(blockY, blockX, offset)
+		switch instruction {
+		case enc:
+			o.block.Encrypt(blockY, blockY)
+			byteutil.XorBytesMut(blockY, offset)
+			byteutil.XorBytesMut(checksum, blockX)
+		case dec:
+			o.block.Decrypt(blockY, blockY)
+			byteutil.XorBytesMut(blockY, offset)
+			byteutil.XorBytesMut(checksum, blockY)
+		}
+	}
+	//
+	// Process any final partial block and compute raw tag
+	//
+	tag := make([]byte, blockSize)
+	if len(X)%blockSize != 0 {
+		byteutil.XorBytesMut(offset, o.mask.lAst)
+		pad := make([]byte, blockSize)
+		o.block.Encrypt(pad, offset)
+		chunkX := X[blockSize*m:]
+		chunkY := Y[blockSize*m : len(X)]
+		byteutil.XorBytes(chunkY, chunkX, pad[:len(chunkX)])
+		// P_* || bit(1) || zeroes(127) - len(P_*)
+		switch instruction {
+		case enc:
+			paddedY := append(chunkX, byte(128))
+			paddedY = append(paddedY, make([]byte, blockSize-len(chunkX)-1)...)
+			byteutil.XorBytesMut(checksum, paddedY)
+		case dec:
+			paddedX := append(chunkY, byte(128))
+			paddedX = append(paddedX, make([]byte, blockSize-len(chunkY)-1)...)
+			byteutil.XorBytesMut(checksum, paddedX)
+		}
+		byteutil.XorBytes(tag, checksum, offset)
+		byteutil.XorBytesMut(tag, o.mask.lDol)
+		o.block.Encrypt(tag, tag)
+		byteutil.XorBytesMut(tag, o.hash(adata))
+		copy(Y[blockSize*m+len(chunkY):], tag[:o.tagSize])
+	} else {
+		byteutil.XorBytes(tag, checksum, offset)
+		byteutil.XorBytesMut(tag, o.mask.lDol)
+		o.block.Encrypt(tag, tag)
+		byteutil.XorBytesMut(tag, o.hash(adata))
+		copy(Y[blockSize*m:], tag[:o.tagSize])
+	}
+	return Y
+}
+
+// This hash function is used to compute the tag. Per design, on empty input it
+// returns a slice of zeros, of the same length as the underlying block cipher
+// block size.
+func (o *ocb) hash(adata []byte) []byte {
+	//
+	// Consider A as a sequence of 128-bit blocks
+	//
+	A := make([]byte, len(adata))
+	copy(A, adata)
+	blockSize := o.block.BlockSize()
+
+	//
+	// Process any whole blocks
+	//
+	sum := make([]byte, blockSize)
+	offset := make([]byte, blockSize)
+	m := len(A) / blockSize
+	for i := 0; i < m; i++ {
+		chunk := A[blockSize*i : blockSize*(i+1)]
+		index := bits.TrailingZeros(uint(i + 1))
+		// If the mask table is too short
+		if len(o.mask.L)-1 < index {
+			o.mask.extendTable(index)
+		}
+		byteutil.XorBytesMut(offset, o.mask.L[index])
+		byteutil.XorBytesMut(chunk, offset)
+		o.block.Encrypt(chunk, chunk)
+		byteutil.XorBytesMut(sum, chunk)
+	}
+
+	//
+	// Process any final partial block; compute final hash value
+	//
+	if len(A)%blockSize != 0 {
+		byteutil.XorBytesMut(offset, o.mask.lAst)
+		// Pad block with 1 || 0 ^ 127 - bitlength(a)
+		ending := make([]byte, blockSize-len(A)%blockSize)
+		ending[0] = 0x80
+		encrypted := append(A[blockSize*m:], ending...)
+		byteutil.XorBytesMut(encrypted, offset)
+		o.block.Encrypt(encrypted, encrypted)
+		byteutil.XorBytesMut(sum, encrypted)
+	}
+	return sum
+}
+
+func initializeMaskTable(block cipher.Block) mask {
+	//
+	// Key-dependent variables
+	//
+	lAst := make([]byte, block.BlockSize())
+	block.Encrypt(lAst, lAst)
+	lDol := byteutil.GfnDouble(lAst)
+	L := make([][]byte, 1)
+	L[0] = byteutil.GfnDouble(lDol)
+
+	return mask{
+		lAst: lAst,
+		lDol: lDol,
+		L:    L,
+	}
+}
+
+// Extends the L array of mask m up to L[limit], with L[i] = GfnDouble(L[i-1])
+func (m *mask) extendTable(limit int) {
+	for i := len(m.L); i <= limit; i++ {
+		m.L = append(m.L, byteutil.GfnDouble(m.L[i-1]))
+	}
+}
+
+func ocbError(err string) error {
+	return errors.New("crypto/ocb: " + err)
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/random_vectors.go b/vendor/github.com/ProtonMail/go-crypto/ocb/random_vectors.go
new file mode 100644
index 0000000000..0efaf344fd
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/ocb/random_vectors.go
@@ -0,0 +1,136 @@
+// In the test vectors provided by RFC 7253, the "bottom"
+// internal variable, which defines "offset" for the first time, does not
+// exceed 15. However, it can attain values up to 63.
+
+// These vectors include key length in {128, 192, 256}, tag size 128, and
+// random nonce, header, and plaintext lengths.
+
+// This file was automatically generated.
+
+package ocb
+
+var randomVectors = []struct {
+	key, nonce, header, plaintext, ciphertext string
+}{
+
+	{"9438C5D599308EAF13F800D2D31EA7F0",
+		"C38EE4801BEBFFA1CD8635BE",
+		"0E507B7DADD8A98CDFE272D3CB6B3E8332B56AE583FB049C0874D4200BED16BD1A044182434E9DA0E841F182DFD5B3016B34641CED0784F1745F63AB3D0DA22D3351C9EF9A658B8081E24498EBF61FCE40DA6D8E184536",
+		"962D227786FB8913A8BAD5DC3250",
+		"EEDEF5FFA5986D1E3BF86DDD33EF9ADC79DCA06E215FA772CCBA814F63AD"},
+	{"BA7DE631C7D6712167C6724F5B9A2B1D",
+		"35263EBDA05765DC0E71F1F5",
+		"0103257B4224507C0242FEFE821EA7FA42E0A82863E5F8B68F7D881B4B44FA428A2B6B21D2F591260802D8AB6D83",
+		"9D6D1FC93AE8A64E7889B7B2E3521EFA9B920A8DDB692E6F833DDC4A38AFA535E5E2A3ED82CB7E26404AB86C54D01C4668F28398C2DF33D5D561CBA1C8DCFA7A912F5048E545B59483C0E3221F54B14DAA2E4EB657B3BEF9554F34CAD69B2724AE962D3D8A",
+		"E93852D1985C5E775655E937FA79CE5BF28A585F2AF53A5018853B9634BE3C84499AC0081918FDCE0624494D60E25F76ACD6853AC7576E3C350F332249BFCABD4E73CEABC36BE4EDDA40914E598AE74174A0D7442149B26990899491BDDFE8FC54D6C18E83AE9E9A6FFBF5D376565633862EEAD88D"},
+	{"2E74B25289F6FD3E578C24866E9C72A5",
+		"FD912F15025AF8414642BA1D1D",
+		"FB5FB8C26F365EEDAB5FE260C6E3CCD27806729C8335F146063A7F9EA93290E56CF84576EB446350D22AD730547C267B1F0BBB97EB34E1E2C41A",
+		"6C092EBF78F76EE8C1C6E592277D9545BA16EDB67BC7D8480B9827702DC2F8A129E2B08A2CE710CA7E1DA45CE162BB6CD4B512E632116E2211D3C90871EFB06B8D4B902681C7FB",
+		"6AC0A77F26531BF4F354A1737F99E49BE32ECD909A7A71AD69352906F54B08A9CE9B8CA5D724CBFFC5673437F23F630697F3B84117A1431D6FA8CC13A974FB4AD360300522E09511B99E71065D5AC4BBCB1D791E864EF4"},
+	{"E7EC507C802528F790AFF5303A017B17",
+		"4B97A7A568940A9E3CE7A99E93031E",
+		"28349BDC5A09390C480F9B8AA3EDEA3DDB8B9D64BCA322C570B8225DF0E31190DAB25A4014BA39519E02ABFB12B89AA28BBFD29E486E7FB28734258C817B63CED9912DBAFEBB93E2798AB2890DE3B0ACFCFF906AB15563EF7823CE83D27CDB251195E22BD1337BCBDE65E7C2C427321C463C2777BFE5AEAA",
+		"9455B3EA706B74",
+		"7F33BA3EA848D48A96B9530E26888F43EBD4463C9399B6"},
+	{"6C928AA3224736F28EE7378DE0090191",
+		"8936138E2E4C6A13280017A1622D",
+		"6202717F2631565BDCDC57C6584543E72A7C8BD444D0D108ED35069819633C",
+		"DA0691439E5F035F3E455269D14FE5C201C8C9B0A3FE2D3F86BCC59387C868FE65733D388360B31E3CE28B4BF6A8BE636706B536D5720DB66B47CF1C7A5AFD6F61E0EF90F1726D6B0E169F9A768B2B7AE4EE00A17F630AC905FCAAA1B707FFF25B3A1AAE83B504837C64A5639B2A34002B300EC035C9B43654DA55",
+		"B8804D182AB0F0EEB464FA7BD1329AD6154F982013F3765FEDFE09E26DAC078C9C1439BFC1159D6C02A25E3FF83EF852570117B315852AD5EE20E0FA3AA0A626B0E43BC0CEA38B44579DD36803455FB46989B90E6D229F513FD727AF8372517E9488384C515D6067704119C931299A0982EDDFB9C2E86A90C450C077EB222511EC9CCABC9FCFDB19F70088"},
+	{"ECEA315CA4B3F425B0C9957A17805EA4",
+		"664CDAE18403F4F9BA13015A44FC",
+		"642AFB090D6C6DB46783F08B01A3EF2A8FEB5736B531EAC226E7888FCC8505F396818F83105065FACB3267485B9E5E4A0261F621041C08FCCB2A809A49AB5252A91D0971BCC620B9D614BD77E57A0EED2FA5",
+		"6852C31F8083E20E364CEA21BB7854D67CEE812FE1C9ED2425C0932A90D3780728D1BB",
+		"2ECEF962A9695A463ADABB275BDA9FF8B2BA57AEC2F52EFFB700CD9271A74D2A011C24AEA946051BD6291776429B7E681BA33E"},
+	{"4EE616C4A58AAA380878F71A373461F6",
+		"91B8C9C176D9C385E9C47E52",
+		"CDA440B7F9762C572A718AC754EDEECC119E5EE0CCB9FEA4FFB22EEE75087C032EBF3DA9CDD8A28CC010B99ED45143B41A4BA50EA2A005473F89639237838867A57F23B0F0ED3BF22490E4501DAC9C658A9B9F",
+		"D6E645FA9AE410D15B8123FD757FA356A8DBE9258DDB5BE88832E615910993F497EC",
+		"B70ED7BF959FB2AAED4F36174A2A99BFB16992C8CDF369C782C4DB9C73DE78C5DB8E0615F647243B97ACDB24503BC9CADC48"},
+	{"DCD475773136C830D5E3D0C5FE05B7FF",
+		"BB8E1FBB483BE7616A922C4A",
+		"36FEF2E1CB29E76A6EA663FC3AF66ECD7404F466382F7B040AABED62293302B56E8783EF7EBC21B4A16C3E78A7483A0A403F253A2CDC5BBF79DC3DAE6C73F39A961D8FBBE8D41B",
+		"441E886EA38322B2437ECA7DEB5282518865A66780A454E510878E61BFEC3106A3CD93D2A02052E6F9E1832F9791053E3B76BF4C07EFDD6D4106E3027FABB752E60C1AA425416A87D53938163817A1051EBA1D1DEEB4B9B25C7E97368B52E5911A31810B0EC5AF547559B6142D9F4C4A6EF24A4CF75271BF9D48F62B",
+		"1BE4DD2F4E25A6512C2CC71D24BBB07368589A94C2714962CD0ACE5605688F06342587521E75F0ACAFFD86212FB5C34327D238DB36CF2B787794B9A4412E7CD1410EA5DDD2450C265F29CF96013CD213FD2880657694D718558964BC189B4A84AFCF47EB012935483052399DBA5B088B0A0477F20DFE0E85DCB735E21F22A439FB837DD365A93116D063E607"},
+	{"3FBA2B3D30177FFE15C1C59ED2148BB2C091F5615FBA7C07",
+		"FACF804A4BEBF998505FF9DE",
+		"8213B9263B2971A5BDA18DBD02208EE1",
+		"15B323926993B326EA19F892D704439FC478828322AF72118748284A1FD8A6D814E641F70512FD706980337379F31DC63355974738D7FEA87AD2858C0C2EBBFBE74371C21450072373C7B651B334D7C4D43260B9D7CCD3AF9EDB",
+		"6D35DC1469B26E6AAB26272A41B46916397C24C485B61162E640A062D9275BC33DDCFD3D9E1A53B6C8F51AC89B66A41D59B3574197A40D9B6DCF8A4E2A001409C8112F16B9C389E0096179DB914E05D6D11ED0005AD17E1CE105A2F0BAB8F6B1540DEB968B7A5428FF44"},
+	{"53B52B8D4D748BCDF1DDE68857832FA46227FA6E2F32EFA1",
+		"0B0EF53D4606B28D1398355F",
+		"F23882436349094AF98BCACA8218E81581A043B19009E28EFBF2DE37883E04864148CC01D240552CA8844EC1456F42034653067DA67E80F87105FD06E14FF771246C9612867BE4D215F6D761",
+		"F15030679BD4088D42CAC9BF2E9606EAD4798782FA3ED8C57EBE7F84A53236F51B25967C6489D0CD20C9EEA752F9BC",
+		"67B96E2D67C3729C96DAEAEDF821D61C17E648643A2134C5621FEC621186915AD80864BFD1EB5B238BF526A679385E012A457F583AFA78134242E9D9C1B4E4"},
+	{"0272DD80F23399F49BFC320381A5CD8225867245A49A7D41",
+		"5C83F4896D0738E1366B1836",
+		"69B0337289B19F73A12BAEEA857CCAF396C11113715D9500CCCF48BA08CFF12BC8B4BADB3084E63B85719DB5058FA7C2C11DEB096D7943CFA7CAF5",
+		"C01AD10FC8B562CD17C7BC2FAB3E26CBDFF8D7F4DEA816794BBCC12336991712972F52816AABAB244EB43B0137E2BAC1DD413CE79531E78BEF782E6B439612BB3AEF154DE3502784F287958EBC159419F9EBA27916A28D6307324129F506B1DE80C1755A929F87",
+		"FEFE52DD7159C8DD6E8EC2D3D3C0F37AB6CB471A75A071D17EC4ACDD8F3AA4D7D4F7BB559F3C09099E3D9003E5E8AA1F556B79CECDE66F85B08FA5955E6976BF2695EA076388A62D2AD5BAB7CBF1A7F3F4C8D5CDF37CDE99BD3E30B685D9E5EEE48C7C89118EF4878EB89747F28271FA2CC45F8E9E7601"},
+	{"3EEAED04A455D6E5E5AB53CFD5AFD2F2BC625C7BF4BE49A5",
+		"36B88F63ADBB5668588181D774",
+		"D367E3CB3703E762D23C6533188EF7028EFF9D935A3977150361997EC9DEAF1E4794BDE26AA8B53C124980B1362EC86FCDDFC7A90073171C1BAEE351A53234B86C66E8AB92FAE99EC6967A6D3428892D80",
+		"573454C719A9A55E04437BF7CBAAF27563CCCD92ADD5E515CD63305DFF0687E5EEF790C5DCA5C0033E9AB129505E2775438D92B38F08F3B0356BA142C6F694",
+		"E9F79A5B432D9E682C9AAA5661CFC2E49A0FCB81A431E54B42EB73DD3BED3F377FEC556ABA81624BA64A5D739AD41467460088F8D4F442180A9382CA635745473794C382FCDDC49BA4EB6D8A44AE3C"},
+	{"B695C691538F8CBD60F039D0E28894E3693CC7C36D92D79D",
+		"BC099AEB637361BAC536B57618",
+		"BFFF1A65AE38D1DC142C71637319F5F6508E2CB33C9DCB94202B359ED5A5ED8042E7F4F09231D32A7242976677E6F4C549BF65FADC99E5AF43F7A46FD95E16C2",
+		"081DF3FD85B415D803F0BE5AC58CFF0023FDDED99788296C3731D8",
+		"E50C64E3614D94FE69C47092E46ACC9957C6FEA2CCBF96BC62FBABE7424753C75F9C147C42AE26FE171531"},
+	{"C9ACBD2718F0689A1BE9802A551B6B8D9CF5614DAF5E65ED",
+		"B1B0AAF373B8B026EB80422051D8",
+		"6648C0E61AC733C76119D23FB24548D637751387AA2EAE9D80E912B7BD486CAAD9EAF4D7A5FE2B54AAD481E8EC94BB4D558000896E2010462B70C9FED1E7273080D1",
+		"189F591F6CB6D59AFEDD14C341741A8F1037DC0DF00FC57CE65C30F49E860255CEA5DC6019380CC0FE8880BC1A9E685F41C239C38F36E3F2A1388865C5C311059C0A",
+		"922A5E949B61D03BE34AB5F4E58607D4504EA14017BB363DAE3C873059EA7A1C77A746FB78981671D26C2CF6D9F24952D510044CE02A10177E9DB42D0145211DFE6E84369C5E3BC2669EAB4147B2822895F9"},
+	{"7A832BD2CF5BF4919F353CE2A8C86A5E406DA2D52BE16A72",
+		"2F2F17CECF7E5A756D10785A3CB9DB",
+		"61DA05E3788CC2D8405DBA70C7A28E5AF699863C9F72E6C6770126929F5D6FA267F005EBCF49495CB46400958A3AE80D1289D1C671",
+		"44E91121195A41AF14E8CFDBD39A4B517BE0DF1A72977ED8A3EEF8EEDA1166B2EB6DB2C4AE2E74FA0F0C74537F659BFBD141E5DDEC67E64EDA85AABD3F52C85A785B9FB3CECD70E7DF",
+		"BEDF596EA21288D2B84901E188F6EE1468B14D5161D3802DBFE00D60203A24E2AB62714BF272A45551489838C3A7FEAADC177B591836E73684867CCF4E12901DCF2064058726BBA554E84ADC5136F507E961188D4AF06943D3"},
+	{"1508E8AE9079AA15F1CEC4F776B4D11BCCB061B58AA56C18",
+		"BCA625674F41D1E3AB47672DC0C3",
+		"8B12CF84F16360F0EAD2A41BC021530FFCEC7F3579CAE658E10E2D3D81870F65AFCED0C77C6C4C6E6BA424FF23088C796BA6195ABA35094BF1829E089662E7A95FC90750AE16D0C8AFA55DAC789D7735B970B58D4BE7CEC7341DA82A0179A01929C27A59C5063215B859EA43",
+		"E525422519ECE070E82C",
+		"B47BC07C3ED1C0A43BA52C43CBACBCDBB29CAF1001E09FDF7107"},
+	{"7550C2761644E911FE9ADD119BAC07376BEA442845FEAD876D7E7AC1B713E464",
+		"36D2EC25ADD33CDEDF495205BBC923",
+		"7FCFE81A3790DE97FFC3DE160C470847EA7E841177C2F759571CBD837EA004A6CA8C6F4AEBFF2E9FD552D73EB8A30705D58D70C0B67AEEA280CBBF0A477358ACEF1E7508F2735CD9A0E4F9AC92B8C008F575D3B6278F1C18BD01227E3502E5255F3AB1893632AD00C717C588EF652A51A43209E7EE90",
+		"2B1A62F8FDFAA3C16470A21AD307C9A7D03ADE8EF72C69B06F8D738CDE578D7AEFD0D40BD9C022FB9F580DF5394C998ACCCEFC5471A3996FB8F1045A81FDC6F32D13502EA65A211390C8D882B8E0BEFD8DD8CBEF51D1597B124E9F7F",
+		"C873E02A22DB89EB0787DB6A60B99F7E4A0A085D5C4232A81ADCE2D60AA36F92DDC33F93DD8640AC0E08416B187FB382B3EC3EE85A64B0E6EE41C1366A5AD2A282F66605E87031CCBA2FA7B2DA201D975994AADE3DD1EE122AE09604AD489B84BF0C1AB7129EE16C6934850E"},
+	{"A51300285E554FDBDE7F771A9A9A80955639DD87129FAEF74987C91FB9687C71",
+		"81691D5D20EC818FCFF24B33DECC",
+		"C948093218AA9EB2A8E44A87EEA73FC8B6B75A196819A14BD83709EA323E8DF8B491045220E1D88729A38DBCFFB60D3056DAD4564498FD6574F74512945DEB34B69329ACED9FFC05D5D59DFCD5B973E2ACAFE6AD1EF8BBBC49351A2DD12508ED89ED",
+		"EB861165DAF7625F827C6B574ED703F03215",
+		"C6CD1CE76D2B3679C1B5AA1CFD67CCB55444B6BFD3E22C81CBC9BB738796B83E54E3"},
+	{"8CE0156D26FAEB7E0B9B800BBB2E9D4075B5EAC5C62358B0E7F6FCE610223282",
+		"D2A7B94DD12CDACA909D3AD7",
+		"E021A78F374FC271389AB9A3E97077D755",
+		"7C26000B58929F5095E1CEE154F76C2A299248E299F9B5ADE6C403AA1FD4A67FD4E0232F214CE7B919EE7A1027D2B76C57475715CD078461",
+		"C556FB38DF069B56F337B5FF5775CE6EAA16824DFA754F20B78819028EA635C3BB7AA731DE8776B2DCB67DCA2D33EEDF3C7E52EA450013722A41755A0752433ED17BDD5991AAE77A"},
+	{"1E8000A2CE00A561C9920A30BF0D7B983FEF8A1014C8F04C35CA6970E6BA02BD",
+		"65ED3D63F79F90BBFD19775E",
+		"336A8C0B7243582A46B221AA677647FCAE91",
+		"134A8B34824A290E7B",
+		"914FBEF80D0E6E17F8BDBB6097EBF5FBB0554952DC2B9E5151"},
+	{"53D5607BBE690B6E8D8F6D97F3DF2BA853B682597A214B8AA0EA6E598650AF15",
+		"C391A856B9FE234E14BA1AC7BB40FF",
+		"479682BC21349C4BE1641D5E78FE2C79EC1B9CF5470936DCAD9967A4DCD7C4EFADA593BC9EDE71E6A08829B8580901B61E274227E9D918502DE3",
+		"EAD154DC09C5E26C5D26FF33ED148B27120C7F2C23225CC0D0631B03E1F6C6D96FEB88C1A4052ACB4CE746B884B6502931F407021126C6AAB8C514C077A5A38438AE88EE",
+		"938821286EBB671D999B87C032E1D6055392EB564E57970D55E545FC5E8BAB90E6E3E3C0913F6320995FC636D72CD9919657CC38BD51552F4A502D8D1FE56DB33EBAC5092630E69EBB986F0E15CEE9FC8C052501"},
+	{"294362FCC984F440CEA3E9F7D2C06AF20C53AAC1B3738CA2186C914A6E193ABB",
+		"B15B61C8BB39261A8F55AB178EC3",
+		"D0729B6B75BB",
+		"2BD089ADCE9F334BAE3B065996C7D616DD0C27DF4218DCEEA0FBCA0F968837CE26B0876083327E25681FDDD620A32EC0DA12F73FAE826CC94BFF2B90A54D2651",
+		"AC94B25E4E21DE2437B806966CCD5D9385EF0CD4A51AB9FA6DE675C7B8952D67802E9FEC1FDE9F5D1EAB06057498BC0EEA454804FC9D2068982A3E24182D9AC2E7AB9994DDC899A604264583F63D066B"},
+	{"959DBFEB039B1A5B8CE6A44649B602AAA5F98A906DB96143D202CD2024F749D9",
+		"01D7BDB1133E9C347486C1EFA6",
+		"F3843955BD741F379DD750585EDC55E2CDA05CCBA8C1F4622AC2FE35214BC3A019B8BD12C4CC42D9213D1E1556941E8D8450830287FFB3B763A13722DD4140ED9846FB5FFF745D7B0B967D810A068222E10B259AF1D392035B0D83DC1498A6830B11B2418A840212599171E0258A1C203B05362978",
+		"A21811232C950FA8B12237C2EBD6A7CD2C3A155905E9E0C7C120",
+		"63C1CE397B22F1A03F1FA549B43178BC405B152D3C95E977426D519B3DFCA28498823240592B6EEE7A14"},
+	{"096AE499F5294173F34FF2B375F0E5D5AB79D0D03B33B1A74D7D576826345DF4",
+		"0C52B3D11D636E5910A4DD76D32C",
+		"229E9ECA3053789E937447BC719467075B6138A142DA528DA8F0CF8DDF022FD9AF8E74779BA3AC306609",
+		"8B7A00038783E8BAF6EDEAE0C4EAB48FC8FD501A588C7E4A4DB71E3604F2155A97687D3D2FFF8569261375A513CF4398CE0F87CA1658A1050F6EF6C4EA3E25",
+		"C20B6CF8D3C8241825FD90B2EDAC7593600646E579A8D8DAAE9E2E40C3835FE801B2BE4379131452BC5182C90307B176DFBE2049544222FE7783147B690774F6D9D7CEF52A91E61E298E9AA15464AC"},
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_a.go b/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_a.go
new file mode 100644
index 0000000000..843085589c
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_a.go
@@ -0,0 +1,78 @@
+package ocb
+
+import (
+	"encoding/hex"
+)
+
+// Test vectors from https://tools.ietf.org/html/rfc7253. Note that key is
+// shared accross tests.
+var testKey, _ = hex.DecodeString("000102030405060708090A0B0C0D0E0F")
+
+var rfc7253testVectors = []struct {
+	nonce, header, plaintext, ciphertext string
+}{
+	{"BBAA99887766554433221100",
+		"",
+		"",
+		"785407BFFFC8AD9EDCC5520AC9111EE6"},
+	{"BBAA99887766554433221101",
+		"0001020304050607",
+		"0001020304050607",
+		"6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009"},
+	{"BBAA99887766554433221102",
+		"0001020304050607",
+		"",
+		"81017F8203F081277152FADE694A0A00"},
+	{"BBAA99887766554433221103",
+		"",
+		"0001020304050607",
+		"45DD69F8F5AAE72414054CD1F35D82760B2CD00D2F99BFA9"},
+	{"BBAA99887766554433221104",
+		"000102030405060708090A0B0C0D0E0F",
+		"000102030405060708090A0B0C0D0E0F",
+		"571D535B60B277188BE5147170A9A22C3AD7A4FF3835B8C5701C1CCEC8FC3358"},
+	{"BBAA99887766554433221105",
+		"000102030405060708090A0B0C0D0E0F",
+		"",
+		"8CF761B6902EF764462AD86498CA6B97"},
+	{"BBAA99887766554433221106",
+		"",
+		"000102030405060708090A0B0C0D0E0F",
+		"5CE88EC2E0692706A915C00AEB8B2396F40E1C743F52436BDF06D8FA1ECA343D"},
+	{"BBAA99887766554433221107",
+		"000102030405060708090A0B0C0D0E0F1011121314151617",
+		"000102030405060708090A0B0C0D0E0F1011121314151617",
+		"1CA2207308C87C010756104D8840CE1952F09673A448A122C92C62241051F57356D7F3C90BB0E07F"},
+	{"BBAA99887766554433221108",
+		"000102030405060708090A0B0C0D0E0F1011121314151617",
+		"",
+		"6DC225A071FC1B9F7C69F93B0F1E10DE"},
+	{"BBAA99887766554433221109",
+		"",
+		"000102030405060708090A0B0C0D0E0F1011121314151617",
+		"221BD0DE7FA6FE993ECCD769460A0AF2D6CDED0C395B1C3CE725F32494B9F914D85C0B1EB38357FF"},
+	{"BBAA9988776655443322110A",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+		"BD6F6C496201C69296C11EFD138A467ABD3C707924B964DEAFFC40319AF5A48540FBBA186C5553C68AD9F592A79A4240"},
+	{"BBAA9988776655443322110B",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+		"",
+		"FE80690BEE8A485D11F32965BC9D2A32"},
+	{"BBAA9988776655443322110C",
+		"",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
+		"2942BFC773BDA23CABC6ACFD9BFD5835BD300F0973792EF46040C53F1432BCDFB5E1DDE3BC18A5F840B52E653444D5DF"},
+	{"BBAA9988776655443322110D",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+		"D5CA91748410C1751FF8A2F618255B68A0A12E093FF454606E59F9C1D0DDC54B65E8628E568BAD7AED07BA06A4A69483A7035490C5769E60"},
+	{"BBAA9988776655443322110E",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+		"",
+		"C5CD9D1850C141E358649994EE701B68"},
+	{"BBAA9988776655443322110F",
+		"",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+		"4412923493C57D5DE0D700F753CCE0D1D2D95060122E9F15A5DDBFC5787E50B5CC55EE507BCB084E479AD363AC366B95A98CA5F3000B1479"},
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_b.go b/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_b.go
new file mode 100644
index 0000000000..5dc158f012
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/ocb/rfc7253_test_vectors_suite_b.go
@@ -0,0 +1,24 @@
+package ocb
+
+// Second set of test vectors from https://tools.ietf.org/html/rfc7253
+var rfc7253TestVectorTaglen96 = struct {
+	key, nonce, header, plaintext, ciphertext string
+}{"0F0E0D0C0B0A09080706050403020100",
+		"BBAA9988776655443322110D",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+		"000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
+		"1792A4E31E0755FB03E31B22116E6C2DDF9EFD6E33D536F1A0124B0A55BAE884ED93481529C76B6AD0C515F4D1CDD4FDAC4F02AA"}
+
+var rfc7253AlgorithmTest = []struct {
+	KEYLEN, TAGLEN int
+	OUTPUT string }{
+		{128, 128, "67E944D23256C5E0B6C61FA22FDF1EA2"},
+		{192, 128, "F673F2C3E7174AAE7BAE986CA9F29E17"},
+		{256, 128, "D90EB8E9C977C88B79DD793D7FFA161C"},
+		{128, 96, "77A3D8E73589158D25D01209"},
+		{192, 96, "05D56EAD2752C86BE6932C5E"},
+		{256, 96, "5458359AC23B0CBA9E6330DD"},
+		{128, 64, "192C9B7BD90BA06A"},
+		{192, 64, "0066BC6E0EF34E24"},
+		{256, 64, "7D4EA5D445501CBE"},
+	}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap/keywrap.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap/keywrap.go
new file mode 100644
index 0000000000..3c6251d1ce
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/aes/keywrap/keywrap.go
@@ -0,0 +1,153 @@
+// Copyright 2014 Matthew Endsley
+// All rights reserved
+//
+// Redistribution and use in source and binary forms, with or without
+// modification, are permitted providing that the following conditions
+// are met:
+// 1. Redistributions of source code must retain the above copyright
+//    notice, this list of conditions and the following disclaimer.
+// 2. Redistributions in binary form must reproduce the above copyright
+//    notice, this list of conditions and the following disclaimer in the
+//    documentation and/or other materials provided with the distribution.
+//
+// THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
+// IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
+// WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+// ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+// DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+// OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+// HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+// STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING
+// IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
+// POSSIBILITY OF SUCH DAMAGE.
+
+// Package keywrap is an implementation of the RFC 3394 AES key wrapping
+// algorithm. This is used in OpenPGP with elliptic curve keys.
+package keywrap
+
+import (
+	"crypto/aes"
+	"encoding/binary"
+	"errors"
+)
+
+var (
+	// ErrWrapPlaintext is returned if the plaintext is not a multiple
+	// of 64 bits.
+	ErrWrapPlaintext = errors.New("keywrap: plainText must be a multiple of 64 bits")
+
+	// ErrUnwrapCiphertext is returned if the ciphertext is not a
+	// multiple of 64 bits.
+	ErrUnwrapCiphertext = errors.New("keywrap: cipherText must by a multiple of 64 bits")
+
+	// ErrUnwrapFailed is returned if unwrapping a key fails.
+	ErrUnwrapFailed = errors.New("keywrap: failed to unwrap key")
+
+	// NB: the AES NewCipher call only fails if the key is an invalid length.
+
+	// ErrInvalidKey is returned when the AES key is invalid.
+	ErrInvalidKey = errors.New("keywrap: invalid AES key")
+)
+
+// Wrap a key using the RFC 3394 AES Key Wrap Algorithm.
+func Wrap(key, plainText []byte) ([]byte, error) {
+	if len(plainText)%8 != 0 {
+		return nil, ErrWrapPlaintext
+	}
+
+	c, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, ErrInvalidKey
+	}
+
+	nblocks := len(plainText) / 8
+
+	// 1) Initialize variables.
+	var block [aes.BlockSize]byte
+	// - Set A = IV, an initial value (see 2.2.3)
+	for ii := 0; ii < 8; ii++ {
+		block[ii] = 0xA6
+	}
+
+	// - For i = 1 to n
+	// -   Set R[i] = P[i]
+	intermediate := make([]byte, len(plainText))
+	copy(intermediate, plainText)
+
+	// 2) Calculate intermediate values.
+	for ii := 0; ii < 6; ii++ {
+		for jj := 0; jj < nblocks; jj++ {
+			// - B = AES(K, A | R[i])
+			copy(block[8:], intermediate[jj*8:jj*8+8])
+			c.Encrypt(block[:], block[:])
+
+			// - A = MSB(64, B) ^ t where t = (n*j)+1
+			t := uint64(ii*nblocks + jj + 1)
+			val := binary.BigEndian.Uint64(block[:8]) ^ t
+			binary.BigEndian.PutUint64(block[:8], val)
+
+			// - R[i] = LSB(64, B)
+			copy(intermediate[jj*8:jj*8+8], block[8:])
+		}
+	}
+
+	// 3) Output results.
+	// - Set C[0] = A
+	// - For i = 1 to n
+	// -   C[i] = R[i]
+	return append(block[:8], intermediate...), nil
+}
+
+// Unwrap a key using the RFC 3394 AES Key Wrap Algorithm.
+func Unwrap(key, cipherText []byte) ([]byte, error) {
+	if len(cipherText)%8 != 0 {
+		return nil, ErrUnwrapCiphertext
+	}
+
+	c, err := aes.NewCipher(key)
+	if err != nil {
+		return nil, ErrInvalidKey
+	}
+
+	nblocks := len(cipherText)/8 - 1
+
+	// 1) Initialize variables.
+	var block [aes.BlockSize]byte
+	// - Set A = C[0]
+	copy(block[:8], cipherText[:8])
+
+	// - For i = 1 to n
+	// -   Set R[i] = C[i]
+	intermediate := make([]byte, len(cipherText)-8)
+	copy(intermediate, cipherText[8:])
+
+	// 2) Compute intermediate values.
+	for jj := 5; jj >= 0; jj-- {
+		for ii := nblocks - 1; ii >= 0; ii-- {
+			// - B = AES-1(K, (A ^ t) | R[i]) where t = n*j+1
+			// - A = MSB(64, B)
+			t := uint64(jj*nblocks + ii + 1)
+			val := binary.BigEndian.Uint64(block[:8]) ^ t
+			binary.BigEndian.PutUint64(block[:8], val)
+
+			copy(block[8:], intermediate[ii*8:ii*8+8])
+			c.Decrypt(block[:], block[:])
+
+			// - R[i] = LSB(B, 64)
+			copy(intermediate[ii*8:ii*8+8], block[8:])
+		}
+	}
+
+	// 3) Output results.
+	// - If A is an appropriate initial value (see 2.2.3),
+	for ii := 0; ii < 8; ii++ {
+		if block[ii] != 0xA6 {
+			return nil, ErrUnwrapFailed
+		}
+	}
+
+	// - For i = 1 to n
+	// -   P[i] = R[i]
+	return intermediate, nil
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/armor.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/armor.go
new file mode 100644
index 0000000000..3b357e5851
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/armor.go
@@ -0,0 +1,224 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package armor implements OpenPGP ASCII Armor, see RFC 4880. OpenPGP Armor is
+// very similar to PEM except that it has an additional CRC checksum.
+package armor // import "github.com/ProtonMail/go-crypto/openpgp/armor"
+
+import (
+	"bufio"
+	"bytes"
+	"encoding/base64"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"io"
+)
+
+// A Block represents an OpenPGP armored structure.
+//
+// The encoded form is:
+//    -----BEGIN Type-----
+//    Headers
+//
+//    base64-encoded Bytes
+//    '=' base64 encoded checksum
+//    -----END Type-----
+// where Headers is a possibly empty sequence of Key: Value lines.
+//
+// Since the armored data can be very large, this package presents a streaming
+// interface.
+type Block struct {
+	Type    string            // The type, taken from the preamble (i.e. "PGP SIGNATURE").
+	Header  map[string]string // Optional headers.
+	Body    io.Reader         // A Reader from which the contents can be read
+	lReader lineReader
+	oReader openpgpReader
+}
+
+var ArmorCorrupt error = errors.StructuralError("armor invalid")
+
+const crc24Init = 0xb704ce
+const crc24Poly = 0x1864cfb
+const crc24Mask = 0xffffff
+
+// crc24 calculates the OpenPGP checksum as specified in RFC 4880, section 6.1
+func crc24(crc uint32, d []byte) uint32 {
+	for _, b := range d {
+		crc ^= uint32(b) << 16
+		for i := 0; i < 8; i++ {
+			crc <<= 1
+			if crc&0x1000000 != 0 {
+				crc ^= crc24Poly
+			}
+		}
+	}
+	return crc
+}
+
+var armorStart = []byte("-----BEGIN ")
+var armorEnd = []byte("-----END ")
+var armorEndOfLine = []byte("-----")
+
+// lineReader wraps a line based reader. It watches for the end of an armor
+// block and records the expected CRC value.
+type lineReader struct {
+	in     *bufio.Reader
+	buf    []byte
+	eof    bool
+	crc    uint32
+	crcSet bool
+}
+
+func (l *lineReader) Read(p []byte) (n int, err error) {
+	if l.eof {
+		return 0, io.EOF
+	}
+
+	if len(l.buf) > 0 {
+		n = copy(p, l.buf)
+		l.buf = l.buf[n:]
+		return
+	}
+
+	line, isPrefix, err := l.in.ReadLine()
+	if err != nil {
+		return
+	}
+	if isPrefix {
+		return 0, ArmorCorrupt
+	}
+
+	if bytes.HasPrefix(line, armorEnd) {
+		l.eof = true
+		return 0, io.EOF
+	}
+
+	if len(line) == 5 && line[0] == '=' {
+		// This is the checksum line
+		var expectedBytes [3]byte
+		var m int
+		m, err = base64.StdEncoding.Decode(expectedBytes[0:], line[1:])
+		if m != 3 || err != nil {
+			return
+		}
+		l.crc = uint32(expectedBytes[0])<<16 |
+			uint32(expectedBytes[1])<<8 |
+			uint32(expectedBytes[2])
+
+		line, _, err = l.in.ReadLine()
+		if err != nil && err != io.EOF {
+			return
+		}
+		if !bytes.HasPrefix(line, armorEnd) {
+			return 0, ArmorCorrupt
+		}
+
+		l.eof = true
+		l.crcSet = true
+		return 0, io.EOF
+	}
+
+	if len(line) > 96 {
+		return 0, ArmorCorrupt
+	}
+
+	n = copy(p, line)
+	bytesToSave := len(line) - n
+	if bytesToSave > 0 {
+		if cap(l.buf) < bytesToSave {
+			l.buf = make([]byte, 0, bytesToSave)
+		}
+		l.buf = l.buf[0:bytesToSave]
+		copy(l.buf, line[n:])
+	}
+
+	return
+}
+
+// openpgpReader passes Read calls to the underlying base64 decoder, but keeps
+// a running CRC of the resulting data and checks the CRC against the value
+// found by the lineReader at EOF.
+type openpgpReader struct {
+	lReader    *lineReader
+	b64Reader  io.Reader
+	currentCRC uint32
+}
+
+func (r *openpgpReader) Read(p []byte) (n int, err error) {
+	n, err = r.b64Reader.Read(p)
+	r.currentCRC = crc24(r.currentCRC, p[:n])
+
+	if err == io.EOF && r.lReader.crcSet && r.lReader.crc != uint32(r.currentCRC&crc24Mask) {
+		return 0, ArmorCorrupt
+	}
+
+	return
+}
+
+// Decode reads a PGP armored block from the given Reader. It will ignore
+// leading garbage. If it doesn't find a block, it will return nil, io.EOF. The
+// given Reader is not usable after calling this function: an arbitrary amount
+// of data may have been read past the end of the block.
+func Decode(in io.Reader) (p *Block, err error) {
+	r := bufio.NewReaderSize(in, 100)
+	var line []byte
+	ignoreNext := false
+
+TryNextBlock:
+	p = nil
+
+	// Skip leading garbage
+	for {
+		ignoreThis := ignoreNext
+		line, ignoreNext, err = r.ReadLine()
+		if err != nil {
+			return
+		}
+		if ignoreNext || ignoreThis {
+			continue
+		}
+		line = bytes.TrimSpace(line)
+		if len(line) > len(armorStart)+len(armorEndOfLine) && bytes.HasPrefix(line, armorStart) {
+			break
+		}
+	}
+
+	p = new(Block)
+	p.Type = string(line[len(armorStart) : len(line)-len(armorEndOfLine)])
+	p.Header = make(map[string]string)
+	nextIsContinuation := false
+	var lastKey string
+
+	// Read headers
+	for {
+		isContinuation := nextIsContinuation
+		line, nextIsContinuation, err = r.ReadLine()
+		if err != nil {
+			p = nil
+			return
+		}
+		if isContinuation {
+			p.Header[lastKey] += string(line)
+			continue
+		}
+		line = bytes.TrimSpace(line)
+		if len(line) == 0 {
+			break
+		}
+
+		i := bytes.Index(line, []byte(": "))
+		if i == -1 {
+			goto TryNextBlock
+		}
+		lastKey = string(line[:i])
+		p.Header[lastKey] = string(line[i+2:])
+	}
+
+	p.lReader.in = r
+	p.oReader.currentCRC = crc24Init
+	p.oReader.lReader = &p.lReader
+	p.oReader.b64Reader = base64.NewDecoder(base64.StdEncoding, &p.lReader)
+	p.Body = &p.oReader
+
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/encode.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/encode.go
new file mode 100644
index 0000000000..6f07582c37
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/armor/encode.go
@@ -0,0 +1,160 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package armor
+
+import (
+	"encoding/base64"
+	"io"
+)
+
+var armorHeaderSep = []byte(": ")
+var blockEnd = []byte("\n=")
+var newline = []byte("\n")
+var armorEndOfLineOut = []byte("-----\n")
+
+// writeSlices writes its arguments to the given Writer.
+func writeSlices(out io.Writer, slices ...[]byte) (err error) {
+	for _, s := range slices {
+		_, err = out.Write(s)
+		if err != nil {
+			return err
+		}
+	}
+	return
+}
+
+// lineBreaker breaks data across several lines, all of the same byte length
+// (except possibly the last). Lines are broken with a single '\n'.
+type lineBreaker struct {
+	lineLength  int
+	line        []byte
+	used        int
+	out         io.Writer
+	haveWritten bool
+}
+
+func newLineBreaker(out io.Writer, lineLength int) *lineBreaker {
+	return &lineBreaker{
+		lineLength: lineLength,
+		line:       make([]byte, lineLength),
+		used:       0,
+		out:        out,
+	}
+}
+
+func (l *lineBreaker) Write(b []byte) (n int, err error) {
+	n = len(b)
+
+	if n == 0 {
+		return
+	}
+
+	if l.used == 0 && l.haveWritten {
+		_, err = l.out.Write([]byte{'\n'})
+		if err != nil {
+			return
+		}
+	}
+
+	if l.used+len(b) < l.lineLength {
+		l.used += copy(l.line[l.used:], b)
+		return
+	}
+
+	l.haveWritten = true
+	_, err = l.out.Write(l.line[0:l.used])
+	if err != nil {
+		return
+	}
+	excess := l.lineLength - l.used
+	l.used = 0
+
+	_, err = l.out.Write(b[0:excess])
+	if err != nil {
+		return
+	}
+
+	_, err = l.Write(b[excess:])
+	return
+}
+
+func (l *lineBreaker) Close() (err error) {
+	if l.used > 0 {
+		_, err = l.out.Write(l.line[0:l.used])
+		if err != nil {
+			return
+		}
+	}
+
+	return
+}
+
+// encoding keeps track of a running CRC24 over the data which has been written
+// to it and outputs a OpenPGP checksum when closed, followed by an armor
+// trailer.
+//
+// It's built into a stack of io.Writers:
+//    encoding -> base64 encoder -> lineBreaker -> out
+type encoding struct {
+	out       io.Writer
+	breaker   *lineBreaker
+	b64       io.WriteCloser
+	crc       uint32
+	blockType []byte
+}
+
+func (e *encoding) Write(data []byte) (n int, err error) {
+	e.crc = crc24(e.crc, data)
+	return e.b64.Write(data)
+}
+
+func (e *encoding) Close() (err error) {
+	err = e.b64.Close()
+	if err != nil {
+		return
+	}
+	e.breaker.Close()
+
+	var checksumBytes [3]byte
+	checksumBytes[0] = byte(e.crc >> 16)
+	checksumBytes[1] = byte(e.crc >> 8)
+	checksumBytes[2] = byte(e.crc)
+
+	var b64ChecksumBytes [4]byte
+	base64.StdEncoding.Encode(b64ChecksumBytes[:], checksumBytes[:])
+
+	return writeSlices(e.out, blockEnd, b64ChecksumBytes[:], newline, armorEnd, e.blockType, armorEndOfLine)
+}
+
+// Encode returns a WriteCloser which will encode the data written to it in
+// OpenPGP armor.
+func Encode(out io.Writer, blockType string, headers map[string]string) (w io.WriteCloser, err error) {
+	bType := []byte(blockType)
+	err = writeSlices(out, armorStart, bType, armorEndOfLineOut)
+	if err != nil {
+		return
+	}
+
+	for k, v := range headers {
+		err = writeSlices(out, []byte(k), armorHeaderSep, []byte(v), newline)
+		if err != nil {
+			return
+		}
+	}
+
+	_, err = out.Write(newline)
+	if err != nil {
+		return
+	}
+
+	e := &encoding{
+		out:       out,
+		breaker:   newLineBreaker(out, 64),
+		crc:       crc24Init,
+		blockType: bType,
+	}
+	e.b64 = base64.NewEncoder(base64.StdEncoding, e.breaker)
+	return e, nil
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/canonical_text.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/canonical_text.go
new file mode 100644
index 0000000000..a94f6150c4
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/canonical_text.go
@@ -0,0 +1,65 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package openpgp
+
+import (
+	"hash"
+	"io"
+)
+
+// NewCanonicalTextHash reformats text written to it into the canonical
+// form and then applies the hash h.  See RFC 4880, section 5.2.1.
+func NewCanonicalTextHash(h hash.Hash) hash.Hash {
+	return &canonicalTextHash{h, 0}
+}
+
+type canonicalTextHash struct {
+	h hash.Hash
+	s int
+}
+
+var newline = []byte{'\r', '\n'}
+
+func writeCanonical(cw io.Writer, buf []byte, s *int) (int, error) {
+	start := 0
+	for i, c := range buf {
+		switch *s {
+		case 0:
+			if c == '\r' {
+				*s = 1
+			} else if c == '\n' {
+				cw.Write(buf[start:i])
+				cw.Write(newline)
+				start = i + 1
+			}
+		case 1:
+			*s = 0
+		}
+	}
+
+	cw.Write(buf[start:])
+	return len(buf), nil
+}
+
+func (cth *canonicalTextHash) Write(buf []byte) (int, error) {
+	return writeCanonical(cth.h, buf, &cth.s)
+}
+
+func (cth *canonicalTextHash) Sum(in []byte) []byte {
+	return cth.h.Sum(in)
+}
+
+func (cth *canonicalTextHash) Reset() {
+	cth.h.Reset()
+	cth.s = 0
+}
+
+func (cth *canonicalTextHash) Size() int {
+	return cth.h.Size()
+}
+
+func (cth *canonicalTextHash) BlockSize() int {
+	return cth.h.BlockSize()
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/ecdh.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/ecdh.go
new file mode 100644
index 0000000000..0b49be4bf3
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/ecdh.go
@@ -0,0 +1,165 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package ecdh implements ECDH encryption, suitable for OpenPGP,
+// as specified in RFC 6637, section 8.
+package ecdh
+
+import (
+	"bytes"
+	"crypto/elliptic"
+	"errors"
+	"io"
+	"math/big"
+
+	"github.com/ProtonMail/go-crypto/openpgp/aes/keywrap"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
+)
+
+type KDF struct {
+	Hash   algorithm.Hash
+	Cipher algorithm.Cipher
+}
+
+type PublicKey struct {
+	ecc.CurveType
+	elliptic.Curve
+	X, Y *big.Int
+	KDF
+}
+
+type PrivateKey struct {
+	PublicKey
+	D []byte
+}
+
+func GenerateKey(c elliptic.Curve, kdf KDF, rand io.Reader) (priv *PrivateKey, err error) {
+	priv = new(PrivateKey)
+	priv.PublicKey.Curve = c
+	priv.PublicKey.KDF = kdf
+	priv.D, priv.PublicKey.X, priv.PublicKey.Y, err = elliptic.GenerateKey(c, rand)
+	return
+}
+
+func Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte) (vsG, c []byte, err error) {
+	if len(msg) > 40 {
+		return nil, nil, errors.New("ecdh: message too long")
+	}
+	// the sender MAY use 21, 13, and 5 bytes of padding for AES-128,
+	// AES-192, and AES-256, respectively, to provide the same number of
+	// octets, 40 total, as an input to the key wrapping method.
+	padding := make([]byte, 40-len(msg))
+	for i := range padding {
+		padding[i] = byte(40 - len(msg))
+	}
+	m := append(msg, padding...)
+
+	if pub.CurveType == ecc.Curve25519 {
+		return X25519Encrypt(random, pub, m, curveOID, fingerprint)
+	}
+
+	d, x, y, err := elliptic.GenerateKey(pub.Curve, random)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	vsG = elliptic.Marshal(pub.Curve, x, y)
+	zbBig, _ := pub.Curve.ScalarMult(pub.X, pub.Y, d)
+
+	byteLen := (pub.Curve.Params().BitSize + 7) >> 3
+	zb := make([]byte, byteLen)
+	zbBytes := zbBig.Bytes()
+	copy(zb[byteLen-len(zbBytes):], zbBytes)
+
+	z, err := buildKey(pub, zb, curveOID, fingerprint, false, false)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	if c, err = keywrap.Wrap(z, m); err != nil {
+		return nil, nil, err
+	}
+
+	return vsG, c, nil
+
+}
+
+func Decrypt(priv *PrivateKey, vsG, m, curveOID, fingerprint []byte) (msg []byte, err error) {
+	if priv.PublicKey.CurveType == ecc.Curve25519 {
+		return X25519Decrypt(priv, vsG, m, curveOID, fingerprint)
+	}
+	x, y := elliptic.Unmarshal(priv.Curve, vsG)
+	zbBig, _ := priv.Curve.ScalarMult(x, y, priv.D)
+
+	byteLen := (priv.Curve.Params().BitSize + 7) >> 3
+	zb := make([]byte, byteLen)
+	zbBytes := zbBig.Bytes()
+	copy(zb[byteLen-len(zbBytes):], zbBytes)
+
+	z, err := buildKey(&priv.PublicKey, zb, curveOID, fingerprint, false, false)
+	if err != nil {
+		return nil, err
+	}
+
+	c, err := keywrap.Unwrap(z, m)
+	if err != nil {
+		return nil, err
+	}
+
+	return c[:len(c)-int(c[len(c)-1])], nil
+}
+
+func buildKey(pub *PublicKey, zb []byte, curveOID, fingerprint []byte, stripLeading, stripTrailing bool) ([]byte, error) {
+	// Param = curve_OID_len || curve_OID || public_key_alg_ID || 03
+	//         || 01 || KDF_hash_ID || KEK_alg_ID for AESKeyWrap
+	//         || "Anonymous Sender    " || recipient_fingerprint;
+	param := new(bytes.Buffer)
+	if _, err := param.Write(curveOID); err != nil {
+		return nil, err
+	}
+	algKDF := []byte{18, 3, 1, pub.KDF.Hash.Id(), pub.KDF.Cipher.Id()}
+	if _, err := param.Write(algKDF); err != nil {
+		return nil, err
+	}
+	if _, err := param.Write([]byte("Anonymous Sender    ")); err != nil {
+		return nil, err
+	}
+	// For v5 keys, the 20 leftmost octets of the fingerprint are used.
+	if _, err := param.Write(fingerprint[:20]); err != nil {
+		return nil, err
+	}
+	if param.Len() - len(curveOID) != 45 {
+		return nil, errors.New("ecdh: malformed KDF Param")
+	}
+
+	// MB = Hash ( 00 || 00 || 00 || 01 || ZB || Param );
+	h := pub.KDF.Hash.New()
+	if _, err := h.Write([]byte{0x0, 0x0, 0x0, 0x1}); err != nil {
+		return nil, err
+	}
+	zbLen := len(zb)
+	i := 0
+	j := zbLen - 1
+	if stripLeading {
+		// Work around old go crypto bug where the leading zeros are missing.
+		for ; i < zbLen && zb[i] == 0; i++ {}
+	}
+	if stripTrailing {
+		// Work around old OpenPGP.js bug where insignificant trailing zeros in
+		// this little-endian number are missing.
+		// (See https://github.com/openpgpjs/openpgpjs/pull/853.)
+		for ; j >= 0 && zb[j] == 0; j-- {}
+	}
+	if _, err := h.Write(zb[i:j+1]); err != nil {
+		return nil, err
+	}
+	if _, err := h.Write(param.Bytes()); err != nil {
+		return nil, err
+	}
+	mb := h.Sum(nil)
+
+	return mb[:pub.KDF.Cipher.KeySize()], nil // return oBits leftmost bits of MB.
+
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/x25519.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/x25519.go
new file mode 100644
index 0000000000..15b41a31df
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/ecdh/x25519.go
@@ -0,0 +1,157 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package ecdh implements ECDH encryption, suitable for OpenPGP,
+// as specified in RFC 6637, section 8.
+package ecdh
+
+import (
+	"errors"
+	"io"
+	"math/big"
+
+	"github.com/ProtonMail/go-crypto/openpgp/aes/keywrap"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
+	"golang.org/x/crypto/curve25519"
+)
+
+// Generates a private-public key-pair.
+// 'priv' is a private key; a scalar belonging to the set
+// 2^{254} + 8 * [0, 2^{251}), in order to avoid the small subgroup of the
+// curve. 'pub' is simply 'priv' * G where G is the base point.
+// See https://cr.yp.to/ecdh.html and RFC7748, sec 5.
+func x25519GenerateKeyPairBytes(rand io.Reader) (priv [32]byte, pub [32]byte, err error) {
+	var n, helper = new(big.Int), new(big.Int)
+	n.SetUint64(1)
+	n.Lsh(n, 252)
+	helper.SetString("27742317777372353535851937790883648493", 10)
+	n.Add(n, helper)
+
+	for true {
+		_, err = io.ReadFull(rand, priv[:])
+		if err != nil {
+			return
+		}
+		// The following ensures that the private key is a number of the form
+		// 2^{254} + 8 * [0, 2^{251}), in order to avoid the small subgroup of
+		// of the curve.
+		priv[0] &= 248
+		priv[31] &= 127
+		priv[31] |= 64
+
+		// If the scalar is out of range, sample another random number.
+		if new(big.Int).SetBytes(priv[:]).Cmp(n) >= 0 {
+			continue
+		}
+
+		curve25519.ScalarBaseMult(&pub, &priv)
+		return
+	}
+	return
+}
+
+// X25519GenerateKey samples the key pair according to the correct distribution.
+// It also sets the given key-derivation function and returns the *PrivateKey
+// object along with an error.
+func X25519GenerateKey(rand io.Reader, kdf KDF) (priv *PrivateKey, err error) {
+	ci := ecc.FindByName("Curve25519")
+	priv = new(PrivateKey)
+	priv.PublicKey.Curve = ci.Curve
+	d, pubKey, err := x25519GenerateKeyPairBytes(rand)
+	if err != nil {
+		return nil, err
+	}
+	priv.PublicKey.KDF = kdf
+	priv.D = make([]byte, 32)
+	copyReversed(priv.D, d[:])
+	priv.PublicKey.CurveType = ci.CurveType
+	priv.PublicKey.Curve = ci.Curve
+	/*
+	 * Note that ECPoint.point differs from the definition of public keys in
+	 * [Curve25519] in two ways: (1) the byte-ordering is big-endian, which is
+	 * more uniform with how big integers are represented in TLS, and (2) there
+	 * is an additional length byte (so ECpoint.point is actually 33 bytes),
+	 * again for uniformity (and extensibility).
+	 */
+	var encodedKey = make([]byte, 33)
+	encodedKey[0] = 0x40
+	copy(encodedKey[1:], pubKey[:])
+	priv.PublicKey.X = new(big.Int).SetBytes(encodedKey[:])
+	priv.PublicKey.Y = new(big.Int)
+	return priv, nil
+}
+
+func X25519Encrypt(random io.Reader, pub *PublicKey, msg, curveOID, fingerprint []byte) (vsG, c []byte, err error) {
+	d, ephemeralKey, err := x25519GenerateKeyPairBytes(random)
+	if err != nil {
+		return nil, nil, err
+	}
+	var pubKey [32]byte
+
+	if pub.X.BitLen() > 33*264 {
+		return nil, nil, errors.New("ecdh: invalid key")
+	}
+	copy(pubKey[:], pub.X.Bytes()[1:])
+
+	var zb [32]byte
+	curve25519.ScalarBaseMult(&zb, &d)
+	curve25519.ScalarMult(&zb, &d, &pubKey)
+	z, err := buildKey(pub, zb[:], curveOID, fingerprint, false, false)
+
+	if err != nil {
+		return nil, nil, err
+	}
+
+	if c, err = keywrap.Wrap(z, msg); err != nil {
+		return nil, nil, err
+	}
+
+	var vsg [33]byte
+	vsg[0] = 0x40
+	copy(vsg[1:], ephemeralKey[:])
+
+	return vsg[:], c, nil
+}
+
+func X25519Decrypt(priv *PrivateKey, vsG, m, curveOID, fingerprint []byte) (msg []byte, err error) {
+	var zb, d, ephemeralKey [32]byte
+	if len(vsG) != 33 || vsG[0] != 0x40 {
+		return nil, errors.New("ecdh: invalid key")
+	}
+	copy(ephemeralKey[:], vsG[1:33])
+
+	copyReversed(d[:], priv.D)
+	curve25519.ScalarBaseMult(&zb, &d)
+	curve25519.ScalarMult(&zb, &d, &ephemeralKey)
+
+	var c []byte
+
+	for i := 0; i < 3; i++ {
+		// Try buildKey three times for compat, see comments in buildKey.
+		z, err := buildKey(&priv.PublicKey, zb[:], curveOID, fingerprint, i == 1, i == 2)
+		if err != nil {
+			return nil, err
+		}
+
+		res, err := keywrap.Unwrap(z, m)
+		if i == 2 && err != nil {
+			// Only return an error after we've tried all variants of buildKey.
+			return nil, err
+		}
+
+		c = res
+		if err == nil {
+			break
+		}
+	}
+
+	return c[:len(c)-int(c[len(c)-1])], nil
+}
+
+func copyReversed(out []byte, in []byte) {
+	l := len(in)
+	for i := 0; i < l; i++ {
+		out[i] = in[l-i-1]
+	}
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/elgamal/elgamal.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/elgamal/elgamal.go
new file mode 100644
index 0000000000..6a07d8ff27
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/elgamal/elgamal.go
@@ -0,0 +1,124 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package elgamal implements ElGamal encryption, suitable for OpenPGP,
+// as specified in "A Public-Key Cryptosystem and a Signature Scheme Based on
+// Discrete Logarithms," IEEE Transactions on Information Theory, v. IT-31,
+// n. 4, 1985, pp. 469-472.
+//
+// This form of ElGamal embeds PKCS#1 v1.5 padding, which may make it
+// unsuitable for other protocols. RSA should be used in preference in any
+// case.
+package elgamal // import "github.com/ProtonMail/go-crypto/openpgp/elgamal"
+
+import (
+	"crypto/rand"
+	"crypto/subtle"
+	"errors"
+	"io"
+	"math/big"
+)
+
+// PublicKey represents an ElGamal public key.
+type PublicKey struct {
+	G, P, Y *big.Int
+}
+
+// PrivateKey represents an ElGamal private key.
+type PrivateKey struct {
+	PublicKey
+	X *big.Int
+}
+
+// Encrypt encrypts the given message to the given public key. The result is a
+// pair of integers. Errors can result from reading random, or because msg is
+// too large to be encrypted to the public key.
+func Encrypt(random io.Reader, pub *PublicKey, msg []byte) (c1, c2 *big.Int, err error) {
+	pLen := (pub.P.BitLen() + 7) / 8
+	if len(msg) > pLen-11 {
+		err = errors.New("elgamal: message too long")
+		return
+	}
+
+	// EM = 0x02 || PS || 0x00 || M
+	em := make([]byte, pLen-1)
+	em[0] = 2
+	ps, mm := em[1:len(em)-len(msg)-1], em[len(em)-len(msg):]
+	err = nonZeroRandomBytes(ps, random)
+	if err != nil {
+		return
+	}
+	em[len(em)-len(msg)-1] = 0
+	copy(mm, msg)
+
+	m := new(big.Int).SetBytes(em)
+
+	k, err := rand.Int(random, pub.P)
+	if err != nil {
+		return
+	}
+
+	c1 = new(big.Int).Exp(pub.G, k, pub.P)
+	s := new(big.Int).Exp(pub.Y, k, pub.P)
+	c2 = s.Mul(s, m)
+	c2.Mod(c2, pub.P)
+
+	return
+}
+
+// Decrypt takes two integers, resulting from an ElGamal encryption, and
+// returns the plaintext of the message. An error can result only if the
+// ciphertext is invalid. Users should keep in mind that this is a padding
+// oracle and thus, if exposed to an adaptive chosen ciphertext attack, can
+// be used to break the cryptosystem.  See ``Chosen Ciphertext Attacks
+// Against Protocols Based on the RSA Encryption Standard PKCS #1'', Daniel
+// Bleichenbacher, Advances in Cryptology (Crypto '98),
+func Decrypt(priv *PrivateKey, c1, c2 *big.Int) (msg []byte, err error) {
+	s := new(big.Int).Exp(c1, priv.X, priv.P)
+	if s.ModInverse(s, priv.P) == nil {
+		return nil, errors.New("elgamal: invalid private key")
+	}
+	s.Mul(s, c2)
+	s.Mod(s, priv.P)
+	em := s.Bytes()
+
+	firstByteIsTwo := subtle.ConstantTimeByteEq(em[0], 2)
+
+	// The remainder of the plaintext must be a string of non-zero random
+	// octets, followed by a 0, followed by the message.
+	//   lookingForIndex: 1 iff we are still looking for the zero.
+	//   index: the offset of the first zero byte.
+	var lookingForIndex, index int
+	lookingForIndex = 1
+
+	for i := 1; i < len(em); i++ {
+		equals0 := subtle.ConstantTimeByteEq(em[i], 0)
+		index = subtle.ConstantTimeSelect(lookingForIndex&equals0, i, index)
+		lookingForIndex = subtle.ConstantTimeSelect(equals0, 0, lookingForIndex)
+	}
+
+	if firstByteIsTwo != 1 || lookingForIndex != 0 || index < 9 {
+		return nil, errors.New("elgamal: decryption error")
+	}
+	return em[index+1:], nil
+}
+
+// nonZeroRandomBytes fills the given slice with non-zero random octets.
+func nonZeroRandomBytes(s []byte, rand io.Reader) (err error) {
+	_, err = io.ReadFull(rand, s)
+	if err != nil {
+		return
+	}
+
+	for i := 0; i < len(s); i++ {
+		for s[i] == 0 {
+			_, err = io.ReadFull(rand, s[i:i+1])
+			if err != nil {
+				return
+			}
+		}
+	}
+
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/errors/errors.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/errors/errors.go
new file mode 100644
index 0000000000..17e2bcfed2
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/errors/errors.go
@@ -0,0 +1,116 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package errors contains common error types for the OpenPGP packages.
+package errors // import "github.com/ProtonMail/go-crypto/openpgp/errors"
+
+import (
+	"strconv"
+)
+
+// A StructuralError is returned when OpenPGP data is found to be syntactically
+// invalid.
+type StructuralError string
+
+func (s StructuralError) Error() string {
+	return "openpgp: invalid data: " + string(s)
+}
+
+// UnsupportedError indicates that, although the OpenPGP data is valid, it
+// makes use of currently unimplemented features.
+type UnsupportedError string
+
+func (s UnsupportedError) Error() string {
+	return "openpgp: unsupported feature: " + string(s)
+}
+
+// InvalidArgumentError indicates that the caller is in error and passed an
+// incorrect value.
+type InvalidArgumentError string
+
+func (i InvalidArgumentError) Error() string {
+	return "openpgp: invalid argument: " + string(i)
+}
+
+// SignatureError indicates that a syntactically valid signature failed to
+// validate.
+type SignatureError string
+
+func (b SignatureError) Error() string {
+	return "openpgp: invalid signature: " + string(b)
+}
+
+var ErrMDCHashMismatch error = SignatureError("MDC hash mismatch")
+var ErrMDCMissing error = SignatureError("MDC packet not found")
+
+type signatureExpiredError int
+
+func (se signatureExpiredError) Error() string {
+	return "openpgp: signature expired"
+}
+
+var ErrSignatureExpired error = signatureExpiredError(0)
+
+type keyExpiredError int
+
+func (ke keyExpiredError) Error() string {
+	return "openpgp: key expired"
+}
+
+var ErrKeyExpired error = keyExpiredError(0)
+
+type keyIncorrectError int
+
+func (ki keyIncorrectError) Error() string {
+	return "openpgp: incorrect key"
+}
+
+var ErrKeyIncorrect error = keyIncorrectError(0)
+
+// KeyInvalidError indicates that the public key parameters are invalid
+// as they do not match the private ones
+type KeyInvalidError string
+
+func (e KeyInvalidError) Error() string {
+	return "openpgp: invalid key: " + string(e)
+}
+
+type unknownIssuerError int
+
+func (unknownIssuerError) Error() string {
+	return "openpgp: signature made by unknown entity"
+}
+
+var ErrUnknownIssuer error = unknownIssuerError(0)
+
+type keyRevokedError int
+
+func (keyRevokedError) Error() string {
+	return "openpgp: signature made by revoked key"
+}
+
+var ErrKeyRevoked error = keyRevokedError(0)
+
+type UnknownPacketTypeError uint8
+
+func (upte UnknownPacketTypeError) Error() string {
+	return "openpgp: unknown packet type: " + strconv.Itoa(int(upte))
+}
+
+// AEADError indicates that there is a problem when initializing or using a
+// AEAD instance, configuration struct, nonces or index values.
+type AEADError string
+
+func (ae AEADError) Error() string {
+	return "openpgp: aead error: " + string(ae)
+}
+
+// ErrDummyPrivateKey results when operations are attempted on a private key
+// that is just a dummy key. See
+// https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=fe55ae16ab4e26d8356dc574c9e8bc935e71aef1;hb=23191d7851eae2217ecdac6484349849a24fd94a#l1109
+type ErrDummyPrivateKey string
+
+func (dke ErrDummyPrivateKey) Error() string {
+	return "openpgp: s2k GNU dummy key: " + string(dke)
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/aead.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/aead.go
new file mode 100644
index 0000000000..17a1bfe9cb
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/aead.go
@@ -0,0 +1,65 @@
+// Copyright (C) 2019 ProtonTech AG
+
+package algorithm
+
+import (
+	"crypto/cipher"
+	"github.com/ProtonMail/go-crypto/eax"
+	"github.com/ProtonMail/go-crypto/ocb"
+)
+
+// AEADMode defines the Authenticated Encryption with Associated Data mode of
+// operation.
+type AEADMode uint8
+
+// Supported modes of operation (see RFC4880bis [EAX] and RFC7253)
+const (
+	AEADModeEAX = AEADMode(1)
+	AEADModeOCB = AEADMode(2)
+	AEADModeGCM = AEADMode(100)
+)
+
+// TagLength returns the length in bytes of authentication tags.
+func (mode AEADMode) TagLength() int {
+	switch mode {
+	case AEADModeEAX:
+		return 16
+	case AEADModeOCB:
+		return 16
+	case AEADModeGCM:
+		return 16
+	default:
+		return 0
+	}
+}
+
+// NonceLength returns the length in bytes of nonces.
+func (mode AEADMode) NonceLength() int {
+	switch mode {
+	case AEADModeEAX:
+		return 16
+	case AEADModeOCB:
+		return 15
+	case AEADModeGCM:
+		return 12
+	default:
+		return 0
+	}
+}
+
+// New returns a fresh instance of the given mode
+func (mode AEADMode) New(block cipher.Block) (alg cipher.AEAD) {
+	var err error
+	switch mode {
+	case AEADModeEAX:
+		alg, err = eax.NewEAX(block)
+	case AEADModeOCB:
+		alg, err = ocb.NewOCB(block)
+	case AEADModeGCM:
+		alg, err = cipher.NewGCM(block)
+	}
+	if err != nil {
+		panic(err.Error())
+	}
+	return alg
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/cipher.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/cipher.go
new file mode 100644
index 0000000000..5760cff80e
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/cipher.go
@@ -0,0 +1,107 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package algorithm
+
+import (
+	"crypto/aes"
+	"crypto/cipher"
+	"crypto/des"
+
+	"golang.org/x/crypto/cast5"
+)
+
+// Cipher is an official symmetric key cipher algorithm. See RFC 4880,
+// section 9.2.
+type Cipher interface {
+	// Id returns the algorithm ID, as a byte, of the cipher.
+	Id() uint8
+	// KeySize returns the key size, in bytes, of the cipher.
+	KeySize() int
+	// BlockSize returns the block size, in bytes, of the cipher.
+	BlockSize() int
+	// New returns a fresh instance of the given cipher.
+	New(key []byte) cipher.Block
+}
+
+// The following constants mirror the OpenPGP standard (RFC 4880).
+const (
+	TripleDES = CipherFunction(2)
+	CAST5     = CipherFunction(3)
+	AES128    = CipherFunction(7)
+	AES192    = CipherFunction(8)
+	AES256    = CipherFunction(9)
+)
+
+// CipherById represents the different block ciphers specified for OpenPGP. See
+// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13
+var CipherById = map[uint8]Cipher{
+	TripleDES.Id(): TripleDES,
+	CAST5.Id():     CAST5,
+	AES128.Id():    AES128,
+	AES192.Id():    AES192,
+	AES256.Id():    AES256,
+}
+
+type CipherFunction uint8
+
+// ID returns the algorithm Id, as a byte, of cipher.
+func (sk CipherFunction) Id() uint8 {
+	return uint8(sk)
+}
+
+var keySizeByID = map[uint8]int{
+	TripleDES.Id(): 24,
+	CAST5.Id():     cast5.KeySize,
+	AES128.Id():    16,
+	AES192.Id():    24,
+	AES256.Id():    32,
+}
+
+// KeySize returns the key size, in bytes, of cipher.
+func (cipher CipherFunction) KeySize() int {
+	switch cipher {
+	case TripleDES:
+		return 24
+	case CAST5:
+		return cast5.KeySize
+	case AES128:
+		return 16
+	case AES192:
+		return 24
+	case AES256:
+		return 32
+	}
+	return 0
+}
+
+// BlockSize returns the block size, in bytes, of cipher.
+func (cipher CipherFunction) BlockSize() int {
+	switch cipher {
+	case TripleDES:
+		return des.BlockSize
+	case CAST5:
+		return 8
+	case AES128, AES192, AES256:
+		return 16
+	}
+	return 0
+}
+
+// New returns a fresh instance of the given cipher.
+func (cipher CipherFunction) New(key []byte) (block cipher.Block) {
+	var err error
+	switch cipher {
+	case TripleDES:
+		block, err = des.NewTripleDESCipher(key)
+	case CAST5:
+		block, err = cast5.NewCipher(key)
+	case AES128, AES192, AES256:
+		block, err = aes.NewCipher(key)
+	}
+	if err != nil {
+		panic(err.Error())
+	}
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/hash.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/hash.go
new file mode 100644
index 0000000000..3f1b61b88e
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/algorithm/hash.go
@@ -0,0 +1,86 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package algorithm
+
+import (
+	"crypto"
+	"fmt"
+	"hash"
+)
+
+// Hash is an official hash function algorithm. See RFC 4880, section 9.4.
+type Hash interface {
+	// Id returns the algorithm ID, as a byte, of Hash.
+	Id() uint8
+	// Available reports whether the given hash function is linked into the binary.
+	Available() bool
+	// HashFunc simply returns the value of h so that Hash implements SignerOpts.
+	HashFunc() crypto.Hash
+	// New returns a new hash.Hash calculating the given hash function. New
+	// panics if the hash function is not linked into the binary.
+	New() hash.Hash
+	// Size returns the length, in bytes, of a digest resulting from the given
+	// hash function. It doesn't require that the hash function in question be
+	// linked into the program.
+	Size() int
+	// String is the name of the hash function corresponding to the given
+	// OpenPGP hash id.
+	String() string
+}
+
+// The following vars mirror the crypto/Hash supported hash functions.
+var (
+	MD5       Hash = cryptoHash{1, crypto.MD5}
+	SHA1      Hash = cryptoHash{2, crypto.SHA1}
+	RIPEMD160 Hash = cryptoHash{3, crypto.RIPEMD160}
+	SHA256    Hash = cryptoHash{8, crypto.SHA256}
+	SHA384    Hash = cryptoHash{9, crypto.SHA384}
+	SHA512    Hash = cryptoHash{10, crypto.SHA512}
+	SHA224    Hash = cryptoHash{11, crypto.SHA224}
+)
+
+// HashById represents the different hash functions specified for OpenPGP. See
+// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-14
+var (
+	HashById = map[uint8]Hash{
+		MD5.Id():       MD5,
+		SHA1.Id():      SHA1,
+		RIPEMD160.Id(): RIPEMD160,
+		SHA256.Id():    SHA256,
+		SHA384.Id():    SHA384,
+		SHA512.Id():    SHA512,
+		SHA224.Id():    SHA224,
+	}
+)
+
+// cryptoHash contains pairs relating OpenPGP's hash identifier with
+// Go's crypto.Hash type. See RFC 4880, section 9.4.
+type cryptoHash struct {
+	id uint8
+	crypto.Hash
+}
+
+// Id returns the algorithm ID, as a byte, of cryptoHash.
+func (h cryptoHash) Id() uint8 {
+	return h.id
+}
+
+var hashNames = map[uint8]string{
+	MD5.Id():       "MD5",
+	SHA1.Id():      "SHA1",
+	RIPEMD160.Id(): "RIPEMD160",
+	SHA256.Id():    "SHA256",
+	SHA384.Id():    "SHA384",
+	SHA512.Id():    "SHA512",
+	SHA224.Id():    "SHA224",
+}
+
+func (h cryptoHash) String() string {
+	s, ok := hashNames[h.id]
+	if !ok {
+		panic(fmt.Sprintf("Unsupported hash function %d", h.id))
+	}
+	return s
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curveInfo.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curveInfo.go
new file mode 100644
index 0000000000..f91042fd85
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curveInfo.go
@@ -0,0 +1,118 @@
+package ecc
+
+import (
+	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
+	"crypto/elliptic"
+	"bytes"
+	"github.com/ProtonMail/go-crypto/bitcurves"
+	"github.com/ProtonMail/go-crypto/brainpool"
+)
+
+type SignatureAlgorithm uint8
+
+const (
+	ECDSA SignatureAlgorithm = 1
+	EdDSA SignatureAlgorithm = 2
+)
+
+type CurveInfo struct {
+	Name string
+	Oid *encoding.OID
+	Curve elliptic.Curve
+	SigAlgorithm SignatureAlgorithm
+	CurveType CurveType
+}
+
+var curves = []CurveInfo{
+	{
+		Name: "NIST curve P-256",
+		Oid: encoding.NewOID([]byte{0x2A, 0x86, 0x48, 0xCE, 0x3D, 0x03, 0x01, 0x07}),
+		Curve: elliptic.P256(),
+		CurveType: NISTCurve,
+		SigAlgorithm: ECDSA,
+	},
+	{
+		Name: "NIST curve P-384",
+		Oid: encoding.NewOID([]byte{0x2B, 0x81, 0x04, 0x00, 0x22}),
+		Curve: elliptic.P384(),
+		CurveType: NISTCurve,
+		SigAlgorithm: ECDSA,
+	},
+	{
+		Name: "NIST curve P-521",
+		Oid: encoding.NewOID([]byte{0x2B, 0x81, 0x04, 0x00, 0x23}),
+		Curve: elliptic.P521(),
+		CurveType: NISTCurve,
+		SigAlgorithm: ECDSA,
+	},
+	{
+		Name: "SecP256k1",
+		Oid: encoding.NewOID([]byte{0x2B, 0x81, 0x04, 0x00, 0x0A}),
+		Curve: bitcurves.S256(),
+		CurveType: BitCurve,
+		SigAlgorithm: ECDSA,
+	},
+	{
+		Name: "Curve25519",
+		Oid: encoding.NewOID([]byte{0x2B, 0x06, 0x01, 0x04, 0x01, 0x97, 0x55, 0x01, 0x05, 0x01}),
+		Curve: elliptic.P256(),// filler
+		CurveType: Curve25519,
+		SigAlgorithm: ECDSA,
+	},
+	{
+		Name: "Ed25519",
+		Oid: encoding.NewOID([]byte{0x2B, 0x06, 0x01, 0x04, 0x01, 0xDA, 0x47, 0x0F, 0x01}),
+		Curve: elliptic.P256(), // filler
+		CurveType: NISTCurve,
+		SigAlgorithm: EdDSA,
+	},
+	{
+		Name: "Brainpool P256r1",
+		Oid: encoding.NewOID([]byte{0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x07}),
+		Curve: brainpool.P256r1(),
+		CurveType: BrainpoolCurve,
+		SigAlgorithm: ECDSA,
+	},
+	{
+		Name: "BrainpoolP384r1",
+		Oid: encoding.NewOID([]byte{0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0B}),
+		Curve: brainpool.P384r1(),
+		CurveType: BrainpoolCurve,
+		SigAlgorithm: ECDSA,
+	},
+	{
+		Name: "BrainpoolP512r1",
+		Oid: encoding.NewOID([]byte{0x2B, 0x24, 0x03, 0x03, 0x02, 0x08, 0x01, 0x01, 0x0D}),
+		Curve: brainpool.P512r1(),
+		CurveType: BrainpoolCurve,
+		SigAlgorithm: ECDSA,
+	},
+}
+
+func FindByCurve(curve elliptic.Curve) *CurveInfo {
+	for _, curveInfo := range curves {
+		if curveInfo.Curve == curve {
+			return &curveInfo
+		}
+	}
+	return nil
+}
+
+func FindByOid(oid encoding.Field) *CurveInfo {
+	var rawBytes = oid.Bytes()
+	for _, curveInfo := range curves {
+		if bytes.Equal(curveInfo.Oid.Bytes(), rawBytes) {
+			return &curveInfo
+		}
+	}
+	return nil
+}
+
+func FindByName(name string) *CurveInfo {
+	for _, curveInfo := range curves {
+		if curveInfo.Name == name {
+			return &curveInfo
+		}
+	}
+	return nil
+}
\ No newline at end of file
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curveType.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curveType.go
new file mode 100644
index 0000000000..de8bca0ac2
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/ecc/curveType.go
@@ -0,0 +1,10 @@
+package ecc
+
+type CurveType uint8
+
+const (
+    NISTCurve CurveType = 1
+	Curve25519 CurveType = 2
+	BitCurve CurveType = 3
+	BrainpoolCurve CurveType = 4
+)
\ No newline at end of file
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/encoding.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/encoding.go
new file mode 100644
index 0000000000..6c921481b7
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/encoding.go
@@ -0,0 +1,27 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package encoding implements openpgp packet field encodings as specified in
+// RFC 4880 and 6637.
+package encoding
+
+import "io"
+
+// Field is an encoded field of an openpgp packet.
+type Field interface {
+	// Bytes returns the decoded data.
+	Bytes() []byte
+
+	// BitLength is the size in bits of the decoded data.
+	BitLength() uint16
+
+	// EncodedBytes returns the encoded data.
+	EncodedBytes() []byte
+
+	// EncodedLength is the size in bytes of the encoded data.
+	EncodedLength() uint16
+
+	// ReadFrom reads the next Field from r.
+	ReadFrom(r io.Reader) (int64, error)
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/mpi.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/mpi.go
new file mode 100644
index 0000000000..02e5e695c3
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/mpi.go
@@ -0,0 +1,91 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package encoding
+
+import (
+	"io"
+	"math/big"
+	"math/bits"
+)
+
+// An MPI is used to store the contents of a big integer, along with the bit
+// length that was specified in the original input. This allows the MPI to be
+// reserialized exactly.
+type MPI struct {
+	bytes     []byte
+	bitLength uint16
+}
+
+// NewMPI returns a MPI initialized with bytes.
+func NewMPI(bytes []byte) *MPI {
+	for len(bytes) != 0 && bytes[0] == 0 {
+		bytes = bytes[1:]
+	}
+	if len(bytes) == 0 {
+		bitLength := uint16(0)
+		return &MPI{bytes, bitLength}
+	}
+	bitLength := 8*uint16(len(bytes)-1) + uint16(bits.Len8(bytes[0]))
+	return &MPI{bytes, bitLength}
+}
+
+// Bytes returns the decoded data.
+func (m *MPI) Bytes() []byte {
+	return m.bytes
+}
+
+// BitLength is the size in bits of the decoded data.
+func (m *MPI) BitLength() uint16 {
+	return m.bitLength
+}
+
+// EncodedBytes returns the encoded data.
+func (m *MPI) EncodedBytes() []byte {
+	return append([]byte{byte(m.bitLength >> 8), byte(m.bitLength)}, m.bytes...)
+}
+
+// EncodedLength is the size in bytes of the encoded data.
+func (m *MPI) EncodedLength() uint16 {
+	return uint16(2 + len(m.bytes))
+}
+
+// ReadFrom reads into m the next MPI from r.
+func (m *MPI) ReadFrom(r io.Reader) (int64, error) {
+	var buf [2]byte
+	n, err := io.ReadFull(r, buf[0:])
+	if err != nil {
+		if err == io.EOF {
+			err = io.ErrUnexpectedEOF
+		}
+		return int64(n), err
+	}
+
+	m.bitLength = uint16(buf[0])<<8 | uint16(buf[1])
+	m.bytes = make([]byte, (int(m.bitLength)+7)/8)
+
+	nn, err := io.ReadFull(r, m.bytes)
+	if err == io.EOF {
+		err = io.ErrUnexpectedEOF
+	}
+
+	// remove leading zero bytes from malformed GnuPG encoded MPIs:
+	// https://bugs.gnupg.org/gnupg/issue1853
+	// for _, b := range m.bytes {
+	// 	if b != 0 {
+	// 		break
+	// 	}
+	// 	m.bytes = m.bytes[1:]
+	// 	m.bitLength -= 8
+	// }
+
+	return int64(n) + int64(nn), err
+}
+
+// SetBig initializes m with the bits from n.
+func (m *MPI) SetBig(n *big.Int) *MPI {
+	m.bytes = n.Bytes()
+	m.bitLength = uint16(n.BitLen())
+	return m
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/oid.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/oid.go
new file mode 100644
index 0000000000..ee39fd6bbb
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/internal/encoding/oid.go
@@ -0,0 +1,88 @@
+// Copyright 2017 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package encoding
+
+import (
+	"io"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+)
+
+// OID is used to store a variable-length field with a one-octet size
+// prefix. See https://tools.ietf.org/html/rfc6637#section-9.
+type OID struct {
+	bytes []byte
+}
+
+const (
+	// maxOID is the maximum number of bytes in a OID.
+	maxOID = 254
+	// reservedOIDLength1 and reservedOIDLength2 are OID lengths that the RFC
+	// specifies are reserved.
+	reservedOIDLength1 = 0
+	reservedOIDLength2 = 0xff
+)
+
+// NewOID returns a OID initialized with bytes.
+func NewOID(bytes []byte) *OID {
+	switch len(bytes) {
+	case reservedOIDLength1, reservedOIDLength2:
+		panic("encoding: NewOID argument length is reserved")
+	default:
+		if len(bytes) > maxOID {
+			panic("encoding: NewOID argment too large")
+		}
+	}
+
+	return &OID{
+		bytes: bytes,
+	}
+}
+
+// Bytes returns the decoded data.
+func (o *OID) Bytes() []byte {
+	return o.bytes
+}
+
+// BitLength is the size in bits of the decoded data.
+func (o *OID) BitLength() uint16 {
+	return uint16(len(o.bytes) * 8)
+}
+
+// EncodedBytes returns the encoded data.
+func (o *OID) EncodedBytes() []byte {
+	return append([]byte{byte(len(o.bytes))}, o.bytes...)
+}
+
+// EncodedLength is the size in bytes of the encoded data.
+func (o *OID) EncodedLength() uint16 {
+	return uint16(1 + len(o.bytes))
+}
+
+// ReadFrom reads into b the next OID from r.
+func (o *OID) ReadFrom(r io.Reader) (int64, error) {
+	var buf [1]byte
+	n, err := io.ReadFull(r, buf[:])
+	if err != nil {
+		if err == io.EOF {
+			err = io.ErrUnexpectedEOF
+		}
+		return int64(n), err
+	}
+
+	switch buf[0] {
+	case reservedOIDLength1, reservedOIDLength2:
+		return int64(n), errors.UnsupportedError("reserved for future extensions")
+	}
+
+	o.bytes = make([]byte, buf[0])
+
+	nn, err := io.ReadFull(r, o.bytes)
+	if err == io.EOF {
+		err = io.ErrUnexpectedEOF
+	}
+
+	return int64(n) + int64(nn), err
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/key_generation.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/key_generation.go
new file mode 100644
index 0000000000..0d2eb45b8e
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/key_generation.go
@@ -0,0 +1,375 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package openpgp
+
+import (
+	"crypto"
+	"crypto/rand"
+	"crypto/rsa"
+	goerrors "errors"
+	"io"
+	"math/big"
+
+	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
+	"github.com/ProtonMail/go-crypto/openpgp/packet"
+	"golang.org/x/crypto/ed25519"
+)
+
+// NewEntity returns an Entity that contains a fresh RSA/RSA keypair with a
+// single identity composed of the given full name, comment and email, any of
+// which may be empty but must not contain any of "()<>\x00".
+// If config is nil, sensible defaults will be used.
+func NewEntity(name, comment, email string, config *packet.Config) (*Entity, error) {
+	creationTime := config.Now()
+	keyLifetimeSecs := config.KeyLifetime()
+
+	uid := packet.NewUserId(name, comment, email)
+	if uid == nil {
+		return nil, errors.InvalidArgumentError("user id field contained invalid characters")
+	}
+
+	// Generate a primary signing key
+	primaryPrivRaw, err := newSigner(config)
+	if err != nil {
+		return nil, err
+	}
+	primary := packet.NewSignerPrivateKey(creationTime, primaryPrivRaw)
+	if config != nil && config.V5Keys {
+		primary.UpgradeToV5()
+	}
+
+	isPrimaryId := true
+	selfSignature := &packet.Signature{
+		Version:           primary.PublicKey.Version,
+		SigType:           packet.SigTypePositiveCert,
+		PubKeyAlgo:        primary.PublicKey.PubKeyAlgo,
+		Hash:              config.Hash(),
+		CreationTime:      creationTime,
+		KeyLifetimeSecs:   &keyLifetimeSecs,
+		IssuerKeyId:       &primary.PublicKey.KeyId,
+		IssuerFingerprint: primary.PublicKey.Fingerprint,
+		IsPrimaryId:       &isPrimaryId,
+		FlagsValid:        true,
+		FlagSign:          true,
+		FlagCertify:       true,
+		MDC:               true, // true by default, see 5.8 vs. 5.14
+		AEAD:              config.AEAD() != nil,
+		V5Keys:            config != nil && config.V5Keys,
+	}
+
+	// Set the PreferredHash for the SelfSignature from the packet.Config.
+	// If it is not the must-implement algorithm from rfc4880bis, append that.
+	selfSignature.PreferredHash = []uint8{hashToHashId(config.Hash())}
+	if config.Hash() != crypto.SHA256 {
+		selfSignature.PreferredHash = append(selfSignature.PreferredHash, hashToHashId(crypto.SHA256))
+	}
+
+	// Likewise for DefaultCipher.
+	selfSignature.PreferredSymmetric = []uint8{uint8(config.Cipher())}
+	if config.Cipher() != packet.CipherAES128 {
+		selfSignature.PreferredSymmetric = append(selfSignature.PreferredSymmetric, uint8(packet.CipherAES128))
+	}
+
+	// And for DefaultMode.
+	selfSignature.PreferredAEAD = []uint8{uint8(config.AEAD().Mode())}
+	if config.AEAD().Mode() != packet.AEADModeEAX {
+		selfSignature.PreferredAEAD = append(selfSignature.PreferredAEAD, uint8(packet.AEADModeEAX))
+	}
+
+	// User ID binding signature
+	err = selfSignature.SignUserId(uid.Id, &primary.PublicKey, primary, config)
+	if err != nil {
+		return nil, err
+	}
+
+	// Generate an encryption subkey
+	subPrivRaw, err := newDecrypter(config)
+	if err != nil {
+		return nil, err
+	}
+	sub := packet.NewDecrypterPrivateKey(creationTime, subPrivRaw)
+	sub.IsSubkey = true
+	sub.PublicKey.IsSubkey = true
+	if config != nil && config.V5Keys {
+		sub.UpgradeToV5()
+	}
+
+	// NOTE: No KeyLifetimeSecs here, but we will not return this subkey in EncryptionKey()
+	// if the primary/master key has expired.
+	subKey := Subkey{
+		PublicKey:  &sub.PublicKey,
+		PrivateKey: sub,
+		Sig: &packet.Signature{
+			Version:                   primary.PublicKey.Version,
+			CreationTime:              creationTime,
+			SigType:                   packet.SigTypeSubkeyBinding,
+			PubKeyAlgo:                primary.PublicKey.PubKeyAlgo,
+			Hash:                      config.Hash(),
+			FlagsValid:                true,
+			FlagEncryptStorage:        true,
+			FlagEncryptCommunications: true,
+			IssuerKeyId:               &primary.PublicKey.KeyId,
+		},
+	}
+
+	// Subkey binding signature
+	err = subKey.Sig.SignKey(subKey.PublicKey, primary, config)
+	if err != nil {
+		return nil, err
+	}
+
+	return &Entity{
+		PrimaryKey: &primary.PublicKey,
+		PrivateKey: primary,
+		Identities: map[string]*Identity{
+			uid.Id: &Identity{
+				Name:          uid.Id,
+				UserId:        uid,
+				SelfSignature: selfSignature,
+				Signatures:    []*packet.Signature{selfSignature},
+			},
+		},
+		Subkeys: []Subkey{subKey},
+	}, nil
+}
+
+// AddSigningSubkey adds a signing keypair as a subkey to the Entity.
+// If config is nil, sensible defaults will be used.
+func (e *Entity) AddSigningSubkey(config *packet.Config) error {
+	creationTime := config.Now()
+	keyLifetimeSecs := config.KeyLifetime()
+
+	subPrivRaw, err := newSigner(config)
+	if err != nil {
+		return err
+	}
+	sub := packet.NewSignerPrivateKey(creationTime, subPrivRaw)
+
+	subkey := Subkey{
+		PublicKey:  &sub.PublicKey,
+		PrivateKey: sub,
+		Sig: &packet.Signature{
+			Version:         e.PrimaryKey.Version,
+			CreationTime:    creationTime,
+			KeyLifetimeSecs: &keyLifetimeSecs,
+			SigType:         packet.SigTypeSubkeyBinding,
+			PubKeyAlgo:      e.PrimaryKey.PubKeyAlgo,
+			Hash:            config.Hash(),
+			FlagsValid:      true,
+			FlagSign:        true,
+			IssuerKeyId:     &e.PrimaryKey.KeyId,
+			EmbeddedSignature: &packet.Signature{
+				Version:      e.PrimaryKey.Version,
+				CreationTime: creationTime,
+				SigType:      packet.SigTypePrimaryKeyBinding,
+				PubKeyAlgo:   sub.PublicKey.PubKeyAlgo,
+				Hash:         config.Hash(),
+				IssuerKeyId:  &e.PrimaryKey.KeyId,
+			},
+		},
+	}
+	if config != nil && config.V5Keys {
+		subkey.PublicKey.UpgradeToV5()
+	}
+
+	err = subkey.Sig.EmbeddedSignature.CrossSignKey(subkey.PublicKey, e.PrimaryKey, subkey.PrivateKey, config)
+	if err != nil {
+		return err
+	}
+
+	subkey.PublicKey.IsSubkey = true
+	subkey.PrivateKey.IsSubkey = true
+	if err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey, config); err != nil {
+		return err
+	}
+
+	e.Subkeys = append(e.Subkeys, subkey)
+	return nil
+}
+
+// AddEncryptionSubkey adds an encryption keypair as a subkey to the Entity.
+// If config is nil, sensible defaults will be used.
+func (e *Entity) AddEncryptionSubkey(config *packet.Config) error {
+	creationTime := config.Now()
+	keyLifetimeSecs := config.KeyLifetime()
+
+	subPrivRaw, err := newDecrypter(config)
+	if err != nil {
+		return err
+	}
+	sub := packet.NewDecrypterPrivateKey(creationTime, subPrivRaw)
+
+	subkey := Subkey{
+		PublicKey:  &sub.PublicKey,
+		PrivateKey: sub,
+		Sig: &packet.Signature{
+			Version:                   e.PrimaryKey.Version,
+			CreationTime:              creationTime,
+			KeyLifetimeSecs:           &keyLifetimeSecs,
+			SigType:                   packet.SigTypeSubkeyBinding,
+			PubKeyAlgo:                e.PrimaryKey.PubKeyAlgo,
+			Hash:                      config.Hash(),
+			FlagsValid:                true,
+			FlagEncryptStorage:        true,
+			FlagEncryptCommunications: true,
+			IssuerKeyId:               &e.PrimaryKey.KeyId,
+		},
+	}
+	if config != nil && config.V5Keys {
+		subkey.PublicKey.UpgradeToV5()
+	}
+
+	subkey.PublicKey.IsSubkey = true
+	subkey.PrivateKey.IsSubkey = true
+	if err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey, config); err != nil {
+		return err
+	}
+
+	e.Subkeys = append(e.Subkeys, subkey)
+	return nil
+}
+
+// Generates a signing key
+func newSigner(config *packet.Config) (signer crypto.Signer, err error) {
+	switch config.PublicKeyAlgorithm() {
+	case packet.PubKeyAlgoRSA:
+		bits := config.RSAModulusBits()
+		if bits < 1024 {
+			return nil, errors.InvalidArgumentError("bits must be >= 1024")
+		}
+		if config != nil && len(config.RSAPrimes) >= 2 {
+			primes := config.RSAPrimes[0:2]
+			config.RSAPrimes = config.RSAPrimes[2:]
+			return generateRSAKeyWithPrimes(config.Random(), 2, bits, primes)
+		}
+		return rsa.GenerateKey(config.Random(), bits)
+	case packet.PubKeyAlgoEdDSA:
+		_, priv, err := ed25519.GenerateKey(config.Random())
+		if err != nil {
+			return nil, err
+		}
+		return &priv, nil
+	default:
+		return nil, errors.InvalidArgumentError("unsupported public key algorithm")
+	}
+}
+
+// Generates an encryption/decryption key
+func newDecrypter(config *packet.Config) (decrypter interface{}, err error) {
+	switch config.PublicKeyAlgorithm() {
+	case packet.PubKeyAlgoRSA:
+		bits := config.RSAModulusBits()
+		if bits < 1024 {
+			return nil, errors.InvalidArgumentError("bits must be >= 1024")
+		}
+		if config != nil && len(config.RSAPrimes) >= 2 {
+			primes := config.RSAPrimes[0:2]
+			config.RSAPrimes = config.RSAPrimes[2:]
+			return generateRSAKeyWithPrimes(config.Random(), 2, bits, primes)
+		}
+		return rsa.GenerateKey(config.Random(), bits)
+	case packet.PubKeyAlgoEdDSA:
+		fallthrough // When passing EdDSA, we generate an ECDH subkey
+	case packet.PubKeyAlgoECDH:
+		var kdf = ecdh.KDF{
+			Hash:   algorithm.SHA512,
+			Cipher: algorithm.AES256,
+		}
+		return ecdh.X25519GenerateKey(config.Random(), kdf)
+	default:
+		return nil, errors.InvalidArgumentError("unsupported public key algorithm")
+	}
+}
+
+var bigOne = big.NewInt(1)
+
+// generateRSAKeyWithPrimes generates a multi-prime RSA keypair of the
+// given bit size, using the given random source and prepopulated primes.
+func generateRSAKeyWithPrimes(random io.Reader, nprimes int, bits int, prepopulatedPrimes []*big.Int) (*rsa.PrivateKey, error) {
+	priv := new(rsa.PrivateKey)
+	priv.E = 65537
+
+	if nprimes < 2 {
+		return nil, goerrors.New("generateRSAKeyWithPrimes: nprimes must be >= 2")
+	}
+
+	if bits < 1024 {
+		return nil, goerrors.New("generateRSAKeyWithPrimes: bits must be >= 1024")
+	}
+
+	primes := make([]*big.Int, nprimes)
+
+NextSetOfPrimes:
+	for {
+		todo := bits
+		// crypto/rand should set the top two bits in each prime.
+		// Thus each prime has the form
+		//   p_i = 2^bitlen(p_i) × 0.11... (in base 2).
+		// And the product is:
+		//   P = 2^todo × α
+		// where α is the product of nprimes numbers of the form 0.11...
+		//
+		// If α < 1/2 (which can happen for nprimes > 2), we need to
+		// shift todo to compensate for lost bits: the mean value of 0.11...
+		// is 7/8, so todo + shift - nprimes * log2(7/8) ~= bits - 1/2
+		// will give good results.
+		if nprimes >= 7 {
+			todo += (nprimes - 2) / 5
+		}
+		for i := 0; i < nprimes; i++ {
+			var err error
+			if len(prepopulatedPrimes) == 0 {
+				primes[i], err = rand.Prime(random, todo/(nprimes-i))
+				if err != nil {
+					return nil, err
+				}
+			} else {
+				primes[i] = prepopulatedPrimes[0]
+				prepopulatedPrimes = prepopulatedPrimes[1:]
+			}
+
+			todo -= primes[i].BitLen()
+		}
+
+		// Make sure that primes is pairwise unequal.
+		for i, prime := range primes {
+			for j := 0; j < i; j++ {
+				if prime.Cmp(primes[j]) == 0 {
+					continue NextSetOfPrimes
+				}
+			}
+		}
+
+		n := new(big.Int).Set(bigOne)
+		totient := new(big.Int).Set(bigOne)
+		pminus1 := new(big.Int)
+		for _, prime := range primes {
+			n.Mul(n, prime)
+			pminus1.Sub(prime, bigOne)
+			totient.Mul(totient, pminus1)
+		}
+		if n.BitLen() != bits {
+			// This should never happen for nprimes == 2 because
+			// crypto/rand should set the top two bits in each prime.
+			// For nprimes > 2 we hope it does not happen often.
+			continue NextSetOfPrimes
+		}
+
+		priv.D = new(big.Int)
+		e := big.NewInt(int64(priv.E))
+		ok := priv.D.ModInverse(e, totient)
+
+		if ok != nil {
+			priv.Primes = primes
+			priv.N = n
+			break
+		}
+	}
+
+	priv.Precompute()
+	return priv, nil
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/keys.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/keys.go
new file mode 100644
index 0000000000..c3fedf7a25
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/keys.go
@@ -0,0 +1,707 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package openpgp
+
+import (
+	goerrors "errors"
+	"io"
+	"time"
+
+	"github.com/ProtonMail/go-crypto/openpgp/armor"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/packet"
+)
+
+// PublicKeyType is the armor type for a PGP public key.
+var PublicKeyType = "PGP PUBLIC KEY BLOCK"
+
+// PrivateKeyType is the armor type for a PGP private key.
+var PrivateKeyType = "PGP PRIVATE KEY BLOCK"
+
+// An Entity represents the components of an OpenPGP key: a primary public key
+// (which must be a signing key), one or more identities claimed by that key,
+// and zero or more subkeys, which may be encryption keys.
+type Entity struct {
+	PrimaryKey  *packet.PublicKey
+	PrivateKey  *packet.PrivateKey
+	Identities  map[string]*Identity // indexed by Identity.Name
+	Revocations []*packet.Signature
+	Subkeys     []Subkey
+}
+
+// An Identity represents an identity claimed by an Entity and zero or more
+// assertions by other entities about that claim.
+type Identity struct {
+	Name          string // by convention, has the form "Full Name (comment) <email@example.com>"
+	UserId        *packet.UserId
+	SelfSignature *packet.Signature
+	Signatures    []*packet.Signature
+}
+
+// A Subkey is an additional public key in an Entity. Subkeys can be used for
+// encryption.
+type Subkey struct {
+	PublicKey  *packet.PublicKey
+	PrivateKey *packet.PrivateKey
+	Sig        *packet.Signature
+}
+
+// A Key identifies a specific public key in an Entity. This is either the
+// Entity's primary key or a subkey.
+type Key struct {
+	Entity        *Entity
+	PublicKey     *packet.PublicKey
+	PrivateKey    *packet.PrivateKey
+	SelfSignature *packet.Signature
+}
+
+// A KeyRing provides access to public and private keys.
+type KeyRing interface {
+	// KeysById returns the set of keys that have the given key id.
+	KeysById(id uint64) []Key
+	// KeysByIdAndUsage returns the set of keys with the given id
+	// that also meet the key usage given by requiredUsage.
+	// The requiredUsage is expressed as the bitwise-OR of
+	// packet.KeyFlag* values.
+	KeysByIdUsage(id uint64, requiredUsage byte) []Key
+	// DecryptionKeys returns all private keys that are valid for
+	// decryption.
+	DecryptionKeys() []Key
+}
+
+// PrimaryIdentity returns the Identity marked as primary or the first identity
+// if none are so marked.
+func (e *Entity) PrimaryIdentity() *Identity {
+	var firstIdentity *Identity
+	for _, ident := range e.Identities {
+		if firstIdentity == nil {
+			firstIdentity = ident
+		}
+		if ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {
+			return ident
+		}
+	}
+	return firstIdentity
+}
+
+// EncryptionKey returns the best candidate Key for encrypting a message to the
+// given Entity.
+func (e *Entity) EncryptionKey(now time.Time) (Key, bool) {
+	// Fail to find any encryption key if the primary key has expired.
+	i := e.PrimaryIdentity()
+	primaryKeyExpired := e.PrimaryKey.KeyExpired(i.SelfSignature, now)
+	if primaryKeyExpired {
+		return Key{}, false
+	}
+
+	// Iterate the keys to find the newest, unexpired one
+	candidateSubkey := -1
+	var maxTime time.Time
+	for i, subkey := range e.Subkeys {
+		if subkey.Sig.FlagsValid &&
+			subkey.Sig.FlagEncryptCommunications &&
+			subkey.PublicKey.PubKeyAlgo.CanEncrypt() &&
+			!subkey.PublicKey.KeyExpired(subkey.Sig, now) &&
+			(maxTime.IsZero() || subkey.Sig.CreationTime.After(maxTime)) {
+			candidateSubkey = i
+			maxTime = subkey.Sig.CreationTime
+		}
+	}
+
+	if candidateSubkey != -1 {
+		subkey := e.Subkeys[candidateSubkey]
+		return Key{e, subkey.PublicKey, subkey.PrivateKey, subkey.Sig}, true
+	}
+
+	// If we don't have any candidate subkeys for encryption and
+	// the primary key doesn't have any usage metadata then we
+	// assume that the primary key is ok. Or, if the primary key is
+	// marked as ok to encrypt with, then we can obviously use it.
+	// Also, check expiry again just to be safe.
+	if !i.SelfSignature.FlagsValid || i.SelfSignature.FlagEncryptCommunications &&
+		e.PrimaryKey.PubKeyAlgo.CanEncrypt() && !primaryKeyExpired {
+		return Key{e, e.PrimaryKey, e.PrivateKey, i.SelfSignature}, true
+	}
+
+	return Key{}, false
+}
+
+// SigningKey return the best candidate Key for signing a message with this
+// Entity.
+func (e *Entity) SigningKey(now time.Time) (Key, bool) {
+	return e.SigningKeyById(now, 0)
+}
+
+// SigningKeyById return the Key for signing a message with this
+// Entity and keyID.
+func (e *Entity) SigningKeyById(now time.Time, id uint64) (Key, bool) {
+	// Fail to find any signing key if the primary key has expired.
+	i := e.PrimaryIdentity()
+	primaryKeyExpired := e.PrimaryKey.KeyExpired(i.SelfSignature, now)
+	if primaryKeyExpired {
+		return Key{}, false
+	}
+
+	// Iterate the keys to find the newest, unexpired one
+	candidateSubkey := -1
+	var maxTime time.Time
+	for idx, subkey := range e.Subkeys {
+		if subkey.Sig.FlagsValid &&
+			subkey.Sig.FlagSign &&
+			subkey.PublicKey.PubKeyAlgo.CanSign() &&
+			!subkey.PublicKey.KeyExpired(subkey.Sig, now) &&
+			(maxTime.IsZero() || subkey.Sig.CreationTime.After(maxTime)) &&
+			(id == 0 || subkey.PrivateKey.KeyId == id) {
+			candidateSubkey = idx
+			maxTime = subkey.Sig.CreationTime
+		}
+	}
+
+	if candidateSubkey != -1 {
+		subkey := e.Subkeys[candidateSubkey]
+		return Key{e, subkey.PublicKey, subkey.PrivateKey, subkey.Sig}, true
+	}
+
+	// If we have no candidate subkey then we assume that it's ok to sign
+	// with the primary key.  Or, if the primary key is marked as ok to
+	// sign with, then we can use it. Also, check expiry again just to be safe.
+	if !i.SelfSignature.FlagsValid || i.SelfSignature.FlagSign &&
+		e.PrimaryKey.PubKeyAlgo.CanSign() && !primaryKeyExpired &&
+		(id == 0 || e.PrivateKey.KeyId == id) {
+		return Key{e, e.PrimaryKey, e.PrivateKey, i.SelfSignature}, true
+	}
+
+	// No keys with a valid Signing Flag or no keys matched the id passed in
+	return Key{}, false
+}
+
+// An EntityList contains one or more Entities.
+type EntityList []*Entity
+
+// KeysById returns the set of keys that have the given key id.
+func (el EntityList) KeysById(id uint64) (keys []Key) {
+	for _, e := range el {
+		if e.PrimaryKey.KeyId == id {
+			var selfSig *packet.Signature
+			for _, ident := range e.Identities {
+				if selfSig == nil {
+					selfSig = ident.SelfSignature
+				} else if ident.SelfSignature.IsPrimaryId != nil && *ident.SelfSignature.IsPrimaryId {
+					selfSig = ident.SelfSignature
+					break
+				}
+			}
+			keys = append(keys, Key{e, e.PrimaryKey, e.PrivateKey, selfSig})
+		}
+
+		for _, subKey := range e.Subkeys {
+			if subKey.PublicKey.KeyId == id {
+				keys = append(keys, Key{e, subKey.PublicKey, subKey.PrivateKey, subKey.Sig})
+			}
+		}
+	}
+	return
+}
+
+// KeysByIdAndUsage returns the set of keys with the given id that also meet
+// the key usage given by requiredUsage.  The requiredUsage is expressed as
+// the bitwise-OR of packet.KeyFlag* values.
+func (el EntityList) KeysByIdUsage(id uint64, requiredUsage byte) (keys []Key) {
+	for _, key := range el.KeysById(id) {
+		if len(key.Entity.Revocations) > 0 {
+			continue
+		}
+
+		if key.SelfSignature.RevocationReason != nil {
+			continue
+		}
+
+		if key.SelfSignature.FlagsValid && requiredUsage != 0 {
+			var usage byte
+			if key.SelfSignature.FlagCertify {
+				usage |= packet.KeyFlagCertify
+			}
+			if key.SelfSignature.FlagSign {
+				usage |= packet.KeyFlagSign
+			}
+			if key.SelfSignature.FlagEncryptCommunications {
+				usage |= packet.KeyFlagEncryptCommunications
+			}
+			if key.SelfSignature.FlagEncryptStorage {
+				usage |= packet.KeyFlagEncryptStorage
+			}
+			if usage&requiredUsage != requiredUsage {
+				continue
+			}
+		}
+
+		keys = append(keys, key)
+	}
+	return
+}
+
+// DecryptionKeys returns all private keys that are valid for decryption.
+func (el EntityList) DecryptionKeys() (keys []Key) {
+	for _, e := range el {
+		for _, subKey := range e.Subkeys {
+			if subKey.PrivateKey != nil && (!subKey.Sig.FlagsValid || subKey.Sig.FlagEncryptStorage || subKey.Sig.FlagEncryptCommunications) {
+				keys = append(keys, Key{e, subKey.PublicKey, subKey.PrivateKey, subKey.Sig})
+			}
+		}
+	}
+	return
+}
+
+// ReadArmoredKeyRing reads one or more public/private keys from an armor keyring file.
+func ReadArmoredKeyRing(r io.Reader) (EntityList, error) {
+	block, err := armor.Decode(r)
+	if err == io.EOF {
+		return nil, errors.InvalidArgumentError("no armored data found")
+	}
+	if err != nil {
+		return nil, err
+	}
+	if block.Type != PublicKeyType && block.Type != PrivateKeyType {
+		return nil, errors.InvalidArgumentError("expected public or private key block, got: " + block.Type)
+	}
+
+	return ReadKeyRing(block.Body)
+}
+
+// ReadKeyRing reads one or more public/private keys. Unsupported keys are
+// ignored as long as at least a single valid key is found.
+func ReadKeyRing(r io.Reader) (el EntityList, err error) {
+	packets := packet.NewReader(r)
+	var lastUnsupportedError error
+
+	for {
+		var e *Entity
+		e, err = ReadEntity(packets)
+		if err != nil {
+			// TODO: warn about skipped unsupported/unreadable keys
+			if _, ok := err.(errors.UnsupportedError); ok {
+				lastUnsupportedError = err
+				err = readToNextPublicKey(packets)
+			} else if _, ok := err.(errors.StructuralError); ok {
+				// Skip unreadable, badly-formatted keys
+				lastUnsupportedError = err
+				err = readToNextPublicKey(packets)
+			}
+			if err == io.EOF {
+				err = nil
+				break
+			}
+			if err != nil {
+				el = nil
+				break
+			}
+		} else {
+			el = append(el, e)
+		}
+	}
+
+	if len(el) == 0 && err == nil {
+		err = lastUnsupportedError
+	}
+	return
+}
+
+// readToNextPublicKey reads packets until the start of the entity and leaves
+// the first packet of the new entity in the Reader.
+func readToNextPublicKey(packets *packet.Reader) (err error) {
+	var p packet.Packet
+	for {
+		p, err = packets.Next()
+		if err == io.EOF {
+			return
+		} else if err != nil {
+			if _, ok := err.(errors.UnsupportedError); ok {
+				err = nil
+				continue
+			}
+			return
+		}
+
+		if pk, ok := p.(*packet.PublicKey); ok && !pk.IsSubkey {
+			packets.Unread(p)
+			return
+		}
+	}
+}
+
+// ReadEntity reads an entity (public key, identities, subkeys etc) from the
+// given Reader.
+func ReadEntity(packets *packet.Reader) (*Entity, error) {
+	e := new(Entity)
+	e.Identities = make(map[string]*Identity)
+
+	p, err := packets.Next()
+	if err != nil {
+		return nil, err
+	}
+
+	var ok bool
+	if e.PrimaryKey, ok = p.(*packet.PublicKey); !ok {
+		if e.PrivateKey, ok = p.(*packet.PrivateKey); !ok {
+			packets.Unread(p)
+			return nil, errors.StructuralError("first packet was not a public/private key")
+		}
+		e.PrimaryKey = &e.PrivateKey.PublicKey
+	}
+
+	if !e.PrimaryKey.PubKeyAlgo.CanSign() {
+		return nil, errors.StructuralError("primary key cannot be used for signatures")
+	}
+
+	var revocations []*packet.Signature
+EachPacket:
+	for {
+		p, err := packets.Next()
+		if err == io.EOF {
+			break
+		} else if err != nil {
+			return nil, err
+		}
+
+		switch pkt := p.(type) {
+		case *packet.UserId:
+			if err := addUserID(e, packets, pkt); err != nil {
+				return nil, err
+			}
+		case *packet.Signature:
+			if pkt.SigType == packet.SigTypeKeyRevocation {
+				revocations = append(revocations, pkt)
+			} else if pkt.SigType == packet.SigTypeDirectSignature {
+				// TODO: RFC4880 5.2.1 permits signatures
+				// directly on keys (eg. to bind additional
+				// revocation keys).
+			}
+			// Else, ignoring the signature as it does not follow anything
+			// we would know to attach it to.
+		case *packet.PrivateKey:
+			if pkt.IsSubkey == false {
+				packets.Unread(p)
+				break EachPacket
+			}
+			err = addSubkey(e, packets, &pkt.PublicKey, pkt)
+			if err != nil {
+				return nil, err
+			}
+		case *packet.PublicKey:
+			if pkt.IsSubkey == false {
+				packets.Unread(p)
+				break EachPacket
+			}
+			err = addSubkey(e, packets, pkt, nil)
+			if err != nil {
+				return nil, err
+			}
+		default:
+			// we ignore unknown packets
+		}
+	}
+
+	if len(e.Identities) == 0 {
+		return nil, errors.StructuralError("entity without any identities")
+	}
+
+	for _, revocation := range revocations {
+		err = e.PrimaryKey.VerifyRevocationSignature(revocation)
+		if err == nil {
+			e.Revocations = append(e.Revocations, revocation)
+		} else {
+			// TODO: RFC 4880 5.2.3.15 defines revocation keys.
+			return nil, errors.StructuralError("revocation signature signed by alternate key")
+		}
+	}
+
+	return e, nil
+}
+
+func addUserID(e *Entity, packets *packet.Reader, pkt *packet.UserId) error {
+	// Make a new Identity object, that we might wind up throwing away.
+	// We'll only add it if we get a valid self-signature over this
+	// userID.
+	identity := new(Identity)
+	identity.Name = pkt.Id
+	identity.UserId = pkt
+
+	for {
+		p, err := packets.Next()
+		if err == io.EOF {
+			break
+		} else if err != nil {
+			return err
+		}
+
+		sig, ok := p.(*packet.Signature)
+		if !ok {
+			packets.Unread(p)
+			break
+		}
+
+		if (sig.SigType == packet.SigTypePositiveCert || sig.SigType == packet.SigTypeGenericCert) && sig.CheckKeyIdOrFingerprint(e.PrimaryKey) {
+			if err = e.PrimaryKey.VerifyUserIdSignature(pkt.Id, e.PrimaryKey, sig); err != nil {
+				return errors.StructuralError("user ID self-signature invalid: " + err.Error())
+			}
+			if identity.SelfSignature == nil || sig.CreationTime.After(identity.SelfSignature.CreationTime) {
+				identity.SelfSignature = sig
+			}
+			identity.Signatures = append(identity.Signatures, sig)
+			e.Identities[pkt.Id] = identity
+		} else {
+			identity.Signatures = append(identity.Signatures, sig)
+		}
+	}
+
+	return nil
+}
+
+func addSubkey(e *Entity, packets *packet.Reader, pub *packet.PublicKey, priv *packet.PrivateKey) error {
+	var subKey Subkey
+	subKey.PublicKey = pub
+	subKey.PrivateKey = priv
+
+	for {
+		p, err := packets.Next()
+		if err == io.EOF {
+			break
+		} else if err != nil {
+			return errors.StructuralError("subkey signature invalid: " + err.Error())
+		}
+
+		sig, ok := p.(*packet.Signature)
+		if !ok {
+			packets.Unread(p)
+			break
+		}
+
+		if sig.SigType != packet.SigTypeSubkeyBinding && sig.SigType != packet.SigTypeSubkeyRevocation {
+			return errors.StructuralError("subkey signature with wrong type")
+		}
+
+		if err := e.PrimaryKey.VerifyKeySignature(subKey.PublicKey, sig); err != nil {
+			return errors.StructuralError("subkey signature invalid: " + err.Error())
+		}
+
+		switch sig.SigType {
+		case packet.SigTypeSubkeyRevocation:
+			subKey.Sig = sig
+		case packet.SigTypeSubkeyBinding:
+			if shouldReplaceSubkeySig(subKey.Sig, sig) {
+				subKey.Sig = sig
+			}
+		}
+	}
+
+	if subKey.Sig == nil {
+		return errors.StructuralError("subkey packet not followed by signature")
+	}
+
+	e.Subkeys = append(e.Subkeys, subKey)
+
+	return nil
+}
+
+func shouldReplaceSubkeySig(existingSig, potentialNewSig *packet.Signature) bool {
+	if potentialNewSig == nil {
+		return false
+	}
+
+	if existingSig == nil {
+		return true
+	}
+
+	if existingSig.SigType == packet.SigTypeSubkeyRevocation {
+		return false // never override a revocation signature
+	}
+
+	return potentialNewSig.CreationTime.After(existingSig.CreationTime)
+}
+
+// SerializePrivate serializes an Entity, including private key material, but
+// excluding signatures from other entities, to the given Writer.
+// Identities and subkeys are re-signed in case they changed since NewEntry.
+// If config is nil, sensible defaults will be used.
+func (e *Entity) SerializePrivate(w io.Writer, config *packet.Config) (err error) {
+	if e.PrivateKey.Dummy() {
+		return errors.ErrDummyPrivateKey("dummy private key cannot re-sign identities")
+	}
+	return e.serializePrivate(w, config, true)
+}
+
+// SerializePrivateWithoutSigning serializes an Entity, including private key
+// material, but excluding signatures from other entities, to the given Writer.
+// Self-signatures of identities and subkeys are not re-signed. This is useful
+// when serializing GNU dummy keys, among other things.
+// If config is nil, sensible defaults will be used.
+func (e *Entity) SerializePrivateWithoutSigning(w io.Writer, config *packet.Config) (err error) {
+	return e.serializePrivate(w, config, false)
+}
+
+func (e *Entity) serializePrivate(w io.Writer, config *packet.Config, reSign bool) (err error) {
+	if e.PrivateKey == nil {
+		return goerrors.New("openpgp: private key is missing")
+	}
+	err = e.PrivateKey.Serialize(w)
+	if err != nil {
+		return
+	}
+	for _, ident := range e.Identities {
+		err = ident.UserId.Serialize(w)
+		if err != nil {
+			return
+		}
+		if reSign {
+			err = ident.SelfSignature.SignUserId(ident.UserId.Id, e.PrimaryKey, e.PrivateKey, config)
+			if err != nil {
+				return
+			}
+		}
+		err = ident.SelfSignature.Serialize(w)
+		if err != nil {
+			return
+		}
+	}
+	for _, subkey := range e.Subkeys {
+		err = subkey.PrivateKey.Serialize(w)
+		if err != nil {
+			return
+		}
+		if reSign {
+			err = subkey.Sig.SignKey(subkey.PublicKey, e.PrivateKey, config)
+			if err != nil {
+				return
+			}
+			if subkey.Sig.EmbeddedSignature != nil {
+				err = subkey.Sig.EmbeddedSignature.CrossSignKey(subkey.PublicKey, e.PrimaryKey,
+					subkey.PrivateKey, config)
+				if err != nil {
+					return
+				}
+			}
+		}
+		err = subkey.Sig.Serialize(w)
+		if err != nil {
+			return
+		}
+	}
+	return nil
+}
+
+// Serialize writes the public part of the given Entity to w, including
+// signatures from other entities. No private key material will be output.
+func (e *Entity) Serialize(w io.Writer) error {
+	err := e.PrimaryKey.Serialize(w)
+	if err != nil {
+		return err
+	}
+	for _, ident := range e.Identities {
+		err = ident.UserId.Serialize(w)
+		if err != nil {
+			return err
+		}
+		for _, sig := range ident.Signatures {
+			err = sig.Serialize(w)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	for _, subkey := range e.Subkeys {
+		err = subkey.PublicKey.Serialize(w)
+		if err != nil {
+			return err
+		}
+		err = subkey.Sig.Serialize(w)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+// SignIdentity adds a signature to e, from signer, attesting that identity is
+// associated with e. The provided identity must already be an element of
+// e.Identities and the private key of signer must have been decrypted if
+// necessary.
+// If config is nil, sensible defaults will be used.
+func (e *Entity) SignIdentity(identity string, signer *Entity, config *packet.Config) error {
+	if signer.PrivateKey == nil {
+		return errors.InvalidArgumentError("signing Entity must have a private key")
+	}
+	if signer.PrivateKey.Encrypted {
+		return errors.InvalidArgumentError("signing Entity's private key must be decrypted")
+	}
+	ident, ok := e.Identities[identity]
+	if !ok {
+		return errors.InvalidArgumentError("given identity string not found in Entity")
+	}
+
+	sig := &packet.Signature{
+		Version:      signer.PrivateKey.Version,
+		SigType:      packet.SigTypeGenericCert,
+		PubKeyAlgo:   signer.PrivateKey.PubKeyAlgo,
+		Hash:         config.Hash(),
+		CreationTime: config.Now(),
+		IssuerKeyId:  &signer.PrivateKey.KeyId,
+	}
+	if err := sig.SignUserId(identity, e.PrimaryKey, signer.PrivateKey, config); err != nil {
+		return err
+	}
+	ident.Signatures = append(ident.Signatures, sig)
+	return nil
+}
+
+// RevokeKey generates a key revocation signature (packet.SigTypeKeyRevocation) with the
+// specified reason code and text (RFC4880 section-5.2.3.23).
+// If config is nil, sensible defaults will be used.
+func (e *Entity) RevokeKey(reason packet.ReasonForRevocation, reasonText string, config *packet.Config) error {
+	reasonCode := uint8(reason)
+	revSig := &packet.Signature{
+		Version:              e.PrimaryKey.Version,
+		CreationTime:         config.Now(),
+		SigType:              packet.SigTypeKeyRevocation,
+		PubKeyAlgo:           packet.PubKeyAlgoRSA,
+		Hash:                 config.Hash(),
+		RevocationReason:     &reasonCode,
+		RevocationReasonText: reasonText,
+		IssuerKeyId:          &e.PrimaryKey.KeyId,
+	}
+
+	if err := revSig.RevokeKey(e.PrimaryKey, e.PrivateKey, config); err != nil {
+		return err
+	}
+	e.Revocations = append(e.Revocations, revSig)
+	return nil
+}
+
+// RevokeSubkey generates a subkey revocation signature (packet.SigTypeSubkeyRevocation) for
+// a subkey with the specified reason code and text (RFC4880 section-5.2.3.23).
+// If config is nil, sensible defaults will be used.
+func (e *Entity) RevokeSubkey(sk *Subkey, reason packet.ReasonForRevocation, reasonText string, config *packet.Config) error {
+	if err := e.PrimaryKey.VerifyKeySignature(sk.PublicKey, sk.Sig); err != nil {
+		return errors.InvalidArgumentError("given subkey is not associated with this key")
+	}
+
+	reasonCode := uint8(reason)
+	revSig := &packet.Signature{
+		Version:              e.PrimaryKey.Version,
+		CreationTime:         config.Now(),
+		SigType:              packet.SigTypeSubkeyRevocation,
+		PubKeyAlgo:           packet.PubKeyAlgoRSA,
+		Hash:                 config.Hash(),
+		RevocationReason:     &reasonCode,
+		RevocationReasonText: reasonText,
+		IssuerKeyId:          &e.PrimaryKey.KeyId,
+	}
+
+	if err := revSig.RevokeKey(sk.PublicKey, e.PrivateKey, config); err != nil {
+		return err
+	}
+
+	sk.Sig = revSig
+	return nil
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/keys_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/keys_test_data.go
new file mode 100644
index 0000000000..21d17c2f8b
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/keys_test_data.go
@@ -0,0 +1,336 @@
+package openpgp
+
+const expiringKeyHex = "c6c04d0451d0c680010800abbb021fd03ffc4e96618901180c3fdcb060ee69eeead97b91256d11420d80b5f1b51930248044130bd300605cf8a05b7a40d3d8cfb0a910be2e3db50dcd50a9c54064c2a5550801daa834ff4480b33d3d3ca495ff8a4e84a886977d17d998f881241a874083d8b995beab555b6d22b8a4817ab17ac3e7304f7d4d2c05c495fb2218348d3bc13651db1d92732e368a9dd7dcefa6eddff30b94706a9aaee47e9d39321460b740c59c6fc3c2fd8ab6c0fb868cb87c0051f0321301fe0f0e1820b15e7fb7063395769b525005c7e30a7ce85984f5cac00504e7b4fdc45d74958de8388436fd5c7ba9ea121f1c851b5911dd1b47a14d81a09e92ef37721e2325b6790011010001cd00c2c07b041001080025050251d0c680050900278d00060b09070803020415080a0203160201021901021b03021e01000a0910e7b484133a890a35ae4b0800a1beb82e7f28eaf5273d6af9d3391314f6280b2b624eaca2851f89a9ebcaf80ac589ebd509f168bc4322106ca2e2ce77a76e071a3c7444787d65216b5f05e82c77928860b92aace3b7d0327db59492f422eb9dfab7249266d37429870b091a98aba8724c2259ebf8f85093f21255eafa75aa841e31d94f2ac891b9755fed455e539044ee69fc47950b80e003fc9f298d695660f28329eaa38037c367efde1727458e514faf990d439a21461b719edaddf9296d3d0647b43ca56cb8dbf63b4fcf8b9968e7928c463470fab3b98e44d0d95645062f94b2d04fe56bd52822b71934db8ce845622c40b92fcbe765a142e7f38b61a6aa9606c8e8858dcd3b6eb1894acec04d0451d1f06b01080088bea67444e1789390e7c0335c86775502d58ec783d99c8ef4e06de235ed3dd4b0467f6f358d818c7d8989d43ec6d69fcbc8c32632d5a1b605e3fa8e41d695fcdcaa535936cd0157f9040dce362519803b908eafe838bb13216c885c6f93e9e8d5745607f0d062322085d6bdc760969149a8ff8dd9f5c18d9bfe2e6f63a06e17694cf1f67587c6fb70e9aebf90ffc528ca3b615ac7c9d4a21ea4f7c06f2e98fbbd90a859b8608bf9ea638e3a54289ce44c283110d0c45fa458de6251cd6e7baf71f80f12c8978340490fd90c92b81736ae902ed958e478dceae2835953d189c45d182aff02ea2be61b81d8e94430f041d638647b43e2fcb45fd512fbf5068b810011010001c2c06504180108000f050251d1f06b050900081095021b0c000a0910e7b484133a890a35e63407fe2ec88d6d1e6c9ce7553ece0cb2524747217bad29f251d33df84599ffcc900141a355abd62126800744068a5e05dc167056aa9205273dc7765a2ed49db15c2a83b8d6e6429c902136f1e12229086c1c10c0053242c2a4ae1930db58163387a48cad64607ff2153c320e42843dec28e3fce90e7399d63ac0affa2fee1f0adc0953c89eb3f46ef1d6c04328ed13b491669d5120a3782e3ffb7c69575fb77eebd108794f4dda9d34be2bae57e8e59ec8ebfda2f6f06104b2321be408ea146e2db482b00c5055c8618de36ac9716f80da2617e225556d0fce61b01c8cea2d1e0ea982c31711060ca370f2739366e1e708f38405d784b49d16a26cf62d152eae734327cec04d0451d1f07b010800d5af91c5e7c2fd8951c8d254eab0c97cdcb66822f868b79b78c366255059a68fd74ebca9adb9b970cd9e586690e6e0756705432306878c897b10a4b4ca0005966f99ac8fa4e6f9caf54bf8e53844544beee9872a7ac64c119cf1393d96e674254b661f61ee975633d0e8a8672531edb6bb8e211204e7754a9efa802342118eee850beea742bac95a3f706cc2024cf6037a308bb68162b2f53b9a6346a96e6d31871a2456186e24a1c7a82b82ac04afdfd57cd7fb9ba77a9c760d40b76a170f7be525e5fb6a9848cc726e806187710d9b190387df28700f321f988a392899f93815cc937f309129eb94d5299c5547cb2c085898e6639496e70d746c9d3fb9881d0011010001c2c06504180108000f050251d1f07b050900266305021b0c000a0910e7b484133a890a35bff207fd10dfe8c4a6ea1dd30568012b6fd6891a763c87ad0f7a1d112aad9e8e3239378a3b85588c235865bac2e614348cb4f216d7217f53b3ef48c192e0a4d31d64d7bfa5faccf21155965fa156e887056db644a05ad08a85cc6152d1377d9e37b46f4ff462bbe68ace2dc586ef90070314576c985d8037c2ba63f0a7dc17a62e15bd77e88bc61d9d00858979709f12304264a4cf4225c5cf86f12c8e19486cb9cdcc69f18f027e5f16f4ca8b50e28b3115eaff3a345acd21f624aef81f6ede515c1b55b26b84c1e32264754eab672d5489b287e7277ea855e0a5ff2aa9e8b8c76d579a964ec225255f4d57bf66639ccb34b64798846943e162a41096a7002ca21c7f56"
+const subkeyUsageHex = "988d04533a52bc010400d26af43085558f65b9e7dbc90cb9238015259aed5e954637adcfa2181548b2d0b60c65f1f42ec5081cbf1bc0a8aa4900acfb77070837c58f26012fbce297d70afe96e759ad63531f0037538e70dbf8e384569b9720d99d8eb39d8d0a2947233ed242436cb6ac7dfe74123354b3d0119b5c235d3dd9c9d6c004f8ffaf67ad8583001101000188b7041f010200210502533b8552170c8001ce094aa433f7040bb2ddf0be3893cb843d0fe70c020700000a0910a42704b92866382aa98404009d63d916a27543da4221c60087c33f1c44bec9998c5438018ed370cca4962876c748e94b73eb39c58eb698063f3fd6346d58dd2a11c0247934c4a9d71f24754f7468f96fb24c3e791dd2392b62f626148ad724189498cbf993db2df7c0cdc2d677c35da0f16cb16c9ce7c33b4de65a4a91b1d21a130ae9cc26067718910ef8e2b417556d627261203c756d627261407379642e65642e61753e88b80413010200220502533a52bc021b03060b090807030206150802090a0b0416020301021e01021780000a0910a42704b92866382a47840400c0c2bd04f5fca586de408b395b3c280a278259c93eaaa8b79a53b97003f8ed502a8a00446dd9947fb462677e4fcac0dac2f0701847d15130aadb6cd9e0705ea0cf5f92f129136c7be21a718d46c8e641eb7f044f2adae573e11ae423a0a9ca51324f03a8a2f34b91fa40c3cc764bee4dccadedb54c768ba0469b683ea53f1c29b88d04533a52bc01040099c92a5d6f8b744224da27bc2369127c35269b58bec179de6bbc038f749344222f85a31933224f26b70243c4e4b2d242f0c4777eaef7b5502f9dad6d8bf3aaeb471210674b74de2d7078af497d55f5cdad97c7bedfbc1b41e8065a97c9c3d344b21fc81d27723af8e374bc595da26ea242dccb6ae497be26eea57e563ed517e90011010001889f0418010200090502533a52bc021b0c000a0910a42704b92866382afa1403ff70284c2de8a043ff51d8d29772602fa98009b7861c540535f874f2c230af8caf5638151a636b21f8255003997ccd29747fdd06777bb24f9593bd7d98a3e887689bf902f999915fcc94625ae487e5d13e6616f89090ebc4fdc7eb5cad8943e4056995bb61c6af37f8043016876a958ec7ebf39c43d20d53b7f546cfa83e8d2604b88d04533b8283010400c0b529316dbdf58b4c54461e7e669dc11c09eb7f73819f178ccd4177b9182b91d138605fcf1e463262fabefa73f94a52b5e15d1904635541c7ea540f07050ce0fb51b73e6f88644cec86e91107c957a114f69554548a85295d2b70bd0b203992f76eb5d493d86d9eabcaa7ef3fc7db7e458438db3fcdb0ca1cc97c638439a9170011010001889f0418010200090502533b8283021b0c000a0910a42704b92866382adc6d0400cfff6258485a21675adb7a811c3e19ebca18851533f75a7ba317950b9997fda8d1a4c8c76505c08c04b6c2cc31dc704d33da36a21273f2b388a1a706f7c3378b66d887197a525936ed9a69acb57fe7f718133da85ec742001c5d1864e9c6c8ea1b94f1c3759cebfd93b18606066c063a63be86085b7e37bdbc65f9a915bf084bb901a204533b85cd110400aed3d2c52af2b38b5b67904b0ef73d6dd7aef86adb770e2b153cd22489654dcc91730892087bb9856ae2d9f7ed1eb48f214243fe86bfe87b349ebd7c30e630e49c07b21fdabf78b7a95c8b7f969e97e3d33f2e074c63552ba64a2ded7badc05ce0ea2be6d53485f6900c7860c7aa76560376ce963d7271b9b54638a4028b573f00a0d8854bfcdb04986141568046202192263b9b67350400aaa1049dbc7943141ef590a70dcb028d730371d92ea4863de715f7f0f16d168bd3dc266c2450457d46dcbbf0b071547e5fbee7700a820c3750b236335d8d5848adb3c0da010e998908dfd93d961480084f3aea20b247034f8988eccb5546efaa35a92d0451df3aaf1aee5aa36a4c4d462c760ecd9cebcabfbe1412b1f21450f203fd126687cd486496e971a87fd9e1a8a765fe654baa219a6871ab97768596ab05c26c1aeea8f1a2c72395a58dbc12ef9640d2b95784e974a4d2d5a9b17c25fedacfe551bda52602de8f6d2e48443f5dd1a2a2a8e6a5e70ecdb88cd6e766ad9745c7ee91d78cc55c3d06536b49c3fee6c3d0b6ff0fb2bf13a314f57c953b8f4d93bf88e70418010200090502533b85cd021b0200520910a42704b92866382a47200419110200060502533b85cd000a091042ce2c64bc0ba99214b2009e26b26852c8b13b10c35768e40e78fbbb48bd084100a0c79d9ea0844fa5853dd3c85ff3ecae6f2c9dd6c557aa04008bbbc964cd65b9b8299d4ebf31f41cc7264b8cf33a00e82c5af022331fac79efc9563a822497ba012953cefe2629f1242fcdcb911dbb2315985bab060bfd58261ace3c654bdbbe2e8ed27a46e836490145c86dc7bae15c011f7e1ffc33730109b9338cd9f483e7cef3d2f396aab5bd80efb6646d7e778270ee99d934d187dd98"
+const revokedKeyHex = "988d045331ce82010400c4fdf7b40a5477f206e6ee278eaef888ca73bf9128a9eef9f2f1ddb8b7b71a4c07cfa241f028a04edb405e4d916c61d6beabc333813dc7b484d2b3c52ee233c6a79b1eea4e9cc51596ba9cd5ac5aeb9df62d86ea051055b79d03f8a4fa9f38386f5bd17529138f3325d46801514ea9047977e0829ed728e68636802796801be10011010001889f04200102000905025331d0e3021d03000a0910a401d9f09a34f7c042aa040086631196405b7e6af71026b88e98012eab44aa9849f6ef3fa930c7c9f23deaedba9db1538830f8652fb7648ec3fcade8dbcbf9eaf428e83c6cbcc272201bfe2fbb90d41963397a7c0637a1a9d9448ce695d9790db2dc95433ad7be19eb3de72dacf1d6db82c3644c13eae2a3d072b99bb341debba012c5ce4006a7d34a1f4b94b444526567205265766f6b657220283c52656727732022424d204261726973746122204b657920262530305c303e5c29203c72656740626d626172697374612e636f2e61753e88b704130102002205025331ce82021b03060b090807030206150802090a0b0416020301021e01021780000a0910a401d9f09a34f7c0019c03f75edfbeb6a73e7225ad3cc52724e2872e04260d7daf0d693c170d8c4b243b8767bc7785763533febc62ec2600c30603c433c095453ede59ff2fcabeb84ce32e0ed9d5cf15ffcbc816202b64370d4d77c1e9077d74e94a16fb4fa2e5bec23a56d7a73cf275f91691ae1801a976fcde09e981a2f6327ac27ea1fecf3185df0d56889c04100102000605025331cfb5000a0910fe9645554e8266b64b4303fc084075396674fb6f778d302ac07cef6bc0b5d07b66b2004c44aef711cbac79617ef06d836b4957522d8772dd94bf41a2f4ac8b1ee6d70c57503f837445a74765a076d07b829b8111fc2a918423ddb817ead7ca2a613ef0bfb9c6b3562aec6c3cf3c75ef3031d81d95f6563e4cdcc9960bcb386c5d757b104fcca5fe11fc709df884604101102000605025331cfe7000a09107b15a67f0b3ddc0317f6009e360beea58f29c1d963a22b962b80788c3fa6c84e009d148cfde6b351469b8eae91187eff07ad9d08fcaab88d045331ce820104009f25e20a42b904f3fa555530fe5c46737cf7bd076c35a2a0d22b11f7e0b61a69320b768f4a80fe13980ce380d1cfc4a0cd8fbe2d2e2ef85416668b77208baa65bf973fe8e500e78cc310d7c8705cdb34328bf80e24f0385fce5845c33bc7943cf6b11b02348a23da0bf6428e57c05135f2dc6bd7c1ce325d666d5a5fd2fd5e410011010001889f04180102000905025331ce82021b0c000a0910a401d9f09a34f7c0418003fe34feafcbeaef348a800a0d908a7a6809cc7304017d820f70f0474d5e23cb17e38b67dc6dca282c6ca00961f4ec9edf2738d0f087b1d81e4871ef08e1798010863afb4eac4c44a376cb343be929c5be66a78cfd4456ae9ec6a99d97f4e1c3ff3583351db2147a65c0acef5c003fb544ab3a2e2dc4d43646f58b811a6c3a369d1f"
+const revokedSubkeyHex = "988d04533121f6010400aefc803a3e4bb1a61c86e8a86d2726c6a43e0079e9f2713f1fa017e9854c83877f4aced8e331d675c67ea83ddab80aacbfa0b9040bb12d96f5a3d6be09455e2a76546cbd21677537db941cab710216b6d24ec277ee0bd65b910f416737ed120f6b93a9d3b306245c8cfd8394606fdb462e5cf43c551438d2864506c63367fc890011010001b41d416c696365203c616c69636540626d626172697374612e636f2e61753e88bb041301020025021b03060b090807030206150802090a0b0416020301021e01021780050253312798021901000a09104ef7e4beccde97f015a803ff5448437780f63263b0df8442a995e7f76c221351a51edd06f2063d8166cf3157aada4923dfc44aa0f2a6a4da5cf83b7fe722ba8ab416c976e77c6b5682e7f1069026673bd0de56ba06fd5d7a9f177607f277d9b55ff940a638c3e68525c67517e2b3d976899b93ca267f705b3e5efad7d61220e96b618a4497eab8d04403d23f8846041011020006050253312910000a09107b15a67f0b3ddc03d96e009f50b6365d86c4be5d5e9d0ea42d5e56f5794c617700a0ab274e19c2827780016d23417ce89e0a2c0d987d889c04100102000605025331cf7a000a0910a401d9f09a34f7c0ee970400aca292f213041c9f3b3fc49148cbda9d84afee6183c8dd6c5ff2600b29482db5fecd4303797be1ee6d544a20a858080fec43412061c9a71fae4039fd58013b4ae341273e6c66ad4c7cdd9e68245bedb260562e7b166f2461a1032f2b38c0e0e5715fb3d1656979e052b55ca827a76f872b78a9fdae64bc298170bfcebedc1271b41a416c696365203c616c696365407379646973702e6f722e61753e88b804130102002205025331278b021b03060b090807030206150802090a0b0416020301021e01021780000a09104ef7e4beccde97f06a7003fa03c3af68d272ebc1fa08aa72a03b02189c26496a2833d90450801c4e42c5b5f51ad96ce2d2c9cef4b7c02a6a2fcf1412d6a2d486098eb762f5010a201819c17fd2888aec8eda20c65a3b75744de7ee5cc8ac7bfc470cbe3cb982720405a27a3c6a8c229cfe36905f881b02ed5680f6a8f05866efb9d6c5844897e631deb949ca8846041011020006050253312910000a09107b15a67f0b3ddc0347bc009f7fa35db59147469eb6f2c5aaf6428accb138b22800a0caa2f5f0874bacc5909c652a57a31beda65eddd5889c04100102000605025331cf7a000a0910a401d9f09a34f7c0316403ff46f2a5c101256627f16384d34a38fb47a6c88ba60506843e532d91614339fccae5f884a5741e7582ffaf292ba38ee10a270a05f139bde3814b6a077e8cd2db0f105ebea2a83af70d385f13b507fac2ad93ff79d84950328bb86f3074745a8b7f9b64990fb142e2a12976e27e8d09a28dc5621f957ac49091116da410ac3cbde1b88d04533121f6010400cbd785b56905e4192e2fb62a720727d43c4fa487821203cf72138b884b78b701093243e1d8c92a0248a6c0203a5a88693da34af357499abacaf4b3309c640797d03093870a323b4b6f37865f6eaa2838148a67df4735d43a90ca87942554cdf1c4a751b1e75f9fd4ce4e97e278d6c1c7ed59d33441df7d084f3f02beb68896c70011010001889f0418010200090502533121f6021b0c000a09104ef7e4beccde97f0b98b03fc0a5ccf6a372995835a2f5da33b282a7d612c0ab2a97f59cf9fff73e9110981aac2858c41399afa29624a7fd8a0add11654e3d882c0fd199e161bdad65e5e2548f7b68a437ea64293db1246e3011cbb94dc1bcdeaf0f2539bd88ff16d95547144d97cead6a8c5927660a91e6db0d16eb36b7b49a3525b54d1644e65599b032b7eb901a204533127a0110400bd3edaa09eff9809c4edc2c2a0ebe52e53c50a19c1e49ab78e6167bf61473bb08f2050d78a5cbbc6ed66aff7b42cd503f16b4a0b99fa1609681fca9b7ce2bbb1a5b3864d6cdda4d7ef7849d156d534dea30fb0efb9e4cf8959a2b2ce623905882d5430b995a15c3b9fe92906086788b891002924f94abe139b42cbbfaaabe42f00a0b65dc1a1ad27d798adbcb5b5ad02d2688c89477b03ff4eebb6f7b15a73b96a96bed201c0e5e4ea27e4c6e2dd1005b94d4b90137a5b1cf5e01c6226c070c4cc999938101578877ee76d296b9aab8246d57049caacf489e80a3f40589cade790a020b1ac146d6f7a6241184b8c7fcde680eae3188f5dcbe846d7f7bdad34f6fcfca08413e19c1d5df83fc7c7c627d493492e009c2f52a80400a2fe82de87136fd2e8845888c4431b032ba29d9a29a804277e31002a8201fb8591a3e55c7a0d0881496caf8b9fb07544a5a4879291d0dc026a0ea9e5bd88eb4aa4947bbd694b25012e208a250d65ddc6f1eea59d3aed3b4ec15fcab85e2afaa23a40ab1ef9ce3e11e1bc1c34a0e758e7aa64deb8739276df0af7d4121f834a9b88e70418010200090502533127a0021b02005209104ef7e4beccde97f047200419110200060502533127a0000a0910dbce4ee19529437fe045009c0b32f5ead48ee8a7e98fac0dea3d3e6c0e2c552500a0ad71fadc5007cfaf842d9b7db3335a8cdad15d3d1a6404009b08e2c68fe8f3b45c1bb72a4b3278cdf3012aa0f229883ad74aa1f6000bb90b18301b2f85372ca5d6b9bf478d235b733b1b197d19ccca48e9daf8e890cb64546b4ce1b178faccfff07003c172a2d4f5ebaba9f57153955f3f61a9b80a4f5cb959908f8b211b03b7026a8a82fc612bfedd3794969bcf458c4ce92be215a1176ab88d045331d144010400a5063000c5aaf34953c1aa3bfc95045b3aab9882b9a8027fecfe2142dc6b47ba8aca667399990244d513dd0504716908c17d92c65e74219e004f7b83fc125e575dd58efec3ab6dd22e3580106998523dea42ec75bf9aa111734c82df54630bebdff20fe981cfc36c76f865eb1c2fb62c9e85bc3a6e5015a361a2eb1c8431578d0011010001889f04280102000905025331d433021d03000a09104ef7e4beccde97f02e5503ff5e0630d1b65291f4882b6d40a29da4616bb5088717d469fbcc3648b8276de04a04988b1f1b9f3e18f52265c1f8b6c85861691c1a6b8a3a25a1809a0b32ad330aec5667cb4262f4450649184e8113849b05e5ad06a316ea80c001e8e71838190339a6e48bbde30647bcf245134b9a97fa875c1d83a9862cae87ffd7e2c4ce3a1b89013d04180102000905025331d144021b0200a809104ef7e4beccde97f09d2004190102000605025331d144000a0910677815e371c2fd23522203fe22ab62b8e7a151383cea3edd3a12995693911426f8ccf125e1f6426388c0010f88d9ca7da2224aee8d1c12135998640c5e1813d55a93df472faae75bef858457248db41b4505827590aeccf6f9eb646da7f980655dd3050c6897feddddaca90676dee856d66db8923477d251712bb9b3186b4d0114daf7d6b59272b53218dd1da94a03ff64006fcbe71211e5daecd9961fba66cdb6de3f914882c58ba5beddeba7dcb950c1156d7fba18c19ea880dccc800eae335deec34e3b84ac75ffa24864f782f87815cda1c0f634b3dd2fa67cea30811d21723d21d9551fa12ccbcfa62b6d3a15d01307b99925707992556d50065505b090aadb8579083a20fe65bd2a270da9b011"
+
+const missingCrossSignatureKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+Charset: UTF-8
+
+mQENBFMYynYBCACVOZ3/e8Bm2b9KH9QyIlHGo/i1bnkpqsgXj8tpJ2MIUOnXMMAY
+ztW7kKFLCmgVdLIC0vSoLA4yhaLcMojznh/2CcUglZeb6Ao8Gtelr//Rd5DRfPpG
+zqcfUo+m+eO1co2Orabw0tZDfGpg5p3AYl0hmxhUyYSc/xUq93xL1UJzBFgYXY54
+QsM8dgeQgFseSk/YvdP5SMx1ev+eraUyiiUtWzWrWC1TdyRa5p4UZg6Rkoppf+WJ
+QrW6BWrhAtqATHc8ozV7uJjeONjUEq24roRc/OFZdmQQGK6yrzKnnbA6MdHhqpdo
+9kWDcXYb7pSE63Lc+OBa5X2GUVvXJLS/3nrtABEBAAG0F2ludmFsaWQtc2lnbmlu
+Zy1zdWJrZXlziQEoBBMBAgASBQJTnKB5AhsBAgsHAhUIAh4BAAoJEO3UDQUIHpI/
+dN4H/idX4FQ1LIZCnpHS/oxoWQWfpRgdKAEM0qCqjMgiipJeEwSQbqjTCynuh5/R
+JlODDz85ABR06aoF4l5ebGLQWFCYifPnJZ/Yf5OYcMGtb7dIbqxWVFL9iLMO/oDL
+ioI3dotjPui5e+2hI9pVH1UHB/bZ/GvMGo6Zg0XxLPolKQODMVjpjLAQ0YJ3spew
+RAmOGre6tIvbDsMBnm8qREt7a07cBJ6XK7xjxYaZHQBiHVxyEWDa6gyANONx8duW
+/fhQ/zDTnyVM/ik6VO0Ty9BhPpcEYLFwh5c1ilFari1ta3e6qKo6ZGa9YMk/REhu
+yBHd9nTkI+0CiQUmbckUiVjDKKe5AQ0EUxjKdgEIAJcXQeP+NmuciE99YcJoffxv
+2gVLU4ZXBNHEaP0mgaJ1+tmMD089vUQAcyGRvw8jfsNsVZQIOAuRxY94aHQhIRHR
+bUzBN28ofo/AJJtfx62C15xt6fDKRV6HXYqAiygrHIpEoRLyiN69iScUsjIJeyFL
+C8wa72e8pSL6dkHoaV1N9ZH/xmrJ+k0vsgkQaAh9CzYufncDxcwkoP+aOlGtX1gP
+WwWoIbz0JwLEMPHBWvDDXQcQPQTYQyj+LGC9U6f9VZHN25E94subM1MjuT9OhN9Y
+MLfWaaIc5WyhLFyQKW2Upofn9wSFi8ubyBnv640Dfd0rVmaWv7LNTZpoZ/GbJAMA
+EQEAAYkBHwQYAQIACQUCU5ygeQIbAgAKCRDt1A0FCB6SP0zCB/sEzaVR38vpx+OQ
+MMynCBJrakiqDmUZv9xtplY7zsHSQjpd6xGflbU2n+iX99Q+nav0ETQZifNUEd4N
+1ljDGQejcTyKD6Pkg6wBL3x9/RJye7Zszazm4+toJXZ8xJ3800+BtaPoI39akYJm
++ijzbskvN0v/j5GOFJwQO0pPRAFtdHqRs9Kf4YanxhedB4dIUblzlIJuKsxFit6N
+lgGRblagG3Vv2eBszbxzPbJjHCgVLR3RmrVezKOsZjr/2i7X+xLWIR0uD3IN1qOW
+CXQxLBizEEmSNVNxsp7KPGTLnqO3bPtqFirxS9PJLIMPTPLNBY7ZYuPNTMqVIUWF
+4artDmrG
+=7FfJ
+-----END PGP PUBLIC KEY BLOCK-----`
+
+const invalidCrossSignatureKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFMYynYBCACVOZ3/e8Bm2b9KH9QyIlHGo/i1bnkpqsgXj8tpJ2MIUOnXMMAY
+ztW7kKFLCmgVdLIC0vSoLA4yhaLcMojznh/2CcUglZeb6Ao8Gtelr//Rd5DRfPpG
+zqcfUo+m+eO1co2Orabw0tZDfGpg5p3AYl0hmxhUyYSc/xUq93xL1UJzBFgYXY54
+QsM8dgeQgFseSk/YvdP5SMx1ev+eraUyiiUtWzWrWC1TdyRa5p4UZg6Rkoppf+WJ
+QrW6BWrhAtqATHc8ozV7uJjeONjUEq24roRc/OFZdmQQGK6yrzKnnbA6MdHhqpdo
+9kWDcXYb7pSE63Lc+OBa5X2GUVvXJLS/3nrtABEBAAG0F2ludmFsaWQtc2lnbmlu
+Zy1zdWJrZXlziQEoBBMBAgASBQJTnKB5AhsBAgsHAhUIAh4BAAoJEO3UDQUIHpI/
+dN4H/idX4FQ1LIZCnpHS/oxoWQWfpRgdKAEM0qCqjMgiipJeEwSQbqjTCynuh5/R
+JlODDz85ABR06aoF4l5ebGLQWFCYifPnJZ/Yf5OYcMGtb7dIbqxWVFL9iLMO/oDL
+ioI3dotjPui5e+2hI9pVH1UHB/bZ/GvMGo6Zg0XxLPolKQODMVjpjLAQ0YJ3spew
+RAmOGre6tIvbDsMBnm8qREt7a07cBJ6XK7xjxYaZHQBiHVxyEWDa6gyANONx8duW
+/fhQ/zDTnyVM/ik6VO0Ty9BhPpcEYLFwh5c1ilFari1ta3e6qKo6ZGa9YMk/REhu
+yBHd9nTkI+0CiQUmbckUiVjDKKe5AQ0EUxjKdgEIAIINDqlj7X6jYKc6DjwrOkjQ
+UIRWbQQar0LwmNilehmt70g5DCL1SYm9q4LcgJJ2Nhxj0/5qqsYib50OSWMcKeEe
+iRXpXzv1ObpcQtI5ithp0gR53YPXBib80t3bUzomQ5UyZqAAHzMp3BKC54/vUrSK
+FeRaxDzNLrCeyI00+LHNUtwghAqHvdNcsIf8VRumK8oTm3RmDh0TyjASWYbrt9c8
+R1Um3zuoACOVy+mEIgIzsfHq0u7dwYwJB5+KeM7ZLx+HGIYdUYzHuUE1sLwVoELh
++SHIGHI1HDicOjzqgajShuIjj5hZTyQySVprrsLKiXS6NEwHAP20+XjayJ/R3tEA
+EQEAAYkCPgQYAQIBKAUCU5ygeQIbAsBdIAQZAQIABgUCU5ygeQAKCRCpVlnFZmhO
+52RJB/9uD1MSa0wjY6tHOIgquZcP3bHBvHmrHNMw9HR2wRCMO91ZkhrpdS3ZHtgb
+u3/55etj0FdvDo1tb8P8FGSVtO5Vcwf5APM8sbbqoi8L951Q3i7qt847lfhu6sMl
+w0LWFvPTOLHrliZHItPRjOltS1WAWfr2jUYhsU9ytaDAJmvf9DujxEOsN5G1YJep
+54JCKVCkM/y585Zcnn+yxk/XwqoNQ0/iJUT9qRrZWvoeasxhl1PQcwihCwss44A+
+YXaAt3hbk+6LEQuZoYS73yR3WHj+42tfm7YxRGeubXfgCEz/brETEWXMh4pe0vCL
+bfWrmfSPq2rDegYcAybxRQz0lF8PAAoJEO3UDQUIHpI/exkH/0vQfdHA8g/N4T6E
+i6b1CUVBAkvtdJpCATZjWPhXmShOw62gkDw306vHPilL4SCvEEi4KzG72zkp6VsB
+DSRcpxCwT4mHue+duiy53/aRMtSJ+vDfiV1Vhq+3sWAck/yUtfDU9/u4eFaiNok1
+8/Gd7reyuZt5CiJnpdPpjCwelK21l2w7sHAnJF55ITXdOxI8oG3BRKufz0z5lyDY
+s2tXYmhhQIggdgelN8LbcMhWs/PBbtUr6uZlNJG2lW1yscD4aI529VjwJlCeo745
+U7pO4eF05VViUJ2mmfoivL3tkhoTUWhx8xs8xCUcCg8DoEoSIhxtOmoTPR22Z9BL
+6LCg2mg=
+=Dhm4
+-----END PGP PUBLIC KEY BLOCK-----`
+
+const goodCrossSignatureKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+Version: GnuPG v1
+
+mI0EVUqeVwEEAMufHRrMPWK3gyvi0O0tABCs/oON9zV9KDZlr1a1M91ShCSFwCPo
+7r80PxdWVWcj0V5h50/CJYtpN3eE/mUIgW2z1uDYQF1OzrQ8ubrksfsJvpAhENom
+lTQEppv9mV8qhcM278teb7TX0pgrUHLYF5CfPdp1L957JLLXoQR/lwLVABEBAAG0
+E2dvb2Qtc2lnbmluZy1zdWJrZXmIuAQTAQIAIgUCVUqeVwIbAwYLCQgHAwIGFQgC
+CQoLBBYCAwECHgECF4AACgkQNRjL95IRWP69XQQAlH6+eyXJN4DZTLX78KGjHrsw
+6FCvxxClEPtPUjcJy/1KCRQmtLAt9PbbA78dvgzjDeZMZqRAwdjyJhjyg/fkU2OH
+7wq4ktjUu+dLcOBb+BFMEY+YjKZhf6EJuVfxoTVr5f82XNPbYHfTho9/OABKH6kv
+X70PaKZhbwnwij8Nts65AaIEVUqftREEAJ3WxZfqAX0bTDbQPf2CMT2IVMGDfhK7
+GyubOZgDFFjwUJQvHNvsrbeGLZ0xOBumLINyPO1amIfTgJNm1iiWFWfmnHReGcDl
+y5mpYG60Mb79Whdcer7CMm3AqYh/dW4g6IB02NwZMKoUHo3PXmFLxMKXnWyJ0clw
+R0LI/Qn509yXAKDh1SO20rqrBM+EAP2c5bfI98kyNwQAi3buu94qo3RR1ZbvfxgW
+CKXDVm6N99jdZGNK7FbRifXqzJJDLcXZKLnstnC4Sd3uyfyf1uFhmDLIQRryn5m+
+LBYHfDBPN3kdm7bsZDDq9GbTHiFZUfm/tChVKXWxkhpAmHhU/tH6GGzNSMXuIWSO
+aOz3Rqq0ED4NXyNKjdF9MiwD/i83S0ZBc0LmJYt4Z10jtH2B6tYdqnAK29uQaadx
+yZCX2scE09UIm32/w7pV77CKr1Cp/4OzAXS1tmFzQ+bX7DR+Gl8t4wxr57VeEMvl
+BGw4Vjh3X8//m3xynxycQU18Q1zJ6PkiMyPw2owZ/nss3hpSRKFJsxMLhW3fKmKr
+Ey2KiOcEGAECAAkFAlVKn7UCGwIAUgkQNRjL95IRWP5HIAQZEQIABgUCVUqftQAK
+CRD98VjDN10SqkWrAKDTpEY8D8HC02E/KVC5YUI01B30wgCgurpILm20kXEDCeHp
+C5pygfXw1DJrhAP+NyPJ4um/bU1I+rXaHHJYroYJs8YSweiNcwiHDQn0Engh/mVZ
+SqLHvbKh2dL/RXymC3+rjPvQf5cup9bPxNMa6WagdYBNAfzWGtkVISeaQW+cTEp/
+MtgVijRGXR/lGLGETPg2X3Afwn9N9bLMBkBprKgbBqU7lpaoPupxT61bL70=
+=vtbN
+-----END PGP PUBLIC KEY BLOCK-----`
+
+const revokedUserIDKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mQENBFsgO5EBCADhREPmcjsPkXe1z7ctvyWL0S7oa9JaoGZ9oPDHFDlQxd0qlX2e
+DZJZDg0qYvVixmaULIulApq1puEsaJCn3lHUbHlb4PYKwLEywYXM28JN91KtLsz/
+uaEX2KC5WqeP40utmzkNLq+oRX/xnRMgwbO7yUNVG2UlEa6eI+xOXO3YtLdmJMBW
+ClQ066ZnOIzEo1JxnIwha1CDBMWLLfOLrg6l8InUqaXbtEBbnaIYO6fXVXELUjkx
+nmk7t/QOk0tXCy8muH9UDqJkwDUESY2l79XwBAcx9riX8vY7vwC34pm22fAUVLCJ
+x1SJx0J8bkeNp38jKM2Zd9SUQqSbfBopQ4pPABEBAAG0I0dvbGFuZyBHb3BoZXIg
+PG5vLXJlcGx5QGdvbGFuZy5jb20+iQFUBBMBCgA+FiEE5Ik5JLcNx6l6rZfw1oFy
+9I6cUoMFAlsgO5ECGwMFCQPCZwAFCwkIBwMFFQoJCAsFFgIDAQACHgECF4AACgkQ
+1oFy9I6cUoMIkwf8DNPeD23i4jRwd/pylbvxwZintZl1fSwTJW1xcOa1emXaEtX2
+depuqhP04fjlRQGfsYAQh7X9jOJxAHjTmhqFBi5sD7QvKU00cPFYbJ/JTx0B41bl
+aXnSbGhRPh63QtEZL7ACAs+shwvvojJqysx7kyVRu0EW2wqjXdHwR/SJO6nhNBa2
+DXzSiOU/SUA42mmG+5kjF8Aabq9wPwT9wjraHShEweNerNMmOqJExBOy3yFeyDpa
+XwEZFzBfOKoxFNkIaVf5GSdIUGhFECkGvBMB935khftmgR8APxdU4BE7XrXexFJU
+8RCuPXonm4WQOwTWR0vQg64pb2WKAzZ8HhwTGbQiR29sYW5nIEdvcGhlciA8cmV2
+b2tlZEBnb2xhbmcuY29tPokBNgQwAQoAIBYhBOSJOSS3Dcepeq2X8NaBcvSOnFKD
+BQJbIDv3Ah0AAAoJENaBcvSOnFKDfWMIAKhI/Tvu3h8fSUxp/gSAcduT6bC1JttG
+0lYQ5ilKB/58lBUA5CO3ZrKDKlzW3M8VEcvohVaqeTMKeoQd5rCZq8KxHn/KvN6N
+s85REfXfniCKfAbnGgVXX3kDmZ1g63pkxrFu0fDZjVDXC6vy+I0sGyI/Inro0Pzb
+tvn0QCsxjapKK15BtmSrpgHgzVqVg0cUp8vqZeKFxarYbYB2idtGRci4b9tObOK0
+BSTVFy26+I/mrFGaPrySYiy2Kz5NMEcRhjmTxJ8jSwEr2O2sUR0yjbgUAXbTxDVE
+/jg5fQZ1ACvBRQnB7LvMHcInbzjyeTM3FazkkSYQD6b97+dkWwb1iWG5AQ0EWyA7
+kQEIALkg04REDZo1JgdYV4x8HJKFS4xAYWbIva1ZPqvDNmZRUbQZR2+gpJGEwn7z
+VofGvnOYiGW56AS5j31SFf5kro1+1bZQ5iOONBng08OOo58/l1hRseIIVGB5TGSa
+PCdChKKHreJI6hS3mShxH6hdfFtiZuB45rwoaArMMsYcjaezLwKeLc396cpUwwcZ
+snLUNd1Xu5EWEF2OdFkZ2a1qYdxBvAYdQf4+1Nr+NRIx1u1NS9c8jp3PuMOkrQEi
+bNtc1v6v0Jy52mKLG4y7mC/erIkvkQBYJdxPaP7LZVaPYc3/xskcyijrJ/5ufoD8
+K71/ShtsZUXSQn9jlRaYR0EbojMAEQEAAYkBPAQYAQoAJhYhBOSJOSS3Dcepeq2X
+8NaBcvSOnFKDBQJbIDuRAhsMBQkDwmcAAAoJENaBcvSOnFKDkFMIAIt64bVZ8x7+
+TitH1bR4pgcNkaKmgKoZz6FXu80+SnbuEt2NnDyf1cLOSimSTILpwLIuv9Uft5Pb
+OraQbYt3xi9yrqdKqGLv80bxqK0NuryNkvh9yyx5WoG1iKqMj9/FjGghuPrRaT4l
+QinNAghGVkEy1+aXGFrG2DsOC1FFI51CC2WVTzZ5RwR2GpiNRfESsU1rZAUqf/2V
+yJl9bD5R4SUNy8oQmhOxi+gbhD4Ao34e4W0ilibslI/uawvCiOwlu5NGd8zv5n+U
+heiQvzkApQup5c+BhH5zFDFdKJ2CBByxw9+7QjMFI/wgLixKuE0Ob2kAokXf7RlB
+7qTZOahrETw=
+=IKnw
+-----END PGP PUBLIC KEY BLOCK-----`
+
+const keyWithSubKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mI0EWyKwKQEEALwXhKBnyaaNFeK3ljfc/qn9X/QFw+28EUfgZPHjRmHubuXLE2uR
+s3ZoSXY2z7Dkv+NyHYMt8p+X8q5fR7JvUjK2XbPyKoiJVnHINll83yl67DaWfKNL
+EjNoO0kIfbXfCkZ7EG6DL+iKtuxniGTcnGT47e+HJSqb/STpLMnWwXjBABEBAAG0
+I0dvbGFuZyBHb3BoZXIgPG5vLXJlcGx5QGdvbGFuZy5jb20+iM4EEwEKADgWIQQ/
+lRafP/p9PytHbwxMvYJsOQdOOAUCWyKwKQIbAwULCQgHAwUVCgkICwUWAgMBAAIe
+AQIXgAAKCRBMvYJsOQdOOOsFBAC62mXww8XuqvYLcVOvHkWLT6mhxrQOJXnlfpn7
+2uBV9CMhoG/Ycd43NONsJrB95Apr9TDIqWnVszNbqPCuBhZQSGLdbiDKjxnCWBk0
+69qv4RNtkpOhYB7jK4s8F5oQZqId6JasT/PmJTH92mhBYhhTQr0GYFuPX2UJdkw9
+Sn9C67iNBFsisDUBBAC3A+Yo9lgCnxi/pfskyLrweYif6kIXWLAtLTsM6g/6jt7b
+wTrknuCPyTv0QKGXsAEe/cK/Xq3HvX9WfXPGIHc/X56ZIsHQ+RLowbZV/Lhok1IW
+FAuQm8axr/by80cRwFnzhfPc/ukkAq2Qyj4hLsGblu6mxeAhzcp8aqmWOO2H9QAR
+AQABiLYEKAEKACAWIQQ/lRafP/p9PytHbwxMvYJsOQdOOAUCWyK16gIdAAAKCRBM
+vYJsOQdOOB1vA/4u4uLONsE+2GVOyBsHyy7uTdkuxaR9b54A/cz6jT/tzUbeIzgx
+22neWhgvIEghnUZd0vEyK9k1wy5vbDlEo6nKzHso32N1QExGr5upRERAxweDxGOj
+7luDwNypI7QcifE64lS/JmlnunwRCdRWMKc0Fp+7jtRc5mpwyHN/Suf5RokBagQY
+AQoAIBYhBD+VFp8/+n0/K0dvDEy9gmw5B044BQJbIrA1AhsCAL8JEEy9gmw5B044
+tCAEGQEKAB0WIQSNdnkaWY6t62iX336UXbGvYdhXJwUCWyKwNQAKCRCUXbGvYdhX
+JxJSA/9fCPHP6sUtGF1o3G1a3yvOUDGr1JWcct9U+QpbCt1mZoNopCNDDQAJvDWl
+mvDgHfuogmgNJRjOMznvahbF+wpTXmB7LS0SK412gJzl1fFIpK4bgnhu0TwxNsO1
+8UkCZWqxRMgcNUn9z6XWONK8dgt5JNvHSHrwF4CxxwjL23AAtK+FA/UUoi3U4kbC
+0XnSr1Sl+mrzQi1+H7xyMe7zjqe+gGANtskqexHzwWPUJCPZ5qpIa2l8ghiUim6b
+4ymJ+N8/T8Yva1FaPEqfMzzqJr8McYFm0URioXJPvOAlRxdHPteZ0qUopt/Jawxl
+Xt6B9h1YpeLoJwjwsvbi98UTRs0jXwoY
+=3fWu
+-----END PGP PUBLIC KEY BLOCK-----`
+
+const keyWithSubKeyAndBadSelfSigOrder = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+mI0EWyLLDQEEAOqIOpJ/ha1OYAGduu9tS3rBz5vyjbNgJO4sFveEM0mgsHQ0X9/L
+plonW+d0gRoO1dhJ8QICjDAc6+cna1DE3tEb5m6JtQ30teLZuqrR398Cf6w7NNVz
+r3lrlmnH9JaKRuXl7tZciwyovneBfZVCdtsRZjaLI1uMQCz/BToiYe3DABEBAAG0
+I0dvbGFuZyBHb3BoZXIgPG5vLXJlcGx5QGdvbGFuZy5jb20+iM4EEwEKADgWIQRZ
+sixZOfQcZdW0wUqmgmdsv1O9xgUCWyLLDQIbAwULCQgHAwUVCgkICwUWAgMBAAIe
+AQIXgAAKCRCmgmdsv1O9xql2A/4pix98NxjhdsXtazA9agpAKeADf9tG4Za27Gj+
+3DCww/E4iP2X35jZimSm/30QRB6j08uGCqd9vXkkJxtOt63y/IpVOtWX6vMWSTUm
+k8xKkaYMP0/IzKNJ1qC/qYEUYpwERBKg9Z+k99E2Ql4kRHdxXUHq6OzY79H18Y+s
+GdeM/riNBFsiyxsBBAC54Pxg/8ZWaZX1phGdwfe5mek27SOYpC0AxIDCSOdMeQ6G
+HPk38pywl1d+S+KmF/F4Tdi+kWro62O4eG2uc/T8JQuRDUhSjX0Qa51gPzJrUOVT
+CFyUkiZ/3ZDhtXkgfuso8ua2ChBgR9Ngr4v43tSqa9y6AK7v0qjxD1x+xMrjXQAR
+AQABiQFxBBgBCgAmAhsCFiEEWbIsWTn0HGXVtMFKpoJnbL9TvcYFAlsizTIFCQAN
+MRcAv7QgBBkBCgAdFiEEJcoVUVJIk5RWj1c/o62jUpRPICQFAlsiyxsACgkQo62j
+UpRPICQq5gQApoWIigZxXFoM0uw4uJBS5JFZtirTANvirZV5RhndwHeMN6JttaBS
+YnjyA4+n1D+zB2VqliD2QrsX12KJN6rGOehCtEIClQ1Hodo9nC6kMzzAwW1O8bZs
+nRJmXV+bsvD4sidLZLjdwOVa3Cxh6pvq4Uur6a7/UYx121hEY0Qx0s8JEKaCZ2y/
+U73GGi0D/i20VW8AWYAPACm2zMlzExKTOAV01YTQH/3vW0WLrOse53WcIVZga6es
+HuO4So0SOEAvxKMe5HpRIu2dJxTvd99Bo9xk9xJU0AoFrO0vNCRnL+5y68xMlODK
+lEw5/kl0jeaTBp6xX0HDQOEVOpPGUwWV4Ij2EnvfNDXaE1vK1kffiQFrBBgBCgAg
+AhsCFiEEWbIsWTn0HGXVtMFKpoJnbL9TvcYFAlsi0AYAv7QgBBkBCgAdFiEEJcoV
+UVJIk5RWj1c/o62jUpRPICQFAlsiyxsACgkQo62jUpRPICQq5gQApoWIigZxXFoM
+0uw4uJBS5JFZtirTANvirZV5RhndwHeMN6JttaBSYnjyA4+n1D+zB2VqliD2QrsX
+12KJN6rGOehCtEIClQ1Hodo9nC6kMzzAwW1O8bZsnRJmXV+bsvD4sidLZLjdwOVa
+3Cxh6pvq4Uur6a7/UYx121hEY0Qx0s8JEKaCZ2y/U73GRl0EAJokkXmy4zKDHWWi
+wvK9gi2gQgRkVnu2AiONxJb5vjeLhM/07BRmH6K1o+w3fOeEQp4FjXj1eQ5fPSM6
+Hhwx2CTl9SDnPSBMiKXsEFRkmwQ2AAsQZLmQZvKBkLZYeBiwf+IY621eYDhZfo+G
+1dh1WoUCyREZsJQg2YoIpWIcvw+a
+=bNRo
+-----END PGP PUBLIC KEY BLOCK-----
+`
+
+const onlySubkeyNoPrivateKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
+Version: GnuPG v1
+
+lQCVBFggvocBBAC7vBsHn7MKmS6IiiZNTXdciplVgS9cqVd+RTdIAoyNTcsiV1H0
+GQ3QtodOPeDlQDNoqinqaobd7R9g3m3hS53Nor7yBZkCWQ5x9v9JxRtoAq0sklh1
+I1X2zEqZk2l6YrfBF/64zWrhjnW3j23szkrAIVu0faQXbQ4z56tmZrw11wARAQAB
+/gdlAkdOVQG0CUdOVSBEdW1teYi4BBMBAgAiBQJYIL6HAhsDBgsJCAcDAgYVCAIJ
+CgsEFgIDAQIeAQIXgAAKCRCd1xxWp1CYAnjGA/9synn6ZXJUKAXQzySgmCZvCIbl
+rqBfEpxwLG4Q/lONhm5vthAE0z49I8hj5Gc5e2tLYUtq0o0OCRdCrYHa/efOYWpJ
+6RsK99bePOisVzmOABLIgZkcr022kHoMCmkPgv9CUGKP1yqbGl+zzAwQfUjRUmvD
+ZIcWLHi2ge4GzPMPi50B2ARYIL6cAQQAxWHnicKejAFcFcF1/3gUSgSH7eiwuBPX
+M7vDdgGzlve1o1jbV4tzrjN9jsCl6r0nJPDMfBSzgLr1auNTRG6HpJ4abcOx86ED
+Ad+avDcQPZb7z3dPhH/gb2lQejZsHh7bbeOS8WMSzHV3RqCLd8J/xwWPNR5zKn1f
+yp4IGfopidMAEQEAAQAD+wQOelnR82+dxyM2IFmZdOB9wSXQeCVOvxSaNMh6Y3lk
+UOOkO8Nlic4x0ungQRvjoRs4wBmCuwFK/MII6jKui0B7dn/NDf51i7rGdNGuJXDH
+e676By1sEY/NGkc74jr74T+5GWNU64W0vkpfgVmjSAzsUtpmhJMXsc7beBhJdnVl
+AgDKCb8hZqj1alcdmLoNvb7ibA3K/V8J462CPD7bMySPBa/uayoFhNxibpoXml2r
+oOtHa5izF3b0/9JY97F6rqkdAgD6GdTJ+xmlCoz1Sewoif1I6krq6xoa7gOYpIXo
+UL1Afr+LiJeyAnF/M34j/kjIVmPanZJjry0kkjHE5ILjH3uvAf4/6n9np+Th8ujS
+YDCIzKwR7639+H+qccOaddCep8Y6KGUMVdD/vTKEx1rMtK+hK/CDkkkxnFslifMJ
+kqoqv3WUqCWJAT0EGAECAAkFAlggvpwCGwIAqAkQndccVqdQmAKdIAQZAQIABgUC
+WCC+nAAKCRDmGUholQPwvQk+A/9latnSsR5s5/1A9TFki11GzSEnfLbx46FYOdkW
+n3YBxZoPQGxNA1vIn8GmouxZInw9CF4jdOJxEdzLlYQJ9YLTLtN5tQEMl/19/bR8
+/qLacAZ9IOezYRWxxZsyn6//jfl7A0Y+FV59d4YajKkEfItcIIlgVBSW6T+TNQT3
+R+EH5HJ/A/4/AN0CmBhhE2vGzTnVU0VPrE4V64pjn1rufFdclgpixNZCuuqpKpoE
+VVHn6mnBf4njKjZrAGPs5kfQ+H4NsM7v3Zz4yV6deu9FZc4O6E+V1WJ38rO8eBix
+7G2jko106CC6vtxsCPVIzY7aaG3H5pjRtomw+pX7SzrQ7FUg2PGumg==
+=F/T0
+-----END PGP PRIVATE KEY BLOCK-----`
+
+const ecdsaPrivateKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+xaUEX1KsSRMIKoZIzj0DAQcCAwTpYqJsnJiFhKKh+8TulWD+lVmerBFNS+Ii
+B+nlG3T0xQQ4Sy5eIjJ0CExIQQzi3EElF/Z2l4F3WC5taFA11NgA/gkDCHSS
+PThf1M2K4LN8F1MRcvR+sb7i0nH55ojkwuVB1DE6jqIT9m9i+mX1tzjSAS+6
+lPQiweCJvG7xTC7Hs3AzRapf/r1At4TB+v+5G2/CKynNFEJpbGwgPGJpbGxA
+aG9tZS5jb20+wncEEBMIAB8FAl9SrEkGCwkHCAMCBBUICgIDFgIBAhkBAhsD
+Ah4BAAoJEMpwT3+q3+xqw5UBAMebZN9isEZ1ML+R/jWAAWMwa/knMugrEZ1v
+Bl9+ZwM0AQCZdf80/wYY4Nve01qSRFv8OmKswLli3TvDv6FKc4cLz8epBF9S
+rEkSCCqGSM49AwEHAgMEAjKnT9b5wY2bf9TpAV3d7OUfPOxKj9c4VzeVzSrH
+AtQgo/MuI1cdYVURicV4i76DNjFhQHQFTk7BrC+C2u1yqQMBCAf+CQMIHImA
+iYfzQtjgQWSFZYUkCFpbbwhNF0ch+3HNaZkaHCnZRIsWsRnc6FCb6lRQyK9+
+Dq59kHlduE5QgY40894jfmP2JdJHU6nBdYrivbEdbMJhBBgTCAAJBQJfUqxJ
+AhsMAAoJEMpwT3+q3+xqUI0BAMykhV08kQ4Ip9Qlbss6Jdufv7YrU0Vd5hou
+b5TmiPd0APoDBh3qIic+aLLUcAuG3+Gt1P1AbUlmqV61ozn1WfHxfw==
+=KLN8
+-----END PGP PRIVATE KEY BLOCK-----`
+
+const dsaPrivateKeyWithElGamalSubkey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lQOBBF9/MLsRCACeaF6BI0jTgDAs86t8/kXPfwlPvR2MCYzB0BCqAdcq1hV/GTYd
+oNmJRna/ZJfsI/vf+d8Nv+EYOQkPheFS1MJVBitkAXjQPgm8i1tQWen1FCWZxqGk
+/vwZYF4yo8GhZ+Wxi3w09W9Cp9QM/CTmyE1Xe7wpPBGe+oD+me8Zxjyt8JBS4Qx+
+gvWbfHxfHnggh4pz7U8QkItlLsBNQEdX4R5+zwRN66g2ZSX/shaa/EkVnihUhD7r
+njP9I51ORWucTQD6OvgooaNQZCkQ/Se9TzdakwWKS2XSIFXiY/e2E5ZgKI/pfKDU
+iA/KessxddPb7nP/05OIJqg9AoDrD4vmehLzAQD+zsUS3LDU1m9/cG4LMsQbT2VK
+Te4HqbGIAle+eu/asQf8DDJMrbZpiJZvADum9j0TJ0oep6VdMbzo9RSDKvlLKT9m
+kG63H8oDWnCZm1a+HmGq9YIX+JHWmsLXXsFLeEouLzHO+mZo0X28eji3V2T87hyR
+MmUM0wFo4k7jK8uVmkDXv3XwNp2uByWxUKZd7EnWmcEZWqIiexJ7XpCS0Pg3tRaI
+zxve0SRe/dxfUPnTk/9KQ9hS6DWroBKquL182zx1Fggh4LIWWE2zq+UYn8BI0E8A
+rmIDFJdF8ymFQGRrEy6g79NnkPmkrZWsgMRYY65P6v4zLVmqohJKkpm3/Uxa6QAP
+CCoPh/JTOvPeCP2bOJH8z4Z9Py3ouMIjofQW8sXqRgf/RIHbh0KsINHrwwZ4gVIr
+MK3RofpaYxw1ztPIWb4cMWoWZHH1Pxh7ggTGSBpAhKXkiWw2Rxat8QF5aA7e962c
+bLvVv8dqsPrD/RnVJHag89cbPTzjn7gY9elE8EM8ithV3oQkwHTr4avYlpDZsgNd
+hUW3YgRwGo31tdzxoG04AcpV2t+07P8XMPr9hsfWs4rHohXPi38Hseu1Ji+dBoWQ
+3+1w/HH3o55s+jy4Ruaz78AIrjbmAJq+6rA2mIcCgrhw3DnzuwQAKeBvSeqn9zfS
+ZC812osMBVmkycwelpaIh64WZ0vWL3GvdXDctV2kXM+qVpDTLEny0LuiXxrwCKQL
+Ev4HAwK9uQBcreDEEud7pfRb8EYP5lzO2ZA7RaIvje6EWAGBvJGMRT0QQE5SGqc7
+Fw5geigBdt+vVyRuNNhg3c2fdn/OBQaYu0J/8AiOogG8EaM8tCFlbGdhbWFsQGRz
+YS5jb20gPGVsZ2FtYWxAZHNhLmNvbT6IkAQTEQgAOBYhBI+gnfiHQxB35/Dp0XAQ
+aE/rsWC5BQJffzC7AhsDBQsJCAcCBhUKCQgLAgQWAgMBAh4BAheAAAoJEHAQaE/r
+sWC5A4EA/0GcJmyPtN+Klc7b9sVT3JgKTRnB/URxOJfYJofP0hZLAQCkqyMO+adV
+JvbgDH0zaITQWZSSXPqpgMpCA6juTrDsd50CawRffzC7EAgAxFFFSAAEQzWTgKU5
+EBtpxxoPzHqcChawTHRxHxjcELXzmUBS5PzfA1HXSPnNqK/x3Ut5ycC3CsW41Fnt
+Gm3706Wu9VFbFZVn55F9lPiplUo61n5pqMvOr1gmuQsdXiTa0t5FRa4TZ2VSiHFw
+vdAVSPTUsT4ZxJ1rPyFYRtq1n3pQcvdZowd07r0JnzTMjLLMFYCKhwIowoOC4zqJ
+iB8enjwOlpaqBATRm9xpVF7SJkroPF6/B1vdhj7E3c1aJyHlo0PYBAg756sSHWHg
+UuLyUQ4TA0hcCVenn/L/aSY2LnbdZB1EBhlYjA7dTCgwIqsQhfQmPkjz6g64A7+Y
+HbbrLwADBQgAk14QIEQ+J/VHetpQV/jt2pNsFK1kVK7mXK0spTExaC2yj2sXlHjL
+Ie3bO5T/KqmIaBEB5db5fA5xK9cZt79qrQHDKsEqUetUeMUWLBx77zBsus3grIgy
+bwDZKseRzQ715pwxquxQlScGoDIBKEh08HpwHkq140eIj3w+MAIfndaZaSCNaxaP
+Snky7BQmJ7Wc7qrIwoQP6yrnUqyW2yNi81nJYUhxjChqaFSlwzLs/iNGryBKo0ic
+BqVIRjikKHBlwBng6WyrltQo/Vt9GG8w+lqaAVXbJRlaBZJUR+2NKi/YhP3qQse3
+v8fi4kns0gh5LK+2C01RvdX4T49QSExuIf4HAwLJqYIGwadA2uem5v7/765ZtFWV
+oL0iZ0ueTJDby4wTFDpLVzzDi/uVcB0ZRFrGOp7w6OYcNYTtV8n3xmli2Q5Trw0c
+wZVzvg+ABKWiv7faBjMczIFF8y6WZKOIeAQYEQgAIBYhBI+gnfiHQxB35/Dp0XAQ
+aE/rsWC5BQJffzC7AhsMAAoJEHAQaE/rsWC5ZmIA/jhS4r4lClbvjuPWt0Yqdn7R
+fss2SPMYvMrrDh42aE0OAQD8xn4G6CN8UtW9xihXOY6FpxiJ/sMc2VaneeUd34oa
+4g==
+=XZm8
+-----END PGP PRIVATE KEY BLOCK-----`
+
+// https://tests.sequoia-pgp.org/#Certificate_expiration
+// P _ U p
+const expiringPrimaryUIDKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+
+xsDNBF2lnPIBDAC5cL9PQoQLTMuhjbYvb4Ncuuo0bfmgPRFywX53jPhoFf4Zg6mv
+/seOXpgecTdOcVttfzC8ycIKrt3aQTiwOG/ctaR4Bk/t6ayNFfdUNxHWk4WCKzdz
+/56fW2O0F23qIRd8UUJp5IIlN4RDdRCtdhVQIAuzvp2oVy/LaS2kxQoKvph/5pQ/
+5whqsyroEWDJoSV0yOb25B/iwk/pLUFoyhDG9bj0kIzDxrEqW+7Ba8nocQlecMF3
+X5KMN5kp2zraLv9dlBBpWW43XktjcCZgMy20SouraVma8Je/ECwUWYUiAZxLIlMv
+9CurEOtxUw6N3RdOtLmYZS9uEnn5y1UkF88o8Nku890uk6BrewFzJyLAx5wRZ4F0
+qV/yq36UWQ0JB/AUGhHVPdFf6pl6eaxBwT5GXvbBUibtf8YI2og5RsgTWtXfU7eb
+SGXrl5ZMpbA6mbfhd0R8aPxWfmDWiIOhBufhMCvUHh1sApMKVZnvIff9/0Dca3wb
+vLIwa3T4CyshfT0AEQEAAc0hQm9iIEJhYmJhZ2UgPGJvYkBvcGVucGdwLmV4YW1w
+bGU+wsEUBBMBCgBIBYJfiWKKBYkBX+/UBQsJCAcCCRD7/MgqAV5zMAYVCgkICwIE
+FgIDAQIXgAIbAwIeARYhBNGmbhojsYLJmA94jPv8yCoBXnMwAAAf0wv/a++a3DkL
+CttbK4LRIiSry2wb97mxYQoWYzvkKYD1IP/KiamRwzjBKuRSE0qZ2uonQDRGc+zl
+1H9dwkDLL4T9uJngCCPCBgFW/hOFPvF+WYEKHtOzunqx6KwDHkpdH+hpzfFzIhDo
+aXiVnDGvJ3H/bVTKq1m2KPXO2ckkXPQXJX9Fx6kPHdvcq+3ZI75IzbD/ue5lBcsy
+OKLzVu+KLxzlzGui6v1V0fTvU/uqvHlvUxcDAqMnIsDUPakjK2RDeQ38qtN6+PQ5
+/dT7vx2Wtzesqn2eDbDf5uRfSgmp2hJLJniAKjMCBVAJiOgPb0LXUIcwCGxaiWOA
+g5ZvNWjX5bZ/FxqpLpOE9OReI5YY7ns7zqP4thLYYWe0Qdp9a2ezVrgzgrh/SLla
+d73x/S9TrmLtYGGlbVUByJW+GXjW2Tt6iaa/WDFzx8NvZ/wzIAdGSEfLcvS+JBSP
+2ppdY5Ac/2dK3PzYABkHvB/rhXIwlXnrFDU9efRHZfFqQqGauA64wfdIzsDNBF2l
+nPIBDADWML9cbGMrp12CtF9b2P6z9TTT74S8iyBOzaSvdGDQY/sUtZXRg21HWamX
+nn9sSXvIDEINOQ6A9QxdxoqWdCHrOuW3ofneYXoG+zeKc4dC86wa1TR2q9vW+RMX
+SO4uImA+Uzula/6k1DogDf28qhCxMwG/i/m9g1c/0aApuDyKdQ1PXsHHNlgd/Dn6
+rrd5y2AObaifV7wIhEJnvqgFXDN2RXGjLeCOHV4Q2WTYPg/S4k1nMXVDwZXrvIsA
+0YwIMgIT86Rafp1qKlgPNbiIlC1g9RY/iFaGN2b4Ir6GDohBQSfZW2+LXoPZuVE/
+wGlQ01rh827KVZW4lXvqsge+wtnWlszcselGATyzqOK9LdHPdZGzROZYI2e8c+pa
+LNDdVPL6vdRBUnkCaEkOtl1mr2JpQi5nTU+gTX4IeInC7E+1a9UDF/Y85ybUz8XV
+8rUnR76UqVC7KidNepdHbZjjXCt8/Zo+Tec9JNbYNQB/e9ExmDntmlHEsSEQzFwz
+j8sxH48AEQEAAcLA9gQYAQoAIBYhBNGmbhojsYLJmA94jPv8yCoBXnMwBQJdpZzy
+AhsMAAoJEPv8yCoBXnMw6f8L/26C34dkjBffTzMj5Bdzm8MtF67OYneJ4TQMw7+4
+1IL4rVcSKhIhk/3Ud5knaRtP2ef1+5F66h9/RPQOJ5+tvBwhBAcUWSupKnUrdVaZ
+QanYmtSxcVV2PL9+QEiNN3tzluhaWO//rACxJ+K/ZXQlIzwQVTpNhfGzAaMVV9zp
+f3u0k14itcv6alKY8+rLZvO1wIIeRZLmU0tZDD5HtWDvUV7rIFI1WuoLb+KZgbYn
+3OWjCPHVdTrdZ2CqnZbG3SXw6awH9bzRLV9EXkbhIMez0deCVdeo+wFFklh8/5VK
+2b0vk/+wqMJxfpa1lHvJLobzOP9fvrswsr92MA2+k901WeISR7qEzcI0Fdg8AyFA
+ExaEK6VyjP7SXGLwvfisw34OxuZr3qmx1Sufu4toH3XrB7QJN8XyqqbsGxUCBqWi
+f9RSK4xjzRTe56iPeiSJJOIciMP9i2ldI+KgLycyeDvGoBj0HCLO3gVaBe4ubVrj
+5KjhX2PVNEJd3XZRzaXZE2aAMQ==
+=522n
+-----END PGP PUBLIC KEY BLOCK-----`
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_config.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_config.go
new file mode 100644
index 0000000000..7350974eff
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_config.go
@@ -0,0 +1,56 @@
+// Copyright (C) 2019 ProtonTech AG
+
+package packet
+
+import "math/bits"
+
+// AEADConfig collects a number of AEAD parameters along with sensible defaults.
+// A nil AEADConfig is valid and results in all default values.
+type AEADConfig struct {
+	// The AEAD mode of operation.
+	DefaultMode AEADMode
+	// Amount of octets in each chunk of data
+	ChunkSize uint64
+}
+
+// Mode returns the AEAD mode of operation.
+func (conf *AEADConfig) Mode() AEADMode {
+	if conf == nil || conf.DefaultMode == 0 {
+		return AEADModeEAX
+	}
+	mode := conf.DefaultMode
+	if mode != AEADModeEAX && mode != AEADModeOCB &&
+		mode != AEADModeExperimentalGCM {
+		panic("AEAD mode unsupported")
+	}
+	return mode
+}
+
+// ChunkSizeByte returns the byte indicating the chunk size. The effective
+// chunk size is computed with the formula uint64(1) << (chunkSizeByte + 6)
+func (conf *AEADConfig) ChunkSizeByte() byte {
+	if conf == nil || conf.ChunkSize == 0 {
+		return 12 // 1 << (12 + 6) == 262144 bytes
+	}
+
+	chunkSize := conf.ChunkSize
+	exponent := bits.Len64(chunkSize) - 1
+	switch {
+	case exponent < 6:
+		exponent = 6
+	case exponent > 27:
+		exponent = 27
+	}
+
+	return byte(exponent - 6)
+}
+
+// decodeAEADChunkSize returns the effective chunk size. In 32-bit systems, the
+// maximum returned value is 1 << 30.
+func decodeAEADChunkSize(c byte) int {
+	size := uint64(1 << (c + 6))
+	if size != uint64(int(size)) {
+		return 1 << 30
+	}
+	return int(size)
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_encrypted.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_encrypted.go
new file mode 100644
index 0000000000..85c53f08aa
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/aead_encrypted.go
@@ -0,0 +1,364 @@
+// Copyright (C) 2019 ProtonTech AG
+
+package packet
+
+import (
+	"bytes"
+	"crypto/cipher"
+	"crypto/rand"
+	"encoding/binary"
+	"io"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
+)
+
+// AEADEncrypted represents an AEAD Encrypted Packet (tag 20, RFC4880bis-5.16).
+type AEADEncrypted struct {
+	cipher        CipherFunction
+	mode          AEADMode
+	chunkSizeByte byte
+	Contents      io.Reader // Encrypted chunks and tags
+	initialNonce  []byte    // Referred to as IV in RFC4880-bis
+}
+
+// Only currently defined version
+const aeadEncryptedVersion = 1
+
+// An AEAD opener/sealer, its configuration, and data for en/decryption.
+type aeadCrypter struct {
+	aead           cipher.AEAD
+	chunkSize      int
+	initialNonce   []byte
+	associatedData []byte       // Chunk-independent associated data
+	chunkIndex     []byte       // Chunk counter
+	bytesProcessed int          // Amount of plaintext bytes encrypted/decrypted
+	buffer         bytes.Buffer // Buffered bytes accross chunks
+}
+
+// aeadEncrypter encrypts and writes bytes. It encrypts when necessary according
+// to the AEAD block size, and buffers the extra encrypted bytes for next write.
+type aeadEncrypter struct {
+	aeadCrypter                // Embedded plaintext sealer
+	writer      io.WriteCloser // 'writer' is a partialLengthWriter
+}
+
+// aeadDecrypter reads and decrypts bytes. It buffers extra decrypted bytes when
+// necessary, similar to aeadEncrypter.
+type aeadDecrypter struct {
+	aeadCrypter           // Embedded ciphertext opener
+	reader      io.Reader // 'reader' is a partialLengthReader
+	peekedBytes []byte    // Used to detect last chunk
+	eof         bool
+}
+
+func (ae *AEADEncrypted) parse(buf io.Reader) error {
+	headerData := make([]byte, 4)
+	if n, err := io.ReadFull(buf, headerData); n < 4 {
+		return errors.AEADError("could not read aead header:" + err.Error())
+	}
+	// Read initial nonce
+	mode := AEADMode(headerData[2])
+	nonceLen := mode.NonceLength()
+	if nonceLen == 0 {
+		return errors.AEADError("unknown mode")
+	}
+	initialNonce := make([]byte, nonceLen)
+	if n, err := io.ReadFull(buf, initialNonce); n < nonceLen {
+		return errors.AEADError("could not read aead nonce:" + err.Error())
+	}
+	ae.Contents = buf
+	ae.initialNonce = initialNonce
+	c := headerData[1]
+	if _, ok := algorithm.CipherById[c]; !ok {
+		return errors.UnsupportedError("unknown cipher: " + string(c))
+	}
+	ae.cipher = CipherFunction(c)
+	ae.mode = mode
+	ae.chunkSizeByte = byte(headerData[3])
+	return nil
+}
+
+// Decrypt returns a io.ReadCloser from which decrypted bytes can be read, or
+// an error.
+func (ae *AEADEncrypted) Decrypt(ciph CipherFunction, key []byte) (io.ReadCloser, error) {
+	return ae.decrypt(key)
+}
+
+// decrypt prepares an aeadCrypter and returns a ReadCloser from which
+// decrypted bytes can be read (see aeadDecrypter.Read()).
+func (ae *AEADEncrypted) decrypt(key []byte) (io.ReadCloser, error) {
+	blockCipher := ae.cipher.new(key)
+	aead := ae.mode.new(blockCipher)
+	// Carry the first tagLen bytes
+	tagLen := ae.mode.TagLength()
+	peekedBytes := make([]byte, tagLen)
+	n, err := io.ReadFull(ae.Contents, peekedBytes)
+	if n < tagLen || (err != nil && err != io.EOF) {
+		return nil, errors.AEADError("Not enough data to decrypt:" + err.Error())
+	}
+	chunkSize := decodeAEADChunkSize(ae.chunkSizeByte)
+	return &aeadDecrypter{
+		aeadCrypter: aeadCrypter{
+			aead:           aead,
+			chunkSize:      chunkSize,
+			initialNonce:   ae.initialNonce,
+			associatedData: ae.associatedData(),
+			chunkIndex:     make([]byte, 8),
+		},
+		reader:      ae.Contents,
+		peekedBytes: peekedBytes}, nil
+}
+
+// Read decrypts bytes and reads them into dst. It decrypts when necessary and
+// buffers extra decrypted bytes. It returns the number of bytes copied into dst
+// and an error.
+func (ar *aeadDecrypter) Read(dst []byte) (n int, err error) {
+	// Return buffered plaintext bytes from previous calls
+	if ar.buffer.Len() > 0 {
+		return ar.buffer.Read(dst)
+	}
+
+	// Return EOF if we've previously validated the final tag
+	if ar.eof {
+		return 0, io.EOF
+	}
+
+	// Read a chunk
+	tagLen := ar.aead.Overhead()
+	cipherChunkBuf := new(bytes.Buffer)
+	_, errRead := io.CopyN(cipherChunkBuf, ar.reader, int64(ar.chunkSize + tagLen))
+	cipherChunk := cipherChunkBuf.Bytes()
+	if errRead != nil && errRead != io.EOF {
+		return 0, errRead
+	}
+	decrypted, errChunk := ar.openChunk(cipherChunk)
+	if errChunk != nil {
+		return 0, errChunk
+	}
+
+	// Return decrypted bytes, buffering if necessary
+	if len(dst) < len(decrypted) {
+		n = copy(dst, decrypted[:len(dst)])
+		ar.buffer.Write(decrypted[len(dst):])
+	} else {
+		n = copy(dst, decrypted)
+	}
+
+	// Check final authentication tag
+	if errRead == io.EOF {
+		errChunk := ar.validateFinalTag(ar.peekedBytes)
+		if errChunk != nil {
+			return n, errChunk
+		}
+		ar.eof = true // Mark EOF for when we've returned all buffered data
+	}
+	return
+}
+
+// Close is noOp. The final authentication tag of the stream was already
+// checked in the last Read call. In the future, this function could be used to
+// wipe the reader and peeked, decrypted bytes, if necessary.
+func (ar *aeadDecrypter) Close() (err error) {
+	return nil
+}
+
+// SerializeAEADEncrypted initializes the aeadCrypter and returns a writer.
+// This writer encrypts and writes bytes (see aeadEncrypter.Write()).
+func SerializeAEADEncrypted(w io.Writer, key []byte, cipher CipherFunction, mode AEADMode, config *Config) (io.WriteCloser, error) {
+	writeCloser := noOpCloser{w}
+	writer, err := serializeStreamHeader(writeCloser, packetTypeAEADEncrypted)
+	if err != nil {
+		return nil, err
+	}
+
+	// Data for en/decryption: tag, version, cipher, aead mode, chunk size
+	aeadConf := config.AEAD()
+	prefix := []byte{
+		0xD4,
+		aeadEncryptedVersion,
+		byte(config.Cipher()),
+		byte(aeadConf.Mode()),
+		aeadConf.ChunkSizeByte(),
+	}
+	n, err := writer.Write(prefix[1:])
+	if err != nil || n < 4 {
+		return nil, errors.AEADError("could not write AEAD headers")
+	}
+	// Sample nonce
+	nonceLen := aeadConf.Mode().NonceLength()
+	nonce := make([]byte, nonceLen)
+	n, err = rand.Read(nonce)
+	if err != nil {
+		panic("Could not sample random nonce")
+	}
+	_, err = writer.Write(nonce)
+	if err != nil {
+		return nil, err
+	}
+	blockCipher := CipherFunction(config.Cipher()).new(key)
+	alg := AEADMode(aeadConf.Mode()).new(blockCipher)
+
+	chunkSize := decodeAEADChunkSize(aeadConf.ChunkSizeByte())
+	return &aeadEncrypter{
+		aeadCrypter: aeadCrypter{
+			aead:           alg,
+			chunkSize:      chunkSize,
+			associatedData: prefix,
+			chunkIndex:     make([]byte, 8),
+			initialNonce:   nonce,
+		},
+		writer: writer}, nil
+}
+
+// Write encrypts and writes bytes. It encrypts when necessary and buffers extra
+// plaintext bytes for next call. When the stream is finished, Close() MUST be
+// called to append the final tag.
+func (aw *aeadEncrypter) Write(plaintextBytes []byte) (n int, err error) {
+	// Append plaintextBytes to existing buffered bytes
+	n, err = aw.buffer.Write(plaintextBytes)
+	if err != nil {
+		return n, err
+	}
+	// Encrypt and write chunks
+	for aw.buffer.Len() >= aw.chunkSize {
+		plainChunk := aw.buffer.Next(aw.chunkSize)
+		encryptedChunk, err := aw.sealChunk(plainChunk)
+		if err != nil {
+			return n, err
+		}
+		_, err = aw.writer.Write(encryptedChunk)
+		if err != nil {
+			return n, err
+		}
+	}
+	return
+}
+
+// Close encrypts and writes the remaining buffered plaintext if any, appends
+// the final authentication tag, and closes the embedded writer. This function
+// MUST be called at the end of a stream.
+func (aw *aeadEncrypter) Close() (err error) {
+	// Encrypt and write a chunk if there's buffered data left, or if we haven't
+	// written any chunks yet.
+	if aw.buffer.Len() > 0 || aw.bytesProcessed == 0 {
+		plainChunk := aw.buffer.Bytes()
+		lastEncryptedChunk, err := aw.sealChunk(plainChunk)
+		if err != nil {
+			return err
+		}
+		_, err = aw.writer.Write(lastEncryptedChunk)
+		if err != nil {
+			return err
+		}
+	}
+	// Compute final tag (associated data: packet tag, version, cipher, aead,
+	// chunk size, index, total number of encrypted octets).
+	adata := append(aw.associatedData[:], aw.chunkIndex[:]...)
+	adata = append(adata, make([]byte, 8)...)
+	binary.BigEndian.PutUint64(adata[13:], uint64(aw.bytesProcessed))
+	nonce := aw.computeNextNonce()
+	finalTag := aw.aead.Seal(nil, nonce, nil, adata)
+	_, err = aw.writer.Write(finalTag)
+	if err != nil {
+		return err
+	}
+	return aw.writer.Close()
+}
+
+// sealChunk Encrypts and authenticates the given chunk.
+func (aw *aeadEncrypter) sealChunk(data []byte) ([]byte, error) {
+	if len(data) > aw.chunkSize {
+		return nil, errors.AEADError("chunk exceeds maximum length")
+	}
+	if aw.associatedData == nil {
+		return nil, errors.AEADError("can't seal without headers")
+	}
+	adata := append(aw.associatedData, aw.chunkIndex...)
+	nonce := aw.computeNextNonce()
+	encrypted := aw.aead.Seal(nil, nonce, data, adata)
+	aw.bytesProcessed += len(data)
+	if err := aw.aeadCrypter.incrementIndex(); err != nil {
+		return nil, err
+	}
+	return encrypted, nil
+}
+
+// openChunk decrypts and checks integrity of an encrypted chunk, returning
+// the underlying plaintext and an error. It access peeked bytes from next
+// chunk, to identify the last chunk and decrypt/validate accordingly.
+func (ar *aeadDecrypter) openChunk(data []byte) ([]byte, error) {
+	tagLen := ar.aead.Overhead()
+	// Restore carried bytes from last call
+	chunkExtra := append(ar.peekedBytes, data...)
+	// 'chunk' contains encrypted bytes, followed by an authentication tag.
+	chunk := chunkExtra[:len(chunkExtra)-tagLen]
+	ar.peekedBytes = chunkExtra[len(chunkExtra)-tagLen:]
+	adata := append(ar.associatedData, ar.chunkIndex...)
+	nonce := ar.computeNextNonce()
+	plainChunk, err := ar.aead.Open(nil, nonce, chunk, adata)
+	if err != nil {
+		return nil, err
+	}
+	ar.bytesProcessed += len(plainChunk)
+	if err = ar.aeadCrypter.incrementIndex(); err != nil {
+		return nil, err
+	}
+	return plainChunk, nil
+}
+
+// Checks the summary tag. It takes into account the total decrypted bytes into
+// the associated data. It returns an error, or nil if the tag is valid.
+func (ar *aeadDecrypter) validateFinalTag(tag []byte) error {
+	// Associated: tag, version, cipher, aead, chunk size, index, and octets
+	amountBytes := make([]byte, 8)
+	binary.BigEndian.PutUint64(amountBytes, uint64(ar.bytesProcessed))
+	adata := append(ar.associatedData, ar.chunkIndex...)
+	adata = append(adata, amountBytes...)
+	nonce := ar.computeNextNonce()
+	_, err := ar.aead.Open(nil, nonce, tag, adata)
+	if err != nil {
+		return err
+	}
+	return nil
+}
+
+// Associated data for chunks: tag, version, cipher, mode, chunk size byte
+func (ae *AEADEncrypted) associatedData() []byte {
+	return []byte{
+		0xD4,
+		aeadEncryptedVersion,
+		byte(ae.cipher),
+		byte(ae.mode),
+		ae.chunkSizeByte}
+}
+
+// computeNonce takes the incremental index and computes an eXclusive OR with
+// the least significant 8 bytes of the receivers' initial nonce (see sec.
+// 5.16.1 and 5.16.2). It returns the resulting nonce.
+func (wo *aeadCrypter) computeNextNonce() (nonce []byte) {
+	nonce = make([]byte, len(wo.initialNonce))
+	copy(nonce, wo.initialNonce)
+	offset := len(wo.initialNonce) - 8
+	for i := 0; i < 8; i++ {
+		nonce[i+offset] ^= wo.chunkIndex[i]
+	}
+	return
+}
+
+// incrementIndex perfoms an integer increment by 1 of the integer represented by the
+// slice, modifying it accordingly.
+func (wo *aeadCrypter) incrementIndex() error {
+	index := wo.chunkIndex
+	if len(index) == 0 {
+		return errors.AEADError("Index has length 0")
+	}
+	for i := len(index) - 1; i >= 0; i-- {
+		if index[i] < 255 {
+			index[i]++
+			return nil
+		}
+		index[i] = 0
+	}
+	return errors.AEADError("cannot further increment index")
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/compressed.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/compressed.go
new file mode 100644
index 0000000000..c55cecd357
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/compressed.go
@@ -0,0 +1,123 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"compress/bzip2"
+	"compress/flate"
+	"compress/zlib"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"io"
+	"strconv"
+)
+
+// Compressed represents a compressed OpenPGP packet. The decompressed contents
+// will contain more OpenPGP packets. See RFC 4880, section 5.6.
+type Compressed struct {
+	Body io.Reader
+}
+
+const (
+	NoCompression      = flate.NoCompression
+	BestSpeed          = flate.BestSpeed
+	BestCompression    = flate.BestCompression
+	DefaultCompression = flate.DefaultCompression
+)
+
+// CompressionConfig contains compressor configuration settings.
+type CompressionConfig struct {
+	// Level is the compression level to use. It must be set to
+	// between -1 and 9, with -1 causing the compressor to use the
+	// default compression level, 0 causing the compressor to use
+	// no compression and 1 to 9 representing increasing (better,
+	// slower) compression levels. If Level is less than -1 or
+	// more then 9, a non-nil error will be returned during
+	// encryption. See the constants above for convenient common
+	// settings for Level.
+	Level int
+}
+
+func (c *Compressed) parse(r io.Reader) error {
+	var buf [1]byte
+	_, err := readFull(r, buf[:])
+	if err != nil {
+		return err
+	}
+
+	switch buf[0] {
+	case 1:
+		c.Body = flate.NewReader(r)
+	case 2:
+		c.Body, err = zlib.NewReader(r)
+	case 3:
+		c.Body = bzip2.NewReader(r)
+	default:
+		err = errors.UnsupportedError("unknown compression algorithm: " + strconv.Itoa(int(buf[0])))
+	}
+
+	return err
+}
+
+// compressedWriterCloser represents the serialized compression stream
+// header and the compressor. Its Close() method ensures that both the
+// compressor and serialized stream header are closed. Its Write()
+// method writes to the compressor.
+type compressedWriteCloser struct {
+	sh io.Closer      // Stream Header
+	c  io.WriteCloser // Compressor
+}
+
+func (cwc compressedWriteCloser) Write(p []byte) (int, error) {
+	return cwc.c.Write(p)
+}
+
+func (cwc compressedWriteCloser) Close() (err error) {
+	err = cwc.c.Close()
+	if err != nil {
+		return err
+	}
+
+	return cwc.sh.Close()
+}
+
+// SerializeCompressed serializes a compressed data packet to w and
+// returns a WriteCloser to which the literal data packets themselves
+// can be written and which MUST be closed on completion. If cc is
+// nil, sensible defaults will be used to configure the compression
+// algorithm.
+func SerializeCompressed(w io.WriteCloser, algo CompressionAlgo, cc *CompressionConfig) (literaldata io.WriteCloser, err error) {
+	compressed, err := serializeStreamHeader(w, packetTypeCompressed)
+	if err != nil {
+		return
+	}
+
+	_, err = compressed.Write([]byte{uint8(algo)})
+	if err != nil {
+		return
+	}
+
+	level := DefaultCompression
+	if cc != nil {
+		level = cc.Level
+	}
+
+	var compressor io.WriteCloser
+	switch algo {
+	case CompressionZIP:
+		compressor, err = flate.NewWriter(compressed, level)
+	case CompressionZLIB:
+		compressor, err = zlib.NewWriterLevel(compressed, level)
+	default:
+		s := strconv.Itoa(int(algo))
+		err = errors.UnsupportedError("Unsupported compression algorithm: " + s)
+	}
+	if err != nil {
+		return
+	}
+
+	literaldata = compressedWriteCloser{compressed, compressor}
+
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config.go
new file mode 100644
index 0000000000..5652dd8148
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/config.go
@@ -0,0 +1,167 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"crypto"
+	"crypto/rand"
+	"io"
+	"math/big"
+	"time"
+)
+
+// Config collects a number of parameters along with sensible defaults.
+// A nil *Config is valid and results in all default values.
+type Config struct {
+	// Rand provides the source of entropy.
+	// If nil, the crypto/rand Reader is used.
+	Rand io.Reader
+	// DefaultHash is the default hash function to be used.
+	// If zero, SHA-256 is used.
+	DefaultHash crypto.Hash
+	// DefaultCipher is the cipher to be used.
+	// If zero, AES-128 is used.
+	DefaultCipher CipherFunction
+	// Time returns the current time as the number of seconds since the
+	// epoch. If Time is nil, time.Now is used.
+	Time func() time.Time
+	// DefaultCompressionAlgo is the compression algorithm to be
+	// applied to the plaintext before encryption. If zero, no
+	// compression is done.
+	DefaultCompressionAlgo CompressionAlgo
+	// CompressionConfig configures the compression settings.
+	CompressionConfig *CompressionConfig
+	// S2KCount is only used for symmetric encryption. It
+	// determines the strength of the passphrase stretching when
+	// the said passphrase is hashed to produce a key. S2KCount
+	// should be between 1024 and 65011712, inclusive. If Config
+	// is nil or S2KCount is 0, the value 65536 used. Not all
+	// values in the above range can be represented. S2KCount will
+	// be rounded up to the next representable value if it cannot
+	// be encoded exactly. When set, it is strongly encrouraged to
+	// use a value that is at least 65536. See RFC 4880 Section
+	// 3.7.1.3.
+	S2KCount int
+	// RSABits is the number of bits in new RSA keys made with NewEntity.
+	// If zero, then 2048 bit keys are created.
+	RSABits int
+	// The public key algorithm to use - will always create a signing primary
+	// key and encryption subkey.
+	Algorithm PublicKeyAlgorithm
+	// Some known primes that are optionally prepopulated by the caller
+	RSAPrimes []*big.Int
+	// AEADConfig configures the use of the new AEAD Encrypted Data Packet,
+	// defined in the draft of the next version of the OpenPGP specification.
+	// If a non-nil AEADConfig is passed, usage of this packet is enabled. By
+	// default, it is disabled. See the documentation of AEADConfig for more
+	// configuration options related to AEAD.
+	// **Note: using this option may break compatibility with other OpenPGP
+	// implementations, as well as future versions of this library.**
+	AEADConfig *AEADConfig
+	// V5Keys configures version 5 key generation. If false, this package still
+	// supports version 5 keys, but produces version 4 keys.
+	V5Keys bool
+	// "The validity period of the key.  This is the number of seconds after
+	// the key creation time that the key expires.  If this is not present
+	// or has a value of zero, the key never expires.  This is found only on
+	// a self-signature.""
+	// https://tools.ietf.org/html/rfc4880#section-5.2.3.6
+	KeyLifetimeSecs uint32
+	// "The validity period of the signature.  This is the number of seconds
+	// after the signature creation time that the signature expires.  If
+	// this is not present or has a value of zero, it never expires."
+	// https://tools.ietf.org/html/rfc4880#section-5.2.3.10
+	SigLifetimeSecs uint32
+	// SigningKeyId is used to specify the signing key to use (by Key ID).
+	// By default, the signing key is selected automatically, preferring
+	// signing subkeys if available.
+	SigningKeyId uint64
+}
+
+func (c *Config) Random() io.Reader {
+	if c == nil || c.Rand == nil {
+		return rand.Reader
+	}
+	return c.Rand
+}
+
+func (c *Config) Hash() crypto.Hash {
+	if c == nil || uint(c.DefaultHash) == 0 {
+		return crypto.SHA256
+	}
+	return c.DefaultHash
+}
+
+func (c *Config) Cipher() CipherFunction {
+	if c == nil || uint8(c.DefaultCipher) == 0 {
+		return CipherAES128
+	}
+	return c.DefaultCipher
+}
+
+func (c *Config) Now() time.Time {
+	if c == nil || c.Time == nil {
+		return time.Now()
+	}
+	return c.Time()
+}
+
+// KeyLifetime returns the validity period of the key.
+func (c *Config) KeyLifetime() uint32 {
+	if c == nil {
+		return 0
+	}
+	return c.KeyLifetimeSecs
+}
+
+// SigLifetime returns the validity period of the signature.
+func (c *Config) SigLifetime() uint32 {
+	if c == nil {
+		return 0
+	}
+	return c.SigLifetimeSecs
+}
+
+func (c *Config) Compression() CompressionAlgo {
+	if c == nil {
+		return CompressionNone
+	}
+	return c.DefaultCompressionAlgo
+}
+
+func (c *Config) PasswordHashIterations() int {
+	if c == nil || c.S2KCount == 0 {
+		return 0
+	}
+	return c.S2KCount
+}
+
+func (c *Config) RSAModulusBits() int {
+	if c == nil || c.RSABits == 0 {
+		return 2048
+	}
+	return c.RSABits
+}
+
+func (c *Config) PublicKeyAlgorithm() PublicKeyAlgorithm {
+	if c == nil || c.Algorithm == 0 {
+		return PubKeyAlgoRSA
+	}
+	return c.Algorithm
+}
+
+func (c *Config) AEAD() *AEADConfig {
+	if c == nil {
+		return nil
+	}
+	return c.AEADConfig
+}
+
+func (c *Config) SigningKey() uint64 {
+	if c == nil {
+		return 0
+	}
+	return c.SigningKeyId
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/encrypted_key.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/encrypted_key.go
new file mode 100644
index 0000000000..801aec92b4
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/encrypted_key.go
@@ -0,0 +1,282 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"crypto"
+	"crypto/rsa"
+	"encoding/binary"
+	"io"
+	"math/big"
+	"strconv"
+
+	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
+	"github.com/ProtonMail/go-crypto/openpgp/elgamal"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
+)
+
+const encryptedKeyVersion = 3
+
+// EncryptedKey represents a public-key encrypted session key. See RFC 4880,
+// section 5.1.
+type EncryptedKey struct {
+	KeyId      uint64
+	Algo       PublicKeyAlgorithm
+	CipherFunc CipherFunction // only valid after a successful Decrypt
+	Key        []byte         // only valid after a successful Decrypt
+
+	encryptedMPI1, encryptedMPI2 encoding.Field
+}
+
+func (e *EncryptedKey) parse(r io.Reader) (err error) {
+	var buf [10]byte
+	_, err = readFull(r, buf[:])
+	if err != nil {
+		return
+	}
+	if buf[0] != encryptedKeyVersion {
+		return errors.UnsupportedError("unknown EncryptedKey version " + strconv.Itoa(int(buf[0])))
+	}
+	e.KeyId = binary.BigEndian.Uint64(buf[1:9])
+	e.Algo = PublicKeyAlgorithm(buf[9])
+	switch e.Algo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
+		e.encryptedMPI1 = new(encoding.MPI)
+		if _, err = e.encryptedMPI1.ReadFrom(r); err != nil {
+			return
+		}
+	case PubKeyAlgoElGamal:
+		e.encryptedMPI1 = new(encoding.MPI)
+		if _, err = e.encryptedMPI1.ReadFrom(r); err != nil {
+			return
+		}
+
+		e.encryptedMPI2 = new(encoding.MPI)
+		if _, err = e.encryptedMPI2.ReadFrom(r); err != nil {
+			return
+		}
+	case PubKeyAlgoECDH:
+		e.encryptedMPI1 = new(encoding.MPI)
+		if _, err = e.encryptedMPI1.ReadFrom(r); err != nil {
+			return
+		}
+
+		e.encryptedMPI2 = new(encoding.OID)
+		if _, err = e.encryptedMPI2.ReadFrom(r); err != nil {
+			return
+		}
+	}
+	_, err = consumeAll(r)
+	return
+}
+
+func checksumKeyMaterial(key []byte) uint16 {
+	var checksum uint16
+	for _, v := range key {
+		checksum += uint16(v)
+	}
+	return checksum
+}
+
+// Decrypt decrypts an encrypted session key with the given private key. The
+// private key must have been decrypted first.
+// If config is nil, sensible defaults will be used.
+func (e *EncryptedKey) Decrypt(priv *PrivateKey, config *Config) error {
+	if e.KeyId != 0 && e.KeyId != priv.KeyId {
+		return errors.InvalidArgumentError("cannot decrypt encrypted session key for key id " + strconv.FormatUint(e.KeyId, 16) + " with private key id " + strconv.FormatUint(priv.KeyId, 16))
+	}
+	if e.Algo != priv.PubKeyAlgo {
+		return errors.InvalidArgumentError("cannot decrypt encrypted session key of type " + strconv.Itoa(int(e.Algo)) + " with private key of type " + strconv.Itoa(int(priv.PubKeyAlgo)))
+	}
+	if priv.Dummy() {
+		return errors.ErrDummyPrivateKey("dummy key found")
+	}
+
+	var err error
+	var b []byte
+
+	// TODO(agl): use session key decryption routines here to avoid
+	// padding oracle attacks.
+	switch priv.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
+		// Supports both *rsa.PrivateKey and crypto.Decrypter
+		k := priv.PrivateKey.(crypto.Decrypter)
+		b, err = k.Decrypt(config.Random(), padToKeySize(k.Public().(*rsa.PublicKey), e.encryptedMPI1.Bytes()), nil)
+	case PubKeyAlgoElGamal:
+		c1 := new(big.Int).SetBytes(e.encryptedMPI1.Bytes())
+		c2 := new(big.Int).SetBytes(e.encryptedMPI2.Bytes())
+		b, err = elgamal.Decrypt(priv.PrivateKey.(*elgamal.PrivateKey), c1, c2)
+	case PubKeyAlgoECDH:
+		vsG := e.encryptedMPI1.Bytes()
+		m := e.encryptedMPI2.Bytes()
+		oid := priv.PublicKey.oid.EncodedBytes()
+		b, err = ecdh.Decrypt(priv.PrivateKey.(*ecdh.PrivateKey), vsG, m, oid, priv.PublicKey.Fingerprint[:])
+	default:
+		err = errors.InvalidArgumentError("cannot decrypt encrypted session key with private key of type " + strconv.Itoa(int(priv.PubKeyAlgo)))
+	}
+
+	if err != nil {
+		return err
+	}
+
+	e.CipherFunc = CipherFunction(b[0])
+	e.Key = b[1 : len(b)-2]
+	expectedChecksum := uint16(b[len(b)-2])<<8 | uint16(b[len(b)-1])
+	checksum := checksumKeyMaterial(e.Key)
+	if checksum != expectedChecksum {
+		return errors.StructuralError("EncryptedKey checksum incorrect")
+	}
+
+	return nil
+}
+
+// Serialize writes the encrypted key packet, e, to w.
+func (e *EncryptedKey) Serialize(w io.Writer) error {
+	var mpiLen int
+	switch e.Algo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
+		mpiLen = int(e.encryptedMPI1.EncodedLength())
+	case PubKeyAlgoElGamal:
+		mpiLen = int(e.encryptedMPI1.EncodedLength()) + int(e.encryptedMPI2.EncodedLength())
+	case PubKeyAlgoECDH:
+		mpiLen = int(e.encryptedMPI1.EncodedLength()) + int(e.encryptedMPI2.EncodedLength())
+	default:
+		return errors.InvalidArgumentError("don't know how to serialize encrypted key type " + strconv.Itoa(int(e.Algo)))
+	}
+
+	err := serializeHeader(w, packetTypeEncryptedKey, 1 /* version */ +8 /* key id */ +1 /* algo */ +mpiLen)
+	if err != nil {
+		return err
+	}
+
+	w.Write([]byte{encryptedKeyVersion})
+	binary.Write(w, binary.BigEndian, e.KeyId)
+	w.Write([]byte{byte(e.Algo)})
+
+	switch e.Algo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
+		_, err := w.Write(e.encryptedMPI1.EncodedBytes())
+		return err
+	case PubKeyAlgoElGamal:
+		if _, err := w.Write(e.encryptedMPI1.EncodedBytes()); err != nil {
+			return err
+		}
+		_, err := w.Write(e.encryptedMPI2.EncodedBytes())
+		return err
+	case PubKeyAlgoECDH:
+		if _, err := w.Write(e.encryptedMPI1.EncodedBytes()); err != nil {
+			return err
+		}
+		_, err := w.Write(e.encryptedMPI2.EncodedBytes())
+		return err
+	default:
+		panic("internal error")
+	}
+}
+
+// SerializeEncryptedKey serializes an encrypted key packet to w that contains
+// key, encrypted to pub.
+// If config is nil, sensible defaults will be used.
+func SerializeEncryptedKey(w io.Writer, pub *PublicKey, cipherFunc CipherFunction, key []byte, config *Config) error {
+	var buf [10]byte
+	buf[0] = encryptedKeyVersion
+	binary.BigEndian.PutUint64(buf[1:9], pub.KeyId)
+	buf[9] = byte(pub.PubKeyAlgo)
+
+	keyBlock := make([]byte, 1 /* cipher type */ +len(key)+2 /* checksum */)
+	keyBlock[0] = byte(cipherFunc)
+	copy(keyBlock[1:], key)
+	checksum := checksumKeyMaterial(key)
+	keyBlock[1+len(key)] = byte(checksum >> 8)
+	keyBlock[1+len(key)+1] = byte(checksum)
+
+	switch pub.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly:
+		return serializeEncryptedKeyRSA(w, config.Random(), buf, pub.PublicKey.(*rsa.PublicKey), keyBlock)
+	case PubKeyAlgoElGamal:
+		return serializeEncryptedKeyElGamal(w, config.Random(), buf, pub.PublicKey.(*elgamal.PublicKey), keyBlock)
+	case PubKeyAlgoECDH:
+		return serializeEncryptedKeyECDH(w, config.Random(), buf, pub.PublicKey.(*ecdh.PublicKey), keyBlock, pub.oid, pub.Fingerprint)
+	case PubKeyAlgoDSA, PubKeyAlgoRSASignOnly:
+		return errors.InvalidArgumentError("cannot encrypt to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
+	}
+
+	return errors.UnsupportedError("encrypting a key to public key of type " + strconv.Itoa(int(pub.PubKeyAlgo)))
+}
+
+func serializeEncryptedKeyRSA(w io.Writer, rand io.Reader, header [10]byte, pub *rsa.PublicKey, keyBlock []byte) error {
+	cipherText, err := rsa.EncryptPKCS1v15(rand, pub, keyBlock)
+	if err != nil {
+		return errors.InvalidArgumentError("RSA encryption failed: " + err.Error())
+	}
+
+	cipherMPI := encoding.NewMPI(cipherText)
+	packetLen := 10 /* header length */ + int(cipherMPI.EncodedLength())
+
+	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(header[:])
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(cipherMPI.EncodedBytes())
+	return err
+}
+
+func serializeEncryptedKeyElGamal(w io.Writer, rand io.Reader, header [10]byte, pub *elgamal.PublicKey, keyBlock []byte) error {
+	c1, c2, err := elgamal.Encrypt(rand, pub, keyBlock)
+	if err != nil {
+		return errors.InvalidArgumentError("ElGamal encryption failed: " + err.Error())
+	}
+
+	packetLen := 10 /* header length */
+	packetLen += 2 /* mpi size */ + (c1.BitLen()+7)/8
+	packetLen += 2 /* mpi size */ + (c2.BitLen()+7)/8
+
+	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
+	if err != nil {
+		return err
+	}
+	_, err = w.Write(header[:])
+	if err != nil {
+		return err
+	}
+	if _, err = w.Write(new(encoding.MPI).SetBig(c1).EncodedBytes()); err != nil {
+		return err
+	}
+	_, err = w.Write(new(encoding.MPI).SetBig(c2).EncodedBytes())
+	return err
+}
+
+func serializeEncryptedKeyECDH(w io.Writer, rand io.Reader, header [10]byte, pub *ecdh.PublicKey, keyBlock []byte, oid encoding.Field, fingerprint []byte) error {
+	vsG, c, err := ecdh.Encrypt(rand, pub, keyBlock, oid.EncodedBytes(), fingerprint)
+	if err != nil {
+		return errors.InvalidArgumentError("ECDH encryption failed: " + err.Error())
+	}
+
+	g := encoding.NewMPI(vsG)
+	m := encoding.NewOID(c)
+
+	packetLen := 10 /* header length */
+	packetLen += int(g.EncodedLength()) + int(m.EncodedLength())
+
+	err = serializeHeader(w, packetTypeEncryptedKey, packetLen)
+	if err != nil {
+		return err
+	}
+
+	_, err = w.Write(header[:])
+	if err != nil {
+		return err
+	}
+	if _, err = w.Write(g.EncodedBytes()); err != nil {
+		return err
+	}
+	_, err = w.Write(m.EncodedBytes())
+	return err
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/literal.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/literal.go
new file mode 100644
index 0000000000..4be987609b
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/literal.go
@@ -0,0 +1,91 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"encoding/binary"
+	"io"
+)
+
+// LiteralData represents an encrypted file. See RFC 4880, section 5.9.
+type LiteralData struct {
+	Format   uint8
+	IsBinary bool
+	FileName string
+	Time     uint32 // Unix epoch time. Either creation time or modification time. 0 means undefined.
+	Body     io.Reader
+}
+
+// ForEyesOnly returns whether the contents of the LiteralData have been marked
+// as especially sensitive.
+func (l *LiteralData) ForEyesOnly() bool {
+	return l.FileName == "_CONSOLE"
+}
+
+func (l *LiteralData) parse(r io.Reader) (err error) {
+	var buf [256]byte
+
+	_, err = readFull(r, buf[:2])
+	if err != nil {
+		return
+	}
+
+	l.Format = buf[0]
+	l.IsBinary = l.Format == 'b'
+	fileNameLen := int(buf[1])
+
+	_, err = readFull(r, buf[:fileNameLen])
+	if err != nil {
+		return
+	}
+
+	l.FileName = string(buf[:fileNameLen])
+
+	_, err = readFull(r, buf[:4])
+	if err != nil {
+		return
+	}
+
+	l.Time = binary.BigEndian.Uint32(buf[:4])
+	l.Body = r
+	return
+}
+
+// SerializeLiteral serializes a literal data packet to w and returns a
+// WriteCloser to which the data itself can be written and which MUST be closed
+// on completion. The fileName is truncated to 255 bytes.
+func SerializeLiteral(w io.WriteCloser, isBinary bool, fileName string, time uint32) (plaintext io.WriteCloser, err error) {
+	var buf [4]byte
+	buf[0] = 't'
+	if isBinary {
+		buf[0] = 'b'
+	}
+	if len(fileName) > 255 {
+		fileName = fileName[:255]
+	}
+	buf[1] = byte(len(fileName))
+
+	inner, err := serializeStreamHeader(w, packetTypeLiteralData)
+	if err != nil {
+		return
+	}
+
+	_, err = inner.Write(buf[:2])
+	if err != nil {
+		return
+	}
+	_, err = inner.Write([]byte(fileName))
+	if err != nil {
+		return
+	}
+	binary.BigEndian.PutUint32(buf[:], time)
+	_, err = inner.Write(buf[:])
+	if err != nil {
+		return
+	}
+
+	plaintext = inner
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/ocfb.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/ocfb.go
new file mode 100644
index 0000000000..4f26d0a00b
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/ocfb.go
@@ -0,0 +1,137 @@
+// Copyright 2010 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// OpenPGP CFB Mode. http://tools.ietf.org/html/rfc4880#section-13.9
+
+package packet
+
+import (
+	"crypto/cipher"
+)
+
+type ocfbEncrypter struct {
+	b       cipher.Block
+	fre     []byte
+	outUsed int
+}
+
+// An OCFBResyncOption determines if the "resynchronization step" of OCFB is
+// performed.
+type OCFBResyncOption bool
+
+const (
+	OCFBResync   OCFBResyncOption = true
+	OCFBNoResync OCFBResyncOption = false
+)
+
+// NewOCFBEncrypter returns a cipher.Stream which encrypts data with OpenPGP's
+// cipher feedback mode using the given cipher.Block, and an initial amount of
+// ciphertext.  randData must be random bytes and be the same length as the
+// cipher.Block's block size. Resync determines if the "resynchronization step"
+// from RFC 4880, 13.9 step 7 is performed. Different parts of OpenPGP vary on
+// this point.
+func NewOCFBEncrypter(block cipher.Block, randData []byte, resync OCFBResyncOption) (cipher.Stream, []byte) {
+	blockSize := block.BlockSize()
+	if len(randData) != blockSize {
+		return nil, nil
+	}
+
+	x := &ocfbEncrypter{
+		b:       block,
+		fre:     make([]byte, blockSize),
+		outUsed: 0,
+	}
+	prefix := make([]byte, blockSize+2)
+
+	block.Encrypt(x.fre, x.fre)
+	for i := 0; i < blockSize; i++ {
+		prefix[i] = randData[i] ^ x.fre[i]
+	}
+
+	block.Encrypt(x.fre, prefix[:blockSize])
+	prefix[blockSize] = x.fre[0] ^ randData[blockSize-2]
+	prefix[blockSize+1] = x.fre[1] ^ randData[blockSize-1]
+
+	if resync {
+		block.Encrypt(x.fre, prefix[2:])
+	} else {
+		x.fre[0] = prefix[blockSize]
+		x.fre[1] = prefix[blockSize+1]
+		x.outUsed = 2
+	}
+	return x, prefix
+}
+
+func (x *ocfbEncrypter) XORKeyStream(dst, src []byte) {
+	for i := 0; i < len(src); i++ {
+		if x.outUsed == len(x.fre) {
+			x.b.Encrypt(x.fre, x.fre)
+			x.outUsed = 0
+		}
+
+		x.fre[x.outUsed] ^= src[i]
+		dst[i] = x.fre[x.outUsed]
+		x.outUsed++
+	}
+}
+
+type ocfbDecrypter struct {
+	b       cipher.Block
+	fre     []byte
+	outUsed int
+}
+
+// NewOCFBDecrypter returns a cipher.Stream which decrypts data with OpenPGP's
+// cipher feedback mode using the given cipher.Block. Prefix must be the first
+// blockSize + 2 bytes of the ciphertext, where blockSize is the cipher.Block's
+// block size. On successful exit, blockSize+2 bytes of decrypted data are written into
+// prefix. Resync determines if the "resynchronization step" from RFC 4880,
+// 13.9 step 7 is performed. Different parts of OpenPGP vary on this point.
+func NewOCFBDecrypter(block cipher.Block, prefix []byte, resync OCFBResyncOption) cipher.Stream {
+	blockSize := block.BlockSize()
+	if len(prefix) != blockSize+2 {
+		return nil
+	}
+
+	x := &ocfbDecrypter{
+		b:       block,
+		fre:     make([]byte, blockSize),
+		outUsed: 0,
+	}
+	prefixCopy := make([]byte, len(prefix))
+	copy(prefixCopy, prefix)
+
+	block.Encrypt(x.fre, x.fre)
+	for i := 0; i < blockSize; i++ {
+		prefixCopy[i] ^= x.fre[i]
+	}
+
+	block.Encrypt(x.fre, prefix[:blockSize])
+	prefixCopy[blockSize] ^= x.fre[0]
+	prefixCopy[blockSize+1] ^= x.fre[1]
+
+	if resync {
+		block.Encrypt(x.fre, prefix[2:])
+	} else {
+		x.fre[0] = prefix[blockSize]
+		x.fre[1] = prefix[blockSize+1]
+		x.outUsed = 2
+	}
+	copy(prefix, prefixCopy)
+	return x
+}
+
+func (x *ocfbDecrypter) XORKeyStream(dst, src []byte) {
+	for i := 0; i < len(src); i++ {
+		if x.outUsed == len(x.fre) {
+			x.b.Encrypt(x.fre, x.fre)
+			x.outUsed = 0
+		}
+
+		c := src[i]
+		dst[i] = x.fre[x.outUsed] ^ src[i]
+		x.fre[x.outUsed] = c
+		x.outUsed++
+	}
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/one_pass_signature.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/one_pass_signature.go
new file mode 100644
index 0000000000..41c35de219
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/one_pass_signature.go
@@ -0,0 +1,73 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"crypto"
+	"encoding/binary"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/s2k"
+	"io"
+	"strconv"
+)
+
+// OnePassSignature represents a one-pass signature packet. See RFC 4880,
+// section 5.4.
+type OnePassSignature struct {
+	SigType    SignatureType
+	Hash       crypto.Hash
+	PubKeyAlgo PublicKeyAlgorithm
+	KeyId      uint64
+	IsLast     bool
+}
+
+const onePassSignatureVersion = 3
+
+func (ops *OnePassSignature) parse(r io.Reader) (err error) {
+	var buf [13]byte
+
+	_, err = readFull(r, buf[:])
+	if err != nil {
+		return
+	}
+	if buf[0] != onePassSignatureVersion {
+		err = errors.UnsupportedError("one-pass-signature packet version " + strconv.Itoa(int(buf[0])))
+	}
+
+	var ok bool
+	ops.Hash, ok = s2k.HashIdToHash(buf[2])
+	if !ok {
+		return errors.UnsupportedError("hash function: " + strconv.Itoa(int(buf[2])))
+	}
+
+	ops.SigType = SignatureType(buf[1])
+	ops.PubKeyAlgo = PublicKeyAlgorithm(buf[3])
+	ops.KeyId = binary.BigEndian.Uint64(buf[4:12])
+	ops.IsLast = buf[12] != 0
+	return
+}
+
+// Serialize marshals the given OnePassSignature to w.
+func (ops *OnePassSignature) Serialize(w io.Writer) error {
+	var buf [13]byte
+	buf[0] = onePassSignatureVersion
+	buf[1] = uint8(ops.SigType)
+	var ok bool
+	buf[2], ok = s2k.HashToHashId(ops.Hash)
+	if !ok {
+		return errors.UnsupportedError("hash type: " + strconv.Itoa(int(ops.Hash)))
+	}
+	buf[3] = uint8(ops.PubKeyAlgo)
+	binary.BigEndian.PutUint64(buf[4:12], ops.KeyId)
+	if ops.IsLast {
+		buf[12] = 1
+	}
+
+	if err := serializeHeader(w, packetTypeOnePassSignature, len(buf)); err != nil {
+		return err
+	}
+	_, err := w.Write(buf[:])
+	return err
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/opaque.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/opaque.go
new file mode 100644
index 0000000000..e3879199e6
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/opaque.go
@@ -0,0 +1,162 @@
+// Copyright 2012 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"bytes"
+	"io"
+	"io/ioutil"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+)
+
+// OpaquePacket represents an OpenPGP packet as raw, unparsed data. This is
+// useful for splitting and storing the original packet contents separately,
+// handling unsupported packet types or accessing parts of the packet not yet
+// implemented by this package.
+type OpaquePacket struct {
+	// Packet type
+	Tag uint8
+	// Reason why the packet was parsed opaquely
+	Reason error
+	// Binary contents of the packet data
+	Contents []byte
+}
+
+func (op *OpaquePacket) parse(r io.Reader) (err error) {
+	op.Contents, err = ioutil.ReadAll(r)
+	return
+}
+
+// Serialize marshals the packet to a writer in its original form, including
+// the packet header.
+func (op *OpaquePacket) Serialize(w io.Writer) (err error) {
+	err = serializeHeader(w, packetType(op.Tag), len(op.Contents))
+	if err == nil {
+		_, err = w.Write(op.Contents)
+	}
+	return
+}
+
+// Parse attempts to parse the opaque contents into a structure supported by
+// this package. If the packet is not known then the result will be another
+// OpaquePacket.
+func (op *OpaquePacket) Parse() (p Packet, err error) {
+	hdr := bytes.NewBuffer(nil)
+	err = serializeHeader(hdr, packetType(op.Tag), len(op.Contents))
+	if err != nil {
+		op.Reason = err
+		return op, err
+	}
+	p, err = Read(io.MultiReader(hdr, bytes.NewBuffer(op.Contents)))
+	if err != nil {
+		op.Reason = err
+		p = op
+	}
+	return
+}
+
+// OpaqueReader reads OpaquePackets from an io.Reader.
+type OpaqueReader struct {
+	r io.Reader
+}
+
+func NewOpaqueReader(r io.Reader) *OpaqueReader {
+	return &OpaqueReader{r: r}
+}
+
+// Read the next OpaquePacket.
+func (or *OpaqueReader) Next() (op *OpaquePacket, err error) {
+	tag, _, contents, err := readHeader(or.r)
+	if err != nil {
+		return
+	}
+	op = &OpaquePacket{Tag: uint8(tag), Reason: err}
+	err = op.parse(contents)
+	if err != nil {
+		consumeAll(contents)
+	}
+	return
+}
+
+// OpaqueSubpacket represents an unparsed OpenPGP subpacket,
+// as found in signature and user attribute packets.
+type OpaqueSubpacket struct {
+	SubType  uint8
+	Contents []byte
+}
+
+// OpaqueSubpackets extracts opaque, unparsed OpenPGP subpackets from
+// their byte representation.
+func OpaqueSubpackets(contents []byte) (result []*OpaqueSubpacket, err error) {
+	var (
+		subHeaderLen int
+		subPacket    *OpaqueSubpacket
+	)
+	for len(contents) > 0 {
+		subHeaderLen, subPacket, err = nextSubpacket(contents)
+		if err != nil {
+			break
+		}
+		result = append(result, subPacket)
+		contents = contents[subHeaderLen+len(subPacket.Contents):]
+	}
+	return
+}
+
+func nextSubpacket(contents []byte) (subHeaderLen int, subPacket *OpaqueSubpacket, err error) {
+	// RFC 4880, section 5.2.3.1
+	var subLen uint32
+	if len(contents) < 1 {
+		goto Truncated
+	}
+	subPacket = &OpaqueSubpacket{}
+	switch {
+	case contents[0] < 192:
+		subHeaderLen = 2 // 1 length byte, 1 subtype byte
+		if len(contents) < subHeaderLen {
+			goto Truncated
+		}
+		subLen = uint32(contents[0])
+		contents = contents[1:]
+	case contents[0] < 255:
+		subHeaderLen = 3 // 2 length bytes, 1 subtype
+		if len(contents) < subHeaderLen {
+			goto Truncated
+		}
+		subLen = uint32(contents[0]-192)<<8 + uint32(contents[1]) + 192
+		contents = contents[2:]
+	default:
+		subHeaderLen = 6 // 5 length bytes, 1 subtype
+		if len(contents) < subHeaderLen {
+			goto Truncated
+		}
+		subLen = uint32(contents[1])<<24 |
+			uint32(contents[2])<<16 |
+			uint32(contents[3])<<8 |
+			uint32(contents[4])
+		contents = contents[5:]
+	}
+	if subLen > uint32(len(contents)) || subLen == 0 {
+		goto Truncated
+	}
+	subPacket.SubType = contents[0]
+	subPacket.Contents = contents[1:subLen]
+	return
+Truncated:
+	err = errors.StructuralError("subpacket truncated")
+	return
+}
+
+func (osp *OpaqueSubpacket) Serialize(w io.Writer) (err error) {
+	buf := make([]byte, 6)
+	n := serializeSubpacketLength(buf, len(osp.Contents)+1)
+	buf[n] = osp.SubType
+	if _, err = w.Write(buf[:n+1]); err != nil {
+		return
+	}
+	_, err = w.Write(osp.Contents)
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet.go
new file mode 100644
index 0000000000..fe0da9d368
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/packet.go
@@ -0,0 +1,522 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package packet implements parsing and serialization of OpenPGP packets, as
+// specified in RFC 4880.
+package packet // import "github.com/ProtonMail/go-crypto/openpgp/packet"
+
+import (
+	"bytes"
+	"crypto/cipher"
+	"crypto/rsa"
+	"io"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
+)
+
+// readFull is the same as io.ReadFull except that reading zero bytes returns
+// ErrUnexpectedEOF rather than EOF.
+func readFull(r io.Reader, buf []byte) (n int, err error) {
+	n, err = io.ReadFull(r, buf)
+	if err == io.EOF {
+		err = io.ErrUnexpectedEOF
+	}
+	return
+}
+
+// readLength reads an OpenPGP length from r. See RFC 4880, section 4.2.2.
+func readLength(r io.Reader) (length int64, isPartial bool, err error) {
+	var buf [4]byte
+	_, err = readFull(r, buf[:1])
+	if err != nil {
+		return
+	}
+	switch {
+	case buf[0] < 192:
+		length = int64(buf[0])
+	case buf[0] < 224:
+		length = int64(buf[0]-192) << 8
+		_, err = readFull(r, buf[0:1])
+		if err != nil {
+			return
+		}
+		length += int64(buf[0]) + 192
+	case buf[0] < 255:
+		length = int64(1) << (buf[0] & 0x1f)
+		isPartial = true
+	default:
+		_, err = readFull(r, buf[0:4])
+		if err != nil {
+			return
+		}
+		length = int64(buf[0])<<24 |
+			int64(buf[1])<<16 |
+			int64(buf[2])<<8 |
+			int64(buf[3])
+	}
+	return
+}
+
+// partialLengthReader wraps an io.Reader and handles OpenPGP partial lengths.
+// The continuation lengths are parsed and removed from the stream and EOF is
+// returned at the end of the packet. See RFC 4880, section 4.2.2.4.
+type partialLengthReader struct {
+	r         io.Reader
+	remaining int64
+	isPartial bool
+}
+
+func (r *partialLengthReader) Read(p []byte) (n int, err error) {
+	for r.remaining == 0 {
+		if !r.isPartial {
+			return 0, io.EOF
+		}
+		r.remaining, r.isPartial, err = readLength(r.r)
+		if err != nil {
+			return 0, err
+		}
+	}
+
+	toRead := int64(len(p))
+	if toRead > r.remaining {
+		toRead = r.remaining
+	}
+
+	n, err = r.r.Read(p[:int(toRead)])
+	r.remaining -= int64(n)
+	if n < int(toRead) && err == io.EOF {
+		err = io.ErrUnexpectedEOF
+	}
+	return
+}
+
+// partialLengthWriter writes a stream of data using OpenPGP partial lengths.
+// See RFC 4880, section 4.2.2.4.
+type partialLengthWriter struct {
+	w          io.WriteCloser
+	buf        bytes.Buffer
+	lengthByte [1]byte
+}
+
+func (w *partialLengthWriter) Write(p []byte) (n int, err error) {
+	bufLen := w.buf.Len()
+	if bufLen > 512 {
+		for power := uint(30); ; power-- {
+			l := 1 << power
+			if bufLen >= l {
+				w.lengthByte[0] = 224 + uint8(power)
+				_, err = w.w.Write(w.lengthByte[:])
+				if err != nil {
+					return
+				}
+				var m int
+				m, err = w.w.Write(w.buf.Next(l))
+				if err != nil {
+					return
+				}
+				if m != l {
+					return 0, io.ErrShortWrite
+				}
+				break
+			}
+		}
+	}
+	return w.buf.Write(p)
+}
+
+func (w *partialLengthWriter) Close() (err error) {
+	len := w.buf.Len()
+	err = serializeLength(w.w, len)
+	if err != nil {
+		return err
+	}
+	_, err = w.buf.WriteTo(w.w)
+	if err != nil {
+		return err
+	}
+	return w.w.Close()
+}
+
+// A spanReader is an io.LimitReader, but it returns ErrUnexpectedEOF if the
+// underlying Reader returns EOF before the limit has been reached.
+type spanReader struct {
+	r io.Reader
+	n int64
+}
+
+func (l *spanReader) Read(p []byte) (n int, err error) {
+	if l.n <= 0 {
+		return 0, io.EOF
+	}
+	if int64(len(p)) > l.n {
+		p = p[0:l.n]
+	}
+	n, err = l.r.Read(p)
+	l.n -= int64(n)
+	if l.n > 0 && err == io.EOF {
+		err = io.ErrUnexpectedEOF
+	}
+	return
+}
+
+// readHeader parses a packet header and returns an io.Reader which will return
+// the contents of the packet. See RFC 4880, section 4.2.
+func readHeader(r io.Reader) (tag packetType, length int64, contents io.Reader, err error) {
+	var buf [4]byte
+	_, err = io.ReadFull(r, buf[:1])
+	if err != nil {
+		return
+	}
+	if buf[0]&0x80 == 0 {
+		err = errors.StructuralError("tag byte does not have MSB set")
+		return
+	}
+	if buf[0]&0x40 == 0 {
+		// Old format packet
+		tag = packetType((buf[0] & 0x3f) >> 2)
+		lengthType := buf[0] & 3
+		if lengthType == 3 {
+			length = -1
+			contents = r
+			return
+		}
+		lengthBytes := 1 << lengthType
+		_, err = readFull(r, buf[0:lengthBytes])
+		if err != nil {
+			return
+		}
+		for i := 0; i < lengthBytes; i++ {
+			length <<= 8
+			length |= int64(buf[i])
+		}
+		contents = &spanReader{r, length}
+		return
+	}
+
+	// New format packet
+	tag = packetType(buf[0] & 0x3f)
+	length, isPartial, err := readLength(r)
+	if err != nil {
+		return
+	}
+	if isPartial {
+		contents = &partialLengthReader{
+			remaining: length,
+			isPartial: true,
+			r:         r,
+		}
+		length = -1
+	} else {
+		contents = &spanReader{r, length}
+	}
+	return
+}
+
+// serializeHeader writes an OpenPGP packet header to w. See RFC 4880, section
+// 4.2.
+func serializeHeader(w io.Writer, ptype packetType, length int) (err error) {
+	err = serializeType(w, ptype)
+	if err != nil {
+		return
+	}
+	return serializeLength(w, length)
+}
+
+// serializeType writes an OpenPGP packet type to w. See RFC 4880, section
+// 4.2.
+func serializeType(w io.Writer, ptype packetType) (err error) {
+	var buf [1]byte
+	buf[0] = 0x80 | 0x40 | byte(ptype)
+	_, err = w.Write(buf[:])
+	return
+}
+
+// serializeLength writes an OpenPGP packet length to w. See RFC 4880, section
+// 4.2.2.
+func serializeLength(w io.Writer, length int) (err error) {
+	var buf [5]byte
+	var n int
+
+	if length < 192 {
+		buf[0] = byte(length)
+		n = 1
+	} else if length < 8384 {
+		length -= 192
+		buf[0] = 192 + byte(length>>8)
+		buf[1] = byte(length)
+		n = 2
+	} else {
+		buf[0] = 255
+		buf[1] = byte(length >> 24)
+		buf[2] = byte(length >> 16)
+		buf[3] = byte(length >> 8)
+		buf[4] = byte(length)
+		n = 5
+	}
+
+	_, err = w.Write(buf[:n])
+	return
+}
+
+// serializeStreamHeader writes an OpenPGP packet header to w where the
+// length of the packet is unknown. It returns a io.WriteCloser which can be
+// used to write the contents of the packet. See RFC 4880, section 4.2.
+func serializeStreamHeader(w io.WriteCloser, ptype packetType) (out io.WriteCloser, err error) {
+	err = serializeType(w, ptype)
+	if err != nil {
+		return
+	}
+	out = &partialLengthWriter{w: w}
+	return
+}
+
+// Packet represents an OpenPGP packet. Users are expected to try casting
+// instances of this interface to specific packet types.
+type Packet interface {
+	parse(io.Reader) error
+}
+
+// consumeAll reads from the given Reader until error, returning the number of
+// bytes read.
+func consumeAll(r io.Reader) (n int64, err error) {
+	var m int
+	var buf [1024]byte
+
+	for {
+		m, err = r.Read(buf[:])
+		n += int64(m)
+		if err == io.EOF {
+			err = nil
+			return
+		}
+		if err != nil {
+			return
+		}
+	}
+}
+
+// packetType represents the numeric ids of the different OpenPGP packet types. See
+// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-2
+type packetType uint8
+
+const (
+	packetTypeEncryptedKey              packetType = 1
+	packetTypeSignature                 packetType = 2
+	packetTypeSymmetricKeyEncrypted     packetType = 3
+	packetTypeOnePassSignature          packetType = 4
+	packetTypePrivateKey                packetType = 5
+	packetTypePublicKey                 packetType = 6
+	packetTypePrivateSubkey             packetType = 7
+	packetTypeCompressed                packetType = 8
+	packetTypeSymmetricallyEncrypted    packetType = 9
+	packetTypeLiteralData               packetType = 11
+	packetTypeUserId                    packetType = 13
+	packetTypePublicSubkey              packetType = 14
+	packetTypeUserAttribute             packetType = 17
+	packetTypeSymmetricallyEncryptedMDC packetType = 18
+	packetTypeAEADEncrypted             packetType = 20
+)
+
+// EncryptedDataPacket holds encrypted data. It is currently implemented by
+// SymmetricallyEncrypted and AEADEncrypted.
+type EncryptedDataPacket interface {
+	Decrypt(CipherFunction, []byte) (io.ReadCloser, error)
+}
+
+// Read reads a single OpenPGP packet from the given io.Reader. If there is an
+// error parsing a packet, the whole packet is consumed from the input.
+func Read(r io.Reader) (p Packet, err error) {
+	tag, _, contents, err := readHeader(r)
+	if err != nil {
+		return
+	}
+
+	switch tag {
+	case packetTypeEncryptedKey:
+		p = new(EncryptedKey)
+	case packetTypeSignature:
+		p = new(Signature)
+	case packetTypeSymmetricKeyEncrypted:
+		p = new(SymmetricKeyEncrypted)
+	case packetTypeOnePassSignature:
+		p = new(OnePassSignature)
+	case packetTypePrivateKey, packetTypePrivateSubkey:
+		pk := new(PrivateKey)
+		if tag == packetTypePrivateSubkey {
+			pk.IsSubkey = true
+		}
+		p = pk
+	case packetTypePublicKey, packetTypePublicSubkey:
+		isSubkey := tag == packetTypePublicSubkey
+		p = &PublicKey{IsSubkey: isSubkey}
+	case packetTypeCompressed:
+		p = new(Compressed)
+	case packetTypeSymmetricallyEncrypted:
+		err = errors.UnsupportedError("Symmetrically encrypted packets without MDC are not supported")
+	case packetTypeLiteralData:
+		p = new(LiteralData)
+	case packetTypeUserId:
+		p = new(UserId)
+	case packetTypeUserAttribute:
+		p = new(UserAttribute)
+	case packetTypeSymmetricallyEncryptedMDC:
+		se := new(SymmetricallyEncrypted)
+		se.MDC = true
+		p = se
+	case packetTypeAEADEncrypted:
+		p = new(AEADEncrypted)
+	default:
+		err = errors.UnknownPacketTypeError(tag)
+	}
+	if p != nil {
+		err = p.parse(contents)
+	}
+	if err != nil {
+		consumeAll(contents)
+	}
+	return
+}
+
+// SignatureType represents the different semantic meanings of an OpenPGP
+// signature. See RFC 4880, section 5.2.1.
+type SignatureType uint8
+
+const (
+	SigTypeBinary            SignatureType = 0x00
+	SigTypeText                            = 0x01
+	SigTypeGenericCert                     = 0x10
+	SigTypePersonaCert                     = 0x11
+	SigTypeCasualCert                      = 0x12
+	SigTypePositiveCert                    = 0x13
+	SigTypeSubkeyBinding                   = 0x18
+	SigTypePrimaryKeyBinding               = 0x19
+	SigTypeDirectSignature                 = 0x1F
+	SigTypeKeyRevocation                   = 0x20
+	SigTypeSubkeyRevocation                = 0x28
+)
+
+// PublicKeyAlgorithm represents the different public key system specified for
+// OpenPGP. See
+// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-12
+type PublicKeyAlgorithm uint8
+
+const (
+	PubKeyAlgoRSA     PublicKeyAlgorithm = 1
+	PubKeyAlgoElGamal PublicKeyAlgorithm = 16
+	PubKeyAlgoDSA     PublicKeyAlgorithm = 17
+	// RFC 6637, Section 5.
+	PubKeyAlgoECDH  PublicKeyAlgorithm = 18
+	PubKeyAlgoECDSA PublicKeyAlgorithm = 19
+	// https://www.ietf.org/archive/id/draft-koch-eddsa-for-openpgp-04.txt
+	PubKeyAlgoEdDSA PublicKeyAlgorithm = 22
+
+	// Deprecated in RFC 4880, Section 13.5. Use key flags instead.
+	PubKeyAlgoRSAEncryptOnly PublicKeyAlgorithm = 2
+	PubKeyAlgoRSASignOnly    PublicKeyAlgorithm = 3
+)
+
+// CanEncrypt returns true if it's possible to encrypt a message to a public
+// key of the given type.
+func (pka PublicKeyAlgorithm) CanEncrypt() bool {
+	switch pka {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoElGamal, PubKeyAlgoECDH:
+		return true
+	}
+	return false
+}
+
+// CanSign returns true if it's possible for a public key of the given type to
+// sign a message.
+func (pka PublicKeyAlgorithm) CanSign() bool {
+	switch pka {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoDSA, PubKeyAlgoECDSA, PubKeyAlgoEdDSA:
+		return true
+	}
+	return false
+}
+
+// CipherFunction represents the different block ciphers specified for OpenPGP. See
+// http://www.iana.org/assignments/pgp-parameters/pgp-parameters.xhtml#pgp-parameters-13
+type CipherFunction algorithm.CipherFunction
+
+const (
+	Cipher3DES   CipherFunction = 2
+	CipherCAST5  CipherFunction = 3
+	CipherAES128 CipherFunction = 7
+	CipherAES192 CipherFunction = 8
+	CipherAES256 CipherFunction = 9
+)
+
+// KeySize returns the key size, in bytes, of cipher.
+func (cipher CipherFunction) KeySize() int {
+	return algorithm.CipherFunction(cipher).KeySize()
+}
+
+// blockSize returns the block size, in bytes, of cipher.
+func (cipher CipherFunction) blockSize() int {
+	return algorithm.CipherFunction(cipher).BlockSize()
+}
+
+// new returns a fresh instance of the given cipher.
+func (cipher CipherFunction) new(key []byte) (block cipher.Block) {
+	return algorithm.CipherFunction(cipher).New(key)
+}
+
+// padToKeySize left-pads a MPI with zeroes to match the length of the
+// specified RSA public.
+func padToKeySize(pub *rsa.PublicKey, b []byte) []byte {
+	k := (pub.N.BitLen() + 7) / 8
+	if len(b) >= k {
+		return b
+	}
+	bb := make([]byte, k)
+	copy(bb[len(bb)-len(b):], b)
+	return bb
+}
+
+// CompressionAlgo Represents the different compression algorithms
+// supported by OpenPGP (except for BZIP2, which is not currently
+// supported). See Section 9.3 of RFC 4880.
+type CompressionAlgo uint8
+
+const (
+	CompressionNone CompressionAlgo = 0
+	CompressionZIP  CompressionAlgo = 1
+	CompressionZLIB CompressionAlgo = 2
+)
+
+// AEADMode represents the different Authenticated Encryption with Associated
+// Data specified for OpenPGP.
+type AEADMode algorithm.AEADMode
+
+const (
+	AEADModeEAX             AEADMode = 1
+	AEADModeOCB             AEADMode = 2
+	AEADModeExperimentalGCM AEADMode = 100
+)
+
+func (mode AEADMode) NonceLength() int {
+	return algorithm.AEADMode(mode).NonceLength()
+}
+
+func (mode AEADMode) TagLength() int {
+	return algorithm.AEADMode(mode).TagLength()
+}
+
+// new returns a fresh instance of the given mode.
+func (mode AEADMode) new(block cipher.Block) cipher.AEAD {
+	return algorithm.AEADMode(mode).New(block)
+}
+
+// ReasonForRevocation represents a revocation reason code as per RFC4880
+// section 5.2.3.23.
+type ReasonForRevocation uint8
+
+const (
+	NoReason       ReasonForRevocation = 0
+	KeySuperseded  ReasonForRevocation = 1
+	KeyCompromised ReasonForRevocation = 2
+	KeyRetired     ReasonForRevocation = 3
+)
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key.go
new file mode 100644
index 0000000000..854f9c4bbb
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key.go
@@ -0,0 +1,780 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"bytes"
+	"crypto"
+	"crypto/cipher"
+	"crypto/dsa"
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rand"
+	"crypto/rsa"
+	"crypto/sha1"
+	"fmt"
+	"io"
+	"io/ioutil"
+	"math/big"
+	"strconv"
+	"time"
+
+	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
+	"golang.org/x/crypto/curve25519"
+
+	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
+	"github.com/ProtonMail/go-crypto/openpgp/elgamal"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
+	"github.com/ProtonMail/go-crypto/openpgp/s2k"
+	"golang.org/x/crypto/ed25519"
+)
+
+// PrivateKey represents a possibly encrypted private key. See RFC 4880,
+// section 5.5.3.
+type PrivateKey struct {
+	PublicKey
+	Encrypted     bool // if true then the private key is unavailable until Decrypt has been called.
+	encryptedData []byte
+	cipher        CipherFunction
+	s2k           func(out, in []byte)
+	// An *{rsa|dsa|elgamal|ecdh|ecdsa|ed25519}.PrivateKey or
+	// crypto.Signer/crypto.Decrypter (Decryptor RSA only).
+	PrivateKey   interface{}
+	sha1Checksum bool
+	iv           []byte
+
+	// Type of encryption of the S2K packet
+	// Allowed values are 0 (Not encrypted), 254 (SHA1), or
+	// 255 (2-byte checksum)
+	s2kType S2KType
+	// Full parameters of the S2K packet
+	s2kParams *s2k.Params
+}
+
+//S2KType s2k packet type
+type S2KType uint8
+
+const (
+	// S2KNON unencrypt
+	S2KNON S2KType = 0
+	// S2KSHA1 sha1 sum check
+	S2KSHA1 S2KType = 254
+	// S2KCHECKSUM sum check
+	S2KCHECKSUM S2KType = 255
+)
+
+func NewRSAPrivateKey(creationTime time.Time, priv *rsa.PrivateKey) *PrivateKey {
+	pk := new(PrivateKey)
+	pk.PublicKey = *NewRSAPublicKey(creationTime, &priv.PublicKey)
+	pk.PrivateKey = priv
+	return pk
+}
+
+func NewDSAPrivateKey(creationTime time.Time, priv *dsa.PrivateKey) *PrivateKey {
+	pk := new(PrivateKey)
+	pk.PublicKey = *NewDSAPublicKey(creationTime, &priv.PublicKey)
+	pk.PrivateKey = priv
+	return pk
+}
+
+func NewElGamalPrivateKey(creationTime time.Time, priv *elgamal.PrivateKey) *PrivateKey {
+	pk := new(PrivateKey)
+	pk.PublicKey = *NewElGamalPublicKey(creationTime, &priv.PublicKey)
+	pk.PrivateKey = priv
+	return pk
+}
+
+func NewECDSAPrivateKey(creationTime time.Time, priv *ecdsa.PrivateKey) *PrivateKey {
+	pk := new(PrivateKey)
+	pk.PublicKey = *NewECDSAPublicKey(creationTime, &priv.PublicKey)
+	pk.PrivateKey = priv
+	return pk
+}
+
+func NewEdDSAPrivateKey(creationTime time.Time, priv *ed25519.PrivateKey) *PrivateKey {
+	pk := new(PrivateKey)
+	pub := priv.Public().(ed25519.PublicKey)
+	pk.PublicKey = *NewEdDSAPublicKey(creationTime, &pub)
+	pk.PrivateKey = priv
+	return pk
+}
+
+func NewECDHPrivateKey(creationTime time.Time, priv *ecdh.PrivateKey) *PrivateKey {
+	pk := new(PrivateKey)
+	pk.PublicKey = *NewECDHPublicKey(creationTime, &priv.PublicKey)
+	pk.PrivateKey = priv
+	return pk
+}
+
+// NewSignerPrivateKey creates a PrivateKey from a crypto.Signer that
+// implements RSA, ECDSA or EdDSA.
+func NewSignerPrivateKey(creationTime time.Time, signer crypto.Signer) *PrivateKey {
+	pk := new(PrivateKey)
+	// In general, the public Keys should be used as pointers. We still
+	// type-switch on the values, for backwards-compatibility.
+	switch pubkey := signer.Public().(type) {
+	case *rsa.PublicKey:
+		pk.PublicKey = *NewRSAPublicKey(creationTime, pubkey)
+	case rsa.PublicKey:
+		pk.PublicKey = *NewRSAPublicKey(creationTime, &pubkey)
+	case *ecdsa.PublicKey:
+		pk.PublicKey = *NewECDSAPublicKey(creationTime, pubkey)
+	case ecdsa.PublicKey:
+		pk.PublicKey = *NewECDSAPublicKey(creationTime, &pubkey)
+	case *ed25519.PublicKey:
+		pk.PublicKey = *NewEdDSAPublicKey(creationTime, pubkey)
+	case ed25519.PublicKey:
+		pk.PublicKey = *NewEdDSAPublicKey(creationTime, &pubkey)
+	default:
+		panic("openpgp: unknown crypto.Signer type in NewSignerPrivateKey")
+	}
+	pk.PrivateKey = signer
+	return pk
+}
+
+// NewDecrypterPrivateKey creates a PrivateKey from a *{rsa|elgamal|ecdh}.PrivateKey.
+func NewDecrypterPrivateKey(creationTime time.Time, decrypter interface{}) *PrivateKey {
+	pk := new(PrivateKey)
+	switch priv := decrypter.(type) {
+	case *rsa.PrivateKey:
+		pk.PublicKey = *NewRSAPublicKey(creationTime, &priv.PublicKey)
+	case *elgamal.PrivateKey:
+		pk.PublicKey = *NewElGamalPublicKey(creationTime, &priv.PublicKey)
+	case *ecdh.PrivateKey:
+		pk.PublicKey = *NewECDHPublicKey(creationTime, &priv.PublicKey)
+	default:
+		panic("openpgp: unknown decrypter type in NewDecrypterPrivateKey")
+	}
+	pk.PrivateKey = decrypter
+	return pk
+}
+
+func (pk *PrivateKey) parse(r io.Reader) (err error) {
+	err = (&pk.PublicKey).parse(r)
+	if err != nil {
+		return
+	}
+	v5 := pk.PublicKey.Version == 5
+
+	var buf [1]byte
+	_, err = readFull(r, buf[:])
+	if err != nil {
+		return
+	}
+	pk.s2kType = S2KType(buf[0])
+	var optCount [1]byte
+	if v5 {
+		if _, err = readFull(r, optCount[:]); err != nil {
+			return
+		}
+	}
+
+	switch pk.s2kType {
+	case S2KNON:
+		pk.s2k = nil
+		pk.Encrypted = false
+	case S2KSHA1, S2KCHECKSUM:
+		if v5 && pk.s2kType == S2KCHECKSUM {
+			return errors.StructuralError("wrong s2k identifier for version 5")
+		}
+		_, err = readFull(r, buf[:])
+		if err != nil {
+			return
+		}
+		pk.cipher = CipherFunction(buf[0])
+		pk.s2kParams, err = s2k.ParseIntoParams(r)
+		if err != nil {
+			return
+		}
+		if pk.s2kParams.Dummy() {
+			return
+		}
+		pk.s2k, err = pk.s2kParams.Function()
+		if err != nil {
+			return
+		}
+		pk.Encrypted = true
+		if pk.s2kType == S2KSHA1 {
+			pk.sha1Checksum = true
+		}
+	default:
+		return errors.UnsupportedError("deprecated s2k function in private key")
+	}
+
+	if pk.Encrypted {
+		blockSize := pk.cipher.blockSize()
+		if blockSize == 0 {
+			return errors.UnsupportedError("unsupported cipher in private key: " + strconv.Itoa(int(pk.cipher)))
+		}
+		pk.iv = make([]byte, blockSize)
+		_, err = readFull(r, pk.iv)
+		if err != nil {
+			return
+		}
+	}
+
+	var privateKeyData []byte
+	if v5 {
+		var n [4]byte /* secret material four octet count */
+		_, err = readFull(r, n[:])
+		if err != nil {
+			return
+		}
+		count := uint32(uint32(n[0])<<24 | uint32(n[1])<<16 | uint32(n[2])<<8 | uint32(n[3]))
+		if !pk.Encrypted {
+			count = count + 2 /* two octet checksum */
+		}
+		privateKeyData = make([]byte, count)
+		_, err = readFull(r, privateKeyData)
+		if err != nil {
+			return
+		}
+	} else {
+		privateKeyData, err = ioutil.ReadAll(r)
+		if err != nil {
+			return
+		}
+	}
+	if !pk.Encrypted {
+		return pk.parsePrivateKey(privateKeyData)
+	}
+
+	pk.encryptedData = privateKeyData
+	return
+}
+
+// Dummy returns true if the private key is a dummy key. This is a GNU extension.
+func (pk *PrivateKey) Dummy() bool {
+	return pk.s2kParams.Dummy()
+}
+
+func mod64kHash(d []byte) uint16 {
+	var h uint16
+	for _, b := range d {
+		h += uint16(b)
+	}
+	return h
+}
+
+func (pk *PrivateKey) Serialize(w io.Writer) (err error) {
+	contents := bytes.NewBuffer(nil)
+	err = pk.PublicKey.serializeWithoutHeaders(contents)
+	if err != nil {
+		return
+	}
+	if _, err = contents.Write([]byte{uint8(pk.s2kType)}); err != nil {
+		return
+	}
+
+	optional := bytes.NewBuffer(nil)
+	if pk.Encrypted || pk.Dummy() {
+		optional.Write([]byte{uint8(pk.cipher)})
+		if err := pk.s2kParams.Serialize(optional); err != nil {
+			return err
+		}
+		if pk.Encrypted {
+			optional.Write(pk.iv)
+		}
+	}
+	if pk.Version == 5 {
+		contents.Write([]byte{uint8(optional.Len())})
+	}
+	io.Copy(contents, optional)
+
+	if !pk.Dummy() {
+		l := 0
+		var priv []byte
+		if !pk.Encrypted {
+			buf := bytes.NewBuffer(nil)
+			err = pk.serializePrivateKey(buf)
+			if err != nil {
+				return err
+			}
+			l = buf.Len()
+			if pk.sha1Checksum {
+				h := sha1.New()
+				h.Write(buf.Bytes())
+				buf.Write(h.Sum(nil))
+			} else {
+				checksum := mod64kHash(buf.Bytes())
+				buf.Write([]byte{byte(checksum >> 8), byte(checksum)})
+			}
+			priv = buf.Bytes()
+		} else {
+			priv, l = pk.encryptedData, len(pk.encryptedData)
+		}
+
+		if pk.Version == 5 {
+			contents.Write([]byte{byte(l >> 24), byte(l >> 16), byte(l >> 8), byte(l)})
+		}
+		contents.Write(priv)
+	}
+
+	ptype := packetTypePrivateKey
+	if pk.IsSubkey {
+		ptype = packetTypePrivateSubkey
+	}
+	err = serializeHeader(w, ptype, contents.Len())
+	if err != nil {
+		return
+	}
+	_, err = io.Copy(w, contents)
+	if err != nil {
+		return
+	}
+	return
+}
+
+func serializeRSAPrivateKey(w io.Writer, priv *rsa.PrivateKey) error {
+	if _, err := w.Write(new(encoding.MPI).SetBig(priv.D).EncodedBytes()); err != nil {
+		return err
+	}
+	if _, err := w.Write(new(encoding.MPI).SetBig(priv.Primes[1]).EncodedBytes()); err != nil {
+		return err
+	}
+	if _, err := w.Write(new(encoding.MPI).SetBig(priv.Primes[0]).EncodedBytes()); err != nil {
+		return err
+	}
+	_, err := w.Write(new(encoding.MPI).SetBig(priv.Precomputed.Qinv).EncodedBytes())
+	return err
+}
+
+func serializeDSAPrivateKey(w io.Writer, priv *dsa.PrivateKey) error {
+	_, err := w.Write(new(encoding.MPI).SetBig(priv.X).EncodedBytes())
+	return err
+}
+
+func serializeElGamalPrivateKey(w io.Writer, priv *elgamal.PrivateKey) error {
+	_, err := w.Write(new(encoding.MPI).SetBig(priv.X).EncodedBytes())
+	return err
+}
+
+func serializeECDSAPrivateKey(w io.Writer, priv *ecdsa.PrivateKey) error {
+	_, err := w.Write(new(encoding.MPI).SetBig(priv.D).EncodedBytes())
+	return err
+}
+
+func serializeEdDSAPrivateKey(w io.Writer, priv *ed25519.PrivateKey) error {
+	keySize := ed25519.PrivateKeySize - ed25519.PublicKeySize
+	_, err := w.Write(encoding.NewMPI((*priv)[:keySize]).EncodedBytes())
+	return err
+}
+
+func serializeECDHPrivateKey(w io.Writer, priv *ecdh.PrivateKey) error {
+	_, err := w.Write(encoding.NewMPI(priv.D).EncodedBytes())
+	return err
+}
+
+// Decrypt decrypts an encrypted private key using a passphrase.
+func (pk *PrivateKey) Decrypt(passphrase []byte) error {
+	if pk.Dummy() {
+		return errors.ErrDummyPrivateKey("dummy key found")
+	}
+	if !pk.Encrypted {
+		return nil
+	}
+
+	key := make([]byte, pk.cipher.KeySize())
+	pk.s2k(key, passphrase)
+	block := pk.cipher.new(key)
+	cfb := cipher.NewCFBDecrypter(block, pk.iv)
+
+	data := make([]byte, len(pk.encryptedData))
+	cfb.XORKeyStream(data, pk.encryptedData)
+
+	if pk.sha1Checksum {
+		if len(data) < sha1.Size {
+			return errors.StructuralError("truncated private key data")
+		}
+		h := sha1.New()
+		h.Write(data[:len(data)-sha1.Size])
+		sum := h.Sum(nil)
+		if !bytes.Equal(sum, data[len(data)-sha1.Size:]) {
+			return errors.StructuralError("private key checksum failure")
+		}
+		data = data[:len(data)-sha1.Size]
+	} else {
+		if len(data) < 2 {
+			return errors.StructuralError("truncated private key data")
+		}
+		var sum uint16
+		for i := 0; i < len(data)-2; i++ {
+			sum += uint16(data[i])
+		}
+		if data[len(data)-2] != uint8(sum>>8) ||
+			data[len(data)-1] != uint8(sum) {
+			return errors.StructuralError("private key checksum failure")
+		}
+		data = data[:len(data)-2]
+	}
+
+	err := pk.parsePrivateKey(data)
+	if _, ok := err.(errors.KeyInvalidError); ok {
+		return errors.KeyInvalidError("invalid key parameters")
+	}
+	if err != nil {
+		return err
+	}
+
+	// Mark key as unencrypted
+	pk.s2kType = S2KNON
+	pk.s2k = nil
+	pk.Encrypted = false
+	pk.encryptedData = nil
+
+	return nil
+}
+
+// Encrypt encrypts an unencrypted private key using a passphrase.
+func (pk *PrivateKey) Encrypt(passphrase []byte) error {
+	priv := bytes.NewBuffer(nil)
+	err := pk.serializePrivateKey(priv)
+	if err != nil {
+		return err
+	}
+
+	//Default config of private key encryption
+	pk.cipher = CipherAES256
+	s2kConfig := &s2k.Config{
+		S2KMode:  3, //Iterated
+		S2KCount: 65536,
+		Hash:     crypto.SHA256,
+	}
+
+	pk.s2kParams, err = s2k.Generate(rand.Reader, s2kConfig)
+	if err != nil {
+		return err
+	}
+	privateKeyBytes := priv.Bytes()
+	key := make([]byte, pk.cipher.KeySize())
+
+	pk.sha1Checksum = true
+	pk.s2k, err = pk.s2kParams.Function()
+	if err != nil {
+		return err
+	}
+	pk.s2k(key, passphrase)
+	block := pk.cipher.new(key)
+	pk.iv = make([]byte, pk.cipher.blockSize())
+	_, err = rand.Read(pk.iv)
+	if err != nil {
+		return err
+	}
+	cfb := cipher.NewCFBEncrypter(block, pk.iv)
+
+	if pk.sha1Checksum {
+		pk.s2kType = S2KSHA1
+		h := sha1.New()
+		h.Write(privateKeyBytes)
+		sum := h.Sum(nil)
+		privateKeyBytes = append(privateKeyBytes, sum...)
+	} else {
+		pk.s2kType = S2KCHECKSUM
+		var sum uint16
+		for _, b := range privateKeyBytes {
+			sum += uint16(b)
+		}
+		priv.Write([]byte{uint8(sum >> 8), uint8(sum)})
+	}
+
+	pk.encryptedData = make([]byte, len(privateKeyBytes))
+	cfb.XORKeyStream(pk.encryptedData, privateKeyBytes)
+	pk.Encrypted = true
+	pk.PrivateKey = nil
+	return err
+}
+
+func (pk *PrivateKey) serializePrivateKey(w io.Writer) (err error) {
+	switch priv := pk.PrivateKey.(type) {
+	case *rsa.PrivateKey:
+		err = serializeRSAPrivateKey(w, priv)
+	case *dsa.PrivateKey:
+		err = serializeDSAPrivateKey(w, priv)
+	case *elgamal.PrivateKey:
+		err = serializeElGamalPrivateKey(w, priv)
+	case *ecdsa.PrivateKey:
+		err = serializeECDSAPrivateKey(w, priv)
+	case *ed25519.PrivateKey:
+		err = serializeEdDSAPrivateKey(w, priv)
+	case *ecdh.PrivateKey:
+		err = serializeECDHPrivateKey(w, priv)
+	default:
+		err = errors.InvalidArgumentError("unknown private key type")
+	}
+	return
+}
+
+func (pk *PrivateKey) parsePrivateKey(data []byte) (err error) {
+	switch pk.PublicKey.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoRSAEncryptOnly:
+		return pk.parseRSAPrivateKey(data)
+	case PubKeyAlgoDSA:
+		return pk.parseDSAPrivateKey(data)
+	case PubKeyAlgoElGamal:
+		return pk.parseElGamalPrivateKey(data)
+	case PubKeyAlgoECDSA:
+		return pk.parseECDSAPrivateKey(data)
+	case PubKeyAlgoECDH:
+		return pk.parseECDHPrivateKey(data)
+	case PubKeyAlgoEdDSA:
+		return pk.parseEdDSAPrivateKey(data)
+	}
+	panic("impossible")
+}
+
+func (pk *PrivateKey) parseRSAPrivateKey(data []byte) (err error) {
+	rsaPub := pk.PublicKey.PublicKey.(*rsa.PublicKey)
+	rsaPriv := new(rsa.PrivateKey)
+	rsaPriv.PublicKey = *rsaPub
+
+	buf := bytes.NewBuffer(data)
+	d := new(encoding.MPI)
+	if _, err := d.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	p := new(encoding.MPI)
+	if _, err := p.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	q := new(encoding.MPI)
+	if _, err := q.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	rsaPriv.D = new(big.Int).SetBytes(d.Bytes())
+	rsaPriv.Primes = make([]*big.Int, 2)
+	rsaPriv.Primes[0] = new(big.Int).SetBytes(p.Bytes())
+	rsaPriv.Primes[1] = new(big.Int).SetBytes(q.Bytes())
+	if err := rsaPriv.Validate(); err != nil {
+		return errors.KeyInvalidError(err.Error())
+	}
+	rsaPriv.Precompute()
+	pk.PrivateKey = rsaPriv
+
+	return nil
+}
+
+func (pk *PrivateKey) parseDSAPrivateKey(data []byte) (err error) {
+	dsaPub := pk.PublicKey.PublicKey.(*dsa.PublicKey)
+	dsaPriv := new(dsa.PrivateKey)
+	dsaPriv.PublicKey = *dsaPub
+
+	buf := bytes.NewBuffer(data)
+	x := new(encoding.MPI)
+	if _, err := x.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	dsaPriv.X = new(big.Int).SetBytes(x.Bytes())
+	if err := validateDSAParameters(dsaPriv); err != nil {
+		return err
+	}
+	pk.PrivateKey = dsaPriv
+
+	return nil
+}
+
+func (pk *PrivateKey) parseElGamalPrivateKey(data []byte) (err error) {
+	pub := pk.PublicKey.PublicKey.(*elgamal.PublicKey)
+	priv := new(elgamal.PrivateKey)
+	priv.PublicKey = *pub
+
+	buf := bytes.NewBuffer(data)
+	x := new(encoding.MPI)
+	if _, err := x.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	priv.X = new(big.Int).SetBytes(x.Bytes())
+	if err := validateElGamalParameters(priv); err != nil {
+		return err
+	}
+	pk.PrivateKey = priv
+
+	return nil
+}
+
+func (pk *PrivateKey) parseECDSAPrivateKey(data []byte) (err error) {
+	ecdsaPub := pk.PublicKey.PublicKey.(*ecdsa.PublicKey)
+	ecdsaPriv := new(ecdsa.PrivateKey)
+	ecdsaPriv.PublicKey = *ecdsaPub
+
+	buf := bytes.NewBuffer(data)
+	d := new(encoding.MPI)
+	if _, err := d.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	ecdsaPriv.D = new(big.Int).SetBytes(d.Bytes())
+	if err := validateECDSAParameters(ecdsaPriv); err != nil {
+		return err
+	}
+	pk.PrivateKey = ecdsaPriv
+
+	return nil
+}
+
+func (pk *PrivateKey) parseECDHPrivateKey(data []byte) (err error) {
+	ecdhPub := pk.PublicKey.PublicKey.(*ecdh.PublicKey)
+	ecdhPriv := new(ecdh.PrivateKey)
+	ecdhPriv.PublicKey = *ecdhPub
+
+	buf := bytes.NewBuffer(data)
+	d := new(encoding.MPI)
+	if _, err := d.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	ecdhPriv.D = d.Bytes()
+	if err := validateECDHParameters(ecdhPriv); err != nil {
+		return err
+	}
+	pk.PrivateKey = ecdhPriv
+
+	return nil
+}
+
+func (pk *PrivateKey) parseEdDSAPrivateKey(data []byte) (err error) {
+	eddsaPub := pk.PublicKey.PublicKey.(*ed25519.PublicKey)
+	eddsaPriv := make(ed25519.PrivateKey, ed25519.PrivateKeySize)
+
+	buf := bytes.NewBuffer(data)
+	d := new(encoding.MPI)
+	if _, err := d.ReadFrom(buf); err != nil {
+		return err
+	}
+
+	priv := d.Bytes()
+	copy(eddsaPriv[32-len(priv):32], priv)
+	copy(eddsaPriv[32:], (*eddsaPub)[:])
+	if err := validateEdDSAParameters(&eddsaPriv); err != nil {
+		return err
+	}
+	pk.PrivateKey = &eddsaPriv
+
+	return nil
+}
+
+func validateECDSAParameters(priv *ecdsa.PrivateKey) error {
+	return validateCommonECC(priv.Curve, priv.D.Bytes(), priv.X, priv.Y)
+}
+
+func validateECDHParameters(priv *ecdh.PrivateKey) error {
+	if priv.CurveType != ecc.Curve25519 {
+		return validateCommonECC(priv.Curve, priv.D, priv.X, priv.Y)
+	}
+	// Handle Curve25519
+	Q := priv.X.Bytes()[1:]
+	var d [32]byte
+	// Copy reversed d
+	l := len(priv.D)
+	for i := 0; i < l; i++ {
+		d[i] = priv.D[l-i-1]
+	}
+	var expectedQ [32]byte
+	curve25519.ScalarBaseMult(&expectedQ, &d)
+	if !bytes.Equal(Q, expectedQ[:]) {
+		return errors.KeyInvalidError("ECDH curve25519: invalid point")
+	}
+	return nil
+}
+
+func validateCommonECC(curve elliptic.Curve, d []byte, X, Y *big.Int) error {
+	// the public point should not be at infinity (0,0)
+	zero := new(big.Int)
+	if X.Cmp(zero) == 0 && Y.Cmp(zero) == 0 {
+		return errors.KeyInvalidError(fmt.Sprintf("ecc (%s): infinity point", curve.Params().Name))
+	}
+	// re-derive the public point Q' = (X,Y) = dG
+	// to compare to declared Q in public key
+	expectedX, expectedY := curve.ScalarBaseMult(d)
+	if X.Cmp(expectedX) != 0 || Y.Cmp(expectedY) != 0 {
+		return errors.KeyInvalidError(fmt.Sprintf("ecc (%s): invalid point", curve.Params().Name))
+	}
+	return nil
+}
+
+func validateEdDSAParameters(priv *ed25519.PrivateKey) error {
+	// In EdDSA, the serialized public point is stored as part of private key (together with the seed),
+	// hence we can re-derive the key from the seed
+	seed := priv.Seed()
+	expectedPriv := ed25519.NewKeyFromSeed(seed)
+	if !bytes.Equal(*priv, expectedPriv) {
+		return errors.KeyInvalidError("eddsa: invalid point")
+	}
+	return nil
+}
+
+func validateDSAParameters(priv *dsa.PrivateKey) error {
+	p := priv.P // group prime
+	q := priv.Q // subgroup order
+	g := priv.G // g has order q mod p
+	x := priv.X // secret
+	y := priv.Y // y == g**x mod p
+	one := big.NewInt(1)
+	// expect g, y >= 2 and g < p
+	if g.Cmp(one) <= 0 || y.Cmp(one) <= 0 || g.Cmp(p) > 0 {
+		return errors.KeyInvalidError("dsa: invalid group")
+	}
+	// expect p > q
+	if p.Cmp(q) <= 0 {
+		return errors.KeyInvalidError("dsa: invalid group prime")
+	}
+	// q should be large enough and divide p-1
+	pSub1 := new(big.Int).Sub(p, one)
+	if q.BitLen() < 150 || new(big.Int).Mod(pSub1, q).Cmp(big.NewInt(0)) != 0 {
+		return errors.KeyInvalidError("dsa: invalid order")
+	}
+	// confirm that g has order q mod p
+	if !q.ProbablyPrime(32) || new(big.Int).Exp(g, q, p).Cmp(one) != 0 {
+		return errors.KeyInvalidError("dsa: invalid order")
+	}
+	// check y
+	if new(big.Int).Exp(g, x, p).Cmp(y) != 0 {
+		return errors.KeyInvalidError("dsa: mismatching values")
+	}
+
+	return nil
+}
+
+func validateElGamalParameters(priv *elgamal.PrivateKey) error {
+	p := priv.P // group prime
+	g := priv.G // g has order p-1 mod p
+	x := priv.X // secret
+	y := priv.Y // y == g**x mod p
+	one := big.NewInt(1)
+	// Expect g, y >= 2 and g < p
+	if g.Cmp(one) <= 0 || y.Cmp(one) <= 0 || g.Cmp(p) > 0 {
+		return errors.KeyInvalidError("elgamal: invalid group")
+	}
+	if p.BitLen() < 1024 {
+		return errors.KeyInvalidError("elgamal: group order too small")
+	}
+	pSub1 := new(big.Int).Sub(p, one)
+	if new(big.Int).Exp(g, pSub1, p).Cmp(one) != 0 {
+		return errors.KeyInvalidError("elgamal: invalid group")
+	}
+	// Since p-1 is not prime, g might have a smaller order that divides p-1.
+	// We cannot confirm the exact order of g, but we make sure it is not too small.
+	gExpI := new(big.Int).Set(g)
+	i := 1
+	threshold := 2 << 17 // we want order > threshold
+	for i < threshold {
+		i++ // we check every order to make sure key validation is not easily bypassed by guessing y'
+		gExpI.Mod(new(big.Int).Mul(gExpI, g), p)
+		if gExpI.Cmp(one) == 0 {
+			return errors.KeyInvalidError("elgamal: order too small")
+		}
+	}
+	// Check y
+	if new(big.Int).Exp(g, x, p).Cmp(y) != 0 {
+		return errors.KeyInvalidError("elgamal: mismatching values")
+	}
+
+	return nil
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key_test_data.go
new file mode 100644
index 0000000000..029b8f1aab
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/private_key_test_data.go
@@ -0,0 +1,12 @@
+package packet
+
+// Generated with `gpg --export-secret-keys "Test Key 2"`
+const privKeyRSAHex = "9501fe044cc349a8010400b70ca0010e98c090008d45d1ee8f9113bd5861fd57b88bacb7c68658747663f1e1a3b5a98f32fda6472373c024b97359cd2efc88ff60f77751adfbf6af5e615e6a1408cfad8bf0cea30b0d5f53aa27ad59089ba9b15b7ebc2777a25d7b436144027e3bcd203909f147d0e332b240cf63d3395f5dfe0df0a6c04e8655af7eacdf0011010001fe0303024a252e7d475fd445607de39a265472aa74a9320ba2dac395faa687e9e0336aeb7e9a7397e511b5afd9dc84557c80ac0f3d4d7bfec5ae16f20d41c8c84a04552a33870b930420e230e179564f6d19bb153145e76c33ae993886c388832b0fa042ddda7f133924f3854481533e0ede31d51278c0519b29abc3bf53da673e13e3e1214b52413d179d7f66deee35cac8eacb060f78379d70ef4af8607e68131ff529439668fc39c9ce6dfef8a5ac234d234802cbfb749a26107db26406213ae5c06d4673253a3cbee1fcbae58d6ab77e38d6e2c0e7c6317c48e054edadb5a40d0d48acb44643d998139a8a66bb820be1f3f80185bc777d14b5954b60effe2448a036d565c6bc0b915fcea518acdd20ab07bc1529f561c58cd044f723109b93f6fd99f876ff891d64306b5d08f48bab59f38695e9109c4dec34013ba3153488ce070268381ba923ee1eb77125b36afcb4347ec3478c8f2735b06ef17351d872e577fa95d0c397c88c71b59629a36aec"
+
+// Generated by `gpg --export-secret-keys` followed by a manual extraction of
+// the ElGamal subkey from the packets.
+const privKeyElGamalHex = "9d0157044df9ee1a100400eb8e136a58ec39b582629cdadf830bc64e0a94ed8103ca8bb247b27b11b46d1d25297ef4bcc3071785ba0c0bedfe89eabc5287fcc0edf81ab5896c1c8e4b20d27d79813c7aede75320b33eaeeaa586edc00fd1036c10133e6ba0ff277245d0d59d04b2b3421b7244aca5f4a8d870c6f1c1fbff9e1c26699a860b9504f35ca1d700030503fd1ededd3b840795be6d9ccbe3c51ee42e2f39233c432b831ddd9c4e72b7025a819317e47bf94f9ee316d7273b05d5fcf2999c3a681f519b1234bbfa6d359b4752bd9c3f77d6b6456cde152464763414ca130f4e91d91041432f90620fec0e6d6b5116076c2985d5aeaae13be492b9b329efcaf7ee25120159a0a30cd976b42d7afe030302dae7eb80db744d4960c4df930d57e87fe81412eaace9f900e6c839817a614ddb75ba6603b9417c33ea7b6c93967dfa2bcff3fa3c74a5ce2c962db65b03aece14c96cbd0038fc"
+
+// pkcs1PrivKeyHex is a PKCS#1, RSA private key.
+// Generated by `openssl genrsa 1024 | openssl rsa -outform DER  | xxd -p`
+const pkcs1PrivKeyHex = "3082025d02010002818100e98edfa1c3b35884a54d0b36a6a603b0290fa85e49e30fa23fc94fef9c6790bc4849928607aa48d809da326fb42a969d06ad756b98b9c1a90f5d4a2b6d0ac05953c97f4da3120164a21a679793ce181c906dc01d235cc085ddcdf6ea06c389b6ab8885dfd685959e693138856a68a7e5db263337ff82a088d583a897cf2d59e9020301000102818100b6d5c9eb70b02d5369b3ee5b520a14490b5bde8a317d36f7e4c74b7460141311d1e5067735f8f01d6f5908b2b96fbd881f7a1ab9a84d82753e39e19e2d36856be960d05ac9ef8e8782ea1b6d65aee28fdfe1d61451e8cff0adfe84322f12cf455028b581cf60eb9e0e140ba5d21aeba6c2634d7c65318b9a665fc01c3191ca21024100fa5e818da3705b0fa33278bb28d4b6f6050388af2d4b75ec9375dd91ccf2e7d7068086a8b82a8f6282e4fbbdb8a7f2622eb97295249d87acea7f5f816f54d347024100eecf9406d7dc49cdfb95ab1eff4064de84c7a30f64b2798936a0d2018ba9eb52e4b636f82e96c49cc63b80b675e91e40d1b2e4017d4b9adaf33ab3d9cf1c214f024100c173704ace742c082323066226a4655226819a85304c542b9dacbeacbf5d1881ee863485fcf6f59f3a604f9b42289282067447f2b13dfeed3eab7851fc81e0550240741fc41f3fc002b382eed8730e33c5d8de40256e4accee846667f536832f711ab1d4590e7db91a8a116ac5bff3be13d3f9243ff2e976662aa9b395d907f8e9c9024046a5696c9ef882363e06c9fa4e2f5b580906452befba03f4a99d0f873697ef1f851d2226ca7934b30b7c3e80cb634a67172bbbf4781735fe3e09263e2dd723e7"
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key.go
new file mode 100644
index 0000000000..28971c1ada
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key.go
@@ -0,0 +1,825 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"crypto"
+	"crypto/dsa"
+	"crypto/ecdsa"
+	"crypto/elliptic"
+	"crypto/rsa"
+	"crypto/sha1"
+	"crypto/sha256"
+	_ "crypto/sha512"
+	"encoding/binary"
+	"fmt"
+	"hash"
+	"io"
+	"math/big"
+	"strconv"
+	"time"
+
+	"github.com/ProtonMail/go-crypto/openpgp/ecdh"
+	"github.com/ProtonMail/go-crypto/openpgp/elgamal"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/ecc"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
+	"golang.org/x/crypto/ed25519"
+)
+
+type kdfHashFunction byte
+type kdfAlgorithm byte
+
+// PublicKey represents an OpenPGP public key. See RFC 4880, section 5.5.2.
+type PublicKey struct {
+	Version      int
+	CreationTime time.Time
+	PubKeyAlgo   PublicKeyAlgorithm
+	PublicKey    interface{} // *rsa.PublicKey, *dsa.PublicKey, *ecdsa.PublicKey or *eddsa.PublicKey
+	Fingerprint  []byte
+	KeyId        uint64
+	IsSubkey     bool
+
+	// RFC 4880 fields
+	n, e, p, q, g, y encoding.Field
+
+	// RFC 6637 fields
+	// oid contains the OID byte sequence identifying the elliptic curve used
+	oid encoding.Field
+
+	// kdf stores key derivation function parameters
+	// used for ECDH encryption. See RFC 6637, Section 9.
+	kdf encoding.Field
+}
+
+// UpgradeToV5 updates the version of the key to v5, and updates all necessary
+// fields.
+func (pk *PublicKey) UpgradeToV5() {
+	pk.Version = 5
+	pk.setFingerprintAndKeyId()
+}
+
+// signingKey provides a convenient abstraction over signature verification
+// for v3 and v4 public keys.
+type signingKey interface {
+	SerializeForHash(io.Writer) error
+	SerializeSignaturePrefix(io.Writer)
+	serializeWithoutHeaders(io.Writer) error
+}
+
+// NewRSAPublicKey returns a PublicKey that wraps the given rsa.PublicKey.
+func NewRSAPublicKey(creationTime time.Time, pub *rsa.PublicKey) *PublicKey {
+	pk := &PublicKey{
+		Version:      4,
+		CreationTime: creationTime,
+		PubKeyAlgo:   PubKeyAlgoRSA,
+		PublicKey:    pub,
+		n:            new(encoding.MPI).SetBig(pub.N),
+		e:            new(encoding.MPI).SetBig(big.NewInt(int64(pub.E))),
+	}
+
+	pk.setFingerprintAndKeyId()
+	return pk
+}
+
+// NewDSAPublicKey returns a PublicKey that wraps the given dsa.PublicKey.
+func NewDSAPublicKey(creationTime time.Time, pub *dsa.PublicKey) *PublicKey {
+	pk := &PublicKey{
+		Version:      4,
+		CreationTime: creationTime,
+		PubKeyAlgo:   PubKeyAlgoDSA,
+		PublicKey:    pub,
+		p:            new(encoding.MPI).SetBig(pub.P),
+		q:            new(encoding.MPI).SetBig(pub.Q),
+		g:            new(encoding.MPI).SetBig(pub.G),
+		y:            new(encoding.MPI).SetBig(pub.Y),
+	}
+
+	pk.setFingerprintAndKeyId()
+	return pk
+}
+
+// NewElGamalPublicKey returns a PublicKey that wraps the given elgamal.PublicKey.
+func NewElGamalPublicKey(creationTime time.Time, pub *elgamal.PublicKey) *PublicKey {
+	pk := &PublicKey{
+		Version:      4,
+		CreationTime: creationTime,
+		PubKeyAlgo:   PubKeyAlgoElGamal,
+		PublicKey:    pub,
+		p:            new(encoding.MPI).SetBig(pub.P),
+		g:            new(encoding.MPI).SetBig(pub.G),
+		y:            new(encoding.MPI).SetBig(pub.Y),
+	}
+
+	pk.setFingerprintAndKeyId()
+	return pk
+}
+
+func NewECDSAPublicKey(creationTime time.Time, pub *ecdsa.PublicKey) *PublicKey {
+	pk := &PublicKey{
+		Version:      4,
+		CreationTime: creationTime,
+		PubKeyAlgo:   PubKeyAlgoECDSA,
+		PublicKey:    pub,
+		p:            encoding.NewMPI(elliptic.Marshal(pub.Curve, pub.X, pub.Y)),
+	}
+
+	curveInfo := ecc.FindByCurve(pub.Curve)
+	if curveInfo == nil {
+		panic("unknown elliptic curve")
+	}
+	pk.oid = curveInfo.Oid
+	pk.setFingerprintAndKeyId()
+	return pk
+}
+
+func NewECDHPublicKey(creationTime time.Time, pub *ecdh.PublicKey) *PublicKey {
+	var pk *PublicKey
+	var curveInfo *ecc.CurveInfo
+	var kdf = encoding.NewOID([]byte{0x1, pub.Hash.Id(), pub.Cipher.Id()})
+	if pub.CurveType == ecc.Curve25519 {
+		pk = &PublicKey{
+			Version:      4,
+			CreationTime: creationTime,
+			PubKeyAlgo:   PubKeyAlgoECDH,
+			PublicKey:    pub,
+			p:            encoding.NewMPI(pub.X.Bytes()),
+			kdf:          kdf,
+		}
+		curveInfo = ecc.FindByName("Curve25519")
+	} else {
+		pk = &PublicKey{
+			Version:      4,
+			CreationTime: creationTime,
+			PubKeyAlgo:   PubKeyAlgoECDH,
+			PublicKey:    pub,
+			p:            encoding.NewMPI(elliptic.Marshal(pub.Curve, pub.X, pub.Y)),
+			kdf:          kdf,
+		}
+		curveInfo = ecc.FindByCurve(pub.Curve)
+	}
+	if curveInfo == nil {
+		panic("unknown elliptic curve")
+	}
+	pk.oid = curveInfo.Oid
+	pk.setFingerprintAndKeyId()
+	return pk
+}
+
+func NewEdDSAPublicKey(creationTime time.Time, pub *ed25519.PublicKey) *PublicKey {
+	curveInfo := ecc.FindByName("Ed25519")
+	pk := &PublicKey{
+		Version:      4,
+		CreationTime: creationTime,
+		PubKeyAlgo:   PubKeyAlgoEdDSA,
+		PublicKey:    pub,
+		oid:          curveInfo.Oid,
+		// Native point format, see draft-koch-eddsa-for-openpgp-04, Appendix B
+		p: encoding.NewMPI(append([]byte{0x40}, *pub...)),
+	}
+
+	pk.setFingerprintAndKeyId()
+	return pk
+}
+
+func (pk *PublicKey) parse(r io.Reader) (err error) {
+	// RFC 4880, section 5.5.2
+	var buf [6]byte
+	_, err = readFull(r, buf[:])
+	if err != nil {
+		return
+	}
+	if buf[0] != 4 && buf[0] != 5 {
+		return errors.UnsupportedError("public key version " + strconv.Itoa(int(buf[0])))
+	}
+
+	pk.Version = int(buf[0])
+	if pk.Version == 5 {
+		var n [4]byte
+		_, err = readFull(r, n[:])
+		if err != nil {
+			return
+		}
+	}
+	pk.CreationTime = time.Unix(int64(uint32(buf[1])<<24|uint32(buf[2])<<16|uint32(buf[3])<<8|uint32(buf[4])), 0)
+	pk.PubKeyAlgo = PublicKeyAlgorithm(buf[5])
+	switch pk.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
+		err = pk.parseRSA(r)
+	case PubKeyAlgoDSA:
+		err = pk.parseDSA(r)
+	case PubKeyAlgoElGamal:
+		err = pk.parseElGamal(r)
+	case PubKeyAlgoECDSA:
+		err = pk.parseECDSA(r)
+	case PubKeyAlgoECDH:
+		err = pk.parseECDH(r)
+	case PubKeyAlgoEdDSA:
+		err = pk.parseEdDSA(r)
+	default:
+		err = errors.UnsupportedError("public key type: " + strconv.Itoa(int(pk.PubKeyAlgo)))
+	}
+	if err != nil {
+		return
+	}
+
+	pk.setFingerprintAndKeyId()
+	return
+}
+
+func (pk *PublicKey) setFingerprintAndKeyId() {
+	// RFC 4880, section 12.2
+	if pk.Version == 5 {
+		fingerprint := sha256.New()
+		pk.SerializeForHash(fingerprint)
+		pk.Fingerprint = make([]byte, 32)
+		copy(pk.Fingerprint, fingerprint.Sum(nil))
+		pk.KeyId = binary.BigEndian.Uint64(pk.Fingerprint[:8])
+	} else {
+		fingerprint := sha1.New()
+		pk.SerializeForHash(fingerprint)
+		pk.Fingerprint = make([]byte, 20)
+		copy(pk.Fingerprint, fingerprint.Sum(nil))
+		pk.KeyId = binary.BigEndian.Uint64(pk.Fingerprint[12:20])
+	}
+}
+
+// parseRSA parses RSA public key material from the given Reader. See RFC 4880,
+// section 5.5.2.
+func (pk *PublicKey) parseRSA(r io.Reader) (err error) {
+	pk.n = new(encoding.MPI)
+	if _, err = pk.n.ReadFrom(r); err != nil {
+		return
+	}
+	pk.e = new(encoding.MPI)
+	if _, err = pk.e.ReadFrom(r); err != nil {
+		return
+	}
+
+	if len(pk.e.Bytes()) > 3 {
+		err = errors.UnsupportedError("large public exponent")
+		return
+	}
+	rsa := &rsa.PublicKey{
+		N: new(big.Int).SetBytes(pk.n.Bytes()),
+		E: 0,
+	}
+	for i := 0; i < len(pk.e.Bytes()); i++ {
+		rsa.E <<= 8
+		rsa.E |= int(pk.e.Bytes()[i])
+	}
+	pk.PublicKey = rsa
+	return
+}
+
+// parseDSA parses DSA public key material from the given Reader. See RFC 4880,
+// section 5.5.2.
+func (pk *PublicKey) parseDSA(r io.Reader) (err error) {
+	pk.p = new(encoding.MPI)
+	if _, err = pk.p.ReadFrom(r); err != nil {
+		return
+	}
+	pk.q = new(encoding.MPI)
+	if _, err = pk.q.ReadFrom(r); err != nil {
+		return
+	}
+	pk.g = new(encoding.MPI)
+	if _, err = pk.g.ReadFrom(r); err != nil {
+		return
+	}
+	pk.y = new(encoding.MPI)
+	if _, err = pk.y.ReadFrom(r); err != nil {
+		return
+	}
+
+	dsa := new(dsa.PublicKey)
+	dsa.P = new(big.Int).SetBytes(pk.p.Bytes())
+	dsa.Q = new(big.Int).SetBytes(pk.q.Bytes())
+	dsa.G = new(big.Int).SetBytes(pk.g.Bytes())
+	dsa.Y = new(big.Int).SetBytes(pk.y.Bytes())
+	pk.PublicKey = dsa
+	return
+}
+
+// parseElGamal parses ElGamal public key material from the given Reader. See
+// RFC 4880, section 5.5.2.
+func (pk *PublicKey) parseElGamal(r io.Reader) (err error) {
+	pk.p = new(encoding.MPI)
+	if _, err = pk.p.ReadFrom(r); err != nil {
+		return
+	}
+	pk.g = new(encoding.MPI)
+	if _, err = pk.g.ReadFrom(r); err != nil {
+		return
+	}
+	pk.y = new(encoding.MPI)
+	if _, err = pk.y.ReadFrom(r); err != nil {
+		return
+	}
+
+	elgamal := new(elgamal.PublicKey)
+	elgamal.P = new(big.Int).SetBytes(pk.p.Bytes())
+	elgamal.G = new(big.Int).SetBytes(pk.g.Bytes())
+	elgamal.Y = new(big.Int).SetBytes(pk.y.Bytes())
+	pk.PublicKey = elgamal
+	return
+}
+
+// parseECDSA parses ECDSA public key material from the given Reader. See
+// RFC 6637, Section 9.
+func (pk *PublicKey) parseECDSA(r io.Reader) (err error) {
+	pk.oid = new(encoding.OID)
+	if _, err = pk.oid.ReadFrom(r); err != nil {
+		return
+	}
+	pk.p = new(encoding.MPI)
+	if _, err = pk.p.ReadFrom(r); err != nil {
+		return
+	}
+
+	var c elliptic.Curve
+	curveInfo := ecc.FindByOid(pk.oid)
+	if curveInfo == nil || curveInfo.SigAlgorithm != ecc.ECDSA {
+		return errors.UnsupportedError(fmt.Sprintf("unsupported oid: %x", pk.oid))
+	}
+	c = curveInfo.Curve
+	x, y := elliptic.Unmarshal(c, pk.p.Bytes())
+	if x == nil {
+		return errors.UnsupportedError("failed to parse EC point")
+	}
+	pk.PublicKey = &ecdsa.PublicKey{Curve: c, X: x, Y: y}
+	return
+}
+
+// parseECDH parses ECDH public key material from the given Reader. See
+// RFC 6637, Section 9.
+func (pk *PublicKey) parseECDH(r io.Reader) (err error) {
+	pk.oid = new(encoding.OID)
+	if _, err = pk.oid.ReadFrom(r); err != nil {
+		return
+	}
+	pk.p = new(encoding.MPI)
+	if _, err = pk.p.ReadFrom(r); err != nil {
+		return
+	}
+	pk.kdf = new(encoding.OID)
+	if _, err = pk.kdf.ReadFrom(r); err != nil {
+		return
+	}
+
+	curveInfo := ecc.FindByOid(pk.oid)
+	if curveInfo == nil {
+		return errors.UnsupportedError(fmt.Sprintf("unsupported oid: %x", pk.oid))
+	}
+
+	c := curveInfo.Curve
+	cType := curveInfo.CurveType
+
+	var x, y *big.Int
+	if cType == ecc.Curve25519 {
+		x = new(big.Int)
+		x.SetBytes(pk.p.Bytes())
+	} else {
+		x, y = elliptic.Unmarshal(c, pk.p.Bytes())
+	}
+	if x == nil {
+		return errors.UnsupportedError("failed to parse EC point")
+	}
+
+	if kdfLen := len(pk.kdf.Bytes()); kdfLen < 3 {
+		return errors.UnsupportedError("unsupported ECDH KDF length: " + strconv.Itoa(kdfLen))
+	}
+	if reserved := pk.kdf.Bytes()[0]; reserved != 0x01 {
+		return errors.UnsupportedError("unsupported KDF reserved field: " + strconv.Itoa(int(reserved)))
+	}
+	kdfHash, ok := algorithm.HashById[pk.kdf.Bytes()[1]]
+	if !ok {
+		return errors.UnsupportedError("unsupported ECDH KDF hash: " + strconv.Itoa(int(pk.kdf.Bytes()[1])))
+	}
+	kdfCipher, ok := algorithm.CipherById[pk.kdf.Bytes()[2]]
+	if !ok {
+		return errors.UnsupportedError("unsupported ECDH KDF cipher: " + strconv.Itoa(int(pk.kdf.Bytes()[2])))
+	}
+
+	pk.PublicKey = &ecdh.PublicKey{
+		CurveType: cType,
+		Curve:     c,
+		X:         x,
+		Y:         y,
+		KDF: ecdh.KDF{
+			Hash:   kdfHash,
+			Cipher: kdfCipher,
+		},
+	}
+	return
+}
+
+func (pk *PublicKey) parseEdDSA(r io.Reader) (err error) {
+	pk.oid = new(encoding.OID)
+	if _, err = pk.oid.ReadFrom(r); err != nil {
+		return
+	}
+	curveInfo := ecc.FindByOid(pk.oid)
+	if curveInfo == nil || curveInfo.SigAlgorithm != ecc.EdDSA {
+		return errors.UnsupportedError(fmt.Sprintf("unsupported oid: %x", pk.oid))
+	}
+	pk.p = new(encoding.MPI)
+	if _, err = pk.p.ReadFrom(r); err != nil {
+		return
+	}
+
+	eddsa := make(ed25519.PublicKey, ed25519.PublicKeySize)
+	switch flag := pk.p.Bytes()[0]; flag {
+	case 0x04:
+		// TODO: see _grcy_ecc_eddsa_ensure_compact in grcypt
+		return errors.UnsupportedError("unsupported EdDSA compression: " + strconv.Itoa(int(flag)))
+	case 0x40:
+		copy(eddsa[:], pk.p.Bytes()[1:])
+	default:
+		return errors.UnsupportedError("unsupported EdDSA compression: " + strconv.Itoa(int(flag)))
+	}
+
+	pk.PublicKey = &eddsa
+	return
+}
+
+// SerializeForHash serializes the PublicKey to w with the special packet
+// header format needed for hashing.
+func (pk *PublicKey) SerializeForHash(w io.Writer) error {
+	pk.SerializeSignaturePrefix(w)
+	return pk.serializeWithoutHeaders(w)
+}
+
+// SerializeSignaturePrefix writes the prefix for this public key to the given Writer.
+// The prefix is used when calculating a signature over this public key. See
+// RFC 4880, section 5.2.4.
+func (pk *PublicKey) SerializeSignaturePrefix(w io.Writer) {
+	var pLength = pk.algorithmSpecificByteCount()
+	if pk.Version == 5 {
+		pLength += 10 // version, timestamp (4), algorithm, key octet count (4).
+		w.Write([]byte{
+			0x9A,
+			byte(pLength >> 24),
+			byte(pLength >> 16),
+			byte(pLength >> 8),
+			byte(pLength),
+		})
+		return
+	}
+	pLength += 6
+	w.Write([]byte{0x99, byte(pLength >> 8), byte(pLength)})
+}
+
+func (pk *PublicKey) Serialize(w io.Writer) (err error) {
+	length := 6 // 6 byte header
+	length += pk.algorithmSpecificByteCount()
+	if pk.Version == 5 {
+		length += 4 // octet key count
+	}
+	packetType := packetTypePublicKey
+	if pk.IsSubkey {
+		packetType = packetTypePublicSubkey
+	}
+	err = serializeHeader(w, packetType, length)
+	if err != nil {
+		return
+	}
+	return pk.serializeWithoutHeaders(w)
+}
+
+func (pk *PublicKey) algorithmSpecificByteCount() int {
+	length := 0
+	switch pk.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
+		length += int(pk.n.EncodedLength())
+		length += int(pk.e.EncodedLength())
+	case PubKeyAlgoDSA:
+		length += int(pk.p.EncodedLength())
+		length += int(pk.q.EncodedLength())
+		length += int(pk.g.EncodedLength())
+		length += int(pk.y.EncodedLength())
+	case PubKeyAlgoElGamal:
+		length += int(pk.p.EncodedLength())
+		length += int(pk.g.EncodedLength())
+		length += int(pk.y.EncodedLength())
+	case PubKeyAlgoECDSA:
+		length += int(pk.oid.EncodedLength())
+		length += int(pk.p.EncodedLength())
+	case PubKeyAlgoECDH:
+		length += int(pk.oid.EncodedLength())
+		length += int(pk.p.EncodedLength())
+		length += int(pk.kdf.EncodedLength())
+	case PubKeyAlgoEdDSA:
+		length += int(pk.oid.EncodedLength())
+		length += int(pk.p.EncodedLength())
+	default:
+		panic("unknown public key algorithm")
+	}
+	return length
+}
+
+// serializeWithoutHeaders marshals the PublicKey to w in the form of an
+// OpenPGP public key packet, not including the packet header.
+func (pk *PublicKey) serializeWithoutHeaders(w io.Writer) (err error) {
+	t := uint32(pk.CreationTime.Unix())
+	if _, err = w.Write([]byte{
+		byte(pk.Version),
+		byte(t >> 24), byte(t >> 16), byte(t >> 8), byte(t),
+		byte(pk.PubKeyAlgo),
+	}); err != nil {
+		return
+	}
+
+	if pk.Version == 5 {
+		n := pk.algorithmSpecificByteCount()
+		if _, err = w.Write([]byte{
+			byte(n >> 24), byte(n >> 16), byte(n >> 8), byte(n),
+		}); err != nil {
+			return
+		}
+	}
+
+	switch pk.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
+		if _, err = w.Write(pk.n.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(pk.e.EncodedBytes())
+		return
+	case PubKeyAlgoDSA:
+		if _, err = w.Write(pk.p.EncodedBytes()); err != nil {
+			return
+		}
+		if _, err = w.Write(pk.q.EncodedBytes()); err != nil {
+			return
+		}
+		if _, err = w.Write(pk.g.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(pk.y.EncodedBytes())
+		return
+	case PubKeyAlgoElGamal:
+		if _, err = w.Write(pk.p.EncodedBytes()); err != nil {
+			return
+		}
+		if _, err = w.Write(pk.g.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(pk.y.EncodedBytes())
+		return
+	case PubKeyAlgoECDSA:
+		if _, err = w.Write(pk.oid.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(pk.p.EncodedBytes())
+		return
+	case PubKeyAlgoECDH:
+		if _, err = w.Write(pk.oid.EncodedBytes()); err != nil {
+			return
+		}
+		if _, err = w.Write(pk.p.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(pk.kdf.EncodedBytes())
+		return
+	case PubKeyAlgoEdDSA:
+		if _, err = w.Write(pk.oid.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(pk.p.EncodedBytes())
+		return
+	}
+	return errors.InvalidArgumentError("bad public-key algorithm")
+}
+
+// CanSign returns true iff this public key can generate signatures
+func (pk *PublicKey) CanSign() bool {
+	return pk.PubKeyAlgo != PubKeyAlgoRSAEncryptOnly && pk.PubKeyAlgo != PubKeyAlgoElGamal && pk.PubKeyAlgo != PubKeyAlgoECDH
+}
+
+// VerifySignature returns nil iff sig is a valid signature, made by this
+// public key, of the data hashed into signed. signed is mutated by this call.
+func (pk *PublicKey) VerifySignature(signed hash.Hash, sig *Signature) (err error) {
+	if !pk.CanSign() {
+		return errors.InvalidArgumentError("public key cannot generate signatures")
+	}
+	if sig.Version == 5 && (sig.SigType == 0x00 || sig.SigType == 0x01) {
+		sig.AddMetadataToHashSuffix()
+	}
+	signed.Write(sig.HashSuffix)
+	hashBytes := signed.Sum(nil)
+	if hashBytes[0] != sig.HashTag[0] || hashBytes[1] != sig.HashTag[1] {
+		return errors.SignatureError("hash tag doesn't match")
+	}
+
+	if pk.PubKeyAlgo != sig.PubKeyAlgo {
+		return errors.InvalidArgumentError("public key and signature use different algorithms")
+	}
+
+	switch pk.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
+		rsaPublicKey, _ := pk.PublicKey.(*rsa.PublicKey)
+		err = rsa.VerifyPKCS1v15(rsaPublicKey, sig.Hash, hashBytes, padToKeySize(rsaPublicKey, sig.RSASignature.Bytes()))
+		if err != nil {
+			return errors.SignatureError("RSA verification failure")
+		}
+		return nil
+	case PubKeyAlgoDSA:
+		dsaPublicKey, _ := pk.PublicKey.(*dsa.PublicKey)
+		// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
+		subgroupSize := (dsaPublicKey.Q.BitLen() + 7) / 8
+		if len(hashBytes) > subgroupSize {
+			hashBytes = hashBytes[:subgroupSize]
+		}
+		if !dsa.Verify(dsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.DSASigR.Bytes()), new(big.Int).SetBytes(sig.DSASigS.Bytes())) {
+			return errors.SignatureError("DSA verification failure")
+		}
+		return nil
+	case PubKeyAlgoECDSA:
+		ecdsaPublicKey := pk.PublicKey.(*ecdsa.PublicKey)
+		if !ecdsa.Verify(ecdsaPublicKey, hashBytes, new(big.Int).SetBytes(sig.ECDSASigR.Bytes()), new(big.Int).SetBytes(sig.ECDSASigS.Bytes())) {
+			return errors.SignatureError("ECDSA verification failure")
+		}
+		return nil
+	case PubKeyAlgoEdDSA:
+		eddsaPublicKey := pk.PublicKey.(*ed25519.PublicKey)
+
+		sigR := sig.EdDSASigR.Bytes()
+		sigS := sig.EdDSASigS.Bytes()
+
+		eddsaSig := make([]byte, ed25519.SignatureSize)
+		copy(eddsaSig[32-len(sigR):32], sigR)
+		copy(eddsaSig[64-len(sigS):], sigS)
+
+		if !ed25519.Verify(*eddsaPublicKey, hashBytes, eddsaSig) {
+			return errors.SignatureError("EdDSA verification failure")
+		}
+		return nil
+	default:
+		return errors.SignatureError("Unsupported public key algorithm used in signature")
+	}
+}
+
+// keySignatureHash returns a Hash of the message that needs to be signed for
+// pk to assert a subkey relationship to signed.
+func keySignatureHash(pk, signed signingKey, hashFunc crypto.Hash) (h hash.Hash, err error) {
+	if !hashFunc.Available() {
+		return nil, errors.UnsupportedError("hash function")
+	}
+	h = hashFunc.New()
+
+	// RFC 4880, section 5.2.4
+	err = pk.SerializeForHash(h)
+	if err != nil {
+		return nil, err
+	}
+
+	err = signed.SerializeForHash(h)
+	return
+}
+
+// VerifyKeySignature returns nil iff sig is a valid signature, made by this
+// public key, of signed.
+func (pk *PublicKey) VerifyKeySignature(signed *PublicKey, sig *Signature) error {
+	h, err := keySignatureHash(pk, signed, sig.Hash)
+	if err != nil {
+		return err
+	}
+	if err = pk.VerifySignature(h, sig); err != nil {
+		return err
+	}
+
+	if sig.FlagSign {
+		// Signing subkeys must be cross-signed. See
+		// https://www.gnupg.org/faq/subkey-cross-certify.html.
+		if sig.EmbeddedSignature == nil {
+			return errors.StructuralError("signing subkey is missing cross-signature")
+		}
+		// Verify the cross-signature. This is calculated over the same
+		// data as the main signature, so we cannot just recursively
+		// call signed.VerifyKeySignature(...)
+		if h, err = keySignatureHash(pk, signed, sig.EmbeddedSignature.Hash); err != nil {
+			return errors.StructuralError("error while hashing for cross-signature: " + err.Error())
+		}
+		if err := signed.VerifySignature(h, sig.EmbeddedSignature); err != nil {
+			return errors.StructuralError("error while verifying cross-signature: " + err.Error())
+		}
+	}
+
+	return nil
+}
+
+func keyRevocationHash(pk signingKey, hashFunc crypto.Hash) (h hash.Hash, err error) {
+	if !hashFunc.Available() {
+		return nil, errors.UnsupportedError("hash function")
+	}
+	h = hashFunc.New()
+
+	// RFC 4880, section 5.2.4
+	err = pk.SerializeForHash(h)
+
+	return
+}
+
+// VerifyRevocationSignature returns nil iff sig is a valid signature, made by this
+// public key.
+func (pk *PublicKey) VerifyRevocationSignature(sig *Signature) (err error) {
+	h, err := keyRevocationHash(pk, sig.Hash)
+	if err != nil {
+		return err
+	}
+	return pk.VerifySignature(h, sig)
+}
+
+// VerifySubkeyRevocationSignature returns nil iff sig is a valid subkey revocation signature,
+// made by the passed in signingKey.
+func (pk *PublicKey) VerifySubkeyRevocationSignature(sig *Signature, signingKey *PublicKey) (err error) {
+	h, err := keyRevocationHash(pk, sig.Hash)
+	if err != nil {
+		return err
+	}
+	return signingKey.VerifySignature(h, sig)
+}
+
+// userIdSignatureHash returns a Hash of the message that needs to be signed
+// to assert that pk is a valid key for id.
+func userIdSignatureHash(id string, pk *PublicKey, hashFunc crypto.Hash) (h hash.Hash, err error) {
+	if !hashFunc.Available() {
+		return nil, errors.UnsupportedError("hash function")
+	}
+	h = hashFunc.New()
+
+	// RFC 4880, section 5.2.4
+	pk.SerializeSignaturePrefix(h)
+	pk.serializeWithoutHeaders(h)
+
+	var buf [5]byte
+	buf[0] = 0xb4
+	buf[1] = byte(len(id) >> 24)
+	buf[2] = byte(len(id) >> 16)
+	buf[3] = byte(len(id) >> 8)
+	buf[4] = byte(len(id))
+	h.Write(buf[:])
+	h.Write([]byte(id))
+
+	return
+}
+
+// VerifyUserIdSignature returns nil iff sig is a valid signature, made by this
+// public key, that id is the identity of pub.
+func (pk *PublicKey) VerifyUserIdSignature(id string, pub *PublicKey, sig *Signature) (err error) {
+	h, err := userIdSignatureHash(id, pub, sig.Hash)
+	if err != nil {
+		return err
+	}
+	return pk.VerifySignature(h, sig)
+}
+
+// KeyIdString returns the public key's fingerprint in capital hex
+// (e.g. "6C7EE1B8621CC013").
+func (pk *PublicKey) KeyIdString() string {
+	return fmt.Sprintf("%X", pk.Fingerprint[12:20])
+}
+
+// KeyIdShortString returns the short form of public key's fingerprint
+// in capital hex, as shown by gpg --list-keys (e.g. "621CC013").
+func (pk *PublicKey) KeyIdShortString() string {
+	return fmt.Sprintf("%X", pk.Fingerprint[16:20])
+}
+
+// BitLength returns the bit length for the given public key.
+func (pk *PublicKey) BitLength() (bitLength uint16, err error) {
+	switch pk.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSAEncryptOnly, PubKeyAlgoRSASignOnly:
+		bitLength = pk.n.BitLength()
+	case PubKeyAlgoDSA:
+		bitLength = pk.p.BitLength()
+	case PubKeyAlgoElGamal:
+		bitLength = pk.p.BitLength()
+	case PubKeyAlgoECDSA:
+		bitLength = pk.p.BitLength()
+	case PubKeyAlgoECDH:
+		bitLength = pk.p.BitLength()
+	case PubKeyAlgoEdDSA:
+		bitLength = pk.p.BitLength()
+	default:
+		err = errors.InvalidArgumentError("bad public-key algorithm")
+	}
+	return
+}
+
+// KeyExpired returns whether sig is a self-signature of a key that has
+// expired or is created in the future.
+func (pk *PublicKey) KeyExpired(sig *Signature, currentTime time.Time) bool {
+	if pk.CreationTime.After(currentTime) {
+		return true
+	}
+	if sig.KeyLifetimeSecs == nil || *sig.KeyLifetimeSecs == 0 {
+		return false
+	}
+	expiry := pk.CreationTime.Add(time.Duration(*sig.KeyLifetimeSecs) * time.Second)
+	return currentTime.After(expiry)
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key_test_data.go
new file mode 100644
index 0000000000..b255f1f6f8
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/public_key_test_data.go
@@ -0,0 +1,24 @@
+package packet
+
+const rsaFingerprintHex = "5fb74b1d03b1e3cb31bc2f8aa34d7e18c20c31bb"
+
+const rsaPkDataHex = "988d044d3c5c10010400b1d13382944bd5aba23a4312968b5095d14f947f600eb478e14a6fcb16b0e0cac764884909c020bc495cfcc39a935387c661507bdb236a0612fb582cac3af9b29cc2c8c70090616c41b662f4da4c1201e195472eb7f4ae1ccbcbf9940fe21d985e379a5563dde5b9a23d35f1cfaa5790da3b79db26f23695107bfaca8e7b5bcd0011010001"
+
+const dsaFingerprintHex = "eece4c094db002103714c63c8e8fbe54062f19ed"
+
+const dsaPkDataHex = "9901a2044d432f89110400cd581334f0d7a1e1bdc8b9d6d8c0baf68793632735d2bb0903224cbaa1dfbf35a60ee7a13b92643421e1eb41aa8d79bea19a115a677f6b8ba3c7818ce53a6c2a24a1608bd8b8d6e55c5090cbde09dd26e356267465ae25e69ec8bdd57c7bbb2623e4d73336f73a0a9098f7f16da2e25252130fd694c0e8070c55a812a423ae7f00a0ebf50e70c2f19c3520a551bd4b08d30f23530d3d03ff7d0bf4a53a64a09dc5e6e6e35854b7d70c882b0c60293401958b1bd9e40abec3ea05ba87cf64899299d4bd6aa7f459c201d3fbbd6c82004bdc5e8a9eb8082d12054cc90fa9d4ec251a843236a588bf49552441817436c4f43326966fe85447d4e6d0acf8fa1ef0f014730770603ad7634c3088dc52501c237328417c31c89ed70400b2f1a98b0bf42f11fefc430704bebbaa41d9f355600c3facee1e490f64208e0e094ea55e3a598a219a58500bf78ac677b670a14f4e47e9cf8eab4f368cc1ddcaa18cc59309d4cc62dd4f680e73e6cc3e1ce87a84d0925efbcb26c575c093fc42eecf45135fabf6403a25c2016e1774c0484e440a18319072c617cc97ac0a3bb0"
+
+const ecdsaFingerprintHex = "9892270b38b8980b05c8d56d43fe956c542ca00b"
+
+const ecdsaPkDataHex = "9893045071c29413052b8104002304230401f4867769cedfa52c325018896245443968e52e51d0c2df8d939949cb5b330f2921711fbee1c9b9dddb95d15cb0255e99badeddda7cc23d9ddcaacbc290969b9f24019375d61c2e4e3b36953a28d8b2bc95f78c3f1d592fb24499be348656a7b17e3963187b4361afe497bc5f9f81213f04069f8e1fb9e6a6290ae295ca1a92b894396cb4"
+
+const ecdhFingerprintHex = "722354df2475a42164d1d49faa8b938f9a201946"
+
+const ecdhPkDataHex = "b90073044d53059212052b810400220303042faa84024a20b6735c4897efa5bfb41bf85b7eefeab5ca0cb9ffc8ea04a46acb25534a577694f9e25340a4ab5223a9dd1eda530c8aa2e6718db10d7e672558c7736fe09369ea5739a2a3554bf16d41faa50562f11c6d39bbd5dffb6b9a9ec91803010909"
+
+const eddsaFingerprintHex = "b2d5e5ec0e6deca6bc8eeeb00907e75e1dd99ad8"
+
+const eddsaPkDataHex = "98330456e2132b16092b06010401da470f01010740bbda39266affa511a8c2d02edf690fb784b0499c4406185811a163539ef11dc1b41d74657374696e67203c74657374696e674074657374696e672e636f6d3e8879041316080021050256e2132b021b03050b09080702061508090a0b020416020301021e01021780000a09100907e75e1dd99ad86d0c00fe39d2008359352782bc9b61ac382584cd8eff3f57a18c2287e3afeeb05d1f04ba00fe2d0bc1ddf3ff8adb9afa3e7d9287244b4ec567f3db4d60b74a9b5465ed528203"
+
+// Source: https://sites.google.com/site/brainhub/pgpecckeys#TOC-ECC-NIST-P-384-key
+const ecc384PubHex = `99006f044d53059213052b81040022030304f6b8c5aced5b84ef9f4a209db2e4a9dfb70d28cb8c10ecd57674a9fa5a67389942b62d5e51367df4c7bfd3f8e500feecf07ed265a621a8ebbbe53e947ec78c677eba143bd1533c2b350e1c29f82313e1e1108eba063be1e64b10e6950e799c2db42465635f6473615f64685f333834203c6f70656e70677040627261696e6875622e6f72673e8900cb04101309005305024d530592301480000000002000077072656665727265642d656d61696c2d656e636f64696e67407067702e636f6d7067706d696d65040b090807021901051b03000000021602051e010000000415090a08000a0910098033880f54719fca2b0180aa37350968bd5f115afd8ce7bc7b103822152dbff06d0afcda835329510905b98cb469ba208faab87c7412b799e7b633017f58364ea480e8a1a3f253a0c5f22c446e8be9a9fce6210136ee30811abbd49139de28b5bdf8dc36d06ae748579e9ff503b90073044d53059212052b810400220303042faa84024a20b6735c4897efa5bfb41bf85b7eefeab5ca0cb9ffc8ea04a46acb25534a577694f9e25340a4ab5223a9dd1eda530c8aa2e6718db10d7e672558c7736fe09369ea5739a2a3554bf16d41faa50562f11c6d39bbd5dffb6b9a9ec9180301090989008404181309000c05024d530592051b0c000000000a0910098033880f54719f80970180eee7a6d8fcee41ee4f9289df17f9bcf9d955dca25c583b94336f3a2b2d4986dc5cf417b8d2dc86f741a9e1a6d236c0e3017d1c76575458a0cfb93ae8a2b274fcc65ceecd7a91eec83656ba13219969f06945b48c56bd04152c3a0553c5f2f4bd1267`
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/reader.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/reader.go
new file mode 100644
index 0000000000..94ae9ad9ac
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/reader.go
@@ -0,0 +1,78 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"io"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+)
+
+// Reader reads packets from an io.Reader and allows packets to be 'unread' so
+// that they result from the next call to Next.
+type Reader struct {
+	q       []Packet
+	readers []io.Reader
+}
+
+// New io.Readers are pushed when a compressed or encrypted packet is processed
+// and recursively treated as a new source of packets. However, a carefully
+// crafted packet can trigger an infinite recursive sequence of packets. See
+// http://mumble.net/~campbell/misc/pgp-quine
+// https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-4402
+// This constant limits the number of recursive packets that may be pushed.
+const maxReaders = 32
+
+// Next returns the most recently unread Packet, or reads another packet from
+// the top-most io.Reader. Unknown packet types are skipped.
+func (r *Reader) Next() (p Packet, err error) {
+	if len(r.q) > 0 {
+		p = r.q[len(r.q)-1]
+		r.q = r.q[:len(r.q)-1]
+		return
+	}
+
+	for len(r.readers) > 0 {
+		p, err = Read(r.readers[len(r.readers)-1])
+		if err == nil {
+			return
+		}
+		if err == io.EOF {
+			r.readers = r.readers[:len(r.readers)-1]
+			continue
+		}
+		// TODO: Add strict mode that rejects unknown packets, instead of ignoring them.
+		if _, ok := err.(errors.UnknownPacketTypeError); !ok {
+			return nil, err
+		}
+	}
+
+	return nil, io.EOF
+}
+
+// Push causes the Reader to start reading from a new io.Reader. When an EOF
+// error is seen from the new io.Reader, it is popped and the Reader continues
+// to read from the next most recent io.Reader. Push returns a StructuralError
+// if pushing the reader would exceed the maximum recursion level, otherwise it
+// returns nil.
+func (r *Reader) Push(reader io.Reader) (err error) {
+	if len(r.readers) >= maxReaders {
+		return errors.StructuralError("too many layers of packets")
+	}
+	r.readers = append(r.readers, reader)
+	return nil
+}
+
+// Unread causes the given Packet to be returned from the next call to Next.
+func (r *Reader) Unread(p Packet) {
+	r.q = append(r.q, p)
+}
+
+func NewReader(r io.Reader) *Reader {
+	return &Reader{
+		q:       nil,
+		readers: []io.Reader{r},
+	}
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/signature.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/signature.go
new file mode 100644
index 0000000000..6b1704e429
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/signature.go
@@ -0,0 +1,964 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"bytes"
+	"crypto"
+	"crypto/dsa"
+	"crypto/ecdsa"
+	"encoding/asn1"
+	"encoding/binary"
+	"hash"
+	"io"
+	"math/big"
+	"strconv"
+	"time"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/encoding"
+	"github.com/ProtonMail/go-crypto/openpgp/s2k"
+)
+
+const (
+	// See RFC 4880, section 5.2.3.21 for details.
+	KeyFlagCertify = 1 << iota
+	KeyFlagSign
+	KeyFlagEncryptCommunications
+	KeyFlagEncryptStorage
+)
+
+// Signature represents a signature. See RFC 4880, section 5.2.
+type Signature struct {
+	Version    int
+	SigType    SignatureType
+	PubKeyAlgo PublicKeyAlgorithm
+	Hash       crypto.Hash
+
+	// HashSuffix is extra data that is hashed in after the signed data.
+	HashSuffix []byte
+	// HashTag contains the first two bytes of the hash for fast rejection
+	// of bad signed data.
+	HashTag [2]byte
+
+	// Metadata includes format, filename and time, and is protected by v5
+	// signatures of type 0x00 or 0x01. This metadata is included into the hash
+	// computation; if nil, six 0x00 bytes are used instead. See section 5.2.4.
+	Metadata *LiteralData
+
+	CreationTime time.Time
+
+	RSASignature         encoding.Field
+	DSASigR, DSASigS     encoding.Field
+	ECDSASigR, ECDSASigS encoding.Field
+	EdDSASigR, EdDSASigS encoding.Field
+
+	// rawSubpackets contains the unparsed subpackets, in order.
+	rawSubpackets []outputSubpacket
+
+	// The following are optional so are nil when not included in the
+	// signature.
+
+	SigLifetimeSecs, KeyLifetimeSecs                        *uint32
+	PreferredSymmetric, PreferredHash, PreferredCompression []uint8
+	PreferredAEAD                                           []uint8
+	IssuerKeyId                                             *uint64
+	IssuerFingerprint                                       []byte
+	IsPrimaryId                                             *bool
+
+	// FlagsValid is set if any flags were given. See RFC 4880, section
+	// 5.2.3.21 for details.
+	FlagsValid                                                           bool
+	FlagCertify, FlagSign, FlagEncryptCommunications, FlagEncryptStorage bool
+
+	// RevocationReason is set if this signature has been revoked.
+	// See RFC 4880, section 5.2.3.23 for details.
+	RevocationReason     *uint8
+	RevocationReasonText string
+
+	// In a self-signature, these flags are set there is a features subpacket
+	// indicating that the issuer implementation supports these features
+	// (section 5.2.5.25).
+	MDC, AEAD, V5Keys bool
+
+	// EmbeddedSignature, if non-nil, is a signature of the parent key, by
+	// this key. This prevents an attacker from claiming another's signing
+	// subkey as their own.
+	EmbeddedSignature *Signature
+
+	outSubpackets []outputSubpacket
+}
+
+func (sig *Signature) parse(r io.Reader) (err error) {
+	// RFC 4880, section 5.2.3
+	var buf [5]byte
+	_, err = readFull(r, buf[:1])
+	if err != nil {
+		return
+	}
+	if buf[0] != 4 && buf[0] != 5 {
+		err = errors.UnsupportedError("signature packet version " + strconv.Itoa(int(buf[0])))
+		return
+	}
+	sig.Version = int(buf[0])
+	_, err = readFull(r, buf[:5])
+	if err != nil {
+		return
+	}
+	sig.SigType = SignatureType(buf[0])
+	sig.PubKeyAlgo = PublicKeyAlgorithm(buf[1])
+	switch sig.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly, PubKeyAlgoDSA, PubKeyAlgoECDSA, PubKeyAlgoEdDSA:
+	default:
+		err = errors.UnsupportedError("public key algorithm " + strconv.Itoa(int(sig.PubKeyAlgo)))
+		return
+	}
+
+	var ok bool
+	sig.Hash, ok = s2k.HashIdToHash(buf[2])
+	if !ok {
+		return errors.UnsupportedError("hash function " + strconv.Itoa(int(buf[2])))
+	}
+
+	hashedSubpacketsLength := int(buf[3])<<8 | int(buf[4])
+	hashedSubpackets := make([]byte, hashedSubpacketsLength)
+	_, err = readFull(r, hashedSubpackets)
+	if err != nil {
+		return
+	}
+	sig.buildHashSuffix(hashedSubpackets)
+	err = parseSignatureSubpackets(sig, hashedSubpackets, true)
+	if err != nil {
+		return
+	}
+
+	_, err = readFull(r, buf[:2])
+	if err != nil {
+		return
+	}
+	unhashedSubpacketsLength := int(buf[0])<<8 | int(buf[1])
+	unhashedSubpackets := make([]byte, unhashedSubpacketsLength)
+	_, err = readFull(r, unhashedSubpackets)
+	if err != nil {
+		return
+	}
+	err = parseSignatureSubpackets(sig, unhashedSubpackets, false)
+	if err != nil {
+		return
+	}
+
+	_, err = readFull(r, sig.HashTag[:2])
+	if err != nil {
+		return
+	}
+
+	switch sig.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
+		sig.RSASignature = new(encoding.MPI)
+		_, err = sig.RSASignature.ReadFrom(r)
+	case PubKeyAlgoDSA:
+		sig.DSASigR = new(encoding.MPI)
+		if _, err = sig.DSASigR.ReadFrom(r); err != nil {
+			return
+		}
+
+		sig.DSASigS = new(encoding.MPI)
+		_, err = sig.DSASigS.ReadFrom(r)
+	case PubKeyAlgoECDSA:
+		sig.ECDSASigR = new(encoding.MPI)
+		if _, err = sig.ECDSASigR.ReadFrom(r); err != nil {
+			return
+		}
+
+		sig.ECDSASigS = new(encoding.MPI)
+		_, err = sig.ECDSASigS.ReadFrom(r)
+	case PubKeyAlgoEdDSA:
+		sig.EdDSASigR = new(encoding.MPI)
+		if _, err = sig.EdDSASigR.ReadFrom(r); err != nil {
+			return
+		}
+
+		sig.EdDSASigS = new(encoding.MPI)
+		if _, err = sig.EdDSASigS.ReadFrom(r); err != nil {
+			return
+		}
+	default:
+		panic("unreachable")
+	}
+	return
+}
+
+// parseSignatureSubpackets parses subpackets of the main signature packet. See
+// RFC 4880, section 5.2.3.1.
+func parseSignatureSubpackets(sig *Signature, subpackets []byte, isHashed bool) (err error) {
+	for len(subpackets) > 0 {
+		subpackets, err = parseSignatureSubpacket(sig, subpackets, isHashed)
+		if err != nil {
+			return
+		}
+	}
+
+	if sig.CreationTime.IsZero() {
+		err = errors.StructuralError("no creation time in signature")
+	}
+
+	return
+}
+
+type signatureSubpacketType uint8
+
+const (
+	creationTimeSubpacket        signatureSubpacketType = 2
+	signatureExpirationSubpacket signatureSubpacketType = 3
+	keyExpirationSubpacket       signatureSubpacketType = 9
+	prefSymmetricAlgosSubpacket  signatureSubpacketType = 11
+	issuerSubpacket              signatureSubpacketType = 16
+	prefHashAlgosSubpacket       signatureSubpacketType = 21
+	prefCompressionSubpacket     signatureSubpacketType = 22
+	primaryUserIdSubpacket       signatureSubpacketType = 25
+	keyFlagsSubpacket            signatureSubpacketType = 27
+	reasonForRevocationSubpacket signatureSubpacketType = 29
+	featuresSubpacket            signatureSubpacketType = 30
+	embeddedSignatureSubpacket   signatureSubpacketType = 32
+	issuerFingerprintSubpacket   signatureSubpacketType = 33
+	prefAeadAlgosSubpacket       signatureSubpacketType = 34
+)
+
+// parseSignatureSubpacket parses a single subpacket. len(subpacket) is >= 1.
+func parseSignatureSubpacket(sig *Signature, subpacket []byte, isHashed bool) (rest []byte, err error) {
+	// RFC 4880, section 5.2.3.1
+	var (
+		length     uint32
+		packetType signatureSubpacketType
+		isCritical bool
+	)
+	switch {
+	case subpacket[0] < 192:
+		length = uint32(subpacket[0])
+		subpacket = subpacket[1:]
+	case subpacket[0] < 255:
+		if len(subpacket) < 2 {
+			goto Truncated
+		}
+		length = uint32(subpacket[0]-192)<<8 + uint32(subpacket[1]) + 192
+		subpacket = subpacket[2:]
+	default:
+		if len(subpacket) < 5 {
+			goto Truncated
+		}
+		length = uint32(subpacket[1])<<24 |
+			uint32(subpacket[2])<<16 |
+			uint32(subpacket[3])<<8 |
+			uint32(subpacket[4])
+		subpacket = subpacket[5:]
+	}
+	if length > uint32(len(subpacket)) {
+		goto Truncated
+	}
+	rest = subpacket[length:]
+	subpacket = subpacket[:length]
+	if len(subpacket) == 0 {
+		err = errors.StructuralError("zero length signature subpacket")
+		return
+	}
+	packetType = signatureSubpacketType(subpacket[0] & 0x7f)
+	isCritical = subpacket[0]&0x80 == 0x80
+	subpacket = subpacket[1:]
+	sig.rawSubpackets = append(sig.rawSubpackets, outputSubpacket{isHashed, packetType, isCritical, subpacket})
+	switch packetType {
+	case creationTimeSubpacket:
+		if !isHashed {
+			err = errors.StructuralError("signature creation time in non-hashed area")
+			return
+		}
+		if len(subpacket) != 4 {
+			err = errors.StructuralError("signature creation time not four bytes")
+			return
+		}
+		t := binary.BigEndian.Uint32(subpacket)
+		sig.CreationTime = time.Unix(int64(t), 0)
+	case signatureExpirationSubpacket:
+		// Signature expiration time, section 5.2.3.10
+		if !isHashed {
+			return
+		}
+		if len(subpacket) != 4 {
+			err = errors.StructuralError("expiration subpacket with bad length")
+			return
+		}
+		sig.SigLifetimeSecs = new(uint32)
+		*sig.SigLifetimeSecs = binary.BigEndian.Uint32(subpacket)
+	case keyExpirationSubpacket:
+		// Key expiration time, section 5.2.3.6
+		if !isHashed {
+			return
+		}
+		if len(subpacket) != 4 {
+			err = errors.StructuralError("key expiration subpacket with bad length")
+			return
+		}
+		sig.KeyLifetimeSecs = new(uint32)
+		*sig.KeyLifetimeSecs = binary.BigEndian.Uint32(subpacket)
+	case prefSymmetricAlgosSubpacket:
+		// Preferred symmetric algorithms, section 5.2.3.7
+		if !isHashed {
+			return
+		}
+		sig.PreferredSymmetric = make([]byte, len(subpacket))
+		copy(sig.PreferredSymmetric, subpacket)
+	case issuerSubpacket:
+		if sig.Version > 4 {
+			err = errors.StructuralError("issuer subpacket found in v5 key")
+		}
+		// Issuer, section 5.2.3.5
+		if len(subpacket) != 8 {
+			err = errors.StructuralError("issuer subpacket with bad length")
+			return
+		}
+		sig.IssuerKeyId = new(uint64)
+		*sig.IssuerKeyId = binary.BigEndian.Uint64(subpacket)
+	case prefHashAlgosSubpacket:
+		// Preferred hash algorithms, section 5.2.3.8
+		if !isHashed {
+			return
+		}
+		sig.PreferredHash = make([]byte, len(subpacket))
+		copy(sig.PreferredHash, subpacket)
+	case prefCompressionSubpacket:
+		// Preferred compression algorithms, section 5.2.3.9
+		if !isHashed {
+			return
+		}
+		sig.PreferredCompression = make([]byte, len(subpacket))
+		copy(sig.PreferredCompression, subpacket)
+	case primaryUserIdSubpacket:
+		// Primary User ID, section 5.2.3.19
+		if !isHashed {
+			return
+		}
+		if len(subpacket) != 1 {
+			err = errors.StructuralError("primary user id subpacket with bad length")
+			return
+		}
+		sig.IsPrimaryId = new(bool)
+		if subpacket[0] > 0 {
+			*sig.IsPrimaryId = true
+		}
+	case keyFlagsSubpacket:
+		// Key flags, section 5.2.3.21
+		if !isHashed {
+			return
+		}
+		if len(subpacket) == 0 {
+			err = errors.StructuralError("empty key flags subpacket")
+			return
+		}
+		sig.FlagsValid = true
+		if subpacket[0]&KeyFlagCertify != 0 {
+			sig.FlagCertify = true
+		}
+		if subpacket[0]&KeyFlagSign != 0 {
+			sig.FlagSign = true
+		}
+		if subpacket[0]&KeyFlagEncryptCommunications != 0 {
+			sig.FlagEncryptCommunications = true
+		}
+		if subpacket[0]&KeyFlagEncryptStorage != 0 {
+			sig.FlagEncryptStorage = true
+		}
+	case reasonForRevocationSubpacket:
+		// Reason For Revocation, section 5.2.3.23
+		if !isHashed {
+			return
+		}
+		if len(subpacket) == 0 {
+			err = errors.StructuralError("empty revocation reason subpacket")
+			return
+		}
+		sig.RevocationReason = new(uint8)
+		*sig.RevocationReason = subpacket[0]
+		sig.RevocationReasonText = string(subpacket[1:])
+	case featuresSubpacket:
+		// Features subpacket, section 5.2.3.24 specifies a very general
+		// mechanism for OpenPGP implementations to signal support for new
+		// features.
+		if !isHashed {
+			return
+		}
+		if len(subpacket) > 0 {
+			if subpacket[0]&0x01 != 0 {
+				sig.MDC = true
+			}
+			if subpacket[0]&0x02 != 0 {
+				sig.AEAD = true
+			}
+			if subpacket[0]&0x04 != 0 {
+				sig.V5Keys = true
+			}
+		}
+	case embeddedSignatureSubpacket:
+		// Only usage is in signatures that cross-certify
+		// signing subkeys. section 5.2.3.26 describes the
+		// format, with its usage described in section 11.1
+		if sig.EmbeddedSignature != nil {
+			err = errors.StructuralError("Cannot have multiple embedded signatures")
+			return
+		}
+		sig.EmbeddedSignature = new(Signature)
+		// Embedded signatures are required to be v4 signatures see
+		// section 12.1. However, we only parse v4 signatures in this
+		// file anyway.
+		if err := sig.EmbeddedSignature.parse(bytes.NewBuffer(subpacket)); err != nil {
+			return nil, err
+		}
+		if sigType := sig.EmbeddedSignature.SigType; sigType != SigTypePrimaryKeyBinding {
+			return nil, errors.StructuralError("cross-signature has unexpected type " + strconv.Itoa(int(sigType)))
+		}
+	case issuerFingerprintSubpacket:
+		v, l := subpacket[0], len(subpacket[1:])
+		if v == 5 && l != 32 || v != 5 && l != 20 {
+			return nil, errors.StructuralError("bad fingerprint length")
+		}
+		sig.IssuerFingerprint = make([]byte, l)
+		copy(sig.IssuerFingerprint, subpacket[1:])
+		sig.IssuerKeyId = new(uint64)
+		if v == 5 {
+			*sig.IssuerKeyId = binary.BigEndian.Uint64(subpacket[1:9])
+		} else {
+			*sig.IssuerKeyId = binary.BigEndian.Uint64(subpacket[13:21])
+		}
+	case prefAeadAlgosSubpacket:
+		// Preferred symmetric algorithms, section 5.2.3.8
+		if !isHashed {
+			return
+		}
+		sig.PreferredAEAD = make([]byte, len(subpacket))
+		copy(sig.PreferredAEAD, subpacket)
+	default:
+		if isCritical {
+			err = errors.UnsupportedError("unknown critical signature subpacket type " + strconv.Itoa(int(packetType)))
+			return
+		}
+	}
+	return
+
+Truncated:
+	err = errors.StructuralError("signature subpacket truncated")
+	return
+}
+
+// subpacketLengthLength returns the length, in bytes, of an encoded length value.
+func subpacketLengthLength(length int) int {
+	if length < 192 {
+		return 1
+	}
+	if length < 16320 {
+		return 2
+	}
+	return 5
+}
+
+func (sig *Signature) CheckKeyIdOrFingerprint(pk *PublicKey) bool {
+	if sig.IssuerFingerprint != nil && len(sig.IssuerFingerprint) >= 20 {
+		return bytes.Equal(sig.IssuerFingerprint, pk.Fingerprint)
+	}
+	return sig.IssuerKeyId != nil && *sig.IssuerKeyId == pk.KeyId
+}
+
+// serializeSubpacketLength marshals the given length into to.
+func serializeSubpacketLength(to []byte, length int) int {
+	// RFC 4880, Section 4.2.2.
+	if length < 192 {
+		to[0] = byte(length)
+		return 1
+	}
+	if length < 16320 {
+		length -= 192
+		to[0] = byte((length >> 8) + 192)
+		to[1] = byte(length)
+		return 2
+	}
+	to[0] = 255
+	to[1] = byte(length >> 24)
+	to[2] = byte(length >> 16)
+	to[3] = byte(length >> 8)
+	to[4] = byte(length)
+	return 5
+}
+
+// subpacketsLength returns the serialized length, in bytes, of the given
+// subpackets.
+func subpacketsLength(subpackets []outputSubpacket, hashed bool) (length int) {
+	for _, subpacket := range subpackets {
+		if subpacket.hashed == hashed {
+			length += subpacketLengthLength(len(subpacket.contents) + 1)
+			length += 1 // type byte
+			length += len(subpacket.contents)
+		}
+	}
+	return
+}
+
+// serializeSubpackets marshals the given subpackets into to.
+func serializeSubpackets(to []byte, subpackets []outputSubpacket, hashed bool) {
+	for _, subpacket := range subpackets {
+		if subpacket.hashed == hashed {
+			n := serializeSubpacketLength(to, len(subpacket.contents)+1)
+			to[n] = byte(subpacket.subpacketType)
+			to = to[1+n:]
+			n = copy(to, subpacket.contents)
+			to = to[n:]
+		}
+	}
+	return
+}
+
+// SigExpired returns whether sig is a signature that has expired or is created
+// in the future.
+func (sig *Signature) SigExpired(currentTime time.Time) bool {
+	if sig.CreationTime.After(currentTime) {
+		return true
+	}
+	if sig.SigLifetimeSecs == nil || *sig.SigLifetimeSecs == 0 {
+		return false
+	}
+	expiry := sig.CreationTime.Add(time.Duration(*sig.SigLifetimeSecs) * time.Second)
+	return currentTime.After(expiry)
+}
+
+// buildHashSuffix constructs the HashSuffix member of sig in preparation for signing.
+func (sig *Signature) buildHashSuffix(hashedSubpackets []byte) (err error) {
+	hash, ok := s2k.HashToHashId(sig.Hash)
+	if !ok {
+		sig.HashSuffix = nil
+		return errors.InvalidArgumentError("hash cannot be represented in OpenPGP: " + strconv.Itoa(int(sig.Hash)))
+	}
+
+	hashedFields := bytes.NewBuffer([]byte{
+		uint8(sig.Version),
+		uint8(sig.SigType),
+		uint8(sig.PubKeyAlgo),
+		uint8(hash),
+		uint8(len(hashedSubpackets) >> 8),
+		uint8(len(hashedSubpackets)),
+	})
+	hashedFields.Write(hashedSubpackets)
+
+	var l uint64 = uint64(6 + len(hashedSubpackets))
+	if sig.Version == 5 {
+		hashedFields.Write([]byte{0x05, 0xff})
+		hashedFields.Write([]byte{
+			uint8(l >> 56), uint8(l >> 48), uint8(l >> 40), uint8(l >> 32),
+			uint8(l >> 24), uint8(l >> 16), uint8(l >> 8), uint8(l),
+		})
+	} else {
+		hashedFields.Write([]byte{0x04, 0xff})
+		hashedFields.Write([]byte{
+			uint8(l >> 24), uint8(l >> 16), uint8(l >> 8), uint8(l),
+		})
+	}
+	sig.HashSuffix = make([]byte, hashedFields.Len())
+	copy(sig.HashSuffix, hashedFields.Bytes())
+	return
+}
+
+func (sig *Signature) signPrepareHash(h hash.Hash) (digest []byte, err error) {
+	hashedSubpacketsLen := subpacketsLength(sig.outSubpackets, true)
+	hashedSubpackets := make([]byte, hashedSubpacketsLen)
+	serializeSubpackets(hashedSubpackets, sig.outSubpackets, true)
+	err = sig.buildHashSuffix(hashedSubpackets)
+	if err != nil {
+		return
+	}
+	if sig.Version == 5 && (sig.SigType == 0x00 || sig.SigType == 0x01) {
+		sig.AddMetadataToHashSuffix()
+	}
+
+	h.Write(sig.HashSuffix)
+	digest = h.Sum(nil)
+	copy(sig.HashTag[:], digest)
+	return
+}
+
+// Sign signs a message with a private key. The hash, h, must contain
+// the hash of the message to be signed and will be mutated by this function.
+// On success, the signature is stored in sig. Call Serialize to write it out.
+// If config is nil, sensible defaults will be used.
+func (sig *Signature) Sign(h hash.Hash, priv *PrivateKey, config *Config) (err error) {
+	if priv.Dummy() {
+		return errors.ErrDummyPrivateKey("dummy key found")
+	}
+	sig.Version = priv.PublicKey.Version
+	sig.IssuerFingerprint = priv.PublicKey.Fingerprint
+	sig.outSubpackets, err = sig.buildSubpackets(priv.PublicKey)
+	if err != nil {
+		return err
+	}
+	digest, err := sig.signPrepareHash(h)
+	if err != nil {
+		return
+	}
+	switch priv.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
+		// supports both *rsa.PrivateKey and crypto.Signer
+		sigdata, err := priv.PrivateKey.(crypto.Signer).Sign(config.Random(), digest, sig.Hash)
+		if err == nil {
+			sig.RSASignature = encoding.NewMPI(sigdata)
+		}
+	case PubKeyAlgoDSA:
+		dsaPriv := priv.PrivateKey.(*dsa.PrivateKey)
+
+		// Need to truncate hashBytes to match FIPS 186-3 section 4.6.
+		subgroupSize := (dsaPriv.Q.BitLen() + 7) / 8
+		if len(digest) > subgroupSize {
+			digest = digest[:subgroupSize]
+		}
+		r, s, err := dsa.Sign(config.Random(), dsaPriv, digest)
+		if err == nil {
+			sig.DSASigR = new(encoding.MPI).SetBig(r)
+			sig.DSASigS = new(encoding.MPI).SetBig(s)
+		}
+	case PubKeyAlgoECDSA:
+		var r, s *big.Int
+		if pk, ok := priv.PrivateKey.(*ecdsa.PrivateKey); ok {
+			// direct support, avoid asn1 wrapping/unwrapping
+			r, s, err = ecdsa.Sign(config.Random(), pk, digest)
+		} else {
+			var b []byte
+			b, err = priv.PrivateKey.(crypto.Signer).Sign(config.Random(), digest, sig.Hash)
+			if err == nil {
+				r, s, err = unwrapECDSASig(b)
+			}
+		}
+		if err == nil {
+			sig.ECDSASigR = new(encoding.MPI).SetBig(r)
+			sig.ECDSASigS = new(encoding.MPI).SetBig(s)
+		}
+	case PubKeyAlgoEdDSA:
+		sigdata, err := priv.PrivateKey.(crypto.Signer).Sign(config.Random(), digest, crypto.Hash(0))
+		if err == nil {
+			sig.EdDSASigR = encoding.NewMPI(sigdata[:32])
+			sig.EdDSASigS = encoding.NewMPI(sigdata[32:])
+		}
+	default:
+		err = errors.UnsupportedError("public key algorithm: " + strconv.Itoa(int(sig.PubKeyAlgo)))
+	}
+
+	return
+}
+
+// unwrapECDSASig parses the two integer components of an ASN.1-encoded ECDSA
+// signature.
+func unwrapECDSASig(b []byte) (r, s *big.Int, err error) {
+	var ecsdaSig struct {
+		R, S *big.Int
+	}
+	_, err = asn1.Unmarshal(b, &ecsdaSig)
+	if err != nil {
+		return
+	}
+	return ecsdaSig.R, ecsdaSig.S, nil
+}
+
+// SignUserId computes a signature from priv, asserting that pub is a valid
+// key for the identity id.  On success, the signature is stored in sig. Call
+// Serialize to write it out.
+// If config is nil, sensible defaults will be used.
+func (sig *Signature) SignUserId(id string, pub *PublicKey, priv *PrivateKey, config *Config) error {
+	if priv.Dummy() {
+		return errors.ErrDummyPrivateKey("dummy key found")
+	}
+	h, err := userIdSignatureHash(id, pub, sig.Hash)
+	if err != nil {
+		return err
+	}
+	return sig.Sign(h, priv, config)
+}
+
+// CrossSignKey computes a signature from signingKey on pub hashed using hashKey. On success,
+// the signature is stored in sig. Call Serialize to write it out.
+// If config is nil, sensible defaults will be used.
+func (sig *Signature) CrossSignKey(pub *PublicKey, hashKey *PublicKey, signingKey *PrivateKey,
+	config *Config) error {
+	h, err := keySignatureHash(hashKey, pub, sig.Hash)
+	if err != nil {
+		return err
+	}
+	return sig.Sign(h, signingKey, config)
+}
+
+// SignKey computes a signature from priv, asserting that pub is a subkey. On
+// success, the signature is stored in sig. Call Serialize to write it out.
+// If config is nil, sensible defaults will be used.
+func (sig *Signature) SignKey(pub *PublicKey, priv *PrivateKey, config *Config) error {
+	if priv.Dummy() {
+		return errors.ErrDummyPrivateKey("dummy key found")
+	}
+	h, err := keySignatureHash(&priv.PublicKey, pub, sig.Hash)
+	if err != nil {
+		return err
+	}
+	return sig.Sign(h, priv, config)
+}
+
+// RevokeKey computes a revocation signature of pub using priv. On success, the signature is
+// stored in sig. Call Serialize to write it out.
+// If config is nil, sensible defaults will be used.
+func (sig *Signature) RevokeKey(pub *PublicKey, priv *PrivateKey, config *Config) error {
+	h, err := keyRevocationHash(pub, sig.Hash)
+	if err != nil {
+		return err
+	}
+	return sig.Sign(h, priv, config)
+}
+
+// Serialize marshals sig to w. Sign, SignUserId or SignKey must have been
+// called first.
+func (sig *Signature) Serialize(w io.Writer) (err error) {
+	if len(sig.outSubpackets) == 0 {
+		sig.outSubpackets = sig.rawSubpackets
+	}
+	if sig.RSASignature == nil && sig.DSASigR == nil && sig.ECDSASigR == nil && sig.EdDSASigR == nil {
+		return errors.InvalidArgumentError("Signature: need to call Sign, SignUserId or SignKey before Serialize")
+	}
+
+	sigLength := 0
+	switch sig.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
+		sigLength = int(sig.RSASignature.EncodedLength())
+	case PubKeyAlgoDSA:
+		sigLength = int(sig.DSASigR.EncodedLength())
+		sigLength += int(sig.DSASigS.EncodedLength())
+	case PubKeyAlgoECDSA:
+		sigLength = int(sig.ECDSASigR.EncodedLength())
+		sigLength += int(sig.ECDSASigS.EncodedLength())
+	case PubKeyAlgoEdDSA:
+		sigLength = int(sig.EdDSASigR.EncodedLength())
+		sigLength += int(sig.EdDSASigS.EncodedLength())
+	default:
+		panic("impossible")
+	}
+
+	unhashedSubpacketsLen := subpacketsLength(sig.outSubpackets, false)
+	length := len(sig.HashSuffix) - 6 /* trailer not included */ +
+		2 /* length of unhashed subpackets */ + unhashedSubpacketsLen +
+		2 /* hash tag */ + sigLength
+	if sig.Version == 5 {
+		length -= 4 // eight-octet instead of four-octet big endian
+	}
+	err = serializeHeader(w, packetTypeSignature, length)
+	if err != nil {
+		return
+	}
+	err = sig.serializeBody(w)
+	if err != nil {
+		return err
+	}
+	return
+}
+
+func (sig *Signature) serializeBody(w io.Writer) (err error) {
+	hashedSubpacketsLen := uint16(uint16(sig.HashSuffix[4])<<8) | uint16(sig.HashSuffix[5])
+	fields := sig.HashSuffix[:6+hashedSubpacketsLen]
+	_, err = w.Write(fields)
+	if err != nil {
+		return
+	}
+
+	unhashedSubpacketsLen := subpacketsLength(sig.outSubpackets, false)
+	unhashedSubpackets := make([]byte, 2+unhashedSubpacketsLen)
+	unhashedSubpackets[0] = byte(unhashedSubpacketsLen >> 8)
+	unhashedSubpackets[1] = byte(unhashedSubpacketsLen)
+	serializeSubpackets(unhashedSubpackets[2:], sig.outSubpackets, false)
+
+	_, err = w.Write(unhashedSubpackets)
+	if err != nil {
+		return
+	}
+	_, err = w.Write(sig.HashTag[:])
+	if err != nil {
+		return
+	}
+
+	switch sig.PubKeyAlgo {
+	case PubKeyAlgoRSA, PubKeyAlgoRSASignOnly:
+		_, err = w.Write(sig.RSASignature.EncodedBytes())
+	case PubKeyAlgoDSA:
+		if _, err = w.Write(sig.DSASigR.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(sig.DSASigS.EncodedBytes())
+	case PubKeyAlgoECDSA:
+		if _, err = w.Write(sig.ECDSASigR.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(sig.ECDSASigS.EncodedBytes())
+	case PubKeyAlgoEdDSA:
+		if _, err = w.Write(sig.EdDSASigR.EncodedBytes()); err != nil {
+			return
+		}
+		_, err = w.Write(sig.EdDSASigS.EncodedBytes())
+	default:
+		panic("impossible")
+	}
+	return
+}
+
+// outputSubpacket represents a subpacket to be marshaled.
+type outputSubpacket struct {
+	hashed        bool // true if this subpacket is in the hashed area.
+	subpacketType signatureSubpacketType
+	isCritical    bool
+	contents      []byte
+}
+
+func (sig *Signature) buildSubpackets(issuer PublicKey) (subpackets []outputSubpacket, err error) {
+	creationTime := make([]byte, 4)
+	binary.BigEndian.PutUint32(creationTime, uint32(sig.CreationTime.Unix()))
+	subpackets = append(subpackets, outputSubpacket{true, creationTimeSubpacket, false, creationTime})
+
+	if sig.IssuerKeyId != nil && sig.Version == 4 {
+		keyId := make([]byte, 8)
+		binary.BigEndian.PutUint64(keyId, *sig.IssuerKeyId)
+		subpackets = append(subpackets, outputSubpacket{true, issuerSubpacket, true, keyId})
+	}
+	if sig.IssuerFingerprint != nil {
+		contents := append([]uint8{uint8(issuer.Version)}, sig.IssuerFingerprint...)
+		subpackets = append(subpackets, outputSubpacket{true, issuerFingerprintSubpacket, true, contents})
+	}
+	if sig.SigLifetimeSecs != nil && *sig.SigLifetimeSecs != 0 {
+		sigLifetime := make([]byte, 4)
+		binary.BigEndian.PutUint32(sigLifetime, *sig.SigLifetimeSecs)
+		subpackets = append(subpackets, outputSubpacket{true, signatureExpirationSubpacket, true, sigLifetime})
+	}
+
+	// Key flags may only appear in self-signatures or certification signatures.
+
+	if sig.FlagsValid {
+		var flags byte
+		if sig.FlagCertify {
+			flags |= KeyFlagCertify
+		}
+		if sig.FlagSign {
+			flags |= KeyFlagSign
+		}
+		if sig.FlagEncryptCommunications {
+			flags |= KeyFlagEncryptCommunications
+		}
+		if sig.FlagEncryptStorage {
+			flags |= KeyFlagEncryptStorage
+		}
+		subpackets = append(subpackets, outputSubpacket{true, keyFlagsSubpacket, false, []byte{flags}})
+	}
+
+	// The following subpackets may only appear in self-signatures.
+
+	var features = byte(0x00)
+	if sig.MDC {
+		features |= 0x01
+	}
+	if sig.AEAD {
+		features |= 0x02
+	}
+	if sig.V5Keys {
+		features |= 0x04
+	}
+
+	if features != 0x00 {
+		subpackets = append(subpackets, outputSubpacket{true, featuresSubpacket, false, []byte{features}})
+	}
+
+	if sig.KeyLifetimeSecs != nil && *sig.KeyLifetimeSecs != 0 {
+		keyLifetime := make([]byte, 4)
+		binary.BigEndian.PutUint32(keyLifetime, *sig.KeyLifetimeSecs)
+		subpackets = append(subpackets, outputSubpacket{true, keyExpirationSubpacket, true, keyLifetime})
+	}
+
+	if sig.IsPrimaryId != nil && *sig.IsPrimaryId {
+		subpackets = append(subpackets, outputSubpacket{true, primaryUserIdSubpacket, false, []byte{1}})
+	}
+
+	if len(sig.PreferredSymmetric) > 0 {
+		subpackets = append(subpackets, outputSubpacket{true, prefSymmetricAlgosSubpacket, false, sig.PreferredSymmetric})
+	}
+
+	if len(sig.PreferredHash) > 0 {
+		subpackets = append(subpackets, outputSubpacket{true, prefHashAlgosSubpacket, false, sig.PreferredHash})
+	}
+
+	if len(sig.PreferredCompression) > 0 {
+		subpackets = append(subpackets, outputSubpacket{true, prefCompressionSubpacket, false, sig.PreferredCompression})
+	}
+
+	if len(sig.PreferredAEAD) > 0 {
+		subpackets = append(subpackets, outputSubpacket{true, prefAeadAlgosSubpacket, false, sig.PreferredAEAD})
+	}
+
+	// Revocation reason appears only in revocation signatures and is serialized as per section 5.2.3.23.
+	if sig.RevocationReason != nil {
+		subpackets = append(subpackets, outputSubpacket{true, reasonForRevocationSubpacket, true,
+			append([]uint8{*sig.RevocationReason}, []uint8(sig.RevocationReasonText)...)})
+	}
+
+	// EmbeddedSignature appears only in subkeys capable of signing and is serialized as per section 5.2.3.26.
+	if sig.EmbeddedSignature != nil {
+		var buf bytes.Buffer
+		err = sig.EmbeddedSignature.serializeBody(&buf)
+		if err != nil {
+			return
+		}
+		subpackets = append(subpackets, outputSubpacket{true, embeddedSignatureSubpacket, true, buf.Bytes()})
+	}
+
+	return
+}
+
+// AddMetadataToHashSuffix modifies the current hash suffix to include metadata
+// (format, filename, and time). Version 5 keys protect this data including it
+// in the hash computation. See section 5.2.4.
+func (sig *Signature) AddMetadataToHashSuffix() {
+	if sig == nil || sig.Version != 5 {
+		return
+	}
+	if sig.SigType != 0x00 && sig.SigType != 0x01 {
+		return
+	}
+	lit := sig.Metadata
+	if lit == nil {
+		// This will translate into six 0x00 bytes.
+		lit = &LiteralData{}
+	}
+
+	// Extract the current byte count
+	n := sig.HashSuffix[len(sig.HashSuffix)-8:]
+	l := uint64(
+		uint64(n[0])<<56 | uint64(n[1])<<48 | uint64(n[2])<<40 | uint64(n[3])<<32 |
+		uint64(n[4])<<24 | uint64(n[5])<<16 | uint64(n[6])<<8  | uint64(n[7]))
+
+	suffix := bytes.NewBuffer(nil)
+	suffix.Write(sig.HashSuffix[:l])
+
+	// Add the metadata
+	var buf [4]byte
+	buf[0] = lit.Format
+	fileName := lit.FileName
+	if len(lit.FileName) > 255 {
+		fileName = fileName[:255]
+	}
+	buf[1] = byte(len(fileName))
+	suffix.Write(buf[:2])
+	suffix.Write([]byte(lit.FileName))
+	binary.BigEndian.PutUint32(buf[:], lit.Time)
+	suffix.Write(buf[:])
+
+	// Update the counter and restore trailing bytes
+	l = uint64(suffix.Len())
+	suffix.Write([]byte{0x05, 0xff})
+	suffix.Write([]byte{
+		uint8(l >> 56), uint8(l >> 48), uint8(l >> 40), uint8(l >> 32),
+		uint8(l >> 24), uint8(l >> 16), uint8(l >> 8), uint8(l),
+	})
+	sig.HashSuffix = suffix.Bytes()
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetric_key_encrypted.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetric_key_encrypted.go
new file mode 100644
index 0000000000..0e9f51d51b
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetric_key_encrypted.go
@@ -0,0 +1,267 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"bytes"
+	"crypto/cipher"
+	"io"
+	"strconv"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/s2k"
+)
+
+// This is the largest session key that we'll support. Since no 512-bit cipher
+// has even been seriously used, this is comfortably large.
+const maxSessionKeySizeInBytes = 64
+
+// SymmetricKeyEncrypted represents a passphrase protected session key. See RFC
+// 4880, section 5.3.
+type SymmetricKeyEncrypted struct {
+	Version      int
+	CipherFunc   CipherFunction
+	Mode         AEADMode
+	s2k          func(out, in []byte)
+	aeadNonce    []byte
+	encryptedKey []byte
+}
+
+func (ske *SymmetricKeyEncrypted) parse(r io.Reader) error {
+	// RFC 4880, section 5.3.
+	var buf [2]byte
+	if _, err := readFull(r, buf[:]); err != nil {
+		return err
+	}
+	ske.Version = int(buf[0])
+	if ske.Version != 4 && ske.Version != 5 {
+		return errors.UnsupportedError("unknown SymmetricKeyEncrypted version")
+	}
+	ske.CipherFunc = CipherFunction(buf[1])
+	if ske.CipherFunc.KeySize() == 0 {
+		return errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(buf[1])))
+	}
+
+	if ske.Version == 5 {
+		mode := make([]byte, 1)
+		if _, err := r.Read(mode); err != nil {
+			return errors.StructuralError("cannot read AEAD octect from packet")
+		}
+		ske.Mode = AEADMode(mode[0])
+	}
+
+	var err error
+	if ske.s2k, err = s2k.Parse(r); err != nil {
+		if _, ok := err.(errors.ErrDummyPrivateKey); ok {
+			return errors.UnsupportedError("missing key GNU extension in session key")
+		}
+		return err
+	}
+
+	if ske.Version == 5 {
+		// AEAD nonce
+		nonce := make([]byte, ske.Mode.NonceLength())
+		_, err := readFull(r, nonce)
+		if err != nil && err != io.ErrUnexpectedEOF {
+			return err
+		}
+		ske.aeadNonce = nonce
+	}
+
+	encryptedKey := make([]byte, maxSessionKeySizeInBytes)
+	// The session key may follow. We just have to try and read to find
+	// out. If it exists then we limit it to maxSessionKeySizeInBytes.
+	n, err := readFull(r, encryptedKey)
+	if err != nil && err != io.ErrUnexpectedEOF {
+		return err
+	}
+
+	if n != 0 {
+		if n == maxSessionKeySizeInBytes {
+			return errors.UnsupportedError("oversized encrypted session key")
+		}
+		ske.encryptedKey = encryptedKey[:n]
+	}
+	return nil
+}
+
+// Decrypt attempts to decrypt an encrypted session key and returns the key and
+// the cipher to use when decrypting a subsequent Symmetrically Encrypted Data
+// packet.
+func (ske *SymmetricKeyEncrypted) Decrypt(passphrase []byte) ([]byte, CipherFunction, error) {
+	key := make([]byte, ske.CipherFunc.KeySize())
+	ske.s2k(key, passphrase)
+	if len(ske.encryptedKey) == 0 {
+		return key, ske.CipherFunc, nil
+	}
+	switch ske.Version {
+	case 4:
+		plaintextKey, cipherFunc, err := ske.decryptV4(key)
+		return plaintextKey, cipherFunc, err
+	case 5:
+		plaintextKey, err := ske.decryptV5(key)
+		return plaintextKey, CipherFunction(0), err
+	}
+	err := errors.UnsupportedError("unknown SymmetricKeyEncrypted version")
+	return nil, CipherFunction(0), err
+}
+
+func (ske *SymmetricKeyEncrypted) decryptV4(key []byte) ([]byte, CipherFunction, error) {
+	// the IV is all zeros
+	iv := make([]byte, ske.CipherFunc.blockSize())
+	c := cipher.NewCFBDecrypter(ske.CipherFunc.new(key), iv)
+	plaintextKey := make([]byte, len(ske.encryptedKey))
+	c.XORKeyStream(plaintextKey, ske.encryptedKey)
+	cipherFunc := CipherFunction(plaintextKey[0])
+	if cipherFunc.blockSize() == 0 {
+		return nil, ske.CipherFunc, errors.UnsupportedError(
+			"unknown cipher: " + strconv.Itoa(int(cipherFunc)))
+	}
+	plaintextKey = plaintextKey[1:]
+	if len(plaintextKey) != cipherFunc.KeySize() {
+		return nil, cipherFunc, errors.StructuralError(
+			"length of decrypted key not equal to cipher keysize")
+	}
+	return plaintextKey, cipherFunc, nil
+}
+
+func (ske *SymmetricKeyEncrypted) decryptV5(key []byte) ([]byte, error) {
+	blockCipher := CipherFunction(ske.CipherFunc).new(key)
+	aead := ske.Mode.new(blockCipher)
+
+	adata := []byte{0xc3, byte(5), byte(ske.CipherFunc), byte(ske.Mode)}
+	plaintextKey, err := aead.Open(nil, ske.aeadNonce, ske.encryptedKey, adata)
+	if err != nil {
+		return nil, err
+	}
+	return plaintextKey, nil
+}
+
+// SerializeSymmetricKeyEncrypted serializes a symmetric key packet to w.
+// The packet contains a random session key, encrypted by a key derived from
+// the given passphrase. The session key is returned and must be passed to
+// SerializeSymmetricallyEncrypted or SerializeAEADEncrypted, depending on
+// whether config.AEADConfig != nil.
+// If config is nil, sensible defaults will be used.
+func SerializeSymmetricKeyEncrypted(w io.Writer, passphrase []byte, config *Config) (key []byte, err error) {
+	cipherFunc := config.Cipher()
+	keySize := cipherFunc.KeySize()
+	if keySize == 0 {
+		return nil, errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(cipherFunc)))
+	}
+
+	sessionKey := make([]byte, keySize)
+	_, err = io.ReadFull(config.Random(), sessionKey)
+	if err != nil {
+		return
+	}
+
+	err = SerializeSymmetricKeyEncryptedReuseKey(w, sessionKey, passphrase, config)
+	if err != nil {
+		return
+	}
+
+	key = sessionKey
+	return
+}
+
+// SerializeSymmetricKeyEncryptedReuseKey serializes a symmetric key packet to w.
+// The packet contains the given session key, encrypted by a key derived from
+// the given passphrase. The session key must be passed to
+// SerializeSymmetricallyEncrypted or SerializeAEADEncrypted, depending on
+// whether config.AEADConfig != nil.
+// If config is nil, sensible defaults will be used.
+func SerializeSymmetricKeyEncryptedReuseKey(w io.Writer, sessionKey []byte, passphrase []byte, config *Config) (err error) {
+	var version int
+	if config.AEAD() != nil {
+		version = 5
+	} else {
+		version = 4
+	}
+	cipherFunc := config.Cipher()
+	keySize := cipherFunc.KeySize()
+	if keySize == 0 {
+		return errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(cipherFunc)))
+	}
+
+	s2kBuf := new(bytes.Buffer)
+	keyEncryptingKey := make([]byte, keySize)
+	// s2k.Serialize salts and stretches the passphrase, and writes the
+	// resulting key to keyEncryptingKey and the s2k descriptor to s2kBuf.
+	err = s2k.Serialize(s2kBuf, keyEncryptingKey, config.Random(), passphrase, &s2k.Config{Hash: config.Hash(), S2KCount: config.PasswordHashIterations()})
+	if err != nil {
+		return
+	}
+	s2kBytes := s2kBuf.Bytes()
+
+	var packetLength int
+	switch version {
+	case 4:
+		packetLength = 2 /* header */ + len(s2kBytes) + 1 /* cipher type */ + keySize
+	case 5:
+		nonceLen := config.AEAD().Mode().NonceLength()
+		tagLen := config.AEAD().Mode().TagLength()
+		packetLength = 3 + len(s2kBytes) + nonceLen + keySize + tagLen
+	}
+	err = serializeHeader(w, packetTypeSymmetricKeyEncrypted, packetLength)
+	if err != nil {
+		return
+	}
+
+	buf := make([]byte, 2)
+	// Symmetric Key Encrypted Version
+	buf[0] = byte(version)
+	// Cipher function
+	buf[1] = byte(cipherFunc)
+
+	if version == 5 {
+		// AEAD mode
+		buf = append(buf, byte(config.AEAD().Mode()))
+	}
+	_, err = w.Write(buf)
+	if err != nil {
+		return
+	}
+	_, err = w.Write(s2kBytes)
+	if err != nil {
+		return
+	}
+
+	switch version {
+	case 4:
+		iv := make([]byte, cipherFunc.blockSize())
+		c := cipher.NewCFBEncrypter(cipherFunc.new(keyEncryptingKey), iv)
+		encryptedCipherAndKey := make([]byte, keySize+1)
+		c.XORKeyStream(encryptedCipherAndKey, buf[1:])
+		c.XORKeyStream(encryptedCipherAndKey[1:], sessionKey)
+		_, err = w.Write(encryptedCipherAndKey)
+		if err != nil {
+			return
+		}
+	case 5:
+		blockCipher := cipherFunc.new(keyEncryptingKey)
+		mode := config.AEAD().Mode()
+		aead := mode.new(blockCipher)
+		// Sample nonce using random reader
+		nonce := make([]byte, config.AEAD().Mode().NonceLength())
+		_, err = io.ReadFull(config.Random(), nonce)
+		if err != nil {
+			return
+		}
+		// Seal and write (encryptedData includes auth. tag)
+		adata := []byte{0xc3, byte(5), byte(cipherFunc), byte(mode)}
+		encryptedData := aead.Seal(nil, nonce, sessionKey, adata)
+		_, err = w.Write(nonce)
+		if err != nil {
+			return
+		}
+		_, err = w.Write(encryptedData)
+		if err != nil {
+			return
+		}
+	}
+
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted.go
new file mode 100644
index 0000000000..8b84de177f
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/symmetrically_encrypted.go
@@ -0,0 +1,290 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"crypto/cipher"
+	"crypto/sha1"
+	"crypto/subtle"
+	"hash"
+	"io"
+	"strconv"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+)
+
+// SymmetricallyEncrypted represents a symmetrically encrypted byte string. The
+// encrypted Contents will consist of more OpenPGP packets. See RFC 4880,
+// sections 5.7 and 5.13.
+type SymmetricallyEncrypted struct {
+	MDC      bool // true iff this is a type 18 packet and thus has an embedded MAC.
+	Contents io.Reader
+	prefix   []byte
+}
+
+const symmetricallyEncryptedVersion = 1
+
+func (se *SymmetricallyEncrypted) parse(r io.Reader) error {
+	if se.MDC {
+		// See RFC 4880, section 5.13.
+		var buf [1]byte
+		_, err := readFull(r, buf[:])
+		if err != nil {
+			return err
+		}
+		if buf[0] != symmetricallyEncryptedVersion {
+			return errors.UnsupportedError("unknown SymmetricallyEncrypted version")
+		}
+	}
+	se.Contents = r
+	return nil
+}
+
+// Decrypt returns a ReadCloser, from which the decrypted Contents of the
+// packet can be read. An incorrect key will only be detected after trying
+// to decrypt the entire data.
+func (se *SymmetricallyEncrypted) Decrypt(c CipherFunction, key []byte) (io.ReadCloser, error) {
+	keySize := c.KeySize()
+	if keySize == 0 {
+		return nil, errors.UnsupportedError("unknown cipher: " + strconv.Itoa(int(c)))
+	}
+	if len(key) != keySize {
+		return nil, errors.InvalidArgumentError("SymmetricallyEncrypted: incorrect key length")
+	}
+
+	if se.prefix == nil {
+		se.prefix = make([]byte, c.blockSize()+2)
+		_, err := readFull(se.Contents, se.prefix)
+		if err != nil {
+			return nil, err
+		}
+	} else if len(se.prefix) != c.blockSize()+2 {
+		return nil, errors.InvalidArgumentError("can't try ciphers with different block lengths")
+	}
+
+	ocfbResync := OCFBResync
+	if se.MDC {
+		// MDC packets use a different form of OCFB mode.
+		ocfbResync = OCFBNoResync
+	}
+
+	s := NewOCFBDecrypter(c.new(key), se.prefix, ocfbResync)
+
+	plaintext := cipher.StreamReader{S: s, R: se.Contents}
+
+	if se.MDC {
+		// MDC packets have an embedded hash that we need to check.
+		h := sha1.New()
+		h.Write(se.prefix)
+		return &seMDCReader{in: plaintext, h: h}, nil
+	}
+
+	// Otherwise, we just need to wrap plaintext so that it's a valid ReadCloser.
+	return seReader{plaintext}, nil
+}
+
+// seReader wraps an io.Reader with a no-op Close method.
+type seReader struct {
+	in io.Reader
+}
+
+func (ser seReader) Read(buf []byte) (int, error) {
+	return ser.in.Read(buf)
+}
+
+func (ser seReader) Close() error {
+	return nil
+}
+
+const mdcTrailerSize = 1 /* tag byte */ + 1 /* length byte */ + sha1.Size
+
+// An seMDCReader wraps an io.Reader, maintains a running hash and keeps hold
+// of the most recent 22 bytes (mdcTrailerSize). Upon EOF, those bytes form an
+// MDC packet containing a hash of the previous Contents which is checked
+// against the running hash. See RFC 4880, section 5.13.
+type seMDCReader struct {
+	in          io.Reader
+	h           hash.Hash
+	trailer     [mdcTrailerSize]byte
+	scratch     [mdcTrailerSize]byte
+	trailerUsed int
+	error       bool
+	eof         bool
+}
+
+func (ser *seMDCReader) Read(buf []byte) (n int, err error) {
+	if ser.error {
+		err = io.ErrUnexpectedEOF
+		return
+	}
+	if ser.eof {
+		err = io.EOF
+		return
+	}
+
+	// If we haven't yet filled the trailer buffer then we must do that
+	// first.
+	for ser.trailerUsed < mdcTrailerSize {
+		n, err = ser.in.Read(ser.trailer[ser.trailerUsed:])
+		ser.trailerUsed += n
+		if err == io.EOF {
+			if ser.trailerUsed != mdcTrailerSize {
+				n = 0
+				err = io.ErrUnexpectedEOF
+				ser.error = true
+				return
+			}
+			ser.eof = true
+			n = 0
+			return
+		}
+
+		if err != nil {
+			n = 0
+			return
+		}
+	}
+
+	// If it's a short read then we read into a temporary buffer and shift
+	// the data into the caller's buffer.
+	if len(buf) <= mdcTrailerSize {
+		n, err = readFull(ser.in, ser.scratch[:len(buf)])
+		copy(buf, ser.trailer[:n])
+		ser.h.Write(buf[:n])
+		copy(ser.trailer[:], ser.trailer[n:])
+		copy(ser.trailer[mdcTrailerSize-n:], ser.scratch[:])
+		if n < len(buf) {
+			ser.eof = true
+			err = io.EOF
+		}
+		return
+	}
+
+	n, err = ser.in.Read(buf[mdcTrailerSize:])
+	copy(buf, ser.trailer[:])
+	ser.h.Write(buf[:n])
+	copy(ser.trailer[:], buf[n:])
+
+	if err == io.EOF {
+		ser.eof = true
+	}
+	return
+}
+
+// This is a new-format packet tag byte for a type 19 (MDC) packet.
+const mdcPacketTagByte = byte(0x80) | 0x40 | 19
+
+func (ser *seMDCReader) Close() error {
+	if ser.error {
+		return errors.ErrMDCMissing
+	}
+
+	for !ser.eof {
+		// We haven't seen EOF so we need to read to the end
+		var buf [1024]byte
+		_, err := ser.Read(buf[:])
+		if err == io.EOF {
+			break
+		}
+		if err != nil {
+			return errors.ErrMDCMissing
+		}
+	}
+
+	ser.h.Write(ser.trailer[:2])
+
+	final := ser.h.Sum(nil)
+	if subtle.ConstantTimeCompare(final, ser.trailer[2:]) != 1 {
+		return errors.ErrMDCHashMismatch
+	}
+	// The hash already includes the MDC header, but we still check its value
+	// to confirm encryption correctness
+	if ser.trailer[0] != mdcPacketTagByte || ser.trailer[1] != sha1.Size {
+		return errors.ErrMDCMissing
+	}
+	return nil
+}
+
+// An seMDCWriter writes through to an io.WriteCloser while maintains a running
+// hash of the data written. On close, it emits an MDC packet containing the
+// running hash.
+type seMDCWriter struct {
+	w io.WriteCloser
+	h hash.Hash
+}
+
+func (w *seMDCWriter) Write(buf []byte) (n int, err error) {
+	w.h.Write(buf)
+	return w.w.Write(buf)
+}
+
+func (w *seMDCWriter) Close() (err error) {
+	var buf [mdcTrailerSize]byte
+
+	buf[0] = mdcPacketTagByte
+	buf[1] = sha1.Size
+	w.h.Write(buf[:2])
+	digest := w.h.Sum(nil)
+	copy(buf[2:], digest)
+
+	_, err = w.w.Write(buf[:])
+	if err != nil {
+		return
+	}
+	return w.w.Close()
+}
+
+// noOpCloser is like an ioutil.NopCloser, but for an io.Writer.
+type noOpCloser struct {
+	w io.Writer
+}
+
+func (c noOpCloser) Write(data []byte) (n int, err error) {
+	return c.w.Write(data)
+}
+
+func (c noOpCloser) Close() error {
+	return nil
+}
+
+// SerializeSymmetricallyEncrypted serializes a symmetrically encrypted packet
+// to w and returns a WriteCloser to which the to-be-encrypted packets can be
+// written.
+// If config is nil, sensible defaults will be used.
+func SerializeSymmetricallyEncrypted(w io.Writer, c CipherFunction, key []byte, config *Config) (Contents io.WriteCloser, err error) {
+	if c.KeySize() != len(key) {
+		return nil, errors.InvalidArgumentError("SymmetricallyEncrypted.Serialize: bad key length")
+	}
+	writeCloser := noOpCloser{w}
+	ciphertext, err := serializeStreamHeader(writeCloser, packetTypeSymmetricallyEncryptedMDC)
+	if err != nil {
+		return
+	}
+
+	_, err = ciphertext.Write([]byte{symmetricallyEncryptedVersion})
+	if err != nil {
+		return
+	}
+
+	block := c.new(key)
+	blockSize := block.BlockSize()
+	iv := make([]byte, blockSize)
+	_, err = config.Random().Read(iv)
+	if err != nil {
+		return
+	}
+	s, prefix := NewOCFBEncrypter(block, iv, OCFBNoResync)
+	_, err = ciphertext.Write(prefix)
+	if err != nil {
+		return
+	}
+	plaintext := cipher.StreamWriter{S: s, W: ciphertext}
+
+	h := sha1.New()
+	h.Write(iv)
+	h.Write(iv[blockSize-2:])
+	Contents = &seMDCWriter{w: plaintext, h: h}
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go
new file mode 100644
index 0000000000..0f760ade2c
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userattribute.go
@@ -0,0 +1,94 @@
+// Copyright 2013 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"bytes"
+	"image"
+	"image/jpeg"
+	"io"
+	"io/ioutil"
+)
+
+const UserAttrImageSubpacket = 1
+
+// UserAttribute is capable of storing other types of data about a user
+// beyond name, email and a text comment. In practice, user attributes are typically used
+// to store a signed thumbnail photo JPEG image of the user.
+// See RFC 4880, section 5.12.
+type UserAttribute struct {
+	Contents []*OpaqueSubpacket
+}
+
+// NewUserAttributePhoto creates a user attribute packet
+// containing the given images.
+func NewUserAttributePhoto(photos ...image.Image) (uat *UserAttribute, err error) {
+	uat = new(UserAttribute)
+	for _, photo := range photos {
+		var buf bytes.Buffer
+		// RFC 4880, Section 5.12.1.
+		data := []byte{
+			0x10, 0x00, // Little-endian image header length (16 bytes)
+			0x01,       // Image header version 1
+			0x01,       // JPEG
+			0, 0, 0, 0, // 12 reserved octets, must be all zero.
+			0, 0, 0, 0,
+			0, 0, 0, 0}
+		if _, err = buf.Write(data); err != nil {
+			return
+		}
+		if err = jpeg.Encode(&buf, photo, nil); err != nil {
+			return
+		}
+		uat.Contents = append(uat.Contents, &OpaqueSubpacket{
+			SubType:  UserAttrImageSubpacket,
+			Contents: buf.Bytes()})
+	}
+	return
+}
+
+// NewUserAttribute creates a new user attribute packet containing the given subpackets.
+func NewUserAttribute(contents ...*OpaqueSubpacket) *UserAttribute {
+	return &UserAttribute{Contents: contents}
+}
+
+func (uat *UserAttribute) parse(r io.Reader) (err error) {
+	// RFC 4880, section 5.13
+	b, err := ioutil.ReadAll(r)
+	if err != nil {
+		return
+	}
+	uat.Contents, err = OpaqueSubpackets(b)
+	return
+}
+
+// Serialize marshals the user attribute to w in the form of an OpenPGP packet, including
+// header.
+func (uat *UserAttribute) Serialize(w io.Writer) (err error) {
+	var buf bytes.Buffer
+	for _, sp := range uat.Contents {
+		err = sp.Serialize(&buf)
+		if err != nil {
+			return err
+		}
+	}
+	if err = serializeHeader(w, packetTypeUserAttribute, buf.Len()); err != nil {
+		return err
+	}
+	_, err = w.Write(buf.Bytes())
+	return
+}
+
+// ImageData returns zero or more byte slices, each containing
+// JPEG File Interchange Format (JFIF), for each photo in the
+// user attribute packet.
+func (uat *UserAttribute) ImageData() (imageData [][]byte) {
+	for _, sp := range uat.Contents {
+		if sp.SubType == UserAttrImageSubpacket && len(sp.Contents) > 16 {
+			imageData = append(imageData, sp.Contents[16:])
+		}
+	}
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userid.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userid.go
new file mode 100644
index 0000000000..d6bea7d4ac
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/packet/userid.go
@@ -0,0 +1,160 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package packet
+
+import (
+	"io"
+	"io/ioutil"
+	"strings"
+)
+
+// UserId contains text that is intended to represent the name and email
+// address of the key holder. See RFC 4880, section 5.11. By convention, this
+// takes the form "Full Name (Comment) <email@example.com>"
+type UserId struct {
+	Id string // By convention, this takes the form "Full Name (Comment) <email@example.com>" which is split out in the fields below.
+
+	Name, Comment, Email string
+}
+
+func hasInvalidCharacters(s string) bool {
+	for _, c := range s {
+		switch c {
+		case '(', ')', '<', '>', 0:
+			return true
+		}
+	}
+	return false
+}
+
+// NewUserId returns a UserId or nil if any of the arguments contain invalid
+// characters. The invalid characters are '\x00', '(', ')', '<' and '>'
+func NewUserId(name, comment, email string) *UserId {
+	// RFC 4880 doesn't deal with the structure of userid strings; the
+	// name, comment and email form is just a convention. However, there's
+	// no convention about escaping the metacharacters and GPG just refuses
+	// to create user ids where, say, the name contains a '('. We mirror
+	// this behaviour.
+
+	if hasInvalidCharacters(name) || hasInvalidCharacters(comment) || hasInvalidCharacters(email) {
+		return nil
+	}
+
+	uid := new(UserId)
+	uid.Name, uid.Comment, uid.Email = name, comment, email
+	uid.Id = name
+	if len(comment) > 0 {
+		if len(uid.Id) > 0 {
+			uid.Id += " "
+		}
+		uid.Id += "("
+		uid.Id += comment
+		uid.Id += ")"
+	}
+	if len(email) > 0 {
+		if len(uid.Id) > 0 {
+			uid.Id += " "
+		}
+		uid.Id += "<"
+		uid.Id += email
+		uid.Id += ">"
+	}
+	return uid
+}
+
+func (uid *UserId) parse(r io.Reader) (err error) {
+	// RFC 4880, section 5.11
+	b, err := ioutil.ReadAll(r)
+	if err != nil {
+		return
+	}
+	uid.Id = string(b)
+	uid.Name, uid.Comment, uid.Email = parseUserId(uid.Id)
+	return
+}
+
+// Serialize marshals uid to w in the form of an OpenPGP packet, including
+// header.
+func (uid *UserId) Serialize(w io.Writer) error {
+	err := serializeHeader(w, packetTypeUserId, len(uid.Id))
+	if err != nil {
+		return err
+	}
+	_, err = w.Write([]byte(uid.Id))
+	return err
+}
+
+// parseUserId extracts the name, comment and email from a user id string that
+// is formatted as "Full Name (Comment) <email@example.com>".
+func parseUserId(id string) (name, comment, email string) {
+	var n, c, e struct {
+		start, end int
+	}
+	var state int
+
+	for offset, rune := range id {
+		switch state {
+		case 0:
+			// Entering name
+			n.start = offset
+			state = 1
+			fallthrough
+		case 1:
+			// In name
+			if rune == '(' {
+				state = 2
+				n.end = offset
+			} else if rune == '<' {
+				state = 5
+				n.end = offset
+			}
+		case 2:
+			// Entering comment
+			c.start = offset
+			state = 3
+			fallthrough
+		case 3:
+			// In comment
+			if rune == ')' {
+				state = 4
+				c.end = offset
+			}
+		case 4:
+			// Between comment and email
+			if rune == '<' {
+				state = 5
+			}
+		case 5:
+			// Entering email
+			e.start = offset
+			state = 6
+			fallthrough
+		case 6:
+			// In email
+			if rune == '>' {
+				state = 7
+				e.end = offset
+			}
+		default:
+			// After email
+		}
+	}
+	switch state {
+	case 1:
+		// ended in the name
+		n.end = len(id)
+	case 3:
+		// ended in comment
+		c.end = len(id)
+	case 6:
+		// ended in email
+		e.end = len(id)
+	}
+
+	name = strings.TrimSpace(id[n.start:n.end])
+	comment = strings.TrimSpace(id[c.start:c.end])
+	email = strings.TrimSpace(id[e.start:e.end])
+	return
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/read.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/read.go
new file mode 100644
index 0000000000..a649ebbab3
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/read.go
@@ -0,0 +1,508 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package openpgp implements high level operations on OpenPGP messages.
+package openpgp // import "github.com/ProtonMail/go-crypto/openpgp"
+
+import (
+	"crypto"
+	_ "crypto/sha256"
+	"hash"
+	"io"
+	"strconv"
+
+	"github.com/ProtonMail/go-crypto/openpgp/armor"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/packet"
+)
+
+// SignatureType is the armor type for a PGP signature.
+var SignatureType = "PGP SIGNATURE"
+
+// readArmored reads an armored block with the given type.
+func readArmored(r io.Reader, expectedType string) (body io.Reader, err error) {
+	block, err := armor.Decode(r)
+	if err != nil {
+		return
+	}
+
+	if block.Type != expectedType {
+		return nil, errors.InvalidArgumentError("expected '" + expectedType + "', got: " + block.Type)
+	}
+
+	return block.Body, nil
+}
+
+// MessageDetails contains the result of parsing an OpenPGP encrypted and/or
+// signed message.
+type MessageDetails struct {
+	IsEncrypted              bool                // true if the message was encrypted.
+	EncryptedToKeyIds        []uint64            // the list of recipient key ids.
+	IsSymmetricallyEncrypted bool                // true if a passphrase could have decrypted the message.
+	DecryptedWith            Key                 // the private key used to decrypt the message, if any.
+	IsSigned                 bool                // true if the message is signed.
+	SignedByKeyId            uint64              // the key id of the signer, if any.
+	SignedBy                 *Key                // the key of the signer, if available.
+	LiteralData              *packet.LiteralData // the metadata of the contents
+	UnverifiedBody           io.Reader           // the contents of the message.
+
+	// If IsSigned is true and SignedBy is non-zero then the signature will
+	// be verified as UnverifiedBody is read. The signature cannot be
+	// checked until the whole of UnverifiedBody is read so UnverifiedBody
+	// must be consumed until EOF before the data can be trusted. Even if a
+	// message isn't signed (or the signer is unknown) the data may contain
+	// an authentication code that is only checked once UnverifiedBody has
+	// been consumed. Once EOF has been seen, the following fields are
+	// valid. (An authentication code failure is reported as a
+	// SignatureError error when reading from UnverifiedBody.)
+	Signature            *packet.Signature   // the signature packet itself.
+	SignatureError       error               // nil if the signature is good.
+	UnverifiedSignatures []*packet.Signature // all other unverified signature packets.
+
+	decrypted io.ReadCloser
+}
+
+// A PromptFunction is used as a callback by functions that may need to decrypt
+// a private key, or prompt for a passphrase. It is called with a list of
+// acceptable, encrypted private keys and a boolean that indicates whether a
+// passphrase is usable. It should either decrypt a private key or return a
+// passphrase to try. If the decrypted private key or given passphrase isn't
+// correct, the function will be called again, forever. Any error returned will
+// be passed up.
+type PromptFunction func(keys []Key, symmetric bool) ([]byte, error)
+
+// A keyEnvelopePair is used to store a private key with the envelope that
+// contains a symmetric key, encrypted with that key.
+type keyEnvelopePair struct {
+	key          Key
+	encryptedKey *packet.EncryptedKey
+}
+
+// ReadMessage parses an OpenPGP message that may be signed and/or encrypted.
+// The given KeyRing should contain both public keys (for signature
+// verification) and, possibly encrypted, private keys for decrypting.
+// If config is nil, sensible defaults will be used.
+func ReadMessage(r io.Reader, keyring KeyRing, prompt PromptFunction, config *packet.Config) (md *MessageDetails, err error) {
+	var p packet.Packet
+
+	var symKeys []*packet.SymmetricKeyEncrypted
+	var pubKeys []keyEnvelopePair
+	// Integrity protected encrypted packet: SymmetricallyEncrypted or AEADEncrypted
+	var edp packet.EncryptedDataPacket
+
+	packets := packet.NewReader(r)
+	md = new(MessageDetails)
+	md.IsEncrypted = true
+
+	// The message, if encrypted, starts with a number of packets
+	// containing an encrypted decryption key. The decryption key is either
+	// encrypted to a public key, or with a passphrase. This loop
+	// collects these packets.
+ParsePackets:
+	for {
+		p, err = packets.Next()
+		if err != nil {
+			return nil, err
+		}
+		switch p := p.(type) {
+		case *packet.SymmetricKeyEncrypted:
+			// This packet contains the decryption key encrypted with a passphrase.
+			md.IsSymmetricallyEncrypted = true
+			symKeys = append(symKeys, p)
+		case *packet.EncryptedKey:
+			// This packet contains the decryption key encrypted to a public key.
+			md.EncryptedToKeyIds = append(md.EncryptedToKeyIds, p.KeyId)
+			switch p.Algo {
+			case packet.PubKeyAlgoRSA, packet.PubKeyAlgoRSAEncryptOnly, packet.PubKeyAlgoElGamal, packet.PubKeyAlgoECDH:
+				break
+			default:
+				continue
+			}
+			var keys []Key
+			if p.KeyId == 0 {
+				keys = keyring.DecryptionKeys()
+			} else {
+				keys = keyring.KeysById(p.KeyId)
+			}
+			for _, k := range keys {
+				pubKeys = append(pubKeys, keyEnvelopePair{k, p})
+			}
+		case *packet.SymmetricallyEncrypted, *packet.AEADEncrypted:
+			edp = p.(packet.EncryptedDataPacket)
+			break ParsePackets
+		case *packet.Compressed, *packet.LiteralData, *packet.OnePassSignature:
+			// This message isn't encrypted.
+			if len(symKeys) != 0 || len(pubKeys) != 0 {
+				return nil, errors.StructuralError("key material not followed by encrypted message")
+			}
+			packets.Unread(p)
+			return readSignedMessage(packets, nil, keyring, config)
+		}
+	}
+
+	var candidates []Key
+	var decrypted io.ReadCloser
+
+	// Now that we have the list of encrypted keys we need to decrypt at
+	// least one of them or, if we cannot, we need to call the prompt
+	// function so that it can decrypt a key or give us a passphrase.
+FindKey:
+	for {
+		// See if any of the keys already have a private key available
+		candidates = candidates[:0]
+		candidateFingerprints := make(map[string]bool)
+
+		for _, pk := range pubKeys {
+			if pk.key.PrivateKey == nil {
+				continue
+			}
+			if !pk.key.PrivateKey.Encrypted {
+				if len(pk.encryptedKey.Key) == 0 {
+					errDec := pk.encryptedKey.Decrypt(pk.key.PrivateKey, config)
+					if errDec != nil {
+						continue
+					}
+				}
+				// Try to decrypt symmetrically encrypted
+				decrypted, err = edp.Decrypt(pk.encryptedKey.CipherFunc, pk.encryptedKey.Key)
+				if err != nil && err != errors.ErrKeyIncorrect {
+					return nil, err
+				}
+				if decrypted != nil {
+					md.DecryptedWith = pk.key
+					break FindKey
+				}
+			} else {
+				fpr := string(pk.key.PublicKey.Fingerprint[:])
+				if v := candidateFingerprints[fpr]; v {
+					continue
+				}
+				candidates = append(candidates, pk.key)
+				candidateFingerprints[fpr] = true
+			}
+		}
+
+		if len(candidates) == 0 && len(symKeys) == 0 {
+			return nil, errors.ErrKeyIncorrect
+		}
+
+		if prompt == nil {
+			return nil, errors.ErrKeyIncorrect
+		}
+
+		passphrase, err := prompt(candidates, len(symKeys) != 0)
+		if err != nil {
+			return nil, err
+		}
+
+		// Try the symmetric passphrase first
+		if len(symKeys) != 0 && passphrase != nil {
+			for _, s := range symKeys {
+				key, cipherFunc, err := s.Decrypt(passphrase)
+				// On wrong passphrase, session key decryption is very likely to result in an invalid cipherFunc:
+				// only for < 5% of cases we will proceed to decrypt the data
+				if err == nil {
+					decrypted, err = edp.Decrypt(cipherFunc, key)
+					// TODO: ErrKeyIncorrect is no longer thrown on SEIP decryption,
+					// but it might still be relevant for when we implement AEAD decryption (otherwise, remove?)
+					if err != nil && err != errors.ErrKeyIncorrect {
+						return nil, err
+					}
+					if decrypted != nil {
+						break FindKey
+					}
+				}
+			}
+		}
+	}
+
+	md.decrypted = decrypted
+	if err := packets.Push(decrypted); err != nil {
+		return nil, err
+	}
+	mdFinal, sensitiveParsingErr := readSignedMessage(packets, md, keyring, config)
+	if sensitiveParsingErr != nil {
+		return nil, errors.StructuralError("parsing error")
+	}
+	return mdFinal, nil
+}
+
+// readSignedMessage reads a possibly signed message if mdin is non-zero then
+// that structure is updated and returned. Otherwise a fresh MessageDetails is
+// used.
+func readSignedMessage(packets *packet.Reader, mdin *MessageDetails, keyring KeyRing, config *packet.Config) (md *MessageDetails, err error) {
+	if mdin == nil {
+		mdin = new(MessageDetails)
+	}
+	md = mdin
+
+	var p packet.Packet
+	var h hash.Hash
+	var wrappedHash hash.Hash
+	var prevLast bool
+FindLiteralData:
+	for {
+		p, err = packets.Next()
+		if err != nil {
+			return nil, err
+		}
+		switch p := p.(type) {
+		case *packet.Compressed:
+			if err := packets.Push(p.Body); err != nil {
+				return nil, err
+			}
+		case *packet.OnePassSignature:
+			if prevLast {
+				return nil, errors.UnsupportedError("nested signature packets")
+			}
+
+			if p.IsLast {
+				prevLast = true
+			}
+
+			h, wrappedHash, err = hashForSignature(p.Hash, p.SigType)
+			if err != nil {
+				md.SignatureError = err
+			}
+
+			md.IsSigned = true
+			md.SignedByKeyId = p.KeyId
+			keys := keyring.KeysByIdUsage(p.KeyId, packet.KeyFlagSign)
+			if len(keys) > 0 {
+				md.SignedBy = &keys[0]
+			}
+		case *packet.LiteralData:
+			md.LiteralData = p
+			break FindLiteralData
+		}
+	}
+
+	if md.IsSigned && md.SignatureError == nil {
+		md.UnverifiedBody = &signatureCheckReader{packets, h, wrappedHash, md, config}
+	} else if md.decrypted != nil {
+		md.UnverifiedBody = checkReader{md}
+	} else {
+		md.UnverifiedBody = md.LiteralData.Body
+	}
+
+	return md, nil
+}
+
+// hashForSignature returns a pair of hashes that can be used to verify a
+// signature. The signature may specify that the contents of the signed message
+// should be preprocessed (i.e. to normalize line endings). Thus this function
+// returns two hashes. The second should be used to hash the message itself and
+// performs any needed preprocessing.
+func hashForSignature(hashId crypto.Hash, sigType packet.SignatureType) (hash.Hash, hash.Hash, error) {
+	if hashId == crypto.MD5 {
+		return nil, nil, errors.UnsupportedError("insecure hash algorithm: MD5")
+	}
+	if !hashId.Available() {
+		return nil, nil, errors.UnsupportedError("hash not available: " + strconv.Itoa(int(hashId)))
+	}
+	h := hashId.New()
+
+	switch sigType {
+	case packet.SigTypeBinary:
+		return h, h, nil
+	case packet.SigTypeText:
+		return h, NewCanonicalTextHash(h), nil
+	}
+
+	return nil, nil, errors.UnsupportedError("unsupported signature type: " + strconv.Itoa(int(sigType)))
+}
+
+// checkReader wraps an io.Reader from a LiteralData packet. When it sees EOF
+// it closes the ReadCloser from any SymmetricallyEncrypted packet to trigger
+// MDC checks.
+type checkReader struct {
+	md *MessageDetails
+}
+
+func (cr checkReader) Read(buf []byte) (int, error) {
+	n, sensitiveParsingError := cr.md.LiteralData.Body.Read(buf)
+	if sensitiveParsingError == io.EOF {
+		mdcErr := cr.md.decrypted.Close()
+		if mdcErr != nil {
+			return n, mdcErr
+		}
+		return n, io.EOF
+	}
+
+	if sensitiveParsingError != nil {
+		return n, errors.StructuralError("parsing error")
+	}
+
+	return n, nil
+}
+
+// signatureCheckReader wraps an io.Reader from a LiteralData packet and hashes
+// the data as it is read. When it sees an EOF from the underlying io.Reader
+// it parses and checks a trailing Signature packet and triggers any MDC checks.
+type signatureCheckReader struct {
+	packets        *packet.Reader
+	h, wrappedHash hash.Hash
+	md             *MessageDetails
+	config         *packet.Config
+}
+
+func (scr *signatureCheckReader) Read(buf []byte) (int, error) {
+	n, sensitiveParsingError := scr.md.LiteralData.Body.Read(buf)
+
+	// Hash only if required
+	if scr.md.SignedBy != nil {
+		scr.wrappedHash.Write(buf[:n])
+	}
+
+	if sensitiveParsingError == io.EOF {
+		var p packet.Packet
+		var readError error
+		var sig *packet.Signature
+
+		p, readError = scr.packets.Next()
+		for readError == nil {
+			var ok bool
+			if sig, ok = p.(*packet.Signature); ok {
+				if sig.Version == 5 && (sig.SigType == 0x00 || sig.SigType == 0x01) {
+					sig.Metadata = scr.md.LiteralData
+				}
+
+				// If signature KeyID matches
+				if scr.md.SignedBy != nil && *sig.IssuerKeyId == scr.md.SignedByKeyId {
+					scr.md.Signature = sig
+					scr.md.SignatureError = scr.md.SignedBy.PublicKey.VerifySignature(scr.h, scr.md.Signature)
+					if scr.md.SignatureError == nil && scr.md.Signature.SigExpired(scr.config.Now()) {
+						scr.md.SignatureError = errors.ErrSignatureExpired
+					}
+				} else {
+					scr.md.UnverifiedSignatures = append(scr.md.UnverifiedSignatures, sig)
+				}
+			}
+
+			p, readError = scr.packets.Next()
+		}
+
+		if scr.md.SignedBy != nil && scr.md.Signature == nil {
+			if scr.md.UnverifiedSignatures == nil {
+				scr.md.SignatureError = errors.StructuralError("LiteralData not followed by signature")
+			} else {
+				scr.md.SignatureError = errors.StructuralError("No matching signature found")
+			}
+		}
+
+		// The SymmetricallyEncrypted packet, if any, might have an
+		// unsigned hash of its own. In order to check this we need to
+		// close that Reader.
+		if scr.md.decrypted != nil {
+			mdcErr := scr.md.decrypted.Close()
+			if mdcErr != nil {
+				return n, mdcErr
+			}
+		}
+		return n, io.EOF
+	}
+
+	if sensitiveParsingError != nil {
+		return n, errors.StructuralError("parsing error")
+	}
+
+	return n, nil
+}
+
+// CheckDetachedSignature takes a signed file and a detached signature and
+// returns the signer if the signature is valid. If the signer isn't known,
+// ErrUnknownIssuer is returned.
+func CheckDetachedSignature(keyring KeyRing, signed, signature io.Reader, config *packet.Config) (signer *Entity, err error) {
+	var expectedHashes []crypto.Hash
+	return CheckDetachedSignatureAndHash(keyring, signed, signature, expectedHashes, config)
+}
+
+// CheckDetachedSignatureAndHash performs the same actions as
+// CheckDetachedSignature and checks that the expected hash functions were used.
+func CheckDetachedSignatureAndHash(keyring KeyRing, signed, signature io.Reader, expectedHashes []crypto.Hash, config *packet.Config) (signer *Entity, err error) {
+	var issuerKeyId uint64
+	var hashFunc crypto.Hash
+	var sigType packet.SignatureType
+	var keys []Key
+	var p packet.Packet
+
+	expectedHashesLen := len(expectedHashes)
+	packets := packet.NewReader(signature)
+	var sig *packet.Signature
+	for {
+		p, err = packets.Next()
+		if err == io.EOF {
+			return nil, errors.ErrUnknownIssuer
+		}
+		if err != nil {
+			return nil, err
+		}
+
+		var ok bool
+		sig, ok = p.(*packet.Signature)
+		if !ok {
+			return nil, errors.StructuralError("non signature packet found")
+		}
+		if sig.IssuerKeyId == nil {
+			return nil, errors.StructuralError("signature doesn't have an issuer")
+		}
+		issuerKeyId = *sig.IssuerKeyId
+		hashFunc = sig.Hash
+		sigType = sig.SigType
+
+		for i, expectedHash := range expectedHashes {
+			if hashFunc == expectedHash {
+				break
+			}
+			if i+1 == expectedHashesLen {
+				return nil, errors.StructuralError("hash algorithm mismatch with cleartext message headers")
+			}
+		}
+
+		keys = keyring.KeysByIdUsage(issuerKeyId, packet.KeyFlagSign)
+		if len(keys) > 0 {
+			break
+		}
+	}
+
+	if len(keys) == 0 {
+		panic("unreachable")
+	}
+
+	h, wrappedHash, err := hashForSignature(hashFunc, sigType)
+	if err != nil {
+		return nil, err
+	}
+
+	if _, err := io.Copy(wrappedHash, signed); err != nil && err != io.EOF {
+		return nil, err
+	}
+
+	for _, key := range keys {
+		err = key.PublicKey.VerifySignature(h, sig)
+		if err == nil {
+			now := config.Now()
+			if sig.SigExpired(now) {
+				return key.Entity, errors.ErrSignatureExpired
+			}
+			if key.PublicKey.KeyExpired(key.SelfSignature, now) {
+				return key.Entity, errors.ErrKeyExpired
+			}
+			return key.Entity, nil
+		}
+	}
+
+	return nil, err
+}
+
+// CheckArmoredDetachedSignature performs the same actions as
+// CheckDetachedSignature but expects the signature to be armored.
+func CheckArmoredDetachedSignature(keyring KeyRing, signed, signature io.Reader, config *packet.Config) (signer *Entity, err error) {
+	body, err := readArmored(signature, SignatureType)
+	if err != nil {
+		return
+	}
+
+	return CheckDetachedSignature(keyring, signed, body, config)
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/read_write_test_data.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/read_write_test_data.go
new file mode 100644
index 0000000000..8caed36e3e
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/read_write_test_data.go
@@ -0,0 +1,173 @@
+package openpgp
+
+const testKey1KeyId = 0xA34D7E18C20C31BB
+const testKey3KeyId = 0x338934250CCC0360
+const testKeyP256KeyId = 0xd44a2c495918513e
+
+const signedInput = "Signed message\nline 2\nline 3\n"
+const signedTextInput = "Signed message\r\nline 2\r\nline 3\r\n"
+
+const recipientUnspecifiedHex = "848c0300000000000000000103ff62d4d578d03cf40c3da998dfe216c074fa6ddec5e31c197c9666ba292830d91d18716a80f699f9d897389a90e6d62d0238f5f07a5248073c0f24920e4bc4a30c2d17ee4e0cae7c3d4aaa4e8dced50e3010a80ee692175fa0385f62ecca4b56ee6e9980aa3ec51b61b077096ac9e800edaf161268593eedb6cc7027ff5cb32745d250010d407a6221ae22ef18469b444f2822478c4d190b24d36371a95cb40087cdd42d9399c3d06a53c0673349bfb607927f20d1e122bde1e2bf3aa6cae6edf489629bcaa0689539ae3b718914d88ededc3b"
+
+const detachedSignatureHex = "889c04000102000605024d449cd1000a0910a34d7e18c20c31bb167603ff57718d09f28a519fdc7b5a68b6a3336da04df85e38c5cd5d5bd2092fa4629848a33d85b1729402a2aab39c3ac19f9d573f773cc62c264dc924c067a79dfd8a863ae06c7c8686120760749f5fd9b1e03a64d20a7df3446ddc8f0aeadeaeba7cbaee5c1e366d65b6a0c6cc749bcb912d2f15013f812795c2e29eb7f7b77f39ce77"
+
+const detachedSignatureTextHex = "889c04010102000605024d449d21000a0910a34d7e18c20c31bbc8c60400a24fbef7342603a41cb1165767bd18985d015fb72fe05db42db36cfb2f1d455967f1e491194fbf6cf88146222b23bf6ffbd50d17598d976a0417d3192ff9cc0034fd00f287b02e90418bbefe609484b09231e4e7a5f3562e199bf39909ab5276c4d37382fe088f6b5c3426fc1052865da8b3ab158672d58b6264b10823dc4b39"
+
+const detachedSignatureDSAHex = "884604001102000605024d6c4eac000a0910338934250ccc0360f18d00a087d743d6405ed7b87755476629600b8b694a39e900a0abff8126f46faf1547c1743c37b21b4ea15b8f83"
+
+const detachedSignatureP256Hex = "885e0400130a0006050256e5bb00000a0910d44a2c495918513edef001009841a4f792beb0befccb35c8838a6a87d9b936beaa86db6745ddc7b045eee0cf00fd1ac1f78306b17e965935dd3f8bae4587a76587e4af231efe19cc4011a8434817"
+
+// The plaintext is https://www.gutenberg.org/cache/epub/1080/pg1080.txt
+const modestProposalSha512 = "lbbrB1+WP3T9AaC9OQqBdOcCjgeEQadlulXsNPgVx0tyqPzDHwUugZ2gE7V0ESKAw6kAVfgkcuvfgxAAGaeHtw=="
+
+const testKeys1And2Hex = "988d044d3c5c10010400b1d13382944bd5aba23a4312968b5095d14f947f600eb478e14a6fcb16b0e0cac764884909c020bc495cfcc39a935387c661507bdb236a0612fb582cac3af9b29cc2c8c70090616c41b662f4da4c1201e195472eb7f4ae1ccbcbf9940fe21d985e379a5563dde5b9a23d35f1cfaa5790da3b79db26f23695107bfaca8e7b5bcd0011010001b41054657374204b6579203120285253412988b804130102002205024d3c5c10021b03060b090807030206150802090a0b0416020301021e01021780000a0910a34d7e18c20c31bbb5b304009cc45fe610b641a2c146331be94dade0a396e73ca725e1b25c21708d9cab46ecca5ccebc23055879df8f99eea39b377962a400f2ebdc36a7c99c333d74aeba346315137c3ff9d0a09b0273299090343048afb8107cf94cbd1400e3026f0ccac7ecebbc4d78588eb3e478fe2754d3ca664bcf3eac96ca4a6b0c8d7df5102f60f6b0020003b88d044d3c5c10010400b201df61d67487301f11879d514f4248ade90c8f68c7af1284c161098de4c28c2850f1ec7b8e30f959793e571542ffc6532189409cb51c3d30dad78c4ad5165eda18b20d9826d8707d0f742e2ab492103a85bbd9ddf4f5720f6de7064feb0d39ee002219765bb07bcfb8b877f47abe270ddeda4f676108cecb6b9bb2ad484a4f0011010001889f04180102000905024d3c5c10021b0c000a0910a34d7e18c20c31bb1a03040085c8d62e16d05dc4e9dad64953c8a2eed8b6c12f92b1575eeaa6dcf7be9473dd5b24b37b6dffbb4e7c99ed1bd3cb11634be19b3e6e207bed7505c7ca111ccf47cb323bf1f8851eb6360e8034cbff8dd149993c959de89f8f77f38e7e98b8e3076323aa719328e2b408db5ec0d03936efd57422ba04f925cdc7b4c1af7590e40ab0020003988d044d3c5c33010400b488c3e5f83f4d561f317817538d9d0397981e9aef1321ca68ebfae1cf8b7d388e19f4b5a24a82e2fbbf1c6c26557a6c5845307a03d815756f564ac7325b02bc83e87d5480a8fae848f07cb891f2d51ce7df83dcafdc12324517c86d472cc0ee10d47a68fd1d9ae49a6c19bbd36d82af597a0d88cc9c49de9df4e696fc1f0b5d0011010001b42754657374204b6579203220285253412c20656e637279707465642070726976617465206b65792988b804130102002205024d3c5c33021b03060b090807030206150802090a0b0416020301021e01021780000a0910d4984f961e35246b98940400908a73b6a6169f700434f076c6c79015a49bee37130eaf23aaa3cfa9ce60bfe4acaa7bc95f1146ada5867e0079babb38804891f4f0b8ebca57a86b249dee786161a755b7a342e68ccf3f78ed6440a93a6626beb9a37aa66afcd4f888790cb4bb46d94a4ae3eb3d7d3e6b00f6bfec940303e89ec5b32a1eaaacce66497d539328b0020003b88d044d3c5c33010400a4e913f9442abcc7f1804ccab27d2f787ffa592077ca935a8bb23165bd8d57576acac647cc596b2c3f814518cc8c82953c7a4478f32e0cf645630a5ba38d9618ef2bc3add69d459ae3dece5cab778938d988239f8c5ae437807075e06c828019959c644ff05ef6a5a1dab72227c98e3a040b0cf219026640698d7a13d8538a570011010001889f04180102000905024d3c5c33021b0c000a0910d4984f961e35246b26c703ff7ee29ef53bc1ae1ead533c408fa136db508434e233d6e62be621e031e5940bbd4c08142aed0f82217e7c3e1ec8de574bc06ccf3c36633be41ad78a9eacd209f861cae7b064100758545cc9dd83db71806dc1cfd5fb9ae5c7474bba0c19c44034ae61bae5eca379383339dece94ff56ff7aa44a582f3e5c38f45763af577c0934b0020003"
+
+const testKeys1And2PrivateHex = "9501d8044d3c5c10010400b1d13382944bd5aba23a4312968b5095d14f947f600eb478e14a6fcb16b0e0cac764884909c020bc495cfcc39a935387c661507bdb236a0612fb582cac3af9b29cc2c8c70090616c41b662f4da4c1201e195472eb7f4ae1ccbcbf9940fe21d985e379a5563dde5b9a23d35f1cfaa5790da3b79db26f23695107bfaca8e7b5bcd00110100010003ff4d91393b9a8e3430b14d6209df42f98dc927425b881f1209f319220841273a802a97c7bdb8b3a7740b3ab5866c4d1d308ad0d3a79bd1e883aacf1ac92dfe720285d10d08752a7efe3c609b1d00f17f2805b217be53999a7da7e493bfc3e9618fd17018991b8128aea70a05dbce30e4fbe626aa45775fa255dd9177aabf4df7cf0200c1ded12566e4bc2bb590455e5becfb2e2c9796482270a943343a7835de41080582c2be3caf5981aa838140e97afa40ad652a0b544f83eb1833b0957dce26e47b0200eacd6046741e9ce2ec5beb6fb5e6335457844fb09477f83b050a96be7da043e17f3a9523567ed40e7a521f818813a8b8a72209f1442844843ccc7eb9805442570200bdafe0438d97ac36e773c7162028d65844c4d463e2420aa2228c6e50dc2743c3d6c72d0d782a5173fe7be2169c8a9f4ef8a7cf3e37165e8c61b89c346cdc6c1799d2b41054657374204b6579203120285253412988b804130102002205024d3c5c10021b03060b090807030206150802090a0b0416020301021e01021780000a0910a34d7e18c20c31bbb5b304009cc45fe610b641a2c146331be94dade0a396e73ca725e1b25c21708d9cab46ecca5ccebc23055879df8f99eea39b377962a400f2ebdc36a7c99c333d74aeba346315137c3ff9d0a09b0273299090343048afb8107cf94cbd1400e3026f0ccac7ecebbc4d78588eb3e478fe2754d3ca664bcf3eac96ca4a6b0c8d7df5102f60f6b00200009d01d8044d3c5c10010400b201df61d67487301f11879d514f4248ade90c8f68c7af1284c161098de4c28c2850f1ec7b8e30f959793e571542ffc6532189409cb51c3d30dad78c4ad5165eda18b20d9826d8707d0f742e2ab492103a85bbd9ddf4f5720f6de7064feb0d39ee002219765bb07bcfb8b877f47abe270ddeda4f676108cecb6b9bb2ad484a4f00110100010003fd17a7490c22a79c59281fb7b20f5e6553ec0c1637ae382e8adaea295f50241037f8997cf42c1ce26417e015091451b15424b2c59eb8d4161b0975630408e394d3b00f88d4b4e18e2cc85e8251d4753a27c639c83f5ad4a571c4f19d7cd460b9b73c25ade730c99df09637bd173d8e3e981ac64432078263bb6dc30d3e974150dd0200d0ee05be3d4604d2146fb0457f31ba17c057560785aa804e8ca5530a7cd81d3440d0f4ba6851efcfd3954b7e68908fc0ba47f7ac37bf559c6c168b70d3a7c8cd0200da1c677c4bce06a068070f2b3733b0a714e88d62aa3f9a26c6f5216d48d5c2b5624144f3807c0df30be66b3268eeeca4df1fbded58faf49fc95dc3c35f134f8b01fd1396b6c0fc1b6c4f0eb8f5e44b8eace1e6073e20d0b8bc5385f86f1cf3f050f66af789f3ef1fc107b7f4421e19e0349c730c68f0a226981f4e889054fdb4dc149e8e889f04180102000905024d3c5c10021b0c000a0910a34d7e18c20c31bb1a03040085c8d62e16d05dc4e9dad64953c8a2eed8b6c12f92b1575eeaa6dcf7be9473dd5b24b37b6dffbb4e7c99ed1bd3cb11634be19b3e6e207bed7505c7ca111ccf47cb323bf1f8851eb6360e8034cbff8dd149993c959de89f8f77f38e7e98b8e3076323aa719328e2b408db5ec0d03936efd57422ba04f925cdc7b4c1af7590e40ab00200009501fe044d3c5c33010400b488c3e5f83f4d561f317817538d9d0397981e9aef1321ca68ebfae1cf8b7d388e19f4b5a24a82e2fbbf1c6c26557a6c5845307a03d815756f564ac7325b02bc83e87d5480a8fae848f07cb891f2d51ce7df83dcafdc12324517c86d472cc0ee10d47a68fd1d9ae49a6c19bbd36d82af597a0d88cc9c49de9df4e696fc1f0b5d0011010001fe030302e9030f3c783e14856063f16938530e148bc57a7aa3f3e4f90df9dceccdc779bc0835e1ad3d006e4a8d7b36d08b8e0de5a0d947254ecfbd22037e6572b426bcfdc517796b224b0036ff90bc574b5509bede85512f2eefb520fb4b02aa523ba739bff424a6fe81c5041f253f8d757e69a503d3563a104d0d49e9e890b9d0c26f96b55b743883b472caa7050c4acfd4a21f875bdf1258d88bd61224d303dc9df77f743137d51e6d5246b88c406780528fd9a3e15bab5452e5b93970d9dcc79f48b38651b9f15bfbcf6da452837e9cc70683d1bdca94507870f743e4ad902005812488dd342f836e72869afd00ce1850eea4cfa53ce10e3608e13d3c149394ee3cbd0e23d018fcbcb6e2ec5a1a22972d1d462ca05355d0d290dd2751e550d5efb38c6c89686344df64852bf4ff86638708f644e8ec6bd4af9b50d8541cb91891a431326ab2e332faa7ae86cfb6e0540aa63160c1e5cdd5a4add518b303fff0a20117c6bc77f7cfbaf36b04c865c6c2b42754657374204b6579203220285253412c20656e637279707465642070726976617465206b65792988b804130102002205024d3c5c33021b03060b090807030206150802090a0b0416020301021e01021780000a0910d4984f961e35246b98940400908a73b6a6169f700434f076c6c79015a49bee37130eaf23aaa3cfa9ce60bfe4acaa7bc95f1146ada5867e0079babb38804891f4f0b8ebca57a86b249dee786161a755b7a342e68ccf3f78ed6440a93a6626beb9a37aa66afcd4f888790cb4bb46d94a4ae3eb3d7d3e6b00f6bfec940303e89ec5b32a1eaaacce66497d539328b00200009d01fe044d3c5c33010400a4e913f9442abcc7f1804ccab27d2f787ffa592077ca935a8bb23165bd8d57576acac647cc596b2c3f814518cc8c82953c7a4478f32e0cf645630a5ba38d9618ef2bc3add69d459ae3dece5cab778938d988239f8c5ae437807075e06c828019959c644ff05ef6a5a1dab72227c98e3a040b0cf219026640698d7a13d8538a570011010001fe030302e9030f3c783e148560f936097339ae381d63116efcf802ff8b1c9360767db5219cc987375702a4123fd8657d3e22700f23f95020d1b261eda5257e9a72f9a918e8ef22dd5b3323ae03bbc1923dd224db988cadc16acc04b120a9f8b7e84da9716c53e0334d7b66586ddb9014df604b41be1e960dcfcbc96f4ed150a1a0dd070b9eb14276b9b6be413a769a75b519a53d3ecc0c220e85cd91ca354d57e7344517e64b43b6e29823cbd87eae26e2b2e78e6dedfbb76e3e9f77bcb844f9a8932eb3db2c3f9e44316e6f5d60e9e2a56e46b72abe6b06dc9a31cc63f10023d1f5e12d2a3ee93b675c96f504af0001220991c88db759e231b3320dcedf814dcf723fd9857e3d72d66a0f2af26950b915abdf56c1596f46a325bf17ad4810d3535fb02a259b247ac3dbd4cc3ecf9c51b6c07cebb009c1506fba0a89321ec8683e3fd009a6e551d50243e2d5092fefb3321083a4bad91320dc624bd6b5dddf93553e3d53924c05bfebec1fb4bd47e89a1a889f04180102000905024d3c5c33021b0c000a0910d4984f961e35246b26c703ff7ee29ef53bc1ae1ead533c408fa136db508434e233d6e62be621e031e5940bbd4c08142aed0f82217e7c3e1ec8de574bc06ccf3c36633be41ad78a9eacd209f861cae7b064100758545cc9dd83db71806dc1cfd5fb9ae5c7474bba0c19c44034ae61bae5eca379383339dece94ff56ff7aa44a582f3e5c38f45763af577c0934b0020000"
+
+const dsaElGamalTestKeysHex = "9501e1044dfcb16a110400aa3e5c1a1f43dd28c2ffae8abf5cfce555ee874134d8ba0a0f7b868ce2214beddc74e5e1e21ded354a95d18acdaf69e5e342371a71fbb9093162e0c5f3427de413a7f2c157d83f5cd2f9d791256dc4f6f0e13f13c3302af27f2384075ab3021dff7a050e14854bbde0a1094174855fc02f0bae8e00a340d94a1f22b32e48485700a0cec672ac21258fb95f61de2ce1af74b2c4fa3e6703ff698edc9be22c02ae4d916e4fa223f819d46582c0516235848a77b577ea49018dcd5e9e15cff9dbb4663a1ae6dd7580fa40946d40c05f72814b0f88481207e6c0832c3bded4853ebba0a7e3bd8e8c66df33d5a537cd4acf946d1080e7a3dcea679cb2b11a72a33a2b6a9dc85f466ad2ddf4c3db6283fa645343286971e3dd700703fc0c4e290d45767f370831a90187e74e9972aae5bff488eeff7d620af0362bfb95c1a6c3413ab5d15a2e4139e5d07a54d72583914661ed6a87cce810be28a0aa8879a2dd39e52fb6fe800f4f181ac7e328f740cde3d09a05cecf9483e4cca4253e60d4429ffd679d9996a520012aad119878c941e3cf151459873bdfc2a9563472fe0303027a728f9feb3b864260a1babe83925ce794710cfd642ee4ae0e5b9d74cee49e9c67b6cd0ea5dfbb582132195a121356a1513e1bca73e5b80c58c7ccb4164453412f456c47616d616c2054657374204b65792031886204131102002205024dfcb16a021b03060b090807030206150802090a0b0416020301021e01021780000a091033af447ccd759b09fadd00a0b8fd6f5a790bad7e9f2dbb7632046dc4493588db009c087c6a9ba9f7f49fab221587a74788c00db4889ab00200009d0157044dfcb16a1004008dec3f9291205255ccff8c532318133a6840739dd68b03ba942676f9038612071447bf07d00d559c5c0875724ea16a4c774f80d8338b55fca691a0522e530e604215b467bbc9ccfd483a1da99d7bc2648b4318fdbd27766fc8bfad3fddb37c62b8ae7ccfe9577e9b8d1e77c1d417ed2c2ef02d52f4da11600d85d3229607943700030503ff506c94c87c8cab778e963b76cf63770f0a79bf48fb49d3b4e52234620fc9f7657f9f8d56c96a2b7c7826ae6b57ebb2221a3fe154b03b6637cea7e6d98e3e45d87cf8dc432f723d3d71f89c5192ac8d7290684d2c25ce55846a80c9a7823f6acd9bb29fa6cd71f20bc90eccfca20451d0c976e460e672b000df49466408d527affe0303027a728f9feb3b864260abd761730327bca2aaa4ea0525c175e92bf240682a0e83b226f97ecb2e935b62c9a133858ce31b271fa8eb41f6a1b3cd72a63025ce1a75ee4180dcc284884904181102000905024dfcb16a021b0c000a091033af447ccd759b09dd0b009e3c3e7296092c81bee5a19929462caaf2fff3ae26009e218c437a2340e7ea628149af1ec98ec091a43992b00200009501e1044dfcb1be1104009f61faa61aa43df75d128cbe53de528c4aec49ce9360c992e70c77072ad5623de0a3a6212771b66b39a30dad6781799e92608316900518ec01184a85d872365b7d2ba4bacfb5882ea3c2473d3750dc6178cc1cf82147fb58caa28b28e9f12f6d1efcb0534abed644156c91cca4ab78834268495160b2400bc422beb37d237c2300a0cac94911b6d493bda1e1fbc6feeca7cb7421d34b03fe22cec6ccb39675bb7b94a335c2b7be888fd3906a1125f33301d8aa6ec6ee6878f46f73961c8d57a3e9544d8ef2a2cbfd4d52da665b1266928cfe4cb347a58c412815f3b2d2369dec04b41ac9a71cc9547426d5ab941cccf3b18575637ccfb42df1a802df3cfe0a999f9e7109331170e3a221991bf868543960f8c816c28097e503fe319db10fb98049f3a57d7c80c420da66d56f3644371631fad3f0ff4040a19a4fedc2d07727a1b27576f75a4d28c47d8246f27071e12d7a8de62aad216ddbae6aa02efd6b8a3e2818cda48526549791ab277e447b3a36c57cefe9b592f5eab73959743fcc8e83cbefec03a329b55018b53eec196765ae40ef9e20521a603c551efe0303020950d53a146bf9c66034d00c23130cce95576a2ff78016ca471276e8227fb30b1ffbd92e61804fb0c3eff9e30b1a826ee8f3e4730b4d86273ca977b4164453412f456c47616d616c2054657374204b65792032886204131102002205024dfcb1be021b03060b090807030206150802090a0b0416020301021e01021780000a0910a86bf526325b21b22bd9009e34511620415c974750a20df5cb56b182f3b48e6600a0a9466cb1a1305a84953445f77d461593f1d42bc1b00200009d0157044dfcb1be1004009565a951da1ee87119d600c077198f1c1bceb0f7aa54552489298e41ff788fa8f0d43a69871f0f6f77ebdfb14a4260cf9fbeb65d5844b4272a1904dd95136d06c3da745dc46327dd44a0f16f60135914368c8039a34033862261806bb2c5ce1152e2840254697872c85441ccb7321431d75a747a4bfb1d2c66362b51ce76311700030503fc0ea76601c196768070b7365a200e6ddb09307f262d5f39eec467b5f5784e22abdf1aa49226f59ab37cb49969d8f5230ea65caf56015abda62604544ed526c5c522bf92bed178a078789f6c807b6d34885688024a5bed9e9f8c58d11d4b82487b44c5f470c5606806a0443b79cadb45e0f897a561a53f724e5349b9267c75ca17fe0303020950d53a146bf9c660bc5f4ce8f072465e2d2466434320c1e712272fafc20e342fe7608101580fa1a1a367e60486a7cd1246b7ef5586cf5e10b32762b710a30144f12dd17dd4884904181102000905024dfcb1be021b0c000a0910a86bf526325b21b2904c00a0b2b66b4b39ccffda1d10f3ea8d58f827e30a8b8e009f4255b2d8112a184e40cde43a34e8655ca7809370b0020000"
+
+const signedMessageHex = "a3019bc0cbccc0c4b8d8b74ee2108fe16ec6d3ca490cbe362d3f8333d3f352531472538b8b13d353b97232f352158c20943157c71c16064626063656269052062e4e01987e9b6fccff4b7df3a34c534b23e679cbec3bc0f8f6e64dfb4b55fe3f8efa9ce110ddb5cd79faf1d753c51aecfa669f7e7aa043436596cccc3359cb7dd6bbe9ecaa69e5989d9e57209571edc0b2fa7f57b9b79a64ee6e99ce1371395fee92fec2796f7b15a77c386ff668ee27f6d38f0baa6c438b561657377bf6acff3c5947befd7bf4c196252f1d6e5c524d0300"
+
+const signedTextMessageHex = "a3019bc0cbccc8c4b8d8b74ee2108fe16ec6d36a250cbece0c178233d3f352531472538b8b13d35379b97232f352158ca0b4312f57c71c1646462606365626906a062e4e019811591798ff99bf8afee860b0d8a8c2a85c3387e3bcf0bb3b17987f2bbcfab2aa526d930cbfd3d98757184df3995c9f3e7790e36e3e9779f06089d4c64e9e47dd6202cb6e9bc73c5d11bb59fbaf89d22d8dc7cf199ddf17af96e77c5f65f9bbed56f427bd8db7af37f6c9984bf9385efaf5f184f986fb3e6adb0ecfe35bbf92d16a7aa2a344fb0bc52fb7624f0200"
+
+const signedEncryptedMessageHex = "c18c032a67d68660df41c70103ff5a84c9a72f80e74ef0384c2d6a9ebfe2b09e06a8f298394f6d2abf174e40934ab0ec01fb2d0ddf21211c6fe13eb238563663b017a6b44edca552eb4736c4b7dc6ed907dd9e12a21b51b64b46f902f76fb7aaf805c1db8070574d8d0431a23e324a750f77fb72340a17a42300ee4ca8207301e95a731da229a63ab9c6b44541fbd2c11d016d810b3b3b2b38f15b5b40f0a4910332829c2062f1f7cc61f5b03677d73c54cafa1004ced41f315d46444946faae571d6f426e6dbd45d9780eb466df042005298adabf7ce0ef766dfeb94cd449c7ed0046c880339599c4711af073ce649b1e237c40b50a5536283e03bdbb7afad78bd08707715c67fb43295f905b4c479178809d429a8e167a9a8c6dfd8ab20b4edebdc38d6dec879a3202e1b752690d9bb5b0c07c5a227c79cc200e713a99251a4219d62ad5556900cf69bd384b6c8e726c7be267471d0d23af956da165af4af757246c2ebcc302b39e8ef2fccb4971b234fcda22d759ddb20e27269ee7f7fe67898a9de721bfa02ab0becaa046d00ea16cb1afc4e2eab40d0ac17121c565686e5cbd0cbdfbd9d6db5c70278b9c9db5a83176d04f61fbfbc4471d721340ede2746e5c312ded4f26787985af92b64fae3f253dbdde97f6a5e1996fd4d865599e32ff76325d3e9abe93184c02988ee89a4504356a4ef3b9b7a57cbb9637ca90af34a7676b9ef559325c3cca4e29d69fec1887f5440bb101361d744ad292a8547f22b4f22b419a42aa836169b89190f46d9560824cb2ac6e8771de8223216a5e647e132ab9eebcba89569ab339cb1c3d70fe806b31f4f4c600b4103b8d7583ebff16e43dcda551e6530f975122eb8b29"
+
+const verifiedSignatureEncryptedMessageHex = "c2b304000108000605026048f6d600210910a34d7e18c20c31bb1621045fb74b1d03b1e3cb31bc2f8aa34d7e18c20c31bb9a3b0400a32ddac1af259c1b0abab0041327ea04970944401978fb647dd1cf9aba4f164e43f0d8a9389501886474bdd4a6e77f6aea945c07dfbf87743835b44cc2c39a1f9aeecfa83135abc92e18e50396f2e6a06c44e0188b0081effbfb4160d28f118d4ff73dd199a102e47cffd8c7ff2bacd83ae72b5820c021a486766dd587b5da61"
+
+const unverifiedSignatureEncryptedMessageHex = "c2b304000108000605026048f6d600210910a34d7e18c20c31bb1621045fb74b1d03b1e3cb31bc2f8aa34d7e18c20c31bb9a3b0400a32ddac1af259c1b0abab0041327ea04970944401978fb647dd1cf9aba4f164e43f0d8a9389501886474bdd4a6e77f6aea945c07dfbf87743835b44cc2c39a1f9aeecfa83135abc92e18e50396f2e6a06c44e0188b0081effbfb4160d28f118d4ff73dd199a102e47cffd8c7ff2bacd83ae72b5820c021a486766dd587b5da61"
+
+const signedEncryptedMessage2Hex = "85010e03cf6a7abcd43e36731003fb057f5495b79db367e277cdbe4ab90d924ddee0c0381494112ff8c1238fb0184af35d1731573b01bc4c55ecacd2aafbe2003d36310487d1ecc9ac994f3fada7f9f7f5c3a64248ab7782906c82c6ff1303b69a84d9a9529c31ecafbcdb9ba87e05439897d87e8a2a3dec55e14df19bba7f7bd316291c002ae2efd24f83f9e3441203fc081c0c23dc3092a454ca8a082b27f631abf73aca341686982e8fbda7e0e7d863941d68f3de4a755c2964407f4b5e0477b3196b8c93d551dd23c8beef7d0f03fbb1b6066f78907faf4bf1677d8fcec72651124080e0b7feae6b476e72ab207d38d90b958759fdedfc3c6c35717c9dbfc979b3cfbbff0a76d24a5e57056bb88acbd2a901ef64bc6e4db02adc05b6250ff378de81dca18c1910ab257dff1b9771b85bb9bbe0a69f5989e6d1710a35e6dfcceb7d8fb5ccea8db3932b3d9ff3fe0d327597c68b3622aec8e3716c83a6c93f497543b459b58ba504ed6bcaa747d37d2ca746fe49ae0a6ce4a8b694234e941b5159ff8bd34b9023da2814076163b86f40eed7c9472f81b551452d5ab87004a373c0172ec87ea6ce42ccfa7dbdad66b745496c4873d8019e8c28d6b3"
+
+const signatureEncryptedMessage2Hex = "c24604001102000605024dfd0166000a091033af447ccd759b09bae600a096ec5e63ecf0a403085e10f75cc3bab327663282009f51fad9df457ed8d2b70d8a73c76e0443eac0f377"
+
+const symmetricallyEncryptedCompressedHex = "c32e040903085a357c1a7b5614ed00cc0d1d92f428162058b3f558a0fb0980d221ebac6c97d5eda4e0fe32f6e706e94dd263012d6ca1ef8c4bbd324098225e603a10c85ebf09cbf7b5aeeb5ce46381a52edc51038b76a8454483be74e6dcd1e50d5689a8ae7eceaeefed98a0023d49b22eb1f65c2aa1ef1783bb5e1995713b0457102ec3c3075fe871267ffa4b686ad5d52000d857"
+
+const dsaTestKeyHex = "9901a2044d6c49de110400cb5ce438cf9250907ac2ba5bf6547931270b89f7c4b53d9d09f4d0213a5ef2ec1f26806d3d259960f872a4a102ef1581ea3f6d6882d15134f21ef6a84de933cc34c47cc9106efe3bd84c6aec12e78523661e29bc1a61f0aab17fa58a627fd5fd33f5149153fbe8cd70edf3d963bc287ef875270ff14b5bfdd1bca4483793923b00a0fe46d76cb6e4cbdc568435cd5480af3266d610d303fe33ae8273f30a96d4d34f42fa28ce1112d425b2e3bf7ea553d526e2db6b9255e9dc7419045ce817214d1a0056dbc8d5289956a4b1b69f20f1105124096e6a438f41f2e2495923b0f34b70642607d45559595c7fe94d7fa85fc41bf7d68c1fd509ebeaa5f315f6059a446b9369c277597e4f474a9591535354c7e7f4fd98a08aa60400b130c24ff20bdfbf683313f5daebf1c9b34b3bdadfc77f2ddd72ee1fb17e56c473664bc21d66467655dd74b9005e3a2bacce446f1920cd7017231ae447b67036c9b431b8179deacd5120262d894c26bc015bffe3d827ba7087ad9b700d2ca1f6d16cc1786581e5dd065f293c31209300f9b0afcc3f7c08dd26d0a22d87580b4db41054657374204b65792033202844534129886204131102002205024d6c49de021b03060b090807030206150802090a0b0416020301021e01021780000a0910338934250ccc03607e0400a0bdb9193e8a6b96fc2dfc108ae848914b504481f100a09c4dc148cb693293a67af24dd40d2b13a9e36794"
+
+const dsaTestKeyPrivateHex = "9501bb044d6c49de110400cb5ce438cf9250907ac2ba5bf6547931270b89f7c4b53d9d09f4d0213a5ef2ec1f26806d3d259960f872a4a102ef1581ea3f6d6882d15134f21ef6a84de933cc34c47cc9106efe3bd84c6aec12e78523661e29bc1a61f0aab17fa58a627fd5fd33f5149153fbe8cd70edf3d963bc287ef875270ff14b5bfdd1bca4483793923b00a0fe46d76cb6e4cbdc568435cd5480af3266d610d303fe33ae8273f30a96d4d34f42fa28ce1112d425b2e3bf7ea553d526e2db6b9255e9dc7419045ce817214d1a0056dbc8d5289956a4b1b69f20f1105124096e6a438f41f2e2495923b0f34b70642607d45559595c7fe94d7fa85fc41bf7d68c1fd509ebeaa5f315f6059a446b9369c277597e4f474a9591535354c7e7f4fd98a08aa60400b130c24ff20bdfbf683313f5daebf1c9b34b3bdadfc77f2ddd72ee1fb17e56c473664bc21d66467655dd74b9005e3a2bacce446f1920cd7017231ae447b67036c9b431b8179deacd5120262d894c26bc015bffe3d827ba7087ad9b700d2ca1f6d16cc1786581e5dd065f293c31209300f9b0afcc3f7c08dd26d0a22d87580b4d00009f592e0619d823953577d4503061706843317e4fee083db41054657374204b65792033202844534129886204131102002205024d6c49de021b03060b090807030206150802090a0b0416020301021e01021780000a0910338934250ccc03607e0400a0bdb9193e8a6b96fc2dfc108ae848914b504481f100a09c4dc148cb693293a67af24dd40d2b13a9e36794"
+
+const p256TestKeyHex = "98520456e5b83813082a8648ce3d030107020304a2072cd6d21321266c758cc5b83fab0510f751cb8d91897cddb7047d8d6f185546e2107111b0a95cb8ef063c33245502af7a65f004d5919d93ee74eb71a66253b424502d3235362054657374204b6579203c696e76616c6964406578616d706c652e636f6d3e8879041313080021050256e5b838021b03050b09080702061508090a0b020416020301021e01021780000a0910d44a2c495918513e54e50100dfa64f97d9b47766fc1943c6314ba3f2b2a103d71ad286dc5b1efb96a345b0c80100dbc8150b54241f559da6ef4baacea6d31902b4f4b1bdc09b34bf0502334b7754b8560456e5b83812082a8648ce3d030107020304bfe3cea9cee13486f8d518aa487fecab451f25467d2bf08e58f63e5fa525d5482133e6a79299c274b068ef0be448152ad65cf11cf764348588ca4f6a0bcf22b6030108078861041813080009050256e5b838021b0c000a0910d44a2c495918513e4a4800ff49d589fa64024ad30be363a032e3a0e0e6f5db56ba4c73db850518bf0121b8f20100fd78e065f4c70ea5be9df319ea67e493b936fc78da834a71828043d3154af56e"
+
+const p256TestKeyPrivateHex = "94a50456e5b83813082a8648ce3d030107020304a2072cd6d21321266c758cc5b83fab0510f751cb8d91897cddb7047d8d6f185546e2107111b0a95cb8ef063c33245502af7a65f004d5919d93ee74eb71a66253fe070302f0c2bfb0b6c30f87ee1599472b8636477eab23ced13b271886a4b50ed34c9d8436af5af5b8f88921f0efba6ef8c37c459bbb88bc1c6a13bbd25c4ce9b1e97679569ee77645d469bf4b43de637f5561b424502d3235362054657374204b6579203c696e76616c6964406578616d706c652e636f6d3e8879041313080021050256e5b838021b03050b09080702061508090a0b020416020301021e01021780000a0910d44a2c495918513e54e50100dfa64f97d9b47766fc1943c6314ba3f2b2a103d71ad286dc5b1efb96a345b0c80100dbc8150b54241f559da6ef4baacea6d31902b4f4b1bdc09b34bf0502334b77549ca90456e5b83812082a8648ce3d030107020304bfe3cea9cee13486f8d518aa487fecab451f25467d2bf08e58f63e5fa525d5482133e6a79299c274b068ef0be448152ad65cf11cf764348588ca4f6a0bcf22b603010807fe0703027510012471a603cfee2968dce19f732721ddf03e966fd133b4e3c7a685b788705cbc46fb026dc94724b830c9edbaecd2fb2c662f23169516cacd1fe423f0475c364ecc10abcabcfd4bbbda1a36a1bd8861041813080009050256e5b838021b0c000a0910d44a2c495918513e4a4800ff49d589fa64024ad30be363a032e3a0e0e6f5db56ba4c73db850518bf0121b8f20100fd78e065f4c70ea5be9df319ea67e493b936fc78da834a71828043d3154af56e"
+
+const armoredPrivateKeyBlock = `-----BEGIN PGP PRIVATE KEY BLOCK-----
+Version: GnuPG v1.4.10 (GNU/Linux)
+
+lQHYBE2rFNoBBADFwqWQIW/DSqcB4yCQqnAFTJ27qS5AnB46ccAdw3u4Greeu3Bp
+idpoHdjULy7zSKlwR1EA873dO/k/e11Ml3dlAFUinWeejWaK2ugFP6JjiieSsrKn
+vWNicdCS4HTWn0X4sjl0ZiAygw6GNhqEQ3cpLeL0g8E9hnYzJKQ0LWJa0QARAQAB
+AAP/TB81EIo2VYNmTq0pK1ZXwUpxCrvAAIG3hwKjEzHcbQznsjNvPUihZ+NZQ6+X
+0HCfPAdPkGDCLCb6NavcSW+iNnLTrdDnSI6+3BbIONqWWdRDYJhqZCkqmG6zqSfL
+IdkJgCw94taUg5BWP/AAeQrhzjChvpMQTVKQL5mnuZbUCeMCAN5qrYMP2S9iKdnk
+VANIFj7656ARKt/nf4CBzxcpHTyB8+d2CtPDKCmlJP6vL8t58Jmih+kHJMvC0dzn
+gr5f5+sCAOOe5gt9e0am7AvQWhdbHVfJU0TQJx+m2OiCJAqGTB1nvtBLHdJnfdC9
+TnXXQ6ZXibqLyBies/xeY2sCKL5qtTMCAKnX9+9d/5yQxRyrQUHt1NYhaXZnJbHx
+q4ytu0eWz+5i68IYUSK69jJ1NWPM0T6SkqpB3KCAIv68VFm9PxqG1KmhSrQIVGVz
+dCBLZXmIuAQTAQIAIgUCTasU2gIbAwYLCQgHAwIGFQgCCQoLBBYCAwECHgECF4AA
+CgkQO9o98PRieSoLhgQAkLEZex02Qt7vGhZzMwuN0R22w3VwyYyjBx+fM3JFETy1
+ut4xcLJoJfIaF5ZS38UplgakHG0FQ+b49i8dMij0aZmDqGxrew1m4kBfjXw9B/v+
+eIqpODryb6cOSwyQFH0lQkXC040pjq9YqDsO5w0WYNXYKDnzRV0p4H1pweo2VDid
+AdgETasU2gEEAN46UPeWRqKHvA99arOxee38fBt2CI08iiWyI8T3J6ivtFGixSqV
+bRcPxYO/qLpVe5l84Nb3X71GfVXlc9hyv7CD6tcowL59hg1E/DC5ydI8K8iEpUmK
+/UnHdIY5h8/kqgGxkY/T/hgp5fRQgW1ZoZxLajVlMRZ8W4tFtT0DeA+JABEBAAEA
+A/0bE1jaaZKj6ndqcw86jd+QtD1SF+Cf21CWRNeLKnUds4FRRvclzTyUMuWPkUeX
+TaNNsUOFqBsf6QQ2oHUBBK4VCHffHCW4ZEX2cd6umz7mpHW6XzN4DECEzOVksXtc
+lUC1j4UB91DC/RNQqwX1IV2QLSwssVotPMPqhOi0ZLNY7wIA3n7DWKInxYZZ4K+6
+rQ+POsz6brEoRHwr8x6XlHenq1Oki855pSa1yXIARoTrSJkBtn5oI+f8AzrnN0BN
+oyeQAwIA/7E++3HDi5aweWrViiul9cd3rcsS0dEnksPhvS0ozCJiHsq/6GFmy7J8
+QSHZPteedBnZyNp5jR+H7cIfVN3KgwH/Skq4PsuPhDq5TKK6i8Pc1WW8MA6DXTdU
+nLkX7RGmMwjC0DBf7KWAlPjFaONAX3a8ndnz//fy1q7u2l9AZwrj1qa1iJ8EGAEC
+AAkFAk2rFNoCGwwACgkQO9o98PRieSo2/QP/WTzr4ioINVsvN1akKuekmEMI3LAp
+BfHwatufxxP1U+3Si/6YIk7kuPB9Hs+pRqCXzbvPRrI8NHZBmc8qIGthishdCYad
+AHcVnXjtxrULkQFGbGvhKURLvS9WnzD/m1K2zzwxzkPTzT9/Yf06O6Mal5AdugPL
+VrM0m72/jnpKo04=
+=zNCn
+-----END PGP PRIVATE KEY BLOCK-----`
+
+const e2ePublicKey = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+Charset: UTF-8
+
+xv8AAABSBAAAAAATCCqGSM49AwEHAgME1LRoXSpOxtHXDUdmuvzchyg6005qIBJ4
+sfaSxX7QgH9RV2ONUhC+WiayCNADq+UMzuR/vunSr4aQffXvuGnR383/AAAAFDxk
+Z2lsQHlhaG9vLWluYy5jb20+wv8AAACGBBATCAA4/wAAAAWCVGvAG/8AAAACiwn/
+AAAACZC2VkQCOjdvYf8AAAAFlQgJCgv/AAAAA5YBAv8AAAACngEAAE1BAP0X8veD
+24IjmI5/C6ZAfVNXxgZZFhTAACFX75jUA3oD6AEAzoSwKf1aqH6oq62qhCN/pekX
++WAsVMBhNwzLpqtCRjLO/wAAAFYEAAAAABIIKoZIzj0DAQcCAwT50ain7vXiIRv8
+B1DO3x3cE/aattZ5sHNixJzRCXi2vQIA5QmOxZ6b5jjUekNbdHG3SZi1a2Ak5mfX
+fRxC/5VGAwEIB8L/AAAAZQQYEwgAGP8AAAAFglRrwBz/AAAACZC2VkQCOjdvYQAA
+FJAA9isX3xtGyMLYwp2F3nXm7QEdY5bq5VUcD/RJlj792VwA/1wH0pCzVLl4Q9F9
+ex7En5r7rHR5xwX82Msc+Rq9dSyO
+=7MrZ
+-----END PGP PUBLIC KEY BLOCK-----`
+
+const dsaKeyWithSHA512 = `9901a2044f04b07f110400db244efecc7316553ee08d179972aab87bb1214de7692593fcf5b6feb1c80fba268722dd464748539b85b81d574cd2d7ad0ca2444de4d849b8756bad7768c486c83a824f9bba4af773d11742bdfb4ac3b89ef8cc9452d4aad31a37e4b630d33927bff68e879284a1672659b8b298222fc68f370f3e24dccacc4a862442b9438b00a0ea444a24088dc23e26df7daf8f43cba3bffc4fe703fe3d6cd7fdca199d54ed8ae501c30e3ec7871ea9cdd4cf63cfe6fc82281d70a5b8bb493f922cd99fba5f088935596af087c8d818d5ec4d0b9afa7f070b3d7c1dd32a84fca08d8280b4890c8da1dde334de8e3cad8450eed2a4a4fcc2db7b8e5528b869a74a7f0189e11ef097ef1253582348de072bb07a9fa8ab838e993cef0ee203ff49298723e2d1f549b00559f886cd417a41692ce58d0ac1307dc71d85a8af21b0cf6eaa14baf2922d3a70389bedf17cc514ba0febbd107675a372fe84b90162a9e88b14d4b1c6be855b96b33fb198c46f058568817780435b6936167ebb3724b680f32bf27382ada2e37a879b3d9de2abe0c3f399350afd1ad438883f4791e2e3b4184453412068617368207472756e636174696f6e207465737488620413110a002205024f04b07f021b03060b090807030206150802090a0b0416020301021e01021780000a0910ef20e0cefca131581318009e2bf3bf047a44d75a9bacd00161ee04d435522397009a03a60d51bd8a568c6c021c8d7cf1be8d990d6417b0020003`
+
+const unknownHashFunctionHex = `8a00000040040001990006050253863c24000a09103b4fe6acc0b21f32ffff01010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101010101`
+
+const rsaSignatureBadMPIlength = `8a00000040040001030006050253863c24000a09103b4fe6acc0b21f32ffff0101010101010101010101010101010101010101010101010101010101010101010101010101`
+
+const missingHashFunctionHex = `8a00000040040001030006050253863c24000a09103b4fe6acc0b21f32ffff0101010101010101010101010101010101010101010101010101010101010101010101`
+
+const campbellQuine = `a0b001000300fcffa0b001000d00f2ff000300fcffa0b001000d00f2ff8270a01c00000500faff8270a01c00000500faff000500faff001400ebff8270a01c00000500faff000500faff001400ebff428821c400001400ebff428821c400001400ebff428821c400001400ebff428821c400001400ebff428821c400000000ffff000000ffff000b00f4ff428821c400000000ffff000000ffff000b00f4ff0233214c40000100feff000233214c40000100feff0000`
+
+const keyV4forVerifyingSignedMessageV3 = `-----BEGIN PGP PUBLIC KEY BLOCK-----
+Comment: GPGTools - https://gpgtools.org
+
+mI0EVfxoFQEEAMBIqmbDfYygcvP6Phr1wr1XI41IF7Qixqybs/foBF8qqblD9gIY
+BKpXjnBOtbkcVOJ0nljd3/sQIfH4E0vQwK5/4YRQSI59eKOqd6Fx+fWQOLG+uu6z
+tewpeCj9LLHvibx/Sc7VWRnrznia6ftrXxJ/wHMezSab3tnGC0YPVdGNABEBAAG0
+JEdvY3J5cHRvIFRlc3QgS2V5IDx0aGVtYXhAZ21haWwuY29tPoi5BBMBCgAjBQJV
+/GgVAhsDBwsJCAcDAgEGFQgCCQoLBBYCAwECHgECF4AACgkQeXnQmhdGW9PFVAP+
+K7TU0qX5ArvIONIxh/WAweyOk884c5cE8f+3NOPOOCRGyVy0FId5A7MmD5GOQh4H
+JseOZVEVCqlmngEvtHZb3U1VYtVGE5WZ+6rQhGsMcWP5qaT4soYwMBlSYxgYwQcx
+YhN9qOr292f9j2Y//TTIJmZT4Oa+lMxhWdqTfX+qMgG4jQRV/GgVAQQArhFSiij1
+b+hT3dnapbEU+23Z1yTu1DfF6zsxQ4XQWEV3eR8v+8mEDDNcz8oyyF56k6UQ3rXi
+UMTIwRDg4V6SbZmaFbZYCOwp/EmXJ3rfhm7z7yzXj2OFN22luuqbyVhuL7LRdB0M
+pxgmjXb4tTvfgKd26x34S+QqUJ7W6uprY4sAEQEAAYifBBgBCgAJBQJV/GgVAhsM
+AAoJEHl50JoXRlvT7y8D/02ckx4OMkKBZo7viyrBw0MLG92i+DC2bs35PooHR6zz
+786mitjOp5z2QWNLBvxC70S0qVfCIz8jKupO1J6rq6Z8CcbLF3qjm6h1omUBf8Nd
+EfXKD2/2HV6zMKVknnKzIEzauh+eCKS2CeJUSSSryap/QLVAjRnckaES/OsEWhNB
+=RZia
+-----END PGP PUBLIC KEY BLOCK-----
+`
+
+const signedMessageV3 = `-----BEGIN PGP MESSAGE-----
+Comment: GPGTools - https://gpgtools.org
+
+owGbwMvMwMVYWXlhlrhb9GXG03JJDKF/MtxDMjKLFYAoUaEktbhEITe1uDgxPVWP
+q5NhKjMrWAVcC9evD8z/bF/uWNjqtk/X3y5/38XGRQHm/57rrDRYuGnTw597Xqka
+uM3137/hH3Os+Jf2dc0fXOITKwJvXJvecPVs0ta+Vg7ZO1MLn8w58Xx+6L58mbka
+DGHyU9yTueZE8D+QF/Tz28Y78dqtF56R1VPn9Xw4uJqrWYdd7b3vIZ1V6R4Nh05d
+iT57d/OhWwA=
+=hG7R
+-----END PGP MESSAGE-----
+`
+
+// https://mailarchive.ietf.org/arch/msg/openpgp/9SheW_LENE0Kxf7haNllovPyAdY/
+const v5PrivKey = `-----BEGIN PGP PRIVATE KEY BLOCK-----
+
+lGEFXJH05BYAAAAtCSsGAQQB2kcPAQEHQFhZlVcVVtwf+21xNQPX+ecMJJBL0MPd
+fj75iux+my8QAAAAAAAiAQCHZ1SnSUmWqxEsoI6facIVZQu6mph3cBFzzTvcm5lA
+Ng5ctBhlbW1hLmdvbGRtYW5AZXhhbXBsZS5uZXSIlgUTFggASCIhBRk0e8mHJGQC
+X5nfPsLgAA7ZiEiS4fez6kyUAJFZVptUBQJckfTkAhsDBQsJCAcCAyICAQYVCgkI
+CwIEFgIDAQIeBwIXgAAA9cAA/jiR3yMsZMeEQ40u6uzEoXa6UXeV/S3wwJAXRJy9
+M8s0AP9vuL/7AyTfFXwwzSjDnYmzS0qAhbLDQ643N+MXGBJ2BZxmBVyR9OQSAAAA
+MgorBgEEAZdVAQUBAQdA+nysrzml2UCweAqtpDuncSPlvrcBWKU0yfU0YvYWWAoD
+AQgHAAAAAAAiAP9OdAPppjU1WwpqjIItkxr+VPQRT8Zm/Riw7U3F6v3OiBFHiHoF
+GBYIACwiIQUZNHvJhyRkAl+Z3z7C4AAO2YhIkuH3s+pMlACRWVabVAUCXJH05AIb
+DAAAOSQBAP4BOOIR/sGLNMOfeb5fPs/02QMieoiSjIBnijhob2U5AQC+RtOHCHx7
+TcIYl5/Uyoi+FOvPLcNw4hOv2nwUzSSVAw==
+=IiS2
+-----END PGP PRIVATE KEY BLOCK-----`
+
+// Generated with the above private key
+const v5PrivKeyMsg = `-----BEGIN PGP MESSAGE-----
+Version: OpenPGP.js v4.10.7
+Comment: https://openpgpjs.org
+
+xA0DAQoWGTR7yYckZAIByxF1B21zZy50eHRfbIGSdGVzdMJ3BQEWCgAGBQJf
+bIGSACMiIQUZNHvJhyRkAl+Z3z7C4AAO2YhIkuH3s+pMlACRWVabVDQvAP9G
+y29VPonFXqi2zKkpZrvyvZxg+n5e8Nt9wNbuxeCd3QD/TtO2s+JvjrE4Siwv
+UQdl5MlBka1QSNbMq2Bz7XwNPg4=
+=6lbM
+-----END PGP MESSAGE-----`
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go
new file mode 100644
index 0000000000..14f58548bd
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/s2k/s2k.go
@@ -0,0 +1,367 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+// Package s2k implements the various OpenPGP string-to-key transforms as
+// specified in RFC 4800 section 3.7.1.
+package s2k // import "github.com/ProtonMail/go-crypto/openpgp/s2k"
+
+import (
+	"crypto"
+	"hash"
+	"io"
+	"strconv"
+
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/internal/algorithm"
+)
+
+// Config collects configuration parameters for s2k key-stretching
+// transformations. A nil *Config is valid and results in all default
+// values. Currently, Config is used only by the Serialize function in
+// this package.
+type Config struct {
+	// S2KMode is the mode of s2k function.
+	// It can be 0 (simple), 1(salted), 3(iterated)
+	// 2(reserved) 100-110(private/experimental).
+	S2KMode uint8
+	// Hash is the default hash function to be used. If
+	// nil, SHA256 is used.
+	Hash crypto.Hash
+	// S2KCount is only used for symmetric encryption. It
+	// determines the strength of the passphrase stretching when
+	// the said passphrase is hashed to produce a key. S2KCount
+	// should be between 65536 and 65011712, inclusive. If Config
+	// is nil or S2KCount is 0, the value 16777216 used. Not all
+	// values in the above range can be represented. S2KCount will
+	// be rounded up to the next representable value if it cannot
+	// be encoded exactly. See RFC 4880 Section 3.7.1.3.
+	S2KCount int
+}
+
+// Params contains all the parameters of the s2k packet
+type Params struct {
+	// mode is the mode of s2k function.
+	// It can be 0 (simple), 1(salted), 3(iterated)
+	// 2(reserved) 100-110(private/experimental).
+	mode uint8
+	// hashId is the ID of the hash function used in any of the modes
+	hashId byte
+	// salt is a byte array to use as a salt in hashing process
+	salt []byte
+	// countByte is used to determine how many rounds of hashing are to
+	// be performed in s2k mode 3. See RFC 4880 Section 3.7.1.3.
+	countByte byte
+}
+
+func (c *Config) hash() crypto.Hash {
+	if c == nil || uint(c.Hash) == 0 {
+		return crypto.SHA256
+	}
+
+	return c.Hash
+}
+
+// EncodedCount get encoded count
+func (c *Config) EncodedCount() uint8 {
+	if c == nil || c.S2KCount == 0 {
+		return 224 // The common case. Corresponding to 16777216
+	}
+
+	i := c.S2KCount
+
+	switch {
+	case i < 65536:
+		i = 65536
+	case i > 65011712:
+		i = 65011712
+	}
+
+	return encodeCount(i)
+}
+
+// encodeCount converts an iterative "count" in the range 1024 to
+// 65011712, inclusive, to an encoded count. The return value is the
+// octet that is actually stored in the GPG file. encodeCount panics
+// if i is not in the above range (encodedCount above takes care to
+// pass i in the correct range). See RFC 4880 Section 3.7.7.1.
+func encodeCount(i int) uint8 {
+	if i < 65536 || i > 65011712 {
+		panic("count arg i outside the required range")
+	}
+
+	for encoded := 96; encoded < 256; encoded++ {
+		count := decodeCount(uint8(encoded))
+		if count >= i {
+			return uint8(encoded)
+		}
+	}
+
+	return 255
+}
+
+// decodeCount returns the s2k mode 3 iterative "count" corresponding to
+// the encoded octet c.
+func decodeCount(c uint8) int {
+	return (16 + int(c&15)) << (uint32(c>>4) + 6)
+}
+
+// Simple writes to out the result of computing the Simple S2K function (RFC
+// 4880, section 3.7.1.1) using the given hash and input passphrase.
+func Simple(out []byte, h hash.Hash, in []byte) {
+	Salted(out, h, in, nil)
+}
+
+var zero [1]byte
+
+// Salted writes to out the result of computing the Salted S2K function (RFC
+// 4880, section 3.7.1.2) using the given hash, input passphrase and salt.
+func Salted(out []byte, h hash.Hash, in []byte, salt []byte) {
+	done := 0
+	var digest []byte
+
+	for i := 0; done < len(out); i++ {
+		h.Reset()
+		for j := 0; j < i; j++ {
+			h.Write(zero[:])
+		}
+		h.Write(salt)
+		h.Write(in)
+		digest = h.Sum(digest[:0])
+		n := copy(out[done:], digest)
+		done += n
+	}
+}
+
+// Iterated writes to out the result of computing the Iterated and Salted S2K
+// function (RFC 4880, section 3.7.1.3) using the given hash, input passphrase,
+// salt and iteration count.
+func Iterated(out []byte, h hash.Hash, in []byte, salt []byte, count int) {
+	combined := make([]byte, len(in)+len(salt))
+	copy(combined, salt)
+	copy(combined[len(salt):], in)
+
+	if count < len(combined) {
+		count = len(combined)
+	}
+
+	done := 0
+	var digest []byte
+	for i := 0; done < len(out); i++ {
+		h.Reset()
+		for j := 0; j < i; j++ {
+			h.Write(zero[:])
+		}
+		written := 0
+		for written < count {
+			if written+len(combined) > count {
+				todo := count - written
+				h.Write(combined[:todo])
+				written = count
+			} else {
+				h.Write(combined)
+				written += len(combined)
+			}
+		}
+		digest = h.Sum(digest[:0])
+		n := copy(out[done:], digest)
+		done += n
+	}
+}
+
+// Generate generates valid parameters from given configuration.
+// It will enforce salted + hashed s2k method
+func Generate(rand io.Reader, c *Config) (*Params, error) {
+	hashId, ok := HashToHashId(c.Hash)
+	if !ok {
+		return nil, errors.UnsupportedError("no such hash")
+	}
+
+	params := &Params{
+		mode:      3, // Enforce iterared + salted method
+		hashId:    hashId,
+		salt:      make([]byte, 8),
+		countByte: c.EncodedCount(),
+	}
+
+	if _, err := io.ReadFull(rand, params.salt); err != nil {
+		return nil, err
+	}
+
+	return params, nil
+}
+
+// Parse reads a binary specification for a string-to-key transformation from r
+// and returns a function which performs that transform. If the S2K is a special
+// GNU extension that indicates that the private key is missing, then the error
+// returned is errors.ErrDummyPrivateKey.
+func Parse(r io.Reader) (f func(out, in []byte), err error) {
+	params, err := ParseIntoParams(r)
+	if err != nil {
+		return nil, err
+	}
+
+	return params.Function()
+}
+
+// ParseIntoParams reads a binary specification for a string-to-key
+// transformation from r and returns a struct describing the s2k parameters.
+func ParseIntoParams(r io.Reader) (params *Params, err error) {
+	var buf [9]byte
+
+	_, err = io.ReadFull(r, buf[:2])
+	if err != nil {
+		return
+	}
+
+	params = &Params{
+		mode:   buf[0],
+		hashId: buf[1],
+	}
+
+	switch params.mode {
+	case 0:
+		return params, nil
+	case 1:
+		_, err = io.ReadFull(r, buf[:8])
+		if err != nil {
+			return nil, err
+		}
+
+		params.salt = buf[:8]
+		return params, nil
+	case 3:
+		_, err = io.ReadFull(r, buf[:9])
+		if err != nil {
+			return nil, err
+		}
+
+		params.salt = buf[:8]
+		params.countByte = buf[8]
+		return params, nil
+	case 101:
+		// This is a GNU extension. See
+		// https://git.gnupg.org/cgi-bin/gitweb.cgi?p=gnupg.git;a=blob;f=doc/DETAILS;h=fe55ae16ab4e26d8356dc574c9e8bc935e71aef1;hb=23191d7851eae2217ecdac6484349849a24fd94a#l1109
+		if _, err = io.ReadFull(r, buf[:4]); err != nil {
+			return nil, err
+		}
+		if buf[0] == 'G' && buf[1] == 'N' && buf[2] == 'U' && buf[3] == 1 {
+			return params, nil
+		}
+		return nil, errors.UnsupportedError("GNU S2K extension")
+	}
+
+	return nil, errors.UnsupportedError("S2K function")
+}
+
+func (params *Params) Dummy() bool {
+	return params != nil && params.mode == 101
+}
+
+func (params *Params) Function() (f func(out, in []byte), err error) {
+	if params.Dummy() {
+		return nil, errors.ErrDummyPrivateKey("dummy key found")
+	}
+	hashObj, ok := HashIdToHash(params.hashId)
+	if !ok {
+		return nil, errors.UnsupportedError("hash for S2K function: " + strconv.Itoa(int(params.hashId)))
+	}
+	if !hashObj.Available() {
+		return nil, errors.UnsupportedError("hash not available: " + strconv.Itoa(int(hashObj)))
+	}
+
+	switch params.mode {
+	case 0:
+		f := func(out, in []byte) {
+			Simple(out, hashObj.New(), in)
+		}
+
+		return f, nil
+	case 1:
+		f := func(out, in []byte) {
+			Salted(out, hashObj.New(), in, params.salt)
+		}
+
+		return f, nil
+	case 3:
+		f := func(out, in []byte) {
+			Iterated(out, hashObj.New(), in, params.salt, decodeCount(params.countByte))
+		}
+
+		return f, nil
+	}
+
+	return nil, errors.UnsupportedError("S2K function")
+}
+
+func (params *Params) Serialize(w io.Writer) (err error) {
+	if _, err = w.Write([]byte{params.mode}); err != nil {
+		return
+	}
+	if _, err = w.Write([]byte{params.hashId}); err != nil {
+		return
+	}
+	if params.Dummy() {
+		_, err = w.Write(append([]byte("GNU"), 1))
+		return
+	}
+	if params.mode > 0 {
+		if _, err = w.Write(params.salt); err != nil {
+			return
+		}
+		if params.mode == 3 {
+			_, err = w.Write([]byte{params.countByte})
+		}
+	}
+	return
+}
+
+// Serialize salts and stretches the given passphrase and writes the
+// resulting key into key. It also serializes an S2K descriptor to
+// w. The key stretching can be configured with c, which may be
+// nil. In that case, sensible defaults will be used.
+func Serialize(w io.Writer, key []byte, rand io.Reader, passphrase []byte, c *Config) error {
+	params, err := Generate(rand, c)
+	if err != nil {
+		return err
+	}
+	err = params.Serialize(w)
+	if err != nil {
+		return err
+	}
+
+	f, err := params.Function()
+	if err != nil {
+		return err
+	}
+	f(key, passphrase)
+	return nil
+}
+
+// HashIdToHash returns a crypto.Hash which corresponds to the given OpenPGP
+// hash id.
+func HashIdToHash(id byte) (h crypto.Hash, ok bool) {
+	if hash, ok := algorithm.HashById[id]; ok {
+		return hash.HashFunc(), true
+	}
+	return 0, false
+}
+
+// HashIdToString returns the name of the hash function corresponding to the
+// given OpenPGP hash id.
+func HashIdToString(id byte) (name string, ok bool) {
+	if hash, ok := algorithm.HashById[id]; ok {
+		return hash.String(), true
+	}
+	return "", false
+}
+
+// HashIdToHash returns an OpenPGP hash id which corresponds the given Hash.
+func HashToHashId(h crypto.Hash) (id byte, ok bool) {
+	for id, hash := range algorithm.HashById {
+		if hash.HashFunc() == h {
+			return id, true
+		}
+	}
+	return 0, false
+}
diff --git a/vendor/github.com/ProtonMail/go-crypto/openpgp/write.go b/vendor/github.com/ProtonMail/go-crypto/openpgp/write.go
new file mode 100644
index 0000000000..f0d7fe10de
--- /dev/null
+++ b/vendor/github.com/ProtonMail/go-crypto/openpgp/write.go
@@ -0,0 +1,568 @@
+// Copyright 2011 The Go Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package openpgp
+
+import (
+	"crypto"
+	"hash"
+	"io"
+	"strconv"
+	"time"
+
+	"github.com/ProtonMail/go-crypto/openpgp/armor"
+	"github.com/ProtonMail/go-crypto/openpgp/errors"
+	"github.com/ProtonMail/go-crypto/openpgp/packet"
+	"github.com/ProtonMail/go-crypto/openpgp/s2k"
+)
+
+// DetachSign signs message with the private key from signer (which must
+// already have been decrypted) and writes the signature to w.
+// If config is nil, sensible defaults will be used.
+func DetachSign(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) error {
+	return detachSign(w, signer, message, packet.SigTypeBinary, config)
+}
+
+// ArmoredDetachSign signs message with the private key from signer (which
+// must already have been decrypted) and writes an armored signature to w.
+// If config is nil, sensible defaults will be used.
+func ArmoredDetachSign(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) (err error) {
+	return armoredDetachSign(w, signer, message, packet.SigTypeBinary, config)
+}
+
+// DetachSignText signs message (after canonicalising the line endings) with
+// the private key from signer (which must already have been decrypted) and
+// writes the signature to w.
+// If config is nil, sensible defaults will be used.
+func DetachSignText(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) error {
+	return detachSign(w, signer, message, packet.SigTypeText, config)
+}
+
+// ArmoredDetachSignText signs message (after canonicalising the line endings)
+// with the private key from signer (which must already have been decrypted)
+// and writes an armored signature to w.
+// If config is nil, sensible defaults will be used.
+func ArmoredDetachSignText(w io.Writer, signer *Entity, message io.Reader, config *packet.Config) error {
+	return armoredDetachSign(w, signer, message, packet.SigTypeText, config)
+}
+
+func armoredDetachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType, config *packet.Config) (err error) {
+	out, err := armor.Encode(w, SignatureType, nil)
+	if err != nil {
+		return
+	}
+	err = detachSign(out, signer, message, sigType, config)
+	if err != nil {
+		return
+	}
+	return out.Close()
+}
+
+func detachSign(w io.Writer, signer *Entity, message io.Reader, sigType packet.SignatureType, config *packet.Config) (err error) {
+	signingKey, ok := signer.SigningKeyById(config.Now(), config.SigningKey())
+	if !ok {
+		return errors.InvalidArgumentError("no valid signing keys")
+	}
+	if signingKey.PrivateKey == nil {
+		return errors.InvalidArgumentError("signing key doesn't have a private key")
+	}
+	if signingKey.PrivateKey.Encrypted {
+		return errors.InvalidArgumentError("signing key is encrypted")
+	}
+
+	sig := new(packet.Signature)
+	sig.SigType = sigType
+	sig.PubKeyAlgo = signingKey.PrivateKey.PubKeyAlgo
+	sig.Hash = config.Hash()
+	sig.CreationTime = config.Now()
+	sigLifetimeSecs := config.SigLifetime()
+	sig.SigLifetimeSecs = &sigLifetimeSecs
+	sig.IssuerKeyId = &signingKey.PrivateKey.KeyId
+
+	h, wrappedHash, err := hashForSignature(sig.Hash, sig.SigType)
+	if err != nil {
+		return
+	}
+	if _, err = io.Copy(wrappedHash, message); err != nil {
+		return err
+	}
+
+	err = sig.Sign(h, signingKey.PrivateKey, config)
+	if err != nil {
+		return
+	}
+
+	return sig.Serialize(w)
+}
+
+// FileHints contains metadata about encrypted files. This metadata is, itself,
+// encrypted.
+type FileHints struct {
+	// IsBinary can be set to hint that the contents are binary data.
+	IsBinary bool
+	// FileName hints at the name of the file that should be written. It's
+	// truncated to 255 bytes if longer. It may be empty to suggest that the
+	// file should not be written to disk. It may be equal to "_CONSOLE" to
+	// suggest the data should not be written to disk.
+	FileName string
+	// ModTime contains the modification time of the file, or the zero time if not applicable.
+	ModTime time.Time
+}
+
+// SymmetricallyEncrypt acts like gpg -c: it encrypts a file with a passphrase.
+// The resulting WriteCloser must be closed after the contents of the file have
+// been written.
+// If config is nil, sensible defaults will be used.
+func SymmetricallyEncrypt(ciphertext io.Writer, passphrase []byte, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
+	if hints == nil {
+		hints = &FileHints{}
+	}
+
+	key, err := packet.SerializeSymmetricKeyEncrypted(ciphertext, passphrase, config)
+	if err != nil {
+		return
+	}
+
+	var w io.WriteCloser
+	if config.AEAD() != nil {
+		w, err = packet.SerializeAEADEncrypted(ciphertext, key, config.Cipher(), config.AEAD().Mode(), config)
+		if err != nil {
+			return
+		}
+	} else {
+		w, err = packet.SerializeSymmetricallyEncrypted(ciphertext, config.Cipher(), key, config)
+		if err != nil {
+			return
+		}
+	}
+
+	literalData := w
+	if algo := config.Compression(); algo != packet.CompressionNone {
+		var compConfig *packet.CompressionConfig
+		if config != nil {
+			compConfig = config.CompressionConfig
+		}
+		literalData, err = packet.SerializeCompressed(w, algo, compConfig)
+		if err != nil {
+			return
+		}
+	}
+
+	var epochSeconds uint32
+	if !hints.ModTime.IsZero() {
+		epochSeconds = uint32(hints.ModTime.Unix())
+	}
+	return packet.SerializeLiteral(literalData, hints.IsBinary, hints.FileName, epochSeconds)
+}
+
+// intersectPreferences mutates and returns a prefix of a that contains only
+// the values in the intersection of a and b. The order of a is preserved.
+func intersectPreferences(a []uint8, b []uint8) (intersection []uint8) {
+	var j int
+	for _, v := range a {
+		for _, v2 := range b {
+			if v == v2 {
+				a[j] = v
+				j++
+				break
+			}
+		}
+	}
+
+	return a[:j]
+}
+
+func hashToHashId(h crypto.Hash) uint8 {
+	v, ok := s2k.HashToHashId(h)
+	if !ok {
+		panic("tried to convert unknown hash")
+	}
+	return v
+}
+
+// EncryptText encrypts a message to a number of recipients and, optionally,
+// signs it. Optional information is contained in 'hints', also encrypted, that
+// aids the recipients in processing the message. The resulting WriteCloser
+// must be closed after the contents of the file have been written. If config
+// is nil, sensible defaults will be used. The signing is done in text mode.
+func EncryptText(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
+	return encrypt(ciphertext, ciphertext, to, signed, hints, packet.SigTypeText, config)
+}
+
+// Encrypt encrypts a message to a number of recipients and, optionally, signs
+// it. hints contains optional information, that is also encrypted, that aids
+// the recipients in processing the message. The resulting WriteCloser must
+// be closed after the contents of the file have been written.
+// If config is nil, sensible defaults will be used.
+func Encrypt(ciphertext io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
+	return encrypt(ciphertext, ciphertext, to, signed, hints, packet.SigTypeBinary, config)
+}
+
+// EncryptSplit encrypts a message to a number of recipients and, optionally, signs
+// it. hints contains optional information, that is also encrypted, that aids
+// the recipients in processing the message. The resulting WriteCloser must
+// be closed after the contents of the file have been written.
+// If config is nil, sensible defaults will be used.
+func EncryptSplit(keyWriter io.Writer, dataWriter io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
+	return encrypt(keyWriter, dataWriter, to, signed, hints, packet.SigTypeBinary, config)
+}
+
+// EncryptTextSplit encrypts a message to a number of recipients and, optionally, signs
+// it. hints contains optional information, that is also encrypted, that aids
+// the recipients in processing the message. The resulting WriteCloser must
+// be closed after the contents of the file have been written.
+// If config is nil, sensible defaults will be used.
+func EncryptTextSplit(keyWriter io.Writer, dataWriter io.Writer, to []*Entity, signed *Entity, hints *FileHints, config *packet.Config) (plaintext io.WriteCloser, err error) {
+	return encrypt(keyWriter, dataWriter, to, signed, hints, packet.SigTypeText, config)
+}
+
+// writeAndSign writes the data as a payload package and, optionally, signs
+// it. hints contains optional information, that is also encrypted,
+// that aids the recipients in processing the message. The resulting
+// WriteCloser must be closed after the contents of the file have been
+// written. If config is nil, sensible defaults will be used.
+func writeAndSign(payload io.WriteCloser, candidateHashes []uint8, signed *Entity, hints *FileHints, sigType packet.SignatureType, config *packet.Config) (plaintext io.WriteCloser, err error) {
+	var signer *packet.PrivateKey
+	if signed != nil {
+		signKey, ok := signed.SigningKeyById(config.Now(), config.SigningKey())
+		if !ok {
+			return nil, errors.InvalidArgumentError("no valid signing keys")
+		}
+		signer = signKey.PrivateKey
+		if signer == nil {
+			return nil, errors.InvalidArgumentError("no private key in signing key")
+		}
+		if signer.Encrypted {
+			return nil, errors.InvalidArgumentError("signing key must be decrypted")
+		}
+	}
+
+	var hash crypto.Hash
+	for _, hashId := range candidateHashes {
+		if h, ok := s2k.HashIdToHash(hashId); ok && h.Available() {
+			hash = h
+			break
+		}
+	}
+
+	// If the hash specified by config is a candidate, we'll use that.
+	if configuredHash := config.Hash(); configuredHash.Available() {
+		for _, hashId := range candidateHashes {
+			if h, ok := s2k.HashIdToHash(hashId); ok && h == configuredHash {
+				hash = h
+				break
+			}
+		}
+	}
+
+	if hash == 0 {
+		hashId := candidateHashes[0]
+		name, ok := s2k.HashIdToString(hashId)
+		if !ok {
+			name = "#" + strconv.Itoa(int(hashId))
+		}
+		return nil, errors.InvalidArgumentError("cannot encrypt because no candidate hash functions are compiled in. (Wanted " + name + " in this case.)")
+	}
+
+	if signer != nil {
+		ops := &packet.OnePassSignature{
+			SigType:    sigType,
+			Hash:       hash,
+			PubKeyAlgo: signer.PubKeyAlgo,
+			KeyId:      signer.KeyId,
+			IsLast:     true,
+		}
+		if err := ops.Serialize(payload); err != nil {
+			return nil, err
+		}
+	}
+
+	if hints == nil {
+		hints = &FileHints{}
+	}
+
+	w := payload
+	if signer != nil {
+		// If we need to write a signature packet after the literal
+		// data then we need to stop literalData from closing
+		// encryptedData.
+		w = noOpCloser{w}
+
+	}
+	var epochSeconds uint32
+	if !hints.ModTime.IsZero() {
+		epochSeconds = uint32(hints.ModTime.Unix())
+	}
+	literalData, err := packet.SerializeLiteral(w, hints.IsBinary, hints.FileName, epochSeconds)
+	if err != nil {
+		return nil, err
+	}
+
+	if signer != nil {
+		h, wrappedHash, err := hashForSignature(hash, sigType)
+		if err != nil {
+			return nil, err
+		}
+		metadata := &packet.LiteralData{
+			Format:   't',
+			FileName: hints.FileName,
+			Time:     epochSeconds,
+		}
+		if hints.IsBinary {
+			metadata.Format = 'b'
+		}
+		return signatureWriter{payload, literalData, hash, wrappedHash, h, signer, sigType, config, metadata}, nil
+	}
+	return literalData, nil
+}
+
+// encrypt encrypts a message to a number of recipients and, optionally, signs
+// it. hints contains optional information, that is also encrypted, that aids
+// the recipients in processing the message. The resulting WriteCloser must
+// be closed after the contents of the file have been written.
+// If config is nil, sensible defaults will be used.
+func encrypt(keyWriter io.Writer, dataWriter io.Writer, to []*Entity, signed *Entity, hints *FileHints, sigType packet.SignatureType, config *packet.Config) (plaintext io.WriteCloser, err error) {
+	if len(to) == 0 {
+		return nil, errors.InvalidArgumentError("no encryption recipient provided")
+	}
+
+	// These are the possible ciphers that we'll use for the message.
+	candidateCiphers := []uint8{
+		uint8(packet.CipherAES128),
+		uint8(packet.CipherAES256),
+		uint8(packet.CipherCAST5),
+	}
+	// These are the possible hash functions that we'll use for the signature.
+	candidateHashes := []uint8{
+		hashToHashId(crypto.SHA256),
+		hashToHashId(crypto.SHA384),
+		hashToHashId(crypto.SHA512),
+		hashToHashId(crypto.SHA1),
+		hashToHashId(crypto.RIPEMD160),
+	}
+	candidateAeadModes := []uint8{
+		uint8(packet.AEADModeEAX),
+		uint8(packet.AEADModeOCB),
+		uint8(packet.AEADModeExperimentalGCM),
+	}
+	candidateCompression := []uint8{
+		uint8(packet.CompressionNone),
+		uint8(packet.CompressionZIP),
+		uint8(packet.CompressionZLIB),
+	}
+	// In the event that a recipient doesn't specify any supported ciphers
+	// or hash functions, these are the ones that we assume that every
+	// implementation supports.
+	defaultCiphers := candidateCiphers[0:1]
+	defaultHashes := candidateHashes[0:1]
+	defaultAeadModes := candidateAeadModes[0:1]
+	defaultCompression := candidateCompression[0:1]
+
+	encryptKeys := make([]Key, len(to))
+	// AEAD is used only if every key supports it.
+	aeadSupported := true
+
+	for i := range to {
+		var ok bool
+		encryptKeys[i], ok = to[i].EncryptionKey(config.Now())
+		if !ok {
+			return nil, errors.InvalidArgumentError("cannot encrypt a message to key id " + strconv.FormatUint(to[i].PrimaryKey.KeyId, 16) + " because it has no encryption keys")
+		}
+
+		sig := to[i].PrimaryIdentity().SelfSignature
+		if sig.AEAD == false {
+			aeadSupported = false
+		}
+
+		preferredSymmetric := sig.PreferredSymmetric
+		if len(preferredSymmetric) == 0 {
+			preferredSymmetric = defaultCiphers
+		}
+		preferredHashes := sig.PreferredHash
+		if len(preferredHashes) == 0 {
+			preferredHashes = defaultHashes
+		}
+		preferredAeadModes := sig.PreferredAEAD
+		if len(preferredAeadModes) == 0 {
+			preferredAeadModes = defaultAeadModes
+		}
+		preferredCompression := sig.PreferredCompression
+		if len(preferredCompression) == 0 {
+			preferredCompression = defaultCompression
+		}
+		candidateCiphers = intersectPreferences(candidateCiphers, preferredSymmetric)
+		candidateHashes = intersectPreferences(candidateHashes, preferredHashes)
+		candidateAeadModes = intersectPreferences(candidateAeadModes, preferredAeadModes)
+		candidateCompression = intersectPreferences(candidateCompression, preferredCompression)
+	}
+
+	if len(candidateCiphers) == 0 || len(candidateHashes) == 0 || len(candidateAeadModes) == 0 {
+		return nil, errors.InvalidArgumentError("cannot encrypt because recipient set shares no common algorithms")
+	}
+
+	cipher := packet.CipherFunction(candidateCiphers[0])
+	mode := packet.AEADMode(candidateAeadModes[0])
+	// If the cipher specified by config is a candidate, we'll use that.
+	configuredCipher := config.Cipher()
+	for _, c := range candidateCiphers {
+		cipherFunc := packet.CipherFunction(c)
+		if cipherFunc == configuredCipher {
+			cipher = cipherFunc
+			break
+		}
+	}
+
+	symKey := make([]byte, cipher.KeySize())
+	if _, err := io.ReadFull(config.Random(), symKey); err != nil {
+		return nil, err
+	}
+
+	for _, key := range encryptKeys {
+		if err := packet.SerializeEncryptedKey(keyWriter, key.PublicKey, cipher, symKey, config); err != nil {
+			return nil, err
+		}
+	}
+
+	var payload io.WriteCloser
+	if aeadSupported {
+		payload, err = packet.SerializeAEADEncrypted(dataWriter, symKey, cipher, mode, config)
+		if err != nil {
+			return
+		}
+	} else {
+		payload, err = packet.SerializeSymmetricallyEncrypted(dataWriter, cipher, symKey, config)
+		if err != nil {
+			return
+		}
+	}
+	payload, err = handleCompression(payload, candidateCompression, config)
+	if err != nil {
+		return nil, err
+	}
+
+	return writeAndSign(payload, candidateHashes, signed, hints, sigType, config)
+}
+
+// Sign signs a message. The resulting WriteCloser must be closed after the
+// contents of the file have been written.  hints contains optional information
+// that aids the recipients in processing the message.
+// If config is nil, sensible defaults will be used.
+func Sign(output io.Writer, signed *Entity, hints *FileHints, config *packet.Config) (input io.WriteCloser, err error) {
+	if signed == nil {
+		return nil, errors.InvalidArgumentError("no signer provided")
+	}
+
+	// These are the possible hash functions that we'll use for the signature.
+	candidateHashes := []uint8{
+		hashToHashId(crypto.SHA256),
+		hashToHashId(crypto.SHA384),
+		hashToHashId(crypto.SHA512),
+		hashToHashId(crypto.SHA1),
+		hashToHashId(crypto.RIPEMD160),
+	}
+	defaultHashes := candidateHashes[0:1]
+	preferredHashes := signed.PrimaryIdentity().SelfSignature.PreferredHash
+	if len(preferredHashes) == 0 {
+		preferredHashes = defaultHashes
+	}
+	candidateHashes = intersectPreferences(candidateHashes, preferredHashes)
+	if len(candidateHashes) == 0 {
+		return nil, errors.InvalidArgumentError("cannot sign because signing key shares no common algorithms with candidate hashes")
+	}
+
+	return writeAndSign(noOpCloser{output}, candidateHashes, signed, hints, packet.SigTypeBinary, config)
+}
+
+// signatureWriter hashes the contents of a message while passing it along to
+// literalData. When closed, it closes literalData, writes a signature packet
+// to encryptedData and then also closes encryptedData.
+type signatureWriter struct {
+	encryptedData io.WriteCloser
+	literalData   io.WriteCloser
+	hashType      crypto.Hash
+	wrappedHash   hash.Hash
+	h             hash.Hash
+	signer        *packet.PrivateKey
+	sigType       packet.SignatureType
+	config        *packet.Config
+	metadata      *packet.LiteralData // V5 signatures protect document metadata
+}
+
+func (s signatureWriter) Write(data []byte) (int, error) {
+	s.wrappedHash.Write(data)
+	switch s.sigType {
+	case packet.SigTypeBinary:
+		return s.literalData.Write(data)
+	case packet.SigTypeText:
+		flag := 0
+		return writeCanonical(s.literalData, data, &flag)
+	}
+	return 0, errors.UnsupportedError("unsupported signature type: " + strconv.Itoa(int(s.sigType)))
+}
+
+func (s signatureWriter) Close() error {
+	sig := &packet.Signature{
+		Version:      s.signer.Version,
+		SigType:      s.sigType,
+		PubKeyAlgo:   s.signer.PubKeyAlgo,
+		Hash:         s.hashType,
+		CreationTime: s.config.Now(),
+		IssuerKeyId:  &s.signer.KeyId,
+		Metadata:     s.metadata,
+	}
+
+	if err := sig.Sign(s.h, s.signer, s.config); err != nil {
+		return err
+	}
+	if err := s.literalData.Close(); err != nil {
+		return err
+	}
+	if err := sig.Serialize(s.encryptedData); err != nil {
+		return err
+	}
+	return s.encryptedData.Close()
+}
+
+// noOpCloser is like an ioutil.NopCloser, but for an io.Writer.
+// TODO: we have two of these in OpenPGP packages alone. This probably needs
+// to be promoted somewhere more common.
+type noOpCloser struct {
+	w io.Writer
+}
+
+func (c noOpCloser) Write(data []byte) (n int, err error) {
+	return c.w.Write(data)
+}
+
+func (c noOpCloser) Close() error {
+	return nil
+}
+
+func handleCompression(compressed io.WriteCloser, candidateCompression []uint8, config *packet.Config) (data io.WriteCloser, err error) {
+	data = compressed
+	confAlgo := config.Compression()
+	if confAlgo == packet.CompressionNone {
+		return
+	}
+	finalAlgo := packet.CompressionNone
+	// if compression specified by config available we will use it
+	for _, c := range candidateCompression {
+		if uint8(confAlgo) == c {
+			finalAlgo = confAlgo
+			break
+		}
+	}
+
+	if finalAlgo != packet.CompressionNone {
+		var compConfig *packet.CompressionConfig
+		if config != nil {
+			compConfig = config.CompressionConfig
+		}
+		data, err = packet.SerializeCompressed(compressed, finalAlgo, compConfig)
+		if err != nil {
+			return
+		}
+	}
+	return data, nil
+}
diff --git a/vendor/github.com/PuerkitoBio/goquery/.travis.yml b/vendor/github.com/PuerkitoBio/goquery/.travis.yml
index 27c3ce8136..29e9e64ab2 100644
--- a/vendor/github.com/PuerkitoBio/goquery/.travis.yml
+++ b/vendor/github.com/PuerkitoBio/goquery/.travis.yml
@@ -1,3 +1,6 @@
+arch:
+    - amd64
+    - ppc64le
 language: go
 
 go:
@@ -15,3 +18,27 @@ go:
     - 1.13.x
     - tip
 
+jobs:
+ exclude:
+    - arch: ppc64le
+      go: 1.2.x
+    - arch: ppc64le
+      go: 1.3.x
+    - arch: ppc64le
+      go: 1.4.x
+    - arch: ppc64le
+      go: 1.5.x
+    - arch: ppc64le
+      go: 1.6.x
+    - arch: ppc64le
+      go: 1.7.x
+    - arch: ppc64le
+      go: 1.8.x
+    - arch: ppc64le
+      go: 1.9.x
+    - arch: ppc64le
+      go: 1.10.x
+    - arch: ppc64le
+      go: 1.11.x
+    - arch: ppc64le
+      go: 1.12.x
diff --git a/vendor/github.com/PuerkitoBio/goquery/README.md b/vendor/github.com/PuerkitoBio/goquery/README.md
index 0bc221d163..ac9b2c206c 100644
--- a/vendor/github.com/PuerkitoBio/goquery/README.md
+++ b/vendor/github.com/PuerkitoBio/goquery/README.md
@@ -37,6 +37,8 @@ Please note that because of the net/html dependency, goquery requires Go1.1+.
 
 **Note that goquery's API is now stable, and will not break.**
 
+*    **2021-01-11 (v1.6.1)** : Fix panic when calling `{Prepend,Append,Set}Html` on a `Selection` that contains non-Element nodes.
+*    **2020-10-08 (v1.6.0)** : Parse html in context of the container node for all functions that deal with html strings (`AfterHtml`, `AppendHtml`, etc.). Thanks to [@thiemok][thiemok] and [@davidjwilkins][djw] for their work on this.
 *    **2020-02-04 (v1.5.1)** : Update module dependencies.
 *    **2018-11-15 (v1.5.0)** : Go module support (thanks @Zaba505).
 *    **2018-06-07 (v1.4.1)** : Add `NewDocumentFromReader` examples.
@@ -143,8 +145,10 @@ func main() {
 - [gnulnx/goperf](https://github.com/gnulnx/goperf), a website performance test tool that also fetches static assets.
 - [MontFerret/ferret](https://github.com/MontFerret/ferret), declarative web scraping.
 - [tacusci/berrycms](https://github.com/tacusci/berrycms), a modern simple to use CMS with easy to write plugins
-- [Dataflow kit](https://github.com/slotix/dataflowkit), Web Scraping framework for Gophers.  
+- [Dataflow kit](https://github.com/slotix/dataflowkit), Web Scraping framework for Gophers.
 - [Geziyor](https://github.com/geziyor/geziyor), a fast web crawling & scraping framework for Go. Supports JS rendering.
+- [Pagser](https://github.com/foolin/pagser), a simple, easy, extensible, configurable HTML parser to struct based on goquery and struct tags.
+- [stitcherd](https://github.com/vhodges/stitcherd), A server for doing server side includes using css selectors and DOM updates.
 
 ## Support
 
@@ -181,3 +185,5 @@ The [BSD 3-Clause license][bsd], the same as the [Go language][golic]. Cascadia'
 [thatguystone]: https://github.com/thatguystone
 [piotr]: https://github.com/piotrkowalczuk
 [goq]: https://github.com/andrewstuart/goq
+[thiemok]: https://github.com/thiemok
+[djw]: https://github.com/davidjwilkins
diff --git a/vendor/github.com/PuerkitoBio/goquery/manipulation.go b/vendor/github.com/PuerkitoBio/goquery/manipulation.go
index 34eb7570fb..35febf1189 100644
--- a/vendor/github.com/PuerkitoBio/goquery/manipulation.go
+++ b/vendor/github.com/PuerkitoBio/goquery/manipulation.go
@@ -39,8 +39,15 @@ func (s *Selection) AfterSelection(sel *Selection) *Selection {
 // AfterHtml parses the html and inserts it after the set of matched elements.
 //
 // This follows the same rules as Selection.Append.
-func (s *Selection) AfterHtml(html string) *Selection {
-	return s.AfterNodes(parseHtml(html)...)
+func (s *Selection) AfterHtml(htmlStr string) *Selection {
+	return s.eachNodeHtml(htmlStr, true, func(node *html.Node, nodes []*html.Node) {
+		nextSibling := node.NextSibling
+		for _, n := range nodes {
+			if node.Parent != nil {
+				node.Parent.InsertBefore(n, nextSibling)
+			}
+		}
+	})
 }
 
 // AfterNodes inserts the nodes after each element in the set of matched elements.
@@ -85,8 +92,12 @@ func (s *Selection) AppendSelection(sel *Selection) *Selection {
 }
 
 // AppendHtml parses the html and appends it to the set of matched elements.
-func (s *Selection) AppendHtml(html string) *Selection {
-	return s.AppendNodes(parseHtml(html)...)
+func (s *Selection) AppendHtml(htmlStr string) *Selection {
+	return s.eachNodeHtml(htmlStr, false, func(node *html.Node, nodes []*html.Node) {
+		for _, n := range nodes {
+			node.AppendChild(n)
+		}
+	})
 }
 
 // AppendNodes appends the specified nodes to each node in the set of matched elements.
@@ -123,8 +134,14 @@ func (s *Selection) BeforeSelection(sel *Selection) *Selection {
 // BeforeHtml parses the html and inserts it before the set of matched elements.
 //
 // This follows the same rules as Selection.Append.
-func (s *Selection) BeforeHtml(html string) *Selection {
-	return s.BeforeNodes(parseHtml(html)...)
+func (s *Selection) BeforeHtml(htmlStr string) *Selection {
+	return s.eachNodeHtml(htmlStr, true, func(node *html.Node, nodes []*html.Node) {
+		for _, n := range nodes {
+			if node.Parent != nil {
+				node.Parent.InsertBefore(n, node)
+			}
+		}
+	})
 }
 
 // BeforeNodes inserts the nodes before each element in the set of matched elements.
@@ -184,8 +201,13 @@ func (s *Selection) PrependSelection(sel *Selection) *Selection {
 }
 
 // PrependHtml parses the html and prepends it to the set of matched elements.
-func (s *Selection) PrependHtml(html string) *Selection {
-	return s.PrependNodes(parseHtml(html)...)
+func (s *Selection) PrependHtml(htmlStr string) *Selection {
+	return s.eachNodeHtml(htmlStr, false, func(node *html.Node, nodes []*html.Node) {
+		firstChild := node.FirstChild
+		for _, n := range nodes {
+			node.InsertBefore(n, firstChild)
+		}
+	})
 }
 
 // PrependNodes prepends the specified nodes to each node in the set of
@@ -212,14 +234,19 @@ func (s *Selection) Remove() *Selection {
 	return s
 }
 
-// RemoveFiltered removes the set of matched elements by selector.
-// It returns the Selection of removed nodes.
+// RemoveFiltered removes from the current set of matched elements those that
+// match the selector filter. It returns the Selection of removed nodes.
+//
+// For example if the selection s contains "<h1>", "<h2>" and "<h3>"
+// and s.RemoveFiltered("h2") is called, only the "<h2>" node is removed
+// (and returned), while "<h1>" and "<h3>" are kept in the document.
 func (s *Selection) RemoveFiltered(selector string) *Selection {
 	return s.RemoveMatcher(compileMatcher(selector))
 }
 
-// RemoveMatcher removes the set of matched elements.
-// It returns the Selection of removed nodes.
+// RemoveMatcher removes from the current set of matched elements those that
+// match the Matcher filter. It returns the Selection of removed nodes.
+// See RemoveFiltered for additional information.
 func (s *Selection) RemoveMatcher(m Matcher) *Selection {
 	return s.FilterMatcher(m).Remove()
 }
@@ -256,8 +283,16 @@ func (s *Selection) ReplaceWithSelection(sel *Selection) *Selection {
 // It returns the removed elements.
 //
 // This follows the same rules as Selection.Append.
-func (s *Selection) ReplaceWithHtml(html string) *Selection {
-	return s.ReplaceWithNodes(parseHtml(html)...)
+func (s *Selection) ReplaceWithHtml(htmlStr string) *Selection {
+	s.eachNodeHtml(htmlStr, true, func(node *html.Node, nodes []*html.Node) {
+		nextSibling := node.NextSibling
+		for _, n := range nodes {
+			if node.Parent != nil {
+				node.Parent.InsertBefore(n, nextSibling)
+			}
+		}
+	})
+	return s.Remove()
 }
 
 // ReplaceWithNodes replaces each element in the set of matched elements with
@@ -272,8 +307,17 @@ func (s *Selection) ReplaceWithNodes(ns ...*html.Node) *Selection {
 
 // SetHtml sets the html content of each element in the selection to
 // specified html string.
-func (s *Selection) SetHtml(html string) *Selection {
-	return setHtmlNodes(s, parseHtml(html)...)
+func (s *Selection) SetHtml(htmlStr string) *Selection {
+	for _, context := range s.Nodes {
+		for c := context.FirstChild; c != nil; c = context.FirstChild {
+			context.RemoveChild(c)
+		}
+	}
+	return s.eachNodeHtml(htmlStr, false, func(node *html.Node, nodes []*html.Node) {
+		for _, n := range nodes {
+			node.AppendChild(n)
+		}
+	})
 }
 
 // SetText sets the content of each element in the selection to specified content.
@@ -329,8 +373,23 @@ func (s *Selection) WrapSelection(sel *Selection) *Selection {
 // most child of the given HTML.
 //
 // It returns the original set of elements.
-func (s *Selection) WrapHtml(html string) *Selection {
-	return s.wrapNodes(parseHtml(html)...)
+func (s *Selection) WrapHtml(htmlStr string) *Selection {
+	nodesMap := make(map[string][]*html.Node)
+	for _, context := range s.Nodes {
+		var parent *html.Node
+		if context.Parent != nil {
+			parent = context.Parent
+		} else {
+			parent = &html.Node{Type: html.ElementNode}
+		}
+		nodes, found := nodesMap[nodeName(parent)]
+		if !found {
+			nodes = parseHtmlWithContext(htmlStr, parent)
+			nodesMap[nodeName(parent)] = nodes
+		}
+		newSingleSelection(context, s.document).wrapAllNodes(cloneNodes(nodes)...)
+	}
+	return s
 }
 
 // WrapNode wraps each element in the set of matched elements inside the inner-
@@ -382,8 +441,18 @@ func (s *Selection) WrapAllSelection(sel *Selection) *Selection {
 // document.
 //
 // It returns the original set of elements.
-func (s *Selection) WrapAllHtml(html string) *Selection {
-	return s.wrapAllNodes(parseHtml(html)...)
+func (s *Selection) WrapAllHtml(htmlStr string) *Selection {
+	var context *html.Node
+	var nodes []*html.Node
+	if len(s.Nodes) > 0 {
+		context = s.Nodes[0]
+		if context.Parent != nil {
+			nodes = parseHtmlWithContext(htmlStr, context)
+		} else {
+			nodes = parseHtml(htmlStr)
+		}
+	}
+	return s.wrapAllNodes(nodes...)
 }
 
 func (s *Selection) wrapAllNodes(ns ...*html.Node) *Selection {
@@ -452,8 +521,17 @@ func (s *Selection) WrapInnerSelection(sel *Selection) *Selection {
 // cloned before being inserted into the document.
 //
 // It returns the original set of elements.
-func (s *Selection) WrapInnerHtml(html string) *Selection {
-	return s.wrapInnerNodes(parseHtml(html)...)
+func (s *Selection) WrapInnerHtml(htmlStr string) *Selection {
+	nodesMap := make(map[string][]*html.Node)
+	for _, context := range s.Nodes {
+		nodes, found := nodesMap[nodeName(context)]
+		if !found {
+			nodes = parseHtmlWithContext(htmlStr, context)
+			nodesMap[nodeName(context)] = nodes
+		}
+		newSingleSelection(context, s.document).wrapInnerNodes(cloneNodes(nodes)...)
+	}
+	return s
 }
 
 // WrapInnerNode wraps an HTML structure, matched by the given selector, around
@@ -493,16 +571,14 @@ func parseHtml(h string) []*html.Node {
 	return nodes
 }
 
-func setHtmlNodes(s *Selection, ns ...*html.Node) *Selection {
-	for _, n := range s.Nodes {
-		for c := n.FirstChild; c != nil; c = n.FirstChild {
-			n.RemoveChild(c)
-		}
-		for _, c := range ns {
-			n.AppendChild(cloneNode(c))
-		}
+func parseHtmlWithContext(h string, context *html.Node) []*html.Node {
+	// Errors are only returned when the io.Reader returns any error besides
+	// EOF, but strings.Reader never will
+	nodes, err := html.ParseFragment(strings.NewReader(h), context)
+	if err != nil {
+		panic("goquery: failed to parse HTML: " + err.Error())
 	}
-	return s
+	return nodes
 }
 
 // Get the first child that is an ElementNode
@@ -572,3 +648,32 @@ func (s *Selection) manipulateNodes(ns []*html.Node, reverse bool,
 
 	return s
 }
+
+// eachNodeHtml parses the given html string and inserts the resulting nodes in the dom with the mergeFn.
+// The parsed nodes are inserted for each element of the selection.
+// isParent can be used to indicate that the elements of the selection should be treated as the parent for the parsed html.
+// A cache is used to avoid parsing the html multiple times should the elements of the selection result in the same context.
+func (s *Selection) eachNodeHtml(htmlStr string, isParent bool, mergeFn func(n *html.Node, nodes []*html.Node)) *Selection {
+	// cache to avoid parsing the html for the same context multiple times
+	nodeCache := make(map[string][]*html.Node)
+	var context *html.Node
+	for _, n := range s.Nodes {
+		if isParent {
+			context = n.Parent
+		} else {
+			if n.Type != html.ElementNode {
+				continue
+			}
+			context = n
+		}
+		if context != nil {
+			nodes, found := nodeCache[nodeName(context)]
+			if !found {
+				nodes = parseHtmlWithContext(htmlStr, context)
+				nodeCache[nodeName(context)] = nodes
+			}
+			mergeFn(n, cloneNodes(nodes))
+		}
+	}
+	return s
+}
diff --git a/vendor/github.com/PuerkitoBio/goquery/utilities.go b/vendor/github.com/PuerkitoBio/goquery/utilities.go
index b4c061a4d4..3e11b1db1b 100644
--- a/vendor/github.com/PuerkitoBio/goquery/utilities.go
+++ b/vendor/github.com/PuerkitoBio/goquery/utilities.go
@@ -36,12 +36,22 @@ func NodeName(s *Selection) string {
 	if s.Length() == 0 {
 		return ""
 	}
-	switch n := s.Get(0); n.Type {
+	return nodeName(s.Get(0))
+}
+
+// nodeName returns the node name of the given html node.
+// See NodeName for additional details on behaviour.
+func nodeName(node *html.Node) string {
+	if node == nil {
+		return ""
+	}
+
+	switch node.Type {
 	case html.ElementNode, html.DoctypeNode:
-		return n.Data
+		return node.Data
 	default:
-		if n.Type >= 0 && int(n.Type) < len(nodeNames) {
-			return nodeNames[n.Type]
+		if node.Type >= 0 && int(node.Type) < len(nodeNames) {
+			return nodeNames[node.Type]
 		}
 		return ""
 	}
diff --git a/vendor/github.com/RoaringBitmap/roaring/Makefile b/vendor/github.com/RoaringBitmap/roaring/Makefile
index a22f3d330b..0a4f9f0aae 100644
--- a/vendor/github.com/RoaringBitmap/roaring/Makefile
+++ b/vendor/github.com/RoaringBitmap/roaring/Makefile
@@ -64,7 +64,7 @@ qa: fmtcheck test vet lint
 # Get the dependencies
 deps:
 	GOPATH=$(GOPATH) go get github.com/stretchr/testify
-	GOPATH=$(GOPATH) go get github.com/willf/bitset
+	GOPATH=$(GOPATH) go get github.com/bits-and-blooms/bitset
 	GOPATH=$(GOPATH) go get github.com/golang/lint/golint
 	GOPATH=$(GOPATH) go get github.com/mschoch/smat
 	GOPATH=$(GOPATH) go get github.com/dvyukov/go-fuzz/go-fuzz
diff --git a/vendor/github.com/RoaringBitmap/roaring/README.md b/vendor/github.com/RoaringBitmap/roaring/README.md
index 00d2351c05..2a7a129060 100644
--- a/vendor/github.com/RoaringBitmap/roaring/README.md
+++ b/vendor/github.com/RoaringBitmap/roaring/README.md
@@ -1,4 +1,4 @@
-roaring [![Build Status](https://travis-ci.org/RoaringBitmap/roaring.png)](https://travis-ci.org/RoaringBitmap/roaring) [![GoDoc](https://godoc.org/github.com/RoaringBitmap/roaring?status.svg)](https://godoc.org/github.com/RoaringBitmap/roaring) [![GoDoc](https://godoc.org/github.com/RoaringBitmap/roaring/roaring64?status.svg)](https://godoc.org/github.com/RoaringBitmap/roaring/roaring64) [![Go Report Card](https://goreportcard.com/badge/RoaringBitmap/roaring)](https://goreportcard.com/report/github.com/RoaringBitmap/roaring)
+roaring [![Build Status](https://travis-ci.org/RoaringBitmap/roaring.png)](https://travis-ci.org/RoaringBitmap/roaring) [![GoDoc](https://godoc.org/github.com/RoaringBitmap/roaring/roaring64?status.svg)](https://godoc.org/github.com/RoaringBitmap/roaring/roaring64) [![Go Report Card](https://goreportcard.com/badge/RoaringBitmap/roaring)](https://goreportcard.com/report/github.com/RoaringBitmap/roaring)
 [![Build Status](https://cloud.drone.io/api/badges/RoaringBitmap/roaring/status.svg)](https://cloud.drone.io/RoaringBitmap/roaring)
 ![Go-CI](https://github.com/RoaringBitmap/roaring/workflows/Go-CI/badge.svg)
 ![Go-ARM-CI](https://github.com/RoaringBitmap/roaring/workflows/Go-ARM-CI/badge.svg)
@@ -84,7 +84,7 @@ When the bitset approach is applicable, it can be orders of
 magnitude faster than other possible implementation of a set (e.g., as a hash set)
 while using several times less memory.
 
-However, a bitset, even a compressed one is not always applicable. For example, if the
+However, a bitset, even a compressed one is not always applicable. For example, if
 you have 1000 random-looking integers, then a simple array might be the best representation.
 We refer to this case as the "sparse" scenario.
 
@@ -158,7 +158,7 @@ http://arxiv.org/abs/1402.6407 This paper used data from http://lemire.me/data/r
 Dependencies are fetched automatically by giving the `-t` flag to `go get`.
 
 they include
-  - github.com/willf/bitset
+  - github.com/bits-and-blooms/bitset
   - github.com/mschoch/smat
   - github.com/glycerine/go-unsnap-stream
   - github.com/philhofer/fwd
@@ -384,12 +384,14 @@ You can help us test further the library with fuzzy testing:
          go get github.com/dvyukov/go-fuzz/go-fuzz-build
          go test -tags=gofuzz -run=TestGenerateSmatCorpus
          go-fuzz-build github.com/RoaringBitmap/roaring
-         go-fuzz -bin=./roaring-fuzz.zip -workdir=workdir/ -timeout=200
+         go-fuzz -bin=./roaring-fuzz.zip -workdir=workdir/ -timeout=200 -func FuzzSmat
 
 Let it run, and if the # of crashers is > 0, check out the reports in
 the workdir where you should be able to find the panic goroutine stack
 traces.
 
+You may also replace `-func FuzzSmat`  by `-func FuzzSerializationBuffer` or `-func FuzzSerializationStream`.
+
 ### Alternative in Go
 
 There is a Go version wrapping the C/C++ implementation https://github.com/RoaringBitmap/gocroaring
diff --git a/vendor/github.com/RoaringBitmap/roaring/arraycontainer.go b/vendor/github.com/RoaringBitmap/roaring/arraycontainer.go
index 7390ba8df6..260e1cbcef 100644
--- a/vendor/github.com/RoaringBitmap/roaring/arraycontainer.go
+++ b/vendor/github.com/RoaringBitmap/roaring/arraycontainer.go
@@ -16,10 +16,11 @@ func (ac *arrayContainer) String() string {
 	return s + "}"
 }
 
-func (ac *arrayContainer) fillLeastSignificant16bits(x []uint32, i int, mask uint32) {
+func (ac *arrayContainer) fillLeastSignificant16bits(x []uint32, i int, mask uint32) int {
 	for k := 0; k < len(ac.content); k++ {
 		x[k+i] = uint32(ac.content[k]) | mask
 	}
+	return i + len(ac.content)
 }
 
 func (ac *arrayContainer) iterate(cb func(x uint16) bool) bool {
@@ -394,11 +395,19 @@ func (ac *arrayContainer) iorBitmap(bc2 *bitmapContainer) container {
 }
 
 func (ac *arrayContainer) iorRun16(rc *runContainer16) container {
-	bc1 := ac.toBitmapContainer()
-	bc2 := rc.toBitmapContainer()
-	bc1.iorBitmap(bc2)
-	*ac = *newArrayContainerFromBitmap(bc1)
-	return ac
+	runCardinality := rc.getCardinality()
+	// heuristic for if the container should maybe be an
+	// array container.
+	if runCardinality < ac.getCardinality() &&
+		runCardinality+ac.getCardinality() < arrayDefaultMaxSize {
+		var result container
+		result = ac
+		for _, run := range rc.iv {
+			result = result.iaddRange(int(run.start), int(run.start)+int(run.length))
+		}
+		return result
+	}
+	return rc.orArray(ac)
 }
 
 func (ac *arrayContainer) lazyIOR(a container) container {
@@ -843,6 +852,10 @@ func (ac *arrayContainer) getCardinality() int {
 	return len(ac.content)
 }
 
+func (ac *arrayContainer) isEmpty() bool {
+	return len(ac.content) == 0
+}
+
 func (ac *arrayContainer) rank(x uint16) int {
 	answer := binarySearch(ac.content, x)
 	if answer >= 0 {
@@ -882,7 +895,7 @@ func (ac *arrayContainer) resetTo(a container) {
 		x.fillArray(ac.content)
 
 	case *runContainer16:
-		card := int(x.cardinality())
+		card := int(x.getCardinality())
 		ac.realloc(card)
 		cur := 0
 		for _, r := range x.iv {
@@ -956,10 +969,10 @@ func (ac *arrayContainer) numberOfRuns() (nr int) {
 				runlen++
 			} else {
 				if cur < prev {
-					panic("then fundamental arrayContainer assumption of sorted ac.content was broken")
+					panic("the fundamental arrayContainer assumption of sorted ac.content was broken")
 				}
 				if cur == prev {
-					panic("then fundamental arrayContainer assumption of deduplicated content was broken")
+					panic("the fundamental arrayContainer assumption of deduplicated content was broken")
 				} else {
 					nr++
 					runlen = 0
diff --git a/vendor/github.com/RoaringBitmap/roaring/bitmapcontainer.go b/vendor/github.com/RoaringBitmap/roaring/bitmapcontainer.go
index b576c2ac85..f8367da0e5 100644
--- a/vendor/github.com/RoaringBitmap/roaring/bitmapcontainer.go
+++ b/vendor/github.com/RoaringBitmap/roaring/bitmapcontainer.go
@@ -264,7 +264,7 @@ func bitmapEquals(a, b []uint64) bool {
 	return true
 }
 
-func (bc *bitmapContainer) fillLeastSignificant16bits(x []uint32, i int, mask uint32) {
+func (bc *bitmapContainer) fillLeastSignificant16bits(x []uint32, i int, mask uint32) int {
 	// TODO: should be written as optimized assembly
 	pos := i
 	base := mask
@@ -278,6 +278,7 @@ func (bc *bitmapContainer) fillLeastSignificant16bits(x []uint32, i int, mask ui
 		}
 		base += 64
 	}
+	return pos
 }
 
 func (bc *bitmapContainer) equals(o container) bool {
@@ -349,6 +350,11 @@ func (bc *bitmapContainer) getCardinality() int {
 	return bc.cardinality
 }
 
+
+func (bc *bitmapContainer) isEmpty() bool {
+	return bc.cardinality == 0
+}
+
 func (bc *bitmapContainer) clone() container {
 	ptr := bitmapContainer{bc.cardinality, make([]uint64, len(bc.bitmap))}
 	copy(ptr.bitmap, bc.bitmap[:])
@@ -1132,16 +1138,12 @@ func (bc *bitmapContainer) addOffset(x uint16) []container {
 		low.bitmap[b] = bc.bitmap[0] << i
 		for k := uint32(1); k < end; k++ {
 			newval := bc.bitmap[k] << i
-			if newval == 0 {
-				newval = bc.bitmap[k-1] >> (64 - i)
-			}
+			newval |= bc.bitmap[k-1] >> (64 - i)
 			low.bitmap[b+k] = newval
 		}
 		for k := end; k < 1024; k++ {
 			newval := bc.bitmap[k] << i
-			if newval == 0 {
-				newval = bc.bitmap[k-1] >> (64 - i)
-			}
+			newval |= bc.bitmap[k-1] >> (64 - i)
 			high.bitmap[k-end] = newval
 		}
 		high.bitmap[b] = bc.bitmap[1023] >> (64 - i)
diff --git a/vendor/github.com/RoaringBitmap/roaring/fastaggregation.go b/vendor/github.com/RoaringBitmap/roaring/fastaggregation.go
index ae731b35a4..342c7fd484 100644
--- a/vendor/github.com/RoaringBitmap/roaring/fastaggregation.go
+++ b/vendor/github.com/RoaringBitmap/roaring/fastaggregation.go
@@ -301,9 +301,6 @@ func (x1 *Bitmap) AndAny(bitmaps ...*Bitmap) {
 					tmpBitmap = newBitmapContainer()
 				}
 				tmpBitmap.resetTo(keyContainers[0])
-				for _, c := range keyContainers[1:] {
-					tmpBitmap.ior(c)
-				}
 				ored = tmpBitmap
 			} else {
 				if tmpArray == nil {
@@ -311,15 +308,15 @@ func (x1 *Bitmap) AndAny(bitmaps ...*Bitmap) {
 				}
 				tmpArray.realloc(maxPossibleOr)
 				tmpArray.resetTo(keyContainers[0])
-				for _, c := range keyContainers[1:] {
-					tmpArray.ior(c)
-				}
 				ored = tmpArray
 			}
+			for _, c := range keyContainers[1:] {
+				ored = ored.ior(c)
+			}
 		}
 
 		result := x1.highlowcontainer.getWritableContainerAtIndex(basePos).iand(ored)
-		if result.getCardinality() > 0 {
+		if !result.isEmpty() {
 			x1.highlowcontainer.replaceKeyAndContainerAtIndex(intersections, baseKey, result, false)
 			intersections++
 		}
diff --git a/vendor/github.com/RoaringBitmap/roaring/go.mod b/vendor/github.com/RoaringBitmap/roaring/go.mod
index 4667133cf3..2a31b3ccc5 100644
--- a/vendor/github.com/RoaringBitmap/roaring/go.mod
+++ b/vendor/github.com/RoaringBitmap/roaring/go.mod
@@ -3,15 +3,18 @@ module github.com/RoaringBitmap/roaring
 go 1.14
 
 require (
+	github.com/bits-and-blooms/bitset v1.2.0
+	github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72 // indirect
+	github.com/elazarl/go-bindata-assetfs v1.0.1 // indirect
 	github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2
 	github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31 // indirect
 	github.com/golang/snappy v0.0.1 // indirect
 	github.com/gopherjs/gopherjs v0.0.0-20190910122728-9d188e94fb99 // indirect
 	github.com/jtolds/gls v4.20.0+incompatible // indirect
-	github.com/mschoch/smat v0.0.0-20160514031455-90eadee771ae
+	github.com/mschoch/smat v0.2.0
 	github.com/philhofer/fwd v1.0.0 // indirect
+	github.com/stephens2424/writerset v1.0.2 // indirect
 	github.com/stretchr/testify v1.4.0
-	github.com/willf/bitset v1.1.10
 	golang.org/x/lint v0.0.0-20200302205851-738671d3881b // indirect
 	golang.org/x/tools v0.0.0-20200928182047-19e03678916f // indirect
 )
diff --git a/vendor/github.com/RoaringBitmap/roaring/go.sum b/vendor/github.com/RoaringBitmap/roaring/go.sum
index 8798080871..85373d358f 100644
--- a/vendor/github.com/RoaringBitmap/roaring/go.sum
+++ b/vendor/github.com/RoaringBitmap/roaring/go.sum
@@ -1,5 +1,12 @@
+github.com/Julusian/godocdown v0.0.0-20170816220326-6d19f8ff2df8/go.mod h1:INZr5t32rG59/5xeltqoCJoNY7e5x/3xoY9WSWVWg74=
+github.com/bits-and-blooms/bitset v1.2.0 h1:Kn4yilvwNtMACtf1eYDlG8H77R07mZSPbMjLyS07ChA=
+github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
 github.com/davecgh/go-spew v1.1.0 h1:ZDRjVQ15GmhC3fiQ8ni8+OwkZQO4DARzQgrnXU1Liz8=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72 h1:XiR1YwcWcRFzxjAhWK29HQL4nocj0QWJjpeRi/YASV0=
+github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw=
+github.com/elazarl/go-bindata-assetfs v1.0.1 h1:m0kkaHRKEu7tUIUFVwhGGGYClXvyl4RE03qmvRTNfbw=
+github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
 github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2 h1:Ujru1hufTHVb++eG6OuNDKMxZnGIvF6o/u8q/8h2+I4=
 github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE=
 github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31 h1:gclg6gY70GLy3PbkQ1AERPfmLMMagS60DKF78eWwLn8=
@@ -12,16 +19,20 @@ github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/mschoch/smat v0.0.0-20160514031455-90eadee771ae h1:VeRdUYdCw49yizlSbMEn2SZ+gT+3IUKx8BqxyQdz+BY=
 github.com/mschoch/smat v0.0.0-20160514031455-90eadee771ae/go.mod h1:qAyveg+e4CE+eKJXWVjKXM4ck2QobLqTDytGJbLLhJg=
+github.com/mschoch/smat v0.2.0 h1:8imxQsjDm8yFEAVBe7azKmKSgzSkZXDuKkSq9374khM=
+github.com/mschoch/smat v0.2.0/go.mod h1:kc9mz7DoBKqDyiRL7VZN8KvXQMWeTaVnttLRXOlotKw=
 github.com/philhofer/fwd v1.0.0 h1:UbZqGr5Y38ApvM/V/jEljVxwocdweyH+vmYvRPBnbqQ=
 github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/robertkrimen/godocdown v0.0.0-20130622164427-0bfa04905481/go.mod h1:C9WhFzY47SzYBIvzFqSvHIR6ROgDo4TtdTuRaOMjF/s=
+github.com/stephens2424/writerset v1.0.2 h1:znRLgU6g8RS5euYRcy004XeE4W+Tu44kALzy7ghPif8=
+github.com/stephens2424/writerset v1.0.2/go.mod h1:aS2JhsMn6eA7e82oNmW4rfsgAOp9COBTTl8mzkwADnc=
 github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/willf/bitset v1.1.10 h1:NotGKqX0KwQ72NUzqrjZq5ipPNDQex9lo3WpaS8L2sc=
-github.com/willf/bitset v1.1.10/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
@@ -29,6 +40,7 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b h1:Wh+f8QHJXR411sJR8/vRBTZ7YapZaRvUcLFFJhusH0k=
 golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
 golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.3.0 h1:RM4zey1++hCTbCVQfnWeKs9/IEsaBLA8vTkd0WVtmH4=
 golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
@@ -46,6 +58,7 @@ golang.org/x/tools v0.0.0-20200928182047-19e03678916f h1:VwGa2Wf+rHGIxvsssCkUNIy
 golang.org/x/tools v0.0.0-20200928182047-19e03678916f/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
 golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1 h1:go1bK/D/BFZV2I8cIQd1NKEZ+0owSTG1fDTci4IqFcE=
 golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
diff --git a/vendor/github.com/RoaringBitmap/roaring/parallel.go b/vendor/github.com/RoaringBitmap/roaring/parallel.go
index 6d8e29360a..805f146bac 100644
--- a/vendor/github.com/RoaringBitmap/roaring/parallel.go
+++ b/vendor/github.com/RoaringBitmap/roaring/parallel.go
@@ -285,14 +285,14 @@ func ParAnd(parallelism int, bitmaps ...*Bitmap) *Bitmap {
 		for input := range inputChan {
 			c := input.containers[0].and(input.containers[1])
 			for _, next := range input.containers[2:] {
-				if c.getCardinality() == 0 {
+				if c.isEmpty() {
 					break
 				}
 				c = c.iand(next)
 			}
 
 			// Send a nil explicitly if the result of the intersection is an empty container
-			if c.getCardinality() == 0 {
+			if c.isEmpty() {
 				c = nil
 			}
 
@@ -357,7 +357,7 @@ func ParOr(parallelism int, bitmaps ...*Bitmap) *Bitmap {
 		return bitmaps[0]
 	}
 
-	keyRange := hKey - lKey + 1
+	keyRange := int(hKey) - int(lKey) + 1
 	if keyRange == 1 {
 		// revert to FastOr. Since the key range is 0
 		// no container-level aggregation parallelism is achievable
diff --git a/vendor/github.com/RoaringBitmap/roaring/roaring.go b/vendor/github.com/RoaringBitmap/roaring/roaring.go
index b78f83cc27..15332e4956 100644
--- a/vendor/github.com/RoaringBitmap/roaring/roaring.go
+++ b/vendor/github.com/RoaringBitmap/roaring/roaring.go
@@ -151,8 +151,7 @@ func (rb *Bitmap) ToArray() []uint32 {
 		hs := uint32(rb.highlowcontainer.getKeyAtIndex(pos)) << 16
 		c := rb.highlowcontainer.getContainerAtIndex(pos)
 		pos++
-		c.fillLeastSignificant16bits(array, pos2, hs)
-		pos2 += c.getCardinality()
+		pos2 = c.fillLeastSignificant16bits(array, pos2, hs)
 	}
 	return array
 }
@@ -542,7 +541,7 @@ func AddOffset64(x *Bitmap, offset int64) (answer *Bitmap) {
 			c := x.highlowcontainer.getContainerAtIndex(pos)
 			offsetted := c.addOffset(inOffset)
 
-			if offsetted[0].getCardinality() > 0 && (key >= 0 && key <= MaxUint16) {
+			if !offsetted[0].isEmpty() && (key >= 0 && key <= MaxUint16) {
 				curSize := answer.highlowcontainer.size()
 				lastkey := int32(0)
 
@@ -559,7 +558,7 @@ func AddOffset64(x *Bitmap, offset int64) (answer *Bitmap) {
 				}
 			}
 
-			if offsetted[1].getCardinality() > 0 && ((key+1) >= 0 && (key+1) <= MaxUint16) {
+			if !offsetted[1].isEmpty() && ((key+1) >= 0 && (key+1) <= MaxUint16) {
 				answer.highlowcontainer.appendContainer(uint16(key+1), offsetted[1], false)
 			}
 		}
@@ -630,13 +629,13 @@ func (rb *Bitmap) Remove(x uint32) {
 	if i >= 0 {
 		c := rb.highlowcontainer.getWritableContainerAtIndex(i).iremoveReturnMinimized(lowbits(x))
 		rb.highlowcontainer.setContainerAtIndex(i, c)
-		if rb.highlowcontainer.getContainerAtIndex(i).getCardinality() == 0 {
+		if rb.highlowcontainer.getContainerAtIndex(i).isEmpty() {
 			rb.highlowcontainer.removeAtIndex(i)
 		}
 	}
 }
 
-// CheckedRemove removes the integer x from the bitmap and return true if the integer was effectively remove (and false if the integer was not present)
+// CheckedRemove removes the integer x from the bitmap and return true if the integer was effectively removed (and false if the integer was not present)
 func (rb *Bitmap) CheckedRemove(x uint32) bool {
 	// TODO: add unit tests for this method
 	hb := highbits(x)
@@ -646,7 +645,7 @@ func (rb *Bitmap) CheckedRemove(x uint32) bool {
 		oldcard := C.getCardinality()
 		C = C.iremoveReturnMinimized(lowbits(x))
 		rb.highlowcontainer.setContainerAtIndex(i, C)
-		if rb.highlowcontainer.getContainerAtIndex(i).getCardinality() == 0 {
+		if rb.highlowcontainer.getContainerAtIndex(i).isEmpty() {
 			rb.highlowcontainer.removeAtIndex(i)
 			return true
 		}
@@ -701,8 +700,9 @@ func (rb *Bitmap) Select(x uint32) (uint32, error) {
 	remaining := x
 	for i := 0; i < rb.highlowcontainer.size(); i++ {
 		c := rb.highlowcontainer.getContainerAtIndex(i)
-		if remaining >= uint32(c.getCardinality()) {
-			remaining -= uint32(c.getCardinality())
+		card := uint32(c.getCardinality())
+		if remaining >= card {
+			remaining -= card
 		} else {
 			key := rb.highlowcontainer.getKeyAtIndex(i)
 			return uint32(key)<<16 + uint32(c.selectInt(uint16(remaining))), nil
@@ -729,7 +729,7 @@ main:
 					c1 := rb.highlowcontainer.getWritableContainerAtIndex(pos1)
 					c2 := x2.highlowcontainer.getContainerAtIndex(pos2)
 					diff := c1.iand(c2)
-					if diff.getCardinality() > 0 {
+					if !diff.isEmpty() {
 						rb.highlowcontainer.replaceKeyAndContainerAtIndex(intersectionsize, s1, diff, false)
 						intersectionsize++
 					}
@@ -931,7 +931,7 @@ func (rb *Bitmap) Xor(x2 *Bitmap) {
 			} else {
 				// TODO: couple be computed in-place for reduced memory usage
 				c := rb.highlowcontainer.getContainerAtIndex(pos1).xor(x2.highlowcontainer.getContainerAtIndex(pos2))
-				if c.getCardinality() > 0 {
+				if !c.isEmpty() {
 					rb.highlowcontainer.setContainerAtIndex(pos1, c)
 					pos1++
 				} else {
@@ -1011,7 +1011,7 @@ main:
 					c1 := rb.highlowcontainer.getWritableContainerAtIndex(pos1)
 					c2 := x2.highlowcontainer.getContainerAtIndex(pos2)
 					diff := c1.iandNot(c2)
-					if diff.getCardinality() > 0 {
+					if !diff.isEmpty() {
 						rb.highlowcontainer.replaceKeyAndContainerAtIndex(intersectionsize, s1, diff, false)
 						intersectionsize++
 					}
@@ -1120,7 +1120,7 @@ main:
 				C := x1.highlowcontainer.getContainerAtIndex(pos1)
 				C = C.and(x2.highlowcontainer.getContainerAtIndex(pos2))
 
-				if C.getCardinality() > 0 {
+				if !C.isEmpty() {
 					answer.highlowcontainer.appendContainer(s1, C, false)
 				}
 				pos1++
@@ -1167,7 +1167,7 @@ func Xor(x1, x2 *Bitmap) *Bitmap {
 				pos2++
 			} else {
 				c := x1.highlowcontainer.getContainerAtIndex(pos1).xor(x2.highlowcontainer.getContainerAtIndex(pos2))
-				if c.getCardinality() > 0 {
+				if !c.isEmpty() {
 					answer.highlowcontainer.appendContainer(s1, c, false)
 				}
 				pos1++
@@ -1210,7 +1210,7 @@ main:
 					c1 := x1.highlowcontainer.getContainerAtIndex(pos1)
 					c2 := x2.highlowcontainer.getContainerAtIndex(pos2)
 					diff := c1.andNot(c2)
-					if diff.getCardinality() > 0 {
+					if !diff.isEmpty() {
 						answer.highlowcontainer.appendContainer(s1, diff, false)
 					}
 					pos1++
@@ -1300,7 +1300,7 @@ func (rb *Bitmap) Flip(rangeStart, rangeEnd uint64) {
 
 		if i >= 0 {
 			c := rb.highlowcontainer.getWritableContainerAtIndex(i).inot(int(containerStart), int(containerLast)+1)
-			if c.getCardinality() > 0 {
+			if !c.isEmpty() {
 				rb.highlowcontainer.setContainerAtIndex(i, c)
 			} else {
 				rb.highlowcontainer.removeAtIndex(i)
@@ -1381,7 +1381,7 @@ func (rb *Bitmap) RemoveRange(rangeStart, rangeEnd uint64) {
 			return
 		}
 		c := rb.highlowcontainer.getWritableContainerAtIndex(i).iremoveRange(int(lbStart), int(lbLast+1))
-		if c.getCardinality() > 0 {
+		if !c.isEmpty() {
 			rb.highlowcontainer.setContainerAtIndex(i, c)
 		} else {
 			rb.highlowcontainer.removeAtIndex(i)
@@ -1394,7 +1394,7 @@ func (rb *Bitmap) RemoveRange(rangeStart, rangeEnd uint64) {
 	if ifirst >= 0 {
 		if lbStart != 0 {
 			c := rb.highlowcontainer.getWritableContainerAtIndex(ifirst).iremoveRange(int(lbStart), int(max+1))
-			if c.getCardinality() > 0 {
+			if !c.isEmpty() {
 				rb.highlowcontainer.setContainerAtIndex(ifirst, c)
 				ifirst++
 			}
@@ -1405,7 +1405,7 @@ func (rb *Bitmap) RemoveRange(rangeStart, rangeEnd uint64) {
 	if ilast >= 0 {
 		if lbLast != max {
 			c := rb.highlowcontainer.getWritableContainerAtIndex(ilast).iremoveRange(int(0), int(lbLast+1))
-			if c.getCardinality() > 0 {
+			if !c.isEmpty() {
 				rb.highlowcontainer.setContainerAtIndex(ilast, c)
 			} else {
 				ilast++
@@ -1461,7 +1461,7 @@ func Flip(bm *Bitmap, rangeStart, rangeEnd uint64) *Bitmap {
 
 		if i >= 0 {
 			c := bm.highlowcontainer.getContainerAtIndex(i).not(int(containerStart), int(containerLast)+1)
-			if c.getCardinality() > 0 {
+			if !c.isEmpty() {
 				answer.highlowcontainer.insertNewKeyValueAt(-j-1, uint16(hb), c)
 			}
 
diff --git a/vendor/github.com/RoaringBitmap/roaring/roaringarray.go b/vendor/github.com/RoaringBitmap/roaring/roaringarray.go
index 4aefc6a316..6aff57806a 100644
--- a/vendor/github.com/RoaringBitmap/roaring/roaringarray.go
+++ b/vendor/github.com/RoaringBitmap/roaring/roaringarray.go
@@ -17,6 +17,7 @@ type container interface {
 	iand(container) container // i stands for inplace
 	andNot(container) container
 	iandNot(container) container // i stands for inplace
+	isEmpty() bool
 	getCardinality() int
 	// rank returns the number of integers that are
 	// smaller or equal to x. rank(infinity) would be getCardinality().
@@ -47,7 +48,7 @@ type container interface {
 	// any of the implementations.
 	equals(r container) bool
 
-	fillLeastSignificant16bits(array []uint32, i int, mask uint32)
+	fillLeastSignificant16bits(array []uint32, i int, mask uint32) int
 	or(r container) container
 	orCardinality(r container) int
 	isFull() bool
@@ -645,7 +646,6 @@ func (ra *roaringArray) readFrom(stream internal.ByteInput, cookieHeader ...byte
 
 			nb := runContainer16{
 				iv:   byteSliceAsInterval16Slice(buf),
-				card: int64(card),
 			}
 
 			ra.containers[i] = &nb
diff --git a/vendor/github.com/RoaringBitmap/roaring/runcontainer.go b/vendor/github.com/RoaringBitmap/roaring/runcontainer.go
index 97c0036589..a722760b48 100644
--- a/vendor/github.com/RoaringBitmap/roaring/runcontainer.go
+++ b/vendor/github.com/RoaringBitmap/roaring/runcontainer.go
@@ -47,8 +47,7 @@ import (
 // runContainer16 does run-length encoding of sets of
 // uint16 integers.
 type runContainer16 struct {
-	iv   []interval16
-	card int64
+	iv []interval16
 }
 
 // interval16 is the internal to runContainer16
@@ -71,8 +70,8 @@ func newInterval16Range(start, last uint16) interval16 {
 }
 
 // runlen returns the count of integers in the interval.
-func (iv interval16) runlen() int64 {
-	return int64(iv.length) + 1
+func (iv interval16) runlen() int {
+	return int(iv.length) + 1
 }
 
 func (iv interval16) last() uint16 {
@@ -194,7 +193,6 @@ func newRunContainer16FromVals(alreadySorted bool, vals ...uint16) *runContainer
 		ah.storeIval(ah.runstart, ah.runlen)
 	}
 	rc.iv = ah.m
-	rc.card = int64(ah.actuallyAdded)
 	return rc
 }
 
@@ -284,7 +282,6 @@ func newRunContainer16FromArray(arr *arrayContainer) *runContainer16 {
 		ah.storeIval(ah.runstart, ah.runlen)
 	}
 	rc.iv = ah.m
-	rc.card = int64(ah.actuallyAdded)
 	return rc
 }
 
@@ -301,7 +298,6 @@ func (rc *runContainer16) set(alreadySorted bool, vals ...uint16) {
 	rc2 := newRunContainer16FromVals(alreadySorted, vals...)
 	un := rc.union(rc2)
 	rc.iv = un.iv
-	rc.card = 0
 }
 
 // canMerge returns true iff the intervals
@@ -309,10 +305,10 @@ func (rc *runContainer16) set(alreadySorted bool, vals ...uint16) {
 // contiguous and so can be merged into
 // a single interval.
 func canMerge16(a, b interval16) bool {
-	if int64(a.last())+1 < int64(b.start) {
+	if int(a.last())+1 < int(b.start) {
 		return false
 	}
-	return int64(b.last())+1 >= int64(a.start)
+	return int(b.last())+1 >= int(a.start)
 }
 
 // haveOverlap differs from canMerge in that
@@ -321,10 +317,10 @@ func canMerge16(a, b interval16) bool {
 // it would be the empty set, and we return
 // false).
 func haveOverlap16(a, b interval16) bool {
-	if int64(a.last())+1 <= int64(b.start) {
+	if int(a.last())+1 <= int(b.start) {
 		return false
 	}
-	return int64(b.last())+1 > int64(a.start)
+	return int(b.last())+1 > int(a.start)
 }
 
 // mergeInterval16s joins a and b into a
@@ -385,11 +381,11 @@ func (rc *runContainer16) union(b *runContainer16) *runContainer16 {
 
 	var m []interval16
 
-	alim := int64(len(rc.iv))
-	blim := int64(len(b.iv))
+	alim := int(len(rc.iv))
+	blim := int(len(b.iv))
 
-	var na int64 // next from a
-	var nb int64 // next from b
+	var na int // next from a
+	var nb int // next from b
 
 	// merged holds the current merge output, which might
 	// get additional merges before being appended to m.
@@ -409,12 +405,12 @@ func (rc *runContainer16) union(b *runContainer16) *runContainer16 {
 			mergedUpdated := false
 			if canMerge16(cura, merged) {
 				merged = mergeInterval16s(cura, merged)
-				na = rc.indexOfIntervalAtOrAfter(int64(merged.last())+1, na+1)
+				na = rc.indexOfIntervalAtOrAfter(int(merged.last())+1, na+1)
 				mergedUpdated = true
 			}
 			if canMerge16(curb, merged) {
 				merged = mergeInterval16s(curb, merged)
-				nb = b.indexOfIntervalAtOrAfter(int64(merged.last())+1, nb+1)
+				nb = b.indexOfIntervalAtOrAfter(int(merged.last())+1, nb+1)
 				mergedUpdated = true
 			}
 			if !mergedUpdated {
@@ -437,8 +433,8 @@ func (rc *runContainer16) union(b *runContainer16) *runContainer16 {
 			} else {
 				merged = mergeInterval16s(cura, curb)
 				mergedUsed = true
-				na = rc.indexOfIntervalAtOrAfter(int64(merged.last())+1, na+1)
-				nb = b.indexOfIntervalAtOrAfter(int64(merged.last())+1, nb+1)
+				na = rc.indexOfIntervalAtOrAfter(int(merged.last())+1, na+1)
+				nb = b.indexOfIntervalAtOrAfter(int(merged.last())+1, nb+1)
 			}
 		}
 	}
@@ -457,7 +453,7 @@ func (rc *runContainer16) union(b *runContainer16) *runContainer16 {
 				cura = rc.iv[na]
 				if canMerge16(cura, merged) {
 					merged = mergeInterval16s(cura, merged)
-					na = rc.indexOfIntervalAtOrAfter(int64(merged.last())+1, na+1)
+					na = rc.indexOfIntervalAtOrAfter(int(merged.last())+1, na+1)
 				} else {
 					break aAdds
 				}
@@ -471,7 +467,7 @@ func (rc *runContainer16) union(b *runContainer16) *runContainer16 {
 				curb = b.iv[nb]
 				if canMerge16(curb, merged) {
 					merged = mergeInterval16s(curb, merged)
-					nb = b.indexOfIntervalAtOrAfter(int64(merged.last())+1, nb+1)
+					nb = b.indexOfIntervalAtOrAfter(int(merged.last())+1, nb+1)
 				} else {
 					break bAdds
 				}
@@ -493,17 +489,17 @@ func (rc *runContainer16) union(b *runContainer16) *runContainer16 {
 }
 
 // unionCardinality returns the cardinality of the merger of two runContainer16s,  the union of rc and b.
-func (rc *runContainer16) unionCardinality(b *runContainer16) uint64 {
+func (rc *runContainer16) unionCardinality(b *runContainer16) uint {
 
 	// rc is also known as 'a' here, but golint insisted we
 	// call it rc for consistency with the rest of the methods.
-	answer := uint64(0)
+	answer := uint(0)
 
-	alim := int64(len(rc.iv))
-	blim := int64(len(b.iv))
+	alim := int(len(rc.iv))
+	blim := int(len(b.iv))
 
-	var na int64 // next from a
-	var nb int64 // next from b
+	var na int // next from a
+	var nb int // next from b
 
 	// merged holds the current merge output, which might
 	// get additional merges before being appended to m.
@@ -523,18 +519,18 @@ func (rc *runContainer16) unionCardinality(b *runContainer16) uint64 {
 			mergedUpdated := false
 			if canMerge16(cura, merged) {
 				merged = mergeInterval16s(cura, merged)
-				na = rc.indexOfIntervalAtOrAfter(int64(merged.last())+1, na+1)
+				na = rc.indexOfIntervalAtOrAfter(int(merged.last())+1, na+1)
 				mergedUpdated = true
 			}
 			if canMerge16(curb, merged) {
 				merged = mergeInterval16s(curb, merged)
-				nb = b.indexOfIntervalAtOrAfter(int64(merged.last())+1, nb+1)
+				nb = b.indexOfIntervalAtOrAfter(int(merged.last())+1, nb+1)
 				mergedUpdated = true
 			}
 			if !mergedUpdated {
 				// we know that merged is disjoint from cura and curb
 				//m = append(m, merged)
-				answer += uint64(merged.last()) - uint64(merged.start) + 1
+				answer += uint(merged.last()) - uint(merged.start) + 1
 				mergedUsed = false
 			}
 			continue
@@ -543,19 +539,19 @@ func (rc *runContainer16) unionCardinality(b *runContainer16) uint64 {
 			// !mergedUsed
 			if !canMerge16(cura, curb) {
 				if cura.start < curb.start {
-					answer += uint64(cura.last()) - uint64(cura.start) + 1
+					answer += uint(cura.last()) - uint(cura.start) + 1
 					//m = append(m, cura)
 					na++
 				} else {
-					answer += uint64(curb.last()) - uint64(curb.start) + 1
+					answer += uint(curb.last()) - uint(curb.start) + 1
 					//m = append(m, curb)
 					nb++
 				}
 			} else {
 				merged = mergeInterval16s(cura, curb)
 				mergedUsed = true
-				na = rc.indexOfIntervalAtOrAfter(int64(merged.last())+1, na+1)
-				nb = b.indexOfIntervalAtOrAfter(int64(merged.last())+1, nb+1)
+				na = rc.indexOfIntervalAtOrAfter(int(merged.last())+1, na+1)
+				nb = b.indexOfIntervalAtOrAfter(int(merged.last())+1, nb+1)
 			}
 		}
 	}
@@ -574,7 +570,7 @@ func (rc *runContainer16) unionCardinality(b *runContainer16) uint64 {
 				cura = rc.iv[na]
 				if canMerge16(cura, merged) {
 					merged = mergeInterval16s(cura, merged)
-					na = rc.indexOfIntervalAtOrAfter(int64(merged.last())+1, na+1)
+					na = rc.indexOfIntervalAtOrAfter(int(merged.last())+1, na+1)
 				} else {
 					break aAdds
 				}
@@ -588,7 +584,7 @@ func (rc *runContainer16) unionCardinality(b *runContainer16) uint64 {
 				curb = b.iv[nb]
 				if canMerge16(curb, merged) {
 					merged = mergeInterval16s(curb, merged)
-					nb = b.indexOfIntervalAtOrAfter(int64(merged.last())+1, nb+1)
+					nb = b.indexOfIntervalAtOrAfter(int(merged.last())+1, nb+1)
 				} else {
 					break bAdds
 				}
@@ -597,19 +593,19 @@ func (rc *runContainer16) unionCardinality(b *runContainer16) uint64 {
 		}
 
 		//m = append(m, merged)
-		answer += uint64(merged.last()) - uint64(merged.start) + 1
+		answer += uint(merged.last()) - uint(merged.start) + 1
 	}
 	for _, r := range rc.iv[na:] {
-		answer += uint64(r.last()) - uint64(r.start) + 1
+		answer += uint(r.last()) - uint(r.start) + 1
 	}
 	for _, r := range b.iv[nb:] {
-		answer += uint64(r.last()) - uint64(r.start) + 1
+		answer += uint(r.last()) - uint(r.start) + 1
 	}
 	return answer
 }
 
 // indexOfIntervalAtOrAfter is a helper for union.
-func (rc *runContainer16) indexOfIntervalAtOrAfter(key int64, startIndex int64) int64 {
+func (rc *runContainer16) indexOfIntervalAtOrAfter(key int, startIndex int) int {
 	w, already, _ := rc.searchRange(key, startIndex, 0)
 	if already {
 		return w
@@ -622,8 +618,8 @@ func (rc *runContainer16) indexOfIntervalAtOrAfter(key int64, startIndex int64)
 func (rc *runContainer16) intersect(b *runContainer16) *runContainer16 {
 
 	a := rc
-	numa := int64(len(a.iv))
-	numb := int64(len(b.iv))
+	numa := int(len(a.iv))
+	numb := int(len(b.iv))
 	res := &runContainer16{}
 	if numa == 0 || numb == 0 {
 		return res
@@ -637,21 +633,21 @@ func (rc *runContainer16) intersect(b *runContainer16) *runContainer16 {
 
 	var output []interval16
 
-	var acuri int64
-	var bcuri int64
+	var acuri int
+	var bcuri int
 
-	astart := int64(a.iv[acuri].start)
-	bstart := int64(b.iv[bcuri].start)
+	astart := int(a.iv[acuri].start)
+	bstart := int(b.iv[bcuri].start)
 
 	var intersection interval16
-	var leftoverstart int64
+	var leftoverstart int
 	var isOverlap, isLeftoverA, isLeftoverB bool
 	var done bool
 toploop:
 	for acuri < numa && bcuri < numb {
 
 		isOverlap, isLeftoverA, isLeftoverB, leftoverstart, intersection =
-			intersectWithLeftover16(astart, int64(a.iv[acuri].last()), bstart, int64(b.iv[bcuri].last()))
+			intersectWithLeftover16(astart, int(a.iv[acuri].last()), bstart, int(b.iv[bcuri].last()))
 
 		if !isOverlap {
 			switch {
@@ -660,17 +656,14 @@ toploop:
 				if done {
 					break toploop
 				}
-				astart = int64(a.iv[acuri].start)
+				astart = int(a.iv[acuri].start)
 
 			case astart > bstart:
 				bcuri, done = b.findNextIntervalThatIntersectsStartingFrom(bcuri+1, astart)
 				if done {
 					break toploop
 				}
-				bstart = int64(b.iv[bcuri].start)
-
-				//default:
-				//	panic("impossible that astart == bstart, since !isOverlap")
+				bstart = int(b.iv[bcuri].start)
 			}
 
 		} else {
@@ -685,7 +678,7 @@ toploop:
 				if bcuri >= numb {
 					break toploop
 				}
-				bstart = int64(b.iv[bcuri].start)
+				bstart = int(b.iv[bcuri].start)
 			case isLeftoverB:
 				// note that we change bstart without advancing bcuri,
 				// since we need to capture any 2ndary intersections with b.iv[bcuri]
@@ -694,27 +687,23 @@ toploop:
 				if acuri >= numa {
 					break toploop
 				}
-				astart = int64(a.iv[acuri].start)
+				astart = int(a.iv[acuri].start)
 			default:
 				// neither had leftover, both completely consumed
-				// optionally, assert for sanity:
-				//if a.iv[acuri].endx != b.iv[bcuri].endx {
-				//	panic("huh? should only be possible that endx agree now!")
-				//}
 
 				// advance to next a interval
 				acuri++
 				if acuri >= numa {
 					break toploop
 				}
-				astart = int64(a.iv[acuri].start)
+				astart = int(a.iv[acuri].start)
 
 				// advance to next b interval
 				bcuri++
 				if bcuri >= numb {
 					break toploop
 				}
-				bstart = int64(b.iv[bcuri].start)
+				bstart = int(b.iv[bcuri].start)
 			}
 		}
 	} // end for toploop
@@ -729,12 +718,12 @@ toploop:
 
 // intersectCardinality returns the cardinality of  the
 // intersection of rc (also known as 'a')  and b.
-func (rc *runContainer16) intersectCardinality(b *runContainer16) int64 {
-	answer := int64(0)
+func (rc *runContainer16) intersectCardinality(b *runContainer16) int {
+	answer := int(0)
 
 	a := rc
-	numa := int64(len(a.iv))
-	numb := int64(len(b.iv))
+	numa := int(len(a.iv))
+	numb := int(len(b.iv))
 	if numa == 0 || numb == 0 {
 		return 0
 	}
@@ -745,14 +734,14 @@ func (rc *runContainer16) intersectCardinality(b *runContainer16) int64 {
 		}
 	}
 
-	var acuri int64
-	var bcuri int64
+	var acuri int
+	var bcuri int
 
-	astart := int64(a.iv[acuri].start)
-	bstart := int64(b.iv[bcuri].start)
+	astart := int(a.iv[acuri].start)
+	bstart := int(b.iv[bcuri].start)
 
 	var intersection interval16
-	var leftoverstart int64
+	var leftoverstart int
 	var isOverlap, isLeftoverA, isLeftoverB bool
 	var done bool
 	pass := 0
@@ -761,7 +750,7 @@ toploop:
 		pass++
 
 		isOverlap, isLeftoverA, isLeftoverB, leftoverstart, intersection =
-			intersectWithLeftover16(astart, int64(a.iv[acuri].last()), bstart, int64(b.iv[bcuri].last()))
+			intersectWithLeftover16(astart, int(a.iv[acuri].last()), bstart, int(b.iv[bcuri].last()))
 
 		if !isOverlap {
 			switch {
@@ -770,22 +759,19 @@ toploop:
 				if done {
 					break toploop
 				}
-				astart = int64(a.iv[acuri].start)
+				astart = int(a.iv[acuri].start)
 
 			case astart > bstart:
 				bcuri, done = b.findNextIntervalThatIntersectsStartingFrom(bcuri+1, astart)
 				if done {
 					break toploop
 				}
-				bstart = int64(b.iv[bcuri].start)
-
-				//default:
-				//	panic("impossible that astart == bstart, since !isOverlap")
+				bstart = int(b.iv[bcuri].start)
 			}
 
 		} else {
 			// isOverlap
-			answer += int64(intersection.last()) - int64(intersection.start) + 1
+			answer += int(intersection.last()) - int(intersection.start) + 1
 			switch {
 			case isLeftoverA:
 				// note that we change astart without advancing acuri,
@@ -795,7 +781,7 @@ toploop:
 				if bcuri >= numb {
 					break toploop
 				}
-				bstart = int64(b.iv[bcuri].start)
+				bstart = int(b.iv[bcuri].start)
 			case isLeftoverB:
 				// note that we change bstart without advancing bcuri,
 				// since we need to capture any 2ndary intersections with b.iv[bcuri]
@@ -804,27 +790,23 @@ toploop:
 				if acuri >= numa {
 					break toploop
 				}
-				astart = int64(a.iv[acuri].start)
+				astart = int(a.iv[acuri].start)
 			default:
 				// neither had leftover, both completely consumed
-				// optionally, assert for sanity:
-				//if a.iv[acuri].endx != b.iv[bcuri].endx {
-				//	panic("huh? should only be possible that endx agree now!")
-				//}
 
 				// advance to next a interval
 				acuri++
 				if acuri >= numa {
 					break toploop
 				}
-				astart = int64(a.iv[acuri].start)
+				astart = int(a.iv[acuri].start)
 
 				// advance to next b interval
 				bcuri++
 				if bcuri >= numb {
 					break toploop
 				}
-				bstart = int64(b.iv[bcuri].start)
+				bstart = int(b.iv[bcuri].start)
 			}
 		}
 	} // end for toploop
@@ -834,7 +816,7 @@ toploop:
 
 // get returns true iff key is in the container.
 func (rc *runContainer16) contains(key uint16) bool {
-	_, in, _ := rc.search(int64(key))
+	_, in, _ := rc.search(int(key))
 	return in
 }
 
@@ -867,11 +849,11 @@ func (rc *runContainer16) numIntervals() int {
 //
 // runContainer16.search always returns whichInterval16 < len(rc.iv).
 //
-// The search space is from startIndex to endxIndex. If endxIndex is set to zero, then there 
+// The search space is from startIndex to endxIndex. If endxIndex is set to zero, then there
 // no upper bound.
 //
-func (rc *runContainer16) searchRange(key int64, startIndex int64, endxIndex int64) (whichInterval16 int64, alreadyPresent bool, numCompares int) {
-	n := int64(len(rc.iv))
+func (rc *runContainer16) searchRange(key int, startIndex int, endxIndex int) (whichInterval16 int, alreadyPresent bool, numCompares int) {
+	n := int(len(rc.iv))
 	if n == 0 {
 		return -1, false, 0
 	}
@@ -894,7 +876,7 @@ func (rc *runContainer16) searchRange(key int64, startIndex int64, endxIndex int
 		h := i + (j-i)/2 // avoid overflow when computing h as the bisector
 		// i <= h < j
 		numCompares++
-		if !(key < int64(rc.iv[h].start)) {
+		if !(key < int(rc.iv[h].start)) {
 			i = h + 1
 		} else {
 			j = h
@@ -914,7 +896,7 @@ func (rc *runContainer16) searchRange(key int64, startIndex int64, endxIndex int
 	if below == n {
 		// all falses => key is >= start of all interval16s
 		// ... so does it belong to the last interval16?
-		if key < int64(rc.iv[n-1].last())+1 {
+		if key < int(rc.iv[n-1].last())+1 {
 			// yes, it belongs to the last interval16
 			alreadyPresent = true
 			return
@@ -935,7 +917,7 @@ func (rc *runContainer16) searchRange(key int64, startIndex int64, endxIndex int
 	//        key is <  rc.iv[below].start
 
 	// is key in below-1 interval16?
-	if key >= int64(rc.iv[below-1].start) && key < int64(rc.iv[below-1].last())+1 {
+	if key >= int(rc.iv[below-1].start) && key < int(rc.iv[below-1].last())+1 {
 		// yes, it is. key is in below-1 interval16.
 		alreadyPresent = true
 		return
@@ -970,32 +952,31 @@ func (rc *runContainer16) searchRange(key int64, startIndex int64, endxIndex int
 //
 // runContainer16.search always returns whichInterval16 < len(rc.iv).
 //
-func (rc *runContainer16) search(key int64) (whichInterval16 int64, alreadyPresent bool, numCompares int) {
+func (rc *runContainer16) search(key int) (whichInterval16 int, alreadyPresent bool, numCompares int) {
 	return rc.searchRange(key, 0, 0)
 }
 
-// cardinality returns the count of the integers stored in the
-// runContainer16.
-func (rc *runContainer16) cardinality() int64 {
-	if len(rc.iv) == 0 {
-		rc.card = 0
-		return 0
-	}
-	if rc.card > 0 {
-		return rc.card // already cached
-	}
+// getCardinality returns the count of the integers stored in the
+// runContainer16. The running complexity depends on the size
+// of the container.
+func (rc *runContainer16) getCardinality() int {
 	// have to compute it
-	var n int64
+	n := 0
 	for _, p := range rc.iv {
 		n += p.runlen()
 	}
-	rc.card = n // cache it
 	return n
 }
 
+// isEmpty returns true if the container is empty.
+// It runs in constant time.
+func (rc *runContainer16) isEmpty() bool {
+	return len(rc.iv) == 0
+}
+
 // AsSlice decompresses the contents into a []uint16 slice.
 func (rc *runContainer16) AsSlice() []uint16 {
-	s := make([]uint16, rc.cardinality())
+	s := make([]uint16, rc.getCardinality())
 	j := 0
 	for _, p := range rc.iv {
 		for i := p.start; i <= p.last(); i++ {
@@ -1065,7 +1046,7 @@ func (rc *runContainer16) Add(k uint16) (wasNew bool) {
 	// but note that some unit tests use this method to build up test
 	// runcontainers without calling runOptimize
 
-	k64 := int64(k)
+	k64 := int(k)
 
 	index, present, _ := rc.search(k64)
 	if present {
@@ -1073,11 +1054,7 @@ func (rc *runContainer16) Add(k uint16) (wasNew bool) {
 	}
 	wasNew = true
 
-	// increment card if it is cached already
-	if rc.card > 0 {
-		rc.card++
-	}
-	n := int64(len(rc.iv))
+	n := int(len(rc.iv))
 	if index == -1 {
 		// we may need to extend the first run
 		if n > 0 {
@@ -1094,7 +1071,7 @@ func (rc *runContainer16) Add(k uint16) (wasNew bool) {
 
 	// are we off the end? handle both index == n and index == n-1:
 	if index >= n-1 {
-		if int64(rc.iv[n-1].last())+1 == k64 {
+		if int(rc.iv[n-1].last())+1 == k64 {
 			rc.iv[n-1].length++
 			return
 		}
@@ -1113,7 +1090,7 @@ func (rc *runContainer16) Add(k uint16) (wasNew bool) {
 	right := index + 1
 
 	// are we fusing left and right by adding k?
-	if int64(rc.iv[left].last())+1 == k64 && int64(rc.iv[right].start) == k64+1 {
+	if int(rc.iv[left].last())+1 == k64 && int(rc.iv[right].start) == k64+1 {
 		// fuse into left
 		rc.iv[left].length = rc.iv[right].last() - rc.iv[left].start
 		// remove redundant right
@@ -1122,14 +1099,14 @@ func (rc *runContainer16) Add(k uint16) (wasNew bool) {
 	}
 
 	// are we an addition to left?
-	if int64(rc.iv[left].last())+1 == k64 {
+	if int(rc.iv[left].last())+1 == k64 {
 		// yes
 		rc.iv[left].length++
 		return
 	}
 
 	// are we an addition to right?
-	if int64(rc.iv[right].start) == k64+1 {
+	if int(rc.iv[right].start) == k64+1 {
 		// yes
 		rc.iv[right].start = k
 		rc.iv[right].length++
@@ -1146,7 +1123,7 @@ func (rc *runContainer16) Add(k uint16) (wasNew bool) {
 // before calling next()/peekNext() to insure there are contents.
 type runIterator16 struct {
 	rc            *runContainer16
-	curIndex      int64
+	curIndex      int
 	curPosInIndex uint16
 }
 
@@ -1171,8 +1148,8 @@ func (rc *runContainer16) iterate(cb func(x uint16) bool) bool {
 // returns true when there is at least one more value
 // available in the iteration sequence.
 func (ri *runIterator16) hasNext() bool {
-	return int64(len(ri.rc.iv)) > ri.curIndex+1 ||
-		(int64(len(ri.rc.iv)) == ri.curIndex+1 && ri.rc.iv[ri.curIndex].length >= ri.curPosInIndex)
+	return int(len(ri.rc.iv)) > ri.curIndex+1 ||
+		(int(len(ri.rc.iv)) == ri.curIndex+1 && ri.rc.iv[ri.curIndex].length >= ri.curPosInIndex)
 }
 
 // next returns the next value in the iteration sequence.
@@ -1201,7 +1178,7 @@ func (ri *runIterator16) advanceIfNeeded(minval uint16) {
 	}
 
 	// interval cannot be -1 because of minval > peekNext
-	interval, isPresent, _ := ri.rc.searchRange(int64(minval), ri.curIndex, int64(len(ri.rc.iv)))
+	interval, isPresent, _ := ri.rc.searchRange(int(minval), ri.curIndex, int(len(ri.rc.iv)))
 
 	// if the minval is present, set the curPosIndex at the right position
 	if isPresent {
@@ -1219,13 +1196,13 @@ func (ri *runIterator16) advanceIfNeeded(minval uint16) {
 // before calling next() to insure there are contents.
 type runReverseIterator16 struct {
 	rc            *runContainer16
-	curIndex      int64  // index into rc.iv
+	curIndex      int    // index into rc.iv
 	curPosInIndex uint16 // offset in rc.iv[curIndex]
 }
 
 // newRunReverseIterator16 returns a new empty run iterator.
 func (rc *runContainer16) newRunReverseIterator16() *runReverseIterator16 {
-	index := int64(len(rc.iv)) - 1
+	index := int(len(rc.iv)) - 1
 	pos := uint16(0)
 
 	if index >= 0 {
@@ -1298,7 +1275,7 @@ func (ri *runIterator16) nextMany(hs uint32, buf []uint32) int {
 			ri.curPosInIndex = 0
 			ri.curIndex++
 
-			if ri.curIndex == int64(len(ri.rc.iv)) {
+			if ri.curIndex == int(len(ri.rc.iv)) {
 				break
 			}
 		} else {
@@ -1339,7 +1316,7 @@ func (ri *runIterator16) nextMany64(hs uint64, buf []uint64) int {
 			ri.curPosInIndex = 0
 			ri.curIndex++
 
-			if ri.curIndex == int64(len(ri.rc.iv)) {
+			if ri.curIndex == int(len(ri.rc.iv)) {
 				break
 			}
 		} else {
@@ -1353,8 +1330,8 @@ func (ri *runIterator16) nextMany64(hs uint64, buf []uint64) int {
 // remove removes key from the container.
 func (rc *runContainer16) removeKey(key uint16) (wasPresent bool) {
 
-	var index int64
-	index, wasPresent, _ = rc.search(int64(key))
+	var index int
+	index, wasPresent, _ = rc.search(int(key))
 	if !wasPresent {
 		return // already removed, nothing to do.
 	}
@@ -1365,15 +1342,14 @@ func (rc *runContainer16) removeKey(key uint16) (wasPresent bool) {
 
 // internal helper functions
 
-func (rc *runContainer16) deleteAt(curIndex *int64, curPosInIndex *uint16) {
-	rc.card--
+func (rc *runContainer16) deleteAt(curIndex *int, curPosInIndex *uint16) {
 	ci := *curIndex
 	pos := *curPosInIndex
 
 	// are we first, last, or in the middle of our interval16?
 	switch {
 	case pos == 0:
-		if int64(rc.iv[ci].length) == 0 {
+		if int(rc.iv[ci].length) == 0 {
 			// our interval disappears
 			rc.iv = append(rc.iv[:ci], rc.iv[ci+1:]...)
 			// curIndex stays the same, since the delete did
@@ -1394,8 +1370,8 @@ func (rc *runContainer16) deleteAt(curIndex *int64, curPosInIndex *uint16) {
 		// split into two, adding an interval16
 		new0 := newInterval16Range(rc.iv[ci].start, rc.iv[ci].start+*curPosInIndex-1)
 
-		new1start := int64(rc.iv[ci].start+*curPosInIndex) + 1
-		if new1start > int64(MaxUint16) {
+		new1start := int(rc.iv[ci].start+*curPosInIndex) + 1
+		if new1start > int(MaxUint16) {
 			panic("overflow?!?!")
 		}
 		new1 := newInterval16Range(uint16(new1start), rc.iv[ci].last())
@@ -1408,14 +1384,14 @@ func (rc *runContainer16) deleteAt(curIndex *int64, curPosInIndex *uint16) {
 
 }
 
-func have4Overlap16(astart, alast, bstart, blast int64) bool {
+func have4Overlap16(astart, alast, bstart, blast int) bool {
 	if alast+1 <= bstart {
 		return false
 	}
 	return blast+1 > astart
 }
 
-func intersectWithLeftover16(astart, alast, bstart, blast int64) (isOverlap, isLeftoverA, isLeftoverB bool, leftoverstart int64, intersection interval16) {
+func intersectWithLeftover16(astart, alast, bstart, blast int) (isOverlap, isLeftoverA, isLeftoverB bool, leftoverstart int, intersection interval16) {
 	if !have4Overlap16(astart, alast, bstart, blast) {
 		return
 	}
@@ -1445,13 +1421,13 @@ func intersectWithLeftover16(astart, alast, bstart, blast int64) (isOverlap, isL
 	return
 }
 
-func (rc *runContainer16) findNextIntervalThatIntersectsStartingFrom(startIndex int64, key int64) (index int64, done bool) {	
+func (rc *runContainer16) findNextIntervalThatIntersectsStartingFrom(startIndex int, key int) (index int, done bool) {
 	w, _, _ := rc.searchRange(key, startIndex, 0)
 	// rc.search always returns w < len(rc.iv)
 	if w < startIndex {
 		// not found and comes before lower bound startIndex,
 		// so just use the lower bound.
-		if startIndex == int64(len(rc.iv)) {
+		if startIndex == int(len(rc.iv)) {
 			// also this bump up means that we are done
 			return startIndex, true
 		}
@@ -1469,25 +1445,6 @@ func sliceToString16(m []interval16) string {
 	return s
 }
 
-// selectInt16 returns the j-th value in the container.
-// We panic of j is out of bounds.
-func (rc *runContainer16) selectInt16(j uint16) int {
-	n := rc.cardinality()
-	if int64(j) > n {
-		panic(fmt.Sprintf("Cannot select %v since Cardinality is %v", j, n))
-	}
-
-	var offset int64
-	for k := range rc.iv {
-		nextOffset := offset + rc.iv[k].runlen()
-		if nextOffset > int64(j) {
-			return int(int64(rc.iv[k].start) + (int64(j) - offset))
-		}
-		offset = nextOffset
-	}
-	panic(fmt.Sprintf("Cannot select %v since Cardinality is %v", j, n))
-}
-
 // helper for invert
 func (rc *runContainer16) invertlastInterval(origin uint16, lastIdx int) []interval16 {
 	cur := rc.iv[lastIdx]
@@ -1519,7 +1476,7 @@ func (rc *runContainer16) invert() *runContainer16 {
 	case 1:
 		return &runContainer16{iv: rc.invertlastInterval(0, 0)}
 	}
-	var invstart int64
+	var invstart int
 	ult := ni - 1
 	for i, cur := range rc.iv {
 		if i == ult {
@@ -1538,7 +1495,7 @@ func (rc *runContainer16) invert() *runContainer16 {
 		if cur.start > 0 {
 			m = append(m, newInterval16Range(uint16(invstart), cur.start-1))
 		}
-		invstart = int64(cur.last() + 1)
+		invstart = int(cur.last() + 1)
 	}
 	return &runContainer16{iv: m}
 }
@@ -1551,7 +1508,7 @@ func (iv interval16) isSuperSetOf(b interval16) bool {
 	return iv.start <= b.start && b.last() <= iv.last()
 }
 
-func (iv interval16) subtractInterval(del interval16) (left []interval16, delcount int64) {
+func (iv interval16) subtractInterval(del interval16) (left []interval16, delcount int) {
 	isect, isEmpty := intersectInterval16s(iv, del)
 
 	if isEmpty {
@@ -1576,7 +1533,7 @@ func (iv interval16) subtractInterval(del interval16) (left []interval16, delcou
 func (rc *runContainer16) isubtract(del interval16) {
 	origiv := make([]interval16, len(rc.iv))
 	copy(origiv, rc.iv)
-	n := int64(len(rc.iv))
+	n := int(len(rc.iv))
 	if n == 0 {
 		return // already done.
 	}
@@ -1587,9 +1544,8 @@ func (rc *runContainer16) isubtract(del interval16) {
 	}
 
 	// INVAR there is some intersection between rc and del
-	istart, startAlready, _ := rc.search(int64(del.start))
-	ilast, lastAlready, _ := rc.search(int64(del.last()))
-	rc.card = -1
+	istart, startAlready, _ := rc.search(int(del.start))
+	ilast, lastAlready, _ := rc.search(int(del.last()))
 	if istart == -1 {
 		if ilast == n-1 && !lastAlready {
 			rc.iv = nil
@@ -1604,8 +1560,8 @@ func (rc *runContainer16) isubtract(del interval16) {
 		// would overwrite values in iv b/c res0 can have len 2. so
 		// write to origiv instead.
 		lost := 1 + ilast - istart
-		changeSize := int64(len(res0)) - lost
-		newSize := int64(len(rc.iv)) + changeSize
+		changeSize := int(len(res0)) - lost
+		newSize := int(len(rc.iv)) + changeSize
 
 		//	rc.iv = append(pre, caboose...)
 		//	return
@@ -1613,19 +1569,19 @@ func (rc *runContainer16) isubtract(del interval16) {
 		if ilast != istart {
 			res1, _ := rc.iv[ilast].subtractInterval(del)
 			res0 = append(res0, res1...)
-			changeSize = int64(len(res0)) - lost
-			newSize = int64(len(rc.iv)) + changeSize
+			changeSize = int(len(res0)) - lost
+			newSize = int(len(rc.iv)) + changeSize
 		}
 		switch {
 		case changeSize < 0:
 			// shrink
-			copy(rc.iv[istart+int64(len(res0)):], rc.iv[ilast+1:])
-			copy(rc.iv[istart:istart+int64(len(res0))], res0)
+			copy(rc.iv[istart+int(len(res0)):], rc.iv[ilast+1:])
+			copy(rc.iv[istart:istart+int(len(res0))], res0)
 			rc.iv = rc.iv[:newSize]
 			return
 		case changeSize == 0:
 			// stay the same
-			copy(rc.iv[istart:istart+int64(len(res0))], res0)
+			copy(rc.iv[istart:istart+int(len(res0))], res0)
 			return
 		default:
 			// changeSize > 0 is only possible when ilast == istart.
@@ -1682,7 +1638,7 @@ func (rc *runContainer16) isubtract(del interval16) {
 		// INVAR: ilast < n-1
 		lost := ilast - istart
 		changeSize := -lost
-		newSize := int64(len(rc.iv)) + changeSize
+		newSize := int(len(rc.iv)) + changeSize
 		if changeSize != 0 {
 			copy(rc.iv[ilast+1+changeSize:], rc.iv[ilast+1:])
 		}
@@ -1699,8 +1655,8 @@ func (rc *runContainer16) isubtract(del interval16) {
 			rc.iv[istart] = res0[0]
 		}
 		lost := 1 + (ilast - istart)
-		changeSize := int64(len(res0)) - lost
-		newSize := int64(len(rc.iv)) + changeSize
+		changeSize := int(len(res0)) - lost
+		newSize := int(len(rc.iv)) + changeSize
 		if changeSize != 0 {
 			copy(rc.iv[ilast+1+changeSize:], rc.iv[ilast+1:])
 		}
@@ -1711,8 +1667,8 @@ func (rc *runContainer16) isubtract(del interval16) {
 		// we can only shrink or stay the same size
 		res1, _ := rc.iv[ilast].subtractInterval(del)
 		lost := ilast - istart
-		changeSize := int64(len(res1)) - lost
-		newSize := int64(len(rc.iv)) + changeSize
+		changeSize := int(len(res1)) - lost
+		newSize := int(len(rc.iv)) + changeSize
 		if changeSize != 0 {
 			// move the tail first to make room for res1
 			copy(rc.iv[ilast+1+changeSize:], rc.iv[ilast+1:])
@@ -1916,8 +1872,6 @@ func (rc *runContainer16) iand(a container) container {
 }
 
 func (rc *runContainer16) inplaceIntersect(rc2 *runContainer16) container {
-	// TODO: optimize by doing less allocation, possibly?
-	// sect will be new
 	sect := rc.intersect(rc2)
 	*rc = *sect
 	return rc
@@ -1971,17 +1925,18 @@ func (rc *runContainer16) andNot(a container) container {
 	panic("unsupported container type")
 }
 
-func (rc *runContainer16) fillLeastSignificant16bits(x []uint32, i int, mask uint32) {
-	k := 0
-	var val int64
+func (rc *runContainer16) fillLeastSignificant16bits(x []uint32, i int, mask uint32) int {
+	k := i
+	var val int
 	for _, p := range rc.iv {
 		n := p.runlen()
-		for j := int64(0); j < n; j++ {
-			val = int64(p.start) + j
-			x[k+i] = uint32(val) | mask
+		for j := int(0); j < n; j++ {
+			val = int(p.start) + j
+			x[k] = uint32(val) | mask
 			k++
 		}
 	}
+	return k
 }
 
 func (rc *runContainer16) getShortIterator() shortPeekable {
@@ -2000,8 +1955,11 @@ func (rc *runContainer16) getManyIterator() manyIterable {
 // is still abe to express 2^16 because it is an int not an uint16.
 func (rc *runContainer16) iaddRange(firstOfRange, endx int) container {
 
-	if firstOfRange >= endx {
-		panic(fmt.Sprintf("invalid %v = endx >= firstOfRange", endx))
+	if firstOfRange > endx {
+		panic(fmt.Sprintf("invalid %v = endx > firstOfRange", endx))
+	}
+	if firstOfRange == endx {
+		return rc
 	}
 	addme := newRunContainer16TakeOwnership([]interval16{
 		{
@@ -2015,10 +1973,13 @@ func (rc *runContainer16) iaddRange(firstOfRange, endx int) container {
 
 // remove the values in the range [firstOfRange,endx)
 func (rc *runContainer16) iremoveRange(firstOfRange, endx int) container {
-	if firstOfRange >= endx {
+	if firstOfRange > endx {
 		panic(fmt.Sprintf("request to iremove empty set [%v, %v),"+
 			" nothing to do.", firstOfRange, endx))
-		//return rc
+	}
+	// empty removal
+	if firstOfRange == endx {
+		return rc
 	}
 	x := newInterval16Range(uint16(firstOfRange), uint16(endx-1))
 	rc.isubtract(x)
@@ -2027,8 +1988,8 @@ func (rc *runContainer16) iremoveRange(firstOfRange, endx int) container {
 
 // not flip the values in the range [firstOfRange,endx)
 func (rc *runContainer16) not(firstOfRange, endx int) container {
-	if firstOfRange >= endx {
-		panic(fmt.Sprintf("invalid %v = endx >= firstOfRange = %v", endx, firstOfRange))
+	if firstOfRange > endx {
+		panic(fmt.Sprintf("invalid %v = endx > firstOfRange = %v", endx, firstOfRange))
 	}
 
 	return rc.Not(firstOfRange, endx)
@@ -2048,8 +2009,8 @@ func (rc *runContainer16) not(firstOfRange, endx int) container {
 //
 func (rc *runContainer16) Not(firstOfRange, endx int) *runContainer16 {
 
-	if firstOfRange >= endx {
-		panic(fmt.Sprintf("invalid %v = endx >= firstOfRange == %v", endx, firstOfRange))
+	if firstOfRange > endx {
+		panic(fmt.Sprintf("invalid %v = endx > firstOfRange == %v", endx, firstOfRange))
 	}
 
 	if firstOfRange >= endx {
@@ -2187,9 +2148,21 @@ func (rc *runContainer16) orBitmapContainerCardinality(bc *bitmapContainer) int
 
 // orArray finds the union of rc and ac.
 func (rc *runContainer16) orArray(ac *arrayContainer) container {
-	bc1 := newBitmapContainerFromRun(rc)
-	bc2 := ac.toBitmapContainer()
-	return bc1.orBitmap(bc2)
+	if ac.isEmpty() {
+		return rc.clone()
+	}
+	if rc.isEmpty() {
+		return ac.clone()
+	}
+	intervals, cardMinusOne := runArrayUnionToRuns(rc, ac)
+	result := newRunContainer16TakeOwnership(intervals)
+	if len(intervals) >= 2048 && cardMinusOne >= arrayDefaultMaxSize {
+		return newBitmapContainerFromRun(result)
+	}
+	if len(intervals)*2 > 1+int(cardMinusOne) {
+		return result.toArrayContainer()
+	}
+	return result
 }
 
 // orArray finds the union of rc and ac.
@@ -2214,8 +2187,8 @@ func (rc *runContainer16) ior(a container) container {
 
 func (rc *runContainer16) inplaceUnion(rc2 *runContainer16) container {
 	for _, p := range rc2.iv {
-		last := int64(p.last())
-		for i := int64(p.start); i <= last; i++ {
+		last := int(p.last())
+		for i := int(p.start); i <= last; i++ {
 			rc.Add(uint16(i))
 		}
 	}
@@ -2232,13 +2205,88 @@ func (rc *runContainer16) iorBitmapContainer(bc *bitmapContainer) container {
 }
 
 func (rc *runContainer16) iorArray(ac *arrayContainer) container {
-	it := ac.getShortIterator()
-	for it.hasNext() {
-		rc.Add(it.next())
+	if rc.isEmpty() {
+		return ac.clone()
+	}
+	if ac.isEmpty() {
+		return rc
+	}
+	var cardMinusOne uint16
+	//TODO: perform the union algorithm in-place using rc.iv
+	// this can be done with methods like the in-place array container union
+	// but maybe lazily moving the remaining elements back.
+	rc.iv, cardMinusOne = runArrayUnionToRuns(rc, ac)
+	if len(rc.iv) >= 2048 && cardMinusOne >= arrayDefaultMaxSize {
+		return newBitmapContainerFromRun(rc)
+	}
+	if len(rc.iv)*2 > 1+int(cardMinusOne) {
+		return rc.toArrayContainer()
 	}
 	return rc
 }
 
+func runArrayUnionToRuns(rc *runContainer16, ac *arrayContainer) ([]interval16, uint16) {
+	pos1 := 0
+	pos2 := 0
+	length1 := len(ac.content)
+	length2 := len(rc.iv)
+	target := make([]interval16, 0, len(rc.iv))
+	// have to find the first range
+	// options are
+	// 1. from array container
+	// 2. from run container
+	var previousInterval interval16
+	var cardMinusOne uint16
+	if ac.content[0] < rc.iv[0].start {
+		previousInterval.start = ac.content[0]
+		previousInterval.length = 0
+		pos1++
+	} else {
+		previousInterval.start = rc.iv[0].start
+		previousInterval.length = rc.iv[0].length
+		pos2++
+	}
+
+	for pos1 < length1 || pos2 < length2 {
+		if pos1 < length1 {
+			s1 := ac.content[pos1]
+			if s1 <= previousInterval.start+previousInterval.length {
+				pos1++
+				continue
+			}
+			if previousInterval.last() < MaxUint16 && previousInterval.last()+1 == s1 {
+				previousInterval.length++
+				pos1++
+				continue
+			}
+		}
+		if pos2 < length2 {
+			range2 := rc.iv[pos2]
+			if range2.start <= previousInterval.last() || range2.start > 0 && range2.start-1 == previousInterval.last() {
+				pos2++
+				if previousInterval.last() < range2.last() {
+					previousInterval.length = range2.last() - previousInterval.start
+				}
+				continue
+			}
+		}
+		cardMinusOne += previousInterval.length + 1
+		target = append(target, previousInterval)
+		if pos2 == length2 || pos1 < length1 && ac.content[pos1] < rc.iv[pos2].start {
+			previousInterval.start = ac.content[pos1]
+			previousInterval.length = 0
+			pos1++
+		} else {
+			previousInterval = rc.iv[pos2]
+			pos2++
+		}
+	}
+	cardMinusOne += previousInterval.length + 1
+	target = append(target, previousInterval)
+
+	return target, cardMinusOne
+}
+
 // lazyIOR is described (not yet implemented) in
 // this nice note from @lemire on
 // https://github.com/RoaringBitmap/roaring/pull/70#issuecomment-263613737
@@ -2294,9 +2342,9 @@ func (rc *runContainer16) lazyOR(a container) container {
 }
 
 func (rc *runContainer16) intersects(a container) bool {
-	// TODO: optimize by doing inplace/less allocation, possibly?
+	// TODO: optimize by doing inplace/less allocation
 	isect := rc.and(a)
-	return isect.getCardinality() > 0
+	return !isect.isEmpty()
 }
 
 func (rc *runContainer16) xor(a container) container {
@@ -2325,21 +2373,20 @@ func (rc *runContainer16) iandNot(a container) container {
 
 // flip the values in the range [firstOfRange,endx)
 func (rc *runContainer16) inot(firstOfRange, endx int) container {
-	if firstOfRange >= endx {
-		panic(fmt.Sprintf("invalid %v = endx >= firstOfRange = %v", endx, firstOfRange))
+	if firstOfRange > endx {
+		panic(fmt.Sprintf("invalid %v = endx > firstOfRange = %v", endx, firstOfRange))
+	}
+	if firstOfRange > endx {
+		return rc
 	}
 	// TODO: minimize copies, do it all inplace; not() makes a copy.
 	rc = rc.Not(firstOfRange, endx)
 	return rc
 }
 
-func (rc *runContainer16) getCardinality() int {
-	return int(rc.cardinality())
-}
-
 func (rc *runContainer16) rank(x uint16) int {
-	n := int64(len(rc.iv))
-	xx := int64(x)
+	n := int(len(rc.iv))
+	xx := int(x)
 	w, already, _ := rc.search(xx)
 	if w < 0 {
 		return 0
@@ -2347,22 +2394,30 @@ func (rc *runContainer16) rank(x uint16) int {
 	if !already && w == n-1 {
 		return rc.getCardinality()
 	}
-	var rnk int64
+	var rnk int
 	if !already {
-		for i := int64(0); i <= w; i++ {
+		for i := int(0); i <= w; i++ {
 			rnk += rc.iv[i].runlen()
 		}
 		return int(rnk)
 	}
-	for i := int64(0); i < w; i++ {
+	for i := int(0); i < w; i++ {
 		rnk += rc.iv[i].runlen()
 	}
-	rnk += int64(x-rc.iv[w].start) + 1
+	rnk += int(x-rc.iv[w].start) + 1
 	return int(rnk)
 }
 
 func (rc *runContainer16) selectInt(x uint16) int {
-	return rc.selectInt16(x)
+	var offset int
+	for k := range rc.iv {
+		nextOffset := offset + rc.iv[k].runlen()
+		if nextOffset > int(x) {
+			return int(int(rc.iv[k].start) + (int(x) - offset))
+		}
+		offset = nextOffset
+	}
+	panic("cannot select x")
 }
 
 func (rc *runContainer16) andNotRunContainer16(b *runContainer16) container {
@@ -2440,11 +2495,9 @@ func (rc *runContainer16) xorBitmap(bc *bitmapContainer) container {
 
 // convert to bitmap or array *if needed*
 func (rc *runContainer16) toEfficientContainer() container {
-
-	// runContainer16SerializedSizeInBytes(numRuns)
 	sizeAsRunContainer := rc.getSizeInBytes()
 	sizeAsBitmapContainer := bitmapContainerSizeInBytes()
-	card := int(rc.cardinality())
+	card := rc.getCardinality()
 	sizeAsArrayContainer := arrayContainerSizeInBytes(card)
 	if sizeAsRunContainer <= minOfInt(sizeAsBitmapContainer, sizeAsArrayContainer) {
 		return rc
diff --git a/vendor/github.com/RoaringBitmap/roaring/smat.go b/vendor/github.com/RoaringBitmap/roaring/smat.go
index 9da4756349..972cd244da 100644
--- a/vendor/github.com/RoaringBitmap/roaring/smat.go
+++ b/vendor/github.com/RoaringBitmap/roaring/smat.go
@@ -63,7 +63,7 @@ import (
 	"sort"
 
 	"github.com/mschoch/smat"
-	"github.com/willf/bitset"
+	"github.com/bits-and-blooms/bitset"
 )
 
 // fuzz test using state machine driven by byte stream.
diff --git a/vendor/github.com/acomagu/bufpipe/README.md b/vendor/github.com/acomagu/bufpipe/README.md
new file mode 100644
index 0000000000..19df083142
--- /dev/null
+++ b/vendor/github.com/acomagu/bufpipe/README.md
@@ -0,0 +1,42 @@
+# bufpipe: Buffered Pipe
+
+[![CircleCI](https://img.shields.io/circleci/build/github/acomagu/bufpipe.svg?style=flat-square)](https://circleci.com/gh/acomagu/bufpipe) [![GoDoc](https://img.shields.io/badge/godoc-reference-blue.svg?style=flat-square)](https://godoc.org/github.com/acomagu/bufpipe)
+
+The buffered version of io.Pipe. It's safe for concurrent use.
+
+## How does it differ from io.Pipe?
+
+Writes never block because the pipe has variable-sized buffer.
+
+```Go
+r, w := bufpipe.New(nil)
+io.WriteString(w, "abc") // No blocking.
+io.WriteString(w, "def") // No blocking, too.
+w.Close()
+io.Copy(os.Stdout, r)
+// Output: abcdef
+```
+
+[Playground](https://play.golang.org/p/PdyBAS3pVob)
+
+## How does it differ from bytes.Buffer?
+
+Reads block if the internal buffer is empty until the writer is closed.
+
+```Go
+r, w := bufpipe.New(nil)
+
+done := make(chan struct{})
+go func() {
+	io.Copy(os.Stdout, r) // The reads block until the writer is closed.
+	done <- struct{}{}
+}()
+
+io.WriteString(w, "abc")
+io.WriteString(w, "def")
+w.Close()
+<-done
+// Output: abcdef
+```
+
+[Playground](https://play.golang.org/p/UppmyLeRgX6)
diff --git a/vendor/github.com/acomagu/bufpipe/bufpipe.go b/vendor/github.com/acomagu/bufpipe/bufpipe.go
new file mode 100644
index 0000000000..846dbcc290
--- /dev/null
+++ b/vendor/github.com/acomagu/bufpipe/bufpipe.go
@@ -0,0 +1,128 @@
+package bufpipe
+
+import (
+	"bytes"
+	"errors"
+	"io"
+	"sync"
+)
+
+// ErrClosedPipe is the error used for read or write operations on a closed pipe.
+var ErrClosedPipe = errors.New("bufpipe: read/write on closed pipe")
+
+type pipe struct {
+	cond       *sync.Cond
+	buf        *bytes.Buffer
+	rerr, werr error
+}
+
+// A PipeReader is the read half of a pipe.
+type PipeReader struct {
+	*pipe
+}
+
+// A PipeWriter is the write half of a pipe.
+type PipeWriter struct {
+	*pipe
+}
+
+// New creates a synchronous pipe using buf as its initial contents. It can be
+// used to connect code expecting an io.Reader with code expecting an io.Writer.
+//
+// Unlike io.Pipe, writes never block because the internal buffer has variable
+// size. Reads block only when the buffer is empty.
+//
+// It is safe to call Read and Write in parallel with each other or with Close.
+// Parallel calls to Read and parallel calls to Write are also safe: the
+// individual calls will be gated sequentially.
+//
+// The new pipe takes ownership of buf, and the caller should not use buf after
+// this call. New is intended to prepare a PipeReader to read existing data. It
+// can also be used to set the initial size of the internal buffer for writing.
+// To do that, buf should have the desired capacity but a length of zero.
+func New(buf []byte) (*PipeReader, *PipeWriter) {
+	p := &pipe{
+		buf:  bytes.NewBuffer(buf),
+		cond: sync.NewCond(new(sync.Mutex)),
+	}
+	return &PipeReader{
+			pipe: p,
+		}, &PipeWriter{
+			pipe: p,
+		}
+}
+
+// Read implements the standard Read interface: it reads data from the pipe,
+// reading from the internal buffer, otherwise blocking until a writer arrives
+// or the write end is closed. If the write end is closed with an error, that
+// error is returned as err; otherwise err is io.EOF.
+func (r *PipeReader) Read(data []byte) (int, error) {
+	r.cond.L.Lock()
+	defer r.cond.L.Unlock()
+
+RETRY:
+	n, err := r.buf.Read(data)
+	// If not closed and no read, wait for writing.
+	if err == io.EOF && r.rerr == nil && n == 0 {
+		r.cond.Wait()
+		goto RETRY
+	}
+	if err == io.EOF {
+		return n, r.rerr
+	}
+	return n, err
+}
+
+// Close closes the reader; subsequent writes from the write half of the pipe
+// will return error ErrClosedPipe.
+func (r *PipeReader) Close() error {
+	return r.CloseWithError(nil)
+}
+
+// CloseWithError closes the reader; subsequent writes to the write half of the
+// pipe will return the error err.
+func (r *PipeReader) CloseWithError(err error) error {
+	r.cond.L.Lock()
+	defer r.cond.L.Unlock()
+
+	if err == nil {
+		err = ErrClosedPipe
+	}
+	r.werr = err
+	return nil
+}
+
+// Write implements the standard Write interface: it writes data to the internal
+// buffer. If the read end is closed with an error, that err is returned as err;
+// otherwise err is ErrClosedPipe.
+func (w *PipeWriter) Write(data []byte) (int, error) {
+	w.cond.L.Lock()
+	defer w.cond.L.Unlock()
+
+	if w.werr != nil {
+		return 0, w.werr
+	}
+
+	n, err := w.buf.Write(data)
+	w.cond.Signal()
+	return n, err
+}
+
+// Close closes the writer; subsequent reads from the read half of the pipe will
+// return io.EOF once the internal buffer get empty.
+func (w *PipeWriter) Close() error {
+	return w.CloseWithError(nil)
+}
+
+// Close closes the writer; subsequent reads from the read half of the pipe will
+// return err once the internal buffer get empty.
+func (w *PipeWriter) CloseWithError(err error) error {
+	w.cond.L.Lock()
+	defer w.cond.L.Unlock()
+
+	if err == nil {
+		err = io.EOF
+	}
+	w.rerr = err
+	return nil
+}
diff --git a/vendor/github.com/acomagu/bufpipe/doc.go b/vendor/github.com/acomagu/bufpipe/doc.go
new file mode 100644
index 0000000000..16a3948001
--- /dev/null
+++ b/vendor/github.com/acomagu/bufpipe/doc.go
@@ -0,0 +1,2 @@
+// Package bufpipe provides a IO pipe, has variable-sized buffer.
+package bufpipe
diff --git a/vendor/github.com/acomagu/bufpipe/go.mod b/vendor/github.com/acomagu/bufpipe/go.mod
new file mode 100644
index 0000000000..bab097a2f5
--- /dev/null
+++ b/vendor/github.com/acomagu/bufpipe/go.mod
@@ -0,0 +1,5 @@
+module github.com/acomagu/bufpipe
+
+go 1.12
+
+require github.com/matryer/is v1.2.0
diff --git a/vendor/github.com/acomagu/bufpipe/go.sum b/vendor/github.com/acomagu/bufpipe/go.sum
new file mode 100644
index 0000000000..6378c9bd6f
--- /dev/null
+++ b/vendor/github.com/acomagu/bufpipe/go.sum
@@ -0,0 +1,2 @@
+github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A=
+github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA=
diff --git a/vendor/github.com/alecthomas/chroma/Makefile b/vendor/github.com/alecthomas/chroma/Makefile
index 1b8320a58b..010ec0394f 100644
--- a/vendor/github.com/alecthomas/chroma/Makefile
+++ b/vendor/github.com/alecthomas/chroma/Makefile
@@ -1,5 +1,7 @@
 .PHONY: chromad upload all
 
+VERSION ?= $(shell git describe --tags --dirty  --always)
+
 all: README.md tokentype_string.go
 
 README.md: lexers/*/*.go
@@ -9,10 +11,8 @@ tokentype_string.go: types.go
 	go generate
 
 chromad:
-	(cd ./cmd/chromad && go get github.com/GeertJohan/go.rice/rice@master && go install github.com/GeertJohan/go.rice/rice)
 	rm -f chromad
-	(export CGOENABLED=0 GOOS=linux ; cd ./cmd/chromad && go build -o ../../chromad .)
-	rice append -i ./cmd/chromad --exec=./chromad
+	(export CGOENABLED=0 GOOS=linux ; cd ./cmd/chromad && go build -ldflags="-X 'main.version=$(VERSION)'" -o ../../chromad .)
 
 upload: chromad
 	scp chromad root@swapoff.org: && \
diff --git a/vendor/github.com/alecthomas/chroma/README.md b/vendor/github.com/alecthomas/chroma/README.md
index 42af02ea52..e47c88c874 100644
--- a/vendor/github.com/alecthomas/chroma/README.md
+++ b/vendor/github.com/alecthomas/chroma/README.md
@@ -1,4 +1,4 @@
-# Chroma — A general purpose syntax highlighter in pure Go [![Golang Documentation](https://godoc.org/github.com/alecthomas/chroma?status.svg)](https://godoc.org/github.com/alecthomas/chroma) [![CircleCI](https://img.shields.io/circleci/project/github/alecthomas/chroma.svg)](https://circleci.com/gh/alecthomas/chroma) [![Go Report Card](https://goreportcard.com/badge/github.com/alecthomas/chroma)](https://goreportcard.com/report/github.com/alecthomas/chroma) [![Slack chat](https://img.shields.io/static/v1?logo=slack&style=flat&label=slack&color=green&message=gophers)](https://gophers.slack.com/messages/CN9DS8YF3)
+# Chroma — A general purpose syntax highlighter in pure Go [![Golang Documentation](https://godoc.org/github.com/alecthomas/chroma?status.svg)](https://godoc.org/github.com/alecthomas/chroma) [![CircleCI](https://img.shields.io/circleci/project/github/alecthomas/chroma.svg)](https://circleci.com/gh/alecthomas/chroma) [![Go Report Card](https://goreportcard.com/badge/github.com/alecthomas/chroma)](https://goreportcard.com/report/github.com/alecthomas/chroma) [![Slack chat](https://img.shields.io/static/v1?logo=slack&style=flat&label=slack&color=green&message=gophers)](https://invite.slack.golangbridge.org/)
 
 > **NOTE:** As Chroma has just been released, its API is still in flux. That said, the high-level interface should not change significantly.
 
@@ -38,7 +38,7 @@ Prefix | Language
 A | ABAP, ABNF, ActionScript, ActionScript 3, Ada, Angular2, ANTLR, ApacheConf, APL, AppleScript, Arduino, Awk
 B | Ballerina, Base Makefile, Bash, Batchfile, BibTeX, BlitzBasic, BNF, Brainfuck
 C | C, C#, C++, Caddyfile, Caddyfile Directives, Cap'n Proto, Cassandra CQL, Ceylon, CFEngine3, cfstatement, ChaiScript, Cheetah, Clojure, CMake, COBOL, CoffeeScript, Common Lisp, Coq, Crystal, CSS, Cython
-D | D, Dart, Diff, Django/Jinja, Docker, DTD
+D | D, Dart, Diff, Django/Jinja, Docker, DTD, Dylan
 E | EBNF, Elixir, Elm, EmacsLisp, Erlang
 F | Factor, Fish, Forth, Fortran, FSharp
 G | GAS, GDScript, Genshi, Genshi HTML, Genshi Text, Gherkin, GLSL, Gnuplot, Go, Go HTML Template, Go Text Template, GraphQL, Groovy
@@ -216,7 +216,7 @@ python3 ~/Projects/chroma/_tools/pygments2chroma.py \
   && gofmt -s -w ~/Projects/chroma/lexers/*.go
 ```
 
-See notes in [pygments-lexers.go](https://github.com/alecthomas/chroma/blob/master/pygments-lexers.txt)
+See notes in [pygments-lexers.txt](https://github.com/alecthomas/chroma/blob/master/pygments-lexers.txt)
 for a list of lexers, and notes on some of the issues importing them.
 
 <a id="markdown-formatters" name="formatters"></a>
diff --git a/vendor/github.com/alecthomas/chroma/go.mod b/vendor/github.com/alecthomas/chroma/go.mod
index 10e6d6ead0..3baf1cb508 100644
--- a/vendor/github.com/alecthomas/chroma/go.mod
+++ b/vendor/github.com/alecthomas/chroma/go.mod
@@ -8,7 +8,7 @@ require (
 	github.com/alecthomas/kong v0.2.4
 	github.com/alecthomas/repr v0.0.0-20180818092828-117648cd9897 // indirect
 	github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964
-	github.com/dlclark/regexp2 v1.2.0
+	github.com/dlclark/regexp2 v1.4.0
 	github.com/mattn/go-colorable v0.1.6
 	github.com/mattn/go-isatty v0.0.12
 	github.com/pkg/errors v0.9.1 // indirect
diff --git a/vendor/github.com/alecthomas/chroma/go.sum b/vendor/github.com/alecthomas/chroma/go.sum
index fb943fcafe..273999b343 100644
--- a/vendor/github.com/alecthomas/chroma/go.sum
+++ b/vendor/github.com/alecthomas/chroma/go.sum
@@ -13,6 +13,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/dlclark/regexp2 v1.2.0 h1:8sAhBGEM0dRWogWqWyQeIJnxjWO6oIjl8FKqREDsGfk=
 github.com/dlclark/regexp2 v1.2.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
+github.com/dlclark/regexp2 v1.4.0 h1:F1rxgk7p4uKjwIQxBs9oAXe5CqrXlCduYEJvrF4u93E=
+github.com/dlclark/regexp2 v1.4.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
 github.com/mattn/go-colorable v0.1.6 h1:6Su7aK7lXmJ/U79bYtBjLNaha4Fs1Rg9plHpcH+vvnE=
 github.com/mattn/go-colorable v0.1.6/go.mod h1:u6P/XSegPjTcexA+o6vUJrdnUu04hMope9wVRipJSqc=
 github.com/mattn/go-isatty v0.0.12 h1:wuysRhFDzyxgEmMf5xjvJ2M9dZoWAXNNr5LSBS7uHXY=
diff --git a/vendor/github.com/alecthomas/chroma/iterator.go b/vendor/github.com/alecthomas/chroma/iterator.go
index c8845a1f5f..d5175de89b 100644
--- a/vendor/github.com/alecthomas/chroma/iterator.go
+++ b/vendor/github.com/alecthomas/chroma/iterator.go
@@ -4,7 +4,7 @@ import "strings"
 
 // An Iterator across tokens.
 //
-// nil will be returned at the end of the Token stream.
+// EOF will be returned at the end of the Token stream.
 //
 // If an error occurs within an Iterator, it may propagate this in a panic. Formatters should recover.
 type Iterator func() Token
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/abap.go b/vendor/github.com/alecthomas/chroma/lexers/a/abap.go
index 61c294e040..268aa6a592 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/abap.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/abap.go
@@ -6,7 +6,7 @@ import (
 )
 
 // ABAP lexer.
-var Abap = internal.Register(MustNewLexer(
+var Abap = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "ABAP",
 		Aliases:         []string{"abap"},
@@ -14,7 +14,11 @@ var Abap = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-abap"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	abapRules,
+))
+
+func abapRules() Rules {
+	return Rules{
 		"common": {
 			{`\s+`, Text, nil},
 			{`^\*.*$`, CommentSingle, nil},
@@ -52,5 +56,5 @@ var Abap = internal.Register(MustNewLexer(
 			{`[/;:()\[\],.]`, Punctuation, nil},
 			{`(!)(\w+)`, ByGroups(Operator, Name), nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/abnf.go b/vendor/github.com/alecthomas/chroma/lexers/a/abnf.go
index ff29aed24e..85c47afce2 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/abnf.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/abnf.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Abnf lexer.
-var Abnf = internal.Register(MustNewLexer(
+var Abnf = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "ABNF",
 		Aliases:   []string{"abnf"},
 		Filenames: []string{"*.abnf"},
 		MimeTypes: []string{"text/x-abnf"},
 	},
-	Rules{
+	abnfRules,
+))
+
+func abnfRules() Rules {
+	return Rules{
 		"root": {
 			{`;.*$`, CommentSingle, nil},
 			{`(%[si])?"[^"]*"`, Literal, nil},
@@ -34,5 +38,5 @@ var Abnf = internal.Register(MustNewLexer(
 			{`\s+`, Text, nil},
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/actionscript.go b/vendor/github.com/alecthomas/chroma/lexers/a/actionscript.go
index 43d38521e7..df55d6daca 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/actionscript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/actionscript.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Actionscript lexer.
-var Actionscript = internal.Register(MustNewLexer(
+var Actionscript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:         "ActionScript",
 		Aliases:      []string{"as", "actionscript"},
@@ -15,7 +15,11 @@ var Actionscript = internal.Register(MustNewLexer(
 		NotMultiline: true,
 		DotAll:       true,
 	},
-	Rules{
+	actionscriptRules,
+))
+
+func actionscriptRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`//.*?\n`, CommentSingle, nil},
@@ -35,5 +39,5 @@ var Actionscript = internal.Register(MustNewLexer(
 			{`"(\\\\|\\"|[^"])*"`, LiteralStringDouble, nil},
 			{`'(\\\\|\\'|[^'])*'`, LiteralStringSingle, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/actionscript3.go b/vendor/github.com/alecthomas/chroma/lexers/a/actionscript3.go
index 3404bd5556..45596dcc17 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/actionscript3.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/actionscript3.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Actionscript 3 lexer.
-var Actionscript3 = internal.Register(MustNewLexer(
+var Actionscript3 = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "ActionScript 3",
 		Aliases:   []string{"as3", "actionscript3"},
@@ -14,7 +14,11 @@ var Actionscript3 = internal.Register(MustNewLexer(
 		MimeTypes: []string{"application/x-actionscript3", "text/x-actionscript3", "text/actionscript3"},
 		DotAll:    true,
 	},
-	Rules{
+	actionscript3Rules,
+))
+
+func actionscript3Rules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`(function\s+)([$a-zA-Z_]\w*)(\s*)(\()`, ByGroups(KeywordDeclaration, NameFunction, Text, Operator), Push("funcparams")},
@@ -52,5 +56,5 @@ var Actionscript3 = internal.Register(MustNewLexer(
 			{`,`, Operator, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/ada.go b/vendor/github.com/alecthomas/chroma/lexers/a/ada.go
index d9b34e3ca7..916727124b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/ada.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/ada.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Ada lexer.
-var Ada = internal.Register(MustNewLexer(
+var Ada = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Ada",
 		Aliases:         []string{"ada", "ada95", "ada2005"},
@@ -14,7 +14,11 @@ var Ada = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-ada"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	adaRules,
+))
+
+func adaRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+`, Text, nil},
 			{`--.*?\n`, CommentSingle, nil},
@@ -110,5 +114,5 @@ var Ada = internal.Register(MustNewLexer(
 			{`\)`, Punctuation, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/al.go b/vendor/github.com/alecthomas/chroma/lexers/a/al.go
new file mode 100644
index 0000000000..d70164449a
--- /dev/null
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/al.go
@@ -0,0 +1,48 @@
+package a
+
+import (
+	. "github.com/alecthomas/chroma" // nolint
+	"github.com/alecthomas/chroma/lexers/internal"
+)
+
+// Al lexer.
+var Al = internal.Register(MustNewLazyLexer(
+	&Config{
+		Name:            "AL",
+		Aliases:         []string{"al"},
+		Filenames:       []string{"*.al", "*.dal"},
+		MimeTypes:       []string{"text/x-al"},
+		DotAll:          true,
+		CaseInsensitive: true,
+	},
+	alRules,
+))
+
+// https://github.com/microsoft/AL/blob/master/grammar/alsyntax.tmlanguage
+func alRules() Rules {
+	return Rules{
+		"root": {
+			{`\s+`, TextWhitespace, nil},
+			{`(?s)\/\*.*?\\*\*\/`, CommentMultiline, nil},
+			{`(?s)//.*?\n`, CommentSingle, nil},
+			{`\"([^\"])*\"`, Text, nil},
+			{`'([^'])*'`, LiteralString, nil},
+			{`\b(?i:(ARRAY|ASSERTERROR|BEGIN|BREAK|CASE|DO|DOWNTO|ELSE|END|EVENT|EXIT|FOR|FOREACH|FUNCTION|IF|IMPLEMENTS|IN|INDATASET|INTERFACE|INTERNAL|LOCAL|OF|PROCEDURE|PROGRAM|PROTECTED|REPEAT|RUNONCLIENT|SECURITYFILTERING|SUPPRESSDISPOSE|TEMPORARY|THEN|TO|TRIGGER|UNTIL|VAR|WHILE|WITH|WITHEVENTS))\b`, Keyword, nil},
+			{`\b(?i:(AND|DIV|MOD|NOT|OR|XOR))\b`, OperatorWord, nil},
+			{`\b(?i:(AVERAGE|CONST|COUNT|EXIST|FIELD|FILTER|LOOKUP|MAX|MIN|ORDER|SORTING|SUM|TABLEDATA|UPPERLIMIT|WHERE|ASCENDING|DESCENDING))\b`, Keyword, nil},
+			// Added new objects types of BC 2021 wave 1 (REPORTEXTENSION|Entitlement|PermissionSet|PermissionSetExtension)
+			{`\b(?i:(CODEUNIT|PAGE|PAGEEXTENSION|PAGECUSTOMIZATION|DOTNET|ENUM|ENUMEXTENSION|VALUE|QUERY|REPORT|TABLE|TABLEEXTENSION|XMLPORT|PROFILE|CONTROLADDIN|REPORTEXTENSION|Entitlement|PermissionSet|PermissionSetExtension))\b`, Keyword, nil},
+			{`\b(?i:(Action|Array|Automation|BigInteger|BigText|Blob|Boolean|Byte|Char|ClientType|Code|Codeunit|CompletionTriggerErrorLevel|ConnectionType|Database|DataClassification|DataScope|Date|DateFormula|DateTime|Decimal|DefaultLayout|Dialog|Dictionary|DotNet|DotNetAssembly|DotNetTypeDeclaration|Duration|Enum|ErrorInfo|ErrorType|ExecutionContext|ExecutionMode|FieldClass|FieldRef|FieldType|File|FilterPageBuilder|Guid|InStream|Integer|Joker|KeyRef|List|ModuleDependencyInfo|ModuleInfo|None|Notification|NotificationScope|ObjectType|Option|OutStream|Page|PageResult|Query|Record|RecordId|RecordRef|Report|ReportFormat|SecurityFilter|SecurityFiltering|Table|TableConnectionType|TableFilter|TestAction|TestField|TestFilterField|TestPage|TestPermissions|TestRequestPage|Text|TextBuilder|TextConst|TextEncoding|Time|TransactionModel|TransactionType|Variant|Verbosity|Version|XmlPort|HttpContent|HttpHeaders|HttpClient|HttpRequestMessage|HttpResponseMessage|JsonToken|JsonValue|JsonArray|JsonObject|View|Views|XmlAttribute|XmlAttributeCollection|XmlComment|XmlCData|XmlDeclaration|XmlDocument|XmlDocumentType|XmlElement|XmlNamespaceManager|XmlNameTable|XmlNode|XmlNodeList|XmlProcessingInstruction|XmlReadOptions|XmlText|XmlWriteOptions|WebServiceActionContext|WebServiceActionResultCode|SessionSettings))\b`, Keyword, nil},
+			{`\b([<>]=|<>|<|>)\b?`, Operator, nil},
+			{`\b(\-|\+|\/|\*)\b`, Operator, nil},
+			{`\s*(\:=|\+=|-=|\/=|\*=)\s*?`, Operator, nil},
+			{`\b(?i:(ADDFIRST|ADDLAST|ADDAFTER|ADDBEFORE|ACTION|ACTIONS|AREA|ASSEMBLY|CHARTPART|CUEGROUP|CUSTOMIZES|COLUMN|DATAITEM|DATASET|ELEMENTS|EXTENDS|FIELD|FIELDGROUP|FIELDATTRIBUTE|FIELDELEMENT|FIELDGROUPS|FIELDS|FILTER|FIXED|GRID|GROUP|MOVEAFTER|MOVEBEFORE|KEY|KEYS|LABEL|LABELS|LAYOUT|MODIFY|MOVEFIRST|MOVELAST|MOVEBEFORE|MOVEAFTER|PART|REPEATER|USERCONTROL|REQUESTPAGE|SCHEMA|SEPARATOR|SYSTEMPART|TABLEELEMENT|TEXTATTRIBUTE|TEXTELEMENT|TYPE))\b`, Keyword, nil},
+			{`\s*[(\.\.)&\|]\s*`, Operator, nil},
+			{`\b((0(x|X)[0-9a-fA-F]*)|(([0-9]+\.?[0-9]*)|(\.[0-9]+))((e|E)(\+|-)?[0-9]+)?)(L|l|UL|ul|u|U|F|f|ll|LL|ull|ULL)?\b`, LiteralNumber, nil},
+			{`[;:,]`, Punctuation, nil},
+			{`#[ \t]*(if|else|elif|endif|define|undef|region|endregion|pragma)\b.*?\n`, CommentPreproc, nil},
+			{`\w+`, Text, nil},
+			{`.`, Text, nil},
+		},
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/angular2.go b/vendor/github.com/alecthomas/chroma/lexers/a/angular2.go
index 5258c928b8..a947edad60 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/angular2.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/angular2.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Angular2 lexer.
-var Angular2 = internal.Register(MustNewLexer(
+var Angular2 = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Angular2",
 		Aliases:   []string{"ng2"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	angular2Rules,
+))
+
+func angular2Rules() Rules {
+	return Rules{
 		"root": {
 			{`[^{([*#]+`, Other, nil},
 			{`(\{\{)(\s*)`, ByGroups(CommentPreproc, Text), Push("ngExpression")},
@@ -38,5 +42,5 @@ var Angular2 = internal.Register(MustNewLexer(
 			{`'.*?'`, LiteralString, Pop(1)},
 			{`[^\s>]+`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/antlr.go b/vendor/github.com/alecthomas/chroma/lexers/a/antlr.go
index d7649d4a4a..c744353f11 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/antlr.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/antlr.go
@@ -6,14 +6,18 @@ import (
 )
 
 // ANTLR lexer.
-var ANTLR = internal.Register(MustNewLexer(
+var ANTLR = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "ANTLR",
 		Aliases:   []string{"antlr"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	antlrRules,
+))
+
+func antlrRules() Rules {
+	return Rules{
 		"whitespace": {
 			{`\s+`, TextWhitespace, nil},
 		},
@@ -97,5 +101,5 @@ var ANTLR = internal.Register(MustNewLexer(
 			{`(\$[a-zA-Z]+)(\.?)(text|value)?`, ByGroups(NameVariable, Punctuation, NameProperty), nil},
 			{`(\\\\|\\\]|\\\[|[^\[\]])+`, Other, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/apache.go b/vendor/github.com/alecthomas/chroma/lexers/a/apache.go
index 6c56a1db87..5685eb15ce 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/apache.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/apache.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Apacheconf lexer.
-var Apacheconf = internal.Register(MustNewLexer(
+var Apacheconf = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "ApacheConf",
 		Aliases:         []string{"apacheconf", "aconf", "apache"},
@@ -14,7 +14,11 @@ var Apacheconf = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-apacheconf"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	apacheconfRules,
+))
+
+func apacheconfRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`(#.*?)$`, Comment, nil},
@@ -34,5 +38,5 @@ var Apacheconf = internal.Register(MustNewLexer(
 			{`"([^"\\]*(?:\\.[^"\\]*)*)"`, LiteralStringDouble, nil},
 			{`[^\s"\\]+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/apl.go b/vendor/github.com/alecthomas/chroma/lexers/a/apl.go
index 820e13b6cb..6cf1ea05df 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/apl.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/apl.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Apl lexer.
-var Apl = internal.Register(MustNewLexer(
+var Apl = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "APL",
 		Aliases:   []string{"apl"},
 		Filenames: []string{"*.apl"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	aplRules,
+))
+
+func aplRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`[⍝#].*$`, CommentSingle, nil},
@@ -32,5 +36,5 @@ var Apl = internal.Register(MustNewLexer(
 			{`[⍺⍵⍶⍹∇:]`, NameBuiltinPseudo, nil},
 			{`[{}]`, KeywordType, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/applescript.go b/vendor/github.com/alecthomas/chroma/lexers/a/applescript.go
index db83ed0e01..b6a53c5ff8 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/applescript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/applescript.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Applescript lexer.
-var Applescript = internal.Register(MustNewLexer(
+var Applescript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "AppleScript",
 		Aliases:   []string{"applescript"},
@@ -14,7 +14,11 @@ var Applescript = internal.Register(MustNewLexer(
 		MimeTypes: []string{},
 		DotAll:    true,
 	},
-	Rules{
+	applescriptRules,
+))
+
+func applescriptRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`¬\n`, LiteralStringEscape, nil},
@@ -51,5 +55,5 @@ var Applescript = internal.Register(MustNewLexer(
 			{`[^*(]+`, CommentMultiline, nil},
 			{`[*(]`, CommentMultiline, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/arduino.go b/vendor/github.com/alecthomas/chroma/lexers/a/arduino.go
index b0cd8c95d4..0edbe3f934 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/arduino.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/arduino.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Arduino lexer.
-var Arduino = internal.Register(MustNewLexer(
+var Arduino = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Arduino",
 		Aliases:   []string{"arduino"},
@@ -14,7 +14,11 @@ var Arduino = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-arduino"},
 		EnsureNL:  true,
 	},
-	Rules{
+	arduinoRules,
+))
+
+func arduinoRules() Rules {
+	return Rules{
 		"statements": {
 			{Words(``, `\b`, `catch`, `const_cast`, `delete`, `dynamic_cast`, `explicit`, `export`, `friend`, `mutable`, `namespace`, `new`, `operator`, `private`, `protected`, `public`, `reinterpret_cast`, `restrict`, `static_cast`, `template`, `this`, `throw`, `throws`, `try`, `typeid`, `typename`, `using`, `virtual`, `constexpr`, `nullptr`, `decltype`, `thread_local`, `alignas`, `alignof`, `static_assert`, `noexcept`, `override`, `final`), Keyword, nil},
 			{`char(16_t|32_t)\b`, KeywordType, nil},
@@ -106,5 +110,5 @@ var Arduino = internal.Register(MustNewLexer(
 			{`^\s*#endif.*?(?<!\\)\n`, CommentPreproc, Pop(1)},
 			{`.*?\n`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/a/awk.go b/vendor/github.com/alecthomas/chroma/lexers/a/awk.go
index 744d4c1925..95afab2fed 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/a/awk.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/a/awk.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Awk lexer.
-var Awk = internal.Register(MustNewLexer(
+var Awk = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Awk",
 		Aliases:   []string{"awk", "gawk", "mawk", "nawk"},
 		Filenames: []string{"*.awk"},
 		MimeTypes: []string{"application/x-awk"},
 	},
-	Rules{
+	awkRules,
+))
+
+func awkRules() Rules {
+	return Rules{
 		"commentsandwhitespace": {
 			{`\s+`, Text, nil},
 			{`#.*$`, CommentSingle, nil},
@@ -44,5 +48,5 @@ var Awk = internal.Register(MustNewLexer(
 			{`"(\\\\|\\"|[^"])*"`, LiteralStringDouble, nil},
 			{`'(\\\\|\\'|[^'])*'`, LiteralStringSingle, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/b/ballerina.go b/vendor/github.com/alecthomas/chroma/lexers/b/ballerina.go
index 91dc901796..d8916d0e6b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/b/ballerina.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/b/ballerina.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Ballerina lexer.
-var Ballerina = internal.Register(MustNewLexer(
+var Ballerina = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Ballerina",
 		Aliases:   []string{"ballerina"},
@@ -14,7 +14,11 @@ var Ballerina = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-ballerina"},
 		DotAll:    true,
 	},
-	Rules{
+	ballerinaRules,
+))
+
+func ballerinaRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+`, Text, nil},
 			{`//.*?\n`, CommentSingle, nil},
@@ -42,5 +46,5 @@ var Ballerina = internal.Register(MustNewLexer(
 		"import": {
 			{`[\w.]+`, NameNamespace, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/b/bash.go b/vendor/github.com/alecthomas/chroma/lexers/b/bash.go
index 7eac38ef56..34b1e222d3 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/b/bash.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/b/bash.go
@@ -7,17 +7,27 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
+// TODO(moorereason): can this be factored away?
 var bashAnalyserRe = regexp.MustCompile(`(?m)^#!.*/bin/(?:env |)(?:bash|zsh|sh|ksh)`)
 
 // Bash lexer.
-var Bash = internal.Register(MustNewLexer(
+var Bash = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Bash",
 		Aliases:   []string{"bash", "sh", "ksh", "zsh", "shell"},
 		Filenames: []string{"*.sh", "*.ksh", "*.bash", "*.ebuild", "*.eclass", ".env", "*.env", "*.exheres-0", "*.exlib", "*.zsh", "*.zshrc", ".bashrc", "bashrc", ".bash_*", "bash_*", "zshrc", ".zshrc", "PKGBUILD"},
 		MimeTypes: []string{"application/x-sh", "application/x-shellscript"},
 	},
-	Rules{
+	bashRules,
+).SetAnalyser(func(text string) float32 {
+	if bashAnalyserRe.FindString(text) != "" {
+		return 1.0
+	}
+	return 0.0
+}))
+
+func bashRules() Rules {
+	return Rules{
 		"root": {
 			Include("basic"),
 			{"`", LiteralStringBacktick, Push("backticks")},
@@ -86,10 +96,5 @@ var Bash = internal.Register(MustNewLexer(
 			{"`", LiteralStringBacktick, Pop(1)},
 			Include("root"),
 		},
-	},
-).SetAnalyser(func(text string) float32 {
-	if bashAnalyserRe.FindString(text) != "" {
-		return 1.0
 	}
-	return 0.0
-}))
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/b/batch.go b/vendor/github.com/alecthomas/chroma/lexers/b/batch.go
index dc6ce524d5..f7a86776e5 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/b/batch.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/b/batch.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Batchfile lexer.
-var Batchfile = internal.Register(MustNewLexer(
+var Batchfile = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Batchfile",
 		Aliases:         []string{"bat", "batch", "dosbatch", "winbatch"},
@@ -14,7 +14,11 @@ var Batchfile = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"application/x-dos-batch"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	batchfileRules,
+))
+
+func batchfileRules() Rules {
+	return Rules{
 		"root": {
 			{`\)((?=\()|(?=\^?[\t\v\f\r ,;=\xa0]|[&<>|\n\x1a]))(?:(?:[^\n\x1a^]|\^[\n\x1a]?[\w\W])*)`, CommentSingle, nil},
 			{`(?=((?:(?<=^[^:])|^[^:]?)[\t\v\f\r ,;=\xa0]*)(:))`, Text, Push("follow")},
@@ -190,5 +194,5 @@ var Batchfile = internal.Register(MustNewLexer(
 			{`else(?=\^?[\t\v\f\r ,;=\xa0]|[&<>|\n\x1a])`, Keyword, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/b/bibtex.go b/vendor/github.com/alecthomas/chroma/lexers/b/bibtex.go
index 1d76b1d800..d6a0ae3347 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/b/bibtex.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/b/bibtex.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Bibtex lexer.
-var Bibtex = internal.Register(MustNewLexer(
+var Bibtex = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "BibTeX",
 		Aliases:         []string{"bib", "bibtex"},
@@ -15,7 +15,11 @@ var Bibtex = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	bibtexRules,
+))
+
+func bibtexRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			{`@comment`, Comment, nil},
@@ -72,5 +76,5 @@ var Bibtex = internal.Register(MustNewLexer(
 		"whitespace": {
 			{`\s+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/b/blitz.go b/vendor/github.com/alecthomas/chroma/lexers/b/blitz.go
index 5d5ffc8525..119f96b098 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/b/blitz.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/b/blitz.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Blitzbasic lexer.
-var Blitzbasic = internal.Register(MustNewLexer(
+var Blitzbasic = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "BlitzBasic",
 		Aliases:         []string{"blitzbasic", "b3d", "bplus"},
@@ -14,7 +14,11 @@ var Blitzbasic = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-bb"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	blitzbasicRules,
+))
+
+func blitzbasicRules() Rules {
+	return Rules{
 		"root": {
 			{`[ \t]+`, Text, nil},
 			{`;.*?\n`, CommentSingle, nil},
@@ -44,5 +48,5 @@ var Blitzbasic = internal.Register(MustNewLexer(
 			{`"C?`, LiteralStringDouble, Pop(1)},
 			{`[^"]+`, LiteralStringDouble, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/b/bnf.go b/vendor/github.com/alecthomas/chroma/lexers/b/bnf.go
index 5123a45aa0..dcf7360c1d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/b/bnf.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/b/bnf.go
@@ -6,19 +6,23 @@ import (
 )
 
 // Bnf lexer.
-var Bnf = internal.Register(MustNewLexer(
+var Bnf = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "BNF",
 		Aliases:   []string{"bnf"},
 		Filenames: []string{"*.bnf"},
 		MimeTypes: []string{"text/x-bnf"},
 	},
-	Rules{
+	bnfRules,
+))
+
+func bnfRules() Rules {
+	return Rules{
 		"root": {
 			{`(<)([ -;=?-~]+)(>)`, ByGroups(Punctuation, NameClass, Punctuation), nil},
 			{`::=`, Operator, nil},
 			{`[^<>:]+`, Text, nil},
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/b/brainfuck.go b/vendor/github.com/alecthomas/chroma/lexers/b/brainfuck.go
index 6fac5f5e8c..d35e9c6db9 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/b/brainfuck.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/b/brainfuck.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Brainfuck lexer.
-var Brainfuck = internal.Register(MustNewLexer(
+var Brainfuck = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Brainfuck",
 		Aliases:   []string{"brainfuck", "bf"},
 		Filenames: []string{"*.bf", "*.b"},
 		MimeTypes: []string{"application/x-brainfuck"},
 	},
-	Rules{
+	brainfuckRules,
+))
+
+func brainfuckRules() Rules {
+	return Rules{
 		"common": {
 			{`[.,]+`, NameTag, nil},
 			{`[+-]+`, NameBuiltin, nil},
@@ -30,5 +34,5 @@ var Brainfuck = internal.Register(MustNewLexer(
 			{`\]`, Keyword, Pop(1)},
 			Include("common"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/c.go b/vendor/github.com/alecthomas/chroma/lexers/c/c.go
index df2c0faac9..a81e7a88e0 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/c.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/c.go
@@ -6,14 +6,19 @@ import (
 )
 
 // C lexer.
-var C = internal.Register(MustNewLexer(
+var C = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "C",
 		Aliases:   []string{"c"},
 		Filenames: []string{"*.c", "*.h", "*.idc"},
 		MimeTypes: []string{"text/x-chdr", "text/x-csrc"},
+		EnsureNL:  true,
 	},
-	Rules{
+	cRules,
+))
+
+func cRules() Rules {
+	return Rules{
 		"whitespace": {
 			{`^#if\s+0`, CommentPreproc, Push("if0")},
 			{`^#`, CommentPreproc, Push("macro")},
@@ -87,5 +92,5 @@ var C = internal.Register(MustNewLexer(
 			{`^\s*#endif.*?(?<!\\)\n`, CommentPreproc, Pop(1)},
 			{`.*?\n`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/caddyfile.go b/vendor/github.com/alecthomas/chroma/lexers/c/caddyfile.go
index 219c90fcac..765947aacb 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/caddyfile.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/caddyfile.go
@@ -6,143 +6,149 @@ import (
 )
 
 // caddyfileCommon are the rules common to both of the lexer variants
-var caddyfileCommon = Rules{
-	"site_block_common": {
-		// Import keyword
-		{`(import)(\s+)([^\s]+)`, ByGroups(Keyword, Text, NameVariableMagic), nil},
-		// Matcher definition
-		{`@[^\s]+(?=\s)`, NameDecorator, Push("matcher")},
-		// Matcher token stub for docs
-		{`\[\<matcher\>\]`, NameDecorator, Push("matcher")},
-		// These cannot have matchers but may have things that look like
-		// matchers in their arguments, so we just parse as a subdirective.
-		{`try_files`, Keyword, Push("subdirective")},
-		// These are special, they can nest more directives
-		{`handle_errors|handle|route|handle_path|not`, Keyword, Push("nested_directive")},
-		// Any other directive
-		{`[^\s#]+`, Keyword, Push("directive")},
-		Include("base"),
-	},
-	"matcher": {
-		{`\{`, Punctuation, Push("block")},
-		// Not can be one-liner
-		{`not`, Keyword, Push("deep_not_matcher")},
-		// Any other same-line matcher
-		{`[^\s#]+`, Keyword, Push("arguments")},
-		// Terminators
-		{`\n`, Text, Pop(1)},
-		{`\}`, Punctuation, Pop(1)},
-		Include("base"),
-	},
-	"block": {
-		{`\}`, Punctuation, Pop(2)},
-		// Not can be one-liner
-		{`not`, Keyword, Push("not_matcher")},
-		// Any other subdirective
-		{`[^\s#]+`, Keyword, Push("subdirective")},
-		Include("base"),
-	},
-	"nested_block": {
-		{`\}`, Punctuation, Pop(2)},
-		// Matcher definition
-		{`@[^\s]+(?=\s)`, NameDecorator, Push("matcher")},
-		// Something that starts with literally < is probably a docs stub
-		{`\<[^#]+\>`, Keyword, Push("nested_directive")},
-		// Any other directive
-		{`[^\s#]+`, Keyword, Push("nested_directive")},
-		Include("base"),
-	},
-	"not_matcher": {
-		{`\}`, Punctuation, Pop(2)},
-		{`\{(?=\s)`, Punctuation, Push("block")},
-		{`[^\s#]+`, Keyword, Push("arguments")},
-		{`\s+`, Text, nil},
-	},
-	"deep_not_matcher": {
-		{`\}`, Punctuation, Pop(2)},
-		{`\{(?=\s)`, Punctuation, Push("block")},
-		{`[^\s#]+`, Keyword, Push("deep_subdirective")},
-		{`\s+`, Text, nil},
-	},
-	"directive": {
-		{`\{(?=\s)`, Punctuation, Push("block")},
-		Include("matcher_token"),
-		Include("comments_pop_1"),
-		{`\n`, Text, Pop(1)},
-		Include("base"),
-	},
-	"nested_directive": {
-		{`\{(?=\s)`, Punctuation, Push("nested_block")},
-		Include("matcher_token"),
-		Include("comments_pop_1"),
-		{`\n`, Text, Pop(1)},
-		Include("base"),
-	},
-	"subdirective": {
-		{`\{(?=\s)`, Punctuation, Push("block")},
-		Include("comments_pop_1"),
-		{`\n`, Text, Pop(1)},
-		Include("base"),
-	},
-	"arguments": {
-		{`\{(?=\s)`, Punctuation, Push("block")},
-		Include("comments_pop_2"),
-		{`\\\n`, Text, nil}, // Skip escaped newlines
-		{`\n`, Text, Pop(2)},
-		Include("base"),
-	},
-	"deep_subdirective": {
-		{`\{(?=\s)`, Punctuation, Push("block")},
-		Include("comments_pop_3"),
-		{`\n`, Text, Pop(3)},
-		Include("base"),
-	},
-	"matcher_token": {
-		{`@[^\s]+`, NameDecorator, Push("arguments")},         // Named matcher
-		{`/[^\s]+`, NameDecorator, Push("arguments")},         // Path matcher
-		{`\*`, NameDecorator, Push("arguments")},              // Wildcard path matcher
-		{`\[\<matcher\>\]`, NameDecorator, Push("arguments")}, // Matcher token stub for docs
-	},
-	"comments": {
-		{`^#.*\n`, CommentSingle, nil},   // Comment at start of line
-		{`\s+#.*\n`, CommentSingle, nil}, // Comment preceded by whitespace
-	},
-	"comments_pop_1": {
-		{`^#.*\n`, CommentSingle, Pop(1)},   // Comment at start of line
-		{`\s+#.*\n`, CommentSingle, Pop(1)}, // Comment preceded by whitespace
-	},
-	"comments_pop_2": {
-		{`^#.*\n`, CommentSingle, Pop(2)},   // Comment at start of line
-		{`\s+#.*\n`, CommentSingle, Pop(2)}, // Comment preceded by whitespace
-	},
-	"comments_pop_3": {
-		{`^#.*\n`, CommentSingle, Pop(3)},   // Comment at start of line
-		{`\s+#.*\n`, CommentSingle, Pop(3)}, // Comment preceded by whitespace
-	},
-	"base": {
-		Include("comments"),
-		{`(on|off|first|last|before|after|internal|strip_prefix|strip_suffix|replace)\b`, NameConstant, nil},
-		{`(https?://)?([a-z0-9.-]+)(:)([0-9]+)`, ByGroups(Name, Name, Punctuation, LiteralNumberInteger), nil},
-		{`[a-z-]+/[a-z-+]+`, LiteralString, nil},
-		{`[0-9]+[km]?\b`, LiteralNumberInteger, nil},
-		{`\{[\w+.\$-]+\}`, LiteralStringEscape, nil}, // Placeholder
-		{`\[(?=[^#{}$]+\])`, Punctuation, nil},
-		{`\]|\|`, Punctuation, nil},
-		{`[^\s#{}$\]]+`, LiteralString, nil},
-		{`/[^\s#]*`, Name, nil},
-		{`\s+`, Text, nil},
-	},
+func caddyfileCommonRules() Rules {
+	return Rules{
+		"site_block_common": {
+			// Import keyword
+			{`(import)(\s+)([^\s]+)`, ByGroups(Keyword, Text, NameVariableMagic), nil},
+			// Matcher definition
+			{`@[^\s]+(?=\s)`, NameDecorator, Push("matcher")},
+			// Matcher token stub for docs
+			{`\[\<matcher\>\]`, NameDecorator, Push("matcher")},
+			// These cannot have matchers but may have things that look like
+			// matchers in their arguments, so we just parse as a subdirective.
+			{`try_files`, Keyword, Push("subdirective")},
+			// These are special, they can nest more directives
+			{`handle_errors|handle|route|handle_path|not`, Keyword, Push("nested_directive")},
+			// Any other directive
+			{`[^\s#]+`, Keyword, Push("directive")},
+			Include("base"),
+		},
+		"matcher": {
+			{`\{`, Punctuation, Push("block")},
+			// Not can be one-liner
+			{`not`, Keyword, Push("deep_not_matcher")},
+			// Any other same-line matcher
+			{`[^\s#]+`, Keyword, Push("arguments")},
+			// Terminators
+			{`\n`, Text, Pop(1)},
+			{`\}`, Punctuation, Pop(1)},
+			Include("base"),
+		},
+		"block": {
+			{`\}`, Punctuation, Pop(2)},
+			// Not can be one-liner
+			{`not`, Keyword, Push("not_matcher")},
+			// Any other subdirective
+			{`[^\s#]+`, Keyword, Push("subdirective")},
+			Include("base"),
+		},
+		"nested_block": {
+			{`\}`, Punctuation, Pop(2)},
+			// Matcher definition
+			{`@[^\s]+(?=\s)`, NameDecorator, Push("matcher")},
+			// Something that starts with literally < is probably a docs stub
+			{`\<[^#]+\>`, Keyword, Push("nested_directive")},
+			// Any other directive
+			{`[^\s#]+`, Keyword, Push("nested_directive")},
+			Include("base"),
+		},
+		"not_matcher": {
+			{`\}`, Punctuation, Pop(2)},
+			{`\{(?=\s)`, Punctuation, Push("block")},
+			{`[^\s#]+`, Keyword, Push("arguments")},
+			{`\s+`, Text, nil},
+		},
+		"deep_not_matcher": {
+			{`\}`, Punctuation, Pop(2)},
+			{`\{(?=\s)`, Punctuation, Push("block")},
+			{`[^\s#]+`, Keyword, Push("deep_subdirective")},
+			{`\s+`, Text, nil},
+		},
+		"directive": {
+			{`\{(?=\s)`, Punctuation, Push("block")},
+			Include("matcher_token"),
+			Include("comments_pop_1"),
+			{`\n`, Text, Pop(1)},
+			Include("base"),
+		},
+		"nested_directive": {
+			{`\{(?=\s)`, Punctuation, Push("nested_block")},
+			Include("matcher_token"),
+			Include("comments_pop_1"),
+			{`\n`, Text, Pop(1)},
+			Include("base"),
+		},
+		"subdirective": {
+			{`\{(?=\s)`, Punctuation, Push("block")},
+			Include("comments_pop_1"),
+			{`\n`, Text, Pop(1)},
+			Include("base"),
+		},
+		"arguments": {
+			{`\{(?=\s)`, Punctuation, Push("block")},
+			Include("comments_pop_2"),
+			{`\\\n`, Text, nil}, // Skip escaped newlines
+			{`\n`, Text, Pop(2)},
+			Include("base"),
+		},
+		"deep_subdirective": {
+			{`\{(?=\s)`, Punctuation, Push("block")},
+			Include("comments_pop_3"),
+			{`\n`, Text, Pop(3)},
+			Include("base"),
+		},
+		"matcher_token": {
+			{`@[^\s]+`, NameDecorator, Push("arguments")},         // Named matcher
+			{`/[^\s]+`, NameDecorator, Push("arguments")},         // Path matcher
+			{`\*`, NameDecorator, Push("arguments")},              // Wildcard path matcher
+			{`\[\<matcher\>\]`, NameDecorator, Push("arguments")}, // Matcher token stub for docs
+		},
+		"comments": {
+			{`^#.*\n`, CommentSingle, nil},   // Comment at start of line
+			{`\s+#.*\n`, CommentSingle, nil}, // Comment preceded by whitespace
+		},
+		"comments_pop_1": {
+			{`^#.*\n`, CommentSingle, Pop(1)},   // Comment at start of line
+			{`\s+#.*\n`, CommentSingle, Pop(1)}, // Comment preceded by whitespace
+		},
+		"comments_pop_2": {
+			{`^#.*\n`, CommentSingle, Pop(2)},   // Comment at start of line
+			{`\s+#.*\n`, CommentSingle, Pop(2)}, // Comment preceded by whitespace
+		},
+		"comments_pop_3": {
+			{`^#.*\n`, CommentSingle, Pop(3)},   // Comment at start of line
+			{`\s+#.*\n`, CommentSingle, Pop(3)}, // Comment preceded by whitespace
+		},
+		"base": {
+			Include("comments"),
+			{`(on|off|first|last|before|after|internal|strip_prefix|strip_suffix|replace)\b`, NameConstant, nil},
+			{`(https?://)?([a-z0-9.-]+)(:)([0-9]+)`, ByGroups(Name, Name, Punctuation, LiteralNumberInteger), nil},
+			{`[a-z-]+/[a-z-+]+`, LiteralString, nil},
+			{`[0-9]+[km]?\b`, LiteralNumberInteger, nil},
+			{`\{[\w+.\$-]+\}`, LiteralStringEscape, nil}, // Placeholder
+			{`\[(?=[^#{}$]+\])`, Punctuation, nil},
+			{`\]|\|`, Punctuation, nil},
+			{`[^\s#{}$\]]+`, LiteralString, nil},
+			{`/[^\s#]*`, Name, nil},
+			{`\s+`, Text, nil},
+		},
+	}
 }
 
 // Caddyfile lexer.
-var Caddyfile = internal.Register(MustNewLexer(
+var Caddyfile = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Caddyfile",
 		Aliases:   []string{"caddyfile", "caddy"},
 		Filenames: []string{"Caddyfile*"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	caddyfileRules,
+))
+
+func caddyfileRules() Rules {
+	return Rules{
 		"root": {
 			Include("comments"),
 			// Global options block
@@ -186,21 +192,25 @@ var Caddyfile = internal.Register(MustNewLexer(
 			{`\}`, Punctuation, Pop(2)},
 			Include("site_block_common"),
 		},
-	}.Merge(caddyfileCommon),
-))
+	}.Merge(caddyfileCommonRules())
+}
 
 // Caddyfile directive-only lexer.
-var CaddyfileDirectives = internal.Register(MustNewLexer(
+var CaddyfileDirectives = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Caddyfile Directives",
 		Aliases:   []string{"caddyfile-directives", "caddyfile-d", "caddy-d"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	caddyfileDirectivesRules,
+))
+
+func caddyfileDirectivesRules() Rules {
+	return Rules{
 		// Same as "site_block" in Caddyfile
 		"root": {
 			Include("site_block_common"),
 		},
-	}.Merge(caddyfileCommon),
-))
+	}.Merge(caddyfileCommonRules())
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/capnproto.go b/vendor/github.com/alecthomas/chroma/lexers/c/capnproto.go
index 0f9d03c6d3..ec0d892c0f 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/capnproto.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/capnproto.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Cap'N'Proto Proto lexer.
-var CapNProto = internal.Register(MustNewLexer(
+var CapNProto = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Cap'n Proto",
 		Aliases:   []string{"capnp"},
 		Filenames: []string{"*.capnp"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	capNProtoRules,
+))
+
+func capNProtoRules() Rules {
+	return Rules{
 		"root": {
 			{`#.*?$`, CommentSingle, nil},
 			{`@[0-9a-zA-Z]*`, NameDecorator, nil},
@@ -57,5 +61,5 @@ var CapNProto = internal.Register(MustNewLexer(
 			{`[])]`, NameAttribute, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/ceylon.go b/vendor/github.com/alecthomas/chroma/lexers/c/ceylon.go
index 07324ca1fc..9d424d4b28 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/ceylon.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/ceylon.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Ceylon lexer.
-var Ceylon = internal.Register(MustNewLexer(
+var Ceylon = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Ceylon",
 		Aliases:   []string{"ceylon"},
@@ -14,7 +14,11 @@ var Ceylon = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-ceylon"},
 		DotAll:    true,
 	},
-	Rules{
+	ceylonRules,
+))
+
+func ceylonRules() Rules {
+	return Rules{
 		"root": {
 			{`^(\s*(?:[a-zA-Z_][\w.\[\]]*\s+)+?)([a-zA-Z_]\w*)(\s*)(\()`, ByGroups(UsingSelf("root"), NameFunction, Text, Operator), nil},
 			{`[^\S\n]+`, Text, nil},
@@ -59,5 +63,5 @@ var Ceylon = internal.Register(MustNewLexer(
 			{`\*/`, CommentMultiline, Pop(1)},
 			{`[*/]`, CommentMultiline, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cfengine3.go b/vendor/github.com/alecthomas/chroma/lexers/c/cfengine3.go
index f96252fa46..f3050346f9 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cfengine3.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cfengine3.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Cfengine3 lexer.
-var Cfengine3 = internal.Register(MustNewLexer(
+var Cfengine3 = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "CFEngine3",
 		Aliases:   []string{"cfengine3", "cf3"},
 		Filenames: []string{"*.cf"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	cfengine3Rules,
+))
+
+func cfengine3Rules() Rules {
+	return Rules{
 		"root": {
 			{`#.*?\n`, Comment, nil},
 			{`(body)(\s+)(\S+)(\s+)(control)`, ByGroups(Keyword, Text, Keyword, Text, Keyword), nil},
@@ -52,5 +56,5 @@ var Cfengine3 = internal.Register(MustNewLexer(
 			{`\w+`, NameVariable, nil},
 			{`\s+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/chaiscript.go b/vendor/github.com/alecthomas/chroma/lexers/c/chaiscript.go
index d2aa50db68..58db9aac9f 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/chaiscript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/chaiscript.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Chaiscript lexer.
-var Chaiscript = internal.Register(MustNewLexer(
+var Chaiscript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "ChaiScript",
 		Aliases:   []string{"chai", "chaiscript"},
@@ -14,7 +14,11 @@ var Chaiscript = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-chaiscript", "application/x-chaiscript"},
 		DotAll:    true,
 	},
-	Rules{
+	chaiscriptRules,
+))
+
+func chaiscriptRules() Rules {
+	return Rules{
 		"commentsandwhitespace": {
 			{`\s+`, Text, nil},
 			{`//.*?\n`, CommentSingle, nil},
@@ -59,5 +63,5 @@ var Chaiscript = internal.Register(MustNewLexer(
 			{`[^\\"$]+`, LiteralStringDouble, nil},
 			{`"`, LiteralStringDouble, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cheetah.go b/vendor/github.com/alecthomas/chroma/lexers/c/cheetah.go
index b2cb9c4066..bd5fb9d9cc 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cheetah.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cheetah.go
@@ -7,14 +7,18 @@ import (
 )
 
 // Cheetah lexer.
-var Cheetah = internal.Register(MustNewLexer(
+var Cheetah = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Cheetah",
 		Aliases:   []string{"cheetah", "spitfire"},
 		Filenames: []string{"*.tmpl", "*.spt"},
 		MimeTypes: []string{"application/x-cheetah", "application/x-spitfire"},
 	},
-	Rules{
+	cheetahRules,
+))
+
+func cheetahRules() Rules {
+	return Rules{
 		"root": {
 			{`(##[^\n]*)$`, ByGroups(Comment), nil},
 			{`#[*](.|\n)*?[*]#`, Comment, nil},
@@ -33,5 +37,5 @@ var Cheetah = internal.Register(MustNewLexer(
             `, Other, nil},
 			{`\s+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cl.go b/vendor/github.com/alecthomas/chroma/lexers/c/cl.go
index fdc9729764..bb162734cc 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cl.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cl.go
@@ -230,7 +230,7 @@ var (
 )
 
 // Common Lisp lexer.
-var CommonLisp = internal.Register(TypeRemappingLexer(MustNewLexer(
+var CommonLisp = internal.Register(TypeRemappingLexer(MustNewLazyLexer(
 	&Config{
 		Name:            "Common Lisp",
 		Aliases:         []string{"common-lisp", "cl", "lisp"},
@@ -238,7 +238,19 @@ var CommonLisp = internal.Register(TypeRemappingLexer(MustNewLexer(
 		MimeTypes:       []string{"text/x-common-lisp"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	commonLispRules,
+), TypeMapping{
+	{NameVariable, NameFunction, clBuiltinFunctions},
+	{NameVariable, Keyword, clSpecialForms},
+	{NameVariable, NameBuiltin, clMacros},
+	{NameVariable, Keyword, clLambdaListKeywords},
+	{NameVariable, Keyword, clDeclarations},
+	{NameVariable, KeywordType, clBuiltinTypes},
+	{NameVariable, NameClass, clBuiltinClasses},
+}))
+
+func commonLispRules() Rules {
+	return Rules{
 		"root": {
 			Default(Push("body")),
 		},
@@ -294,13 +306,5 @@ var CommonLisp = internal.Register(TypeRemappingLexer(MustNewLexer(
 			{`\(`, Punctuation, Push("body")},
 			{`\)`, Punctuation, Pop(1)},
 		},
-	},
-), TypeMapping{
-	{NameVariable, NameFunction, clBuiltinFunctions},
-	{NameVariable, Keyword, clSpecialForms},
-	{NameVariable, NameBuiltin, clMacros},
-	{NameVariable, Keyword, clLambdaListKeywords},
-	{NameVariable, Keyword, clDeclarations},
-	{NameVariable, KeywordType, clBuiltinTypes},
-	{NameVariable, NameClass, clBuiltinClasses},
-}))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/clojure.go b/vendor/github.com/alecthomas/chroma/lexers/c/clojure.go
index e63752a5dd..f99f906c20 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/clojure.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/clojure.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Clojure lexer.
-var Clojure = internal.Register(MustNewLexer(
+var Clojure = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Clojure",
 		Aliases:   []string{"clojure", "clj"},
 		Filenames: []string{"*.clj"},
 		MimeTypes: []string{"text/x-clojure", "application/x-clojure"},
 	},
-	Rules{
+	clojureRules,
+))
+
+func clojureRules() Rules {
+	return Rules{
 		"root": {
 			{`;.*$`, CommentSingle, nil},
 			{`[,\s]+`, Text, nil},
@@ -34,5 +38,5 @@ var Clojure = internal.Register(MustNewLexer(
 			{`(\{|\})`, Punctuation, nil},
 			{`(\(|\))`, Punctuation, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cmake.go b/vendor/github.com/alecthomas/chroma/lexers/c/cmake.go
index 163f17d9af..0e0708db49 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cmake.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cmake.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Cmake lexer.
-var Cmake = internal.Register(MustNewLexer(
+var Cmake = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "CMake",
 		Aliases:   []string{"cmake"},
 		Filenames: []string{"*.cmake", "CMakeLists.txt"},
 		MimeTypes: []string{"text/x-cmake"},
 	},
-	Rules{
+	cmakeRules,
+))
+
+func cmakeRules() Rules {
+	return Rules{
 		"root": {
 			{`\b(\w+)([ \t]*)(\()`, ByGroups(NameBuiltin, Text, Punctuation), Push("args")},
 			Include("keywords"),
@@ -40,5 +44,5 @@ var Cmake = internal.Register(MustNewLexer(
 			{`[ \t]+`, Text, nil},
 			{`#.*\n`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cobol.go b/vendor/github.com/alecthomas/chroma/lexers/c/cobol.go
index e9ae0bb7fb..8b2f6d9bc7 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cobol.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cobol.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Cobol lexer.
-var Cobol = internal.Register(MustNewLexer(
+var Cobol = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "COBOL",
 		Aliases:         []string{"cobol"},
@@ -14,7 +14,11 @@ var Cobol = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-cobol"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	cobolRules,
+))
+
+func cobolRules() Rules {
+	return Rules{
 		"root": {
 			Include("comment"),
 			Include("strings"),
@@ -47,5 +51,5 @@ var Cobol = internal.Register(MustNewLexer(
 			{`[+-]?\d*\.\d+(E[-+]?\d+)?`, LiteralNumberFloat, nil},
 			{`[+-]?\d+\.\d*(E[-+]?\d+)?`, LiteralNumberFloat, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/coffee.go b/vendor/github.com/alecthomas/chroma/lexers/c/coffee.go
index e402b8f2af..381a8fed86 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/coffee.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/coffee.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Coffeescript lexer.
-var Coffeescript = internal.Register(MustNewLexer(
+var Coffeescript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:         "CoffeeScript",
 		Aliases:      []string{"coffee-script", "coffeescript", "coffee"},
@@ -15,7 +15,11 @@ var Coffeescript = internal.Register(MustNewLexer(
 		NotMultiline: true,
 		DotAll:       true,
 	},
-	Rules{
+	coffeescriptRules,
+))
+
+func coffeescriptRules() Rules {
+	return Rules{
 		"commentsandwhitespace": {
 			{`\s+`, Text, nil},
 			{`###[^#].*?###`, CommentMultiline, nil},
@@ -87,5 +91,5 @@ var Coffeescript = internal.Register(MustNewLexer(
 			{`#|\\.|\'|"`, LiteralString, nil},
 			Include("strings"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/coldfusion.go b/vendor/github.com/alecthomas/chroma/lexers/c/coldfusion.go
index 2f12472c08..bc28bc3baf 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/coldfusion.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/coldfusion.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Cfstatement lexer.
-var Cfstatement = internal.Register(MustNewLexer(
+var Cfstatement = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "cfstatement",
 		Aliases:         []string{"cfs"},
@@ -15,7 +15,11 @@ var Cfstatement = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	cfstatementRules,
+))
+
+func cfstatementRules() Rules {
+	return Rules{
 		"root": {
 			{`//.*?\n`, CommentSingle, nil},
 			{`/\*(?:.|\n)*?\*/`, CommentMultiline, nil},
@@ -44,5 +48,5 @@ var Cfstatement = internal.Register(MustNewLexer(
 			{`#`, LiteralStringDouble, nil},
 			{`"`, LiteralStringDouble, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/coq.go b/vendor/github.com/alecthomas/chroma/lexers/c/coq.go
index e69a5c16ce..e0103ef66b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/coq.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/coq.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Coq lexer.
-var Coq = internal.Register(MustNewLexer(
+var Coq = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Coq",
 		Aliases:   []string{"coq"},
 		Filenames: []string{"*.v"},
 		MimeTypes: []string{"text/x-coq"},
 	},
-	Rules{
+	coqRules,
+))
+
+func coqRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`false|true|\(\)|\[\]`, NameBuiltinPseudo, nil},
@@ -59,5 +63,5 @@ var Coq = internal.Register(MustNewLexer(
 			{`[a-z][a-z0-9_\']*`, Name, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cpp.go b/vendor/github.com/alecthomas/chroma/lexers/c/cpp.go
index 104be24090..3f4a1fde05 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cpp.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cpp.go
@@ -6,7 +6,7 @@ import (
 )
 
 // CPP lexer.
-var CPP = internal.Register(MustNewLexer(
+var CPP = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "C++",
 		Aliases:   []string{"cpp", "c++"},
@@ -14,7 +14,11 @@ var CPP = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-c++hdr", "text/x-c++src"},
 		EnsureNL:  true,
 	},
-	Rules{
+	cppRules,
+))
+
+func cppRules() Rules {
+	return Rules{
 		"statements": {
 			{Words(``, `\b`, `catch`, `const_cast`, `delete`, `dynamic_cast`, `explicit`, `export`, `friend`, `mutable`, `namespace`, `new`, `operator`, `private`, `protected`, `public`, `reinterpret_cast`, `restrict`, `static_cast`, `template`, `this`, `throw`, `throws`, `try`, `typeid`, `typename`, `using`, `virtual`, `constexpr`, `nullptr`, `decltype`, `thread_local`, `alignas`, `alignof`, `static_assert`, `noexcept`, `override`, `final`, `concept`, `requires`, `consteval`, `co_await`, `co_return`, `co_yield`), Keyword, nil},
 			{`(enum)\b(\s+)(class)\b(\s*)`, ByGroups(Keyword, Text, Keyword, Text), Push("classname")},
@@ -102,5 +106,5 @@ var CPP = internal.Register(MustNewLexer(
 			{`^\s*#endif.*?(?<!\\)\n`, CommentPreproc, Pop(1)},
 			{`.*?\n`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cql.go b/vendor/github.com/alecthomas/chroma/lexers/c/cql.go
index 0d460b9db6..56de99f79a 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cql.go
@@ -6,7 +6,7 @@ import (
 )
 
 // CassandraCQL lexer.
-var CassandraCQL = internal.Register(MustNewLexer(
+var CassandraCQL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Cassandra CQL",
 		Aliases:         []string{"cassandra", "cql"},
@@ -15,7 +15,11 @@ var CassandraCQL = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	cassandraCQLRules,
+))
+
+func cassandraCQLRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, TextWhitespace, nil},
 			{`(--|\/\/).*\n?`, CommentSingle, nil},
@@ -23,7 +27,8 @@ var CassandraCQL = internal.Register(MustNewLexer(
 			{`(ascii|bigint|blob|boolean|counter|date|decimal|double|float|frozen|inet|int|list|map|set|smallint|text|time|timestamp|timeuuid|tinyint|tuple|uuid|varchar|varint)\b`, NameBuiltin, nil},
 			{Words(``, `\b`, `ADD`, `AGGREGATE`, `ALL`, `ALLOW`, `ALTER`, `AND`, `ANY`, `APPLY`, `AS`, `ASC`, `AUTHORIZE`, `BATCH`, `BEGIN`, `BY`, `CLUSTERING`, `COLUMNFAMILY`, `COMPACT`, `CONSISTENCY`, `COUNT`, `CREATE`, `CUSTOM`, `DELETE`, `DESC`, `DISTINCT`, `DROP`, `EACH_QUORUM`, `ENTRIES`, `EXISTS`, `FILTERING`, `FROM`, `FULL`, `GRANT`, `IF`, `IN`, `INDEX`, `INFINITY`, `INSERT`, `INTO`, `KEY`, `KEYS`, `KEYSPACE`, `KEYSPACES`, `LEVEL`, `LIMIT`, `LOCAL_ONE`, `LOCAL_QUORUM`, `MATERIALIZED`, `MODIFY`, `NAN`, `NORECURSIVE`, `NOSUPERUSER`, `NOT`, `OF`, `ON`, `ONE`, `ORDER`, `PARTITION`, `PASSWORD`, `PER`, `PERMISSION`, `PERMISSIONS`, `PRIMARY`, `QUORUM`, `RENAME`, `REVOKE`, `SCHEMA`, `SELECT`, `STATIC`, `STORAGE`, `SUPERUSER`, `TABLE`, `THREE`, `TO`, `TOKEN`, `TRUNCATE`, `TTL`, `TWO`, `TYPE`, `UNLOGGED`, `UPDATE`, `USE`, `USER`, `USERS`, `USING`, `VALUES`, `VIEW`, `WHERE`, `WITH`, `WRITETIME`, `REPLICATION`, `OR`, `REPLACE`, `FUNCTION`, `CALLED`, `INPUT`, `RETURNS`, `LANGUAGE`, `ROLE`, `ROLES`, `TRIGGER`, `DURABLE_WRITES`, `LOGIN`, `OPTIONS`, `LOGGED`, `SFUNC`, `STYPE`, `FINALFUNC`, `INITCOND`, `IS`, `CONTAINS`, `JSON`, `PAGING`, `OFF`), Keyword, nil},
 			{"[+*/<>=~!@#%^&|`?-]+", Operator, nil},
-			{`(?s)(java|javascript)(\s+)(AS)(\s+)('|\$\$)(.*?)(\5)`,
+			{
+				`(?s)(java|javascript)(\s+)(AS)(\s+)('|\$\$)(.*?)(\5)`,
 				UsingByGroup(
 					internal.Get,
 					1, 6,
@@ -65,5 +70,5 @@ var CassandraCQL = internal.Register(MustNewLexer(
 			{`[^\$]+`, LiteralStringHeredoc, nil},
 			{`\$\$`, LiteralStringHeredoc, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/crystal.go b/vendor/github.com/alecthomas/chroma/lexers/c/crystal.go
index 69e053c737..f06830d295 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/crystal.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/crystal.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Crystal lexer.
-var Crystal = internal.Register(MustNewLexer(
+var Crystal = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Crystal",
 		Aliases:   []string{"cr", "crystal"},
@@ -14,7 +14,11 @@ var Crystal = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-crystal"},
 		DotAll:    true,
 	},
-	Rules{
+	crystalRules,
+))
+
+func crystalRules() Rules {
+	return Rules{
 		"root": {
 			{`#.*?$`, CommentSingle, nil},
 			{Words(``, `\b`, `abstract`, `asm`, `as`, `begin`, `break`, `case`, `do`, `else`, `elsif`, `end`, `ensure`, `extend`, `ifdef`, `if`, `include`, `instance_sizeof`, `next`, `of`, `pointerof`, `private`, `protected`, `rescue`, `return`, `require`, `sizeof`, `super`, `then`, `typeof`, `unless`, `until`, `when`, `while`, `with`, `yield`), Keyword, nil},
@@ -258,5 +262,5 @@ var Crystal = internal.Register(MustNewLexer(
 			{`[\\#<>]`, LiteralStringRegex, nil},
 			{`[^\\#<>]+`, LiteralStringRegex, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/csharp.go b/vendor/github.com/alecthomas/chroma/lexers/c/csharp.go
index c6a5f468ac..725bcb8610 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/csharp.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/csharp.go
@@ -6,7 +6,7 @@ import (
 )
 
 // CSharp lexer.
-var CSharp = internal.Register(MustNewLexer(
+var CSharp = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "C#",
 		Aliases:   []string{"csharp", "c#"},
@@ -15,7 +15,11 @@ var CSharp = internal.Register(MustNewLexer(
 		DotAll:    true,
 		EnsureNL:  true,
 	},
-	Rules{
+	cSharpRules,
+))
+
+func cSharpRules() Rules {
+	return Rules{
 		"root": {
 			{`^\s*\[.*?\]`, NameAttribute, nil},
 			{`[^\S\n]+`, Text, nil},
@@ -29,7 +33,7 @@ var CSharp = internal.Register(MustNewLexer(
 			{`\$@?"(""|[^"])*"`, LiteralString, nil},
 			{`"(\\\\|\\"|[^"\n])*["\n]`, LiteralString, nil},
 			{`'\\.'|'[^\\]'`, LiteralStringChar, nil},
-			{`[0-9](\.[0-9]*)?([eE][+-][0-9]+)?[flFLdD]?|0[xX][0-9a-fA-F]+[Ll]?`, LiteralNumber, nil},
+			{`0[xX][0-9a-fA-F]+[Ll]?|[0-9_](\.[0-9]*)?([eE][+-]?[0-9]+)?[flFLdD]?`, LiteralNumber, nil},
 			{`#[ \t]*(if|endif|else|elif|define|undef|line|error|warning|region|endregion|pragma)\b.*?\n`, CommentPreproc, nil},
 			{`\b(extern)(\s+)(alias)\b`, ByGroups(Keyword, Text, Keyword), nil},
 			{`(abstract|as|async|await|base|break|by|case|catch|checked|const|continue|default|delegate|do|else|enum|event|explicit|extern|false|finally|fixed|for|foreach|goto|if|implicit|in|interface|internal|is|let|lock|new|null|on|operator|out|override|params|private|protected|public|readonly|ref|return|sealed|sizeof|stackalloc|static|switch|this|throw|true|try|typeof|unchecked|unsafe|virtual|void|while|get|set|new|partial|yield|add|remove|value|alias|ascending|descending|from|group|into|orderby|select|thenby|where|join|equals)\b`, Keyword, nil},
@@ -47,5 +51,5 @@ var CSharp = internal.Register(MustNewLexer(
 			{`(?=\()`, Text, Pop(1)},
 			{`(@?[_a-zA-Z]\w*|\.)+`, NameNamespace, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/css.go b/vendor/github.com/alecthomas/chroma/lexers/c/css.go
index fedc809bfc..9f3a01d545 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/css.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/css.go
@@ -6,14 +6,18 @@ import (
 )
 
 // CSS lexer.
-var CSS = internal.Register(MustNewLexer(
+var CSS = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "CSS",
 		Aliases:   []string{"css"},
 		Filenames: []string{"*.css"},
 		MimeTypes: []string{"text/css"},
 	},
-	Rules{
+	cssRules,
+))
+
+func cssRules() Rules {
+	return Rules{
 		"root": {
 			Include("basics"),
 		},
@@ -39,6 +43,18 @@ var CSS = internal.Register(MustNewLexer(
 			Include("basics"),
 			{`\}`, Punctuation, Pop(2)},
 		},
+		"atparenthesis": {
+			Include("common-values"),
+			{`/\*(?:.|\n)*?\*/`, Comment, nil},
+			Include("numeric-values"),
+			{`[*+/-]`, Operator, nil},
+			{`[,]`, Punctuation, nil},
+			{`"(\\\\|\\"|[^"])*"`, LiteralStringDouble, nil},
+			{`'(\\\\|\\'|[^'])*'`, LiteralStringSingle, nil},
+			{`[a-zA-Z_-]\w*`, Name, nil},
+			{`\(`, Punctuation, Push("atparenthesis")},
+			{`\)`, Punctuation, Pop(1)},
+		},
 		"content": {
 			{`\s+`, Text, nil},
 			{`\}`, Punctuation, Pop(1)},
@@ -73,6 +89,7 @@ var CSS = internal.Register(MustNewLexer(
 			{`"(\\\\|\\"|[^"])*"`, LiteralStringDouble, nil},
 			{`'(\\\\|\\'|[^'])*'`, LiteralStringSingle, nil},
 			{`[a-zA-Z_-]\w*`, Name, nil},
+			{`\(`, Punctuation, Push("atparenthesis")},
 			{`\)`, Punctuation, Pop(1)},
 		},
 		"common-values": {
@@ -100,5 +117,5 @@ var CSS = internal.Register(MustNewLexer(
 			{`%`, KeywordType, nil},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/c/cython.go b/vendor/github.com/alecthomas/chroma/lexers/c/cython.go
index 701e2b7912..0cce20410d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/c/cython.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/c/cython.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Cython lexer.
-var Cython = internal.Register(MustNewLexer(
+var Cython = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Cython",
 		Aliases:   []string{"cython", "pyx", "pyrex"},
 		Filenames: []string{"*.pyx", "*.pxd", "*.pxi"},
 		MimeTypes: []string{"text/x-cython", "application/x-cython"},
 	},
-	Rules{
+	cythonRules,
+))
+
+func cythonRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`^(\s*)("""(?:.|\n)*?""")`, ByGroups(Text, LiteralStringDoc), nil},
@@ -131,5 +135,5 @@ var Cython = internal.Register(MustNewLexer(
 			Include("strings"),
 			Include("nl"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/circular/php.go b/vendor/github.com/alecthomas/chroma/lexers/circular/php.go
index 2107cb7a6d..517fb69077 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/circular/php.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/circular/php.go
@@ -6,7 +6,7 @@ import (
 )
 
 // PHP lexer for pure PHP code (not embedded in HTML).
-var PHP = internal.Register(MustNewLexer(
+var PHP = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "PHP",
 		Aliases:         []string{"php", "php3", "php4", "php5"},
@@ -16,65 +16,71 @@ var PHP = internal.Register(MustNewLexer(
 		CaseInsensitive: true,
 		EnsureNL:        true,
 	},
-	phpCommonRules.Rename("php", "root"),
+	phpRules,
 ))
 
-var phpCommonRules = Rules{
-	"php": {
-		{`\?>`, CommentPreproc, Pop(1)},
-		{`(<<<)([\'"]?)((?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)(\2\n.*?\n\s*)(\3)(;?)(\n)`, ByGroups(LiteralString, LiteralString, LiteralStringDelimiter, LiteralString, LiteralStringDelimiter, Punctuation, Text), nil},
-		{`\s+`, Text, nil},
-		{`#.*?\n`, CommentSingle, nil},
-		{`//.*?\n`, CommentSingle, nil},
-		{`/\*\*/`, CommentMultiline, nil},
-		{`/\*\*.*?\*/`, LiteralStringDoc, nil},
-		{`/\*.*?\*/`, CommentMultiline, nil},
-		{`(->|::)(\s*)((?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)`, ByGroups(Operator, Text, NameAttribute), nil},
-		{`[~!%^&*+=|:.<>/@-]+`, Operator, nil},
-		{`\?`, Operator, nil},
-		{`[\[\]{}();,]+`, Punctuation, nil},
-		{`(class)(\s+)`, ByGroups(Keyword, Text), Push("classname")},
-		{`(function)(\s*)(?=\()`, ByGroups(Keyword, Text), nil},
-		{`(function)(\s+)(&?)(\s*)`, ByGroups(Keyword, Text, Operator, Text), Push("functionname")},
-		{`(const)(\s+)((?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)`, ByGroups(Keyword, Text, NameConstant), nil},
-		{`(and|E_PARSE|old_function|E_ERROR|or|as|E_WARNING|parent|eval|PHP_OS|break|exit|case|extends|PHP_VERSION|cfunction|FALSE|print|for|require|continue|foreach|require_once|declare|return|default|static|do|switch|die|stdClass|echo|else|TRUE|elseif|var|empty|if|xor|enddeclare|include|virtual|endfor|include_once|while|endforeach|global|endif|list|endswitch|new|endwhile|not|array|E_ALL|NULL|final|php_user_filter|interface|implements|public|private|protected|abstract|clone|try|catch|throw|this|use|namespace|trait|yield|finally)\b`, Keyword, nil},
-		{`(true|false|null)\b`, KeywordConstant, nil},
-		Include("magicconstants"),
-		{`\$\{\$+(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*\}`, NameVariable, nil},
-		{`\$+(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameVariable, nil},
-		{`(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameOther, nil},
-		{`(\d+\.\d*|\d*\.\d+)(e[+-]?[0-9]+)?`, LiteralNumberFloat, nil},
-		{`\d+e[+-]?[0-9]+`, LiteralNumberFloat, nil},
-		{`0[0-7]+`, LiteralNumberOct, nil},
-		{`0x[a-f0-9]+`, LiteralNumberHex, nil},
-		{`\d+`, LiteralNumberInteger, nil},
-		{`0b[01]+`, LiteralNumberBin, nil},
-		{`'([^'\\]*(?:\\.[^'\\]*)*)'`, LiteralStringSingle, nil},
-		{"`([^`\\\\]*(?:\\\\.[^`\\\\]*)*)`", LiteralStringBacktick, nil},
-		{`"`, LiteralStringDouble, Push("string")},
-	},
-	"magicfuncs": {
-		{Words(``, `\b`, `__construct`, `__destruct`, `__call`, `__callStatic`, `__get`, `__set`, `__isset`, `__unset`, `__sleep`, `__wakeup`, `__toString`, `__invoke`, `__set_state`, `__clone`, `__debugInfo`), NameFunctionMagic, nil},
-	},
-	"magicconstants": {
-		{Words(``, `\b`, `__LINE__`, `__FILE__`, `__DIR__`, `__FUNCTION__`, `__CLASS__`, `__TRAIT__`, `__METHOD__`, `__NAMESPACE__`), NameConstant, nil},
-	},
-	"classname": {
-		{`(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameClass, Pop(1)},
-	},
-	"functionname": {
-		Include("magicfuncs"),
-		{`(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameFunction, Pop(1)},
-		Default(Pop(1)),
-	},
-	"string": {
-		{`"`, LiteralStringDouble, Pop(1)},
-		{`[^{$"\\]+`, LiteralStringDouble, nil},
-		{`\\([nrt"$\\]|[0-7]{1,3}|x[0-9a-f]{1,2})`, LiteralStringEscape, nil},
-		{`\$(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*(\[\S+?\]|->(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)?`, LiteralStringInterpol, nil},
-		{`(\{\$\{)(.*?)(\}\})`, ByGroups(LiteralStringInterpol, UsingSelf("root"), LiteralStringInterpol), nil},
-		{`(\{)(\$.*?)(\})`, ByGroups(LiteralStringInterpol, UsingSelf("root"), LiteralStringInterpol), nil},
-		{`(\$\{)(\S+)(\})`, ByGroups(LiteralStringInterpol, NameVariable, LiteralStringInterpol), nil},
-		{`[${\\]`, LiteralStringDouble, nil},
-	},
+func phpRules() Rules {
+	return phpCommonRules().Rename("php", "root")
+}
+
+func phpCommonRules() Rules {
+	return Rules{
+		"php": {
+			{`\?>`, CommentPreproc, Pop(1)},
+			{`(<<<)([\'"]?)((?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)(\2\n.*?\n\s*)(\3)(;?)(\n)`, ByGroups(LiteralString, LiteralString, LiteralStringDelimiter, LiteralString, LiteralStringDelimiter, Punctuation, Text), nil},
+			{`\s+`, Text, nil},
+			{`#.*?\n`, CommentSingle, nil},
+			{`//.*?\n`, CommentSingle, nil},
+			{`/\*\*/`, CommentMultiline, nil},
+			{`/\*\*.*?\*/`, LiteralStringDoc, nil},
+			{`/\*.*?\*/`, CommentMultiline, nil},
+			{`(->|::)(\s*)((?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)`, ByGroups(Operator, Text, NameAttribute), nil},
+			{`[~!%^&*+=|:.<>/@-]+`, Operator, nil},
+			{`\?`, Operator, nil},
+			{`[\[\]{}();,]+`, Punctuation, nil},
+			{`(class)(\s+)`, ByGroups(Keyword, Text), Push("classname")},
+			{`(function)(\s*)(?=\()`, ByGroups(Keyword, Text), nil},
+			{`(function)(\s+)(&?)(\s*)`, ByGroups(Keyword, Text, Operator, Text), Push("functionname")},
+			{`(const)(\s+)((?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)`, ByGroups(Keyword, Text, NameConstant), nil},
+			{`(and|E_PARSE|old_function|E_ERROR|or|as|E_WARNING|parent|eval|PHP_OS|break|exit|case|extends|PHP_VERSION|cfunction|FALSE|print|for|require|continue|foreach|require_once|declare|return|default|static|do|switch|die|stdClass|echo|else|TRUE|elseif|var|empty|if|xor|enddeclare|include|virtual|endfor|include_once|while|endforeach|global|endif|list|endswitch|new|endwhile|not|array|E_ALL|NULL|final|php_user_filter|interface|implements|public|private|protected|abstract|clone|try|catch|throw|this|use|namespace|trait|yield|finally)\b`, Keyword, nil},
+			{`(true|false|null)\b`, KeywordConstant, nil},
+			Include("magicconstants"),
+			{`\$\{\$+(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*\}`, NameVariable, nil},
+			{`\$+(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameVariable, nil},
+			{`(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameOther, nil},
+			{`(\d+\.\d*|\d*\.\d+)(e[+-]?[0-9]+)?`, LiteralNumberFloat, nil},
+			{`\d+e[+-]?[0-9]+`, LiteralNumberFloat, nil},
+			{`0[0-7]+`, LiteralNumberOct, nil},
+			{`0x[a-f0-9_]+`, LiteralNumberHex, nil},
+			{`[\d_]+`, LiteralNumberInteger, nil},
+			{`0b[01]+`, LiteralNumberBin, nil},
+			{`'([^'\\]*(?:\\.[^'\\]*)*)'`, LiteralStringSingle, nil},
+			{"`([^`\\\\]*(?:\\\\.[^`\\\\]*)*)`", LiteralStringBacktick, nil},
+			{`"`, LiteralStringDouble, Push("string")},
+		},
+		"magicfuncs": {
+			{Words(``, `\b`, `__construct`, `__destruct`, `__call`, `__callStatic`, `__get`, `__set`, `__isset`, `__unset`, `__sleep`, `__wakeup`, `__toString`, `__invoke`, `__set_state`, `__clone`, `__debugInfo`), NameFunctionMagic, nil},
+		},
+		"magicconstants": {
+			{Words(``, `\b`, `__LINE__`, `__FILE__`, `__DIR__`, `__FUNCTION__`, `__CLASS__`, `__TRAIT__`, `__METHOD__`, `__NAMESPACE__`), NameConstant, nil},
+		},
+		"classname": {
+			{`(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameClass, Pop(1)},
+		},
+		"functionname": {
+			Include("magicfuncs"),
+			{`(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*`, NameFunction, Pop(1)},
+			Default(Pop(1)),
+		},
+		"string": {
+			{`"`, LiteralStringDouble, Pop(1)},
+			{`[^{$"\\]+`, LiteralStringDouble, nil},
+			{`\\([nrt"$\\]|[0-7]{1,3}|x[0-9a-f]{1,2})`, LiteralStringEscape, nil},
+			{`\$(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*(\[\S+?\]|->(?:[\\_a-z]|[^\x00-\x7f])(?:[\\\w]|[^\x00-\x7f])*)?`, LiteralStringInterpol, nil},
+			{`(\{\$\{)(.*?)(\}\})`, ByGroups(LiteralStringInterpol, UsingSelf("root"), LiteralStringInterpol), nil},
+			{`(\{)(\$.*?)(\})`, ByGroups(LiteralStringInterpol, UsingSelf("root"), LiteralStringInterpol), nil},
+			{`(\$\{)(\S+)(\})`, ByGroups(LiteralStringInterpol, NameVariable, LiteralStringInterpol), nil},
+			{`[${\\]`, LiteralStringDouble, nil},
+		},
+	}
 }
diff --git a/vendor/github.com/alecthomas/chroma/lexers/circular/phtml.go b/vendor/github.com/alecthomas/chroma/lexers/circular/phtml.go
index b9bffd3541..f0824b5c74 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/circular/phtml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/circular/phtml.go
@@ -9,7 +9,7 @@ import (
 )
 
 // PHTML lexer is PHP in HTML.
-var PHTML = internal.Register(DelegatingLexer(h.HTML, MustNewLexer(
+var PHTML = internal.Register(DelegatingLexer(h.HTML, MustNewLazyLexer(
 	&Config{
 		Name:            "PHTML",
 		Aliases:         []string{"phtml"},
@@ -19,16 +19,20 @@ var PHTML = internal.Register(DelegatingLexer(h.HTML, MustNewLexer(
 		CaseInsensitive: true,
 		EnsureNL:        true,
 	},
-	Rules{
-		"root": {
-			{`<\?(php)?`, CommentPreproc, Push("php")},
-			{`[^<]+`, Other, nil},
-			{`<`, Other, nil},
-		},
-	}.Merge(phpCommonRules),
+	phtmlRules,
 ).SetAnalyser(func(text string) float32 {
 	if strings.Contains(text, "<?php") {
 		return 0.5
 	}
 	return 0.0
 })))
+
+func phtmlRules() Rules {
+	return Rules{
+		"root": {
+			{`<\?(php)?`, CommentPreproc, Push("php")},
+			{`[^<]+`, Other, nil},
+			{`<`, Other, nil},
+		},
+	}.Merge(phpCommonRules())
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/d/d.go b/vendor/github.com/alecthomas/chroma/lexers/d/d.go
index 6f3f11f016..ac12d2e236 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/d/d.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/d/d.go
@@ -6,7 +6,7 @@ import (
 )
 
 // D lexer. https://dlang.org/spec/lex.html
-var D = internal.Register(MustNewLexer(
+var D = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "D",
 		Aliases:   []string{"d"},
@@ -14,7 +14,11 @@ var D = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-d"},
 		EnsureNL:  true,
 	},
-	Rules{
+	dRules,
+))
+
+func dRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+`, Text, nil},
 
@@ -65,5 +69,5 @@ var D = internal.Register(MustNewLexer(
 		"import": {
 			{`[\w.]+\*?`, NameNamespace, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/d/dart.go b/vendor/github.com/alecthomas/chroma/lexers/d/dart.go
index 6dab3b4204..c1dbb5cd5e 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/d/dart.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/d/dart.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Dart lexer.
-var Dart = internal.Register(MustNewLexer(
+var Dart = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Dart",
 		Aliases:   []string{"dart"},
@@ -14,7 +14,11 @@ var Dart = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-dart"},
 		DotAll:    true,
 	},
-	Rules{
+	dartRules,
+))
+
+func dartRules() Rules {
+	return Rules{
 		"root": {
 			Include("string_literal"),
 			{`#!(.*?)$`, CommentPreproc, nil},
@@ -87,5 +91,5 @@ var Dart = internal.Register(MustNewLexer(
 			Include("string_common"),
 			{`(\$|\')+`, LiteralStringSingle, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/d/diff.go b/vendor/github.com/alecthomas/chroma/lexers/d/diff.go
index 264ed45ce4..d4d6db450e 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/d/diff.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/d/diff.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Diff lexer.
-var Diff = internal.Register(MustNewLexer(
+var Diff = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Diff",
 		Aliases:   []string{"diff", "udiff"},
@@ -14,7 +14,11 @@ var Diff = internal.Register(MustNewLexer(
 		Filenames: []string{"*.diff", "*.patch"},
 		MimeTypes: []string{"text/x-diff", "text/x-patch"},
 	},
-	Rules{
+	diffRules,
+))
+
+func diffRules() Rules {
+	return Rules{
 		"root": {
 			{` .*\n`, Text, nil},
 			{`\+.*\n`, GenericInserted, nil},
@@ -25,5 +29,5 @@ var Diff = internal.Register(MustNewLexer(
 			{`=.*\n`, GenericHeading, nil},
 			{`.*\n`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/d/django.go b/vendor/github.com/alecthomas/chroma/lexers/d/django.go
index d72d99a321..5d3baa9163 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/d/django.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/d/django.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Django/Jinja lexer.
-var DjangoJinja = internal.Register(MustNewLexer(
+var DjangoJinja = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Django/Jinja",
 		Aliases:   []string{"django", "jinja"},
@@ -14,7 +14,11 @@ var DjangoJinja = internal.Register(MustNewLexer(
 		MimeTypes: []string{"application/x-django-templating", "application/x-jinja"},
 		DotAll:    true,
 	},
-	Rules{
+	djangoJinjaRules,
+))
+
+func djangoJinjaRules() Rules {
+	return Rules{
 		"root": {
 			{`[^{]+`, Other, nil},
 			{`\{\{`, CommentPreproc, Push("var")},
@@ -49,5 +53,5 @@ var DjangoJinja = internal.Register(MustNewLexer(
 			Include("varnames"),
 			{`.`, Punctuation, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/d/docker.go b/vendor/github.com/alecthomas/chroma/lexers/d/docker.go
index a650eba5f4..ea808f047d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/d/docker.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/d/docker.go
@@ -8,7 +8,7 @@ import (
 )
 
 // Docker lexer.
-var Docker = internal.Register(MustNewLexer(
+var Docker = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Docker",
 		Aliases:         []string{"docker", "dockerfile"},
@@ -16,7 +16,11 @@ var Docker = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-dockerfile-config"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	dockerRules,
+))
+
+func dockerRules() Rules {
+	return Rules{
 		"root": {
 			{`#.*`, Comment, nil},
 			{`(ONBUILD)((?:\s*\\?\s*))`, ByGroups(Keyword, Using(b.Bash)), nil},
@@ -27,5 +31,5 @@ var Docker = internal.Register(MustNewLexer(
 			{`((?:RUN|CMD|ENTRYPOINT|ENV|ARG|LABEL|ADD|COPY))`, Keyword, nil},
 			{`(.*\\\n)*.+`, Using(b.Bash), nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/d/dtd.go b/vendor/github.com/alecthomas/chroma/lexers/d/dtd.go
index 99bf5d3748..aeec6b1d9e 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/d/dtd.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/d/dtd.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Dtd lexer.
-var Dtd = internal.Register(MustNewLexer(
+var Dtd = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "DTD",
 		Aliases:   []string{"dtd"},
@@ -14,7 +14,11 @@ var Dtd = internal.Register(MustNewLexer(
 		MimeTypes: []string{"application/xml-dtd"},
 		DotAll:    true,
 	},
-	Rules{
+	dtdRules,
+))
+
+func dtdRules() Rules {
+	return Rules{
 		"root": {
 			Include("common"),
 			{`(<!ELEMENT)(\s+)(\S+)`, ByGroups(Keyword, Text, NameTag), Push("element")},
@@ -65,5 +69,5 @@ var Dtd = internal.Register(MustNewLexer(
 			{`[^>\s|()?+*,]+`, NameAttribute, nil},
 			{`>`, Keyword, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/d/dylan.go b/vendor/github.com/alecthomas/chroma/lexers/d/dylan.go
new file mode 100644
index 0000000000..0e51f453bc
--- /dev/null
+++ b/vendor/github.com/alecthomas/chroma/lexers/d/dylan.go
@@ -0,0 +1,74 @@
+package d
+
+import (
+	. "github.com/alecthomas/chroma" // nolint
+	"github.com/alecthomas/chroma/lexers/internal"
+)
+
+// Dylan lexer.
+var Dylan = internal.Register(MustNewLexer(
+	&Config{
+		Name:            "Dylan",
+		Aliases:         []string{"dylan"},
+		Filenames:       []string{"*.dylan", "*.dyl", "*.intr"},
+		MimeTypes:       []string{"text/x-dylan"},
+		CaseInsensitive: true,
+	},
+	Rules{
+		"root": {
+			{`\s+`, Whitespace, nil},
+			{`//.*?\n`, CommentSingle, nil},
+			{`([a-z0-9-]+:)([ \t]*)(.*(?:\n[ \t].+)*)`, ByGroups(NameAttribute, Whitespace, LiteralString), nil},
+			Default(Push("code")),
+		},
+		"code": {
+			{`\s+`, Whitespace, nil},
+			{`//.*?\n`, CommentSingle, nil},
+			{`/\*`, CommentMultiline, Push("comment")},
+			{`"`, LiteralString, Push("string")},
+			{`'(\\.|\\[0-7]{1,3}|\\x[a-f0-9]{1,2}|[^\\\'\n])'`, LiteralStringChar, nil},
+			{`#b[01]+`, LiteralNumberBin, nil},
+			{`#o[0-7]+`, LiteralNumberOct, nil},
+			{`[-+]?(\d*\.\d+([ed][-+]?\d+)?|\d+(\.\d*)?e[-+]?\d+)`, LiteralNumberFloat, nil},
+			{`[-+]?\d+`, LiteralNumberInteger, nil},
+			{`#x[0-9a-f]+`, LiteralNumberHex, nil},
+
+			{`(\?\\?)([\w!&*<>|^$%@+~?/=-]+)(:)(token|name|variable|expression|body|case-body|\*)`,
+				ByGroups(Operator, NameVariable, Operator, NameBuiltin), nil},
+			{`(\?)(:)(token|name|variable|expression|body|case-body|\*)`,
+				ByGroups(Operator, Operator, NameVariable), nil},
+			{`(\?\\?)([\w!&*<>|^$%@+~?/=-]+)`, ByGroups(Operator, NameVariable), nil},
+
+			{`(=>|::|#\(|#\[|##|\?\?|\?=|\?|[(){}\[\],.;])`, Punctuation, nil},
+			{`:=`, Operator, nil},
+			{`#[tf]`, Literal, nil},
+			{`#"`, LiteralStringSymbol, Push("symbol")},
+			{`#[a-z0-9-]+`, Keyword, nil},
+			{`#(all-keys|include|key|next|rest)`, Keyword, nil},
+			{`[\w!&*<>|^$%@+~?/=-]+:`, KeywordConstant, nil},
+			{`<[\w!&*<>|^$%@+~?/=-]+>`, NameClass, nil},
+			{`\*[\w!&*<>|^$%@+~?/=-]+\*`, NameVariableGlobal, nil},
+			{`\$[\w!&*<>|^$%@+~?/=-]+`, NameConstant, nil},
+			{`(let|method|function)([ \t]+)([\w!&*<>|^$%@+~?/=-]+)`, ByGroups(NameBuiltin, Whitespace, NameVariable), nil},
+			{`(error|signal|return|break)`, NameException, nil},
+			{`(\\?)([\w!&*<>|^$%@+~?/=-]+)`, ByGroups(Operator, Name), nil},
+		},
+		"comment": {
+			{`[^*/]`, CommentMultiline, nil},
+			{`/\*`, CommentMultiline, Push()},
+			{`\*/`, CommentMultiline, Pop(1)},
+			{`[*/]`, CommentMultiline, nil},
+		},
+		"symbol": {
+			{`"`, LiteralStringSymbol, Pop(1)},
+			{`[^\\"]+`, LiteralStringSymbol, nil},
+		},
+		"string": {
+			{`"`, LiteralString, Pop(1)},
+			{`\\([\\abfnrtv"\']|x[a-f0-9]{2,4}|[0-7]{1,3})`, LiteralStringEscape, nil},
+			{`[^\\"\n]+`, LiteralString, nil},
+			{`\\\n`, LiteralString, nil},
+			{`\\`, LiteralString, nil},
+		},
+	},
+))
diff --git a/vendor/github.com/alecthomas/chroma/lexers/e/ebnf.go b/vendor/github.com/alecthomas/chroma/lexers/e/ebnf.go
index 42a3a37933..5ccdd38ea3 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/e/ebnf.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/e/ebnf.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Ebnf lexer.
-var Ebnf = internal.Register(MustNewLexer(
+var Ebnf = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "EBNF",
 		Aliases:   []string{"ebnf"},
 		Filenames: []string{"*.ebnf"},
 		MimeTypes: []string{"text/x-ebnf"},
 	},
-	Rules{
+	ebnfRules,
+))
+
+func ebnfRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			Include("comment_start"),
@@ -47,5 +51,5 @@ var Ebnf = internal.Register(MustNewLexer(
 		"identifier": {
 			{`([a-zA-Z][\w \-]*)`, Keyword, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/e/elixir.go b/vendor/github.com/alecthomas/chroma/lexers/e/elixir.go
index 11dc8443c7..f283f846be 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/e/elixir.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/e/elixir.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Elixir lexer.
-var Elixir = internal.Register(MustNewLexer(
+var Elixir = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Elixir",
 		Aliases:   []string{"elixir", "ex", "exs"},
 		Filenames: []string{"*.ex", "*.exs"},
 		MimeTypes: []string{"text/x-elixir"},
 	},
-	Rules{
+	elixirRules,
+))
+
+func elixirRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`#.*$`, CommentSingle, nil},
@@ -273,5 +277,5 @@ var Elixir = internal.Register(MustNewLexer(
 			{`\\.`, LiteralStringOther, nil},
 			{`'[a-zA-Z]*`, LiteralStringOther, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/e/elm.go b/vendor/github.com/alecthomas/chroma/lexers/e/elm.go
index a71c6270e8..0fb6689537 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/e/elm.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/e/elm.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Elm lexer.
-var Elm = internal.Register(MustNewLexer(
+var Elm = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Elm",
 		Aliases:   []string{"elm"},
 		Filenames: []string{"*.elm"},
 		MimeTypes: []string{"text/x-elm"},
 	},
-	Rules{
+	elmRules,
+))
+
+func elmRules() Rules {
+	return Rules{
 		"root": {
 			{`\{-`, CommentMultiline, Push("comment")},
 			{`--.*`, CommentSingle, nil},
@@ -55,5 +59,5 @@ var Elm = internal.Register(MustNewLexer(
 			{`\|\]`, NameEntity, Pop(1)},
 			{`.*\n`, NameEntity, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/e/emacs.go b/vendor/github.com/alecthomas/chroma/lexers/e/emacs.go
index 78ffda1229..51c49101dc 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/e/emacs.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/e/emacs.go
@@ -522,14 +522,24 @@ var (
 )
 
 // EmacsLisp lexer.
-var EmacsLisp = internal.Register(TypeRemappingLexer(MustNewLexer(
+var EmacsLisp = internal.Register(TypeRemappingLexer(MustNewLazyLexer(
 	&Config{
 		Name:      "EmacsLisp",
 		Aliases:   []string{"emacs", "elisp", "emacs-lisp"},
 		Filenames: []string{"*.el"},
 		MimeTypes: []string{"text/x-elisp", "application/x-elisp"},
 	},
-	Rules{
+	emacsLispRules,
+), TypeMapping{
+	{NameVariable, NameFunction, emacsBuiltinFunction},
+	{NameVariable, NameBuiltin, emacsSpecialForms},
+	{NameVariable, NameException, emacsErrorKeywords},
+	{NameVariable, NameBuiltin, append(emacsBuiltinFunctionHighlighted, emacsMacros...)},
+	{NameVariable, KeywordPseudo, emacsLambdaListKeywords},
+}))
+
+func emacsLispRules() Rules {
+	return Rules{
 		"root": {
 			Default(Push("body")),
 		},
@@ -572,11 +582,5 @@ var EmacsLisp = internal.Register(TypeRemappingLexer(MustNewLexer(
 			{`\\\n`, LiteralString, nil},
 			{`"`, LiteralString, Pop(1)},
 		},
-	},
-), TypeMapping{
-	{NameVariable, NameFunction, emacsBuiltinFunction},
-	{NameVariable, NameBuiltin, emacsSpecialForms},
-	{NameVariable, NameException, emacsErrorKeywords},
-	{NameVariable, NameBuiltin, append(emacsBuiltinFunctionHighlighted, emacsMacros...)},
-	{NameVariable, KeywordPseudo, emacsLambdaListKeywords},
-}))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/e/erlang.go b/vendor/github.com/alecthomas/chroma/lexers/e/erlang.go
index 63cd59a415..5f5c9caadc 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/e/erlang.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/e/erlang.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Erlang lexer.
-var Erlang = internal.Register(MustNewLexer(
+var Erlang = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Erlang",
 		Aliases:   []string{"erlang"},
 		Filenames: []string{"*.erl", "*.hrl", "*.es", "*.escript"},
 		MimeTypes: []string{"text/x-erlang"},
 	},
-	Rules{
+	erlangRules,
+))
+
+func erlangRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`%.*\n`, Comment, nil},
@@ -62,5 +66,5 @@ var Erlang = internal.Register(MustNewLexer(
 			{`,`, Punctuation, Pop(1)},
 			{`(?=\})`, Punctuation, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/f/factor.go b/vendor/github.com/alecthomas/chroma/lexers/f/factor.go
index 26c0d5624c..d88beb231d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/f/factor.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/f/factor.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Factor lexer.
-var Factor = internal.Register(MustNewLexer(
+var Factor = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Factor",
 		Aliases:   []string{"factor"},
 		Filenames: []string{"*.factor"},
 		MimeTypes: []string{"text/x-factor"},
 	},
-	Rules{
+	factorRules,
+))
+
+func factorRules() Rules {
+	return Rules{
 		"root": {
 			{`#!.*$`, CommentPreproc, nil},
 			Default(Push("base")),
@@ -111,5 +115,5 @@ var Factor = internal.Register(MustNewLexer(
 			{`;\s`, Keyword, Pop(1)},
 			{`\S+`, NameFunction, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/f/fish.go b/vendor/github.com/alecthomas/chroma/lexers/f/fish.go
index 185fc92b52..3678cfa2b9 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/f/fish.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/f/fish.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Fish lexer.
-var Fish = internal.Register(MustNewLexer(
+var Fish = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Fish",
 		Aliases:   []string{"fish", "fishshell"},
 		Filenames: []string{"*.fish", "*.load"},
 		MimeTypes: []string{"application/x-fish"},
 	},
-	Rules{
+	fishRules,
+))
+
+func fishRules() Rules {
+	return Rules{
 		"root": {
 			Include("basic"),
 			Include("data"),
@@ -61,5 +65,5 @@ var Fish = internal.Register(MustNewLexer(
 			{`\d+`, LiteralNumber, nil},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/f/forth.go b/vendor/github.com/alecthomas/chroma/lexers/f/forth.go
index 47de6365f2..8d66708dcc 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/f/forth.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/f/forth.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Forth lexer.
-var Forth = internal.Register(MustNewLexer(
+var Forth = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Forth",
 		Aliases:         []string{"forth"},
@@ -14,7 +14,11 @@ var Forth = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"application/x-forth"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	forthRules,
+))
+
+func forthRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`\\.*?\n`, CommentSingle, nil},
@@ -36,5 +40,5 @@ var Forth = internal.Register(MustNewLexer(
 		"stringdef": {
 			{`[^"]+`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/f/fortran.go b/vendor/github.com/alecthomas/chroma/lexers/f/fortran.go
index 6c57afa6e7..af4a969cee 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/f/fortran.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/f/fortran.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Fortran lexer.
-var Fortran = internal.Register(MustNewLexer(
+var Fortran = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Fortran",
 		Aliases:         []string{"fortran"},
@@ -14,7 +14,11 @@ var Fortran = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-fortran"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	fortranRules,
+))
+
+func fortranRules() Rules {
+	return Rules{
 		"root": {
 			{`^#.*\n`, CommentPreproc, nil},
 			{`!.*\n`, Comment, nil},
@@ -43,5 +47,5 @@ var Fortran = internal.Register(MustNewLexer(
 			{`[+-]?\d*\.\d+([ed][-+]?\d+)?(_[a-z]\w+)?`, LiteralNumberFloat, nil},
 			{`[+-]?\d+\.\d*([ed][-+]?\d+)?(_[a-z]\w+)?`, LiteralNumberFloat, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/f/fsharp.go b/vendor/github.com/alecthomas/chroma/lexers/f/fsharp.go
index d00f63dd7d..44fced4d5b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/f/fsharp.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/f/fsharp.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Fsharp lexer.
-var Fsharp = internal.Register(MustNewLexer(
+var Fsharp = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "FSharp",
 		Aliases:   []string{"fsharp"},
 		Filenames: []string{"*.fs", "*.fsi"},
 		MimeTypes: []string{"text/x-fsharp"},
 	},
-	Rules{
+	fsharpRules,
+))
+
+func fsharpRules() Rules {
+	return Rules{
 		"escape-sequence": {
 			{`\\[\\"\'ntbrafv]`, LiteralStringEscape, nil},
 			{`\\[0-9]{3}`, LiteralStringEscape, nil},
@@ -90,5 +94,5 @@ var Fsharp = internal.Register(MustNewLexer(
 			{`"""B?`, LiteralString, Pop(1)},
 			{`"`, LiteralString, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/gas.go b/vendor/github.com/alecthomas/chroma/lexers/g/gas.go
index a922806857..1f733f6ac1 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/gas.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/gas.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Gas lexer.
-var Gas = internal.Register(MustNewLexer(
+var Gas = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "GAS",
 		Aliases:   []string{"gas", "asm"},
 		Filenames: []string{"*.s", "*.S"},
 		MimeTypes: []string{"text/x-gas"},
 	},
-	Rules{
+	gasRules,
+))
+
+func gasRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			{`(?:[a-zA-Z$_][\w$.@-]*|\.[\w$.@-]+):`, NameLabel, nil},
@@ -51,5 +55,5 @@ var Gas = internal.Register(MustNewLexer(
 		"punctuation": {
 			{`[-*,.()\[\]!:]+`, Punctuation, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/gdscript.go b/vendor/github.com/alecthomas/chroma/lexers/g/gdscript.go
index bfe30637cc..2b6af973fb 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/gdscript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/gdscript.go
@@ -6,14 +6,18 @@ import (
 )
 
 // GDScript lexer.
-var GDScript = internal.Register(MustNewLexer(
+var GDScript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "GDScript",
 		Aliases:   []string{"gdscript", "gd"},
 		Filenames: []string{"*.gd"},
 		MimeTypes: []string{"text/x-gdscript", "application/x-gdscript"},
 	},
-	Rules{
+	gdscriptRules,
+))
+
+func gdscriptRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`^(\s*)([rRuUbB]{,2})("""(?:.|\n)*?""")`, ByGroups(Text, LiteralStringAffix, LiteralStringDoc), nil},
@@ -120,5 +124,5 @@ var GDScript = internal.Register(MustNewLexer(
 			Include("strings-single"),
 			{`\n`, LiteralStringSingle, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/genshi.go b/vendor/github.com/alecthomas/chroma/lexers/g/genshi.go
index 0d3663a0a9..dc4d4b17de 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/genshi.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/genshi.go
@@ -7,14 +7,18 @@ import (
 )
 
 // Genshi Text lexer.
-var GenshiText = internal.Register(MustNewLexer(
+var GenshiText = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Genshi Text",
 		Aliases:   []string{"genshitext"},
 		Filenames: []string{},
 		MimeTypes: []string{"application/x-genshi-text", "text/x-genshi"},
 	},
-	Rules{
+	genshiTextRules,
+))
+
+func genshiTextRules() Rules {
+	return Rules{
 		"root": {
 			{`[^#$\s]+`, Other, nil},
 			{`^(\s*)(##.*)$`, ByGroups(Text, Comment), nil},
@@ -33,11 +37,11 @@ var GenshiText = internal.Register(MustNewLexer(
 			{`(?<!\$)(\$\{)(.+?)(\})`, ByGroups(CommentPreproc, Using(Python), CommentPreproc), nil},
 			{`(?<!\$)(\$)([a-zA-Z_][\w.]*)`, NameVariable, nil},
 		},
-	},
-))
+	}
+}
 
 // Html+Genshi lexer.
-var GenshiHTMLTemplate = internal.Register(MustNewLexer(
+var GenshiHTMLTemplate = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:         "Genshi HTML",
 		Aliases:      []string{"html+genshi", "html+kid"},
@@ -50,7 +54,7 @@ var GenshiHTMLTemplate = internal.Register(MustNewLexer(
 ))
 
 // Genshi lexer.
-var Genshi = internal.Register(MustNewLexer(
+var Genshi = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:         "Genshi",
 		Aliases:      []string{"genshi", "kid", "xml+genshi", "xml+kid"},
@@ -62,53 +66,55 @@ var Genshi = internal.Register(MustNewLexer(
 	genshiMarkupRules,
 ))
 
-var genshiMarkupRules = Rules{
-	"root": {
-		{`[^<$]+`, Other, nil},
-		{`(<\?python)(.*?)(\?>)`, ByGroups(CommentPreproc, Using(Python), CommentPreproc), nil},
-		{`<\s*(script|style)\s*.*?>.*?<\s*/\1\s*>`, Other, nil},
-		{`<\s*py:[a-zA-Z0-9]+`, NameTag, Push("pytag")},
-		{`<\s*[a-zA-Z0-9:.]+`, NameTag, Push("tag")},
-		Include("variable"),
-		{`[<$]`, Other, nil},
-	},
-	"pytag": {
-		{`\s+`, Text, nil},
-		{`[\w:-]+\s*=`, NameAttribute, Push("pyattr")},
-		{`/?\s*>`, NameTag, Pop(1)},
-	},
-	"pyattr": {
-		{`(")(.*?)(")`, ByGroups(LiteralString, Using(Python), LiteralString), Pop(1)},
-		{`(')(.*?)(')`, ByGroups(LiteralString, Using(Python), LiteralString), Pop(1)},
-		{`[^\s>]+`, LiteralString, Pop(1)},
-	},
-	"tag": {
-		{`\s+`, Text, nil},
-		{`py:[\w-]+\s*=`, NameAttribute, Push("pyattr")},
-		{`[\w:-]+\s*=`, NameAttribute, Push("attr")},
-		{`/?\s*>`, NameTag, Pop(1)},
-	},
-	"attr": {
-		{`"`, LiteralString, Push("attr-dstring")},
-		{`'`, LiteralString, Push("attr-sstring")},
-		{`[^\s>]*`, LiteralString, Pop(1)},
-	},
-	"attr-dstring": {
-		{`"`, LiteralString, Pop(1)},
-		Include("strings"),
-		{`'`, LiteralString, nil},
-	},
-	"attr-sstring": {
-		{`'`, LiteralString, Pop(1)},
-		Include("strings"),
-		{`'`, LiteralString, nil},
-	},
-	"strings": {
-		{`[^"'$]+`, LiteralString, nil},
-		Include("variable"),
-	},
-	"variable": {
-		{`(?<!\$)(\$\{)(.+?)(\})`, ByGroups(CommentPreproc, Using(Python), CommentPreproc), nil},
-		{`(?<!\$)(\$)([a-zA-Z_][\w\.]*)`, NameVariable, nil},
-	},
+func genshiMarkupRules() Rules {
+	return Rules{
+		"root": {
+			{`[^<$]+`, Other, nil},
+			{`(<\?python)(.*?)(\?>)`, ByGroups(CommentPreproc, Using(Python), CommentPreproc), nil},
+			{`<\s*(script|style)\s*.*?>.*?<\s*/\1\s*>`, Other, nil},
+			{`<\s*py:[a-zA-Z0-9]+`, NameTag, Push("pytag")},
+			{`<\s*[a-zA-Z0-9:.]+`, NameTag, Push("tag")},
+			Include("variable"),
+			{`[<$]`, Other, nil},
+		},
+		"pytag": {
+			{`\s+`, Text, nil},
+			{`[\w:-]+\s*=`, NameAttribute, Push("pyattr")},
+			{`/?\s*>`, NameTag, Pop(1)},
+		},
+		"pyattr": {
+			{`(")(.*?)(")`, ByGroups(LiteralString, Using(Python), LiteralString), Pop(1)},
+			{`(')(.*?)(')`, ByGroups(LiteralString, Using(Python), LiteralString), Pop(1)},
+			{`[^\s>]+`, LiteralString, Pop(1)},
+		},
+		"tag": {
+			{`\s+`, Text, nil},
+			{`py:[\w-]+\s*=`, NameAttribute, Push("pyattr")},
+			{`[\w:-]+\s*=`, NameAttribute, Push("attr")},
+			{`/?\s*>`, NameTag, Pop(1)},
+		},
+		"attr": {
+			{`"`, LiteralString, Push("attr-dstring")},
+			{`'`, LiteralString, Push("attr-sstring")},
+			{`[^\s>]*`, LiteralString, Pop(1)},
+		},
+		"attr-dstring": {
+			{`"`, LiteralString, Pop(1)},
+			Include("strings"),
+			{`'`, LiteralString, nil},
+		},
+		"attr-sstring": {
+			{`'`, LiteralString, Pop(1)},
+			Include("strings"),
+			{`'`, LiteralString, nil},
+		},
+		"strings": {
+			{`[^"'$]+`, LiteralString, nil},
+			Include("variable"),
+		},
+		"variable": {
+			{`(?<!\$)(\$\{)(.+?)(\})`, ByGroups(CommentPreproc, Using(Python), CommentPreproc), nil},
+			{`(?<!\$)(\$)([a-zA-Z_][\w\.]*)`, NameVariable, nil},
+		},
+	}
 }
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/gherkin.go b/vendor/github.com/alecthomas/chroma/lexers/g/gherkin.go
index d19b517ecb..8ae45dcb60 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/gherkin.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/gherkin.go
@@ -5,23 +5,27 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var stepKeywords = `^(\s*)(하지만|조건|먼저|만일|만약|단|그리고|그러면|那麼|那么|而且|當|当|前提|假設|假设|假如|假定|但是|但し|並且|并且|同時|同时|もし|ならば|ただし|しかし|かつ|و |متى |لكن |عندما |ثم |بفرض |اذاً |כאשר |וגם |בהינתן |אזי |אז |אבל |Якщо |Унда |То |Припустимо, що |Припустимо |Онда |Но |Нехай |Лекин |Когато |Када |Кад |К тому же |И |Задато |Задати |Задате |Если |Допустим |Дадено |Ва |Бирок |Аммо |Али |Але |Агар |А |І |Și |És |Zatati |Zakładając |Zadato |Zadate |Zadano |Zadani |Zadan |Youse know when youse got |Youse know like when |Yna |Ya know how |Ya gotta |Y |Wun |Wtedy |When y'all |When |Wenn |WEN |Và |Ve |Und |Un |Thì |Then y'all |Then |Tapi |Tak |Tada |Tad |Så |Stel |Soit |Siis |Si |Sed |Se |Quando |Quand |Quan |Pryd |Pokud |Pokiaľ |Però |Pero |Pak |Oraz |Onda |Ond |Oletetaan |Og |Och |O zaman |Når |När |Niin |Nhưng |N |Mutta |Men |Mas |Maka |Majd |Mais |Maar |Ma |Lorsque |Lorsqu'|Kun |Kuid |Kui |Khi |Keď |Ketika |Když |Kaj |Kai |Kada |Kad |Jeżeli |Ja |Ir |I CAN HAZ |I |Ha |Givun |Givet |Given y'all |Given |Gitt |Gegeven |Gegeben sei |Fakat |Eğer ki |Etant donné |Et |Então |Entonces |Entao |En |Eeldades |E |Duota |Dun |Donitaĵo |Donat |Donada |Do |Diyelim ki |Dengan |Den youse gotta |De |Dato |Dar |Dann |Dan |Dado |Dacă |Daca |DEN |Când |Cuando |Cho |Cept |Cand |Cal |But y'all |But |Buh |Biết |Bet |BUT |Atès |Atunci |Atesa |Anrhegedig a |Angenommen |And y'all |And |An |Ama |Als |Alors |Allora |Ali |Aleshores |Ale |Akkor |Aber |AN |A také |A |\* )`
-
-var featureKeywords = `^(기능|機能|功能|フィーチャ|خاصية|תכונה|Функціонал|Функционалност|Функционал|Фича|Особина|Могућност|Özellik|Właściwość|Tính năng|Trajto|Savybė|Požiadavka|Požadavek|Osobina|Ominaisuus|Omadus|OH HAI|Mogućnost|Mogucnost|Jellemző|Fīča|Funzionalità|Funktionalität|Funkcionalnost|Funkcionalitāte|Funcționalitate|Functionaliteit|Functionalitate|Funcionalitat|Funcionalidade|Fonctionnalité|Fitur|Feature|Egenskap|Egenskab|Crikey|Característica|Arwedd)(:)(.*)$`
-
-var featureElementKeywords = `^(\s*)(시나리오 개요|시나리오|배경|背景|場景大綱|場景|场景大纲|场景|劇本大綱|劇本|剧本大纲|剧本|テンプレ|シナリオテンプレート|シナリオテンプレ|シナリオアウトライン|シナリオ|سيناريو مخطط|سيناريو|الخلفية|תרחיש|תבנית תרחיש|רקע|Тарих|Сценарій|Сценарио|Сценарий структураси|Сценарий|Структура сценарію|Структура сценарија|Структура сценария|Скица|Рамка на сценарий|Пример|Предыстория|Предистория|Позадина|Передумова|Основа|Концепт|Контекст|Założenia|Wharrimean is|Tình huống|The thing of it is|Tausta|Taust|Tapausaihio|Tapaus|Szenariogrundriss|Szenario|Szablon scenariusza|Stsenaarium|Struktura scenarija|Skica|Skenario konsep|Skenario|Situācija|Senaryo taslağı|Senaryo|Scénář|Scénario|Schema dello scenario|Scenārijs pēc parauga|Scenārijs|Scenár|Scenaro|Scenariusz|Scenariul de şablon|Scenariul de sablon|Scenariu|Scenario Outline|Scenario Amlinellol|Scenario|Scenarijus|Scenarijaus šablonas|Scenarij|Scenarie|Rerefons|Raamstsenaarium|Primer|Pozadí|Pozadina|Pozadie|Plan du scénario|Plan du Scénario|Osnova scénáře|Osnova|Náčrt Scénáře|Náčrt Scenáru|Mate|MISHUN SRSLY|MISHUN|Kịch bản|Konturo de la scenaro|Kontext|Konteksts|Kontekstas|Kontekst|Koncept|Khung tình huống|Khung kịch bản|Háttér|Grundlage|Geçmiş|Forgatókönyv vázlat|Forgatókönyv|Fono|Esquema do Cenário|Esquema do Cenario|Esquema del escenario|Esquema de l'escenari|Escenario|Escenari|Dis is what went down|Dasar|Contexto|Contexte|Contesto|Condiţii|Conditii|Cenário|Cenario|Cefndir|Bối cảnh|Blokes|Bakgrunn|Bakgrund|Baggrund|Background|B4|Antecedents|Antecedentes|All y'all|Achtergrond|Abstrakt Scenario|Abstract Scenario)(:)(.*)$`
-
-var examplesKeywords = `^(\s*)(예|例子|例|サンプル|امثلة|דוגמאות|Сценарији|Примери|Приклади|Мисоллар|Значения|Örnekler|Voorbeelden|Variantai|Tapaukset|Scenarios|Scenariji|Scenarijai|Příklady|Példák|Príklady|Przykłady|Primjeri|Primeri|Piemēri|Pavyzdžiai|Paraugs|Juhtumid|Exemplos|Exemples|Exemplele|Exempel|Examples|Esempi|Enghreifftiau|Ekzemploj|Eksempler|Ejemplos|EXAMPLZ|Dữ liệu|Contoh|Cobber|Beispiele)(:)(.*)$`
-
 // Gherkin lexer.
-var Gherkin = internal.Register(MustNewLexer(
+var Gherkin = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Gherkin",
 		Aliases:   []string{"cucumber", "Cucumber", "gherkin", "Gherkin"},
 		Filenames: []string{"*.feature", "*.FEATURE"},
 		MimeTypes: []string{"text/x-gherkin"},
 	},
-	Rules{
+	gherkinRules,
+))
+
+func gherkinRules() Rules {
+	stepKeywords := `^(\s*)(하지만|조건|먼저|만일|만약|단|그리고|그러면|那麼|那么|而且|當|当|前提|假設|假设|假如|假定|但是|但し|並且|并且|同時|同时|もし|ならば|ただし|しかし|かつ|و |متى |لكن |عندما |ثم |بفرض |اذاً |כאשר |וגם |בהינתן |אזי |אז |אבל |Якщо |Унда |То |Припустимо, що |Припустимо |Онда |Но |Нехай |Лекин |Когато |Када |Кад |К тому же |И |Задато |Задати |Задате |Если |Допустим |Дадено |Ва |Бирок |Аммо |Али |Але |Агар |А |І |Și |És |Zatati |Zakładając |Zadato |Zadate |Zadano |Zadani |Zadan |Youse know when youse got |Youse know like when |Yna |Ya know how |Ya gotta |Y |Wun |Wtedy |When y'all |When |Wenn |WEN |Và |Ve |Und |Un |Thì |Then y'all |Then |Tapi |Tak |Tada |Tad |Så |Stel |Soit |Siis |Si |Sed |Se |Quando |Quand |Quan |Pryd |Pokud |Pokiaľ |Però |Pero |Pak |Oraz |Onda |Ond |Oletetaan |Og |Och |O zaman |Når |När |Niin |Nhưng |N |Mutta |Men |Mas |Maka |Majd |Mais |Maar |Ma |Lorsque |Lorsqu'|Kun |Kuid |Kui |Khi |Keď |Ketika |Když |Kaj |Kai |Kada |Kad |Jeżeli |Ja |Ir |I CAN HAZ |I |Ha |Givun |Givet |Given y'all |Given |Gitt |Gegeven |Gegeben sei |Fakat |Eğer ki |Etant donné |Et |Então |Entonces |Entao |En |Eeldades |E |Duota |Dun |Donitaĵo |Donat |Donada |Do |Diyelim ki |Dengan |Den youse gotta |De |Dato |Dar |Dann |Dan |Dado |Dacă |Daca |DEN |Când |Cuando |Cho |Cept |Cand |Cal |But y'all |But |Buh |Biết |Bet |BUT |Atès |Atunci |Atesa |Anrhegedig a |Angenommen |And y'all |And |An |Ama |Als |Alors |Allora |Ali |Aleshores |Ale |Akkor |Aber |AN |A také |A |\* )`
+
+	featureKeywords := `^(기능|機能|功能|フィーチャ|خاصية|תכונה|Функціонал|Функционалност|Функционал|Фича|Особина|Могућност|Özellik|Właściwość|Tính năng|Trajto|Savybė|Požiadavka|Požadavek|Osobina|Ominaisuus|Omadus|OH HAI|Mogućnost|Mogucnost|Jellemző|Fīča|Funzionalità|Funktionalität|Funkcionalnost|Funkcionalitāte|Funcționalitate|Functionaliteit|Functionalitate|Funcionalitat|Funcionalidade|Fonctionnalité|Fitur|Feature|Egenskap|Egenskab|Crikey|Característica|Arwedd)(:)(.*)$`
+
+	featureElementKeywords := `^(\s*)(시나리오 개요|시나리오|배경|背景|場景大綱|場景|场景大纲|场景|劇本大綱|劇本|剧本大纲|剧本|テンプレ|シナリオテンプレート|シナリオテンプレ|シナリオアウトライン|シナリオ|سيناريو مخطط|سيناريو|الخلفية|תרחיש|תבנית תרחיש|רקע|Тарих|Сценарій|Сценарио|Сценарий структураси|Сценарий|Структура сценарію|Структура сценарија|Структура сценария|Скица|Рамка на сценарий|Пример|Предыстория|Предистория|Позадина|Передумова|Основа|Концепт|Контекст|Założenia|Wharrimean is|Tình huống|The thing of it is|Tausta|Taust|Tapausaihio|Tapaus|Szenariogrundriss|Szenario|Szablon scenariusza|Stsenaarium|Struktura scenarija|Skica|Skenario konsep|Skenario|Situācija|Senaryo taslağı|Senaryo|Scénář|Scénario|Schema dello scenario|Scenārijs pēc parauga|Scenārijs|Scenár|Scenaro|Scenariusz|Scenariul de şablon|Scenariul de sablon|Scenariu|Scenario Outline|Scenario Amlinellol|Scenario|Scenarijus|Scenarijaus šablonas|Scenarij|Scenarie|Rerefons|Raamstsenaarium|Primer|Pozadí|Pozadina|Pozadie|Plan du scénario|Plan du Scénario|Osnova scénáře|Osnova|Náčrt Scénáře|Náčrt Scenáru|Mate|MISHUN SRSLY|MISHUN|Kịch bản|Konturo de la scenaro|Kontext|Konteksts|Kontekstas|Kontekst|Koncept|Khung tình huống|Khung kịch bản|Háttér|Grundlage|Geçmiş|Forgatókönyv vázlat|Forgatókönyv|Fono|Esquema do Cenário|Esquema do Cenario|Esquema del escenario|Esquema de l'escenari|Escenario|Escenari|Dis is what went down|Dasar|Contexto|Contexte|Contesto|Condiţii|Conditii|Cenário|Cenario|Cefndir|Bối cảnh|Blokes|Bakgrunn|Bakgrund|Baggrund|Background|B4|Antecedents|Antecedentes|All y'all|Achtergrond|Abstrakt Scenario|Abstract Scenario)(:)(.*)$`
+
+	examplesKeywords := `^(\s*)(예|例子|例|サンプル|امثلة|דוגמאות|Сценарији|Примери|Приклади|Мисоллар|Значения|Örnekler|Voorbeelden|Variantai|Tapaukset|Scenarios|Scenariji|Scenarijai|Příklady|Példák|Príklady|Przykłady|Primjeri|Primeri|Piemēri|Pavyzdžiai|Paraugs|Juhtumid|Exemplos|Exemples|Exemplele|Exempel|Examples|Esempi|Enghreifftiau|Ekzemploj|Eksempler|Ejemplos|EXAMPLZ|Dữ liệu|Contoh|Cobber|Beispiele)(:)(.*)$`
+
+	return Rules{
 		"comments": {
 			{`\s*#.*$`, Comment, nil},
 		},
@@ -114,5 +118,5 @@ var Gherkin = internal.Register(MustNewLexer(
 			{examplesKeywords, ByGroups(NameFunction, Keyword, Keyword, NameFunction), Push("examplesTable")},
 			{`(\s|.)`, NameFunction, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/glsl.go b/vendor/github.com/alecthomas/chroma/lexers/g/glsl.go
index 9b3a3f5a6c..14aa58db3d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/glsl.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/glsl.go
@@ -6,14 +6,18 @@ import (
 )
 
 // GLSL lexer.
-var GLSL = internal.Register(MustNewLexer(
+var GLSL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "GLSL",
 		Aliases:   []string{"glsl"},
 		Filenames: []string{"*.vert", "*.frag", "*.geo"},
 		MimeTypes: []string{"text/x-glslsrc"},
 	},
-	Rules{
+	glslRules,
+))
+
+func glslRules() Rules {
+	return Rules{
 		"root": {
 			{`^#.*`, CommentPreproc, nil},
 			{`//.*`, CommentSingle, nil},
@@ -33,5 +37,5 @@ var GLSL = internal.Register(MustNewLexer(
 			{`\.`, Punctuation, nil},
 			{`\s+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/gnuplot.go b/vendor/github.com/alecthomas/chroma/lexers/g/gnuplot.go
index 77c6363c54..a7a2509418 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/gnuplot.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/gnuplot.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Gnuplot lexer.
-var Gnuplot = internal.Register(MustNewLexer(
+var Gnuplot = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Gnuplot",
 		Aliases:   []string{"gnuplot"},
 		Filenames: []string{"*.plot", "*.plt"},
 		MimeTypes: []string{"text/x-gnuplot"},
 	},
-	Rules{
+	gnuplotRules,
+))
+
+func gnuplotRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			{`bind\b|bin\b|bi\b`, Keyword, Push("bind")},
@@ -113,5 +117,5 @@ var Gnuplot = internal.Register(MustNewLexer(
 			{`functions\b|function\b|functio\b|functi\b|funct\b|func\b|fun\b|fu\b|f\b|set\b|se\b|s\b|terminal\b|termina\b|termin\b|termi\b|term\b|ter\b|te\b|t\b|variables\b|variable\b|variabl\b|variab\b|varia\b|vari\b|var\b|va\b|v\b`, NameBuiltin, nil},
 			Include("genericargs"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/go.go b/vendor/github.com/alecthomas/chroma/lexers/g/go.go
index 8eced079bd..a927b5e099 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/go.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/go.go
@@ -9,7 +9,7 @@ import (
 )
 
 // Go lexer.
-var Go = internal.Register(MustNewLexer(
+var Go = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Go",
 		Aliases:   []string{"go", "golang"},
@@ -17,7 +17,19 @@ var Go = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-gosrc"},
 		EnsureNL:  true,
 	},
-	Rules{
+	goRules,
+).SetAnalyser(func(text string) float32 {
+	if strings.Contains(text, "fmt.") && strings.Contains(text, "package ") {
+		return 0.5
+	}
+	if strings.Contains(text, "package ") {
+		return 0.1
+	}
+	return 0.0
+}))
+
+func goRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`\s+`, Text, nil},
@@ -37,8 +49,8 @@ var Go = internal.Register(MustNewLexer(
 			{`\d+(\.\d+[eE][+\-]?\d+|\.\d*|[eE][+\-]?\d+)`, LiteralNumberFloat, nil},
 			{`\.\d+([eE][+\-]?\d+)?`, LiteralNumberFloat, nil},
 			{`0[0-7]+`, LiteralNumberOct, nil},
-			{`0[xX][0-9a-fA-F]+`, LiteralNumberHex, nil},
-			{`(0|[1-9][0-9]*)`, LiteralNumberInteger, nil},
+			{`0[xX][0-9a-fA-F_]+`, LiteralNumberHex, nil},
+			{`(0|[1-9][0-9_]*)`, LiteralNumberInteger, nil},
 			{`'(\\['"\\abfnrtv]|\\x[0-9a-fA-F]{2}|\\[0-7]{1,3}|\\u[0-9a-fA-F]{4}|\\U[0-9a-fA-F]{8}|[^\\])'`, LiteralStringChar, nil},
 			{"(`)([^`]*)(`)", ByGroups(LiteralString, Using(TypeRemappingLexer(GoTextTemplate, TypeMapping{{Other, LiteralString, nil}})), LiteralString), nil},
 			{`"(\\\\|\\"|[^"])*"`, LiteralString, nil},
@@ -47,58 +59,52 @@ var Go = internal.Register(MustNewLexer(
 			{`[|^<>=!()\[\]{}.,;:]`, Punctuation, nil},
 			{`[^\W\d]\w*`, NameOther, nil},
 		},
-	},
-).SetAnalyser(func(text string) float32 {
-	if strings.Contains(text, "fmt.") && strings.Contains(text, "package ") {
-		return 0.5
-	}
-	if strings.Contains(text, "package ") {
-		return 0.1
 	}
-	return 0.0
-}))
+}
 
-var goTemplateRules = Rules{
-	"root": {
-		{`{{(- )?/\*(.|\n)*?\*/( -)?}}`, CommentMultiline, nil},
-		{`{{[-]?`, CommentPreproc, Push("template")},
-		{`[^{]+`, Other, nil},
-		{`{`, Other, nil},
-	},
-	"template": {
-		{`[-]?}}`, CommentPreproc, Pop(1)},
-		{`(?=}})`, CommentPreproc, Pop(1)}, // Terminate the pipeline
-		{`\(`, Operator, Push("subexpression")},
-		{`"(\\\\|\\"|[^"])*"`, LiteralString, nil},
-		Include("expression"),
-	},
-	"subexpression": {
-		{`\)`, Operator, Pop(1)},
-		Include("expression"),
-	},
-	"expression": {
-		{`\s+`, Whitespace, nil},
-		{`\(`, Operator, Push("subexpression")},
-		{`(range|if|else|while|with|template|end|true|false|nil|and|call|html|index|js|len|not|or|print|printf|println|urlquery|eq|ne|lt|le|gt|ge)\b`, Keyword, nil},
-		{`\||:?=|,`, Operator, nil},
-		{`[$]?[^\W\d]\w*`, NameOther, nil},
-		{`[$]?\.(?:[^\W\d]\w*)?`, NameAttribute, nil},
-		{`"(\\\\|\\"|[^"])*"`, LiteralString, nil},
-		{`-?\d+i`, LiteralNumber, nil},
-		{`-?\d+\.\d*([Ee][-+]\d+)?i`, LiteralNumber, nil},
-		{`\.\d+([Ee][-+]\d+)?i`, LiteralNumber, nil},
-		{`-?\d+[Ee][-+]\d+i`, LiteralNumber, nil},
-		{`-?\d+(\.\d+[eE][+\-]?\d+|\.\d*|[eE][+\-]?\d+)`, LiteralNumberFloat, nil},
-		{`-?\.\d+([eE][+\-]?\d+)?`, LiteralNumberFloat, nil},
-		{`-?0[0-7]+`, LiteralNumberOct, nil},
-		{`-?0[xX][0-9a-fA-F]+`, LiteralNumberHex, nil},
-		{`-?(0|[1-9][0-9]*)`, LiteralNumberInteger, nil},
-		{`'(\\['"\\abfnrtv]|\\x[0-9a-fA-F]{2}|\\[0-7]{1,3}|\\u[0-9a-fA-F]{4}|\\U[0-9a-fA-F]{8}|[^\\])'`, LiteralStringChar, nil},
-		{"`[^`]*`", LiteralString, nil},
-	},
+func goTemplateRules() Rules {
+	return Rules{
+		"root": {
+			{`{{(- )?/\*(.|\n)*?\*/( -)?}}`, CommentMultiline, nil},
+			{`{{[-]?`, CommentPreproc, Push("template")},
+			{`[^{]+`, Other, nil},
+			{`{`, Other, nil},
+		},
+		"template": {
+			{`[-]?}}`, CommentPreproc, Pop(1)},
+			{`(?=}})`, CommentPreproc, Pop(1)}, // Terminate the pipeline
+			{`\(`, Operator, Push("subexpression")},
+			{`"(\\\\|\\"|[^"])*"`, LiteralString, nil},
+			Include("expression"),
+		},
+		"subexpression": {
+			{`\)`, Operator, Pop(1)},
+			Include("expression"),
+		},
+		"expression": {
+			{`\s+`, Whitespace, nil},
+			{`\(`, Operator, Push("subexpression")},
+			{`(range|if|else|while|with|template|end|true|false|nil|and|call|html|index|js|len|not|or|print|printf|println|urlquery|eq|ne|lt|le|gt|ge)\b`, Keyword, nil},
+			{`\||:?=|,`, Operator, nil},
+			{`[$]?[^\W\d]\w*`, NameOther, nil},
+			{`\$|[$]?\.(?:[^\W\d]\w*)?`, NameAttribute, nil},
+			{`"(\\\\|\\"|[^"])*"`, LiteralString, nil},
+			{`-?\d+i`, LiteralNumber, nil},
+			{`-?\d+\.\d*([Ee][-+]\d+)?i`, LiteralNumber, nil},
+			{`\.\d+([Ee][-+]\d+)?i`, LiteralNumber, nil},
+			{`-?\d+[Ee][-+]\d+i`, LiteralNumber, nil},
+			{`-?\d+(\.\d+[eE][+\-]?\d+|\.\d*|[eE][+\-]?\d+)`, LiteralNumberFloat, nil},
+			{`-?\.\d+([eE][+\-]?\d+)?`, LiteralNumberFloat, nil},
+			{`-?0[0-7]+`, LiteralNumberOct, nil},
+			{`-?0[xX][0-9a-fA-F]+`, LiteralNumberHex, nil},
+			{`-?(0|[1-9][0-9]*)`, LiteralNumberInteger, nil},
+			{`'(\\['"\\abfnrtv]|\\x[0-9a-fA-F]{2}|\\[0-7]{1,3}|\\u[0-9a-fA-F]{4}|\\U[0-9a-fA-F]{8}|[^\\])'`, LiteralStringChar, nil},
+			{"`[^`]*`", LiteralString, nil},
+		},
+	}
 }
 
-var GoHTMLTemplate = internal.Register(DelegatingLexer(h.HTML, MustNewLexer(
+var GoHTMLTemplate = internal.Register(DelegatingLexer(h.HTML, MustNewLazyLexer(
 	&Config{
 		Name:    "Go HTML Template",
 		Aliases: []string{"go-html-template"},
@@ -106,7 +112,7 @@ var GoHTMLTemplate = internal.Register(DelegatingLexer(h.HTML, MustNewLexer(
 	goTemplateRules,
 )))
 
-var GoTextTemplate = internal.Register(MustNewLexer(
+var GoTextTemplate = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:    "Go Text Template",
 		Aliases: []string{"go-text-template"},
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/graphql.go b/vendor/github.com/alecthomas/chroma/lexers/g/graphql.go
index a57e693aba..7d465cd4c1 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/graphql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/graphql.go
@@ -6,13 +6,17 @@ import (
 )
 
 // Go lexer.
-var Graphql = internal.Register(MustNewLexer(
+var Graphql = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "GraphQL",
 		Aliases:   []string{"graphql", "graphqls", "gql"},
 		Filenames: []string{"*.graphql", "*.graphqls"},
 	},
-	Rules{
+	graphqlRules,
+))
+
+func graphqlRules() Rules {
+	return Rules{
 		"root": {
 			{`(query|mutation|subscription|fragment|scalar|implements|interface|union|enum|input|type)`, KeywordDeclaration, Push("type")},
 			{`(on|extend|schema|directive|\.\.\.)`, KeywordDeclaration, nil},
@@ -41,5 +45,5 @@ var Graphql = internal.Register(MustNewLexer(
 			{`[^\W\d]\w*`, NameClass, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/g/groovy.go b/vendor/github.com/alecthomas/chroma/lexers/g/groovy.go
index a395415a9a..8d37bd87ed 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/g/groovy.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/g/groovy.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Groovy lexer.
-var Groovy = internal.Register(MustNewLexer(
+var Groovy = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Groovy",
 		Aliases:   []string{"groovy"},
@@ -14,7 +14,11 @@ var Groovy = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-groovy"},
 		DotAll:    true,
 	},
-	Rules{
+	groovyRules,
+))
+
+func groovyRules() Rules {
+	return Rules{
 		"root": {
 			{`#!(.*?)$`, CommentPreproc, Push("base")},
 			Default(Push("base")),
@@ -54,5 +58,5 @@ var Groovy = internal.Register(MustNewLexer(
 		"import": {
 			{`[\w.]+\*?`, NameNamespace, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/handlebars.go b/vendor/github.com/alecthomas/chroma/lexers/h/handlebars.go
index 07072da582..d34ef3a98f 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/handlebars.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/handlebars.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Handlebars lexer.
-var Handlebars = internal.Register(MustNewLexer(
+var Handlebars = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Handlebars",
-		Aliases:   []string{"handlebars"},
-		Filenames: []string{"*.handlebars"},
+		Aliases:   []string{"handlebars", "hbs"},
+		Filenames: []string{"*.handlebars", "*.hbs"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	handlebarsRules,
+))
+
+func handlebarsRules() Rules {
+	return Rules{
 		"root": {
 			{`[^{]+`, Other, nil},
 			{`\{\{!.*\}\}`, Comment, nil},
@@ -52,5 +56,5 @@ var Handlebars = internal.Register(MustNewLexer(
 			{`:?'(\\\\|\\'|[^'])*'`, LiteralStringSingle, nil},
 			{`[0-9](\.[0-9]*)?(eE[+-][0-9])?[flFLdD]?|0[xX][0-9a-fA-F]+[Ll]?`, LiteralNumber, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/haskell.go b/vendor/github.com/alecthomas/chroma/lexers/h/haskell.go
index b018eab484..9780481aa2 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/haskell.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/haskell.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Haskell lexer.
-var Haskell = internal.Register(MustNewLexer(
+var Haskell = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Haskell",
 		Aliases:   []string{"haskell", "hs"},
 		Filenames: []string{"*.hs"},
 		MimeTypes: []string{"text/x-haskell"},
 	},
-	Rules{
+	haskellRules,
+))
+
+func haskellRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`--(?![!#$%&*+./<=>?@^|_~:\\]).*?$`, CommentSingle, nil},
@@ -95,5 +99,5 @@ var Haskell = internal.Register(MustNewLexer(
 			{`\d+`, LiteralStringEscape, Pop(1)},
 			{`\s+\\`, LiteralStringEscape, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/haxe.go b/vendor/github.com/alecthomas/chroma/lexers/h/haxe.go
index 5958543194..cc8c693efe 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/haxe.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/haxe.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Haxe lexer.
-var Haxe = internal.Register(MustNewLexer(
+var Haxe = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Haxe",
 		Aliases:   []string{"hx", "haxe", "hxsl"},
@@ -14,7 +14,11 @@ var Haxe = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/haxe", "text/x-haxe", "text/x-hx"},
 		DotAll:    true,
 	},
-	Rules{
+	haxeRules,
+))
+
+func haxeRules() Rules {
+	return Rules{
 		"root": {
 			Include("spaces"),
 			Include("meta"),
@@ -609,8 +613,8 @@ var Haxe = internal.Register(MustNewLexer(
 			{`\}`, Punctuation, Pop(1)},
 			{`,`, Punctuation, Push("#pop", "object")},
 		},
-	},
-))
+	}
+}
 
 func haxePreProcMutator(state *LexerState) error {
 	stack, ok := state.Get("haxe-pre-proc").([][]string)
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/hcl.go b/vendor/github.com/alecthomas/chroma/lexers/h/hcl.go
index ce7064b58d..7206fba086 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/hcl.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/hcl.go
@@ -6,14 +6,18 @@ import (
 )
 
 // HCL lexer.
-var HCL = internal.Register(MustNewLexer(
+var HCL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "HCL",
 		Aliases:   []string{"hcl"},
 		Filenames: []string{"*.hcl"},
 		MimeTypes: []string{"application/x-hcl"},
 	},
-	Rules{
+	hclRules,
+))
+
+func hclRules() Rules {
+	return Rules{
 		"root": {
 			Include("string"),
 			Include("punctuation"),
@@ -65,5 +69,5 @@ var HCL = internal.Register(MustNewLexer(
 			{`\s+`, Text, nil},
 			{`\\\n`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/hexdump.go b/vendor/github.com/alecthomas/chroma/lexers/h/hexdump.go
index 8b7e7bdda6..0893537496 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/hexdump.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/hexdump.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Hexdump lexer.
-var Hexdump = internal.Register(MustNewLexer(
+var Hexdump = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Hexdump",
 		Aliases:   []string{"hexdump"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	hexdumpRules,
+))
+
+func hexdumpRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			Include("offset"),
@@ -63,5 +67,5 @@ var Hexdump = internal.Register(MustNewLexer(
 			{`\s`, Text, nil},
 			{`^\*`, Punctuation, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/hlb.go b/vendor/github.com/alecthomas/chroma/lexers/h/hlb.go
index 4dcf8ed3ed..6c5f637715 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/hlb.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/hlb.go
@@ -1,4 +1,4 @@
-package lexers
+package h
 
 import (
 	. "github.com/alecthomas/chroma" // nolint
@@ -6,14 +6,18 @@ import (
 )
 
 // HLB lexer.
-var HLB = internal.Register(MustNewLexer(
+var HLB = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "HLB",
 		Aliases:   []string{"hlb"},
 		Filenames: []string{"*.hlb"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	hlbRules,
+))
+
+func hlbRules() Rules {
+	return Rules{
 		"root": {
 			{`(#.*)`, ByGroups(CommentSingle), nil},
 			{`((\b(0(b|B|o|O|x|X)[a-fA-F0-9]+)\b)|(\b(0|[1-9][0-9]*)\b))`, ByGroups(LiteralNumber), nil},
@@ -50,5 +54,5 @@ var HLB = internal.Register(MustNewLexer(
 			{`(\n|\r|\r\n)`, Text, nil},
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/html.go b/vendor/github.com/alecthomas/chroma/lexers/h/html.go
index 07fc27ef55..b9ca1e1d6f 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/html.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/html.go
@@ -8,7 +8,7 @@ import (
 )
 
 // HTML lexer.
-var HTML = internal.Register(MustNewLexer(
+var HTML = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "HTML",
 		Aliases:         []string{"html"},
@@ -18,7 +18,11 @@ var HTML = internal.Register(MustNewLexer(
 		DotAll:          true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	htmlRules,
+))
+
+func htmlRules() Rules {
+	return Rules{
 		"root": {
 			{`[^<&]+`, Text, nil},
 			{`&\S*?;`, NameEntity, nil},
@@ -55,5 +59,5 @@ var HTML = internal.Register(MustNewLexer(
 			{`'.*?'`, LiteralString, Pop(1)},
 			{`[^\s>]+`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/http.go b/vendor/github.com/alecthomas/chroma/lexers/h/http.go
index 135ec73fda..1a0c138c4a 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/http.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/http.go
@@ -8,7 +8,7 @@ import (
 )
 
 // HTTP lexer.
-var HTTP = internal.Register(httpBodyContentTypeLexer(MustNewLexer(
+var HTTP = internal.Register(httpBodyContentTypeLexer(MustNewLazyLexer(
 	&Config{
 		Name:         "HTTP",
 		Aliases:      []string{"http"},
@@ -17,7 +17,11 @@ var HTTP = internal.Register(httpBodyContentTypeLexer(MustNewLexer(
 		NotMultiline: true,
 		DotAll:       true,
 	},
-	Rules{
+	httpRules,
+)))
+
+func httpRules() Rules {
+	return Rules{
 		"root": {
 			{`(GET|POST|PUT|DELETE|HEAD|OPTIONS|TRACE|PATCH|CONNECT)( +)([^ ]+)( +)(HTTP)(/)([12]\.[01])(\r?\n|\Z)`, ByGroups(NameFunction, Text, NameNamespace, Text, KeywordReserved, Operator, LiteralNumber, Text), Push("headers")},
 			{`(HTTP)(/)([12]\.[01])( +)(\d{3})( +)([^\r\n]+)(\r?\n|\Z)`, ByGroups(KeywordReserved, Operator, LiteralNumber, Text, LiteralNumber, Text, NameException, Text), Push("headers")},
@@ -30,8 +34,8 @@ var HTTP = internal.Register(httpBodyContentTypeLexer(MustNewLexer(
 		"content": {
 			{`.+`, EmitterFunc(httpContentBlock), nil},
 		},
-	},
-)))
+	}
+}
 
 func httpContentBlock(groups []string, lexer Lexer) Iterator {
 	tokens := []Token{
diff --git a/vendor/github.com/alecthomas/chroma/lexers/h/hy.go b/vendor/github.com/alecthomas/chroma/lexers/h/hy.go
index 17385e86fe..7a07897993 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/h/hy.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/h/hy.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Hy lexer.
-var Hy = internal.Register(MustNewLexer(
+var Hy = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Hy",
 		Aliases:   []string{"hylang"},
 		Filenames: []string{"*.hy"},
 		MimeTypes: []string{"text/x-hy", "application/x-hy"},
 	},
-	Rules{
+	hyRules,
+))
+
+func hyRules() Rules {
+	return Rules{
 		"root": {
 			{`;.*$`, CommentSingle, nil},
 			{`[,\s]+`, Text, nil},
@@ -47,5 +51,5 @@ var Hy = internal.Register(MustNewLexer(
 			{`(?<!\.)(self|None|Ellipsis|NotImplemented|False|True|cls)\b`, NameBuiltinPseudo, nil},
 			{Words(`(?<!\.)`, `\b`, `ArithmeticError`, `AssertionError`, `AttributeError`, `BaseException`, `DeprecationWarning`, `EOFError`, `EnvironmentError`, `Exception`, `FloatingPointError`, `FutureWarning`, `GeneratorExit`, `IOError`, `ImportError`, `ImportWarning`, `IndentationError`, `IndexError`, `KeyError`, `KeyboardInterrupt`, `LookupError`, `MemoryError`, `NameError`, `NotImplemented`, `NotImplementedError`, `OSError`, `OverflowError`, `OverflowWarning`, `PendingDeprecationWarning`, `ReferenceError`, `RuntimeError`, `RuntimeWarning`, `StandardError`, `StopIteration`, `SyntaxError`, `SyntaxWarning`, `SystemError`, `SystemExit`, `TabError`, `TypeError`, `UnboundLocalError`, `UnicodeDecodeError`, `UnicodeEncodeError`, `UnicodeError`, `UnicodeTranslateError`, `UnicodeWarning`, `UserWarning`, `ValueError`, `VMSError`, `Warning`, `WindowsError`, `ZeroDivisionError`), NameException, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/i/idris.go b/vendor/github.com/alecthomas/chroma/lexers/i/idris.go
index ea25ca215b..fb5378e35b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/i/idris.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/i/idris.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Idris lexer.
-var Idris = internal.Register(MustNewLexer(
+var Idris = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Idris",
 		Aliases:   []string{"idris", "idr"},
 		Filenames: []string{"*.idr"},
 		MimeTypes: []string{"text/x-idris"},
 	},
-	Rules{
+	idrisRules,
+))
+
+func idrisRules() Rules {
+	return Rules{
 		"root": {
 			{`^(\s*)(%lib|link|flag|include|hide|freeze|access|default|logging|dynamic|name|error_handlers|language)`, ByGroups(Text, KeywordReserved), nil},
 			{`(\s*)(--(?![!#$%&*+./<=>?@^|_~:\\]).*?)$`, ByGroups(Text, CommentSingle), nil},
@@ -76,5 +80,5 @@ var Idris = internal.Register(MustNewLexer(
 			{`\d+`, LiteralStringEscape, Pop(1)},
 			{`\s+\\`, LiteralStringEscape, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/i/igor.go b/vendor/github.com/alecthomas/chroma/lexers/i/igor.go
index d704a4fbd9..bbb1d7230b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/i/igor.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/i/igor.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Igor lexer.
-var Igor = internal.Register(MustNewLexer(
+var Igor = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Igor",
 		Aliases:         []string{"igor", "igorpro"},
@@ -14,7 +14,11 @@ var Igor = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/ipf"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	igorRules,
+))
+
+func igorRules() Rules {
+	return Rules{
 		"root": {
 			{`//.*$`, CommentSingle, nil},
 			{`"([^"\\]|\\.)*"`, LiteralString, nil},
@@ -28,5 +32,5 @@ var Igor = internal.Register(MustNewLexer(
 			{`.`, Text, nil},
 			{`\n|\r`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/i/ini.go b/vendor/github.com/alecthomas/chroma/lexers/i/ini.go
index e57f865055..46b2ce2385 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/i/ini.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/i/ini.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Ini lexer.
-var Ini = internal.Register(MustNewLexer(
+var Ini = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "INI",
 		Aliases:   []string{"ini", "cfg", "dosini"},
 		Filenames: []string{"*.ini", "*.cfg", "*.inf", ".gitconfig", ".editorconfig"},
 		MimeTypes: []string{"text/x-ini", "text/inf"},
 	},
-	Rules{
+	iniRules,
+))
+
+func iniRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`[;#].*`, CommentSingle, nil},
@@ -21,5 +25,5 @@ var Ini = internal.Register(MustNewLexer(
 			{`(.*?)([ \t]*)(=)([ \t]*)(.*(?:\n[ \t].+)*)`, ByGroups(NameAttribute, Text, Operator, Text, LiteralString), nil},
 			{`(.+?)$`, NameAttribute, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/i/io.go b/vendor/github.com/alecthomas/chroma/lexers/i/io.go
index 840feeaae1..8b2e53a074 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/i/io.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/i/io.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Io lexer.
-var Io = internal.Register(MustNewLexer(
+var Io = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Io",
 		Aliases:   []string{"io"},
 		Filenames: []string{"*.io"},
 		MimeTypes: []string{"text/x-iosrc"},
 	},
-	Rules{
+	ioRules,
+))
+
+func ioRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`\s+`, Text, nil},
@@ -36,5 +40,5 @@ var Io = internal.Register(MustNewLexer(
 			{`\+/`, CommentMultiline, Pop(1)},
 			{`[+/]`, CommentMultiline, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/internal/api.go b/vendor/github.com/alecthomas/chroma/lexers/internal/api.go
index 08ec6ff7f2..c10eb3a43c 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/internal/api.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/internal/api.go
@@ -146,16 +146,19 @@ func Register(lexer chroma.Lexer) chroma.Lexer {
 	return lexer
 }
 
-// Used for the fallback lexer as well as the explicit plaintext lexer
-var PlaintextRules = chroma.Rules{
-	"root": []chroma.Rule{
-		{`.+`, chroma.Text, nil},
-		{`\n`, chroma.Text, nil},
-	},
+// PlaintextRules is used for the fallback lexer as well as the explicit
+// plaintext lexer.
+func PlaintextRules() chroma.Rules {
+	return chroma.Rules{
+		"root": []chroma.Rule{
+			{`.+`, chroma.Text, nil},
+			{`\n`, chroma.Text, nil},
+		},
+	}
 }
 
 // Fallback lexer if no other is found.
-var Fallback chroma.Lexer = chroma.MustNewLexer(&chroma.Config{
+var Fallback chroma.Lexer = chroma.MustNewLazyLexer(&chroma.Config{
 	Name:      "fallback",
 	Filenames: []string{"*"},
 }, PlaintextRules)
diff --git a/vendor/github.com/alecthomas/chroma/lexers/j/j.go b/vendor/github.com/alecthomas/chroma/lexers/j/j.go
index 686e53b975..9a2a4e3c04 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/j/j.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/j/j.go
@@ -6,14 +6,18 @@ import (
 )
 
 // J lexer.
-var J = internal.Register(MustNewLexer(
+var J = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "J",
 		Aliases:   []string{"j"},
 		Filenames: []string{"*.ijs"},
 		MimeTypes: []string{"text/x-j"},
 	},
-	Rules{
+	jRules,
+))
+
+func jRules() Rules {
+	return Rules{
 		"root": {
 			{`#!.*$`, CommentPreproc, nil},
 			{`NB\..*`, CommentSingle, nil},
@@ -69,5 +73,5 @@ var J = internal.Register(MustNewLexer(
 			{`''`, LiteralString, nil},
 			{`'`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/j/java.go b/vendor/github.com/alecthomas/chroma/lexers/j/java.go
index c6b9a762e4..48a9d9fee8 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/j/java.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/j/java.go
@@ -6,15 +6,20 @@ import (
 )
 
 // Java lexer.
-var Java = internal.Register(MustNewLexer(
+var Java = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Java",
 		Aliases:   []string{"java"},
 		Filenames: []string{"*.java"},
 		MimeTypes: []string{"text/x-java"},
 		DotAll:    true,
+		EnsureNL:  true,
 	},
-	Rules{
+	javaRules,
+))
+
+func javaRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+`, Text, nil},
 			{`//.*?\n`, CommentSingle, nil},
@@ -47,5 +52,5 @@ var Java = internal.Register(MustNewLexer(
 		"import": {
 			{`[\w.]+\*?`, NameNamespace, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/j/javascript.go b/vendor/github.com/alecthomas/chroma/lexers/j/javascript.go
index ffa20c3b10..4dba577c11 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/j/javascript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/j/javascript.go
@@ -26,11 +26,11 @@ var JavascriptRules = Rules{
 		{`\A#! ?/.*?\n`, CommentHashbang, nil},
 		{`^(?=\s|/|<!--)`, Text, Push("slashstartsregex")},
 		Include("commentsandwhitespace"),
-		{`(\.\d+|[0-9]+\.[0-9]*)([eE][-+]?[0-9]+)?`, LiteralNumberFloat, nil},
+		{`\d+(\.\d*|[eE][+\-]?\d+)`, LiteralNumberFloat, nil},
 		{`0[bB][01]+`, LiteralNumberBin, nil},
 		{`0[oO][0-7]+`, LiteralNumberOct, nil},
 		{`0[xX][0-9a-fA-F]+`, LiteralNumberHex, nil},
-		{`[0-9]+`, LiteralNumberInteger, nil},
+		{`[0-9_]+`, LiteralNumberInteger, nil},
 		{`\.\.\.|=>`, Punctuation, nil},
 		{`\+\+|--|~|&&|\?|:|\|\||\\(?=\n)|(<<|>>>?|==?|!=?|[-<>+*%&|^/])=?`, Operator, Push("slashstartsregex")},
 		{`[{(\[;,]`, Punctuation, Push("slashstartsregex")},
@@ -65,7 +65,7 @@ var Javascript = internal.Register(MustNewLexer(
 	&Config{
 		Name:      "JavaScript",
 		Aliases:   []string{"js", "javascript"},
-		Filenames: []string{"*.js", "*.jsm"},
+		Filenames: []string{"*.js", "*.jsm", "*.mjs"},
 		MimeTypes: []string{"application/javascript", "application/x-javascript", "text/x-javascript", "text/javascript"},
 		DotAll:    true,
 		EnsureNL:  true,
diff --git a/vendor/github.com/alecthomas/chroma/lexers/j/json.go b/vendor/github.com/alecthomas/chroma/lexers/j/json.go
index 203adc4873..9a4a3eed18 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/j/json.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/j/json.go
@@ -6,7 +6,7 @@ import (
 )
 
 // JSON lexer.
-var JSON = internal.Register(MustNewLexer(
+var JSON = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:         "JSON",
 		Aliases:      []string{"json"},
@@ -15,7 +15,11 @@ var JSON = internal.Register(MustNewLexer(
 		NotMultiline: true,
 		DotAll:       true,
 	},
-	Rules{
+	jsonRules,
+))
+
+func jsonRules() Rules {
+	return Rules{
 		"whitespace": {
 			{`\s+`, Text, nil},
 		},
@@ -51,5 +55,5 @@ var JSON = internal.Register(MustNewLexer(
 		"root": {
 			Include("value"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/j/jsx.go b/vendor/github.com/alecthomas/chroma/lexers/j/jsx.go
index d5ef0a1d66..2347538d9d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/j/jsx.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/j/jsx.go
@@ -8,7 +8,7 @@ import (
 // JSX lexer.
 //
 // This was generated from https://github.com/fcurella/jsx-lexer
-var JSX = internal.Register(MustNewLexer(
+var JSX = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "react",
 		Aliases:   []string{"jsx", "react"},
@@ -16,7 +16,11 @@ var JSX = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/jsx", "text/typescript-jsx"},
 		DotAll:    true,
 	},
-	Rules{
+	jsxRules,
+))
+
+func jsxRules() Rules {
+	return Rules{
 		"commentsandwhitespace": {
 			{`\s+`, Text, nil},
 			{`<!--`, Comment, nil},
@@ -91,5 +95,5 @@ var JSX = internal.Register(MustNewLexer(
 			{`}`, Punctuation, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/j/julia.go b/vendor/github.com/alecthomas/chroma/lexers/j/julia.go
index 27672a6834..6ea954e4fe 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/j/julia.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/j/julia.go
@@ -6,49 +6,61 @@ import (
 )
 
 // Julia lexer.
-var Julia = internal.Register(MustNewLexer(
+var Julia = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Julia",
 		Aliases:   []string{"julia", "jl"},
 		Filenames: []string{"*.jl"},
 		MimeTypes: []string{"text/x-julia", "application/x-julia"},
 	},
-	Rules{
+	juliaRules,
+))
+
+func juliaRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`[^\S\n]+`, Text, nil},
 			{`#=`, CommentMultiline, Push("blockcomment")},
 			{`#.*$`, Comment, nil},
-			{`[\[\]{}(),;]`, Punctuation, nil},
-			{`in\b`, KeywordPseudo, nil},
-			{`isa\b`, KeywordPseudo, nil},
-			{`(true|false)\b`, KeywordConstant, nil},
-			{`(local|global|const)\b`, KeywordDeclaration, nil},
-			{Words(``, `\b`, `function`, `abstract type`, `primitive type`, `baremodule`, `begin`, `bitstype`, `break`, `catch`, `ccall`, `continue`, `do`, `else`, `elseif`, `end`, `export`, `finally`, `for`, `if`, `import`, `let`, `macro`, `module`, `mutable`, `quote`, `return`, `struct`, `try`, `using`, `while`), Keyword, nil},
-			{Words(``, `\b`, `ASCIIString`, `AbstractArray`, `AbstractChannel`, `AbstractDict`, `AbstractFloat`, `AbstractMatrix`, `AbstractRNG`, `AbstractSparseArray`, `AbstractSparseMatrix`, `AbstractSparseVector`, `AbstractString`, `AbstractVecOrMat`, `AbstractVector`, `Any`, `ArgumentError`, `Array`, `AssertionError`, `Base64DecodePipe`, `Base64EncodePipe`, `Bidiagonal`, `BigFloat`, `BigInt`, `BitArray`, `BitMatrix`, `BitVector`, `Bool`, `BoundsError`, `Box`, `BufferStream`, `CapturedException`, `CartesianIndex`, `CartesianRange`, `Cchar`, `Cdouble`, `Cfloat`, `Channel`, `Char`, `Cint`, `Cintmax_t`, `Clong`, `Clonglong`, `ClusterManager`, `Cmd`, `Coff_t`, `Colon`, `Complex`, `Complex128`, `Complex32`, `Complex64`, `CompositeException`, `Condition`, `Cptrdiff_t`, `Cshort`, `Csize_t`, `Cssize_t`, `Cstring`, `Cuchar`, `Cuint`, `Cuintmax_t`, `Culong`, `Culonglong`, `Cushort`, `Cwchar_t`, `Cwstring`, `DataType`, `Date`, `DateTime`, `DenseArray`, `DenseMatrix`, `DenseVecOrMat`, `DenseVector`, `Diagonal`, `Dict`, `DimensionMismatch`, `Dims`, `DirectIndexString`, `Display`, `DivideError`, `DomainError`, `EOFError`, `EachLine`, `Enum`, `Enumerate`, `ErrorException`, `Exception`, `Expr`, `Factorization`, `FileMonitor`, `FileOffset`, `Filter`, `Float16`, `Float32`, `Float64`, `FloatRange`, `Function`, `GenSym`, `GlobalRef`, `GotoNode`, `HTML`, `Hermitian`, `IO`, `IOBuffer`, `IOStream`, `IPv4`, `IPv6`, `InexactError`, `InitError`, `Int`, `Int128`, `Int16`, `Int32`, `Int64`, `Int8`, `IntSet`, `Integer`, `InterruptException`, `IntrinsicFunction`, `InvalidStateException`, `Irrational`, `KeyError`, `LabelNode`, `LambdaStaticData`, `LinSpace`, `LineNumberNode`, `LoadError`, `LocalProcess`, `LowerTriangular`, `MIME`, `Matrix`, `MersenneTwister`, `Method`, `MethodError`, `MethodTable`, `Module`, `NTuple`, `NewvarNode`, `NullException`, `Nullable`, `Number`, `ObjectIdDict`, `OrdinalRange`, `OutOfMemoryError`, `OverflowError`, `Pair`, `ParseError`, `PartialQuickSort`, `Pipe`, `PollingFileWatcher`, `ProcessExitedException`, `ProcessGroup`, `Ptr`, `QuoteNode`, `RandomDevice`, `Range`, `Rational`, `RawFD`, `ReadOnlyMemoryError`, `Real`, `ReentrantLock`, `Ref`, `Regex`, `RegexMatch`, `RemoteException`, `RemoteRef`, `RepString`, `RevString`, `RopeString`, `RoundingMode`, `SegmentationFault`, `SerializationState`, `Set`, `SharedArray`, `SharedMatrix`, `SharedVector`, `Signed`, `SimpleVector`, `SparseMatrixCSC`, `StackOverflowError`, `StatStruct`, `StepRange`, `StridedArray`, `StridedMatrix`, `StridedVecOrMat`, `StridedVector`, `SubArray`, `SubString`, `SymTridiagonal`, `Symbol`, `SymbolNode`, `Symmetric`, `SystemError`, `TCPSocket`, `Task`, `Text`, `TextDisplay`, `Timer`, `TopNode`, `Tridiagonal`, `Tuple`, `Type`, `TypeConstructor`, `TypeError`, `TypeName`, `TypeVar`, `UDPSocket`, `UInt`, `UInt128`, `UInt16`, `UInt32`, `UInt64`, `UInt8`, `UTF16String`, `UTF32String`, `UTF8String`, `UndefRefError`, `UndefVarError`, `UnicodeError`, `UniformScaling`, `Union`, `UnitRange`, `Unsigned`, `UpperTriangular`, `Val`, `Vararg`, `VecOrMat`, `Vector`, `VersionNumber`, `Void`, `WString`, `WeakKeyDict`, `WeakRef`, `WorkerConfig`, `Zip`), KeywordType, nil},
-			{Words(``, `\b`, `ARGS`, `CPU_CORES`, `C_NULL`, `DevNull`, `ENDIAN_BOM`, `ENV`, `I`, `Inf`, `Inf16`, `Inf32`, `Inf64`, `InsertionSort`, `JULIA_HOME`, `LOAD_PATH`, `MergeSort`, `NaN`, `NaN16`, `NaN32`, `NaN64`, `OS_NAME`, `QuickSort`, `RoundDown`, `RoundFromZero`, `RoundNearest`, `RoundNearestTiesAway`, `RoundNearestTiesUp`, `RoundToZero`, `RoundUp`, `STDERR`, `STDIN`, `STDOUT`, `VERSION`, `WORD_SIZE`, `catalan`, `e`, `eu`, `eulergamma`, `golden`, `im`, `nothing`, `pi`, `γ`, `π`, `φ`), NameBuiltin, nil},
-			{Words(``, ``, `=`, `:=`, `+=`, `-=`, `*=`, `/=`, `//=`, `.//=`, `.*=`, `./=`, `\=`, `.\=`, `^=`, `.^=`, `÷=`, `.÷=`, `%=`, `.%=`, `|=`, `&=`, `$=`, `=>`, `<<=`, `>>=`, `>>>=`, `~`, `.+=`, `.-=`, `?`, `--`, `-->`, `||`, `&&`, `>`, `<`, `>=`, `≥`, `<=`, `≤`, `==`, `===`, `≡`, `!=`, `≠`, `!==`, `≢`, `.>`, `.<`, `.>=`, `.≥`, `.<=`, `.≤`, `.==`, `.!=`, `.≠`, `.=`, `.!`, `<:`, `>:`, `∈`, `∉`, `∋`, `∌`, `⊆`, `⊈`, `⊂`, `⊄`, `⊊`, `|>`, `<|`, `:`, `+`, `-`, `.+`, `.-`, `|`, `∪`, `$`, `<<`, `>>`, `>>>`, `.<<`, `.>>`, `.>>>`, `*`, `/`, `./`, `÷`, `.÷`, `%`, `⋅`, `.%`, `.*`, `\`, `.\`, `&`, `∩`, `//`, `.//`, `^`, `.^`, `::`, `.`, `+`, `-`, `!`, `√`, `∛`, `∜`), Operator, nil},
+			{`[\[\](),;]`, Punctuation, nil},
+			{`((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))(\s*)(:)((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))`, ByGroups(Name, Text, Operator, Name), nil},
+			{`(?<![\]):<>\d.])(:(?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))`, LiteralStringSymbol, nil},
+			{`(?<=::)(\s*)((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))\b(?![(\[])`, ByGroups(Text, KeywordType), nil},
+			{`((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))(\s*)([<>]:)(\s*)((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))\b(?![(\[])`, ByGroups(KeywordType, Text, Operator, Text, KeywordType), nil},
+			{`([<>]:)(\s*)((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))\b(?![(\[])`, ByGroups(Operator, Text, KeywordType), nil},
+			{`\b((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))(\s*)([<>]:)`, ByGroups(KeywordType, Text, Operator), nil},
+			{Words(``, `[²³¹ʰʲʳʷʸˡˢˣᴬᴮᴰᴱᴳᴴᴵᴶᴷᴸᴹᴺᴼᴾᴿᵀᵁᵂᵃᵇᵈᵉᵍᵏᵐᵒᵖᵗᵘᵛᵝᵞᵟᵠᵡᵢᵣᵤᵥᵦᵧᵨᵩᵪᶜᶠᶥᶦᶫᶰᶸᶻᶿ′″‴‵‶‷⁗⁰ⁱ⁴⁵⁶⁷⁸⁹⁺⁻⁼⁽⁾ⁿ₀₁₂₃₄₅₆₇₈₉₊₋₌₍₎ₐₑₒₓₕₖₗₘₙₚₛₜⱼⱽ]*`, `->`, `:=`, `$=`, `?`, `||`, `&&`, `:`, `$`, `::`, `=`, `+=`, `-=`, `*=`, `/=`, `//=`, `\=`, `^=`, `÷=`, `%=`, `<<=`, `>>=`, `>>>=`, `|=`, `&=`, `⊻=`, `≔`, `⩴`, `≕'`, `~`, `=>`, `→`, `↔`, `↚`, `↛`, `↞`, `↠`, `↢`, `↣`, `↦`, `↤`, `↮`, `⇎`, `⇍`, `⇏`, `⇐`, `⇒`, `⇔`, `⇴`, `⇶`, `⇷`, `⇸`, `⇹`, `⇺`, `⇻`, `⇼`, `⇽`, `⇾`, `⇿`, `⟵`, `⟶`, `⟷`, `⟹`, `⟺`, `⟻`, `⟼`, `⟽`, `⟾`, `⟿`, `⤀`, `⤁`, `⤂`, `⤃`, `⤄`, `⤅`, `⤆`, `⤇`, `⤌`, `⤍`, `⤎`, `⤏`, `⤐`, `⤑`, `⤔`, `⤕`, `⤖`, `⤗`, `⤘`, `⤝`, `⤞`, `⤟`, `⤠`, `⥄`, `⥅`, `⥆`, `⥇`, `⥈`, `⥊`, `⥋`, `⥎`, `⥐`, `⥒`, `⥓`, `⥖`, `⥗`, `⥚`, `⥛`, `⥞`, `⥟`, `⥢`, `⥤`, `⥦`, `⥧`, `⥨`, `⥩`, `⥪`, `⥫`, `⥬`, `⥭`, `⥰`, `⧴`, `⬱`, `⬰`, `⬲`, `⬳`, `⬴`, `⬵`, `⬶`, `⬷`, `⬸`, `⬹`, `⬺`, `⬻`, `⬼`, `⬽`, `⬾`, `⬿`, `⭀`, `⭁`, `⭂`, `⭃`, `⭄`, `⭇`, `⭈`, `⭉`, `⭊`, `⭋`, `⭌`, `￩`, `￫`, `⇜`, `⇝`, `↜`, `↝`, `↩`, `↪`, `↫`, `↬`, `↼`, `↽`, `⇀`, `⇁`, `⇄`, `⇆`, `⇇`, `⇉`, `⇋`, `⇌`, `⇚`, `⇛`, `⇠`, `⇢`, `↷`, `↶`, `↺`, `↻`, `-->`, `<--`, `<-->`, `>`, `<`, `>=`, `≥`, `<=`, `≤`, `==`, `===`, `≡`, `!=`, `≠`, `!==`, `≢`, `∈`, `∉`, `∋`, `∌`, `⊆`, `⊈`, `⊂`, `⊄`, `⊊`, `∝`, `∊`, `∍`, `∥`, `∦`, `∷`, `∺`, `∻`, `∽`, `∾`, `≁`, `≃`, `≂`, `≄`, `≅`, `≆`, `≇`, `≈`, `≉`, `≊`, `≋`, `≌`, `≍`, `≎`, `≐`, `≑`, `≒`, `≓`, `≖`, `≗`, `≘`, `≙`, `≚`, `≛`, `≜`, `≝`, `≞`, `≟`, `≣`, `≦`, `≧`, `≨`, `≩`, `≪`, `≫`, `≬`, `≭`, `≮`, `≯`, `≰`, `≱`, `≲`, `≳`, `≴`, `≵`, `≶`, `≷`, `≸`, `≹`, `≺`, `≻`, `≼`, `≽`, `≾`, `≿`, `⊀`, `⊁`, `⊃`, `⊅`, `⊇`, `⊉`, `⊋`, `⊏`, `⊐`, `⊑`, `⊒`, `⊜`, `⊩`, `⊬`, `⊮`, `⊰`, `⊱`, `⊲`, `⊳`, `⊴`, `⊵`, `⊶`, `⊷`, `⋍`, `⋐`, `⋑`, `⋕`, `⋖`, `⋗`, `⋘`, `⋙`, `⋚`, `⋛`, `⋜`, `⋝`, `⋞`, `⋟`, `⋠`, `⋡`, `⋢`, `⋣`, `⋤`, `⋥`, `⋦`, `⋧`, `⋨`, `⋩`, `⋪`, `⋫`, `⋬`, `⋭`, `⋲`, `⋳`, `⋴`, `⋵`, `⋶`, `⋷`, `⋸`, `⋹`, `⋺`, `⋻`, `⋼`, `⋽`, `⋾`, `⋿`, `⟈`, `⟉`, `⟒`, `⦷`, `⧀`, `⧁`, `⧡`, `⧣`, `⧤`, `⧥`, `⩦`, `⩧`, `⩪`, `⩫`, `⩬`, `⩭`, `⩮`, `⩯`, `⩰`, `⩱`, `⩲`, `⩳`, `⩵`, `⩶`, `⩷`, `⩸`, `⩹`, `⩺`, `⩻`, `⩼`, `⩽`, `⩾`, `⩿`, `⪀`, `⪁`, `⪂`, `⪃`, `⪄`, `⪅`, `⪆`, `⪇`, `⪈`, `⪉`, `⪊`, `⪋`, `⪌`, `⪍`, `⪎`, `⪏`, `⪐`, `⪑`, `⪒`, `⪓`, `⪔`, `⪕`, `⪖`, `⪗`, `⪘`, `⪙`, `⪚`, `⪛`, `⪜`, `⪝`, `⪞`, `⪟`, `⪠`, `⪡`, `⪢`, `⪣`, `⪤`, `⪥`, `⪦`, `⪧`, `⪨`, `⪩`, `⪪`, `⪫`, `⪬`, `⪭`, `⪮`, `⪯`, `⪰`, `⪱`, `⪲`, `⪳`, `⪴`, `⪵`, `⪶`, `⪷`, `⪸`, `⪹`, `⪺`, `⪻`, `⪼`, `⪽`, `⪾`, `⪿`, `⫀`, `⫁`, `⫂`, `⫃`, `⫄`, `⫅`, `⫆`, `⫇`, `⫈`, `⫉`, `⫊`, `⫋`, `⫌`, `⫍`, `⫎`, `⫏`, `⫐`, `⫑`, `⫒`, `⫓`, `⫔`, `⫕`, `⫖`, `⫗`, `⫘`, `⫙`, `⫷`, `⫸`, `⫹`, `⫺`, `⊢`, `⊣`, `⟂`, `<:`, `>:`, `<|`, `|>`, `…`, `⁝`, `⋮`, `⋱`, `⋰`, `⋯`, `+`, `-`, `¦`, `|`, `⊕`, `⊖`, `⊞`, `⊟`, `++`, `∪`, `∨`, `⊔`, `±`, `∓`, `∔`, `∸`, `≏`, `⊎`, `⊻`, `⊽`, `⋎`, `⋓`, `⧺`, `⧻`, `⨈`, `⨢`, `⨣`, `⨤`, `⨥`, `⨦`, `⨧`, `⨨`, `⨩`, `⨪`, `⨫`, `⨬`, `⨭`, `⨮`, `⨹`, `⨺`, `⩁`, `⩂`, `⩅`, `⩊`, `⩌`, `⩏`, `⩐`, `⩒`, `⩔`, `⩖`, `⩗`, `⩛`, `⩝`, `⩡`, `⩢`, `⩣`, `*`, `/`, `⌿`, `÷`, `%`, `&`, `⋅`, `∘`, `×`, `\`, `∩`, `∧`, `⊗`, `⊘`, `⊙`, `⊚`, `⊛`, `⊠`, `⊡`, `⊓`, `∗`, `∙`, `∤`, `⅋`, `≀`, `⊼`, `⋄`, `⋆`, `⋇`, `⋉`, `⋊`, `⋋`, `⋌`, `⋏`, `⋒`, `⟑`, `⦸`, `⦼`, `⦾`, `⦿`, `⧶`, `⧷`, `⨇`, `⨰`, `⨱`, `⨲`, `⨳`, `⨴`, `⨵`, `⨶`, `⨷`, `⨸`, `⨻`, `⨼`, `⨽`, `⩀`, `⩃`, `⩄`, `⩋`, `⩍`, `⩎`, `⩑`, `⩓`, `⩕`, `⩘`, `⩚`, `⩜`, `⩞`, `⩟`, `⩠`, `⫛`, `⊍`, `▷`, `⨝`, `⟕`, `⟖`, `⟗`, `⨟`, `//`, `>>`, `<<`, `>>>`, `^`, `↑`, `↓`, `⇵`, `⟰`, `⟱`, `⤈`, `⤉`, `⤊`, `⤋`, `⤒`, `⤓`, `⥉`, `⥌`, `⥍`, `⥏`, `⥑`, `⥔`, `⥕`, `⥘`, `⥙`, `⥜`, `⥝`, `⥠`, `⥡`, `⥣`, `⥥`, `⥮`, `⥯`, `￪`, `￬`, `!`, `¬`, `√`, `∛`, `∜`), Operator, nil},
+			{Words(``, `[²³¹ʰʲʳʷʸˡˢˣᴬᴮᴰᴱᴳᴴᴵᴶᴷᴸᴹᴺᴼᴾᴿᵀᵁᵂᵃᵇᵈᵉᵍᵏᵐᵒᵖᵗᵘᵛᵝᵞᵟᵠᵡᵢᵣᵤᵥᵦᵧᵨᵩᵪᶜᶠᶥᶦᶫᶰᶸᶻᶿ′″‴‵‶‷⁗⁰ⁱ⁴⁵⁶⁷⁸⁹⁺⁻⁼⁽⁾ⁿ₀₁₂₃₄₅₆₇₈₉₊₋₌₍₎ₐₑₒₓₕₖₗₘₙₚₛₜⱼⱽ]*`, `.=`, `.+=`, `.-=`, `.*=`, `./=`, `.//=`, `.\=`, `.^=`, `.÷=`, `.%=`, `.<<=`, `.>>=`, `.>>>=`, `.|=`, `.&=`, `.⊻=`, `.≔`, `.⩴`, `.≕'`, `.~`, `.=>`, `.→`, `.↔`, `.↚`, `.↛`, `.↞`, `.↠`, `.↢`, `.↣`, `.↦`, `.↤`, `.↮`, `.⇎`, `.⇍`, `.⇏`, `.⇐`, `.⇒`, `.⇔`, `.⇴`, `.⇶`, `.⇷`, `.⇸`, `.⇹`, `.⇺`, `.⇻`, `.⇼`, `.⇽`, `.⇾`, `.⇿`, `.⟵`, `.⟶`, `.⟷`, `.⟹`, `.⟺`, `.⟻`, `.⟼`, `.⟽`, `.⟾`, `.⟿`, `.⤀`, `.⤁`, `.⤂`, `.⤃`, `.⤄`, `.⤅`, `.⤆`, `.⤇`, `.⤌`, `.⤍`, `.⤎`, `.⤏`, `.⤐`, `.⤑`, `.⤔`, `.⤕`, `.⤖`, `.⤗`, `.⤘`, `.⤝`, `.⤞`, `.⤟`, `.⤠`, `.⥄`, `.⥅`, `.⥆`, `.⥇`, `.⥈`, `.⥊`, `.⥋`, `.⥎`, `.⥐`, `.⥒`, `.⥓`, `.⥖`, `.⥗`, `.⥚`, `.⥛`, `.⥞`, `.⥟`, `.⥢`, `.⥤`, `.⥦`, `.⥧`, `.⥨`, `.⥩`, `.⥪`, `.⥫`, `.⥬`, `.⥭`, `.⥰`, `.⧴`, `.⬱`, `.⬰`, `.⬲`, `.⬳`, `.⬴`, `.⬵`, `.⬶`, `.⬷`, `.⬸`, `.⬹`, `.⬺`, `.⬻`, `.⬼`, `.⬽`, `.⬾`, `.⬿`, `.⭀`, `.⭁`, `.⭂`, `.⭃`, `.⭄`, `.⭇`, `.⭈`, `.⭉`, `.⭊`, `.⭋`, `.⭌`, `.￩`, `.￫`, `.⇜`, `.⇝`, `.↜`, `.↝`, `.↩`, `.↪`, `.↫`, `.↬`, `.↼`, `.↽`, `.⇀`, `.⇁`, `.⇄`, `.⇆`, `.⇇`, `.⇉`, `.⇋`, `.⇌`, `.⇚`, `.⇛`, `.⇠`, `.⇢`, `.↷`, `.↶`, `.↺`, `.↻`, `.-->`, `.<--`, `.<-->`, `.>`, `.<`, `.>=`, `.≥`, `.<=`, `.≤`, `.==`, `.===`, `.≡`, `.!=`, `.≠`, `.!==`, `.≢`, `.∈`, `.∉`, `.∋`, `.∌`, `.⊆`, `.⊈`, `.⊂`, `.⊄`, `.⊊`, `.∝`, `.∊`, `.∍`, `.∥`, `.∦`, `.∷`, `.∺`, `.∻`, `.∽`, `.∾`, `.≁`, `.≃`, `.≂`, `.≄`, `.≅`, `.≆`, `.≇`, `.≈`, `.≉`, `.≊`, `.≋`, `.≌`, `.≍`, `.≎`, `.≐`, `.≑`, `.≒`, `.≓`, `.≖`, `.≗`, `.≘`, `.≙`, `.≚`, `.≛`, `.≜`, `.≝`, `.≞`, `.≟`, `.≣`, `.≦`, `.≧`, `.≨`, `.≩`, `.≪`, `.≫`, `.≬`, `.≭`, `.≮`, `.≯`, `.≰`, `.≱`, `.≲`, `.≳`, `.≴`, `.≵`, `.≶`, `.≷`, `.≸`, `.≹`, `.≺`, `.≻`, `.≼`, `.≽`, `.≾`, `.≿`, `.⊀`, `.⊁`, `.⊃`, `.⊅`, `.⊇`, `.⊉`, `.⊋`, `.⊏`, `.⊐`, `.⊑`, `.⊒`, `.⊜`, `.⊩`, `.⊬`, `.⊮`, `.⊰`, `.⊱`, `.⊲`, `.⊳`, `.⊴`, `.⊵`, `.⊶`, `.⊷`, `.⋍`, `.⋐`, `.⋑`, `.⋕`, `.⋖`, `.⋗`, `.⋘`, `.⋙`, `.⋚`, `.⋛`, `.⋜`, `.⋝`, `.⋞`, `.⋟`, `.⋠`, `.⋡`, `.⋢`, `.⋣`, `.⋤`, `.⋥`, `.⋦`, `.⋧`, `.⋨`, `.⋩`, `.⋪`, `.⋫`, `.⋬`, `.⋭`, `.⋲`, `.⋳`, `.⋴`, `.⋵`, `.⋶`, `.⋷`, `.⋸`, `.⋹`, `.⋺`, `.⋻`, `.⋼`, `.⋽`, `.⋾`, `.⋿`, `.⟈`, `.⟉`, `.⟒`, `.⦷`, `.⧀`, `.⧁`, `.⧡`, `.⧣`, `.⧤`, `.⧥`, `.⩦`, `.⩧`, `.⩪`, `.⩫`, `.⩬`, `.⩭`, `.⩮`, `.⩯`, `.⩰`, `.⩱`, `.⩲`, `.⩳`, `.⩵`, `.⩶`, `.⩷`, `.⩸`, `.⩹`, `.⩺`, `.⩻`, `.⩼`, `.⩽`, `.⩾`, `.⩿`, `.⪀`, `.⪁`, `.⪂`, `.⪃`, `.⪄`, `.⪅`, `.⪆`, `.⪇`, `.⪈`, `.⪉`, `.⪊`, `.⪋`, `.⪌`, `.⪍`, `.⪎`, `.⪏`, `.⪐`, `.⪑`, `.⪒`, `.⪓`, `.⪔`, `.⪕`, `.⪖`, `.⪗`, `.⪘`, `.⪙`, `.⪚`, `.⪛`, `.⪜`, `.⪝`, `.⪞`, `.⪟`, `.⪠`, `.⪡`, `.⪢`, `.⪣`, `.⪤`, `.⪥`, `.⪦`, `.⪧`, `.⪨`, `.⪩`, `.⪪`, `.⪫`, `.⪬`, `.⪭`, `.⪮`, `.⪯`, `.⪰`, `.⪱`, `.⪲`, `.⪳`, `.⪴`, `.⪵`, `.⪶`, `.⪷`, `.⪸`, `.⪹`, `.⪺`, `.⪻`, `.⪼`, `.⪽`, `.⪾`, `.⪿`, `.⫀`, `.⫁`, `.⫂`, `.⫃`, `.⫄`, `.⫅`, `.⫆`, `.⫇`, `.⫈`, `.⫉`, `.⫊`, `.⫋`, `.⫌`, `.⫍`, `.⫎`, `.⫏`, `.⫐`, `.⫑`, `.⫒`, `.⫓`, `.⫔`, `.⫕`, `.⫖`, `.⫗`, `.⫘`, `.⫙`, `.⫷`, `.⫸`, `.⫹`, `.⫺`, `.⊢`, `.⊣`, `.⟂`, `.<:`, `.>:`, `.<|`, `.|>`, `.…`, `.⁝`, `.⋮`, `.⋱`, `.⋰`, `.⋯`, `.+`, `.-`, `.¦`, `.|`, `.⊕`, `.⊖`, `.⊞`, `.⊟`, `.++`, `.∪`, `.∨`, `.⊔`, `.±`, `.∓`, `.∔`, `.∸`, `.≏`, `.⊎`, `.⊻`, `.⊽`, `.⋎`, `.⋓`, `.⧺`, `.⧻`, `.⨈`, `.⨢`, `.⨣`, `.⨤`, `.⨥`, `.⨦`, `.⨧`, `.⨨`, `.⨩`, `.⨪`, `.⨫`, `.⨬`, `.⨭`, `.⨮`, `.⨹`, `.⨺`, `.⩁`, `.⩂`, `.⩅`, `.⩊`, `.⩌`, `.⩏`, `.⩐`, `.⩒`, `.⩔`, `.⩖`, `.⩗`, `.⩛`, `.⩝`, `.⩡`, `.⩢`, `.⩣`, `.*`, `./`, `.⌿`, `.÷`, `.%`, `.&`, `.⋅`, `.∘`, `.×`, `.\`, `.∩`, `.∧`, `.⊗`, `.⊘`, `.⊙`, `.⊚`, `.⊛`, `.⊠`, `.⊡`, `.⊓`, `.∗`, `.∙`, `.∤`, `.⅋`, `.≀`, `.⊼`, `.⋄`, `.⋆`, `.⋇`, `.⋉`, `.⋊`, `.⋋`, `.⋌`, `.⋏`, `.⋒`, `.⟑`, `.⦸`, `.⦼`, `.⦾`, `.⦿`, `.⧶`, `.⧷`, `.⨇`, `.⨰`, `.⨱`, `.⨲`, `.⨳`, `.⨴`, `.⨵`, `.⨶`, `.⨷`, `.⨸`, `.⨻`, `.⨼`, `.⨽`, `.⩀`, `.⩃`, `.⩄`, `.⩋`, `.⩍`, `.⩎`, `.⩑`, `.⩓`, `.⩕`, `.⩘`, `.⩚`, `.⩜`, `.⩞`, `.⩟`, `.⩠`, `.⫛`, `.⊍`, `.▷`, `.⨝`, `.⟕`, `.⟖`, `.⟗`, `.⨟`, `.//`, `.>>`, `.<<`, `.>>>`, `.^`, `.↑`, `.↓`, `.⇵`, `.⟰`, `.⟱`, `.⤈`, `.⤉`, `.⤊`, `.⤋`, `.⤒`, `.⤓`, `.⥉`, `.⥌`, `.⥍`, `.⥏`, `.⥑`, `.⥔`, `.⥕`, `.⥘`, `.⥙`, `.⥜`, `.⥝`, `.⥠`, `.⥡`, `.⥣`, `.⥥`, `.⥮`, `.⥯`, `.￪`, `.￬`, `.!`, `.¬`, `.√`, `.∛`, `.∜`), Operator, nil},
+			{Words(``, ``, `...`, `..`), Operator, nil},
 			{`'(\\.|\\[0-7]{1,3}|\\x[a-fA-F0-9]{1,3}|\\u[a-fA-F0-9]{1,4}|\\U[a-fA-F0-9]{1,6}|[^\\\'\n])'`, LiteralStringChar, nil},
-			{`(?<=[.\w)\]])\'+`, Operator, nil},
-			{`"""`, LiteralString, Push("tqstring")},
-			{`"`, LiteralString, Push("string")},
-			{`r"""`, LiteralStringRegex, Push("tqregex")},
-			{`r"`, LiteralStringRegex, Push("regex")},
-			{"`", LiteralStringBacktick, Push("command")},
-			{`((?:[a-zA-Z_¡-￿]|[𐀀-􏿿])(?:[a-zA-Z_0-9¡-￿]|[𐀀-􏿿])*!*)(')?`, ByGroups(Name, Operator), nil},
-			{`(@(?:[a-zA-Z_¡-￿]|[𐀀-􏿿])(?:[a-zA-Z_0-9¡-￿]|[𐀀-􏿿])*!*)(')?`, ByGroups(NameDecorator, Operator), nil},
-			{`(\d+(_\d+)+\.\d*|\d*\.\d+(_\d+)+)([eEf][+-]?[0-9]+)?`, LiteralNumberFloat, nil},
-			{`(\d+\.\d*|\d*\.\d+)([eEf][+-]?[0-9]+)?`, LiteralNumberFloat, nil},
-			{`\d+(_\d+)+[eEf][+-]?[0-9]+`, LiteralNumberFloat, nil},
-			{`\d+[eEf][+-]?[0-9]+`, LiteralNumberFloat, nil},
-			{`0b[01]+(_[01]+)+`, LiteralNumberBin, nil},
-			{`0b[01]+`, LiteralNumberBin, nil},
-			{`0o[0-7]+(_[0-7]+)+`, LiteralNumberOct, nil},
-			{`0o[0-7]+`, LiteralNumberOct, nil},
-			{`0x[a-fA-F0-9]+(_[a-fA-F0-9]+)+`, LiteralNumberHex, nil},
-			{`0x[a-fA-F0-9]+`, LiteralNumberHex, nil},
-			{`\d+(_\d+)+`, LiteralNumberInteger, nil},
-			{`\d+`, LiteralNumberInteger, nil},
+			{`(?<=[.\w)\]])(\'[²³¹ʰʲʳʷʸˡˢˣᴬᴮᴰᴱᴳᴴᴵᴶᴷᴸᴹᴺᴼᴾᴿᵀᵁᵂᵃᵇᵈᵉᵍᵏᵐᵒᵖᵗᵘᵛᵝᵞᵟᵠᵡᵢᵣᵤᵥᵦᵧᵨᵩᵪᶜᶠᶥᶦᶫᶰᶸᶻᶿ′″‴‵‶‷⁗⁰ⁱ⁴⁵⁶⁷⁸⁹⁺⁻⁼⁽⁾ⁿ₀₁₂₃₄₅₆₇₈₉₊₋₌₍₎ₐₑₒₓₕₖₗₘₙₚₛₜⱼⱽ]*)+`, Operator, nil},
+			{`(raw)(""")`, ByGroups(LiteralStringAffix, LiteralString), Push("tqrawstring")},
+			{`(raw)(")`, ByGroups(LiteralStringAffix, LiteralString), Push("rawstring")},
+			{`(r)(""")`, ByGroups(LiteralStringAffix, LiteralStringRegex), Push("tqregex")},
+			{`(r)(")`, ByGroups(LiteralStringAffix, LiteralStringRegex), Push("regex")},
+			{`((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))?(""")`, ByGroups(LiteralStringAffix, LiteralString), Push("tqstring")},
+			{`((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))?(")`, ByGroups(LiteralStringAffix, LiteralString), Push("string")},
+			{"((?:[a-zA-Z_\u00a1-\U0010ffff][a-zA-Z_0-9!\u00a1-\U0010ffff]*))?(```)", ByGroups(LiteralStringAffix, LiteralStringBacktick), Push("tqcommand")},
+			{"((?:[a-zA-Z_\u00a1-\U0010ffff][a-zA-Z_0-9!\u00a1-\U0010ffff]*))?(`)", ByGroups(LiteralStringAffix, LiteralStringBacktick), Push("command")},
+			{`((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))(\{)`, ByGroups(KeywordType, Punctuation), Push("curly")},
+			{`(where)(\s+)((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))`, ByGroups(Keyword, Text, KeywordType), nil},
+			{`(\{)`, Punctuation, Push("curly")},
+			{`(abstract[ \t]+type|primitive[ \t]+type|mutable[ \t]+struct|struct)([\s()]+)((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*))`, ByGroups(Keyword, Text, KeywordType), nil},
+			{`@(?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*)`, NameDecorator, nil},
+			{Words(`@`, `[²³¹ʰʲʳʷʸˡˢˣᴬᴮᴰᴱᴳᴴᴵᴶᴷᴸᴹᴺᴼᴾᴿᵀᵁᵂᵃᵇᵈᵉᵍᵏᵐᵒᵖᵗᵘᵛᵝᵞᵟᵠᵡᵢᵣᵤᵥᵦᵧᵨᵩᵪᶜᶠᶥᶦᶫᶰᶸᶻᶿ′″‴‵‶‷⁗⁰ⁱ⁴⁵⁶⁷⁸⁹⁺⁻⁼⁽⁾ⁿ₀₁₂₃₄₅₆₇₈₉₊₋₌₍₎ₐₑₒₓₕₖₗₘₙₚₛₜⱼⱽ]*`, `->`, `:=`, `$=`, `?`, `||`, `&&`, `:`, `$`, `::`, `..`, `.`, `=`, `+=`, `-=`, `*=`, `/=`, `//=`, `\=`, `^=`, `÷=`, `%=`, `<<=`, `>>=`, `>>>=`, `|=`, `&=`, `⊻=`, `≔`, `⩴`, `≕'`, `~`, `=>`, `→`, `↔`, `↚`, `↛`, `↞`, `↠`, `↢`, `↣`, `↦`, `↤`, `↮`, `⇎`, `⇍`, `⇏`, `⇐`, `⇒`, `⇔`, `⇴`, `⇶`, `⇷`, `⇸`, `⇹`, `⇺`, `⇻`, `⇼`, `⇽`, `⇾`, `⇿`, `⟵`, `⟶`, `⟷`, `⟹`, `⟺`, `⟻`, `⟼`, `⟽`, `⟾`, `⟿`, `⤀`, `⤁`, `⤂`, `⤃`, `⤄`, `⤅`, `⤆`, `⤇`, `⤌`, `⤍`, `⤎`, `⤏`, `⤐`, `⤑`, `⤔`, `⤕`, `⤖`, `⤗`, `⤘`, `⤝`, `⤞`, `⤟`, `⤠`, `⥄`, `⥅`, `⥆`, `⥇`, `⥈`, `⥊`, `⥋`, `⥎`, `⥐`, `⥒`, `⥓`, `⥖`, `⥗`, `⥚`, `⥛`, `⥞`, `⥟`, `⥢`, `⥤`, `⥦`, `⥧`, `⥨`, `⥩`, `⥪`, `⥫`, `⥬`, `⥭`, `⥰`, `⧴`, `⬱`, `⬰`, `⬲`, `⬳`, `⬴`, `⬵`, `⬶`, `⬷`, `⬸`, `⬹`, `⬺`, `⬻`, `⬼`, `⬽`, `⬾`, `⬿`, `⭀`, `⭁`, `⭂`, `⭃`, `⭄`, `⭇`, `⭈`, `⭉`, `⭊`, `⭋`, `⭌`, `￩`, `￫`, `⇜`, `⇝`, `↜`, `↝`, `↩`, `↪`, `↫`, `↬`, `↼`, `↽`, `⇀`, `⇁`, `⇄`, `⇆`, `⇇`, `⇉`, `⇋`, `⇌`, `⇚`, `⇛`, `⇠`, `⇢`, `↷`, `↶`, `↺`, `↻`, `-->`, `<--`, `<-->`, `>`, `<`, `>=`, `≥`, `<=`, `≤`, `==`, `===`, `≡`, `!=`, `≠`, `!==`, `≢`, `∈`, `∉`, `∋`, `∌`, `⊆`, `⊈`, `⊂`, `⊄`, `⊊`, `∝`, `∊`, `∍`, `∥`, `∦`, `∷`, `∺`, `∻`, `∽`, `∾`, `≁`, `≃`, `≂`, `≄`, `≅`, `≆`, `≇`, `≈`, `≉`, `≊`, `≋`, `≌`, `≍`, `≎`, `≐`, `≑`, `≒`, `≓`, `≖`, `≗`, `≘`, `≙`, `≚`, `≛`, `≜`, `≝`, `≞`, `≟`, `≣`, `≦`, `≧`, `≨`, `≩`, `≪`, `≫`, `≬`, `≭`, `≮`, `≯`, `≰`, `≱`, `≲`, `≳`, `≴`, `≵`, `≶`, `≷`, `≸`, `≹`, `≺`, `≻`, `≼`, `≽`, `≾`, `≿`, `⊀`, `⊁`, `⊃`, `⊅`, `⊇`, `⊉`, `⊋`, `⊏`, `⊐`, `⊑`, `⊒`, `⊜`, `⊩`, `⊬`, `⊮`, `⊰`, `⊱`, `⊲`, `⊳`, `⊴`, `⊵`, `⊶`, `⊷`, `⋍`, `⋐`, `⋑`, `⋕`, `⋖`, `⋗`, `⋘`, `⋙`, `⋚`, `⋛`, `⋜`, `⋝`, `⋞`, `⋟`, `⋠`, `⋡`, `⋢`, `⋣`, `⋤`, `⋥`, `⋦`, `⋧`, `⋨`, `⋩`, `⋪`, `⋫`, `⋬`, `⋭`, `⋲`, `⋳`, `⋴`, `⋵`, `⋶`, `⋷`, `⋸`, `⋹`, `⋺`, `⋻`, `⋼`, `⋽`, `⋾`, `⋿`, `⟈`, `⟉`, `⟒`, `⦷`, `⧀`, `⧁`, `⧡`, `⧣`, `⧤`, `⧥`, `⩦`, `⩧`, `⩪`, `⩫`, `⩬`, `⩭`, `⩮`, `⩯`, `⩰`, `⩱`, `⩲`, `⩳`, `⩵`, `⩶`, `⩷`, `⩸`, `⩹`, `⩺`, `⩻`, `⩼`, `⩽`, `⩾`, `⩿`, `⪀`, `⪁`, `⪂`, `⪃`, `⪄`, `⪅`, `⪆`, `⪇`, `⪈`, `⪉`, `⪊`, `⪋`, `⪌`, `⪍`, `⪎`, `⪏`, `⪐`, `⪑`, `⪒`, `⪓`, `⪔`, `⪕`, `⪖`, `⪗`, `⪘`, `⪙`, `⪚`, `⪛`, `⪜`, `⪝`, `⪞`, `⪟`, `⪠`, `⪡`, `⪢`, `⪣`, `⪤`, `⪥`, `⪦`, `⪧`, `⪨`, `⪩`, `⪪`, `⪫`, `⪬`, `⪭`, `⪮`, `⪯`, `⪰`, `⪱`, `⪲`, `⪳`, `⪴`, `⪵`, `⪶`, `⪷`, `⪸`, `⪹`, `⪺`, `⪻`, `⪼`, `⪽`, `⪾`, `⪿`, `⫀`, `⫁`, `⫂`, `⫃`, `⫄`, `⫅`, `⫆`, `⫇`, `⫈`, `⫉`, `⫊`, `⫋`, `⫌`, `⫍`, `⫎`, `⫏`, `⫐`, `⫑`, `⫒`, `⫓`, `⫔`, `⫕`, `⫖`, `⫗`, `⫘`, `⫙`, `⫷`, `⫸`, `⫹`, `⫺`, `⊢`, `⊣`, `⟂`, `<:`, `>:`, `<|`, `|>`, `…`, `⁝`, `⋮`, `⋱`, `⋰`, `⋯`, `+`, `-`, `¦`, `|`, `⊕`, `⊖`, `⊞`, `⊟`, `++`, `∪`, `∨`, `⊔`, `±`, `∓`, `∔`, `∸`, `≏`, `⊎`, `⊻`, `⊽`, `⋎`, `⋓`, `⧺`, `⧻`, `⨈`, `⨢`, `⨣`, `⨤`, `⨥`, `⨦`, `⨧`, `⨨`, `⨩`, `⨪`, `⨫`, `⨬`, `⨭`, `⨮`, `⨹`, `⨺`, `⩁`, `⩂`, `⩅`, `⩊`, `⩌`, `⩏`, `⩐`, `⩒`, `⩔`, `⩖`, `⩗`, `⩛`, `⩝`, `⩡`, `⩢`, `⩣`, `*`, `/`, `⌿`, `÷`, `%`, `&`, `⋅`, `∘`, `×`, `\`, `∩`, `∧`, `⊗`, `⊘`, `⊙`, `⊚`, `⊛`, `⊠`, `⊡`, `⊓`, `∗`, `∙`, `∤`, `⅋`, `≀`, `⊼`, `⋄`, `⋆`, `⋇`, `⋉`, `⋊`, `⋋`, `⋌`, `⋏`, `⋒`, `⟑`, `⦸`, `⦼`, `⦾`, `⦿`, `⧶`, `⧷`, `⨇`, `⨰`, `⨱`, `⨲`, `⨳`, `⨴`, `⨵`, `⨶`, `⨷`, `⨸`, `⨻`, `⨼`, `⨽`, `⩀`, `⩃`, `⩄`, `⩋`, `⩍`, `⩎`, `⩑`, `⩓`, `⩕`, `⩘`, `⩚`, `⩜`, `⩞`, `⩟`, `⩠`, `⫛`, `⊍`, `▷`, `⨝`, `⟕`, `⟖`, `⟗`, `⨟`, `//`, `>>`, `<<`, `>>>`, `^`, `↑`, `↓`, `⇵`, `⟰`, `⟱`, `⤈`, `⤉`, `⤊`, `⤋`, `⤒`, `⤓`, `⥉`, `⥌`, `⥍`, `⥏`, `⥑`, `⥔`, `⥕`, `⥘`, `⥙`, `⥜`, `⥝`, `⥠`, `⥡`, `⥣`, `⥥`, `⥮`, `⥯`, `￪`, `￬`, `!`, `¬`, `√`, `∛`, `∜`), NameDecorator, nil},
+			{Words(``, `\b`, `baremodule`, `begin`, `break`, `catch`, `ccall`, `const`, `continue`, `do`, `else`, `elseif`, `end`, `export`, `finally`, `for`, `function`, `global`, `if`, `import`, `in`, `isa`, `let`, `local`, `macro`, `module`, `quote`, `return`, `try`, `using`, `where`, `while`), Keyword, nil},
+			{Words(``, `\b`, `AbstractArray`, `AbstractChannel`, `AbstractChar`, `AbstractDict`, `AbstractDisplay`, `AbstractFloat`, `AbstractIrrational`, `AbstractMatch`, `AbstractMatrix`, `AbstractPattern`, `AbstractRange`, `AbstractSet`, `AbstractString`, `AbstractUnitRange`, `AbstractVecOrMat`, `AbstractVector`, `Any`, `ArgumentError`, `Array`, `AssertionError`, `BigFloat`, `BigInt`, `BitArray`, `BitMatrix`, `BitSet`, `BitVector`, `Bool`, `BoundsError`, `CapturedException`, `CartesianIndex`, `CartesianIndices`, `Cchar`, `Cdouble`, `Cfloat`, `Channel`, `Char`, `Cint`, `Cintmax_t`, `Clong`, `Clonglong`, `Cmd`, `Colon`, `Complex`, `ComplexF16`, `ComplexF32`, `ComplexF64`, `ComposedFunction`, `CompositeException`, `Condition`, `Cptrdiff_t`, `Cshort`, `Csize_t`, `Cssize_t`, `Cstring`, `Cuchar`, `Cuint`, `Cuintmax_t`, `Culong`, `Culonglong`, `Cushort`, `Cvoid`, `Cwchar_t`, `Cwstring`, `DataType`, `DenseArray`, `DenseMatrix`, `DenseVecOrMat`, `DenseVector`, `Dict`, `DimensionMismatch`, `Dims`, `DivideError`, `DomainError`, `EOFError`, `Enum`, `ErrorException`, `Exception`, `ExponentialBackOff`, `Expr`, `Float16`, `Float32`, `Float64`, `Function`, `GlobalRef`, `HTML`, `IO`, `IOBuffer`, `IOContext`, `IOStream`, `IdDict`, `IndexCartesian`, `IndexLinear`, `IndexStyle`, `InexactError`, `InitError`, `Int`, `Int128`, `Int16`, `Int32`, `Int64`, `Int8`, `Integer`, `InterruptException`, `InvalidStateException`, `Irrational`, `KeyError`, `LinRange`, `LineNumberNode`, `LinearIndices`, `LoadError`, `MIME`, `Matrix`, `Method`, `MethodError`, `Missing`, `MissingException`, `Module`, `NTuple`, `NamedTuple`, `Nothing`, `Number`, `OrdinalRange`, `OutOfMemoryError`, `OverflowError`, `Pair`, `PartialQuickSort`, `PermutedDimsArray`, `Pipe`, `ProcessFailedException`, `Ptr`, `QuoteNode`, `Rational`, `RawFD`, `ReadOnlyMemoryError`, `Real`, `ReentrantLock`, `Ref`, `Regex`, `RegexMatch`, `RoundingMode`, `SegmentationFault`, `Set`, `Signed`, `Some`, `StackOverflowError`, `StepRange`, `StepRangeLen`, `StridedArray`, `StridedMatrix`, `StridedVecOrMat`, `StridedVector`, `String`, `StringIndexError`, `SubArray`, `SubString`, `SubstitutionString`, `Symbol`, `SystemError`, `Task`, `TaskFailedException`, `Text`, `TextDisplay`, `Timer`, `Tuple`, `Type`, `TypeError`, `TypeVar`, `UInt`, `UInt128`, `UInt16`, `UInt32`, `UInt64`, `UInt8`, `UndefInitializer`, `UndefKeywordError`, `UndefRefError`, `UndefVarError`, `Union`, `UnionAll`, `UnitRange`, `Unsigned`, `Val`, `Vararg`, `VecElement`, `VecOrMat`, `Vector`, `VersionNumber`, `WeakKeyDict`, `WeakRef`), KeywordType, nil},
+			{Words(``, `\b`, `ARGS`, `C_NULL`, `DEPOT_PATH`, `ENDIAN_BOM`, `ENV`, `Inf`, `Inf16`, `Inf32`, `Inf64`, `InsertionSort`, `LOAD_PATH`, `MergeSort`, `NaN`, `NaN16`, `NaN32`, `NaN64`, `PROGRAM_FILE`, `QuickSort`, `RoundDown`, `RoundFromZero`, `RoundNearest`, `RoundNearestTiesAway`, `RoundNearestTiesUp`, `RoundToZero`, `RoundUp`, `VERSION`, `devnull`, `false`, `im`, `missing`, `nothing`, `pi`, `stderr`, `stdin`, `stdout`, `true`, `undef`, `π`, `ℯ`), NameBuiltin, nil},
+			{`(?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*)`, Name, nil},
+			{`(\d+((_\d+)+)?\.(?!\.)(\d+((_\d+)+)?)?|\.\d+((_\d+)+)?)([eEf][+-]?[0-9]+)?`, LiteralNumberFloat, nil},
+			{`\d+((_\d+)+)?[eEf][+-]?[0-9]+`, LiteralNumberFloat, nil},
+			{`0x[a-fA-F0-9]+((_[a-fA-F0-9]+)+)?(\.([a-fA-F0-9]+((_[a-fA-F0-9]+)+)?)?)?p[+-]?\d+`, LiteralNumberFloat, nil},
+			{`0b[01]+((_[01]+)+)?`, LiteralNumberBin, nil},
+			{`0o[0-7]+((_[0-7]+)+)?`, LiteralNumberOct, nil},
+			{`0x[a-fA-F0-9]+((_[a-fA-F0-9]+)+)?`, LiteralNumberHex, nil},
+			{`\d+((_\d+)+)?`, LiteralNumberInteger, nil},
+			{Words(``, ``, `.`), Operator, nil},
 		},
 		"blockcomment": {
 			{`[^=#]`, CommentMultiline, nil},
@@ -56,40 +68,67 @@ var Julia = internal.Register(MustNewLexer(
 			{`=#`, CommentMultiline, Pop(1)},
 			{`[=#]`, CommentMultiline, nil},
 		},
-		"string": {
+		"curly": {
+			{`\{`, Punctuation, Push()},
+			{`\}`, Punctuation, Pop(1)},
+			{`(?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*)`, KeywordType, nil},
+			Include("root"),
+		},
+		"tqrawstring": {
+			{`"""`, LiteralString, Pop(1)},
+			{`([^"]|"[^"][^"])+`, LiteralString, nil},
+		},
+		"rawstring": {
 			{`"`, LiteralString, Pop(1)},
-			{`\\([\\"\'$nrbtfav]|(x|u|U)[a-fA-F0-9]+|\d+)`, LiteralStringEscape, nil},
-			{`\$(?:[a-zA-Z_¡-￿]|[𐀀-􏿿])(?:[a-zA-Z_0-9¡-￿]|[𐀀-􏿿])*!*`, LiteralStringInterpol, nil},
+			{`\\"`, LiteralStringEscape, nil},
+			{`([^"\\]|\\[^"])+`, LiteralString, nil},
+		},
+		"interp": {
+			{`\$(?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*)`, LiteralStringInterpol, nil},
 			{`(\$)(\()`, ByGroups(LiteralStringInterpol, Punctuation), Push("in-intp")},
+		},
+		"in-intp": {
+			{`\(`, Punctuation, Push()},
+			{`\)`, Punctuation, Pop(1)},
+			Include("root"),
+		},
+		"string": {
+			{`(")((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*)|\d+)?`, ByGroups(LiteralString, LiteralStringAffix), Pop(1)},
+			{`\\([\\"\'$nrbtfav]|(x|u|U)[a-fA-F0-9]+|\d+)`, LiteralStringEscape, nil},
+			Include("interp"),
 			{`%[-#0 +]*([0-9]+|[*])?(\.([0-9]+|[*]))?[hlL]?[E-GXc-giorsux%]`, LiteralStringInterpol, nil},
-			{`.|\s`, LiteralString, nil},
+			{`[^"$%\\]+`, LiteralString, nil},
+			{`.`, LiteralString, nil},
 		},
 		"tqstring": {
-			{`"""`, LiteralString, Pop(1)},
+			{`(""")((?:[a-zA-Z_¡-􏿿][a-zA-Z_0-9!¡-􏿿]*)|\d+)?`, ByGroups(LiteralString, LiteralStringAffix), Pop(1)},
 			{`\\([\\"\'$nrbtfav]|(x|u|U)[a-fA-F0-9]+|\d+)`, LiteralStringEscape, nil},
-			{`\$(?:[a-zA-Z_¡-￿]|[𐀀-􏿿])(?:[a-zA-Z_0-9¡-￿]|[𐀀-􏿿])*!*`, LiteralStringInterpol, nil},
-			{`(\$)(\()`, ByGroups(LiteralStringInterpol, Punctuation), Push("in-intp")},
-			{`.|\s`, LiteralString, nil},
+			Include("interp"),
+			{`[^"$%\\]+`, LiteralString, nil},
+			{`.`, LiteralString, nil},
 		},
 		"regex": {
-			{`"`, LiteralStringRegex, Pop(1)},
+			{`(")([imsxa]*)?`, ByGroups(LiteralStringRegex, LiteralStringAffix), Pop(1)},
 			{`\\"`, LiteralStringRegex, nil},
-			{`.|\s`, LiteralStringRegex, nil},
+			{`[^\\"]+`, LiteralStringRegex, nil},
 		},
 		"tqregex": {
-			{`"""`, LiteralStringRegex, Pop(1)},
-			{`.|\s`, LiteralStringRegex, nil},
+			{`(""")([imsxa]*)?`, ByGroups(LiteralStringRegex, LiteralStringAffix), Pop(1)},
+			{`[^"]+`, LiteralStringRegex, nil},
 		},
 		"command": {
-			{"`", LiteralStringBacktick, Pop(1)},
-			{`\$(?:[a-zA-Z_¡-￿]|[𐀀-􏿿])(?:[a-zA-Z_0-9¡-￿]|[𐀀-􏿿])*!*`, LiteralStringInterpol, nil},
-			{`(\$)(\()`, ByGroups(LiteralStringInterpol, Punctuation), Push("in-intp")},
-			{`.|\s`, LiteralStringBacktick, nil},
+			{"(`)((?:[a-zA-Z_\u00a1-\U0010ffff][a-zA-Z_0-9!\u00a1-\U0010ffff]*)|\\d+)?", ByGroups(LiteralStringBacktick, LiteralStringAffix), Pop(1)},
+			{"\\\\[`$]", LiteralStringEscape, nil},
+			Include("interp"),
+			{"[^\\\\`$]+", LiteralStringBacktick, nil},
+			{`.`, LiteralStringBacktick, nil},
 		},
-		"in-intp": {
-			{`\(`, Punctuation, Push()},
-			{`\)`, Punctuation, Pop(1)},
-			Include("root"),
+		"tqcommand": {
+			{"(```)((?:[a-zA-Z_\u00a1-\U0010ffff][a-zA-Z_0-9!\u00a1-\U0010ffff]*)|\\d+)?", ByGroups(LiteralStringBacktick, LiteralStringAffix), Pop(1)},
+			{`\\\$`, LiteralStringEscape, nil},
+			Include("interp"),
+			{"[^\\\\`$]+", LiteralStringBacktick, nil},
+			{`.`, LiteralStringBacktick, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/j/jungle.go b/vendor/github.com/alecthomas/chroma/lexers/j/jungle.go
index 83d46a48df..5dbda9fbad 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/j/jungle.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/j/jungle.go
@@ -5,14 +5,18 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var Jungle = internal.Register(MustNewLexer(
+var Jungle = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Jungle",
 		Aliases:   []string{"jungle"},
 		Filenames: []string{"*.jungle"},
 		MimeTypes: []string{"text/x-jungle"},
 	},
-	Rules{
+	jungleRules,
+))
+
+func jungleRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+`, Text, nil},
 			{`\n`, Text, nil},
@@ -46,5 +50,5 @@ var Jungle = internal.Register(MustNewLexer(
 			{`[a-zA-Z_]\w*`, Name, nil},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/k/kotlin.go b/vendor/github.com/alecthomas/chroma/lexers/k/kotlin.go
index 17cdfa6294..671f85e0a4 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/k/kotlin.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/k/kotlin.go
@@ -5,10 +5,8 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var kotlinIdentifier = "_A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef][A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef0-9\u0660-\u0669\u06f0-\u06f9\u07c0-\u07c9\u0966-\u096f\u09e6-\u09ef\u0a66-\u0a6f\u0ae6-\u0aef\u0b66-\u0b6f\u0be6-\u0bef\u0c66-\u0c6f\u0ce6-\u0cef\u0d66-\u0d6f\u0e50-\u0e59\u0ed0-\u0ed9\u0f20-\u0f29\u1040-\u1049\u1090-\u1099\u17e0-\u17e9\u1810-\u1819\u1946-\u194f\u19d0-\u19d9\u1a80-\u1a89\u1a90-\u1a99\u1b50-\u1b59\u1bb0-\u1bb9\u1c40-\u1c49\u1c50-\u1c59\ua620-\ua629\ua8d0-\ua8d9\ua900-\ua909\ua9d0-\ua9d9\uaa50-\uaa59\uabf0-\uabf9\uff10-\uff19_\u203f-\u2040\u2054\ufe33-\ufe34\ufe4d-\ufe4f\uff3f\u00ad\u0600-\u0604\u061c\u06dd\u070f\u180e\u200b-\u200f\u202a-\u202e\u2060-\u2064\u2066-\u206f\ufeff\ufff9-\ufffb\u0300-\u036f\u0483-\u0487\u0591-\u05bd\u05bf\u05c1-\u05c2\u05c4-\u05c5\u05c7\u0610-\u061a\u064b-\u065f\u0670\u06d6-\u06dc\u06df-\u06e4\u06e7-\u06e8\u06ea-\u06ed\u0711\u0730-\u074a\u07a6-\u07b0\u07eb-\u07f3\u0816-\u0819\u081b-\u0823\u0825-\u0827\u0829-\u082d\u0859-\u085b\u08e4-\u08fe\u0900-\u0902\u093a\u093c\u0941-\u0948\u094d\u0951-\u0957\u0962-\u0963\u0981\u09bc\u09c1-\u09c4\u09cd\u09e2-\u09e3\u0a01-\u0a02\u0a3c\u0a41-\u0a42\u0a47-\u0a48\u0a4b-\u0a4d\u0a51\u0a70-\u0a71\u0a75\u0a81-\u0a82\u0abc\u0ac1-\u0ac5\u0ac7-\u0ac8\u0acd\u0ae2-\u0ae3\u0b01\u0b3c\u0b3f\u0b41-\u0b44\u0b4d\u0b56\u0b62-\u0b63\u0b82\u0bc0\u0bcd\u0c3e-\u0c40\u0c46-\u0c48\u0c4a-\u0c4d\u0c55-\u0c56\u0c62-\u0c63\u0cbc\u0cbf\u0cc6\u0ccc-\u0ccd\u0ce2-\u0ce3\u0d41-\u0d44\u0d4d\u0d62-\u0d63\u0dca\u0dd2-\u0dd4\u0dd6\u0e31\u0e34-\u0e3a\u0e47-\u0e4e\u0eb1\u0eb4-\u0eb9\u0ebb-\u0ebc\u0ec8-\u0ecd\u0f18-\u0f19\u0f35\u0f37\u0f39\u0f71-\u0f7e\u0f80-\u0f84\u0f86-\u0f87\u0f8d-\u0f97\u0f99-\u0fbc\u0fc6\u102d-\u1030\u1032-\u1037\u1039-\u103a\u103d-\u103e\u1058-\u1059\u105e-\u1060\u1071-\u1074\u1082\u1085-\u1086\u108d\u109d\u135d-\u135f\u1712-\u1714\u1732-\u1734\u1752-\u1753\u1772-\u1773\u17b4-\u17b5\u17b7-\u17bd\u17c6\u17c9-\u17d3\u17dd\u180b-\u180d\u18a9\u1920-\u1922\u1927-\u1928\u1932\u1939-\u193b\u1a17-\u1a18\u1a1b\u1a56\u1a58-\u1a5e\u1a60\u1a62\u1a65-\u1a6c\u1a73-\u1a7c\u1a7f\u1b00-\u1b03\u1b34\u1b36-\u1b3a\u1b3c\u1b42\u1b6b-\u1b73\u1b80-\u1b81\u1ba2-\u1ba5\u1ba8-\u1ba9\u1bab\u1be6\u1be8-\u1be9\u1bed\u1bef-\u1bf1\u1c2c-\u1c33\u1c36-\u1c37\u1cd0-\u1cd2\u1cd4-\u1ce0\u1ce2-\u1ce8\u1ced\u1cf4\u1dc0-\u1de6\u1dfc-\u1dff\u20d0-\u20dc\u20e1\u20e5-\u20f0\u2cef-\u2cf1\u2d7f\u2de0-\u2dff\u302a-\u302d\u3099-\u309a\ua66f\ua674-\ua67d\ua69f\ua6f0-\ua6f1\ua802\ua806\ua80b\ua825-\ua826\ua8c4\ua8e0-\ua8f1\ua926-\ua92d\ua947-\ua951\ua980-\ua982\ua9b3\ua9b6-\ua9b9\ua9bc\uaa29-\uaa2e\uaa31-\uaa32\uaa35-\uaa36\uaa43\uaa4c\uaab0\uaab2-\uaab4\uaab7-\uaab8\uaabe-\uaabf\uaac1\uaaec-\uaaed\uaaf6\uabe5\uabe8\uabed\ufb1e\ufe00-\ufe0f\ufe20-\ufe26\u0903\u093b\u093e-\u0940\u0949-\u094c\u094e-\u094f\u0982-\u0983\u09be-\u09c0\u09c7-\u09c8\u09cb-\u09cc\u09d7\u0a03\u0a3e-\u0a40\u0a83\u0abe-\u0ac0\u0ac9\u0acb-\u0acc\u0b02-\u0b03\u0b3e\u0b40\u0b47-\u0b48\u0b4b-\u0b4c\u0b57\u0bbe-\u0bbf\u0bc1-\u0bc2\u0bc6-\u0bc8\u0bca-\u0bcc\u0bd7\u0c01-\u0c03\u0c41-\u0c44\u0c82-\u0c83\u0cbe\u0cc0-\u0cc4\u0cc7-\u0cc8\u0cca-\u0ccb\u0cd5-\u0cd6\u0d02-\u0d03\u0d3e-\u0d40\u0d46-\u0d48\u0d4a-\u0d4c\u0d57\u0d82-\u0d83\u0dcf-\u0dd1\u0dd8-\u0ddf\u0df2-\u0df3\u0f3e-\u0f3f\u0f7f\u102b-\u102c\u1031\u1038\u103b-\u103c\u1056-\u1057\u1062-\u1064\u1067-\u106d\u1083-\u1084\u1087-\u108c\u108f\u109a-\u109c\u17b6\u17be-\u17c5\u17c7-\u17c8\u1923-\u1926\u1929-\u192b\u1930-\u1931\u1933-\u1938\u19b0-\u19c0\u19c8-\u19c9\u1a19-\u1a1a\u1a55\u1a57\u1a61\u1a63-\u1a64\u1a6d-\u1a72\u1b04\u1b35\u1b3b\u1b3d-\u1b41\u1b43-\u1b44\u1b82\u1ba1\u1ba6-\u1ba7\u1baa\u1bac-\u1bad\u1be7\u1bea-\u1bec\u1bee\u1bf2-\u1bf3\u1c24-\u1c2b\u1c34-\u1c35\u1ce1\u1cf2-\u1cf3\u302e-\u302f\ua823-\ua824\ua827\ua880-\ua881\ua8b4-\ua8c3\ua952-\ua953\ua983\ua9b4-\ua9b5\ua9ba-\ua9bb\ua9bd-\ua9c0\uaa2f-\uaa30\uaa33-\uaa34\uaa4d\uaa7b\uaaeb\uaaee-\uaaef\uaaf5\uabe3-\uabe4\uabe6-\uabe7\uabe9-\uabea\uabec]*|`@?[_A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef][A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef0-9\u0660-\u0669\u06f0-\u06f9\u07c0-\u07c9\u0966-\u096f\u09e6-\u09ef\u0a66-\u0a6f\u0ae6-\u0aef\u0b66-\u0b6f\u0be6-\u0bef\u0c66-\u0c6f\u0ce6-\u0cef\u0d66-\u0d6f\u0e50-\u0e59\u0ed0-\u0ed9\u0f20-\u0f29\u1040-\u1049\u1090-\u1099\u17e0-\u17e9\u1810-\u1819\u1946-\u194f\u19d0-\u19d9\u1a80-\u1a89\u1a90-\u1a99\u1b50-\u1b59\u1bb0-\u1bb9\u1c40-\u1c49\u1c50-\u1c59\ua620-\ua629\ua8d0-\ua8d9\ua900-\ua909\ua9d0-\ua9d9\uaa50-\uaa59\uabf0-\uabf9\uff10-\uff19_\u203f-\u2040\u2054\ufe33-\ufe34\ufe4d-\ufe4f\uff3f\u00ad\u0600-\u0604\u061c\u06dd\u070f\u180e\u200b-\u200f\u202a-\u202e\u2060-\u2064\u2066-\u206f\ufeff\ufff9-\ufffb\u0300-\u036f\u0483-\u0487\u0591-\u05bd\u05bf\u05c1-\u05c2\u05c4-\u05c5\u05c7\u0610-\u061a\u064b-\u065f\u0670\u06d6-\u06dc\u06df-\u06e4\u06e7-\u06e8\u06ea-\u06ed\u0711\u0730-\u074a\u07a6-\u07b0\u07eb-\u07f3\u0816-\u0819\u081b-\u0823\u0825-\u0827\u0829-\u082d\u0859-\u085b\u08e4-\u08fe\u0900-\u0902\u093a\u093c\u0941-\u0948\u094d\u0951-\u0957\u0962-\u0963\u0981\u09bc\u09c1-\u09c4\u09cd\u09e2-\u09e3\u0a01-\u0a02\u0a3c\u0a41-\u0a42\u0a47-\u0a48\u0a4b-\u0a4d\u0a51\u0a70-\u0a71\u0a75\u0a81-\u0a82\u0abc\u0ac1-\u0ac5\u0ac7-\u0ac8\u0acd\u0ae2-\u0ae3\u0b01\u0b3c\u0b3f\u0b41-\u0b44\u0b4d\u0b56\u0b62-\u0b63\u0b82\u0bc0\u0bcd\u0c3e-\u0c40\u0c46-\u0c48\u0c4a-\u0c4d\u0c55-\u0c56\u0c62-\u0c63\u0cbc\u0cbf\u0cc6\u0ccc-\u0ccd\u0ce2-\u0ce3\u0d41-\u0d44\u0d4d\u0d62-\u0d63\u0dca\u0dd2-\u0dd4\u0dd6\u0e31\u0e34-\u0e3a\u0e47-\u0e4e\u0eb1\u0eb4-\u0eb9\u0ebb-\u0ebc\u0ec8-\u0ecd\u0f18-\u0f19\u0f35\u0f37\u0f39\u0f71-\u0f7e\u0f80-\u0f84\u0f86-\u0f87\u0f8d-\u0f97\u0f99-\u0fbc\u0fc6\u102d-\u1030\u1032-\u1037\u1039-\u103a\u103d-\u103e\u1058-\u1059\u105e-\u1060\u1071-\u1074\u1082\u1085-\u1086\u108d\u109d\u135d-\u135f\u1712-\u1714\u1732-\u1734\u1752-\u1753\u1772-\u1773\u17b4-\u17b5\u17b7-\u17bd\u17c6\u17c9-\u17d3\u17dd\u180b-\u180d\u18a9\u1920-\u1922\u1927-\u1928\u1932\u1939-\u193b\u1a17-\u1a18\u1a1b\u1a56\u1a58-\u1a5e\u1a60\u1a62\u1a65-\u1a6c\u1a73-\u1a7c\u1a7f\u1b00-\u1b03\u1b34\u1b36-\u1b3a\u1b3c\u1b42\u1b6b-\u1b73\u1b80-\u1b81\u1ba2-\u1ba5\u1ba8-\u1ba9\u1bab\u1be6\u1be8-\u1be9\u1bed\u1bef-\u1bf1\u1c2c-\u1c33\u1c36-\u1c37\u1cd0-\u1cd2\u1cd4-\u1ce0\u1ce2-\u1ce8\u1ced\u1cf4\u1dc0-\u1de6\u1dfc-\u1dff\u20d0-\u20dc\u20e1\u20e5-\u20f0\u2cef-\u2cf1\u2d7f\u2de0-\u2dff\u302a-\u302d\u3099-\u309a\ua66f\ua674-\ua67d\ua69f\ua6f0-\ua6f1\ua802\ua806\ua80b\ua825-\ua826\ua8c4\ua8e0-\ua8f1\ua926-\ua92d\ua947-\ua951\ua980-\ua982\ua9b3\ua9b6-\ua9b9\ua9bc\uaa29-\uaa2e\uaa31-\uaa32\uaa35-\uaa36\uaa43\uaa4c\uaab0\uaab2-\uaab4\uaab7-\uaab8\uaabe-\uaabf\uaac1\uaaec-\uaaed\uaaf6\uabe5\uabe8\uabed\ufb1e\ufe00-\ufe0f\ufe20-\ufe26\u0903\u093b\u093e-\u0940\u0949-\u094c\u094e-\u094f\u0982-\u0983\u09be-\u09c0\u09c7-\u09c8\u09cb-\u09cc\u09d7\u0a03\u0a3e-\u0a40\u0a83\u0abe-\u0ac0\u0ac9\u0acb-\u0acc\u0b02-\u0b03\u0b3e\u0b40\u0b47-\u0b48\u0b4b-\u0b4c\u0b57\u0bbe-\u0bbf\u0bc1-\u0bc2\u0bc6-\u0bc8\u0bca-\u0bcc\u0bd7\u0c01-\u0c03\u0c41-\u0c44\u0c82-\u0c83\u0cbe\u0cc0-\u0cc4\u0cc7-\u0cc8\u0cca-\u0ccb\u0cd5-\u0cd6\u0d02-\u0d03\u0d3e-\u0d40\u0d46-\u0d48\u0d4a-\u0d4c\u0d57\u0d82-\u0d83\u0dcf-\u0dd1\u0dd8-\u0ddf\u0df2-\u0df3\u0f3e-\u0f3f\u0f7f\u102b-\u102c\u1031\u1038\u103b-\u103c\u1056-\u1057\u1062-\u1064\u1067-\u106d\u1083-\u1084\u1087-\u108c\u108f\u109a-\u109c\u17b6\u17be-\u17c5\u17c7-\u17c8\u1923-\u1926\u1929-\u192b\u1930-\u1931\u1933-\u1938\u19b0-\u19c0\u19c8-\u19c9\u1a19-\u1a1a\u1a55\u1a57\u1a61\u1a63-\u1a64\u1a6d-\u1a72\u1b04\u1b35\u1b3b\u1b3d-\u1b41\u1b43-\u1b44\u1b82\u1ba1\u1ba6-\u1ba7\u1baa\u1bac-\u1bad\u1be7\u1bea-\u1bec\u1bee\u1bf2-\u1bf3\u1c24-\u1c2b\u1c34-\u1c35\u1ce1\u1cf2-\u1cf3\u302e-\u302f\ua823-\ua824\ua827\ua880-\ua881\ua8b4-\ua8c3\ua952-\ua953\ua983\ua9b4-\ua9b5\ua9ba-\ua9bb\ua9bd-\ua9c0\uaa2f-\uaa30\uaa33-\uaa34\uaa4d\uaa7b\uaaeb\uaaee-\uaaef\uaaf5\uabe3-\uabe4\uabe6-\uabe7\uabe9-\uabea\uabec"
-
 // Kotlin lexer.
-var Kotlin = internal.Register(MustNewLexer(
+var Kotlin = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Kotlin",
 		Aliases:   []string{"kotlin"},
@@ -16,7 +14,13 @@ var Kotlin = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-kotlin"},
 		DotAll:    true,
 	},
-	Rules{
+	kotlinRules,
+))
+
+func kotlinRules() Rules {
+	const kotlinIdentifier = "_A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef][A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef0-9\u0660-\u0669\u06f0-\u06f9\u07c0-\u07c9\u0966-\u096f\u09e6-\u09ef\u0a66-\u0a6f\u0ae6-\u0aef\u0b66-\u0b6f\u0be6-\u0bef\u0c66-\u0c6f\u0ce6-\u0cef\u0d66-\u0d6f\u0e50-\u0e59\u0ed0-\u0ed9\u0f20-\u0f29\u1040-\u1049\u1090-\u1099\u17e0-\u17e9\u1810-\u1819\u1946-\u194f\u19d0-\u19d9\u1a80-\u1a89\u1a90-\u1a99\u1b50-\u1b59\u1bb0-\u1bb9\u1c40-\u1c49\u1c50-\u1c59\ua620-\ua629\ua8d0-\ua8d9\ua900-\ua909\ua9d0-\ua9d9\uaa50-\uaa59\uabf0-\uabf9\uff10-\uff19_\u203f-\u2040\u2054\ufe33-\ufe34\ufe4d-\ufe4f\uff3f\u00ad\u0600-\u0604\u061c\u06dd\u070f\u180e\u200b-\u200f\u202a-\u202e\u2060-\u2064\u2066-\u206f\ufeff\ufff9-\ufffb\u0300-\u036f\u0483-\u0487\u0591-\u05bd\u05bf\u05c1-\u05c2\u05c4-\u05c5\u05c7\u0610-\u061a\u064b-\u065f\u0670\u06d6-\u06dc\u06df-\u06e4\u06e7-\u06e8\u06ea-\u06ed\u0711\u0730-\u074a\u07a6-\u07b0\u07eb-\u07f3\u0816-\u0819\u081b-\u0823\u0825-\u0827\u0829-\u082d\u0859-\u085b\u08e4-\u08fe\u0900-\u0902\u093a\u093c\u0941-\u0948\u094d\u0951-\u0957\u0962-\u0963\u0981\u09bc\u09c1-\u09c4\u09cd\u09e2-\u09e3\u0a01-\u0a02\u0a3c\u0a41-\u0a42\u0a47-\u0a48\u0a4b-\u0a4d\u0a51\u0a70-\u0a71\u0a75\u0a81-\u0a82\u0abc\u0ac1-\u0ac5\u0ac7-\u0ac8\u0acd\u0ae2-\u0ae3\u0b01\u0b3c\u0b3f\u0b41-\u0b44\u0b4d\u0b56\u0b62-\u0b63\u0b82\u0bc0\u0bcd\u0c3e-\u0c40\u0c46-\u0c48\u0c4a-\u0c4d\u0c55-\u0c56\u0c62-\u0c63\u0cbc\u0cbf\u0cc6\u0ccc-\u0ccd\u0ce2-\u0ce3\u0d41-\u0d44\u0d4d\u0d62-\u0d63\u0dca\u0dd2-\u0dd4\u0dd6\u0e31\u0e34-\u0e3a\u0e47-\u0e4e\u0eb1\u0eb4-\u0eb9\u0ebb-\u0ebc\u0ec8-\u0ecd\u0f18-\u0f19\u0f35\u0f37\u0f39\u0f71-\u0f7e\u0f80-\u0f84\u0f86-\u0f87\u0f8d-\u0f97\u0f99-\u0fbc\u0fc6\u102d-\u1030\u1032-\u1037\u1039-\u103a\u103d-\u103e\u1058-\u1059\u105e-\u1060\u1071-\u1074\u1082\u1085-\u1086\u108d\u109d\u135d-\u135f\u1712-\u1714\u1732-\u1734\u1752-\u1753\u1772-\u1773\u17b4-\u17b5\u17b7-\u17bd\u17c6\u17c9-\u17d3\u17dd\u180b-\u180d\u18a9\u1920-\u1922\u1927-\u1928\u1932\u1939-\u193b\u1a17-\u1a18\u1a1b\u1a56\u1a58-\u1a5e\u1a60\u1a62\u1a65-\u1a6c\u1a73-\u1a7c\u1a7f\u1b00-\u1b03\u1b34\u1b36-\u1b3a\u1b3c\u1b42\u1b6b-\u1b73\u1b80-\u1b81\u1ba2-\u1ba5\u1ba8-\u1ba9\u1bab\u1be6\u1be8-\u1be9\u1bed\u1bef-\u1bf1\u1c2c-\u1c33\u1c36-\u1c37\u1cd0-\u1cd2\u1cd4-\u1ce0\u1ce2-\u1ce8\u1ced\u1cf4\u1dc0-\u1de6\u1dfc-\u1dff\u20d0-\u20dc\u20e1\u20e5-\u20f0\u2cef-\u2cf1\u2d7f\u2de0-\u2dff\u302a-\u302d\u3099-\u309a\ua66f\ua674-\ua67d\ua69f\ua6f0-\ua6f1\ua802\ua806\ua80b\ua825-\ua826\ua8c4\ua8e0-\ua8f1\ua926-\ua92d\ua947-\ua951\ua980-\ua982\ua9b3\ua9b6-\ua9b9\ua9bc\uaa29-\uaa2e\uaa31-\uaa32\uaa35-\uaa36\uaa43\uaa4c\uaab0\uaab2-\uaab4\uaab7-\uaab8\uaabe-\uaabf\uaac1\uaaec-\uaaed\uaaf6\uabe5\uabe8\uabed\ufb1e\ufe00-\ufe0f\ufe20-\ufe26\u0903\u093b\u093e-\u0940\u0949-\u094c\u094e-\u094f\u0982-\u0983\u09be-\u09c0\u09c7-\u09c8\u09cb-\u09cc\u09d7\u0a03\u0a3e-\u0a40\u0a83\u0abe-\u0ac0\u0ac9\u0acb-\u0acc\u0b02-\u0b03\u0b3e\u0b40\u0b47-\u0b48\u0b4b-\u0b4c\u0b57\u0bbe-\u0bbf\u0bc1-\u0bc2\u0bc6-\u0bc8\u0bca-\u0bcc\u0bd7\u0c01-\u0c03\u0c41-\u0c44\u0c82-\u0c83\u0cbe\u0cc0-\u0cc4\u0cc7-\u0cc8\u0cca-\u0ccb\u0cd5-\u0cd6\u0d02-\u0d03\u0d3e-\u0d40\u0d46-\u0d48\u0d4a-\u0d4c\u0d57\u0d82-\u0d83\u0dcf-\u0dd1\u0dd8-\u0ddf\u0df2-\u0df3\u0f3e-\u0f3f\u0f7f\u102b-\u102c\u1031\u1038\u103b-\u103c\u1056-\u1057\u1062-\u1064\u1067-\u106d\u1083-\u1084\u1087-\u108c\u108f\u109a-\u109c\u17b6\u17be-\u17c5\u17c7-\u17c8\u1923-\u1926\u1929-\u192b\u1930-\u1931\u1933-\u1938\u19b0-\u19c0\u19c8-\u19c9\u1a19-\u1a1a\u1a55\u1a57\u1a61\u1a63-\u1a64\u1a6d-\u1a72\u1b04\u1b35\u1b3b\u1b3d-\u1b41\u1b43-\u1b44\u1b82\u1ba1\u1ba6-\u1ba7\u1baa\u1bac-\u1bad\u1be7\u1bea-\u1bec\u1bee\u1bf2-\u1bf3\u1c24-\u1c2b\u1c34-\u1c35\u1ce1\u1cf2-\u1cf3\u302e-\u302f\ua823-\ua824\ua827\ua880-\ua881\ua8b4-\ua8c3\ua952-\ua953\ua983\ua9b4-\ua9b5\ua9ba-\ua9bb\ua9bd-\ua9c0\uaa2f-\uaa30\uaa33-\uaa34\uaa4d\uaa7b\uaaeb\uaaee-\uaaef\uaaf5\uabe3-\uabe4\uabe6-\uabe7\uabe9-\uabea\uabec]*|`@?[_A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef][A-Z\u00c0-\u00d6\u00d8-\u00de\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038a\u038c\u038e-\u038f\u0391-\u03a1\u03a3-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0524\u0526\u0531-\u0556\u10a0-\u10c5\u10c7\u10cd\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59\u1f5b\u1f5d\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c70\u2c72\u2c75\u2c7e-\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\u2ceb\u2ced\u2cf2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua660\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\ua78d\ua790\ua792\ua7a0\ua7a2\ua7a4\ua7a6\ua7a8\ua7aa\uff21-\uff3aa-z\u00b5\u00df-\u00f6\u00f8-\u00ff\u0101\u0103\u0105\u0107\u0109\u010b\u010d\u010f\u0111\u0113\u0115\u0117\u0119\u011b\u011d\u011f\u0121\u0123\u0125\u0127\u0129\u012b\u012d\u012f\u0131\u0133\u0135\u0137-\u0138\u013a\u013c\u013e\u0140\u0142\u0144\u0146\u0148-\u0149\u014b\u014d\u014f\u0151\u0153\u0155\u0157\u0159\u015b\u015d\u015f\u0161\u0163\u0165\u0167\u0169\u016b\u016d\u016f\u0171\u0173\u0175\u0177\u017a\u017c\u017e-\u0180\u0183\u0185\u0188\u018c-\u018d\u0192\u0195\u0199-\u019b\u019e\u01a1\u01a3\u01a5\u01a8\u01aa-\u01ab\u01ad\u01b0\u01b4\u01b6\u01b9-\u01ba\u01bd-\u01bf\u01c6\u01c9\u01cc\u01ce\u01d0\u01d2\u01d4\u01d6\u01d8\u01da\u01dc-\u01dd\u01df\u01e1\u01e3\u01e5\u01e7\u01e9\u01eb\u01ed\u01ef-\u01f0\u01f3\u01f5\u01f9\u01fb\u01fd\u01ff\u0201\u0203\u0205\u0207\u0209\u020b\u020d\u020f\u0211\u0213\u0215\u0217\u0219\u021b\u021d\u021f\u0221\u0223\u0225\u0227\u0229\u022b\u022d\u022f\u0231\u0233-\u0239\u023c\u023f-\u0240\u0242\u0247\u0249\u024b\u024d\u024f-\u0293\u0295-\u02af\u0371\u0373\u0377\u037b-\u037d\u0390\u03ac-\u03ce\u03d0-\u03d1\u03d5-\u03d7\u03d9\u03db\u03dd\u03df\u03e1\u03e3\u03e5\u03e7\u03e9\u03eb\u03ed\u03ef-\u03f3\u03f5\u03f8\u03fb-\u03fc\u0430-\u045f\u0461\u0463\u0465\u0467\u0469\u046b\u046d\u046f\u0471\u0473\u0475\u0477\u0479\u047b\u047d\u047f\u0481\u048b\u048d\u048f\u0491\u0493\u0495\u0497\u0499\u049b\u049d\u049f\u04a1\u04a3\u04a5\u04a7\u04a9\u04ab\u04ad\u04af\u04b1\u04b3\u04b5\u04b7\u04b9\u04bb\u04bd\u04bf\u04c2\u04c4\u04c6\u04c8\u04ca\u04cc\u04ce-\u04cf\u04d1\u04d3\u04d5\u04d7\u04d9\u04db\u04dd\u04df\u04e1\u04e3\u04e5\u04e7\u04e9\u04eb\u04ed\u04ef\u04f1\u04f3\u04f5\u04f7\u04f9\u04fb\u04fd\u04ff\u0501\u0503\u0505\u0507\u0509\u050b\u050d\u050f\u0511\u0513\u0515\u0517\u0519\u051b\u051d\u051f\u0521\u0523\u0525\u0527\u0561-\u0587\u1d00-\u1d2b\u1d6b-\u1d77\u1d79-\u1d9a\u1e01\u1e03\u1e05\u1e07\u1e09\u1e0b\u1e0d\u1e0f\u1e11\u1e13\u1e15\u1e17\u1e19\u1e1b\u1e1d\u1e1f\u1e21\u1e23\u1e25\u1e27\u1e29\u1e2b\u1e2d\u1e2f\u1e31\u1e33\u1e35\u1e37\u1e39\u1e3b\u1e3d\u1e3f\u1e41\u1e43\u1e45\u1e47\u1e49\u1e4b\u1e4d\u1e4f\u1e51\u1e53\u1e55\u1e57\u1e59\u1e5b\u1e5d\u1e5f\u1e61\u1e63\u1e65\u1e67\u1e69\u1e6b\u1e6d\u1e6f\u1e71\u1e73\u1e75\u1e77\u1e79\u1e7b\u1e7d\u1e7f\u1e81\u1e83\u1e85\u1e87\u1e89\u1e8b\u1e8d\u1e8f\u1e91\u1e93\u1e95-\u1e9d\u1e9f\u1ea1\u1ea3\u1ea5\u1ea7\u1ea9\u1eab\u1ead\u1eaf\u1eb1\u1eb3\u1eb5\u1eb7\u1eb9\u1ebb\u1ebd\u1ebf\u1ec1\u1ec3\u1ec5\u1ec7\u1ec9\u1ecb\u1ecd\u1ecf\u1ed1\u1ed3\u1ed5\u1ed7\u1ed9\u1edb\u1edd\u1edf\u1ee1\u1ee3\u1ee5\u1ee7\u1ee9\u1eeb\u1eed\u1eef\u1ef1\u1ef3\u1ef5\u1ef7\u1ef9\u1efb\u1efd\u1eff-\u1f07\u1f10-\u1f15\u1f20-\u1f27\u1f30-\u1f37\u1f40-\u1f45\u1f50-\u1f57\u1f60-\u1f67\u1f70-\u1f7d\u1f80-\u1f87\u1f90-\u1f97\u1fa0-\u1fa7\u1fb0-\u1fb4\u1fb6-\u1fb7\u1fbe\u1fc2-\u1fc4\u1fc6-\u1fc7\u1fd0-\u1fd3\u1fd6-\u1fd7\u1fe0-\u1fe7\u1ff2-\u1ff4\u1ff6-\u1ff7\u210a\u210e-\u210f\u2113\u212f\u2134\u2139\u213c-\u213d\u2146-\u2149\u214e\u2184\u2c30-\u2c5e\u2c61\u2c65-\u2c66\u2c68\u2c6a\u2c6c\u2c71\u2c73-\u2c74\u2c76-\u2c7b\u2c81\u2c83\u2c85\u2c87\u2c89\u2c8b\u2c8d\u2c8f\u2c91\u2c93\u2c95\u2c97\u2c99\u2c9b\u2c9d\u2c9f\u2ca1\u2ca3\u2ca5\u2ca7\u2ca9\u2cab\u2cad\u2caf\u2cb1\u2cb3\u2cb5\u2cb7\u2cb9\u2cbb\u2cbd\u2cbf\u2cc1\u2cc3\u2cc5\u2cc7\u2cc9\u2ccb\u2ccd\u2ccf\u2cd1\u2cd3\u2cd5\u2cd7\u2cd9\u2cdb\u2cdd\u2cdf\u2ce1\u2ce3-\u2ce4\u2cec\u2cee\u2cf3\u2d00-\u2d25\u2d27\u2d2d\ua641\ua643\ua645\ua647\ua649\ua64b\ua64d\ua64f\ua651\ua653\ua655\ua657\ua659\ua65b\ua65d\ua65f\ua661\ua663\ua665\ua667\ua669\ua66b\ua66d\ua681\ua683\ua685\ua687\ua689\ua68b\ua68d\ua68f\ua691\ua693\ua695\ua697\ua723\ua725\ua727\ua729\ua72b\ua72d\ua72f-\ua731\ua733\ua735\ua737\ua739\ua73b\ua73d\ua73f\ua741\ua743\ua745\ua747\ua749\ua74b\ua74d\ua74f\ua751\ua753\ua755\ua757\ua759\ua75b\ua75d\ua75f\ua761\ua763\ua765\ua767\ua769\ua76b\ua76d\ua76f\ua771-\ua778\ua77a\ua77c\ua77f\ua781\ua783\ua785\ua787\ua78c\ua78e\ua791\ua793\ua7a1\ua7a3\ua7a5\ua7a7\ua7a9\ua7fa\ufb00-\ufb06\ufb13-\ufb17\uff41-\uff5a\u01c5\u01c8\u01cb\u01f2\u1f88-\u1f8f\u1f98-\u1f9f\u1fa8-\u1faf\u1fbc\u1fcc\u1ffc\u02b0-\u02c1\u02c6-\u02d1\u02e0-\u02e4\u02ec\u02ee\u0374\u037a\u0559\u0640\u06e5-\u06e6\u07f4-\u07f5\u07fa\u081a\u0824\u0828\u0971\u0e46\u0ec6\u10fc\u17d7\u1843\u1aa7\u1c78-\u1c7d\u1d2c-\u1d6a\u1d78\u1d9b-\u1dbf\u2071\u207f\u2090-\u209c\u2c7c-\u2c7d\u2d6f\u2e2f\u3005\u3031-\u3035\u303b\u309d-\u309e\u30fc-\u30fe\ua015\ua4f8-\ua4fd\ua60c\ua67f\ua717-\ua71f\ua770\ua788\ua7f8-\ua7f9\ua9cf\uaa70\uaadd\uaaf3-\uaaf4\uff70\uff9e-\uff9f\u16ee-\u16f0\u2160-\u2182\u2185-\u2188\u3007\u3021-\u3029\u3038-\u303a\ua6e6-\ua6ef0-9\u0660-\u0669\u06f0-\u06f9\u07c0-\u07c9\u0966-\u096f\u09e6-\u09ef\u0a66-\u0a6f\u0ae6-\u0aef\u0b66-\u0b6f\u0be6-\u0bef\u0c66-\u0c6f\u0ce6-\u0cef\u0d66-\u0d6f\u0e50-\u0e59\u0ed0-\u0ed9\u0f20-\u0f29\u1040-\u1049\u1090-\u1099\u17e0-\u17e9\u1810-\u1819\u1946-\u194f\u19d0-\u19d9\u1a80-\u1a89\u1a90-\u1a99\u1b50-\u1b59\u1bb0-\u1bb9\u1c40-\u1c49\u1c50-\u1c59\ua620-\ua629\ua8d0-\ua8d9\ua900-\ua909\ua9d0-\ua9d9\uaa50-\uaa59\uabf0-\uabf9\uff10-\uff19_\u203f-\u2040\u2054\ufe33-\ufe34\ufe4d-\ufe4f\uff3f\u00ad\u0600-\u0604\u061c\u06dd\u070f\u180e\u200b-\u200f\u202a-\u202e\u2060-\u2064\u2066-\u206f\ufeff\ufff9-\ufffb\u0300-\u036f\u0483-\u0487\u0591-\u05bd\u05bf\u05c1-\u05c2\u05c4-\u05c5\u05c7\u0610-\u061a\u064b-\u065f\u0670\u06d6-\u06dc\u06df-\u06e4\u06e7-\u06e8\u06ea-\u06ed\u0711\u0730-\u074a\u07a6-\u07b0\u07eb-\u07f3\u0816-\u0819\u081b-\u0823\u0825-\u0827\u0829-\u082d\u0859-\u085b\u08e4-\u08fe\u0900-\u0902\u093a\u093c\u0941-\u0948\u094d\u0951-\u0957\u0962-\u0963\u0981\u09bc\u09c1-\u09c4\u09cd\u09e2-\u09e3\u0a01-\u0a02\u0a3c\u0a41-\u0a42\u0a47-\u0a48\u0a4b-\u0a4d\u0a51\u0a70-\u0a71\u0a75\u0a81-\u0a82\u0abc\u0ac1-\u0ac5\u0ac7-\u0ac8\u0acd\u0ae2-\u0ae3\u0b01\u0b3c\u0b3f\u0b41-\u0b44\u0b4d\u0b56\u0b62-\u0b63\u0b82\u0bc0\u0bcd\u0c3e-\u0c40\u0c46-\u0c48\u0c4a-\u0c4d\u0c55-\u0c56\u0c62-\u0c63\u0cbc\u0cbf\u0cc6\u0ccc-\u0ccd\u0ce2-\u0ce3\u0d41-\u0d44\u0d4d\u0d62-\u0d63\u0dca\u0dd2-\u0dd4\u0dd6\u0e31\u0e34-\u0e3a\u0e47-\u0e4e\u0eb1\u0eb4-\u0eb9\u0ebb-\u0ebc\u0ec8-\u0ecd\u0f18-\u0f19\u0f35\u0f37\u0f39\u0f71-\u0f7e\u0f80-\u0f84\u0f86-\u0f87\u0f8d-\u0f97\u0f99-\u0fbc\u0fc6\u102d-\u1030\u1032-\u1037\u1039-\u103a\u103d-\u103e\u1058-\u1059\u105e-\u1060\u1071-\u1074\u1082\u1085-\u1086\u108d\u109d\u135d-\u135f\u1712-\u1714\u1732-\u1734\u1752-\u1753\u1772-\u1773\u17b4-\u17b5\u17b7-\u17bd\u17c6\u17c9-\u17d3\u17dd\u180b-\u180d\u18a9\u1920-\u1922\u1927-\u1928\u1932\u1939-\u193b\u1a17-\u1a18\u1a1b\u1a56\u1a58-\u1a5e\u1a60\u1a62\u1a65-\u1a6c\u1a73-\u1a7c\u1a7f\u1b00-\u1b03\u1b34\u1b36-\u1b3a\u1b3c\u1b42\u1b6b-\u1b73\u1b80-\u1b81\u1ba2-\u1ba5\u1ba8-\u1ba9\u1bab\u1be6\u1be8-\u1be9\u1bed\u1bef-\u1bf1\u1c2c-\u1c33\u1c36-\u1c37\u1cd0-\u1cd2\u1cd4-\u1ce0\u1ce2-\u1ce8\u1ced\u1cf4\u1dc0-\u1de6\u1dfc-\u1dff\u20d0-\u20dc\u20e1\u20e5-\u20f0\u2cef-\u2cf1\u2d7f\u2de0-\u2dff\u302a-\u302d\u3099-\u309a\ua66f\ua674-\ua67d\ua69f\ua6f0-\ua6f1\ua802\ua806\ua80b\ua825-\ua826\ua8c4\ua8e0-\ua8f1\ua926-\ua92d\ua947-\ua951\ua980-\ua982\ua9b3\ua9b6-\ua9b9\ua9bc\uaa29-\uaa2e\uaa31-\uaa32\uaa35-\uaa36\uaa43\uaa4c\uaab0\uaab2-\uaab4\uaab7-\uaab8\uaabe-\uaabf\uaac1\uaaec-\uaaed\uaaf6\uabe5\uabe8\uabed\ufb1e\ufe00-\ufe0f\ufe20-\ufe26\u0903\u093b\u093e-\u0940\u0949-\u094c\u094e-\u094f\u0982-\u0983\u09be-\u09c0\u09c7-\u09c8\u09cb-\u09cc\u09d7\u0a03\u0a3e-\u0a40\u0a83\u0abe-\u0ac0\u0ac9\u0acb-\u0acc\u0b02-\u0b03\u0b3e\u0b40\u0b47-\u0b48\u0b4b-\u0b4c\u0b57\u0bbe-\u0bbf\u0bc1-\u0bc2\u0bc6-\u0bc8\u0bca-\u0bcc\u0bd7\u0c01-\u0c03\u0c41-\u0c44\u0c82-\u0c83\u0cbe\u0cc0-\u0cc4\u0cc7-\u0cc8\u0cca-\u0ccb\u0cd5-\u0cd6\u0d02-\u0d03\u0d3e-\u0d40\u0d46-\u0d48\u0d4a-\u0d4c\u0d57\u0d82-\u0d83\u0dcf-\u0dd1\u0dd8-\u0ddf\u0df2-\u0df3\u0f3e-\u0f3f\u0f7f\u102b-\u102c\u1031\u1038\u103b-\u103c\u1056-\u1057\u1062-\u1064\u1067-\u106d\u1083-\u1084\u1087-\u108c\u108f\u109a-\u109c\u17b6\u17be-\u17c5\u17c7-\u17c8\u1923-\u1926\u1929-\u192b\u1930-\u1931\u1933-\u1938\u19b0-\u19c0\u19c8-\u19c9\u1a19-\u1a1a\u1a55\u1a57\u1a61\u1a63-\u1a64\u1a6d-\u1a72\u1b04\u1b35\u1b3b\u1b3d-\u1b41\u1b43-\u1b44\u1b82\u1ba1\u1ba6-\u1ba7\u1baa\u1bac-\u1bad\u1be7\u1bea-\u1bec\u1bee\u1bf2-\u1bf3\u1c24-\u1c2b\u1c34-\u1c35\u1ce1\u1cf2-\u1cf3\u302e-\u302f\ua823-\ua824\ua827\ua880-\ua881\ua8b4-\ua8c3\ua952-\ua953\ua983\ua9b4-\ua9b5\ua9ba-\ua9bb\ua9bd-\ua9c0\uaa2f-\uaa30\uaa33-\uaa34\uaa4d\uaa7b\uaaeb\uaaee-\uaaef\uaaf5\uabe3-\uabe4\uabe6-\uabe7\uabe9-\uabea\uabec"
+
+	return Rules{
 		"root": {
 			{`^\s*\[.*?\]`, NameAttribute, nil},
 			{`[^\S\n]+`, Text, nil},
@@ -90,5 +94,5 @@ var Kotlin = internal.Register(MustNewLexer(
 			{`\$[` + kotlinIdentifier + `]+`, LiteralStringInterpol, nil},
 			{`\${[^}\n]*}`, LiteralStringInterpol, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/l/lighttpd.go b/vendor/github.com/alecthomas/chroma/lexers/l/lighttpd.go
index 799b77c30a..6d83298b66 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/l/lighttpd.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/l/lighttpd.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Lighttpd Configuration File lexer.
-var Lighttpd = internal.Register(MustNewLexer(
+var Lighttpd = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Lighttpd configuration file",
 		Aliases:   []string{"lighty", "lighttpd"},
 		Filenames: []string{},
 		MimeTypes: []string{"text/x-lighttpd-conf"},
 	},
-	Rules{
+	lighttpdRules,
+))
+
+func lighttpdRules() Rules {
+	return Rules{
 		"root": {
 			{`#.*\n`, CommentSingle, nil},
 			{`/\S*`, Name, nil},
@@ -26,5 +30,5 @@ var Lighttpd = internal.Register(MustNewLexer(
 			{`"([^"\\]*(?:\\.[^"\\]*)*)"`, LiteralStringDouble, nil},
 			{`\s+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/l/llvm.go b/vendor/github.com/alecthomas/chroma/lexers/l/llvm.go
index 8f5b0b1235..e9ea319e3c 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/l/llvm.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/l/llvm.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Llvm lexer.
-var Llvm = internal.Register(MustNewLexer(
+var Llvm = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "LLVM",
 		Aliases:   []string{"llvm"},
 		Filenames: []string{"*.ll"},
 		MimeTypes: []string{"text/x-llvm"},
 	},
-	Rules{
+	llvmRules,
+))
+
+func llvmRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			{`([-a-zA-Z$._][\w\-$.]*|"[^"]*?")\s*:`, NameLabel, nil},
@@ -39,5 +43,5 @@ var Llvm = internal.Register(MustNewLexer(
 			{Words(``, ``, `void`, `half`, `float`, `double`, `x86_fp80`, `fp128`, `ppc_fp128`, `label`, `metadata`, `token`), KeywordType, nil},
 			{`i[1-9]\d*`, Keyword, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/l/lua.go b/vendor/github.com/alecthomas/chroma/lexers/l/lua.go
index c397de065d..db574a1b9a 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/l/lua.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/l/lua.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Lua lexer.
-var Lua = internal.Register(MustNewLexer(
+var Lua = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Lua",
 		Aliases:   []string{"lua"},
 		Filenames: []string{"*.lua", "*.wlua"},
 		MimeTypes: []string{"text/x-lua", "application/x-lua"},
 	},
-	Rules{
+	luaRules,
+))
+
+func luaRules() Rules {
+	return Rules{
 		"root": {
 			{`#!.*`, CommentPreproc, nil},
 			Default(Push("base")),
@@ -71,5 +75,5 @@ var Lua = internal.Register(MustNewLexer(
 			{`"`, LiteralStringDouble, Pop(1)},
 			{`[^\\"]+`, LiteralStringDouble, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/make.go b/vendor/github.com/alecthomas/chroma/lexers/m/make.go
index eb9d9e68b5..905491a642 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/make.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/make.go
@@ -7,7 +7,7 @@ import (
 )
 
 // Makefile lexer.
-var Makefile = internal.Register(MustNewLexer(
+var Makefile = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Base Makefile",
 		Aliases:   []string{"make", "makefile", "mf", "bsdmake"},
@@ -15,7 +15,11 @@ var Makefile = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-makefile"},
 		EnsureNL:  true,
 	},
-	Rules{
+	makefileRules,
+))
+
+func makefileRules() Rules {
+	return Rules{
 		"root": {
 			{`^(?:[\t ]+.*\n|\n)+`, Using(Bash), nil},
 			{`\$[<@$+%?|*]`, Keyword, nil},
@@ -50,5 +54,5 @@ var Makefile = internal.Register(MustNewLexer(
 			{`\n`, Text, Pop(1)},
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/mako.go b/vendor/github.com/alecthomas/chroma/lexers/m/mako.go
index f7c140d534..6f777dd58d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/mako.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/mako.go
@@ -7,14 +7,18 @@ import (
 )
 
 // Mako lexer.
-var Mako = internal.Register(MustNewLexer(
+var Mako = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Mako",
 		Aliases:   []string{"mako"},
 		Filenames: []string{"*.mao"},
 		MimeTypes: []string{"application/x-mako"},
 	},
-	Rules{
+	makoRules,
+))
+
+func makoRules() Rules {
+	return Rules{
 		"root": {
 			{`(\s*)(%)(\s*end(?:\w+))(\n|\Z)`, ByGroups(Text, CommentPreproc, Keyword, Other), nil},
 			{`(\s*)(%)([^\n]*)(\n|\Z)`, ByGroups(Text, CommentPreproc, Using(Python), Other), nil},
@@ -56,5 +60,5 @@ var Mako = internal.Register(MustNewLexer(
 			{`'.*?'`, LiteralString, Pop(1)},
 			{`[^\s>]+`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/markdown.go b/vendor/github.com/alecthomas/chroma/lexers/m/markdown.go
index dd78ec08d7..9ee157be07 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/markdown.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/markdown.go
@@ -7,14 +7,18 @@ import (
 )
 
 // Markdown lexer.
-var Markdown = internal.Register(DelegatingLexer(h.HTML, MustNewLexer(
+var Markdown = internal.Register(DelegatingLexer(h.HTML, MustNewLazyLexer(
 	&Config{
 		Name:      "markdown",
 		Aliases:   []string{"md", "mkd"},
 		Filenames: []string{"*.md", "*.mkd", "*.markdown"},
 		MimeTypes: []string{"text/x-markdown"},
 	},
-	Rules{
+	markdownRules,
+)))
+
+func markdownRules() Rules {
+	return Rules{
 		"root": {
 			{`^(#[^#].+\n)`, ByGroups(GenericHeading), nil},
 			{`^(#{2,6}.+\n)`, ByGroups(GenericSubheading), nil},
@@ -23,7 +27,8 @@ var Markdown = internal.Register(DelegatingLexer(h.HTML, MustNewLexer(
 			{`^(\s*)([0-9]+\.)( .+\n)`, ByGroups(Text, Keyword, UsingSelf("inline")), nil},
 			{`^(\s*>\s)(.+\n)`, ByGroups(Keyword, GenericEmph), nil},
 			{"^(```\\n)([\\w\\W]*?)(^```$)", ByGroups(String, Text, String), nil},
-			{"^(```)(\\w+)(\\n)([\\w\\W]*?)(^```$)",
+			{
+				"^(```)(\\w+)(\\n)([\\w\\W]*?)(^```$)",
 				UsingByGroup(
 					internal.Get,
 					2, 4,
@@ -44,5 +49,5 @@ var Markdown = internal.Register(DelegatingLexer(h.HTML, MustNewLexer(
 			{`[^\\\s]+`, Other, nil},
 			{`.|\n`, Other, nil},
 		},
-	},
-)))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/mason.go b/vendor/github.com/alecthomas/chroma/lexers/m/mason.go
index 5c70ab0a90..bc48f5caaa 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/mason.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/mason.go
@@ -8,7 +8,7 @@ import (
 )
 
 // Mason lexer.
-var Mason = internal.Register(MustNewLexer(
+var Mason = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Mason",
 		Aliases:   []string{"mason"},
@@ -16,7 +16,11 @@ var Mason = internal.Register(MustNewLexer(
 		MimeTypes: []string{"application/x-mason"},
 		Priority:  0.1,
 	},
-	Rules{
+	masonRules,
+))
+
+func masonRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`(<%doc>)(.*?)(</%doc>)(?s)`, ByGroups(NameTag, CommentMultiline, NameTag), nil},
@@ -39,5 +43,5 @@ var Mason = internal.Register(MustNewLexer(
                   \Z                 # end of string
                  )`, ByGroups(Using(HTML), Operator), nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/mathematica.go b/vendor/github.com/alecthomas/chroma/lexers/m/mathematica.go
index 3d1f641f96..ed1ea24be6 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/mathematica.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/mathematica.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Mathematica lexer.
-var Mathematica = internal.Register(MustNewLexer(
+var Mathematica = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Mathematica",
 		Aliases:   []string{"mathematica", "mma", "nb"},
 		Filenames: []string{"*.nb", "*.cdf", "*.nbp", "*.ma"},
 		MimeTypes: []string{"application/mathematica", "application/vnd.wolfram.mathematica", "application/vnd.wolfram.mathematica.package", "application/vnd.wolfram.cdf"},
 	},
-	Rules{
+	mathematicaRules,
+))
+
+func mathematicaRules() Rules {
+	return Rules{
 		"root": {
 			{`(?s)\(\*.*?\*\)`, Comment, nil},
 			{"([a-zA-Z]+[A-Za-z0-9]*`)", NameNamespace, nil},
@@ -28,5 +32,5 @@ var Mathematica = internal.Register(MustNewLexer(
 			{`".*?"`, LiteralString, nil},
 			{`\s+`, TextWhitespace, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/matlab.go b/vendor/github.com/alecthomas/chroma/lexers/m/matlab.go
index 5b0baa5154..4e98d69776 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/matlab.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/matlab.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Matlab lexer.
-var Matlab = internal.Register(MustNewLexer(
+var Matlab = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Matlab",
 		Aliases:   []string{"matlab"},
 		Filenames: []string{"*.m"},
 		MimeTypes: []string{"text/matlab"},
 	},
-	Rules{
+	matlabRules,
+))
+
+func matlabRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`^!.*`, LiteralStringOther, nil},
@@ -47,5 +51,5 @@ var Matlab = internal.Register(MustNewLexer(
 			{`(\s*)(?:(.+)(\s*)(=)(\s*))?(.+)(\()(.*)(\))(\s*)`, ByGroups(TextWhitespace, Text, TextWhitespace, Punctuation, TextWhitespace, NameFunction, Punctuation, Text, Punctuation, TextWhitespace), Pop(1)},
 			{`(\s*)([a-zA-Z_]\w*)`, ByGroups(Text, NameFunction), Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/mcfunction.go b/vendor/github.com/alecthomas/chroma/lexers/m/mcfunction.go
new file mode 100644
index 0000000000..1e8eb45927
--- /dev/null
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/mcfunction.go
@@ -0,0 +1,107 @@
+package m
+
+import (
+	. "github.com/alecthomas/chroma" // nolint
+	"github.com/alecthomas/chroma/lexers/internal"
+)
+
+// mcfunction lexer.
+var MCFunction = internal.Register(MustNewLexer(
+	&Config{
+		Name:         "mcfunction",
+		Aliases:      []string{"mcfunction"},
+		Filenames:    []string{"*.mcfunction"},
+		MimeTypes:    []string{},
+		NotMultiline: true,
+		DotAll:       true,
+	},
+	Rules{
+		"simplevalue": {
+			{`(true|false)`, KeywordConstant, nil},
+			{`[01]b`, LiteralNumber, nil},
+			{`-?(0|[1-9]\d*)(\.\d+[eE](\+|-)?\d+|[eE](\+|-)?\d+|\.\d+)`, LiteralNumberFloat, nil},
+			{`(-?\d+)(\.\.)(-?\d+)`, ByGroups(LiteralNumberInteger, Punctuation, LiteralNumberInteger), nil},
+			{`-?(0|[1-9]\d*)`, LiteralNumberInteger, nil},
+			{`"(\\\\|\\"|[^"])*"`, LiteralStringDouble, nil},
+			{`'[^']+'`, LiteralStringSingle, nil},
+			{`([!#]?)(\w+)`, ByGroups(Punctuation, Text), nil},
+		},
+		"nbtobjectattribute": {
+			Include("nbtvalue"),
+			{`:`, Punctuation, nil},
+			{`,`, Punctuation, Pop(1)},
+			{`\}`, Punctuation, Pop(2)},
+		},
+		"nbtobjectvalue": {
+			{`("(\\\\|\\"|[^"])*"|[a-zA-Z0-9_]+)`, NameTag, Push("nbtobjectattribute")},
+			{`\}`, Punctuation, Pop(1)},
+		},
+		"nbtarrayvalue": {
+			Include("nbtvalue"),
+			{`,`, Punctuation, nil},
+			{`\]`, Punctuation, Pop(1)},
+		},
+		"nbtvalue": {
+			Include("simplevalue"),
+			{`\{`, Punctuation, Push("nbtobjectvalue")},
+			{`\[`, Punctuation, Push("nbtarrayvalue")},
+		},
+		"argumentvalue": {
+			Include("simplevalue"),
+			{`,`, Punctuation, Pop(1)},
+			{`[}\]]`, Punctuation, Pop(2)},
+		},
+		"argumentlist": {
+			{`(nbt)(={)`, ByGroups(NameAttribute, Punctuation), Push("nbtobjectvalue")},
+			{`([A-Za-z0-9/_!]+)(={)`, ByGroups(NameAttribute, Punctuation), Push("argumentlist")},
+			{`([A-Za-z0-9/_!]+)(=)`, ByGroups(NameAttribute, Punctuation), Push("argumentvalue")},
+			Include("simplevalue"),
+			{`,`, Punctuation, nil},
+			{`[}\]]`, Punctuation, Pop(1)},
+		},
+		"root": {
+			{`#.*?\n`, CommentSingle, nil},
+			{Words(`/?`, `\b`, `ability`, `attributes`, `advancement`,
+				`ban`, `ban-ip`, `banlist`, `bossbar`,
+				`camerashake`, `classroommode`, `clear`,
+				`clearspawnpoint`, `clone`, `code`, `collect`,
+				`createagent`, `data`, `datapack`, `debug`,
+				`defaultgamemode`, `deop`, `destroy`, `detect`,
+				`detectredstone`, `difficulty`, `dropall`,
+				`effect`, `enchant`, `event`, `execute`,
+				`experience`, `fill`, `flog`, `forceload`,
+				`function`, `gamemode`, `gamerule`,
+				`geteduclientinfo`, `give`, `help`, `item`,
+				`immutableworld`, `kick`, `kill`, `list`,
+				`locate`, `locatebiome`, `loot`, `me`, `mixer`,
+				`mobevent`, `move`, `msg`, `music`, `op`,
+				`pardon`, `particle`, `playanimation`,
+				`playsound`, `position`, `publish`,
+				`raytracefog`, `recipe`, `reload`, `remove`,
+				`replaceitem`, `ride`, `save`, `save-all`,
+				`save-off`, `save-on`, `say`, `schedule`,
+				`scoreboard`, `seed`, `setblock`,
+				`setidletimeout`, `setmaxplayers`,
+				`setworldspawn`, `spawnpoint`, `spectate`,
+				`spreadplayers`, `stop`, `stopsound`,
+				`structure`, `summon`, `tag`, `team`, `teammsg`,
+				`teleport`, `tell`, `tellraw`, `testfor`,
+				`testforblock`, `testforblocks`, `tickingarea`,
+				`time`, `title`, `toggledownfall`, `tp`,
+				`tpagent`, `transfer`, `transferserver`,
+				`trigger`, `turn`, `w`, `weather`, `whitelist`,
+				`worldborder`, `worldbuilder`, `wsserver`, `xp`,
+			), KeywordReserved, nil},
+			{Words(``, ``, `@p`, `@r`, `@a`, `@e`, `@s`, `@c`, `@v`),
+				KeywordConstant, nil},
+			{`\[`, Punctuation, Push("argumentlist")},
+			{`{`, Punctuation, Push("nbtobjectvalue")},
+			{`~`, NameBuiltin, nil},
+			{`([a-zA-Z_]+:)?[a-zA-Z_]+\b`, Text, nil},
+			{`([a-z]+)(\.)([0-9]+)\b`, ByGroups(Text, Punctuation, LiteralNumber), nil},
+			{`([<>=]|<=|>=)`, Punctuation, nil},
+			Include("simplevalue"),
+			{`\s+`, TextWhitespace, nil},
+		},
+	},
+))
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/minizinc.go b/vendor/github.com/alecthomas/chroma/lexers/m/minizinc.go
index ccf4eed99f..63d59ed033 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/minizinc.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/minizinc.go
@@ -6,14 +6,18 @@ import (
 )
 
 // MiniZinc lexer.
-var MZN = internal.Register(MustNewLexer(
+var MZN = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "MiniZinc",
 		Aliases:   []string{"minizinc", "MZN", "mzn"},
 		Filenames: []string{"*.mzn", "*.dzn", "*.fzn"},
 		MimeTypes: []string{"text/minizinc"},
 	},
-	Rules{
+	mznRules,
+))
+
+func mznRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`\s+`, Text, nil},
@@ -37,5 +41,5 @@ var MZN = internal.Register(MustNewLexer(
 			{`\b([^\W\d]\w*)\b(\()`, ByGroups(NameFunction, Punctuation), nil},
 			{`[^\W\d]\w*`, NameOther, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/mlir.go b/vendor/github.com/alecthomas/chroma/lexers/m/mlir.go
index 2ae4b00b06..112a1c3a61 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/mlir.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/mlir.go
@@ -6,14 +6,18 @@ import (
 )
 
 // MLIR lexer.
-var Mlir = internal.Register(MustNewLexer(
+var Mlir = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "MLIR",
 		Aliases:   []string{"mlir"},
 		Filenames: []string{"*.mlir"},
 		MimeTypes: []string{"text/x-mlir"},
 	},
-	Rules{
+	mlirRules,
+))
+
+func mlirRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			{`c?"[^"]*?"`, LiteralString, nil},
@@ -39,5 +43,5 @@ var Mlir = internal.Register(MustNewLexer(
 			{`bf16|f16|f32|f64|index`, Keyword, nil},
 			{`i[1-9]\d*`, Keyword, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/modula2.go b/vendor/github.com/alecthomas/chroma/lexers/m/modula2.go
index 6fadb79f37..6ab05c9ed3 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/modula2.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/modula2.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Modula-2 lexer.
-var Modula2 = internal.Register(MustNewLexer(
+var Modula2 = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Modula-2",
 		Aliases:   []string{"modula2", "m2"},
@@ -14,7 +14,11 @@ var Modula2 = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-modula2"},
 		DotAll:    true,
 	},
-	Rules{
+	modula2Rules,
+))
+
+func modula2Rules() Rules {
+	return Rules{
 		"whitespace": {
 			{`\n+`, Text, nil},
 			{`\s+`, Text, nil},
@@ -111,5 +115,5 @@ var Modula2 = internal.Register(MustNewLexer(
 			Include("unigraph_punctuation"),
 			Include("unigraph_operators"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/monkeyc.go b/vendor/github.com/alecthomas/chroma/lexers/m/monkeyc.go
index 828ff0bff0..8ad81cc086 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/monkeyc.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/monkeyc.go
@@ -5,14 +5,18 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var MonkeyC = internal.Register(MustNewLexer(
+var MonkeyC = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "MonkeyC",
 		Aliases:   []string{"monkeyc"},
 		Filenames: []string{"*.mc"},
 		MimeTypes: []string{"text/x-monkeyc"},
 	},
-	Rules{
+	monkeyCRules,
+))
+
+func monkeyCRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+`, Text, nil},
 			{`\n`, Text, nil},
@@ -58,5 +62,5 @@ var MonkeyC = internal.Register(MustNewLexer(
 			{`[a-zA-Z_][\w_\.]*`, NameNamespace, nil},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/mwscript.go b/vendor/github.com/alecthomas/chroma/lexers/m/mwscript.go
index b86bbdfeef..0ba0ba97c3 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/mwscript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/mwscript.go
@@ -6,14 +6,18 @@ import (
 )
 
 // MorrowindScript lexer.
-var MorrowindScript = internal.Register(MustNewLexer(
+var MorrowindScript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "MorrowindScript",
 		Aliases:   []string{"morrowind", "mwscript"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	morrowindScriptRules,
+))
+
+func morrowindScriptRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`;.*$`, Comment, nil},
@@ -49,5 +53,5 @@ var MorrowindScript = internal.Register(MustNewLexer(
 			{`[#=,./%+\-?]`, Operator, nil},
 			{`(==|<=|<|>=|>|!=)`, Operator, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/myghty.go b/vendor/github.com/alecthomas/chroma/lexers/m/myghty.go
index 02a20eae5e..22227c5044 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/myghty.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/myghty.go
@@ -7,14 +7,18 @@ import (
 )
 
 // Myghty lexer.
-var Myghty = internal.Register(MustNewLexer(
+var Myghty = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Myghty",
 		Aliases:   []string{"myghty"},
 		Filenames: []string{"*.myt", "autodelegate"},
 		MimeTypes: []string{"application/x-myghty"},
 	},
-	Rules{
+	myghtyRules,
+))
+
+func myghtyRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`(<%(?:def|method))(\s*)(.*?)(>)(.*?)(</%\2\s*>)(?s)`, ByGroups(NameTag, Text, NameFunction, NameTag, UsingSelf("root"), NameTag), nil},
@@ -36,5 +40,5 @@ var Myghty = internal.Register(MustNewLexer(
                   \Z                 # end of string
                  )`, ByGroups(Other, Operator), nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/m/mysql.go b/vendor/github.com/alecthomas/chroma/lexers/m/mysql.go
index 9f47e32a20..7e08e242c7 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/m/mysql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/m/mysql.go
@@ -6,7 +6,7 @@ import (
 )
 
 // MySQL lexer.
-var MySQL = internal.Register(MustNewLexer(
+var MySQL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "MySQL",
 		Aliases:         []string{"mysql"},
@@ -15,9 +15,13 @@ var MySQL = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	mySQLRules,
+))
+
+func mySQLRules() Rules {
+	return Rules{
 		"root": {
-			{`\s+`, Text, nil},
+			{`\s+`, TextWhitespace, nil},
 			{`(#|--\s+).*\n?`, CommentSingle, nil},
 			{`/\*`, CommentMultiline, Push("multiline-comments")},
 			{`[0-9]+`, LiteralNumberInteger, nil},
@@ -25,11 +29,11 @@ var MySQL = internal.Register(MustNewLexer(
 			{`((?:_[a-z0-9]+)?)(')`, ByGroups(LiteralStringAffix, LiteralStringSingle), Push("string")},
 			{`((?:_[a-z0-9]+)?)(")`, ByGroups(LiteralStringAffix, LiteralStringDouble), Push("double-string")},
 			{"[+*/<>=~!@#%^&|`?-]", Operator, nil},
-			{`\b(tinyint|smallint|mediumint|int|integer|bigint|date|datetime|time|bit|bool|tinytext|mediumtext|longtext|text|tinyblob|mediumblob|longblob|blob|float|double|double\s+precision|real|numeric|dec|decimal|timestamp|year|char|varchar|varbinary|varcharacter|enum|set)(\b\s*)(\()?`, ByGroups(KeywordType, Text, Punctuation), nil},
+			{`\b(tinyint|smallint|mediumint|int|integer|bigint|date|datetime|time|bit|bool|tinytext|mediumtext|longtext|text|tinyblob|mediumblob|longblob|blob|float|double|double\s+precision|real|numeric|dec|decimal|timestamp|year|char|varchar|varbinary|varcharacter|enum|set)(\b\s*)(\()?`, ByGroups(KeywordType, TextWhitespace, Punctuation), nil},
 			{`\b(add|all|alter|analyze|and|as|asc|asensitive|before|between|bigint|binary|blob|both|by|call|cascade|case|change|char|character|check|collate|column|condition|constraint|continue|convert|create|cross|current_date|current_time|current_timestamp|current_user|cursor|database|databases|day_hour|day_microsecond|day_minute|day_second|dec|decimal|declare|default|delayed|delete|desc|describe|deterministic|distinct|distinctrow|div|double|drop|dual|each|else|elseif|enclosed|escaped|exists|exit|explain|fetch|flush|float|float4|float8|for|force|foreign|from|fulltext|grant|group|having|high_priority|hour_microsecond|hour_minute|hour_second|identified|if|ignore|in|index|infile|inner|inout|insensitive|insert|int|int1|int2|int3|int4|int8|integer|interval|into|is|iterate|join|key|keys|kill|leading|leave|left|like|limit|lines|load|localtime|localtimestamp|lock|long|loop|low_priority|match|minute_microsecond|minute_second|mod|modifies|natural|no_write_to_binlog|not|numeric|on|optimize|option|optionally|or|order|out|outer|outfile|precision|primary|privileges|procedure|purge|raid0|read|reads|real|references|regexp|release|rename|repeat|replace|require|restrict|return|revoke|right|rlike|schema|schemas|second_microsecond|select|sensitive|separator|set|show|smallint|soname|spatial|specific|sql|sql_big_result|sql_calc_found_rows|sql_small_result|sqlexception|sqlstate|sqlwarning|ssl|starting|straight_join|table|terminated|then|to|trailing|trigger|undo|union|unique|unlock|unsigned|update|usage|use|user|using|utc_date|utc_time|utc_timestamp|values|varying|when|where|while|with|write|x509|xor|year_month|zerofill)\b`, Keyword, nil},
 			{`\b(auto_increment|engine|charset|tables)\b`, KeywordPseudo, nil},
 			{`(true|false|null)`, NameConstant, nil},
-			{`([a-z_]\w*)(\s*)(\()`, ByGroups(NameFunction, Text, Punctuation), nil},
+			{`([a-z_]\w*)(\s*)(\()`, ByGroups(NameFunction, TextWhitespace, Punctuation), nil},
 			{`[a-z_]\w*`, Name, nil},
 			{`@[a-z0-9]*[._]*[a-z0-9]*`, NameVariable, nil},
 			{`[;:()\[\],.]`, Punctuation, nil},
@@ -50,5 +54,5 @@ var MySQL = internal.Register(MustNewLexer(
 			{`""`, LiteralStringDouble, nil},
 			{`"`, LiteralStringDouble, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/n/nasm.go b/vendor/github.com/alecthomas/chroma/lexers/n/nasm.go
index d769d15752..de6734e865 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/n/nasm.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/n/nasm.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Nasm lexer.
-var Nasm = internal.Register(MustNewLexer(
+var Nasm = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "NASM",
 		Aliases:         []string{"nasm"},
@@ -14,7 +14,11 @@ var Nasm = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-nasm"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	nasmRules,
+))
+
+func nasmRules() Rules {
+	return Rules{
 		"root": {
 			{`^\s*%`, CommentPreproc, Push("preproc")},
 			Include("whitespace"),
@@ -55,5 +59,5 @@ var Nasm = internal.Register(MustNewLexer(
 			{`seg|wrt|strict`, OperatorWord, nil},
 			{`byte|[dq]?word`, KeywordType, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/n/newspeak.go b/vendor/github.com/alecthomas/chroma/lexers/n/newspeak.go
index 1a6a37bd21..c9d3ae032b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/n/newspeak.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/n/newspeak.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Newspeak lexer.
-var Newspeak = internal.Register(MustNewLexer(
+var Newspeak = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Newspeak",
 		Aliases:   []string{"newspeak"},
 		Filenames: []string{"*.ns2"},
 		MimeTypes: []string{"text/x-newspeak"},
 	},
-	Rules{
+	newspeakRules,
+))
+
+func newspeakRules() Rules {
+	return Rules{
 		"root": {
 			{`\b(Newsqueak2)\b`, KeywordDeclaration, nil},
 			{`'[^']*'`, LiteralString, nil},
@@ -51,5 +55,5 @@ var Newspeak = internal.Register(MustNewLexer(
 			{`\s+`, Text, nil},
 			{`"[^"]*"`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/n/nginx.go b/vendor/github.com/alecthomas/chroma/lexers/n/nginx.go
index 840d100b7e..6d80523ec7 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/n/nginx.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/n/nginx.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Nginx Configuration File lexer.
-var Nginx = internal.Register(MustNewLexer(
+var Nginx = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Nginx configuration file",
 		Aliases:   []string{"nginx"},
 		Filenames: []string{"nginx.conf"},
 		MimeTypes: []string{"text/x-nginx-conf"},
 	},
-	Rules{
+	nginxRules,
+))
+
+func nginxRules() Rules {
+	return Rules{
 		"root": {
 			{`(include)(\s+)([^\s;]+)`, ByGroups(Keyword, Text, Name), nil},
 			{`[^\s;#]+`, Keyword, Push("stmt")},
@@ -43,5 +47,5 @@ var Nginx = internal.Register(MustNewLexer(
 			{`\s+`, Text, nil},
 			{`[$;]`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/n/nim.go b/vendor/github.com/alecthomas/chroma/lexers/n/nim.go
index b08c2f94d4..3f98086b45 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/n/nim.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/n/nim.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Nim lexer.
-var Nim = internal.Register(MustNewLexer(
+var Nim = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Nim",
 		Aliases:         []string{"nim", "nimrod"},
@@ -14,7 +14,11 @@ var Nim = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-nim"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	nimRules,
+))
+
+func nimRules() Rules {
+	return Rules{
 		"root": {
 			{`#\[[\s\S]*?\]#`, CommentMultiline, nil},
 			{`##.*$`, LiteralStringDoc, nil},
@@ -89,5 +93,5 @@ var Nim = internal.Register(MustNewLexer(
 			{`\'i(8|16)`, LiteralNumberInteger, nil},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/n/nix.go b/vendor/github.com/alecthomas/chroma/lexers/n/nix.go
index 7e21dd7c9d..874560a565 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/n/nix.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/n/nix.go
@@ -7,18 +7,22 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-// nixb matches right boundary of a nix word. Use it instead of \b.
-const nixb = `(?![a-zA-Z0-9_'-])`
-
 // Nix lexer.
-var Nix = internal.Register(MustNewLexer(
+var Nix = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Nix",
 		Aliases:   []string{"nixos", "nix"},
 		Filenames: []string{"*.nix"},
 		MimeTypes: []string{"text/x-nix"},
 	},
-	Rules{
+	nixRules,
+))
+
+func nixRules() Rules {
+	// nixb matches right boundary of a nix word. Use it instead of \b.
+	const nixb = `(?![a-zA-Z0-9_'-])`
+
+	return Rules{
 		"root": {
 			Include("keywords"),
 			Include("builtins"),
@@ -118,5 +122,5 @@ var Nix = internal.Register(MustNewLexer(
 		"space": {
 			{`[ \t\r\n]+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/o/objectivec.go b/vendor/github.com/alecthomas/chroma/lexers/o/objectivec.go
index e3d0b1c4fc..0ae3029609 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/o/objectivec.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/o/objectivec.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Objective-C lexer.
-var ObjectiveC = internal.Register(MustNewLexer(
+var ObjectiveC = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Objective-C",
 		Aliases:   []string{"objective-c", "objectivec", "obj-c", "objc"},
 		Filenames: []string{"*.m", "*.h"},
 		MimeTypes: []string{"text/x-objective-c"},
 	},
-	Rules{
+	objectiveCRules,
+))
+
+func objectiveCRules() Rules {
+	return Rules{
 		"statements": {
 			{`@"`, LiteralString, Push("string")},
 			{`@(YES|NO)`, LiteralNumber, nil},
@@ -161,5 +165,5 @@ var ObjectiveC = internal.Register(MustNewLexer(
 			{`^\s*#endif.*?(?<!\\)\n`, CommentPreproc, Pop(1)},
 			{`.*?\n`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/o/ocaml.go b/vendor/github.com/alecthomas/chroma/lexers/o/ocaml.go
index b6b67edd73..07fcff9956 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/o/ocaml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/o/ocaml.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Ocaml lexer.
-var Ocaml = internal.Register(MustNewLexer(
+var Ocaml = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "OCaml",
 		Aliases:   []string{"ocaml"},
 		Filenames: []string{"*.ml", "*.mli", "*.mll", "*.mly"},
 		MimeTypes: []string{"text/x-ocaml"},
 	},
-	Rules{
+	ocamlRules,
+))
+
+func ocamlRules() Rules {
+	return Rules{
 		"escape-sequence": {
 			{`\\[\\"\'ntbr]`, LiteralStringEscape, nil},
 			{`\\[0-9]{3}`, LiteralStringEscape, nil},
@@ -62,5 +66,5 @@ var Ocaml = internal.Register(MustNewLexer(
 			{`[a-z_][\w\']*`, Name, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/o/octave.go b/vendor/github.com/alecthomas/chroma/lexers/o/octave.go
index c23b586f23..99fe298c7a 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/o/octave.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/o/octave.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Octave lexer.
-var Octave = internal.Register(MustNewLexer(
+var Octave = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Octave",
 		Aliases:   []string{"octave"},
 		Filenames: []string{"*.m"},
 		MimeTypes: []string{"text/octave"},
 	},
-	Rules{
+	octaveRules,
+))
+
+func octaveRules() Rules {
+	return Rules{
 		"root": {
 			{`[%#].*$`, Comment, nil},
 			{`^\s*function`, Keyword, Push("deffunc")},
@@ -42,5 +46,5 @@ var Octave = internal.Register(MustNewLexer(
 			{`(\s*)(?:(.+)(\s*)(=)(\s*))?(.+)(\()(.*)(\))(\s*)`, ByGroups(TextWhitespace, Text, TextWhitespace, Punctuation, TextWhitespace, NameFunction, Punctuation, Text, Punctuation, TextWhitespace), Pop(1)},
 			{`(\s*)([a-zA-Z_]\w*)`, ByGroups(Text, NameFunction), Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/o/openscad.go b/vendor/github.com/alecthomas/chroma/lexers/o/openscad.go
index 1215d7a998..d18b9caab4 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/o/openscad.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/o/openscad.go
@@ -5,14 +5,18 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var OpenSCAD = internal.Register(MustNewLexer(
+var OpenSCAD = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "OpenSCAD",
 		Aliases:   []string{"openscad"},
 		Filenames: []string{"*.scad"},
 		MimeTypes: []string{"text/x-scad"},
 	},
-	Rules{
+	openSCADRules,
+))
+
+func openSCADRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+`, Text, nil},
 			{`\n`, Text, nil},
@@ -39,5 +43,5 @@ var OpenSCAD = internal.Register(MustNewLexer(
 			{"(<)([^>]*)(>)", ByGroups(Punctuation, CommentPreprocFile, Punctuation), nil},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/o/org.go b/vendor/github.com/alecthomas/chroma/lexers/o/org.go
index 1064eaf0f0..00f6df4450 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/o/org.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/o/org.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Org mode lexer.
-var Org = internal.Register(MustNewLexer(
+var Org = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Org Mode",
 		Aliases:   []string{"org", "orgmode"},
 		Filenames: []string{"*.org"},
 		MimeTypes: []string{"text/org"}, // https://lists.gnu.org/r/emacs-orgmode/2017-09/msg00087.html
 	},
-	Rules{
+	orgRules,
+))
+
+func orgRules() Rules {
+	return Rules{
 		"root": {
 			{`^# .*$`, Comment, nil},
 			// Headings
@@ -45,7 +49,8 @@ var Org = internal.Register(MustNewLexer(
 			// - Comment Blocks
 			{`(?i)^( *#\+begin_comment *\n)([\w\W]*?)(^ *#\+end_comment *$)`, ByGroups(Comment, Comment, Comment), nil},
 			// - Src Blocks
-			{`(?i)^( *#\+begin_src )([^ \n]+)(.*?\n)([\w\W]*?)(^ *#\+end_src *$)`,
+			{
+				`(?i)^( *#\+begin_src )([^ \n]+)(.*?\n)([\w\W]*?)(^ *#\+end_src *$)`,
 				UsingByGroup(
 					internal.Get,
 					2, 4,
@@ -54,7 +59,8 @@ var Org = internal.Register(MustNewLexer(
 				nil,
 			},
 			// - Export Blocks
-			{`(?i)^( *#\+begin_export )(\w+)( *\n)([\w\W]*?)(^ *#\+end_export *$)`,
+			{
+				`(?i)^( *#\+begin_export )(\w+)( *\n)([\w\W]*?)(^ *#\+end_export *$)`,
 				UsingByGroup(
 					internal.Get,
 					2, 4,
@@ -98,5 +104,5 @@ var Org = internal.Register(MustNewLexer(
 			// Any other text
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/pacman.go b/vendor/github.com/alecthomas/chroma/lexers/p/pacman.go
index 807b67c564..00c6255af6 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/pacman.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/pacman.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Pacmanconf lexer.
-var Pacmanconf = internal.Register(MustNewLexer(
+var Pacmanconf = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "PacmanConf",
 		Aliases:   []string{"pacmanconf"},
 		Filenames: []string{"pacman.conf"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	pacmanconfRules,
+))
+
+func pacmanconfRules() Rules {
+	return Rules{
 		"root": {
 			{`#.*$`, CommentSingle, nil},
 			{`^\s*\[.*?\]\s*$`, Keyword, nil},
@@ -22,5 +26,5 @@ var Pacmanconf = internal.Register(MustNewLexer(
 			{Words(``, `\b`, `$repo`, `$arch`, `%o`, `%u`), NameVariable, nil},
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/perl.go b/vendor/github.com/alecthomas/chroma/lexers/p/perl.go
index 0a2b35b9a3..6aa338ad11 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/perl.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/perl.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Perl lexer.
-var Perl = internal.Register(MustNewLexer(
+var Perl = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Perl",
 		Aliases:   []string{"perl", "pl"},
@@ -14,7 +14,11 @@ var Perl = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-perl", "application/x-perl"},
 		DotAll:    true,
 	},
-	Rules{
+	perlRules,
+))
+
+func perlRules() Rules {
+	return Rules{
 		"balanced-regex": {
 			{`/(\\\\|\\[^\\]|[^\\/])*/[egimosx]*`, LiteralStringRegex, Pop(1)},
 			{`!(\\\\|\\[^\\]|[^\\!])*![egimosx]*`, LiteralStringRegex, Pop(1)},
@@ -134,5 +138,5 @@ var Perl = internal.Register(MustNewLexer(
 		"end-part": {
 			{`.+`, CommentPreproc, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/pig.go b/vendor/github.com/alecthomas/chroma/lexers/p/pig.go
index 0dbc591ad1..f2852c18ae 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/pig.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/pig.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Pig lexer.
-var Pig = internal.Register(MustNewLexer(
+var Pig = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Pig",
 		Aliases:         []string{"pig"},
@@ -14,7 +14,11 @@ var Pig = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-pig"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	pigRules,
+))
+
+func pigRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`--.*`, Comment, nil},
@@ -53,5 +57,5 @@ var Pig = internal.Register(MustNewLexer(
 			{`(eq|gt|lt|gte|lte|neq|matches)\b`, Operator, nil},
 			{`(==|<=|<|>=|>|!=)`, Operator, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/pkgconfig.go b/vendor/github.com/alecthomas/chroma/lexers/p/pkgconfig.go
index 0a4872e765..9e024107f7 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/pkgconfig.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/pkgconfig.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Pkgconfig lexer.
-var Pkgconfig = internal.Register(MustNewLexer(
+var Pkgconfig = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "PkgConfig",
 		Aliases:   []string{"pkgconfig"},
 		Filenames: []string{"*.pc"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	pkgconfigRules,
+))
+
+func pkgconfigRules() Rules {
+	return Rules{
 		"root": {
 			{`#.*$`, CommentSingle, nil},
 			{`^(\w+)(=)`, ByGroups(NameAttribute, Operator), nil},
@@ -37,5 +41,5 @@ var Pkgconfig = internal.Register(MustNewLexer(
 			{`[^${}#\n]+`, Text, nil},
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/plaintext.go b/vendor/github.com/alecthomas/chroma/lexers/p/plaintext.go
index 7b252930fb..058c02a89f 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/plaintext.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/plaintext.go
@@ -5,7 +5,7 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var Plaintext = internal.Register(MustNewLexer(
+var Plaintext = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "plaintext",
 		Aliases:   []string{"text", "plain", "no-highlight"},
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/plsql.go b/vendor/github.com/alecthomas/chroma/lexers/p/plsql.go
index a6068fd221..324d3feb2a 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/plsql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/plsql.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Pl/Pgsql lexer.
-var PLpgSQL = internal.Register(MustNewLexer(
+var PLpgSQL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "PL/pgSQL",
 		Aliases:         []string{"plpgsql"},
@@ -15,13 +15,17 @@ var PLpgSQL = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	plpgSQLRules,
+))
+
+func plpgSQLRules() Rules {
+	return Rules{
 		"root": {
 			{`\%[a-z]\w*\b`, NameBuiltin, nil},
 			{`:=`, Operator, nil},
 			{`\<\<[a-z]\w*\>\>`, NameLabel, nil},
 			{`\#[a-z]\w*\b`, KeywordPseudo, nil},
-			{`\s+`, Text, nil},
+			{`\s+`, TextWhitespace, nil},
 			{`--.*\n?`, CommentSingle, nil},
 			{`/\*`, CommentMultiline, Push("multiline-comments")},
 			{`(bigint|bigserial|bit|bit\s+varying|bool|boolean|box|bytea|char|character|character\s+varying|cidr|circle|date|decimal|double\s+precision|float4|float8|inet|int|int2|int4|int8|integer|interval|json|jsonb|line|lseg|macaddr|money|numeric|path|pg_lsn|point|polygon|real|serial|serial2|serial4|serial8|smallint|smallserial|text|time|timestamp|timestamptz|timetz|tsquery|tsvector|txid_snapshot|uuid|varbit|varchar|with\s+time\s+zone|without\s+time\s+zone|xml|anyarray|anyelement|anyenum|anynonarray|anyrange|cstring|fdw_handler|internal|language_handler|opaque|record|void)\b`, NameBuiltin, nil},
@@ -54,5 +58,5 @@ var PLpgSQL = internal.Register(MustNewLexer(
 			{`""`, LiteralStringName, nil},
 			{`"`, LiteralStringName, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/pony.go b/vendor/github.com/alecthomas/chroma/lexers/p/pony.go
index 9696b2079b..41d568289a 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/pony.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/pony.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Pony lexer.
-var Pony = internal.Register(MustNewLexer(
+var Pony = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Pony",
 		Aliases:   []string{"pony"},
 		Filenames: []string{"*.pony"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	ponyRules,
+))
+
+func ponyRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`[^\S\n]+`, Text, nil},
@@ -55,5 +59,5 @@ var Pony = internal.Register(MustNewLexer(
 			{`\\"`, LiteralString, nil},
 			{`[^\\"]+`, LiteralString, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/postgres.go b/vendor/github.com/alecthomas/chroma/lexers/p/postgres.go
index 3afa54debb..8977e2cfd4 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/postgres.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/postgres.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Postgresql Sql Dialect lexer.
-var PostgreSQL = internal.Register(MustNewLexer(
+var PostgreSQL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "PostgreSQL SQL dialect",
 		Aliases:         []string{"postgresql", "postgres"},
@@ -15,13 +15,18 @@ var PostgreSQL = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	postgreSQLRules,
+))
+
+func postgreSQLRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`--.*\n?`, CommentSingle, nil},
 			{`/\*`, CommentMultiline, Push("multiline-comments")},
 			{`(bigint|bigserial|bit|bit\s+varying|bool|boolean|box|bytea|char|character|character\s+varying|cidr|circle|date|decimal|double\s+precision|float4|float8|inet|int|int2|int4|int8|integer|interval|json|jsonb|line|lseg|macaddr|money|numeric|path|pg_lsn|point|polygon|real|serial|serial2|serial4|serial8|smallint|smallserial|text|time|timestamp|timestamptz|timetz|tsquery|tsvector|txid_snapshot|uuid|varbit|varchar|with\s+time\s+zone|without\s+time\s+zone|xml|anyarray|anyelement|anyenum|anynonarray|anyrange|cstring|fdw_handler|internal|language_handler|opaque|record|void)\b`, NameBuiltin, nil},
-			{`(?s)(DO)(\s+)(?:(LANGUAGE)?(\s+)('?)(\w+)?('?)(\s+))?(\$)([^$]*)(\$)(.*?)(\$)(\10)(\$)`,
+			{
+				`(?s)(DO)(\s+)(?:(LANGUAGE)?(\s+)('?)(\w+)?('?)(\s+))?(\$)([^$]*)(\$)(.*?)(\$)(\10)(\$)`,
 				UsingByGroup(
 					internal.Get,
 					6, 12,
@@ -41,7 +46,8 @@ var PostgreSQL = internal.Register(MustNewLexer(
 			{`[0-9]+`, LiteralNumberInteger, nil},
 			{`((?:E|U&)?)(')`, ByGroups(LiteralStringAffix, LiteralStringSingle), Push("string")},
 			{`((?:U&)?)(")`, ByGroups(LiteralStringAffix, LiteralStringName), Push("quoted-ident")},
-			{`(?s)(\$)([^$]*)(\$)(.*?)(\$)(\2)(\$)(\s+)(LANGUAGE)?(\s+)('?)(\w+)?('?)`,
+			{
+				`(?s)(\$)([^$]*)(\$)(.*?)(\$)(\2)(\$)(\s+)(LANGUAGE)?(\s+)('?)(\w+)?('?)`,
 				UsingByGroup(internal.Get,
 					12, 4,
 					StringHeredoc, StringHeredoc, StringHeredoc, // $tag$
@@ -73,5 +79,5 @@ var PostgreSQL = internal.Register(MustNewLexer(
 			{`""`, LiteralStringName, nil},
 			{`"`, LiteralStringName, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/postscript.go b/vendor/github.com/alecthomas/chroma/lexers/p/postscript.go
index 0cfa3a5f12..0b51ba5ef3 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/postscript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/postscript.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Postscript lexer.
-var Postscript = internal.Register(MustNewLexer(
+var Postscript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "PostScript",
 		Aliases:   []string{"postscript", "postscr"},
 		Filenames: []string{"*.ps", "*.eps"},
 		MimeTypes: []string{"application/postscript"},
 	},
-	Rules{
+	postscriptRules,
+))
+
+func postscriptRules() Rules {
+	return Rules{
 		"root": {
 			{`^%!.+\n`, CommentPreproc, nil},
 			{`%%.*\n`, CommentSpecial, nil},
@@ -42,5 +46,5 @@ var Postscript = internal.Register(MustNewLexer(
 			{`[0-8]{3}|n|r|t|b|f|\\|\(|\)`, LiteralStringEscape, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/povray.go b/vendor/github.com/alecthomas/chroma/lexers/p/povray.go
index 6f1bb52493..2d870f1063 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/povray.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/povray.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Povray lexer.
-var Povray = internal.Register(MustNewLexer(
+var Povray = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "POVRay",
 		Aliases:   []string{"pov"},
 		Filenames: []string{"*.pov", "*.inc"},
 		MimeTypes: []string{"text/x-povray"},
 	},
-	Rules{
+	povrayRules,
+))
+
+func povrayRules() Rules {
+	return Rules{
 		"root": {
 			{`/\*[\w\W]*?\*/`, CommentMultiline, nil},
 			{`//.*\n`, CommentSingle, nil},
@@ -31,5 +35,5 @@ var Povray = internal.Register(MustNewLexer(
 			{`"(\\\\|\\"|[^"])*"`, LiteralString, nil},
 			{`\s+`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/powershell.go b/vendor/github.com/alecthomas/chroma/lexers/p/powershell.go
index 10eba4f955..9b7b56ee02 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/powershell.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/powershell.go
@@ -6,16 +6,20 @@ import (
 )
 
 // Powershell lexer.
-var Powershell = internal.Register(MustNewLexer(
+var Powershell = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "PowerShell",
-		Aliases:         []string{"powershell", "posh", "ps1", "psm1"},
-		Filenames:       []string{"*.ps1", "*.psm1"},
+		Aliases:         []string{"powershell", "posh", "ps1", "psm1", "psd1"},
+		Filenames:       []string{"*.ps1", "*.psm1", "*.psd1"},
 		MimeTypes:       []string{"text/x-powershell"},
 		DotAll:          true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	powershellRules,
+))
+
+func powershellRules() Rules {
+	return Rules{
 		"root": {
 			{`\(`, Punctuation, Push("child")},
 			{`\s+`, Text, nil},
@@ -29,9 +33,9 @@ var Powershell = internal.Register(MustNewLexer(
 			{`"`, LiteralStringDouble, Push("string")},
 			{`'([^']|'')*'`, LiteralStringSingle, nil},
 			{`(\$|@@|@)((global|script|private|env):)?\w+`, NameVariable, nil},
+			{`[a-z]\w*-[a-z]\w*\b`, NameBuiltin, nil},
 			{`(while|validateset|validaterange|validatepattern|validatelength|validatecount|until|trap|switch|return|ref|process|param|parameter|in|if|global:|function|foreach|for|finally|filter|end|elseif|else|dynamicparam|do|default|continue|cmdletbinding|break|begin|alias|\?|%|#script|#private|#local|#global|mandatory|parametersetname|position|valuefrompipeline|valuefrompipelinebypropertyname|valuefromremainingarguments|helpmessage|try|catch|throw)\b`, Keyword, nil},
 			{`-(and|as|band|bnot|bor|bxor|casesensitive|ccontains|ceq|cge|cgt|cle|clike|clt|cmatch|cne|cnotcontains|cnotlike|cnotmatch|contains|creplace|eq|exact|f|file|ge|gt|icontains|ieq|ige|igt|ile|ilike|ilt|imatch|ine|inotcontains|inotlike|inotmatch|ireplace|is|isnot|le|like|lt|match|ne|not|notcontains|notlike|notmatch|or|regex|replace|wildcard)\b`, Operator, nil},
-			{`(write|where|watch|wait|use|update|unregister|unpublish|unprotect|unlock|uninstall|undo|unblock|trace|test|tee|take|sync|switch|suspend|submit|stop|step|start|split|sort|skip|show|set|send|select|search|scroll|save|revoke|resume|restore|restart|resolve|resize|reset|request|repair|rename|remove|register|redo|receive|read|push|publish|protect|pop|ping|out|optimize|open|new|move|mount|merge|measure|lock|limit|join|invoke|install|initialize|import|hide|group|grant|get|format|foreach|find|export|expand|exit|enter|enable|edit|dismount|disconnect|disable|deny|debug|cxnew|copy|convertto|convertfrom|convert|connect|confirm|compress|complete|compare|close|clear|checkpoint|block|backup|assert|approve|aggregate|add)-[a-z_]\w*\b`, NameBuiltin, nil},
 			{`(ac|asnp|cat|cd|cfs|chdir|clc|clear|clhy|cli|clp|cls|clv|cnsn|compare|copy|cp|cpi|cpp|curl|cvpa|dbp|del|diff|dir|dnsn|ebp|echo|epal|epcsv|epsn|erase|etsn|exsn|fc|fhx|fl|foreach|ft|fw|gal|gbp|gc|gci|gcm|gcs|gdr|ghy|gi|gjb|gl|gm|gmo|gp|gps|gpv|group|gsn|gsnp|gsv|gu|gv|gwmi|h|history|icm|iex|ihy|ii|ipal|ipcsv|ipmo|ipsn|irm|ise|iwmi|iwr|kill|lp|ls|man|md|measure|mi|mount|move|mp|mv|nal|ndr|ni|nmo|npssc|nsn|nv|ogv|oh|popd|ps|pushd|pwd|r|rbp|rcjb|rcsn|rd|rdr|ren|ri|rjb|rm|rmdir|rmo|rni|rnp|rp|rsn|rsnp|rujb|rv|rvpa|rwmi|sajb|sal|saps|sasv|sbp|sc|select|set|shcm|si|sl|sleep|sls|sort|sp|spjb|spps|spsv|start|sujb|sv|swmi|tee|trcm|type|wget|where|wjb|write)\s`, NameBuiltin, nil},
 			{"\\[[a-z_\\[][\\w. `,\\[\\]]*\\]", NameConstant, nil},
 			{`-[a-z_]\w*`, Name, nil},
@@ -62,5 +66,5 @@ var Powershell = internal.Register(MustNewLexer(
 			{`[^@\n]+"]`, LiteralStringHeredoc, nil},
 			{`.`, LiteralStringHeredoc, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/prolog.go b/vendor/github.com/alecthomas/chroma/lexers/p/prolog.go
index 08b48121b3..a2f346b626 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/prolog.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/prolog.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Prolog lexer.
-var Prolog = internal.Register(MustNewLexer(
+var Prolog = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Prolog",
 		Aliases:   []string{"prolog"},
 		Filenames: []string{"*.ecl", "*.prolog", "*.pro", "*.pl"},
 		MimeTypes: []string{"text/x-prolog"},
 	},
-	Rules{
+	prologRules,
+))
+
+func prologRules() Rules {
+	return Rules{
 		"root": {
 			{`/\*`, CommentMultiline, Push("nested-comment")},
 			{`%.*`, CommentSingle, nil},
@@ -46,5 +50,5 @@ var Prolog = internal.Register(MustNewLexer(
 			{`[^*/]+`, CommentMultiline, nil},
 			{`[*/]`, CommentMultiline, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/promql.go b/vendor/github.com/alecthomas/chroma/lexers/p/promql.go
index 38982e16e2..e80b926c2e 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/promql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/promql.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Promql lexer.
-var Promql = internal.Register(MustNewLexer(
+var Promql = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "PromQL",
 		Aliases:   []string{"promql"},
 		Filenames: []string{"*.promql"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	promqlRules,
+))
+
+func promqlRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, TextWhitespace, nil},
 			{`\s+`, TextWhitespace, nil},
@@ -40,7 +44,7 @@ var Promql = internal.Register(MustNewLexer(
 			{`\n`, TextWhitespace, nil},
 			{`\s+`, TextWhitespace, nil},
 			{`,`, Punctuation, nil},
-			{`([_a-zA-Z][a-zA-Z0-9_]*?)(\s*?)(=~|!=|=|~!)(\s*?)(")(.*?)(")`, ByGroups(NameLabel, TextWhitespace, Operator, TextWhitespace, Punctuation, LiteralString, Punctuation), nil},
+			{`([_a-zA-Z][a-zA-Z0-9_]*?)(\s*?)(=~|!=|=|!~)(\s*?)("|')(.*?)("|')`, ByGroups(NameLabel, TextWhitespace, Operator, TextWhitespace, Punctuation, LiteralString, Punctuation), nil},
 		},
 		"range": {
 			{`\]`, Punctuation, Pop(1)},
@@ -51,5 +55,5 @@ var Promql = internal.Register(MustNewLexer(
 			{`\(`, Operator, Push()},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/protobuf.go b/vendor/github.com/alecthomas/chroma/lexers/p/protobuf.go
index 30140131c8..76576cb350 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/protobuf.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/protobuf.go
@@ -6,14 +6,18 @@ import (
 )
 
 // ProtocolBuffer lexer.
-var ProtocolBuffer = internal.Register(MustNewLexer(
+var ProtocolBuffer = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Protocol Buffer",
 		Aliases:   []string{"protobuf", "proto"},
 		Filenames: []string{"*.proto"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	protocolBufferRules,
+))
+
+func protocolBufferRules() Rules {
+	return Rules{
 		"root": {
 			{`[ \t]+`, Text, nil},
 			{`[,;{}\[\]()<>]`, Punctuation, nil},
@@ -49,5 +53,5 @@ var ProtocolBuffer = internal.Register(MustNewLexer(
 			{`[a-zA-Z_]\w*`, Name, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/puppet.go b/vendor/github.com/alecthomas/chroma/lexers/p/puppet.go
index a1db0d27bd..b32caed09b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/puppet.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/puppet.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Puppet lexer.
-var Puppet = internal.Register(MustNewLexer(
+var Puppet = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Puppet",
 		Aliases:   []string{"puppet"},
 		Filenames: []string{"*.pp"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	puppetRules,
+))
+
+func puppetRules() Rules {
+	return Rules{
 		"root": {
 			Include("comments"),
 			Include("keywords"),
@@ -52,5 +56,5 @@ var Puppet = internal.Register(MustNewLexer(
 			{`"([^"])*"`, LiteralString, nil},
 			{`'(\\'|[^'])*'`, LiteralString, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/python.go b/vendor/github.com/alecthomas/chroma/lexers/p/python.go
index 77f2c8db6d..032e487d06 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/python.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/python.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Python lexer.
-var Python = internal.Register(MustNewLexer(
+var Python = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Python",
 		Aliases:   []string{"python", "py", "sage"},
 		Filenames: []string{"*.py", "*.pyw", "*.sc", "SConstruct", "SConscript", "*.tac", "*.sage"},
 		MimeTypes: []string{"text/x-python", "application/x-python"},
 	},
-	Rules{
+	pythonRules,
+))
+
+func pythonRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`^(\s*)([rRuUbB]{,2})("""(?:.|\n)*?""")`, ByGroups(Text, LiteralStringAffix, LiteralStringDoc), nil},
@@ -65,9 +69,9 @@ var Python = internal.Register(MustNewLexer(
 			{`\d+[eE][+-]?[0-9]+j?`, LiteralNumberFloat, nil},
 			{`0[0-7]+j?`, LiteralNumberOct, nil},
 			{`0[bB][01]+`, LiteralNumberBin, nil},
-			{`0[xX][a-fA-F0-9]+`, LiteralNumberHex, nil},
+			{`0[xX][a-fA-F0-9_]+`, LiteralNumberHex, nil},
 			{`\d+L`, LiteralNumberIntegerLong, nil},
-			{`\d+j?`, LiteralNumberInteger, nil},
+			{`[\d_]+j?`, LiteralNumberInteger, nil},
 		},
 		"backtick": {
 			{"`.*?`", LiteralStringBacktick, nil},
@@ -133,5 +137,5 @@ var Python = internal.Register(MustNewLexer(
 			Include("strings-single"),
 			{`\n`, LiteralStringSingle, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/p/python3.go b/vendor/github.com/alecthomas/chroma/lexers/p/python3.go
index 980799824d..a2402b8ff4 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/p/python3.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/p/python3.go
@@ -5,17 +5,21 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var python3Identifier = `[A-Z_a-zªµºÀ-ÖØ-öø-ˁˆ-ˑˠ-ˤˬˮͰ-ʹͶ-ͷͻ-ͽΆΈ-ΊΌΎ-ΡΣ-ϵϷ-ҁҊ-ԧԱ-Ֆՙա-ևא-תװ-ײؠ-يٮ-ٯٱ-ۓەۥ-ۦۮ-ۯۺ-ۼۿܐܒ-ܯݍ-ޥޱߊ-ߪߴ-ߵߺࠀ-ࠕࠚࠤࠨࡀ-ࡘࢠࢢ-ࢬऄ-हऽॐक़-ॡॱ-ॷॹ-ॿঅ-ঌএ-ঐও-নপ-রলশ-হঽৎড়-ঢ়য়-ৡৰ-ৱਅ-ਊਏ-ਐਓ-ਨਪ-ਰਲ-ਲ਼ਵ-ਸ਼ਸ-ਹਖ਼-ੜਫ਼ੲ-ੴઅ-ઍએ-ઑઓ-નપ-રલ-ળવ-હઽૐૠ-ૡଅ-ଌଏ-ଐଓ-ନପ-ରଲ-ଳଵ-ହଽଡ଼-ଢ଼ୟ-ୡୱஃஅ-ஊஎ-ஐஒ-கங-சஜஞ-டண-தந-பம-ஹௐఅ-ఌఎ-ఐఒ-నప-ళవ-హఽౘ-ౙౠ-ౡಅ-ಌಎ-ಐಒ-ನಪ-ಳವ-ಹಽೞೠ-ೡೱ-ೲഅ-ഌഎ-ഐഒ-ഺഽൎൠ-ൡൺ-ൿඅ-ඖක-නඳ-රලව-ෆก-ะาเ-ๆກ-ຂຄງ-ຈຊຍດ-ທນ-ຟມ-ຣລວສ-ຫອ-ະາຽເ-ໄໆໜ-ໟༀཀ-ཇཉ-ཬྈ-ྌက-ဪဿၐ-ၕၚ-ၝၡၥ-ၦၮ-ၰၵ-ႁႎႠ-ჅჇჍა-ჺჼ-ቈቊ-ቍቐ-ቖቘቚ-ቝበ-ኈኊ-ኍነ-ኰኲ-ኵኸ-ኾዀዂ-ዅወ-ዖዘ-ጐጒ-ጕጘ-ፚᎀ-ᎏᎠ-Ᏼᐁ-ᙬᙯ-ᙿᚁ-ᚚᚠ-ᛪᛮ-ᛰᜀ-ᜌᜎ-ᜑᜠ-ᜱᝀ-ᝑᝠ-ᝬᝮ-ᝰក-ឳៗៜᠠ-ᡷᢀ-ᢨᢪᢰ-ᣵᤀ-ᤜᥐ-ᥭᥰ-ᥴᦀ-ᦫᧁ-ᧇᨀ-ᨖᨠ-ᩔᪧᬅ-ᬳᭅ-ᭋᮃ-ᮠᮮ-ᮯᮺ-ᯥᰀ-ᰣᱍ-ᱏᱚ-ᱽᳩ-ᳬᳮ-ᳱᳵ-ᳶᴀ-ᶿḀ-ἕἘ-Ἕἠ-ὅὈ-Ὅὐ-ὗὙὛὝὟ-ώᾀ-ᾴᾶ-ᾼιῂ-ῄῆ-ῌῐ-ΐῖ-Ίῠ-Ῥῲ-ῴῶ-ῼⁱⁿₐ-ₜℂℇℊ-ℓℕ℘-ℝℤΩℨK-ℹℼ-ℿⅅ-ⅉⅎⅠ-ↈⰀ-Ⱞⰰ-ⱞⱠ-ⳤⳫ-ⳮⳲ-ⳳⴀ-ⴥⴧⴭⴰ-ⵧⵯⶀ-ⶖⶠ-ⶦⶨ-ⶮⶰ-ⶶⶸ-ⶾⷀ-ⷆⷈ-ⷎⷐ-ⷖⷘ-ⷞ々-〇〡-〩〱-〵〸-〼ぁ-ゖゝ-ゟァ-ヺー-ヿㄅ-ㄭㄱ-ㆎㆠ-ㆺㇰ-ㇿ㐀-䶵一-鿌ꀀ-ꒌꓐ-ꓽꔀ-ꘌꘐ-ꘟꘪ-ꘫꙀ-ꙮꙿ-ꚗꚠ-ꛯꜗ-ꜟꜢ-ꞈꞋ-ꞎꞐ-ꞓꞠ-Ɦꟸ-ꠁꠃ-ꠅꠇ-ꠊꠌ-ꠢꡀ-ꡳꢂ-ꢳꣲ-ꣷꣻꤊ-ꤥꤰ-ꥆꥠ-ꥼꦄ-ꦲꧏꨀ-ꨨꩀ-ꩂꩄ-ꩋꩠ-ꩶꩺꪀ-ꪯꪱꪵ-ꪶꪹ-ꪽꫀꫂꫛ-ꫝꫠ-ꫪꫲ-ꫴꬁ-ꬆꬉ-ꬎꬑ-ꬖꬠ-ꬦꬨ-ꬮꯀ-ꯢ가-힣ힰ-ퟆퟋ-ퟻ豈-舘並-龎ff-stﬓ-ﬗיִײַ-ﬨשׁ-זּטּ-לּמּנּ-סּףּ-פּצּ-ﮱﯓ-ﱝﱤ-ﴽﵐ-ﶏﶒ-ﷇﷰ-ﷹﹱﹳﹷﹹﹻﹽﹿ-ﻼＡ-Ｚａ-ｚｦ-ﾝﾠ-ﾾￂ-ￇￊ-ￏￒ-ￗￚ-ￜ𐀀-𐀋𐀍-𐀦𐀨-𐀺𐀼-𐀽𐀿-𐁍𐁐-𐁝𐂀-𐃺𐅀-𐅴𐊀-𐊜𐊠-𐋐𐌀-𐌞𐌰-𐍊𐎀-𐎝𐎠-𐏃𐏈-𐏏𐏑-𐏕𐐀-𐒝𐠀-𐠅𐠈𐠊-𐠵𐠷-𐠸𐠼𐠿-𐡕𐤀-𐤕𐤠-𐤹𐦀-𐦷𐦾-𐦿𐨀𐨐-𐨓𐨕-𐨗𐨙-𐨳𐩠-𐩼𐬀-𐬵𐭀-𐭕𐭠-𐭲𐰀-𐱈𑀃-𑀷𑂃-𑂯𑃐-𑃨𑄃-𑄦𑆃-𑆲𑇁-𑇄𑚀-𑚪𒀀-𒍮𒐀-𒑢𓀀-𓐮𖠀-𖨸𖼀-𖽄𖽐𖾓-𖾟𛀀-𛀁𝐀-𝑔𝑖-𝒜𝒞-𝒟𝒢𝒥-𝒦𝒩-𝒬𝒮-𝒹𝒻𝒽-𝓃𝓅-𝔅𝔇-𝔊𝔍-𝔔𝔖-𝔜𝔞-𝔹𝔻-𝔾𝕀-𝕄𝕆𝕊-𝕐𝕒-𝚥𝚨-𝛀𝛂-𝛚𝛜-𝛺𝛼-𝜔𝜖-𝜴𝜶-𝝎𝝐-𝝮𝝰-𝞈𝞊-𝞨𝞪-𝟂𝟄-𝟋𞸀-𞸃𞸅-𞸟𞸡-𞸢𞸤𞸧𞸩-𞸲𞸴-𞸷𞸹𞸻𞹂𞹇𞹉𞹋𞹍-𞹏𞹑-𞹒𞹔𞹗𞹙𞹛𞹝𞹟𞹡-𞹢𞹤𞹧-𞹪𞹬-𞹲𞹴-𞹷𞹹-𞹼𞹾𞺀-𞺉𞺋-𞺛𞺡-𞺣𞺥-𞺩𞺫-𞺻𠀀-𪛖𪜀-𫜴𫝀-𫠝丽-𪘀][0-9A-Z_a-zªµ·ºÀ-ÖØ-öø-ˁˆ-ˑˠ-ˤˬˮ̀-ʹͶ-ͷͻ-ͽΆ-ΊΌΎ-ΡΣ-ϵϷ-ҁ҃-҇Ҋ-ԧԱ-Ֆՙա-և֑-ֽֿׁ-ׂׄ-ׇׅא-תװ-ײؐ-ؚؠ-٩ٮ-ۓە-ۜ۟-۪ۨ-ۼۿܐ-݊ݍ-ޱ߀-ߵߺࠀ-࠭ࡀ-࡛ࢠࢢ-ࢬࣤ-ࣾऀ-ॣ०-९ॱ-ॷॹ-ॿঁ-ঃঅ-ঌএ-ঐও-নপ-রলশ-হ়-ৄে-ৈো-ৎৗড়-ঢ়য়-ৣ০-ৱਁ-ਃਅ-ਊਏ-ਐਓ-ਨਪ-ਰਲ-ਲ਼ਵ-ਸ਼ਸ-ਹ਼ਾ-ੂੇ-ੈੋ-੍ੑਖ਼-ੜਫ਼੦-ੵઁ-ઃઅ-ઍએ-ઑઓ-નપ-રલ-ળવ-હ઼-ૅે-ૉો-્ૐૠ-ૣ૦-૯ଁ-ଃଅ-ଌଏ-ଐଓ-ନପ-ରଲ-ଳଵ-ହ଼-ୄେ-ୈୋ-୍ୖ-ୗଡ଼-ଢ଼ୟ-ୣ୦-୯ୱஂ-ஃஅ-ஊஎ-ஐஒ-கங-சஜஞ-டண-தந-பம-ஹா-ூெ-ைொ-்ௐௗ௦-௯ఁ-ఃఅ-ఌఎ-ఐఒ-నప-ళవ-హఽ-ౄె-ైొ-్ౕ-ౖౘ-ౙౠ-ౣ౦-౯ಂ-ಃಅ-ಌಎ-ಐಒ-ನಪ-ಳವ-ಹ಼-ೄೆ-ೈೊ-್ೕ-ೖೞೠ-ೣ೦-೯ೱ-ೲം-ഃഅ-ഌഎ-ഐഒ-ഺഽ-ൄെ-ൈൊ-ൎൗൠ-ൣ൦-൯ൺ-ൿං-ඃඅ-ඖක-නඳ-රලව-ෆ්ා-ුූෘ-ෟෲ-ෳก-ฺเ-๎๐-๙ກ-ຂຄງ-ຈຊຍດ-ທນ-ຟມ-ຣລວສ-ຫອ-ູົ-ຽເ-ໄໆ່-ໍ໐-໙ໜ-ໟༀ༘-༙༠-༩༹༵༷༾-ཇཉ-ཬཱ-྄྆-ྗྙ-ྼ࿆က-၉ၐ-ႝႠ-ჅჇჍა-ჺჼ-ቈቊ-ቍቐ-ቖቘቚ-ቝበ-ኈኊ-ኍነ-ኰኲ-ኵኸ-ኾዀዂ-ዅወ-ዖዘ-ጐጒ-ጕጘ-ፚ፝-፟፩-፱ᎀ-ᎏᎠ-Ᏼᐁ-ᙬᙯ-ᙿᚁ-ᚚᚠ-ᛪᛮ-ᛰᜀ-ᜌᜎ-᜔ᜠ-᜴ᝀ-ᝓᝠ-ᝬᝮ-ᝰᝲ-ᝳក-៓ៗៜ-៝០-៩᠋-᠍᠐-᠙ᠠ-ᡷᢀ-ᢪᢰ-ᣵᤀ-ᤜᤠ-ᤫᤰ-᤻᥆-ᥭᥰ-ᥴᦀ-ᦫᦰ-ᧉ᧐-᧚ᨀ-ᨛᨠ-ᩞ᩠-᩿᩼-᪉᪐-᪙ᪧᬀ-ᭋ᭐-᭙᭫-᭳ᮀ-᯳ᰀ-᰷᱀-᱉ᱍ-ᱽ᳐-᳔᳒-ᳶᴀ-ᷦ᷼-ἕἘ-Ἕἠ-ὅὈ-Ὅὐ-ὗὙὛὝὟ-ώᾀ-ᾴᾶ-ᾼιῂ-ῄῆ-ῌῐ-ΐῖ-Ίῠ-Ῥῲ-ῴῶ-ῼ‿-⁀⁔ⁱⁿₐ-ₜ⃐-⃥⃜⃡-⃰ℂℇℊ-ℓℕ℘-ℝℤΩℨK-ℹℼ-ℿⅅ-ⅉⅎⅠ-ↈⰀ-Ⱞⰰ-ⱞⱠ-ⳤⳫ-ⳳⴀ-ⴥⴧⴭⴰ-ⵧⵯ⵿-ⶖⶠ-ⶦⶨ-ⶮⶰ-ⶶⶸ-ⶾⷀ-ⷆⷈ-ⷎⷐ-ⷖⷘ-ⷞⷠ-ⷿ々-〇〡-〯〱-〵〸-〼ぁ-ゖ゙-゚ゝ-ゟァ-ヺー-ヿㄅ-ㄭㄱ-ㆎㆠ-ㆺㇰ-ㇿ㐀-䶵一-鿌ꀀ-ꒌꓐ-ꓽꔀ-ꘌꘐ-ꘫꙀ-꙯ꙴ-꙽ꙿ-ꚗꚟ-꛱ꜗ-ꜟꜢ-ꞈꞋ-ꞎꞐ-ꞓꞠ-Ɦꟸ-ꠧꡀ-ꡳꢀ-꣄꣐-꣙꣠-ꣷꣻ꤀-꤭ꤰ-꥓ꥠ-ꥼꦀ-꧀ꧏ-꧙ꨀ-ꨶꩀ-ꩍ꩐-꩙ꩠ-ꩶꩺ-ꩻꪀ-ꫂꫛ-ꫝꫠ-ꫯꫲ-꫶ꬁ-ꬆꬉ-ꬎꬑ-ꬖꬠ-ꬦꬨ-ꬮꯀ-ꯪ꯬-꯭꯰-꯹가-힣ힰ-ퟆퟋ-ퟻ豈-舘並-龎ff-stﬓ-ﬗיִ-ﬨשׁ-זּטּ-לּמּנּ-סּףּ-פּצּ-ﮱﯓ-ﱝﱤ-ﴽﵐ-ﶏﶒ-ﷇﷰ-ﷹ︀-️︠-︦︳-︴﹍-﹏ﹱﹳﹷﹹﹻﹽﹿ-ﻼ０-９Ａ-Ｚ＿ａ-ｚｦ-ﾾￂ-ￇￊ-ￏￒ-ￗￚ-ￜ𐀀-𐀋𐀍-𐀦𐀨-𐀺𐀼-𐀽𐀿-𐁍𐁐-𐁝𐂀-𐃺𐅀-𐅴𐇽𐊀-𐊜𐊠-𐋐𐌀-𐌞𐌰-𐍊𐎀-𐎝𐎠-𐏃𐏈-𐏏𐏑-𐏕𐐀-𐒝𐒠-𐒩𐠀-𐠅𐠈𐠊-𐠵𐠷-𐠸𐠼𐠿-𐡕𐤀-𐤕𐤠-𐤹𐦀-𐦷𐦾-𐦿𐨀-𐨃𐨅-𐨆𐨌-𐨓𐨕-𐨗𐨙-𐨳𐨸-𐨿𐨺𐩠-𐩼𐬀-𐬵𐭀-𐭕𐭠-𐭲𐰀-𐱈𑀀-𑁆𑁦-𑁯𑂀-𑂺𑃐-𑃨𑃰-𑃹𑄀-𑄴𑄶-𑄿𑆀-𑇄𑇐-𑇙𑚀-𑚷𑛀-𑛉𒀀-𒍮𒐀-𒑢𓀀-𓐮𖠀-𖨸𖼀-𖽄𖽐-𖽾𖾏-𖾟𛀀-𛀁𝅥-𝅩𝅭-𝅲𝅻-𝆂𝆅-𝆋𝆪-𝆭𝉂-𝉄𝐀-𝑔𝑖-𝒜𝒞-𝒟𝒢𝒥-𝒦𝒩-𝒬𝒮-𝒹𝒻𝒽-𝓃𝓅-𝔅𝔇-𝔊𝔍-𝔔𝔖-𝔜𝔞-𝔹𝔻-𝔾𝕀-𝕄𝕆𝕊-𝕐𝕒-𝚥𝚨-𝛀𝛂-𝛚𝛜-𝛺𝛼-𝜔𝜖-𝜴𝜶-𝝎𝝐-𝝮𝝰-𝞈𝞊-𝞨𝞪-𝟂𝟄-𝟋𝟎-𝟿𞸀-𞸃𞸅-𞸟𞸡-𞸢𞸤𞸧𞸩-𞸲𞸴-𞸷𞸹𞸻𞹂𞹇𞹉𞹋𞹍-𞹏𞹑-𞹒𞹔𞹗𞹙𞹛𞹝𞹟𞹡-𞹢𞹤𞹧-𞹪𞹬-𞹲𞹴-𞹷𞹹-𞹼𞹾𞺀-𞺉𞺋-𞺛𞺡-𞺣𞺥-𞺩𞺫-𞺻𠀀-𪛖𪜀-𫜴𫝀-𫠝丽-𪘀󠄀-󠇯]*`
-
 // Python3 lexer.
-var Python3 = internal.Register(MustNewLexer(
+var Python3 = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Python 3",
 		Aliases:   []string{"python3", "py3"},
 		Filenames: []string{},
 		MimeTypes: []string{"text/x-python3", "application/x-python3"},
 	},
-	Rules{
+	python3Rules,
+))
+
+func python3Rules() Rules {
+	const python3Identifier = `[A-Z_a-zªµºÀ-ÖØ-öø-ˁˆ-ˑˠ-ˤˬˮͰ-ʹͶ-ͷͻ-ͽΆΈ-ΊΌΎ-ΡΣ-ϵϷ-ҁҊ-ԧԱ-Ֆՙա-ևא-תװ-ײؠ-يٮ-ٯٱ-ۓەۥ-ۦۮ-ۯۺ-ۼۿܐܒ-ܯݍ-ޥޱߊ-ߪߴ-ߵߺࠀ-ࠕࠚࠤࠨࡀ-ࡘࢠࢢ-ࢬऄ-हऽॐक़-ॡॱ-ॷॹ-ॿঅ-ঌএ-ঐও-নপ-রলশ-হঽৎড়-ঢ়য়-ৡৰ-ৱਅ-ਊਏ-ਐਓ-ਨਪ-ਰਲ-ਲ਼ਵ-ਸ਼ਸ-ਹਖ਼-ੜਫ਼ੲ-ੴઅ-ઍએ-ઑઓ-નપ-રલ-ળવ-હઽૐૠ-ૡଅ-ଌଏ-ଐଓ-ନପ-ରଲ-ଳଵ-ହଽଡ଼-ଢ଼ୟ-ୡୱஃஅ-ஊஎ-ஐஒ-கங-சஜஞ-டண-தந-பம-ஹௐఅ-ఌఎ-ఐఒ-నప-ళవ-హఽౘ-ౙౠ-ౡಅ-ಌಎ-ಐಒ-ನಪ-ಳವ-ಹಽೞೠ-ೡೱ-ೲഅ-ഌഎ-ഐഒ-ഺഽൎൠ-ൡൺ-ൿඅ-ඖක-නඳ-රලව-ෆก-ะาเ-ๆກ-ຂຄງ-ຈຊຍດ-ທນ-ຟມ-ຣລວສ-ຫອ-ະາຽເ-ໄໆໜ-ໟༀཀ-ཇཉ-ཬྈ-ྌက-ဪဿၐ-ၕၚ-ၝၡၥ-ၦၮ-ၰၵ-ႁႎႠ-ჅჇჍა-ჺჼ-ቈቊ-ቍቐ-ቖቘቚ-ቝበ-ኈኊ-ኍነ-ኰኲ-ኵኸ-ኾዀዂ-ዅወ-ዖዘ-ጐጒ-ጕጘ-ፚᎀ-ᎏᎠ-Ᏼᐁ-ᙬᙯ-ᙿᚁ-ᚚᚠ-ᛪᛮ-ᛰᜀ-ᜌᜎ-ᜑᜠ-ᜱᝀ-ᝑᝠ-ᝬᝮ-ᝰក-ឳៗៜᠠ-ᡷᢀ-ᢨᢪᢰ-ᣵᤀ-ᤜᥐ-ᥭᥰ-ᥴᦀ-ᦫᧁ-ᧇᨀ-ᨖᨠ-ᩔᪧᬅ-ᬳᭅ-ᭋᮃ-ᮠᮮ-ᮯᮺ-ᯥᰀ-ᰣᱍ-ᱏᱚ-ᱽᳩ-ᳬᳮ-ᳱᳵ-ᳶᴀ-ᶿḀ-ἕἘ-Ἕἠ-ὅὈ-Ὅὐ-ὗὙὛὝὟ-ώᾀ-ᾴᾶ-ᾼιῂ-ῄῆ-ῌῐ-ΐῖ-Ίῠ-Ῥῲ-ῴῶ-ῼⁱⁿₐ-ₜℂℇℊ-ℓℕ℘-ℝℤΩℨK-ℹℼ-ℿⅅ-ⅉⅎⅠ-ↈⰀ-Ⱞⰰ-ⱞⱠ-ⳤⳫ-ⳮⳲ-ⳳⴀ-ⴥⴧⴭⴰ-ⵧⵯⶀ-ⶖⶠ-ⶦⶨ-ⶮⶰ-ⶶⶸ-ⶾⷀ-ⷆⷈ-ⷎⷐ-ⷖⷘ-ⷞ々-〇〡-〩〱-〵〸-〼ぁ-ゖゝ-ゟァ-ヺー-ヿㄅ-ㄭㄱ-ㆎㆠ-ㆺㇰ-ㇿ㐀-䶵一-鿌ꀀ-ꒌꓐ-ꓽꔀ-ꘌꘐ-ꘟꘪ-ꘫꙀ-ꙮꙿ-ꚗꚠ-ꛯꜗ-ꜟꜢ-ꞈꞋ-ꞎꞐ-ꞓꞠ-Ɦꟸ-ꠁꠃ-ꠅꠇ-ꠊꠌ-ꠢꡀ-ꡳꢂ-ꢳꣲ-ꣷꣻꤊ-ꤥꤰ-ꥆꥠ-ꥼꦄ-ꦲꧏꨀ-ꨨꩀ-ꩂꩄ-ꩋꩠ-ꩶꩺꪀ-ꪯꪱꪵ-ꪶꪹ-ꪽꫀꫂꫛ-ꫝꫠ-ꫪꫲ-ꫴꬁ-ꬆꬉ-ꬎꬑ-ꬖꬠ-ꬦꬨ-ꬮꯀ-ꯢ가-힣ힰ-ퟆퟋ-ퟻ豈-舘並-龎ff-stﬓ-ﬗיִײַ-ﬨשׁ-זּטּ-לּמּנּ-סּףּ-פּצּ-ﮱﯓ-ﱝﱤ-ﴽﵐ-ﶏﶒ-ﷇﷰ-ﷹﹱﹳﹷﹹﹻﹽﹿ-ﻼＡ-Ｚａ-ｚｦ-ﾝﾠ-ﾾￂ-ￇￊ-ￏￒ-ￗￚ-ￜ𐀀-𐀋𐀍-𐀦𐀨-𐀺𐀼-𐀽𐀿-𐁍𐁐-𐁝𐂀-𐃺𐅀-𐅴𐊀-𐊜𐊠-𐋐𐌀-𐌞𐌰-𐍊𐎀-𐎝𐎠-𐏃𐏈-𐏏𐏑-𐏕𐐀-𐒝𐠀-𐠅𐠈𐠊-𐠵𐠷-𐠸𐠼𐠿-𐡕𐤀-𐤕𐤠-𐤹𐦀-𐦷𐦾-𐦿𐨀𐨐-𐨓𐨕-𐨗𐨙-𐨳𐩠-𐩼𐬀-𐬵𐭀-𐭕𐭠-𐭲𐰀-𐱈𑀃-𑀷𑂃-𑂯𑃐-𑃨𑄃-𑄦𑆃-𑆲𑇁-𑇄𑚀-𑚪𒀀-𒍮𒐀-𒑢𓀀-𓐮𖠀-𖨸𖼀-𖽄𖽐𖾓-𖾟𛀀-𛀁𝐀-𝑔𝑖-𝒜𝒞-𝒟𝒢𝒥-𝒦𝒩-𝒬𝒮-𝒹𝒻𝒽-𝓃𝓅-𝔅𝔇-𝔊𝔍-𝔔𝔖-𝔜𝔞-𝔹𝔻-𝔾𝕀-𝕄𝕆𝕊-𝕐𝕒-𝚥𝚨-𝛀𝛂-𝛚𝛜-𝛺𝛼-𝜔𝜖-𝜴𝜶-𝝎𝝐-𝝮𝝰-𝞈𝞊-𝞨𝞪-𝟂𝟄-𝟋𞸀-𞸃𞸅-𞸟𞸡-𞸢𞸤𞸧𞸩-𞸲𞸴-𞸷𞸹𞸻𞹂𞹇𞹉𞹋𞹍-𞹏𞹑-𞹒𞹔𞹗𞹙𞹛𞹝𞹟𞹡-𞹢𞹤𞹧-𞹪𞹬-𞹲𞹴-𞹷𞹹-𞹼𞹾𞺀-𞺉𞺋-𞺛𞺡-𞺣𞺥-𞺩𞺫-𞺻𠀀-𪛖𪜀-𫜴𫝀-𫠝丽-𪘀][0-9A-Z_a-zªµ·ºÀ-ÖØ-öø-ˁˆ-ˑˠ-ˤˬˮ̀-ʹͶ-ͷͻ-ͽΆ-ΊΌΎ-ΡΣ-ϵϷ-ҁ҃-҇Ҋ-ԧԱ-Ֆՙա-և֑-ֽֿׁ-ׂׄ-ׇׅא-תװ-ײؐ-ؚؠ-٩ٮ-ۓە-ۜ۟-۪ۨ-ۼۿܐ-݊ݍ-ޱ߀-ߵߺࠀ-࠭ࡀ-࡛ࢠࢢ-ࢬࣤ-ࣾऀ-ॣ०-९ॱ-ॷॹ-ॿঁ-ঃঅ-ঌএ-ঐও-নপ-রলশ-হ়-ৄে-ৈো-ৎৗড়-ঢ়য়-ৣ০-ৱਁ-ਃਅ-ਊਏ-ਐਓ-ਨਪ-ਰਲ-ਲ਼ਵ-ਸ਼ਸ-ਹ਼ਾ-ੂੇ-ੈੋ-੍ੑਖ਼-ੜਫ਼੦-ੵઁ-ઃઅ-ઍએ-ઑઓ-નપ-રલ-ળવ-હ઼-ૅે-ૉો-્ૐૠ-ૣ૦-૯ଁ-ଃଅ-ଌଏ-ଐଓ-ନପ-ରଲ-ଳଵ-ହ଼-ୄେ-ୈୋ-୍ୖ-ୗଡ଼-ଢ଼ୟ-ୣ୦-୯ୱஂ-ஃஅ-ஊஎ-ஐஒ-கங-சஜஞ-டண-தந-பம-ஹா-ூெ-ைொ-்ௐௗ௦-௯ఁ-ఃఅ-ఌఎ-ఐఒ-నప-ళవ-హఽ-ౄె-ైొ-్ౕ-ౖౘ-ౙౠ-ౣ౦-౯ಂ-ಃಅ-ಌಎ-ಐಒ-ನಪ-ಳವ-ಹ಼-ೄೆ-ೈೊ-್ೕ-ೖೞೠ-ೣ೦-೯ೱ-ೲം-ഃഅ-ഌഎ-ഐഒ-ഺഽ-ൄെ-ൈൊ-ൎൗൠ-ൣ൦-൯ൺ-ൿං-ඃඅ-ඖක-නඳ-රලව-ෆ්ා-ුූෘ-ෟෲ-ෳก-ฺเ-๎๐-๙ກ-ຂຄງ-ຈຊຍດ-ທນ-ຟມ-ຣລວສ-ຫອ-ູົ-ຽເ-ໄໆ່-ໍ໐-໙ໜ-ໟༀ༘-༙༠-༩༹༵༷༾-ཇཉ-ཬཱ-྄྆-ྗྙ-ྼ࿆က-၉ၐ-ႝႠ-ჅჇჍა-ჺჼ-ቈቊ-ቍቐ-ቖቘቚ-ቝበ-ኈኊ-ኍነ-ኰኲ-ኵኸ-ኾዀዂ-ዅወ-ዖዘ-ጐጒ-ጕጘ-ፚ፝-፟፩-፱ᎀ-ᎏᎠ-Ᏼᐁ-ᙬᙯ-ᙿᚁ-ᚚᚠ-ᛪᛮ-ᛰᜀ-ᜌᜎ-᜔ᜠ-᜴ᝀ-ᝓᝠ-ᝬᝮ-ᝰᝲ-ᝳក-៓ៗៜ-៝០-៩᠋-᠍᠐-᠙ᠠ-ᡷᢀ-ᢪᢰ-ᣵᤀ-ᤜᤠ-ᤫᤰ-᤻᥆-ᥭᥰ-ᥴᦀ-ᦫᦰ-ᧉ᧐-᧚ᨀ-ᨛᨠ-ᩞ᩠-᩿᩼-᪉᪐-᪙ᪧᬀ-ᭋ᭐-᭙᭫-᭳ᮀ-᯳ᰀ-᰷᱀-᱉ᱍ-ᱽ᳐-᳔᳒-ᳶᴀ-ᷦ᷼-ἕἘ-Ἕἠ-ὅὈ-Ὅὐ-ὗὙὛὝὟ-ώᾀ-ᾴᾶ-ᾼιῂ-ῄῆ-ῌῐ-ΐῖ-Ίῠ-Ῥῲ-ῴῶ-ῼ‿-⁀⁔ⁱⁿₐ-ₜ⃐-⃥⃜⃡-⃰ℂℇℊ-ℓℕ℘-ℝℤΩℨK-ℹℼ-ℿⅅ-ⅉⅎⅠ-ↈⰀ-Ⱞⰰ-ⱞⱠ-ⳤⳫ-ⳳⴀ-ⴥⴧⴭⴰ-ⵧⵯ⵿-ⶖⶠ-ⶦⶨ-ⶮⶰ-ⶶⶸ-ⶾⷀ-ⷆⷈ-ⷎⷐ-ⷖⷘ-ⷞⷠ-ⷿ々-〇〡-〯〱-〵〸-〼ぁ-ゖ゙-゚ゝ-ゟァ-ヺー-ヿㄅ-ㄭㄱ-ㆎㆠ-ㆺㇰ-ㇿ㐀-䶵一-鿌ꀀ-ꒌꓐ-ꓽꔀ-ꘌꘐ-ꘫꙀ-꙯ꙴ-꙽ꙿ-ꚗꚟ-꛱ꜗ-ꜟꜢ-ꞈꞋ-ꞎꞐ-ꞓꞠ-Ɦꟸ-ꠧꡀ-ꡳꢀ-꣄꣐-꣙꣠-ꣷꣻ꤀-꤭ꤰ-꥓ꥠ-ꥼꦀ-꧀ꧏ-꧙ꨀ-ꨶꩀ-ꩍ꩐-꩙ꩠ-ꩶꩺ-ꩻꪀ-ꫂꫛ-ꫝꫠ-ꫯꫲ-꫶ꬁ-ꬆꬉ-ꬎꬑ-ꬖꬠ-ꬦꬨ-ꬮꯀ-ꯪ꯬-꯭꯰-꯹가-힣ힰ-ퟆퟋ-ퟻ豈-舘並-龎ff-stﬓ-ﬗיִ-ﬨשׁ-זּטּ-לּמּנּ-סּףּ-פּצּ-ﮱﯓ-ﱝﱤ-ﴽﵐ-ﶏﶒ-ﷇﷰ-ﷹ︀-️︠-︦︳-︴﹍-﹏ﹱﹳﹷﹹﹻﹽﹿ-ﻼ０-９Ａ-Ｚ＿ａ-ｚｦ-ﾾￂ-ￇￊ-ￏￒ-ￗￚ-ￜ𐀀-𐀋𐀍-𐀦𐀨-𐀺𐀼-𐀽𐀿-𐁍𐁐-𐁝𐂀-𐃺𐅀-𐅴𐇽𐊀-𐊜𐊠-𐋐𐌀-𐌞𐌰-𐍊𐎀-𐎝𐎠-𐏃𐏈-𐏏𐏑-𐏕𐐀-𐒝𐒠-𐒩𐠀-𐠅𐠈𐠊-𐠵𐠷-𐠸𐠼𐠿-𐡕𐤀-𐤕𐤠-𐤹𐦀-𐦷𐦾-𐦿𐨀-𐨃𐨅-𐨆𐨌-𐨓𐨕-𐨗𐨙-𐨳𐨸-𐨿𐨺𐩠-𐩼𐬀-𐬵𐭀-𐭕𐭠-𐭲𐰀-𐱈𑀀-𑁆𑁦-𑁯𑂀-𑂺𑃐-𑃨𑃰-𑃹𑄀-𑄴𑄶-𑄿𑆀-𑇄𑇐-𑇙𑚀-𑚷𑛀-𑛉𒀀-𒍮𒐀-𒑢𓀀-𓐮𖠀-𖨸𖼀-𖽄𖽐-𖽾𖾏-𖾟𛀀-𛀁𝅥-𝅩𝅭-𝅲𝅻-𝆂𝆅-𝆋𝆪-𝆭𝉂-𝉄𝐀-𝑔𝑖-𝒜𝒞-𝒟𝒢𝒥-𝒦𝒩-𝒬𝒮-𝒹𝒻𝒽-𝓃𝓅-𝔅𝔇-𝔊𝔍-𝔔𝔖-𝔜𝔞-𝔹𝔻-𝔾𝕀-𝕄𝕆𝕊-𝕐𝕒-𝚥𝚨-𝛀𝛂-𝛚𝛜-𝛺𝛼-𝜔𝜖-𝜴𝜶-𝝎𝝐-𝝮𝝰-𝞈𝞊-𝞨𝞪-𝟂𝟄-𝟋𝟎-𝟿𞸀-𞸃𞸅-𞸟𞸡-𞸢𞸤𞸧𞸩-𞸲𞸴-𞸷𞸹𞸻𞹂𞹇𞹉𞹋𞹍-𞹏𞹑-𞹒𞹔𞹗𞹙𞹛𞹝𞹟𞹡-𞹢𞹤𞹧-𞹪𞹬-𞹲𞹴-𞹷𞹹-𞹼𞹾𞺀-𞺉𞺋-𞺛𞺡-𞺣𞺥-𞺩𞺫-𞺻𠀀-𪛖𪜀-𫜴𫝀-𫠝丽-𪘀󠄀-󠇯]*`
+
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`^(\s*)([rRuUbB]{,2})("""(?:.|\n)*?""")`, ByGroups(Text, LiteralStringAffix, LiteralStringDoc), nil},
@@ -133,5 +137,5 @@ var Python3 = internal.Register(MustNewLexer(
 			Include("strings-single"),
 			{`\n`, LiteralStringSingle, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/q/qbasic.go b/vendor/github.com/alecthomas/chroma/lexers/q/qbasic.go
index fd47c08003..1e36f86570 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/q/qbasic.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/q/qbasic.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Qbasic lexer.
-var Qbasic = internal.Register(MustNewLexer(
+var Qbasic = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "QBasic",
 		Aliases:   []string{"qbasic", "basic"},
 		Filenames: []string{"*.BAS", "*.bas"},
 		MimeTypes: []string{"text/basic"},
 	},
-	Rules{
+	qbasicRules,
+))
+
+func qbasicRules() Rules {
+	return Rules{
 		"root": {
 			{`\n+`, Text, nil},
 			{`\s+`, TextWhitespace, nil},
@@ -63,5 +67,5 @@ var Qbasic = internal.Register(MustNewLexer(
 		"keywords": {
 			{`\b(ACCESS|ALIAS|ANY|APPEND|AS|BASE|BINARY|BYVAL|CASE|CDECL|DOUBLE|ELSE|ELSEIF|ENDIF|INTEGER|IS|LIST|LOCAL|LONG|LOOP|MOD|NEXT|OFF|ON|OUTPUT|RANDOM|SIGNAL|SINGLE|STEP|STRING|THEN|TO|UNTIL|USING|WEND)\b`, Keyword, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/qml.go b/vendor/github.com/alecthomas/chroma/lexers/q/qml.go
index 9d2f2fb23a..dfd3c75374 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/qml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/q/qml.go
@@ -1,4 +1,4 @@
-package lexers
+package q
 
 import (
 	. "github.com/alecthomas/chroma" // nolint
@@ -6,7 +6,7 @@ import (
 )
 
 // Qml lexer.
-var Qml = internal.Register(MustNewLexer(
+var Qml = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "QML",
 		Aliases:   []string{"qml", "qbs"},
@@ -14,7 +14,11 @@ var Qml = internal.Register(MustNewLexer(
 		MimeTypes: []string{"application/x-qml", "application/x-qt.qbs+qml"},
 		DotAll:    true,
 	},
-	Rules{
+	qmlRules,
+))
+
+func qmlRules() Rules {
+	return Rules{
 		"commentsandwhitespace": {
 			{`\s+`, Text, nil},
 			{`<!--`, Comment, nil},
@@ -50,5 +54,5 @@ var Qml = internal.Register(MustNewLexer(
 			{`"(\\\\|\\"|[^"])*"`, LiteralStringDouble, nil},
 			{`'(\\\\|\\'|[^'])*'`, LiteralStringSingle, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/r.go b/vendor/github.com/alecthomas/chroma/lexers/r/r.go
index c2d3f56c72..7f56dcec71 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/r.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/r.go
@@ -6,14 +6,18 @@ import (
 )
 
 // R/S lexer.
-var R = internal.Register(MustNewLexer(
+var R = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "R",
 		Aliases:   []string{"splus", "s", "r"},
 		Filenames: []string{"*.S", "*.R", "*.r", ".Rhistory", ".Rprofile", ".Renviron"},
 		MimeTypes: []string{"text/S-plus", "text/S", "text/x-r-source", "text/x-r", "text/x-R", "text/x-r-history", "text/x-r-profile"},
 	},
-	Rules{
+	rRules,
+))
+
+func rRules() Rules {
+	return Rules{
 		"comments": {
 			{`#.*$`, CommentSingle, nil},
 		},
@@ -62,5 +66,5 @@ var R = internal.Register(MustNewLexer(
 		"string_dquote": {
 			{`([^"\\]|\\.)*"`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/racket.go b/vendor/github.com/alecthomas/chroma/lexers/r/racket.go
index cf27ea10ca..3f4182747b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/racket.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/racket.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Racket lexer.
-var Racket = internal.Register(MustNewLexer(
+var Racket = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Racket",
 		Aliases:   []string{"racket", "rkt"},
 		Filenames: []string{"*.rkt", "*.rktd", "*.rktl"},
 		MimeTypes: []string{"text/x-racket", "application/x-racket"},
 	},
-	Rules{
+	racketRules,
+))
+
+func racketRules() Rules {
+	return Rules{
 		"root": {
 			{`[)\]}]`, Error, nil},
 			{`(?!\Z)`, Text, Push("unquoted-datum")},
@@ -98,5 +102,5 @@ var Racket = internal.Register(MustNewLexer(
 			{`(?s)\\([0-7]{1,3}|x[\da-fA-F]{1,2}|u[\da-fA-F]{1,4}|U[\da-fA-F]{1,8}|.)`, LiteralStringEscape, nil},
 			{`[^\\"]+`, LiteralStringDouble, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/ragel.go b/vendor/github.com/alecthomas/chroma/lexers/r/ragel.go
index 3da0ea70a3..ab6a4fbbe7 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/ragel.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/ragel.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Ragel lexer.
-var Ragel = internal.Register(MustNewLexer(
+var Ragel = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Ragel",
 		Aliases:   []string{"ragel"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	ragelRules,
+))
+
+func ragelRules() Rules {
+	return Rules{
 		"whitespace": {
 			{`\s+`, TextWhitespace, nil},
 		},
@@ -72,5 +76,5 @@ var Ragel = internal.Register(MustNewLexer(
 			{`\{`, Punctuation, Push()},
 			{`\}`, Punctuation, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/reasonml.go b/vendor/github.com/alecthomas/chroma/lexers/r/reasonml.go
index 0bceb186e1..0ade5691d0 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/reasonml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/reasonml.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Reasonml lexer.
-var Reasonml = internal.Register(MustNewLexer(
+var Reasonml = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "ReasonML",
 		Aliases:   []string{"reason", "reasonml"},
 		Filenames: []string{"*.re", "*.rei"},
 		MimeTypes: []string{"text/x-reasonml"},
 	},
-	Rules{
+	reasonmlRules,
+))
+
+func reasonmlRules() Rules {
+	return Rules{
 		"escape-sequence": {
 			{`\\[\\"\'ntbr]`, LiteralStringEscape, nil},
 			{`\\[0-9]{3}`, LiteralStringEscape, nil},
@@ -63,5 +67,5 @@ var Reasonml = internal.Register(MustNewLexer(
 			{`[a-z_][\w\']*`, Name, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/regedit.go b/vendor/github.com/alecthomas/chroma/lexers/r/regedit.go
index 7ee9cb5816..6177234571 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/regedit.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/regedit.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Reg lexer.
-var Reg = internal.Register(MustNewLexer(
+var Reg = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "reg",
 		Aliases:   []string{"registry"},
 		Filenames: []string{"*.reg"},
 		MimeTypes: []string{"text/x-windows-registry"},
 	},
-	Rules{
+	regRules,
+))
+
+func regRules() Rules {
+	return Rules{
 		"root": {
 			{`Windows Registry Editor.*`, Text, nil},
 			{`\s+`, Text, nil},
@@ -28,5 +32,5 @@ var Reg = internal.Register(MustNewLexer(
 			{`.+`, LiteralString, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/rexx.go b/vendor/github.com/alecthomas/chroma/lexers/r/rexx.go
index 1f5550a53d..38ca768d0b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/rexx.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/rexx.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Rexx lexer.
-var Rexx = internal.Register(MustNewLexer(
+var Rexx = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Rexx",
 		Aliases:         []string{"rexx", "arexx"},
@@ -15,7 +15,11 @@ var Rexx = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	rexxRules,
+))
+
+func rexxRules() Rules {
+	return Rules{
 		"root": {
 			{`\s`, TextWhitespace, nil},
 			{`/\*`, CommentMultiline, Push("comment")},
@@ -55,5 +59,5 @@ var Rexx = internal.Register(MustNewLexer(
 			{`\*/`, CommentMultiline, Pop(1)},
 			{`\*`, CommentMultiline, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/rst.go b/vendor/github.com/alecthomas/chroma/lexers/r/rst.go
index f09dad0929..1e11cc65bf 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/rst.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/rst.go
@@ -8,14 +8,18 @@ import (
 )
 
 // Restructuredtext lexer.
-var Restructuredtext = internal.Register(MustNewLexer(
+var Restructuredtext = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "reStructuredText",
 		Aliases:   []string{"rst", "rest", "restructuredtext"},
 		Filenames: []string{"*.rst", "*.rest"},
 		MimeTypes: []string{"text/x-rst", "text/prs.fallenstein.rst"},
 	},
-	Rules{
+	restructuredtextRules,
+))
+
+func restructuredtextRules() Rules {
+	return Rules{
 		"root": {
 			{"^(=+|-+|`+|:+|\\.+|\\'+|\"+|~+|\\^+|_+|\\*+|\\++|#+)([ \\t]*\\n)(.+)(\\n)(\\1)(\\n)", ByGroups(GenericHeading, Text, GenericHeading, Text, GenericHeading, Text), nil},
 			{"^(\\S.*)(\\n)(={3,}|-{3,}|`{3,}|:{3,}|\\.{3,}|\\'{3,}|\"{3,}|~{3,}|\\^{3,}|_{3,}|\\*{3,}|\\+{3,}|#{3,})(\\n)", ByGroups(GenericHeading, Text, GenericHeading, Text), nil},
@@ -56,8 +60,8 @@ var Restructuredtext = internal.Register(MustNewLexer(
 			{"``((?=$)|(?=[-/:.,; \\n\\x00\\\u2010\\\u2011\\\u2012\\\u2013\\\u2014\\\u00a0\\'\\\"\\)\\]\\}\\>\\\u2019\\\u201d\\\u00bb\\!\\?]))", LiteralString, Pop(1)},
 			{"`", LiteralString, nil},
 		},
-	},
-))
+	}
+}
 
 func rstCodeBlock(groups []string, lexer Lexer) Iterator {
 	iterators := []Iterator{}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/ruby.go b/vendor/github.com/alecthomas/chroma/lexers/r/ruby.go
index 6af8db2049..296cae9c01 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/ruby.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/ruby.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Ruby lexer.
-var Ruby = internal.Register(MustNewLexer(
+var Ruby = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Ruby",
 		Aliases:   []string{"rb", "ruby", "duby"},
@@ -14,7 +14,11 @@ var Ruby = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-ruby", "application/x-ruby"},
 		DotAll:    true,
 	},
-	Rules{
+	rubyRules,
+))
+
+func rubyRules() Rules {
+	return Rules{
 		"root": {
 			{`\A#!.+?$`, CommentHashbang, nil},
 			{`#.*?$`, CommentSingle, nil},
@@ -39,7 +43,7 @@ var Ruby = internal.Register(MustNewLexer(
 			{`(0_?[0-7]+(?:_[0-7]+)*)(\s*)([/?])?`, ByGroups(LiteralNumberOct, Text, Operator), nil},
 			{`(0x[0-9A-Fa-f]+(?:_[0-9A-Fa-f]+)*)(\s*)([/?])?`, ByGroups(LiteralNumberHex, Text, Operator), nil},
 			{`(0b[01]+(?:_[01]+)*)(\s*)([/?])?`, ByGroups(LiteralNumberBin, Text, Operator), nil},
-			{`([\d]+(?:_\d+)*)(\s*)([/?])?`, ByGroups(LiteralNumberInteger, Text, Operator), nil},
+			{`([\d]+(?:[_e]\d+)*)(\s*)([/?])?`, ByGroups(LiteralNumberInteger, Text, Operator), nil},
 			{`@@[a-zA-Z_]\w*`, NameVariableClass, nil},
 			{`@[a-zA-Z_]\w*`, NameVariableInstance, nil},
 			{`\$\w+`, NameVariableGlobal, nil},
@@ -246,5 +250,5 @@ var Ruby = internal.Register(MustNewLexer(
 			{`[\\#<>]`, LiteralStringRegex, nil},
 			{`[^\\#<>]+`, LiteralStringRegex, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/r/rust.go b/vendor/github.com/alecthomas/chroma/lexers/r/rust.go
index 1d7c09d1cf..25d42e594a 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/r/rust.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/r/rust.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Rust lexer.
-var Rust = internal.Register(MustNewLexer(
+var Rust = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Rust",
 		Aliases:   []string{"rust"},
@@ -14,7 +14,11 @@ var Rust = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/rust"},
 		EnsureNL:  true,
 	},
-	Rules{
+	rustRules,
+))
+
+func rustRules() Rules {
+	return Rules{
 		"root": {
 			{`#![^[\r\n].*$`, CommentPreproc, nil},
 			Default(Push("base")),
@@ -131,5 +135,5 @@ var Rust = internal.Register(MustNewLexer(
 			{`\);?`, CommentPreproc, Pop(1)},
 			{`[^")]+`, CommentPreproc, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/sas.go b/vendor/github.com/alecthomas/chroma/lexers/s/sas.go
index 47a67ed801..016a91bbd9 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/sas.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/sas.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Sas lexer.
-var Sas = internal.Register(MustNewLexer(
+var Sas = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "SAS",
 		Aliases:         []string{"sas"},
@@ -14,7 +14,11 @@ var Sas = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-sas", "text/sas", "application/x-sas"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	sasRules,
+))
+
+func sasRules() Rules {
+	return Rules{
 		"root": {
 			Include("comments"),
 			Include("proc-data"),
@@ -90,5 +94,5 @@ var Sas = internal.Register(MustNewLexer(
 		"special": {
 			{`(null|missing|_all_|_automatic_|_character_|_n_|_infile_|_name_|_null_|_numeric_|_user_|_webout_)`, KeywordConstant, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/sass.go b/vendor/github.com/alecthomas/chroma/lexers/s/sass.go
index 6200f6a375..1b73377987 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/sass.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/sass.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Sass lexer.
-var Sass = internal.Register(MustNewLexer(
+var Sass = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Sass",
 		Aliases:         []string{"sass"},
@@ -14,7 +14,11 @@ var Sass = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-sass"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	sassRules,
+))
+
+func sassRules() Rules {
+	return Rules{
 		// "root": {
 		// },
 		"root": {
@@ -140,5 +144,5 @@ var Sass = internal.Register(MustNewLexer(
 			{`(from|to|through)`, OperatorWord, nil},
 			Include("value"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/scala.go b/vendor/github.com/alecthomas/chroma/lexers/s/scala.go
index 20932de24e..2885d01ecf 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/scala.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/scala.go
@@ -7,15 +7,8 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var (
-	scalaOp     = "[-~\\^\\*!%&\\\\<>\\|+=:/?@\xa6-\xa7\xa9\xac\xae\xb0-\xb1\xb6\xd7\xf7\u03f6\u0482\u0606-\u0608\u060e-\u060f\u06e9\u06fd-\u06fe\u07f6\u09fa\u0b70\u0bf3-\u0bf8\u0bfa\u0c7f\u0cf1-\u0cf2\u0d79\u0f01-\u0f03\u0f13-\u0f17\u0f1a-\u0f1f\u0f34\u0f36\u0f38\u0fbe-\u0fc5\u0fc7-\u0fcf\u109e-\u109f\u1360\u1390-\u1399\u1940\u19e0-\u19ff\u1b61-\u1b6a\u1b74-\u1b7c\u2044\u2052\u207a-\u207c\u208a-\u208c\u2100-\u2101\u2103-\u2106\u2108-\u2109\u2114\u2116-\u2118\u211e-\u2123\u2125\u2127\u2129\u212e\u213a-\u213b\u2140-\u2144\u214a-\u214d\u214f\u2190-\u2328\u232b-\u244a\u249c-\u24e9\u2500-\u2767\u2794-\u27c4\u27c7-\u27e5\u27f0-\u2982\u2999-\u29d7\u29dc-\u29fb\u29fe-\u2b54\u2ce5-\u2cea\u2e80-\u2ffb\u3004\u3012-\u3013\u3020\u3036-\u3037\u303e-\u303f\u3190-\u3191\u3196-\u319f\u31c0-\u31e3\u3200-\u321e\u322a-\u3250\u3260-\u327f\u328a-\u32b0\u32c0-\u33ff\u4dc0-\u4dff\ua490-\ua4c6\ua828-\ua82b\ufb29\ufdfd\ufe62\ufe64-\ufe66\uff0b\uff1c-\uff1e\uff5c\uff5e\uffe2\uffe4\uffe8-\uffee\ufffc-\ufffd]+"
-	scalaUpper  = "[A-Z\\$_\xc0-\xd6\xd8-\xde\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038f\u0391-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0531-\u0556\u10a0-\u10c5\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59-\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c6f\u2c72\u2c75\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\uff21-\uff3a]"
-	scalaLetter = `[a-zA-Z\\$_ªµºÀ-ÖØ-öø-ʯͰ-ͳͶ-ͷͻ-ͽΆΈ-ϵϷ-ҁҊ-Ֆա-ևא-ײء-ؿف-يٮ-ٯٱ-ۓەۮ-ۯۺ-ۼۿܐܒ-ܯݍ-ޥޱߊ-ߪऄ-हऽॐक़-ॡॲ-ॿঅ-হঽৎড়-ৡৰ-ৱਅ-ਹਖ਼-ਫ਼ੲ-ੴઅ-હઽૐ-ૡଅ-ହଽଡ଼-ୡୱஃ-ஹௐఅ-ఽౘ-ౡಅ-ಹಽೞ-ೡഅ-ഽൠ-ൡൺ-ൿඅ-ෆก-ะา-ำเ-ๅກ-ະາ-ຳຽ-ໄໜ-ༀཀ-ཬྈ-ྋက-ဪဿၐ-ၕၚ-ၝၡၥ-ၦၮ-ၰၵ-ႁႎႠ-ჺᄀ-ፚᎀ-ᎏᎠ-ᙬᙯ-ᙶᚁ-ᚚᚠ-ᛪᛮ-ᜑᜠ-ᜱᝀ-ᝑᝠ-ᝰក-ឳៜᠠ-ᡂᡄ-ᢨᢪ-ᤜᥐ-ᦩᧁ-ᧇᨀ-ᨖᬅ-ᬳᭅ-ᭋᮃ-ᮠᮮ-ᮯᰀ-ᰣᱍ-ᱏᱚ-ᱷᴀ-ᴫᵢ-ᵷᵹ-ᶚḀ-ᾼιῂ-ῌῐ-Ίῠ-Ῥῲ-ῼⁱⁿℂℇℊ-ℓℕℙ-ℝℤΩℨK-ℭℯ-ℹℼ-ℿⅅ-ⅉⅎⅠ-ↈⰀ-ⱼⲀ-ⳤⴀ-ⵥⶀ-ⷞ〆-〇〡-〩〸-〺〼ぁ-ゖゟァ-ヺヿ-ㆎㆠ-ㆷㇰ-ㇿ㐀-䶵一-ꀔꀖ-ꒌꔀ-ꘋꘐ-ꘟꘪ-ꙮꚀ-ꚗꜢ-ꝯꝱ-ꞇꞋ-ꠁꠃ-ꠅꠇ-ꠊꠌ-ꠢꡀ-ꡳꢂ-ꢳꤊ-ꤥꤰ-ꥆꨀ-ꨨꩀ-ꩂꩄ-ꩋ가-힣豈-יִײַ-ﬨשׁ-ﴽﵐ-ﷻﹰ-ﻼＡ-Ｚａ-ｚｦ-ｯｱ-ﾝﾠ-ￜ]`
-	scalaIDRest = fmt.Sprintf(`%s(?:%s|[0-9])*(?:(?<=_)%s)?`, scalaLetter, scalaLetter, scalaOp)
-)
-
 // Scala lexer.
-var Scala = internal.Register(MustNewLexer(
+var Scala = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Scala",
 		Aliases:   []string{"scala"},
@@ -23,7 +16,18 @@ var Scala = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-scala"},
 		DotAll:    true,
 	},
-	Rules{
+	scalaRules,
+))
+
+func scalaRules() Rules {
+	var (
+		scalaOp     = "[-~\\^\\*!%&\\\\<>\\|+=:/?@\xa6-\xa7\xa9\xac\xae\xb0-\xb1\xb6\xd7\xf7\u03f6\u0482\u0606-\u0608\u060e-\u060f\u06e9\u06fd-\u06fe\u07f6\u09fa\u0b70\u0bf3-\u0bf8\u0bfa\u0c7f\u0cf1-\u0cf2\u0d79\u0f01-\u0f03\u0f13-\u0f17\u0f1a-\u0f1f\u0f34\u0f36\u0f38\u0fbe-\u0fc5\u0fc7-\u0fcf\u109e-\u109f\u1360\u1390-\u1399\u1940\u19e0-\u19ff\u1b61-\u1b6a\u1b74-\u1b7c\u2044\u2052\u207a-\u207c\u208a-\u208c\u2100-\u2101\u2103-\u2106\u2108-\u2109\u2114\u2116-\u2118\u211e-\u2123\u2125\u2127\u2129\u212e\u213a-\u213b\u2140-\u2144\u214a-\u214d\u214f\u2190-\u2328\u232b-\u244a\u249c-\u24e9\u2500-\u2767\u2794-\u27c4\u27c7-\u27e5\u27f0-\u2982\u2999-\u29d7\u29dc-\u29fb\u29fe-\u2b54\u2ce5-\u2cea\u2e80-\u2ffb\u3004\u3012-\u3013\u3020\u3036-\u3037\u303e-\u303f\u3190-\u3191\u3196-\u319f\u31c0-\u31e3\u3200-\u321e\u322a-\u3250\u3260-\u327f\u328a-\u32b0\u32c0-\u33ff\u4dc0-\u4dff\ua490-\ua4c6\ua828-\ua82b\ufb29\ufdfd\ufe62\ufe64-\ufe66\uff0b\uff1c-\uff1e\uff5c\uff5e\uffe2\uffe4\uffe8-\uffee\ufffc-\ufffd]+"
+		scalaUpper  = "[A-Z\\$_\xc0-\xd6\xd8-\xde\u0100\u0102\u0104\u0106\u0108\u010a\u010c\u010e\u0110\u0112\u0114\u0116\u0118\u011a\u011c\u011e\u0120\u0122\u0124\u0126\u0128\u012a\u012c\u012e\u0130\u0132\u0134\u0136\u0139\u013b\u013d\u013f\u0141\u0143\u0145\u0147\u014a\u014c\u014e\u0150\u0152\u0154\u0156\u0158\u015a\u015c\u015e\u0160\u0162\u0164\u0166\u0168\u016a\u016c\u016e\u0170\u0172\u0174\u0176\u0178-\u0179\u017b\u017d\u0181-\u0182\u0184\u0186-\u0187\u0189-\u018b\u018e-\u0191\u0193-\u0194\u0196-\u0198\u019c-\u019d\u019f-\u01a0\u01a2\u01a4\u01a6-\u01a7\u01a9\u01ac\u01ae-\u01af\u01b1-\u01b3\u01b5\u01b7-\u01b8\u01bc\u01c4\u01c7\u01ca\u01cd\u01cf\u01d1\u01d3\u01d5\u01d7\u01d9\u01db\u01de\u01e0\u01e2\u01e4\u01e6\u01e8\u01ea\u01ec\u01ee\u01f1\u01f4\u01f6-\u01f8\u01fa\u01fc\u01fe\u0200\u0202\u0204\u0206\u0208\u020a\u020c\u020e\u0210\u0212\u0214\u0216\u0218\u021a\u021c\u021e\u0220\u0222\u0224\u0226\u0228\u022a\u022c\u022e\u0230\u0232\u023a-\u023b\u023d-\u023e\u0241\u0243-\u0246\u0248\u024a\u024c\u024e\u0370\u0372\u0376\u0386\u0388-\u038f\u0391-\u03ab\u03cf\u03d2-\u03d4\u03d8\u03da\u03dc\u03de\u03e0\u03e2\u03e4\u03e6\u03e8\u03ea\u03ec\u03ee\u03f4\u03f7\u03f9-\u03fa\u03fd-\u042f\u0460\u0462\u0464\u0466\u0468\u046a\u046c\u046e\u0470\u0472\u0474\u0476\u0478\u047a\u047c\u047e\u0480\u048a\u048c\u048e\u0490\u0492\u0494\u0496\u0498\u049a\u049c\u049e\u04a0\u04a2\u04a4\u04a6\u04a8\u04aa\u04ac\u04ae\u04b0\u04b2\u04b4\u04b6\u04b8\u04ba\u04bc\u04be\u04c0-\u04c1\u04c3\u04c5\u04c7\u04c9\u04cb\u04cd\u04d0\u04d2\u04d4\u04d6\u04d8\u04da\u04dc\u04de\u04e0\u04e2\u04e4\u04e6\u04e8\u04ea\u04ec\u04ee\u04f0\u04f2\u04f4\u04f6\u04f8\u04fa\u04fc\u04fe\u0500\u0502\u0504\u0506\u0508\u050a\u050c\u050e\u0510\u0512\u0514\u0516\u0518\u051a\u051c\u051e\u0520\u0522\u0531-\u0556\u10a0-\u10c5\u1e00\u1e02\u1e04\u1e06\u1e08\u1e0a\u1e0c\u1e0e\u1e10\u1e12\u1e14\u1e16\u1e18\u1e1a\u1e1c\u1e1e\u1e20\u1e22\u1e24\u1e26\u1e28\u1e2a\u1e2c\u1e2e\u1e30\u1e32\u1e34\u1e36\u1e38\u1e3a\u1e3c\u1e3e\u1e40\u1e42\u1e44\u1e46\u1e48\u1e4a\u1e4c\u1e4e\u1e50\u1e52\u1e54\u1e56\u1e58\u1e5a\u1e5c\u1e5e\u1e60\u1e62\u1e64\u1e66\u1e68\u1e6a\u1e6c\u1e6e\u1e70\u1e72\u1e74\u1e76\u1e78\u1e7a\u1e7c\u1e7e\u1e80\u1e82\u1e84\u1e86\u1e88\u1e8a\u1e8c\u1e8e\u1e90\u1e92\u1e94\u1e9e\u1ea0\u1ea2\u1ea4\u1ea6\u1ea8\u1eaa\u1eac\u1eae\u1eb0\u1eb2\u1eb4\u1eb6\u1eb8\u1eba\u1ebc\u1ebe\u1ec0\u1ec2\u1ec4\u1ec6\u1ec8\u1eca\u1ecc\u1ece\u1ed0\u1ed2\u1ed4\u1ed6\u1ed8\u1eda\u1edc\u1ede\u1ee0\u1ee2\u1ee4\u1ee6\u1ee8\u1eea\u1eec\u1eee\u1ef0\u1ef2\u1ef4\u1ef6\u1ef8\u1efa\u1efc\u1efe\u1f08-\u1f0f\u1f18-\u1f1d\u1f28-\u1f2f\u1f38-\u1f3f\u1f48-\u1f4d\u1f59-\u1f5f\u1f68-\u1f6f\u1fb8-\u1fbb\u1fc8-\u1fcb\u1fd8-\u1fdb\u1fe8-\u1fec\u1ff8-\u1ffb\u2102\u2107\u210b-\u210d\u2110-\u2112\u2115\u2119-\u211d\u2124\u2126\u2128\u212a-\u212d\u2130-\u2133\u213e-\u213f\u2145\u2183\u2c00-\u2c2e\u2c60\u2c62-\u2c64\u2c67\u2c69\u2c6b\u2c6d-\u2c6f\u2c72\u2c75\u2c80\u2c82\u2c84\u2c86\u2c88\u2c8a\u2c8c\u2c8e\u2c90\u2c92\u2c94\u2c96\u2c98\u2c9a\u2c9c\u2c9e\u2ca0\u2ca2\u2ca4\u2ca6\u2ca8\u2caa\u2cac\u2cae\u2cb0\u2cb2\u2cb4\u2cb6\u2cb8\u2cba\u2cbc\u2cbe\u2cc0\u2cc2\u2cc4\u2cc6\u2cc8\u2cca\u2ccc\u2cce\u2cd0\u2cd2\u2cd4\u2cd6\u2cd8\u2cda\u2cdc\u2cde\u2ce0\u2ce2\ua640\ua642\ua644\ua646\ua648\ua64a\ua64c\ua64e\ua650\ua652\ua654\ua656\ua658\ua65a\ua65c\ua65e\ua662\ua664\ua666\ua668\ua66a\ua66c\ua680\ua682\ua684\ua686\ua688\ua68a\ua68c\ua68e\ua690\ua692\ua694\ua696\ua722\ua724\ua726\ua728\ua72a\ua72c\ua72e\ua732\ua734\ua736\ua738\ua73a\ua73c\ua73e\ua740\ua742\ua744\ua746\ua748\ua74a\ua74c\ua74e\ua750\ua752\ua754\ua756\ua758\ua75a\ua75c\ua75e\ua760\ua762\ua764\ua766\ua768\ua76a\ua76c\ua76e\ua779\ua77b\ua77d-\ua77e\ua780\ua782\ua784\ua786\ua78b\uff21-\uff3a]"
+		scalaLetter = `[a-zA-Z\\$_ªµºÀ-ÖØ-öø-ʯͰ-ͳͶ-ͷͻ-ͽΆΈ-ϵϷ-ҁҊ-Ֆա-ևא-ײء-ؿف-يٮ-ٯٱ-ۓەۮ-ۯۺ-ۼۿܐܒ-ܯݍ-ޥޱߊ-ߪऄ-हऽॐक़-ॡॲ-ॿঅ-হঽৎড়-ৡৰ-ৱਅ-ਹਖ਼-ਫ਼ੲ-ੴઅ-હઽૐ-ૡଅ-ହଽଡ଼-ୡୱஃ-ஹௐఅ-ఽౘ-ౡಅ-ಹಽೞ-ೡഅ-ഽൠ-ൡൺ-ൿඅ-ෆก-ะา-ำเ-ๅກ-ະາ-ຳຽ-ໄໜ-ༀཀ-ཬྈ-ྋက-ဪဿၐ-ၕၚ-ၝၡၥ-ၦၮ-ၰၵ-ႁႎႠ-ჺᄀ-ፚᎀ-ᎏᎠ-ᙬᙯ-ᙶᚁ-ᚚᚠ-ᛪᛮ-ᜑᜠ-ᜱᝀ-ᝑᝠ-ᝰក-ឳៜᠠ-ᡂᡄ-ᢨᢪ-ᤜᥐ-ᦩᧁ-ᧇᨀ-ᨖᬅ-ᬳᭅ-ᭋᮃ-ᮠᮮ-ᮯᰀ-ᰣᱍ-ᱏᱚ-ᱷᴀ-ᴫᵢ-ᵷᵹ-ᶚḀ-ᾼιῂ-ῌῐ-Ίῠ-Ῥῲ-ῼⁱⁿℂℇℊ-ℓℕℙ-ℝℤΩℨK-ℭℯ-ℹℼ-ℿⅅ-ⅉⅎⅠ-ↈⰀ-ⱼⲀ-ⳤⴀ-ⵥⶀ-ⷞ〆-〇〡-〩〸-〺〼ぁ-ゖゟァ-ヺヿ-ㆎㆠ-ㆷㇰ-ㇿ㐀-䶵一-ꀔꀖ-ꒌꔀ-ꘋꘐ-ꘟꘪ-ꙮꚀ-ꚗꜢ-ꝯꝱ-ꞇꞋ-ꠁꠃ-ꠅꠇ-ꠊꠌ-ꠢꡀ-ꡳꢂ-ꢳꤊ-ꤥꤰ-ꥆꨀ-ꨨꩀ-ꩂꩄ-ꩋ가-힣豈-יִײַ-ﬨשׁ-ﴽﵐ-ﷻﹰ-ﻼＡ-Ｚａ-ｚｦ-ｯｱ-ﾝﾠ-ￜ]`
+		scalaIDRest = fmt.Sprintf(`%s(?:%s|[0-9])*(?:(?<=_)%s)?`, scalaLetter, scalaLetter, scalaOp)
+	)
+
+	return Rules{
 		"root": {
 			{`(class|trait|object)(\s+)`, ByGroups(Keyword, Text), Push("class")},
 			{`[^\S\n]+`, Text, nil},
@@ -108,5 +112,5 @@ var Scala = internal.Register(MustNewLexer(
 			{`\{`, LiteralStringInterpol, Push()},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/scheme.go b/vendor/github.com/alecthomas/chroma/lexers/s/scheme.go
index b721d68d37..d2f177ea44 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/scheme.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/scheme.go
@@ -8,14 +8,18 @@ import (
 // nolint
 
 // Scheme lexer.
-var SchemeLang = internal.Register(MustNewLexer(
+var SchemeLang = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Scheme",
 		Aliases:   []string{"scheme", "scm"},
 		Filenames: []string{"*.scm", "*.ss"},
 		MimeTypes: []string{"text/x-scheme", "application/x-scheme"},
 	},
-	Rules{
+	schemeLangRules,
+))
+
+func schemeLangRules() Rules {
+	return Rules{
 		"root": {
 			{`;.*$`, CommentSingle, nil},
 			{`#\|`, CommentMultiline, Push("multiline-comment")},
@@ -49,5 +53,5 @@ var SchemeLang = internal.Register(MustNewLexer(
 			{`\)`, Comment, Pop(1)},
 			{`[^()]+`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/scilab.go b/vendor/github.com/alecthomas/chroma/lexers/s/scilab.go
index 87fa66cc0e..f8164927fb 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/scilab.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/scilab.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Scilab lexer.
-var Scilab = internal.Register(MustNewLexer(
+var Scilab = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Scilab",
 		Aliases:   []string{"scilab"},
 		Filenames: []string{"*.sci", "*.sce", "*.tst"},
 		MimeTypes: []string{"text/scilab"},
 	},
-	Rules{
+	scilabRules,
+))
+
+func scilabRules() Rules {
+	return Rules{
 		"root": {
 			{`//.*?$`, CommentSingle, nil},
 			{`^\s*function`, Keyword, Push("deffunc")},
@@ -40,5 +44,5 @@ var Scilab = internal.Register(MustNewLexer(
 			{`(\s*)(?:(.+)(\s*)(=)(\s*))?(.+)(\()(.*)(\))(\s*)`, ByGroups(TextWhitespace, Text, TextWhitespace, Punctuation, TextWhitespace, NameFunction, Punctuation, Text, Punctuation, TextWhitespace), Pop(1)},
 			{`(\s*)([a-zA-Z_]\w*)`, ByGroups(Text, NameFunction), Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/scss.go b/vendor/github.com/alecthomas/chroma/lexers/s/scss.go
index 48195de355..712057553c 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/scss.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/scss.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Scss lexer.
-var Scss = internal.Register(MustNewLexer(
+var Scss = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "SCSS",
 		Aliases:         []string{"scss"},
@@ -16,7 +16,11 @@ var Scss = internal.Register(MustNewLexer(
 		DotAll:          true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	scssRules,
+))
+
+func scssRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`//.*?\n`, CommentSingle, nil},
@@ -120,5 +124,5 @@ var Scss = internal.Register(MustNewLexer(
 			{`(from|to|through)`, OperatorWord, nil},
 			Include("value"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/smalltalk.go b/vendor/github.com/alecthomas/chroma/lexers/s/smalltalk.go
index db64707fd7..b4143d02fc 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/smalltalk.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/smalltalk.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Smalltalk lexer.
-var Smalltalk = internal.Register(MustNewLexer(
+var Smalltalk = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Smalltalk",
 		Aliases:   []string{"smalltalk", "squeak", "st"},
 		Filenames: []string{"*.st"},
 		MimeTypes: []string{"text/x-smalltalk"},
 	},
-	Rules{
+	smalltalkRules,
+))
+
+func smalltalkRules() Rules {
+	return Rules{
 		"root": {
 			{`(<)(\w+:)(.*?)(>)`, ByGroups(Text, Keyword, Text, Text), nil},
 			Include("squeak fileout"),
@@ -95,5 +99,5 @@ var Smalltalk = internal.Register(MustNewLexer(
 			{`(!\n)(\].*)(! !)$`, ByGroups(Keyword, Text, Keyword), nil},
 			{`! !$`, Keyword, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/smarty.go b/vendor/github.com/alecthomas/chroma/lexers/s/smarty.go
index c364ffa53a..566efbbeff 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/smarty.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/smarty.go
@@ -7,7 +7,7 @@ import (
 )
 
 // Smarty lexer.
-var Smarty = internal.Register(MustNewLexer(
+var Smarty = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Smarty",
 		Aliases:   []string{"smarty"},
@@ -15,7 +15,11 @@ var Smarty = internal.Register(MustNewLexer(
 		MimeTypes: []string{"application/x-smarty"},
 		DotAll:    true,
 	},
-	Rules{
+	smartyRules,
+))
+
+func smartyRules() Rules {
+	return Rules{
 		"root": {
 			{`[^{]+`, Other, nil},
 			{`(\{)(\*.*?\*)(\})`, ByGroups(CommentPreproc, Comment, CommentPreproc), nil},
@@ -36,5 +40,5 @@ var Smarty = internal.Register(MustNewLexer(
 			{`'(\\\\|\\'|[^'])*'`, LiteralStringSingle, nil},
 			{`[a-zA-Z_]\w*`, NameAttribute, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/sml.go b/vendor/github.com/alecthomas/chroma/lexers/s/sml.go
index f716d92b21..c795ea867e 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/sml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/sml.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Standard ML lexer.
-var StandardML = internal.Register(MustNewLexer(
+var StandardML = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Standard ML",
 		Aliases:   []string{"sml"},
 		Filenames: []string{"*.sml", "*.sig", "*.fun"},
 		MimeTypes: []string{"text/x-standardml", "application/x-standardml"},
 	},
-	Rules{
+	standardMLRules,
+))
+
+func standardMLRules() Rules {
+	return Rules{
 		"whitespace": {
 			{`\s+`, Text, nil},
 			{`\(\*`, CommentMultiline, Push("comment")},
@@ -196,5 +200,5 @@ var StandardML = internal.Register(MustNewLexer(
 			{`\*\)`, CommentMultiline, Pop(1)},
 			{`[(*)]`, CommentMultiline, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/snobol.go b/vendor/github.com/alecthomas/chroma/lexers/s/snobol.go
index c999b50f57..4529034675 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/snobol.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/snobol.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Snobol lexer.
-var Snobol = internal.Register(MustNewLexer(
+var Snobol = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Snobol",
 		Aliases:   []string{"snobol"},
 		Filenames: []string{"*.snobol"},
 		MimeTypes: []string{"text/x-snobol"},
 	},
-	Rules{
+	snobolRules,
+))
+
+func snobolRules() Rules {
+	return Rules{
 		"root": {
 			{`\*.*\n`, Comment, nil},
 			{`[+.] `, Punctuation, Push("statement")},
@@ -44,5 +48,5 @@ var Snobol = internal.Register(MustNewLexer(
 		"heredoc": {
 			{`.*\n`, LiteralStringHeredoc, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/solidity.go b/vendor/github.com/alecthomas/chroma/lexers/s/solidity.go
index d7cf0f97b5..b0682ffb41 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/solidity.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/solidity.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Solidity lexer.
-var Solidity = internal.Register(MustNewLexer(
+var Solidity = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Solidity",
 		Aliases:   []string{"sol", "solidity"},
@@ -14,7 +14,11 @@ var Solidity = internal.Register(MustNewLexer(
 		MimeTypes: []string{},
 		DotAll:    true,
 	},
-	Rules{
+	solidityRules,
+))
+
+func solidityRules() Rules {
+	return Rules{
 		"assembly": {
 			Include("comments"),
 			Include("numbers"),
@@ -106,5 +110,5 @@ var Solidity = internal.Register(MustNewLexer(
 			{`(addmod|ecrecover|keccak256|mulmod|ripemd160|sha256|sha3)\b`, NameFunction, nil},
 			{`[a-zA-Z_]\w*`, Name, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/sparql.go b/vendor/github.com/alecthomas/chroma/lexers/s/sparql.go
index 47a1716b35..eef73d9dae 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/sparql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/sparql.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Sparql lexer.
-var Sparql = internal.Register(MustNewLexer(
+var Sparql = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "SPARQL",
 		Aliases:   []string{"sparql"},
 		Filenames: []string{"*.rq", "*.sparql"},
 		MimeTypes: []string{"application/sparql-query"},
 	},
-	Rules{
+	sparqlRules,
+))
+
+func sparqlRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`((?i)select|construct|describe|ask|where|filter|group\s+by|minus|distinct|reduced|from\s+named|from|order\s+by|desc|asc|limit|offset|bindings|load|clear|drop|create|add|move|copy|insert\s+data|delete\s+data|delete\s+where|delete|insert|using\s+named|using|graph|default|named|all|optional|service|silent|bind|union|not\s+in|in|as|having|to|prefix|base)\b`, Keyword, nil},
@@ -65,5 +69,5 @@ var Sparql = internal.Register(MustNewLexer(
 			{`\^\^`, Operator, Pop(2)},
 			Default(Pop(2)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/sql.go b/vendor/github.com/alecthomas/chroma/lexers/s/sql.go
index 6f4e3e079c..fb8c8edf1b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/sql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/sql.go
@@ -6,7 +6,7 @@ import (
 )
 
 // SQL lexer.
-var SQL = internal.Register(MustNewLexer(
+var SQL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "SQL",
 		Aliases:         []string{"sql"},
@@ -15,9 +15,13 @@ var SQL = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	sqlRules,
+))
+
+func sqlRules() Rules {
+	return Rules{
 		"root": {
-			{`\s+`, Text, nil},
+			{`\s+`, TextWhitespace, nil},
 			{`--.*\n?`, CommentSingle, nil},
 			{`/\*`, CommentMultiline, Push("multiline-comments")},
 			{`'`, LiteralStringSingle, Push("string")},
@@ -45,5 +49,5 @@ var SQL = internal.Register(MustNewLexer(
 			{`""`, LiteralStringDouble, nil},
 			{`"`, LiteralStringDouble, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/squid.go b/vendor/github.com/alecthomas/chroma/lexers/s/squid.go
index 1f161901b6..b4da3da10c 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/squid.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/squid.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Squidconf lexer.
-var Squidconf = internal.Register(MustNewLexer(
+var Squidconf = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "SquidConf",
 		Aliases:         []string{"squidconf", "squid.conf", "squid"},
@@ -15,7 +15,11 @@ var Squidconf = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	squidconfRules,
+))
+
+func squidconfRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, TextWhitespace, nil},
 			{`#`, Comment, Push("comment")},
@@ -34,5 +38,5 @@ var Squidconf = internal.Register(MustNewLexer(
 			{`.+`, Comment, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/stylus.go b/vendor/github.com/alecthomas/chroma/lexers/s/stylus.go
index a197f4f28a..159077f4c2 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/stylus.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/stylus.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Stylus lexer.
-var Stylus = internal.Register(MustNewLexer(
+var Stylus = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Stylus",
 		Aliases:         []string{"stylus"},
@@ -14,7 +14,11 @@ var Stylus = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-styl"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	stylusRules,
+))
+
+func stylusRules() Rules {
+	return Rules{
 		// "root": {
 		// },
 		"root": {
@@ -58,5 +62,5 @@ var Stylus = internal.Register(MustNewLexer(
 			{Words(`\b`, `\b`, `absolute`, `alias`, `all`, `all-petite-caps`, `all-scroll`, `all-small-caps`, `allow-end`, `alpha`, `alternate`, `alternate-reverse`, `always`, `armenian`, `auto`, `avoid`, `avoid-column`, `avoid-page`, `backwards`, `balance`, `baseline`, `below`, `blink`, `block`, `bold`, `bolder`, `border-box`, `both`, `bottom`, `box-decoration`, `break-word`, `capitalize`, `cell`, `center`, `circle`, `clip`, `clone`, `close-quote`, `col-resize`, `collapse`, `color`, `color-burn`, `color-dodge`, `column`, `column-reverse`, `compact`, `condensed`, `contain`, `container`, `content-box`, `context-menu`, `copy`, `cover`, `crisp-edges`, `crosshair`, `currentColor`, `cursive`, `darken`, `dashed`, `decimal`, `decimal-leading-zero`, `default`, `descendants`, `difference`, `digits`, `disc`, `distribute`, `dot`, `dotted`, `double`, `double-circle`, `e-resize`, `each-line`, `ease`, `ease-in`, `ease-in-out`, `ease-out`, `edges`, `ellipsis`, `end`, `ew-resize`, `exclusion`, `expanded`, `extra-condensed`, `extra-expanded`, `fantasy`, `fill`, `fill-box`, `filled`, `first`, `fixed`, `flat`, `flex`, `flex-end`, `flex-start`, `flip`, `force-end`, `forwards`, `from-image`, `full-width`, `geometricPrecision`, `georgian`, `groove`, `hanging`, `hard-light`, `help`, `hidden`, `hide`, `horizontal`, `hue`, `icon`, `infinite`, `inherit`, `initial`, `ink`, `inline`, `inline-block`, `inline-flex`, `inline-table`, `inset`, `inside`, `inter-word`, `invert`, `isolate`, `italic`, `justify`, `large`, `larger`, `last`, `left`, `lighten`, `lighter`, `line-through`, `linear`, `list-item`, `local`, `loose`, `lower-alpha`, `lower-greek`, `lower-latin`, `lower-roman`, `lowercase`, `ltr`, `luminance`, `luminosity`, `mandatory`, `manipulation`, `manual`, `margin-box`, `match-parent`, `medium`, `mixed`, `monospace`, `move`, `multiply`, `n-resize`, `ne-resize`, `nesw-resize`, `no-close-quote`, `no-drop`, `no-open-quote`, `no-repeat`, `none`, `normal`, `not-allowed`, `nowrap`, `ns-resize`, `nw-resize`, `nwse-resize`, `objects`, `oblique`, `off`, `on`, `open`, `open-quote`, `optimizeLegibility`, `optimizeSpeed`, `outset`, `outside`, `over`, `overlay`, `overline`, `padding-box`, `page`, `pan-down`, `pan-left`, `pan-right`, `pan-up`, `pan-x`, `pan-y`, `paused`, `petite-caps`, `pixelated`, `pointer`, `preserve-3d`, `progress`, `proximity`, `relative`, `repeat`, `repeat no-repeat`, `repeat-x`, `repeat-y`, `reverse`, `ridge`, `right`, `round`, `row`, `row-resize`, `row-reverse`, `rtl`, `ruby`, `ruby-base`, `ruby-base-container`, `ruby-text`, `ruby-text-container`, `run-in`, `running`, `s-resize`, `sans-serif`, `saturation`, `scale-down`, `screen`, `scroll`, `se-resize`, `semi-condensed`, `semi-expanded`, `separate`, `serif`, `sesame`, `show`, `sideways`, `sideways-left`, `sideways-right`, `slice`, `small`, `small-caps`, `smaller`, `smooth`, `snap`, `soft-light`, `solid`, `space`, `space-around`, `space-between`, `spaces`, `square`, `start`, `static`, `step-end`, `step-start`, `sticky`, `stretch`, `strict`, `stroke-box`, `style`, `sw-resize`, `table`, `table-caption`, `table-cell`, `table-column`, `table-column-group`, `table-footer-group`, `table-header-group`, `table-row`, `table-row-group`, `text`, `thick`, `thin`, `titling-caps`, `to`, `top`, `triangle`, `ultra-condensed`, `ultra-expanded`, `under`, `underline`, `unicase`, `unset`, `upper-alpha`, `upper-latin`, `upper-roman`, `uppercase`, `upright`, `use-glyph-orientation`, `vertical`, `vertical-text`, `view-box`, `visible`, `w-resize`, `wait`, `wavy`, `weight`, `weight style`, `wrap`, `wrap-reverse`, `x-large`, `x-small`, `xx-large`, `xx-small`, `zoom-in`, `zoom-out`), KeywordConstant, nil},
 			{`\;?`, Punctuation, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/swift.go b/vendor/github.com/alecthomas/chroma/lexers/s/swift.go
index d4d8c1cf11..3467e4ca7c 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/swift.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/swift.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Swift lexer.
-var Swift = internal.Register(MustNewLexer(
+var Swift = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Swift",
 		Aliases:   []string{"swift"},
 		Filenames: []string{"*.swift"},
 		MimeTypes: []string{"text/x-swift"},
 	},
-	Rules{
+	swiftRules,
+))
+
+func swiftRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`\s+`, Text, nil},
@@ -83,5 +87,5 @@ var Swift = internal.Register(MustNewLexer(
 			{`\)`, LiteralStringInterpol, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/systemd.go b/vendor/github.com/alecthomas/chroma/lexers/s/systemd.go
index 6b0884ec00..f70136c399 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/systemd.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/systemd.go
@@ -5,14 +5,18 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var SYSTEMD = internal.Register(MustNewLexer(
+var SYSTEMD = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "SYSTEMD",
 		Aliases:   []string{"systemd"},
 		Filenames: []string{"*.service"},
 		MimeTypes: []string{"text/plain"},
 	},
-	Rules{
+	systemdRules,
+))
+
+func systemdRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`[;#].*`, Comment, nil},
@@ -24,5 +28,5 @@ var SYSTEMD = internal.Register(MustNewLexer(
 			{`(.*?)(\\\n)`, ByGroups(LiteralString, Text), nil},
 			{`(.*)`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/s/systemverilog.go b/vendor/github.com/alecthomas/chroma/lexers/s/systemverilog.go
index 85c459fed6..a9a77f542e 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/s/systemverilog.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/s/systemverilog.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Systemverilog lexer.
-var Systemverilog = internal.Register(MustNewLexer(
+var Systemverilog = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "systemverilog",
 		Aliases:   []string{"systemverilog", "sv"},
@@ -14,7 +14,11 @@ var Systemverilog = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-systemverilog"},
 		EnsureNL:  true,
 	},
-	Rules{
+	systemvarilogRules,
+))
+
+func systemvarilogRules() Rules {
+	return Rules{
 		"root": {
 			{"^\\s*`define", CommentPreproc, Push("macro")},
 			{`^(\s*)(package)(\s+)`, ByGroups(Text, KeywordNamespace, Text), nil},
@@ -69,5 +73,5 @@ var Systemverilog = internal.Register(MustNewLexer(
 		"import": {
 			{`[\w:]+\*?`, NameNamespace, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/tablegen.go b/vendor/github.com/alecthomas/chroma/lexers/t/tablegen.go
index 18c6978799..ca05ed32d8 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/tablegen.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/tablegen.go
@@ -6,14 +6,18 @@ import (
 )
 
 // TableGen lexer.
-var Tablegen = internal.Register(MustNewLexer(
+var Tablegen = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TableGen",
 		Aliases:   []string{"tablegen"},
 		Filenames: []string{"*.td"},
 		MimeTypes: []string{"text/x-tablegen"},
 	},
-	Rules{
+	tablegenRules,
+))
+
+func tablegenRules() Rules {
+	return Rules{
 		"root": {
 			Include("macro"),
 			Include("whitespace"),
@@ -38,5 +42,5 @@ var Tablegen = internal.Register(MustNewLexer(
 		"keyword": {
 			{Words(``, `\b`, `bit`, `bits`, `class`, `code`, `dag`, `def`, `defm`, `field`, `foreach`, `in`, `int`, `let`, `list`, `multiclass`, `string`), Keyword, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/tasm.go b/vendor/github.com/alecthomas/chroma/lexers/t/tasm.go
index 960399ca93..0164a73689 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/tasm.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/tasm.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Tasm lexer.
-var Tasm = internal.Register(MustNewLexer(
+var Tasm = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "TASM",
 		Aliases:         []string{"tasm"},
@@ -14,7 +14,11 @@ var Tasm = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-tasm"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	tasmRules,
+))
+
+func tasmRules() Rules {
+	return Rules{
 		"root": {
 			{`^\s*%`, CommentPreproc, Push("preproc")},
 			Include("whitespace"),
@@ -57,5 +61,5 @@ var Tasm = internal.Register(MustNewLexer(
 			{`seg|wrt|strict`, OperatorWord, nil},
 			{`byte|[dq]?word`, KeywordType, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/tcl.go b/vendor/github.com/alecthomas/chroma/lexers/t/tcl.go
index 77951b40fb..5f7030ab37 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/tcl.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/tcl.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Tcl lexer.
-var Tcl = internal.Register(MustNewLexer(
+var Tcl = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Tcl",
 		Aliases:   []string{"tcl"},
 		Filenames: []string{"*.tcl", "*.rvt"},
 		MimeTypes: []string{"text/x-tcl", "text/x-script.tcl", "application/x-tcl"},
 	},
-	Rules{
+	tclRules,
+))
+
+func tclRules() Rules {
+	return Rules{
 		"root": {
 			Include("command"),
 			Include("basic"),
@@ -112,5 +116,5 @@ var Tcl = internal.Register(MustNewLexer(
 			{`.*[^\\]\n`, Comment, Pop(1)},
 			{`.*\\\n`, Comment, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/tcsh.go b/vendor/github.com/alecthomas/chroma/lexers/t/tcsh.go
index e36bdfd8e2..fec0cb2ea8 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/tcsh.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/tcsh.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Tcsh lexer.
-var Tcsh = internal.Register(MustNewLexer(
+var Tcsh = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Tcsh",
 		Aliases:   []string{"tcsh", "csh"},
 		Filenames: []string{"*.tcsh", "*.csh"},
 		MimeTypes: []string{"application/x-csh"},
 	},
-	Rules{
+	tcshRules,
+))
+
+func tcshRules() Rules {
+	return Rules{
 		"root": {
 			Include("basic"),
 			{`\$\(`, Keyword, Push("paren")},
@@ -55,5 +59,5 @@ var Tcsh = internal.Register(MustNewLexer(
 			{"`", LiteralStringBacktick, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/termcap.go b/vendor/github.com/alecthomas/chroma/lexers/t/termcap.go
index 21b7d15c60..8db20b563d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/termcap.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/termcap.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Termcap lexer.
-var Termcap = internal.Register(MustNewLexer(
+var Termcap = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Termcap",
 		Aliases:   []string{"termcap"},
 		Filenames: []string{"termcap", "termcap.src"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	termcapRules,
+))
+
+func termcapRules() Rules {
+	return Rules{
 		"root": {
 			{`^#.*$`, Comment, nil},
 			{`^[^\s#:|]+`, NameTag, Push("names")},
@@ -38,5 +42,5 @@ var Termcap = internal.Register(MustNewLexer(
 			{`[^:\\]+`, Literal, nil},
 			{`.`, Literal, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/terminfo.go b/vendor/github.com/alecthomas/chroma/lexers/t/terminfo.go
index 79749e12fb..b3f2735499 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/terminfo.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/terminfo.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Terminfo lexer.
-var Terminfo = internal.Register(MustNewLexer(
+var Terminfo = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Terminfo",
 		Aliases:   []string{"terminfo"},
 		Filenames: []string{"terminfo", "terminfo.src"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	terminfoRules,
+))
+
+func terminfoRules() Rules {
+	return Rules{
 		"root": {
 			{`^#.*$`, Comment, nil},
 			{`^[^\s#,|]+`, NameTag, Push("names")},
@@ -38,5 +42,5 @@ var Terminfo = internal.Register(MustNewLexer(
 			{`[^\\,]+`, Literal, nil},
 			{`.`, Literal, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/terraform.go b/vendor/github.com/alecthomas/chroma/lexers/t/terraform.go
index 093ee3046c..c9c0905de5 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/terraform.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/terraform.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Terraform lexer.
-var Terraform = internal.Register(MustNewLexer(
+var Terraform = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Terraform",
 		Aliases:   []string{"terraform", "tf"},
 		Filenames: []string{"*.tf"},
 		MimeTypes: []string{"application/x-tf", "application/x-terraform"},
 	},
-	Rules{
+	terraformRules,
+))
+
+func terraformRules() Rules {
+	return Rules{
 		"root": {
 			{`[\[\](),.{}]`, Punctuation, nil},
 			{`-?[0-9]+`, LiteralNumber, nil},
@@ -56,5 +60,5 @@ var Terraform = internal.Register(MustNewLexer(
 			{`\}`, LiteralStringInterpol, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/tex.go b/vendor/github.com/alecthomas/chroma/lexers/t/tex.go
index f1010c4a89..f9413b370b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/tex.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/tex.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Tex lexer.
-var TeX = internal.Register(MustNewLexer(
+var TeX = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TeX",
 		Aliases:   []string{"tex", "latex"},
 		Filenames: []string{"*.tex", "*.aux", "*.toc"},
 		MimeTypes: []string{"text/x-tex", "text/x-latex"},
 	},
-	Rules{
+	texRules,
+))
+
+func texRules() Rules {
+	return Rules{
 		"general": {
 			{`%.*?\n`, Comment, nil},
 			{`[{}]`, NameBuiltin, nil},
@@ -52,5 +56,5 @@ var TeX = internal.Register(MustNewLexer(
 			{`\*`, Keyword, nil},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/thrift.go b/vendor/github.com/alecthomas/chroma/lexers/t/thrift.go
index 5cbd0af9ea..61669d7124 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/thrift.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/thrift.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Thrift lexer.
-var Thrift = internal.Register(MustNewLexer(
+var Thrift = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Thrift",
 		Aliases:   []string{"thrift"},
 		Filenames: []string{"*.thrift"},
 		MimeTypes: []string{"application/x-thrift"},
 	},
-	Rules{
+	thriftRules,
+))
+
+func thriftRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			Include("comments"),
@@ -69,5 +73,5 @@ var Thrift = internal.Register(MustNewLexer(
 			{`[+-]?0x[0-9A-Fa-f]+`, LiteralNumberHex, nil},
 			{`[+-]?[0-9]+`, LiteralNumberInteger, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/toml.go b/vendor/github.com/alecthomas/chroma/lexers/t/toml.go
index cc0a38e42b..b685a2c969 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/toml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/toml.go
@@ -5,14 +5,18 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var TOML = internal.Register(MustNewLexer(
+var TOML = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TOML",
 		Aliases:   []string{"toml"},
 		Filenames: []string{"*.toml"},
 		MimeTypes: []string{"text/x-toml"},
 	},
-	Rules{
+	tomlRules,
+))
+
+func tomlRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Text, nil},
 			{`#.*`, Comment, nil},
@@ -25,5 +29,5 @@ var TOML = internal.Register(MustNewLexer(
 			{`[.,=\[\]{}]`, Punctuation, nil},
 			{`[^\W\d]\w*`, NameOther, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/tradingview.go b/vendor/github.com/alecthomas/chroma/lexers/t/tradingview.go
index e3d8a7ac1a..bf303c648d 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/tradingview.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/tradingview.go
@@ -6,7 +6,7 @@ import (
 )
 
 // TradingView lexer
-var TradingView = internal.Register(MustNewLexer(
+var TradingView = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TradingView",
 		Aliases:   []string{"tradingview", "tv"},
@@ -15,7 +15,11 @@ var TradingView = internal.Register(MustNewLexer(
 		DotAll:    true,
 		EnsureNL:  true,
 	},
-	Rules{
+	tradingViewRules,
+))
+
+func tradingViewRules() Rules {
+	return Rules{
 		"root": {
 			{`[^\S\n]+|\n|[()]`, Text, nil},
 			{`(//.*?)(\n)`, ByGroups(CommentSingle, Text), nil},
@@ -36,5 +40,5 @@ var TradingView = internal.Register(MustNewLexer(
 			{`(and|or|not|if|else|for|to)\b`, OperatorWord, nil},
 			{`@?[_a-zA-Z]\w*`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/transactsql.go b/vendor/github.com/alecthomas/chroma/lexers/t/transactsql.go
index 769a2f9193..e5beb06696 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/transactsql.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/transactsql.go
@@ -6,7 +6,7 @@ import (
 )
 
 // TransactSQL lexer.
-var TransactSQL = internal.Register(MustNewLexer(
+var TransactSQL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Transact-SQL",
 		Aliases:         []string{"tsql", "t-sql"},
@@ -14,7 +14,11 @@ var TransactSQL = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	transactSQLRules,
+))
+
+func transactSQLRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, TextWhitespace, nil},
 			{`--(?m).*?$\n?`, CommentSingle, nil},
@@ -56,5 +60,5 @@ var TransactSQL = internal.Register(MustNewLexer(
 			{`""`, LiteralStringName, nil},
 			{`"`, LiteralStringName, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/turing.go b/vendor/github.com/alecthomas/chroma/lexers/t/turing.go
index ae5671b50d..e34a6c1cea 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/turing.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/turing.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Turing lexer.
-var Turing = internal.Register(MustNewLexer(
+var Turing = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Turing",
 		Aliases:   []string{"turing"},
 		Filenames: []string{"*.turing", "*.tu"},
 		MimeTypes: []string{"text/x-turing"},
 	},
-	Rules{
+	turingRules,
+))
+
+func turingRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`\s+`, Text, nil},
@@ -39,5 +43,5 @@ var Turing = internal.Register(MustNewLexer(
 			{`[()\[\]{}.,:]`, Punctuation, nil},
 			{`[^\W\d]\w*`, NameOther, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/turtle.go b/vendor/github.com/alecthomas/chroma/lexers/t/turtle.go
index 71d3c47be8..437f375f5f 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/turtle.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/turtle.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Turtle lexer.
-var Turtle = internal.Register(MustNewLexer(
+var Turtle = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "Turtle",
 		Aliases:         []string{"turtle"},
@@ -15,7 +15,11 @@ var Turtle = internal.Register(MustNewLexer(
 		NotMultiline:    true,
 		CaseInsensitive: true,
 	},
-	Rules{
+	turtleRules,
+))
+
+func turtleRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, TextWhitespace, nil},
 			{"(@base|BASE)(\\s+)(<[^<>\"{}|^`\\\\\\x00-\\x20]*>)(\\s*)(\\.?)", ByGroups(Keyword, TextWhitespace, NameVariable, TextWhitespace, Punctuation), nil},
@@ -63,5 +67,5 @@ var Turtle = internal.Register(MustNewLexer(
 			{`(\^\^)((?:[a-z][\w-]*)?\:)([a-z][\w-]*)`, ByGroups(Operator, GenericEmph, GenericEmph), Pop(2)},
 			Default(Pop(2)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/twig.go b/vendor/github.com/alecthomas/chroma/lexers/t/twig.go
index 56aa9b9a79..0e0c1f18a9 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/twig.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/twig.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Twig lexer.
-var Twig = internal.Register(MustNewLexer(
+var Twig = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Twig",
 		Aliases:   []string{"twig"},
@@ -14,7 +14,11 @@ var Twig = internal.Register(MustNewLexer(
 		MimeTypes: []string{"application/x-twig"},
 		DotAll:    true,
 	},
-	Rules{
+	twigRules,
+))
+
+func twigRules() Rules {
+	return Rules{
 		"root": {
 			{`[^{]+`, Other, nil},
 			{`\{\{`, CommentPreproc, Push("var")},
@@ -50,5 +54,5 @@ var Twig = internal.Register(MustNewLexer(
 			Include("varnames"),
 			{`.`, Punctuation, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/typescript.go b/vendor/github.com/alecthomas/chroma/lexers/t/typescript.go
index 5205e01105..0625bb0927 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/typescript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/typescript.go
@@ -6,7 +6,7 @@ import (
 )
 
 // TypeScript lexer.
-var TypeScript = internal.Register(MustNewLexer(
+var TypeScript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TypeScript",
 		Aliases:   []string{"ts", "tsx", "typescript"},
@@ -15,7 +15,11 @@ var TypeScript = internal.Register(MustNewLexer(
 		DotAll:    true,
 		EnsureNL:  true,
 	},
-	Rules{
+	typeScriptRules,
+))
+
+func typeScriptRules() Rules {
+	return Rules{
 		"commentsandwhitespace": {
 			{`\s+`, Text, nil},
 			{`<!--`, Comment, nil},
@@ -93,5 +97,5 @@ var TypeScript = internal.Register(MustNewLexer(
 			{`}`, Punctuation, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/t/typoscript.go b/vendor/github.com/alecthomas/chroma/lexers/t/typoscript.go
index c93fff5c0f..40a5c5dba5 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/t/typoscript.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/t/typoscript.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Typoscript lexer.
-var Typoscript = internal.Register(MustNewLexer(
+var Typoscript = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TypoScript",
 		Aliases:   []string{"typoscript"},
@@ -15,7 +15,11 @@ var Typoscript = internal.Register(MustNewLexer(
 		DotAll:    true,
 		Priority:  0.1,
 	},
-	Rules{
+	typoscriptRules,
+))
+
+func typoscriptRules() Rules {
+	return Rules{
 		"root": {
 			Include("comment"),
 			Include("constant"),
@@ -78,18 +82,22 @@ var Typoscript = internal.Register(MustNewLexer(
 		"other": {
 			{`[\w"\-!/&;]+`, Text, nil},
 		},
-	},
-))
+	}
+}
 
 // TypoScriptCSSData lexer.
-var TypoScriptCSSData = internal.Register(MustNewLexer(
+var TypoScriptCSSData = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TypoScriptCssData",
 		Aliases:   []string{"typoscriptcssdata"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	typoScriptCSSDataRules,
+))
+
+func typoScriptCSSDataRules() Rules {
+	return Rules{
 		"root": {
 			{`(.*)(###\w+###)(.*)`, ByGroups(LiteralString, NameConstant, LiteralString), nil},
 			{`(\{)(\$)((?:[\w\-]+\.)*)([\w\-]+)(\})`, ByGroups(LiteralStringSymbol, Operator, NameConstant, NameConstant, LiteralStringSymbol), nil},
@@ -100,18 +108,22 @@ var TypoScriptCSSData = internal.Register(MustNewLexer(
 			{`[<>,:=.*%+|]`, LiteralString, nil},
 			{`[\w"\-!/&;(){}]+`, LiteralString, nil},
 		},
-	},
-))
+	}
+}
 
 // TypoScriptHTMLData lexer.
-var TypoScriptHTMLData = internal.Register(MustNewLexer(
+var TypoScriptHTMLData = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "TypoScriptHtmlData",
 		Aliases:   []string{"typoscripthtmldata"},
 		Filenames: []string{},
 		MimeTypes: []string{},
 	},
-	Rules{
+	typoScriptHTMLDataRules,
+))
+
+func typoScriptHTMLDataRules() Rules {
+	return Rules{
 		"root": {
 			{`(INCLUDE_TYPOSCRIPT)`, NameClass, nil},
 			{`(EXT|FILE|LLL):[^}\n"]*`, LiteralString, nil},
@@ -122,5 +134,5 @@ var TypoScriptHTMLData = internal.Register(MustNewLexer(
 			{`[<>,:=.*%+|]`, LiteralString, nil},
 			{`[\w"\-!/&;(){}#]+`, LiteralString, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/v/vb.go b/vendor/github.com/alecthomas/chroma/lexers/v/vb.go
index 6c4bcd1636..fc6bc0b3f4 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/v/vb.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/v/vb.go
@@ -8,7 +8,7 @@ import (
 const vbName = `[_\w][\w]*`
 
 // VB.Net lexer.
-var VBNet = internal.Register(MustNewLexer(
+var VBNet = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "VB.net",
 		Aliases:         []string{"vb.net", "vbnet"},
@@ -16,7 +16,11 @@ var VBNet = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-vbnet", "text/x-vba"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	vbNetRules,
+))
+
+func vbNetRules() Rules {
+	return Rules{
 		"root": {
 			{`^\s*<.*?>`, NameAttribute, nil},
 			{`\s+`, Text, nil},
@@ -69,5 +73,5 @@ var VBNet = internal.Register(MustNewLexer(
 			{`(Function|Sub|Property|Class|Structure|Enum|Module|Namespace)\b`, Keyword, Pop(1)},
 			Default(Pop(1)),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/v/verilog.go b/vendor/github.com/alecthomas/chroma/lexers/v/verilog.go
index a041f956e3..00dbbc7fe7 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/v/verilog.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/v/verilog.go
@@ -6,7 +6,7 @@ import (
 )
 
 // Verilog lexer.
-var Verilog = internal.Register(MustNewLexer(
+var Verilog = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "verilog",
 		Aliases:   []string{"verilog", "v"},
@@ -14,7 +14,11 @@ var Verilog = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-verilog"},
 		EnsureNL:  true,
 	},
-	Rules{
+	verilogRules,
+))
+
+func verilogRules() Rules {
+	return Rules{
 		"root": {
 			{"^\\s*`define", CommentPreproc, Push("macro")},
 			{`\n`, Text, nil},
@@ -64,5 +68,5 @@ var Verilog = internal.Register(MustNewLexer(
 		"import": {
 			{`[\w:]+\*?`, NameNamespace, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/v/vhdl.go b/vendor/github.com/alecthomas/chroma/lexers/v/vhdl.go
index be045c8212..4807ccb187 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/v/vhdl.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/v/vhdl.go
@@ -6,7 +6,7 @@ import (
 )
 
 // VHDL lexer.
-var VHDL = internal.Register(MustNewLexer(
+var VHDL = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:            "VHDL",
 		Aliases:         []string{"vhdl"},
@@ -14,7 +14,11 @@ var VHDL = internal.Register(MustNewLexer(
 		MimeTypes:       []string{"text/x-vhdl"},
 		CaseInsensitive: true,
 	},
-	Rules{
+	vhdlRules,
+))
+
+func vhdlRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`\s+`, Text, nil},
@@ -62,5 +66,5 @@ var VHDL = internal.Register(MustNewLexer(
 			{`O"[0-7_]+"`, LiteralNumberOct, nil},
 			{`B"[01_]+"`, LiteralNumberBin, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/v/vim.go b/vendor/github.com/alecthomas/chroma/lexers/v/vim.go
index 7e1a1310e9..3d745d5cd6 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/v/vim.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/v/vim.go
@@ -7,14 +7,18 @@ import (
 )
 
 // Viml lexer.
-var Viml = internal.Register(MustNewLexer(
+var Viml = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "VimL",
 		Aliases:   []string{"vim"},
 		Filenames: []string{"*.vim", ".vimrc", ".exrc", ".gvimrc", "_vimrc", "_exrc", "_gvimrc", "vimrc", "gvimrc"},
 		MimeTypes: []string{"text/x-vim"},
 	},
-	Rules{
+	vimlRules,
+))
+
+func vimlRules() Rules {
+	return Rules{
 		"root": {
 			{`^([ \t:]*)(py(?:t(?:h(?:o(?:n)?)?)?)?)([ \t]*)(<<)([ \t]*)(.*)((?:\n|.)*)(\6)`, ByGroups(UsingSelf("root"), Keyword, Text, Operator, Text, Text, Using(Python), Text), nil},
 			{`^([ \t:]*)(py(?:t(?:h(?:o(?:n)?)?)?)?)([ \t])(.*)`, ByGroups(UsingSelf("root"), Keyword, Text, Using(Python)), nil},
@@ -33,5 +37,5 @@ var Viml = internal.Register(MustNewLexer(
 			{`\b\w+\b`, NameOther, nil},
 			{`.`, Text, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/v/vue.go b/vendor/github.com/alecthomas/chroma/lexers/v/vue.go
index 5c2457deec..b4b9614b33 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/v/vue.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/v/vue.go
@@ -8,7 +8,7 @@ import (
 // Vue lexer.
 //
 // This was generated from https://github.com/testdrivenio/vue-lexer
-var Vue = internal.Register(MustNewLexer(
+var Vue = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "vue",
 		Aliases:   []string{"vue", "vuejs"},
@@ -16,7 +16,11 @@ var Vue = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/x-vue", "application/x-vue"},
 		DotAll:    true,
 	},
-	Rules{
+	vueRules,
+))
+
+func vueRules() Rules {
+	return Rules{
 		"commentsandwhitespace": {
 			{`\s+`, Text, nil},
 			{`<!--`, Comment, nil},
@@ -103,5 +107,5 @@ var Vue = internal.Register(MustNewLexer(
 			{`}`, Punctuation, Pop(1)},
 			Include("root"),
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/w/wdte.go b/vendor/github.com/alecthomas/chroma/lexers/w/wdte.go
index e4197a020b..2e5d883aa4 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/w/wdte.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/w/wdte.go
@@ -6,12 +6,16 @@ import (
 )
 
 // WDTE lexer.
-var WDTE = internal.Register(MustNewLexer(
+var WDTE = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "WDTE",
 		Filenames: []string{"*.wdte"},
 	},
-	Rules{
+	wdteRules,
+))
+
+func wdteRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, Text, nil},
 			{`\s+`, Text, nil},
@@ -25,5 +29,5 @@ var WDTE = internal.Register(MustNewLexer(
 			{`{|}|;|->|=>|\(|\)|\[|\]|\.`, Operator, nil},
 			{`[^{};()[\].\s]+`, NameVariable, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/x/xml.go b/vendor/github.com/alecthomas/chroma/lexers/x/xml.go
index 0bf9eb2b44..1e93c4ee9b 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/x/xml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/x/xml.go
@@ -6,7 +6,7 @@ import (
 )
 
 // XML lexer.
-var XML = internal.Register(MustNewLexer(
+var XML = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "XML",
 		Aliases:   []string{"xml"},
@@ -14,7 +14,11 @@ var XML = internal.Register(MustNewLexer(
 		MimeTypes: []string{"text/xml", "application/xml", "image/svg+xml", "application/rss+xml", "application/atom+xml"},
 		DotAll:    true,
 	},
-	Rules{
+	xmlRules,
+))
+
+func xmlRules() Rules {
+	return Rules{
 		"root": {
 			{`[^<&]+`, Text, nil},
 			{`&\S*?;`, NameEntity, nil},
@@ -41,5 +45,5 @@ var XML = internal.Register(MustNewLexer(
 			{`'.*?'`, LiteralString, Pop(1)},
 			{`[^\s>]+`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/x/xorg.go b/vendor/github.com/alecthomas/chroma/lexers/x/xorg.go
index 6e6cbec606..7936a51ab2 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/x/xorg.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/x/xorg.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Xorg lexer.
-var Xorg = internal.Register(MustNewLexer(
+var Xorg = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Xorg",
 		Aliases:   []string{"xorg.conf"},
 		Filenames: []string{"xorg.conf"},
 		MimeTypes: []string{},
 	},
-	Rules{
+	xorgRules,
+))
+
+func xorgRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, TextWhitespace, nil},
 			{`#.*$`, Comment, nil},
@@ -21,5 +25,5 @@ var Xorg = internal.Register(MustNewLexer(
 			{`(End(|Sub)Section)`, KeywordNamespace, nil},
 			{`(\w+)(\s+)([^\n#]+)`, ByGroups(NameKeyword, TextWhitespace, LiteralString), nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/y/yaml.go b/vendor/github.com/alecthomas/chroma/lexers/y/yaml.go
index 72b77431d2..488f760049 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/y/yaml.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/y/yaml.go
@@ -5,14 +5,18 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var YAML = internal.Register(MustNewLexer(
+var YAML = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "YAML",
 		Aliases:   []string{"yaml"},
 		Filenames: []string{"*.yaml", "*.yml"},
 		MimeTypes: []string{"text/x-yaml"},
 	},
-	Rules{
+	yamlRules,
+))
+
+func yamlRules() Rules {
+	return Rules{
 		"root": {
 			Include("whitespace"),
 			{`^---`, NameNamespace, nil},
@@ -50,5 +54,5 @@ var YAML = internal.Register(MustNewLexer(
 			{`\s+`, Whitespace, nil},
 			{`\n+`, Whitespace, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/y/yang.go b/vendor/github.com/alecthomas/chroma/lexers/y/yang.go
index 73edb71e63..36349eb9fb 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/y/yang.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/y/yang.go
@@ -5,14 +5,18 @@ import (
 	"github.com/alecthomas/chroma/lexers/internal"
 )
 
-var YANG = internal.Register(MustNewLexer(
+var YANG = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "YANG",
 		Aliases:   []string{"yang"},
 		Filenames: []string{"*.yang"},
 		MimeTypes: []string{"application/yang"},
 	},
-	Rules{
+	yangRules,
+))
+
+func yangRules() Rules {
+	return Rules{
 		"root": {
 			{`\s+`, Whitespace, nil},
 			{`[\{\}\;]+`, Punctuation, nil},
@@ -24,35 +28,35 @@ var YANG = internal.Register(MustNewLexer(
 			{`/\*`, CommentMultiline, Push("comments")},
 			{`//.*?$`, CommentSingle, nil},
 
-			//match BNF stmt for `node-identifier` with [ prefix ":"]
+			// match BNF stmt for `node-identifier` with [ prefix ":"]
 			{`(?:^|(?<=[\s{};]))([\w.-]+)(:)([\w.-]+)(?=[\s{};])`, ByGroups(KeywordNamespace, Punctuation, Text), nil},
 
-			//match BNF stmt `date-arg-str`
+			// match BNF stmt `date-arg-str`
 			{`([0-9]{4}\-[0-9]{2}\-[0-9]{2})(?=[\s\{\}\;])`, LiteralDate, nil},
 			{`([0-9]+\.[0-9]+)(?=[\s\{\}\;])`, NumberFloat, nil},
 			{`([0-9]+)(?=[\s\{\}\;])`, NumberInteger, nil},
 
-			//TOP_STMTS_KEYWORDS
+			// TOP_STMTS_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `module`, `submodule`), Keyword, nil},
-			//MODULE_HEADER_STMT_KEYWORDS
+			// MODULE_HEADER_STMT_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `belongs-to`, `namespace`, `prefix`, `yang-version`), Keyword, nil},
-			//META_STMT_KEYWORDS
+			// META_STMT_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `contact`, `description`, `organization`, `reference`, `revision`), Keyword, nil},
-			//LINKAGE_STMTS_KEYWORDS
+			// LINKAGE_STMTS_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `import`, `include`, `revision-date`), Keyword, nil},
-			//BODY_STMT_KEYWORDS
+			// BODY_STMT_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `action`, `argument`, `augment`, `deviation`, `extension`, `feature`, `grouping`, `identity`, `if-feature`, `input`, `notification`, `output`, `rpc`, `typedef`), Keyword, nil},
-			//DATA_DEF_STMT_KEYWORDS
+			// DATA_DEF_STMT_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `anydata`, `anyxml`, `case`, `choice`, `config`, `container`, `deviate`, `leaf`, `leaf-list`, `list`, `must`, `presence`, `refine`, `uses`, `when`), Keyword, nil},
-			//TYPE_STMT_KEYWORDS
+			// TYPE_STMT_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `base`, `bit`, `default`, `enum`, `error-app-tag`, `error-message`, `fraction-digits`, `length`, `max-elements`, `min-elements`, `modifier`, `ordered-by`, `path`, `pattern`, `position`, `range`, `require-instance`, `status`, `type`, `units`, `value`, `yin-element`), Keyword, nil},
-			//LIST_STMT_KEYWORDS
+			// LIST_STMT_KEYWORDS
 			{Words(``, `(?=[^\w\-\:])`, `key`, `mandatory`, `unique`), Keyword, nil},
 
-			//CONSTANTS_KEYWORDS - RFC7950 other keywords
+			// CONSTANTS_KEYWORDS - RFC7950 other keywords
 			{Words(``, `(?=[^\w\-\:])`, `add`, `current`, `delete`, `deprecated`, `false`, `invert-match`, `max`, `min`, `not-supported`, `obsolete`, `replace`, `true`, `unbounded`, `user`), NameClass, nil},
 
-			//RFC7950 Built-In Types
+			// RFC7950 Built-In Types
 			{Words(``, `(?=[^\w\-\:])`, `binary`, `bits`, `boolean`, `decimal64`, `empty`, `enumeration`, `identityref`, `instance-identifier`, `int16`, `int32`, `int64`, `int8`, `leafref`, `string`, `uint16`, `uint32`, `uint64`, `uint8`, `union`), NameClass, nil},
 
 			{`[^;{}\s\'\"]+`, Text, nil},
@@ -63,5 +67,5 @@ var YANG = internal.Register(MustNewLexer(
 			{`\*/`, CommentMultiline, Pop(1)},
 			{`[*/]`, CommentMultiline, nil},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/lexers/z/zig.go b/vendor/github.com/alecthomas/chroma/lexers/z/zig.go
index b7215d17ea..56f54fd989 100644
--- a/vendor/github.com/alecthomas/chroma/lexers/z/zig.go
+++ b/vendor/github.com/alecthomas/chroma/lexers/z/zig.go
@@ -6,14 +6,18 @@ import (
 )
 
 // Zig lexer.
-var Zig = internal.Register(MustNewLexer(
+var Zig = internal.Register(MustNewLazyLexer(
 	&Config{
 		Name:      "Zig",
 		Aliases:   []string{"zig"},
 		Filenames: []string{"*.zig"},
 		MimeTypes: []string{"text/zig"},
 	},
-	Rules{
+	zigRules,
+))
+
+func zigRules() Rules {
+	return Rules{
 		"root": {
 			{`\n`, TextWhitespace, nil},
 			{`\s+`, TextWhitespace, nil},
@@ -50,5 +54,5 @@ var Zig = internal.Register(MustNewLexer(
 			{`[^\\"\n]+`, LiteralString, nil},
 			{`"`, LiteralString, Pop(1)},
 		},
-	},
-))
+	}
+}
diff --git a/vendor/github.com/alecthomas/chroma/regexp.go b/vendor/github.com/alecthomas/chroma/regexp.go
index a3f4eb139f..d6cefe7609 100644
--- a/vendor/github.com/alecthomas/chroma/regexp.go
+++ b/vendor/github.com/alecthomas/chroma/regexp.go
@@ -188,6 +188,26 @@ func (r Rules) Merge(rules Rules) Rules {
 	return out
 }
 
+// MustNewLazyLexer creates a new Lexer with deferred rules generation or panics.
+func MustNewLazyLexer(config *Config, rulesFunc func() Rules) *RegexLexer {
+	lexer, err := NewLazyLexer(config, rulesFunc)
+	if err != nil {
+		panic(err)
+	}
+	return lexer
+}
+
+// NewLazyLexer creates a new regex-based Lexer with deferred rules generation.
+func NewLazyLexer(config *Config, rulesFunc func() Rules) (*RegexLexer, error) {
+	if config == nil {
+		config = &Config{}
+	}
+	return &RegexLexer{
+		config:       config,
+		compilerFunc: rulesFunc,
+	}, nil
+}
+
 // MustNewLexer creates a new Lexer or panics.
 func MustNewLexer(config *Config, rules Rules) *RegexLexer {
 	lexer, err := NewLexer(config, rules)
@@ -202,33 +222,7 @@ func MustNewLexer(config *Config, rules Rules) *RegexLexer {
 // "rules" is a state machine transitition map. Each key is a state. Values are sets of rules
 // that match input, optionally modify lexer state, and output tokens.
 func NewLexer(config *Config, rules Rules) (*RegexLexer, error) {
-	if config == nil {
-		config = &Config{}
-	}
-	if _, ok := rules["root"]; !ok {
-		return nil, fmt.Errorf("no \"root\" state")
-	}
-	compiledRules := map[string][]*CompiledRule{}
-	for state, rules := range rules {
-		compiledRules[state] = nil
-		for _, rule := range rules {
-			flags := ""
-			if !config.NotMultiline {
-				flags += "m"
-			}
-			if config.CaseInsensitive {
-				flags += "i"
-			}
-			if config.DotAll {
-				flags += "s"
-			}
-			compiledRules[state] = append(compiledRules[state], &CompiledRule{Rule: rule, flags: flags})
-		}
-	}
-	return &RegexLexer{
-		config: config,
-		rules:  compiledRules,
-	}, nil
+	return NewLazyLexer(config, func() Rules { return rules })
 }
 
 // Trace enables debug tracing.
@@ -264,6 +258,7 @@ type LexerState struct {
 	MutatorContext map[interface{}]interface{}
 	iteratorStack  []Iterator
 	options        *TokeniseOptions
+	newlineAdded   bool
 }
 
 // Set mutator context.
@@ -278,7 +273,11 @@ func (l *LexerState) Get(key interface{}) interface{} {
 
 // Iterator returns the next Token from the lexer.
 func (l *LexerState) Iterator() Token { // nolint: gocognit
-	for l.Pos < len(l.Text) && len(l.Stack) > 0 {
+	end := len(l.Text)
+	if l.newlineAdded {
+		end--
+	}
+	for l.Pos < end && len(l.Stack) > 0 {
 		// Exhaust the iterator stack, if any.
 		for len(l.iteratorStack) > 0 {
 			n := len(l.iteratorStack) - 1
@@ -353,9 +352,11 @@ type RegexLexer struct {
 	analyser func(text string) float32
 	trace    bool
 
-	mu       sync.Mutex
-	compiled bool
-	rules    map[string][]*CompiledRule
+	mu           sync.Mutex
+	compiled     bool
+	rules        map[string][]*CompiledRule
+	compilerFunc func() Rules
+	compileOnce  sync.Once
 }
 
 // SetAnalyser sets the analyser function used to perform content inspection.
@@ -422,7 +423,43 @@ restart:
 	return nil
 }
 
+func (r *RegexLexer) compileRules() error {
+	rules := r.compilerFunc()
+	if _, ok := rules["root"]; !ok {
+		return fmt.Errorf("no \"root\" state")
+	}
+	compiledRules := map[string][]*CompiledRule{}
+	for state, rules := range rules {
+		compiledRules[state] = nil
+		for _, rule := range rules {
+			flags := ""
+			if !r.config.NotMultiline {
+				flags += "m"
+			}
+			if r.config.CaseInsensitive {
+				flags += "i"
+			}
+			if r.config.DotAll {
+				flags += "s"
+			}
+			compiledRules[state] = append(compiledRules[state], &CompiledRule{Rule: rule, flags: flags})
+		}
+	}
+
+	r.rules = compiledRules
+	return nil
+}
+
 func (r *RegexLexer) Tokenise(options *TokeniseOptions, text string) (Iterator, error) { // nolint
+	var err error
+	if r.compilerFunc != nil {
+		r.compileOnce.Do(func() {
+			err = r.compileRules()
+		})
+	}
+	if err != nil {
+		return nil, err
+	}
 	if err := r.maybeCompile(); err != nil {
 		return nil, err
 	}
@@ -432,10 +469,13 @@ func (r *RegexLexer) Tokenise(options *TokeniseOptions, text string) (Iterator,
 	if options.EnsureLF {
 		text = ensureLF(text)
 	}
+	newlineAdded := false
 	if !options.Nested && r.config.EnsureNL && !strings.HasSuffix(text, "\n") {
 		text += "\n"
+		newlineAdded = true
 	}
 	state := &LexerState{
+		newlineAdded:   newlineAdded,
 		options:        options,
 		Lexer:          r,
 		Text:           []rune(text),
diff --git a/vendor/github.com/alecthomas/chroma/style.go b/vendor/github.com/alecthomas/chroma/style.go
index dce9e0a7be..516fef5d60 100644
--- a/vendor/github.com/alecthomas/chroma/style.go
+++ b/vendor/github.com/alecthomas/chroma/style.go
@@ -265,12 +265,12 @@ func (s *Style) Get(ttype TokenType) StyleEntry {
 
 func (s *Style) get(ttype TokenType) StyleEntry {
 	out := s.entries[ttype]
-	if out.IsZero() && s.synthesisable(ttype) {
-		out = s.synthesise(ttype)
-	}
 	if out.IsZero() && s.parent != nil {
 		return s.parent.get(ttype)
 	}
+	if out.IsZero() && s.synthesisable(ttype) {
+		out = s.synthesise(ttype)
+	}
 	return out
 }
 
diff --git a/vendor/github.com/alecthomas/chroma/styles/nord.go b/vendor/github.com/alecthomas/chroma/styles/nord.go
new file mode 100644
index 0000000000..0fcbc5d405
--- /dev/null
+++ b/vendor/github.com/alecthomas/chroma/styles/nord.go
@@ -0,0 +1,75 @@
+package styles
+
+import (
+	"github.com/alecthomas/chroma"
+)
+
+var (
+	// colors and palettes based on https://www.nordtheme.com/docs/colors-and-palettes
+	nord0  = "#2e3440"
+	nord1  = "#3b4252" // nolint
+	nord2  = "#434c5e" // nolint
+	nord3  = "#4c566a"
+	nord3b = "#616e87"
+
+	nord4 = "#d8dee9"
+	nord5 = "#e5e9f0" // nolint
+	nord6 = "#eceff4"
+
+	nord7  = "#8fbcbb"
+	nord8  = "#88c0d0"
+	nord9  = "#81a1c1"
+	nord10 = "#5e81ac"
+
+	nord11 = "#bf616a"
+	nord12 = "#d08770"
+	nord13 = "#ebcb8b"
+	nord14 = "#a3be8c"
+	nord15 = "#b48ead"
+)
+
+// Nord, an arctic, north-bluish color palette
+var Nord = Register(chroma.MustNewStyle("nord", chroma.StyleEntries{
+	chroma.TextWhitespace:        nord4,
+	chroma.Comment:               "italic " + nord3b,
+	chroma.CommentPreproc:        nord10,
+	chroma.Keyword:               "bold " + nord9,
+	chroma.KeywordPseudo:         "nobold " + nord9,
+	chroma.KeywordType:           "nobold " + nord9,
+	chroma.Operator:              nord9,
+	chroma.OperatorWord:          "bold " + nord9,
+	chroma.Name:                  nord4,
+	chroma.NameBuiltin:           nord9,
+	chroma.NameFunction:          nord8,
+	chroma.NameClass:             nord7,
+	chroma.NameNamespace:         nord7,
+	chroma.NameException:         nord11,
+	chroma.NameVariable:          nord4,
+	chroma.NameConstant:          nord7,
+	chroma.NameLabel:             nord7,
+	chroma.NameEntity:            nord12,
+	chroma.NameAttribute:         nord7,
+	chroma.NameTag:               nord9,
+	chroma.NameDecorator:         nord12,
+	chroma.Punctuation:           nord6,
+	chroma.LiteralString:         nord14,
+	chroma.LiteralStringDoc:      nord3b,
+	chroma.LiteralStringInterpol: nord14,
+	chroma.LiteralStringEscape:   nord13,
+	chroma.LiteralStringRegex:    nord13,
+	chroma.LiteralStringSymbol:   nord14,
+	chroma.LiteralStringOther:    nord14,
+	chroma.LiteralNumber:         nord15,
+	chroma.GenericHeading:        "bold " + nord8,
+	chroma.GenericSubheading:     "bold " + nord8,
+	chroma.GenericDeleted:        nord11,
+	chroma.GenericInserted:       nord14,
+	chroma.GenericError:          nord11,
+	chroma.GenericEmph:           "italic",
+	chroma.GenericStrong:         "bold",
+	chroma.GenericPrompt:         "bold " + nord3,
+	chroma.GenericOutput:         nord4,
+	chroma.GenericTraceback:      nord11,
+	chroma.Error:                 nord11,
+	chroma.Background:            nord4 + " bg:" + nord0,
+}))
diff --git a/vendor/github.com/alecthomas/chroma/styles/vulcan.go b/vendor/github.com/alecthomas/chroma/styles/vulcan.go
new file mode 100644
index 0000000000..82ad1a14b7
--- /dev/null
+++ b/vendor/github.com/alecthomas/chroma/styles/vulcan.go
@@ -0,0 +1,95 @@
+package styles
+
+import (
+	"github.com/alecthomas/chroma"
+)
+
+var (
+	// inspired by Doom Emacs's One Doom Theme
+	black  = "#282C34"
+	grey   = "#3E4460"
+	grey2  = "#43454f"
+	white  = "#C9C9C9"
+	red    = "#CF5967"
+	yellow = "#ECBE7B"
+	green  = "#82CC6A"
+	cyan   = "#56B6C2"
+	blue   = "#7FBAF5"
+	blue2  = "#57C7FF"
+	purple = "#BC74C4"
+)
+
+var Vulcan = Register(chroma.MustNewStyle("vulcan", chroma.StyleEntries{
+	chroma.Comment:                  grey,
+	chroma.CommentHashbang:          grey + " italic",
+	chroma.CommentMultiline:         grey,
+	chroma.CommentPreproc:           blue,
+	chroma.CommentSingle:            grey,
+	chroma.CommentSpecial:           purple + " italic",
+	chroma.Generic:                  white,
+	chroma.GenericDeleted:           red,
+	chroma.GenericEmph:              white + " underline",
+	chroma.GenericError:             red + " bold",
+	chroma.GenericHeading:           yellow + " bold",
+	chroma.GenericInserted:          yellow,
+	chroma.GenericOutput:            grey2,
+	chroma.GenericPrompt:            white,
+	chroma.GenericStrong:            red + " bold",
+	chroma.GenericSubheading:        red + " italic",
+	chroma.GenericTraceback:         white,
+	chroma.GenericUnderline:         "underline",
+	chroma.Error:                    red,
+	chroma.Keyword:                  blue,
+	chroma.KeywordConstant:          red + " bg:" + grey2,
+	chroma.KeywordDeclaration:       blue,
+	chroma.KeywordNamespace:         purple,
+	chroma.KeywordPseudo:            purple,
+	chroma.KeywordReserved:          blue,
+	chroma.KeywordType:              blue2 + " bold",
+	chroma.Literal:                  white,
+	chroma.LiteralDate:              blue2,
+	chroma.Name:                     white,
+	chroma.NameAttribute:            purple,
+	chroma.NameBuiltin:              blue,
+	chroma.NameBuiltinPseudo:        blue,
+	chroma.NameClass:                yellow,
+	chroma.NameConstant:             yellow,
+	chroma.NameDecorator:            yellow,
+	chroma.NameEntity:               white,
+	chroma.NameException:            red,
+	chroma.NameFunction:             blue2,
+	chroma.NameLabel:                red,
+	chroma.NameNamespace:            white,
+	chroma.NameOther:                white,
+	chroma.NameTag:                  purple,
+	chroma.NameVariable:             purple + " italic",
+	chroma.NameVariableClass:        blue2 + " bold",
+	chroma.NameVariableGlobal:       yellow,
+	chroma.NameVariableInstance:     blue2,
+	chroma.LiteralNumber:            cyan,
+	chroma.LiteralNumberBin:         blue2,
+	chroma.LiteralNumberFloat:       cyan,
+	chroma.LiteralNumberHex:         blue2,
+	chroma.LiteralNumberInteger:     cyan,
+	chroma.LiteralNumberIntegerLong: cyan,
+	chroma.LiteralNumberOct:         blue2,
+	chroma.Operator:                 purple,
+	chroma.OperatorWord:             purple,
+	chroma.Other:                    white,
+	chroma.Punctuation:              cyan,
+	chroma.LiteralString:            green,
+	chroma.LiteralStringBacktick:    blue2,
+	chroma.LiteralStringChar:        blue2,
+	chroma.LiteralStringDoc:         green,
+	chroma.LiteralStringDouble:      green,
+	chroma.LiteralStringEscape:      cyan,
+	chroma.LiteralStringHeredoc:     cyan,
+	chroma.LiteralStringInterpol:    green,
+	chroma.LiteralStringOther:       green,
+	chroma.LiteralStringRegex:       blue2,
+	chroma.LiteralStringSingle:      green,
+	chroma.LiteralStringSymbol:      green,
+	chroma.Text:                     white,
+	chroma.TextWhitespace:           white,
+	chroma.Background:               " bg: " + black,
+}))
diff --git a/vendor/github.com/alecthomas/chroma/styles/xcode-dark.go b/vendor/github.com/alecthomas/chroma/styles/xcode-dark.go
new file mode 100644
index 0000000000..a16d946ffd
--- /dev/null
+++ b/vendor/github.com/alecthomas/chroma/styles/xcode-dark.go
@@ -0,0 +1,62 @@
+package styles
+
+import (
+	"github.com/alecthomas/chroma"
+)
+
+var (
+	// Inspired by Apple's Xcode "Default (Dark)" Theme
+	background                  = "#1F1F24"
+	plainText                   = "#FFFFFF"
+	comments                    = "#6C7986"
+	strings                     = "#FC6A5D"
+	numbers                     = "#D0BF69"
+	keywords                    = "#FC5FA3"
+	preprocessorStatements      = "#FD8F3F"
+	typeDeclarations            = "#5DD8FF"
+	otherDeclarations           = "#41A1C0"
+	otherFunctionAndMethodNames = "#A167E6"
+	otherTypeNames              = "#D0A8FF"
+)
+
+// Xcode dark style
+var XcodeDark = Register(chroma.MustNewStyle("xcode-dark", chroma.StyleEntries{
+	chroma.Background: plainText + " bg: " + background,
+
+	chroma.Comment:          comments,
+	chroma.CommentMultiline: comments,
+	chroma.CommentPreproc:   preprocessorStatements,
+	chroma.CommentSingle:    comments,
+	chroma.CommentSpecial:   comments + " italic",
+
+	chroma.Error: "#960050",
+
+	chroma.Keyword:            keywords,
+	chroma.KeywordConstant:    keywords,
+	chroma.KeywordDeclaration: keywords,
+	chroma.KeywordReserved:    keywords,
+
+	chroma.LiteralNumber:        numbers,
+	chroma.LiteralNumberBin:     numbers,
+	chroma.LiteralNumberFloat:   numbers,
+	chroma.LiteralNumberHex:     numbers,
+	chroma.LiteralNumberInteger: numbers,
+	chroma.LiteralNumberOct:     numbers,
+
+	chroma.LiteralString:         strings,
+	chroma.LiteralStringEscape:   strings,
+	chroma.LiteralStringInterpol: plainText,
+
+	chroma.Name:              plainText,
+	chroma.NameBuiltin:       otherTypeNames,
+	chroma.NameBuiltinPseudo: otherFunctionAndMethodNames,
+	chroma.NameClass:         typeDeclarations,
+	chroma.NameFunction:      otherDeclarations,
+	chroma.NameVariable:      otherDeclarations,
+
+	chroma.Operator: plainText,
+
+	chroma.Punctuation: plainText,
+
+	chroma.Text: plainText,
+}))
diff --git a/vendor/github.com/andybalholm/brotli/brotli_bit_stream.go b/vendor/github.com/andybalholm/brotli/brotli_bit_stream.go
index 2470f84e4b..7acfb18061 100644
--- a/vendor/github.com/andybalholm/brotli/brotli_bit_stream.go
+++ b/vendor/github.com/andybalholm/brotli/brotli_bit_stream.go
@@ -121,7 +121,7 @@ func encodeMlen(length uint, bits *uint64, numbits *uint, nibblesbits *uint64) {
 	*bits = uint64(length) - 1
 }
 
-func storeCommandExtra(cmd *command, bw *bitWriter) {
+func storeCommandExtra(cmd *command, storage_ix *uint, storage []byte) {
 	var copylen_code uint32 = commandCopyLenCode(cmd)
 	var inscode uint16 = getInsertLengthCode(uint(cmd.insert_len_))
 	var copycode uint16 = getCopyLengthCode(uint(copylen_code))
@@ -129,7 +129,7 @@ func storeCommandExtra(cmd *command, bw *bitWriter) {
 	var insextraval uint64 = uint64(cmd.insert_len_) - uint64(getInsertBase(inscode))
 	var copyextraval uint64 = uint64(copylen_code) - uint64(getCopyBase(copycode))
 	var bits uint64 = copyextraval<<insnumextra | insextraval
-	bw.writeBits(uint(insnumextra+getCopyExtra(copycode)), bits)
+	writeBits(uint(insnumextra+getCopyExtra(copycode)), bits, storage_ix, storage)
 }
 
 /* Data structure that stores almost everything that is needed to encode each
@@ -143,21 +143,21 @@ type blockSplitCode struct {
 }
 
 /* Stores a number between 0 and 255. */
-func storeVarLenUint8(n uint, bw *bitWriter) {
+func storeVarLenUint8(n uint, storage_ix *uint, storage []byte) {
 	if n == 0 {
-		bw.writeBits(1, 0)
+		writeBits(1, 0, storage_ix, storage)
 	} else {
 		var nbits uint = uint(log2FloorNonZero(n))
-		bw.writeBits(1, 1)
-		bw.writeBits(3, uint64(nbits))
-		bw.writeBits(nbits, uint64(n)-(uint64(uint(1))<<nbits))
+		writeBits(1, 1, storage_ix, storage)
+		writeBits(3, uint64(nbits), storage_ix, storage)
+		writeBits(nbits, uint64(n)-(uint64(uint(1))<<nbits), storage_ix, storage)
 	}
 }
 
 /* Stores the compressed meta-block header.
    REQUIRES: length > 0
    REQUIRES: length <= (1 << 24) */
-func storeCompressedMetaBlockHeader(is_final_block bool, length uint, bw *bitWriter) {
+func storeCompressedMetaBlockHeader(is_final_block bool, length uint, storage_ix *uint, storage []byte) {
 	var lenbits uint64
 	var nlenbits uint
 	var nibblesbits uint64
@@ -169,41 +169,41 @@ func storeCompressedMetaBlockHeader(is_final_block bool, length uint, bw *bitWri
 	}
 
 	/* Write ISLAST bit. */
-	bw.writeBits(1, is_final)
+	writeBits(1, is_final, storage_ix, storage)
 
 	/* Write ISEMPTY bit. */
 	if is_final_block {
-		bw.writeBits(1, 0)
+		writeBits(1, 0, storage_ix, storage)
 	}
 
 	encodeMlen(length, &lenbits, &nlenbits, &nibblesbits)
-	bw.writeBits(2, nibblesbits)
-	bw.writeBits(nlenbits, lenbits)
+	writeBits(2, nibblesbits, storage_ix, storage)
+	writeBits(nlenbits, lenbits, storage_ix, storage)
 
 	if !is_final_block {
 		/* Write ISUNCOMPRESSED bit. */
-		bw.writeBits(1, 0)
+		writeBits(1, 0, storage_ix, storage)
 	}
 }
 
 /* Stores the uncompressed meta-block header.
    REQUIRES: length > 0
    REQUIRES: length <= (1 << 24) */
-func storeUncompressedMetaBlockHeader(length uint, bw *bitWriter) {
+func storeUncompressedMetaBlockHeader(length uint, storage_ix *uint, storage []byte) {
 	var lenbits uint64
 	var nlenbits uint
 	var nibblesbits uint64
 
 	/* Write ISLAST bit.
 	   Uncompressed block cannot be the last one, so set to 0. */
-	bw.writeBits(1, 0)
+	writeBits(1, 0, storage_ix, storage)
 
 	encodeMlen(length, &lenbits, &nlenbits, &nibblesbits)
-	bw.writeBits(2, nibblesbits)
-	bw.writeBits(nlenbits, lenbits)
+	writeBits(2, nibblesbits, storage_ix, storage)
+	writeBits(nlenbits, lenbits, storage_ix, storage)
 
 	/* Write ISUNCOMPRESSED bit. */
-	bw.writeBits(1, 1)
+	writeBits(1, 1, storage_ix, storage)
 }
 
 var storeHuffmanTreeOfHuffmanTreeToBitMask_kStorageOrder = [codeLengthCodes]byte{1, 2, 3, 4, 0, 5, 17, 6, 16, 7, 8, 9, 10, 11, 12, 13, 14, 15}
@@ -211,7 +211,7 @@ var storeHuffmanTreeOfHuffmanTreeToBitMask_kStorageOrder = [codeLengthCodes]byte
 var storeHuffmanTreeOfHuffmanTreeToBitMask_kHuffmanBitLengthHuffmanCodeSymbols = [6]byte{0, 7, 3, 2, 1, 15}
 var storeHuffmanTreeOfHuffmanTreeToBitMask_kHuffmanBitLengthHuffmanCodeBitLengths = [6]byte{2, 4, 3, 2, 2, 4}
 
-func storeHuffmanTreeOfHuffmanTreeToBitMask(num_codes int, code_length_bitdepth []byte, bw *bitWriter) {
+func storeHuffmanTreeOfHuffmanTreeToBitMask(num_codes int, code_length_bitdepth []byte, storage_ix *uint, storage []byte) {
 	var skip_some uint = 0
 	var codes_to_store uint = codeLengthCodes
 	/* The bit lengths of the Huffman code over the code length alphabet
@@ -241,38 +241,38 @@ func storeHuffmanTreeOfHuffmanTreeToBitMask(num_codes int, code_length_bitdepth
 		}
 	}
 
-	bw.writeBits(2, uint64(skip_some))
+	writeBits(2, uint64(skip_some), storage_ix, storage)
 	{
 		var i uint
 		for i = skip_some; i < codes_to_store; i++ {
 			var l uint = uint(code_length_bitdepth[storeHuffmanTreeOfHuffmanTreeToBitMask_kStorageOrder[i]])
-			bw.writeBits(uint(storeHuffmanTreeOfHuffmanTreeToBitMask_kHuffmanBitLengthHuffmanCodeBitLengths[l]), uint64(storeHuffmanTreeOfHuffmanTreeToBitMask_kHuffmanBitLengthHuffmanCodeSymbols[l]))
+			writeBits(uint(storeHuffmanTreeOfHuffmanTreeToBitMask_kHuffmanBitLengthHuffmanCodeBitLengths[l]), uint64(storeHuffmanTreeOfHuffmanTreeToBitMask_kHuffmanBitLengthHuffmanCodeSymbols[l]), storage_ix, storage)
 		}
 	}
 }
 
-func storeHuffmanTreeToBitMask(huffman_tree_size uint, huffman_tree []byte, huffman_tree_extra_bits []byte, code_length_bitdepth []byte, code_length_bitdepth_symbols []uint16, bw *bitWriter) {
+func storeHuffmanTreeToBitMask(huffman_tree_size uint, huffman_tree []byte, huffman_tree_extra_bits []byte, code_length_bitdepth []byte, code_length_bitdepth_symbols []uint16, storage_ix *uint, storage []byte) {
 	var i uint
 	for i = 0; i < huffman_tree_size; i++ {
 		var ix uint = uint(huffman_tree[i])
-		bw.writeBits(uint(code_length_bitdepth[ix]), uint64(code_length_bitdepth_symbols[ix]))
+		writeBits(uint(code_length_bitdepth[ix]), uint64(code_length_bitdepth_symbols[ix]), storage_ix, storage)
 
 		/* Extra bits */
 		switch ix {
 		case repeatPreviousCodeLength:
-			bw.writeBits(2, uint64(huffman_tree_extra_bits[i]))
+			writeBits(2, uint64(huffman_tree_extra_bits[i]), storage_ix, storage)
 
 		case repeatZeroCodeLength:
-			bw.writeBits(3, uint64(huffman_tree_extra_bits[i]))
+			writeBits(3, uint64(huffman_tree_extra_bits[i]), storage_ix, storage)
 		}
 	}
 }
 
-func storeSimpleHuffmanTree(depths []byte, symbols []uint, num_symbols uint, max_bits uint, bw *bitWriter) {
+func storeSimpleHuffmanTree(depths []byte, symbols []uint, num_symbols uint, max_bits uint, storage_ix *uint, storage []byte) {
 	/* value of 1 indicates a simple Huffman code */
-	bw.writeBits(2, 1)
+	writeBits(2, 1, storage_ix, storage)
 
-	bw.writeBits(2, uint64(num_symbols)-1) /* NSYM - 1 */
+	writeBits(2, uint64(num_symbols)-1, storage_ix, storage) /* NSYM - 1 */
 	{
 		/* Sort */
 		var i uint
@@ -289,17 +289,17 @@ func storeSimpleHuffmanTree(depths []byte, symbols []uint, num_symbols uint, max
 	}
 
 	if num_symbols == 2 {
-		bw.writeBits(max_bits, uint64(symbols[0]))
-		bw.writeBits(max_bits, uint64(symbols[1]))
+		writeBits(max_bits, uint64(symbols[0]), storage_ix, storage)
+		writeBits(max_bits, uint64(symbols[1]), storage_ix, storage)
 	} else if num_symbols == 3 {
-		bw.writeBits(max_bits, uint64(symbols[0]))
-		bw.writeBits(max_bits, uint64(symbols[1]))
-		bw.writeBits(max_bits, uint64(symbols[2]))
+		writeBits(max_bits, uint64(symbols[0]), storage_ix, storage)
+		writeBits(max_bits, uint64(symbols[1]), storage_ix, storage)
+		writeBits(max_bits, uint64(symbols[2]), storage_ix, storage)
 	} else {
-		bw.writeBits(max_bits, uint64(symbols[0]))
-		bw.writeBits(max_bits, uint64(symbols[1]))
-		bw.writeBits(max_bits, uint64(symbols[2]))
-		bw.writeBits(max_bits, uint64(symbols[3]))
+		writeBits(max_bits, uint64(symbols[0]), storage_ix, storage)
+		writeBits(max_bits, uint64(symbols[1]), storage_ix, storage)
+		writeBits(max_bits, uint64(symbols[2]), storage_ix, storage)
+		writeBits(max_bits, uint64(symbols[3]), storage_ix, storage)
 
 		/* tree-select */
 		var tmp int
@@ -308,13 +308,13 @@ func storeSimpleHuffmanTree(depths []byte, symbols []uint, num_symbols uint, max
 		} else {
 			tmp = 0
 		}
-		bw.writeBits(1, uint64(tmp))
+		writeBits(1, uint64(tmp), storage_ix, storage)
 	}
 }
 
 /* num = alphabet size
    depths = symbol depths */
-func storeHuffmanTree(depths []byte, num uint, tree []huffmanTree, bw *bitWriter) {
+func storeHuffmanTree(depths []byte, num uint, tree []huffmanTree, storage_ix *uint, storage []byte) {
 	var huffman_tree [numCommandSymbols]byte
 	var huffman_tree_extra_bits [numCommandSymbols]byte
 	var huffman_tree_size uint = 0
@@ -357,19 +357,19 @@ func storeHuffmanTree(depths []byte, num uint, tree []huffmanTree, bw *bitWriter
 	convertBitDepthsToSymbols(code_length_bitdepth[:], codeLengthCodes, code_length_bitdepth_symbols[:])
 
 	/* Now, we have all the data, let's start storing it */
-	storeHuffmanTreeOfHuffmanTreeToBitMask(num_codes, code_length_bitdepth[:], bw)
+	storeHuffmanTreeOfHuffmanTreeToBitMask(num_codes, code_length_bitdepth[:], storage_ix, storage)
 
 	if num_codes == 1 {
 		code_length_bitdepth[code] = 0
 	}
 
 	/* Store the real Huffman tree now. */
-	storeHuffmanTreeToBitMask(huffman_tree_size, huffman_tree[:], huffman_tree_extra_bits[:], code_length_bitdepth[:], code_length_bitdepth_symbols[:], bw)
+	storeHuffmanTreeToBitMask(huffman_tree_size, huffman_tree[:], huffman_tree_extra_bits[:], code_length_bitdepth[:], code_length_bitdepth_symbols[:], storage_ix, storage)
 }
 
 /* Builds a Huffman tree from histogram[0:length] into depth[0:length] and
    bits[0:length] and stores the encoded tree to the bit stream. */
-func buildAndStoreHuffmanTree(histogram []uint32, histogram_length uint, alphabet_size uint, tree []huffmanTree, depth []byte, bits []uint16, bw *bitWriter) {
+func buildAndStoreHuffmanTree(histogram []uint32, histogram_length uint, alphabet_size uint, tree []huffmanTree, depth []byte, bits []uint16, storage_ix *uint, storage []byte) {
 	var count uint = 0
 	var s4 = [4]uint{0}
 	var i uint
@@ -394,8 +394,8 @@ func buildAndStoreHuffmanTree(histogram []uint32, histogram_length uint, alphabe
 	}
 
 	if count <= 1 {
-		bw.writeBits(4, 1)
-		bw.writeBits(max_bits, uint64(s4[0]))
+		writeBits(4, 1, storage_ix, storage)
+		writeBits(max_bits, uint64(s4[0]), storage_ix, storage)
 		depth[s4[0]] = 0
 		bits[s4[0]] = 0
 		return
@@ -408,9 +408,9 @@ func buildAndStoreHuffmanTree(histogram []uint32, histogram_length uint, alphabe
 	convertBitDepthsToSymbols(depth, histogram_length, bits)
 
 	if count <= 4 {
-		storeSimpleHuffmanTree(depth, s4[:], count, max_bits, bw)
+		storeSimpleHuffmanTree(depth, s4[:], count, max_bits, storage_ix, storage)
 	} else {
-		storeHuffmanTree(depth, histogram_length, tree, bw)
+		storeHuffmanTree(depth, histogram_length, tree, storage_ix, storage)
 	}
 }
 
@@ -420,7 +420,7 @@ func sortHuffmanTree1(v0 huffmanTree, v1 huffmanTree) bool {
 
 var huffmanTreePool sync.Pool
 
-func buildAndStoreHuffmanTreeFast(histogram []uint32, histogram_total uint, max_bits uint, depth []byte, bits []uint16, bw *bitWriter) {
+func buildAndStoreHuffmanTreeFast(histogram []uint32, histogram_total uint, max_bits uint, depth []byte, bits []uint16, storage_ix *uint, storage []byte) {
 	var count uint = 0
 	var symbols = [4]uint{0}
 	var length uint = 0
@@ -439,8 +439,8 @@ func buildAndStoreHuffmanTreeFast(histogram []uint32, histogram_total uint, max_
 	}
 
 	if count <= 1 {
-		bw.writeBits(4, 1)
-		bw.writeBits(max_bits, uint64(symbols[0]))
+		writeBits(4, 1, storage_ix, storage)
+		writeBits(max_bits, uint64(symbols[0]), storage_ix, storage)
 		depth[symbols[0]] = 0
 		bits[symbols[0]] = 0
 		return
@@ -544,9 +544,9 @@ func buildAndStoreHuffmanTreeFast(histogram []uint32, histogram_total uint, max_
 		var i uint
 
 		/* value of 1 indicates a simple Huffman code */
-		bw.writeBits(2, 1)
+		writeBits(2, 1, storage_ix, storage)
 
-		bw.writeBits(2, uint64(count)-1) /* NSYM - 1 */
+		writeBits(2, uint64(count)-1, storage_ix, storage) /* NSYM - 1 */
 
 		/* Sort */
 		for i = 0; i < count; i++ {
@@ -561,27 +561,33 @@ func buildAndStoreHuffmanTreeFast(histogram []uint32, histogram_total uint, max_
 		}
 
 		if count == 2 {
-			bw.writeBits(max_bits, uint64(symbols[0]))
-			bw.writeBits(max_bits, uint64(symbols[1]))
+			writeBits(max_bits, uint64(symbols[0]), storage_ix, storage)
+			writeBits(max_bits, uint64(symbols[1]), storage_ix, storage)
 		} else if count == 3 {
-			bw.writeBits(max_bits, uint64(symbols[0]))
-			bw.writeBits(max_bits, uint64(symbols[1]))
-			bw.writeBits(max_bits, uint64(symbols[2]))
+			writeBits(max_bits, uint64(symbols[0]), storage_ix, storage)
+			writeBits(max_bits, uint64(symbols[1]), storage_ix, storage)
+			writeBits(max_bits, uint64(symbols[2]), storage_ix, storage)
 		} else {
-			bw.writeBits(max_bits, uint64(symbols[0]))
-			bw.writeBits(max_bits, uint64(symbols[1]))
-			bw.writeBits(max_bits, uint64(symbols[2]))
-			bw.writeBits(max_bits, uint64(symbols[3]))
+			writeBits(max_bits, uint64(symbols[0]), storage_ix, storage)
+			writeBits(max_bits, uint64(symbols[1]), storage_ix, storage)
+			writeBits(max_bits, uint64(symbols[2]), storage_ix, storage)
+			writeBits(max_bits, uint64(symbols[3]), storage_ix, storage)
 
 			/* tree-select */
-			bw.writeSingleBit(depth[symbols[0]] == 1)
+			var tmp int
+			if depth[symbols[0]] == 1 {
+				tmp = 1
+			} else {
+				tmp = 0
+			}
+			writeBits(1, uint64(tmp), storage_ix, storage)
 		}
 	} else {
 		var previous_value byte = 8
 		var i uint
 
 		/* Complex Huffman Tree */
-		storeStaticCodeLengthCode(bw)
+		storeStaticCodeLengthCode(storage_ix, storage)
 
 		/* Actual RLE coding. */
 		for i = 0; i < length; {
@@ -594,21 +600,21 @@ func buildAndStoreHuffmanTreeFast(histogram []uint32, histogram_total uint, max_
 
 			i += reps
 			if value == 0 {
-				bw.writeBits(uint(kZeroRepsDepth[reps]), kZeroRepsBits[reps])
+				writeBits(uint(kZeroRepsDepth[reps]), kZeroRepsBits[reps], storage_ix, storage)
 			} else {
 				if previous_value != value {
-					bw.writeBits(uint(kCodeLengthDepth[value]), uint64(kCodeLengthBits[value]))
+					writeBits(uint(kCodeLengthDepth[value]), uint64(kCodeLengthBits[value]), storage_ix, storage)
 					reps--
 				}
 
 				if reps < 3 {
 					for reps != 0 {
 						reps--
-						bw.writeBits(uint(kCodeLengthDepth[value]), uint64(kCodeLengthBits[value]))
+						writeBits(uint(kCodeLengthDepth[value]), uint64(kCodeLengthBits[value]), storage_ix, storage)
 					}
 				} else {
 					reps -= 3
-					bw.writeBits(uint(kNonZeroRepsDepth[reps]), kNonZeroRepsBits[reps])
+					writeBits(uint(kNonZeroRepsDepth[reps]), kNonZeroRepsBits[reps], storage_ix, storage)
 				}
 
 				previous_value = value
@@ -733,7 +739,7 @@ const symbolBits = 9
 
 var encodeContextMap_kSymbolMask uint32 = (1 << symbolBits) - 1
 
-func encodeContextMap(context_map []uint32, context_map_size uint, num_clusters uint, tree []huffmanTree, bw *bitWriter) {
+func encodeContextMap(context_map []uint32, context_map_size uint, num_clusters uint, tree []huffmanTree, storage_ix *uint, storage []byte) {
 	var i uint
 	var rle_symbols []uint32
 	var max_run_length_prefix uint32 = 6
@@ -742,7 +748,7 @@ func encodeContextMap(context_map []uint32, context_map_size uint, num_clusters
 	var depths [maxContextMapSymbols]byte
 	var bits [maxContextMapSymbols]uint16
 
-	storeVarLenUint8(num_clusters-1, bw)
+	storeVarLenUint8(num_clusters-1, storage_ix, storage)
 
 	if num_clusters == 1 {
 		return
@@ -757,45 +763,45 @@ func encodeContextMap(context_map []uint32, context_map_size uint, num_clusters
 	}
 	{
 		var use_rle bool = (max_run_length_prefix > 0)
-		bw.writeSingleBit(use_rle)
+		writeSingleBit(use_rle, storage_ix, storage)
 		if use_rle {
-			bw.writeBits(4, uint64(max_run_length_prefix)-1)
+			writeBits(4, uint64(max_run_length_prefix)-1, storage_ix, storage)
 		}
 	}
 
-	buildAndStoreHuffmanTree(histogram[:], uint(uint32(num_clusters)+max_run_length_prefix), uint(uint32(num_clusters)+max_run_length_prefix), tree, depths[:], bits[:], bw)
+	buildAndStoreHuffmanTree(histogram[:], uint(uint32(num_clusters)+max_run_length_prefix), uint(uint32(num_clusters)+max_run_length_prefix), tree, depths[:], bits[:], storage_ix, storage)
 	for i = 0; i < num_rle_symbols; i++ {
 		var rle_symbol uint32 = rle_symbols[i] & encodeContextMap_kSymbolMask
 		var extra_bits_val uint32 = rle_symbols[i] >> symbolBits
-		bw.writeBits(uint(depths[rle_symbol]), uint64(bits[rle_symbol]))
+		writeBits(uint(depths[rle_symbol]), uint64(bits[rle_symbol]), storage_ix, storage)
 		if rle_symbol > 0 && rle_symbol <= max_run_length_prefix {
-			bw.writeBits(uint(rle_symbol), uint64(extra_bits_val))
+			writeBits(uint(rle_symbol), uint64(extra_bits_val), storage_ix, storage)
 		}
 	}
 
-	bw.writeBits(1, 1) /* use move-to-front */
+	writeBits(1, 1, storage_ix, storage) /* use move-to-front */
 	rle_symbols = nil
 }
 
 /* Stores the block switch command with index block_ix to the bit stream. */
-func storeBlockSwitch(code *blockSplitCode, block_len uint32, block_type byte, is_first_block bool, bw *bitWriter) {
+func storeBlockSwitch(code *blockSplitCode, block_len uint32, block_type byte, is_first_block bool, storage_ix *uint, storage []byte) {
 	var typecode uint = nextBlockTypeCode(&code.type_code_calculator, block_type)
 	var lencode uint
 	var len_nextra uint32
 	var len_extra uint32
 	if !is_first_block {
-		bw.writeBits(uint(code.type_depths[typecode]), uint64(code.type_bits[typecode]))
+		writeBits(uint(code.type_depths[typecode]), uint64(code.type_bits[typecode]), storage_ix, storage)
 	}
 
 	getBlockLengthPrefixCode(block_len, &lencode, &len_nextra, &len_extra)
 
-	bw.writeBits(uint(code.length_depths[lencode]), uint64(code.length_bits[lencode]))
-	bw.writeBits(uint(len_nextra), uint64(len_extra))
+	writeBits(uint(code.length_depths[lencode]), uint64(code.length_bits[lencode]), storage_ix, storage)
+	writeBits(uint(len_nextra), uint64(len_extra), storage_ix, storage)
 }
 
 /* Builds a BlockSplitCode data structure from the block split given by the
    vector of block types and block lengths and stores it to the bit stream. */
-func buildAndStoreBlockSplitCode(types []byte, lengths []uint32, num_blocks uint, num_types uint, tree []huffmanTree, code *blockSplitCode, bw *bitWriter) {
+func buildAndStoreBlockSplitCode(types []byte, lengths []uint32, num_blocks uint, num_types uint, tree []huffmanTree, code *blockSplitCode, storage_ix *uint, storage []byte) {
 	var type_histo [maxBlockTypeSymbols]uint32
 	var length_histo [numBlockLenSymbols]uint32
 	var i uint
@@ -813,17 +819,17 @@ func buildAndStoreBlockSplitCode(types []byte, lengths []uint32, num_blocks uint
 		length_histo[blockLengthPrefixCode(lengths[i])]++
 	}
 
-	storeVarLenUint8(num_types-1, bw)
+	storeVarLenUint8(num_types-1, storage_ix, storage)
 	if num_types > 1 { /* TODO: else? could StoreBlockSwitch occur? */
-		buildAndStoreHuffmanTree(type_histo[0:], num_types+2, num_types+2, tree, code.type_depths[0:], code.type_bits[0:], bw)
-		buildAndStoreHuffmanTree(length_histo[0:], numBlockLenSymbols, numBlockLenSymbols, tree, code.length_depths[0:], code.length_bits[0:], bw)
-		storeBlockSwitch(code, lengths[0], types[0], true, bw)
+		buildAndStoreHuffmanTree(type_histo[0:], num_types+2, num_types+2, tree, code.type_depths[0:], code.type_bits[0:], storage_ix, storage)
+		buildAndStoreHuffmanTree(length_histo[0:], numBlockLenSymbols, numBlockLenSymbols, tree, code.length_depths[0:], code.length_bits[0:], storage_ix, storage)
+		storeBlockSwitch(code, lengths[0], types[0], true, storage_ix, storage)
 	}
 }
 
 /* Stores a context map where the histogram type is always the block type. */
-func storeTrivialContextMap(num_types uint, context_bits uint, tree []huffmanTree, bw *bitWriter) {
-	storeVarLenUint8(num_types-1, bw)
+func storeTrivialContextMap(num_types uint, context_bits uint, tree []huffmanTree, storage_ix *uint, storage []byte) {
+	storeVarLenUint8(num_types-1, storage_ix, storage)
 	if num_types > 1 {
 		var repeat_code uint = context_bits - 1
 		var repeat_bits uint = (1 << repeat_code) - 1
@@ -837,16 +843,16 @@ func storeTrivialContextMap(num_types uint, context_bits uint, tree []huffmanTre
 		}
 
 		/* Write RLEMAX. */
-		bw.writeBits(1, 1)
+		writeBits(1, 1, storage_ix, storage)
 
-		bw.writeBits(4, uint64(repeat_code)-1)
+		writeBits(4, uint64(repeat_code)-1, storage_ix, storage)
 		histogram[repeat_code] = uint32(num_types)
 		histogram[0] = 1
 		for i = context_bits; i < alphabet_size; i++ {
 			histogram[i] = 1
 		}
 
-		buildAndStoreHuffmanTree(histogram[:], alphabet_size, alphabet_size, tree, depths[:], bits[:], bw)
+		buildAndStoreHuffmanTree(histogram[:], alphabet_size, alphabet_size, tree, depths[:], bits[:], storage_ix, storage)
 		for i = 0; i < num_types; i++ {
 			var tmp uint
 			if i == 0 {
@@ -855,13 +861,13 @@ func storeTrivialContextMap(num_types uint, context_bits uint, tree []huffmanTre
 				tmp = i + context_bits - 1
 			}
 			var code uint = tmp
-			bw.writeBits(uint(depths[code]), uint64(bits[code]))
-			bw.writeBits(uint(depths[repeat_code]), uint64(bits[repeat_code]))
-			bw.writeBits(repeat_code, uint64(repeat_bits))
+			writeBits(uint(depths[code]), uint64(bits[code]), storage_ix, storage)
+			writeBits(uint(depths[repeat_code]), uint64(bits[repeat_code]), storage_ix, storage)
+			writeBits(repeat_code, uint64(repeat_bits), storage_ix, storage)
 		}
 
 		/* Write IMTF (inverse-move-to-front) bit. */
-		bw.writeBits(1, 1)
+		writeBits(1, 1, storage_ix, storage)
 	}
 }
 
@@ -915,13 +921,13 @@ func cleanupBlockEncoder(self *blockEncoder) {
 
 /* Creates entropy codes of block lengths and block types and stores them
    to the bit stream. */
-func buildAndStoreBlockSwitchEntropyCodes(self *blockEncoder, tree []huffmanTree, bw *bitWriter) {
-	buildAndStoreBlockSplitCode(self.block_types_, self.block_lengths_, self.num_blocks_, self.num_block_types_, tree, &self.block_split_code_, bw)
+func buildAndStoreBlockSwitchEntropyCodes(self *blockEncoder, tree []huffmanTree, storage_ix *uint, storage []byte) {
+	buildAndStoreBlockSplitCode(self.block_types_, self.block_lengths_, self.num_blocks_, self.num_block_types_, tree, &self.block_split_code_, storage_ix, storage)
 }
 
 /* Stores the next symbol with the entropy code of the current block type.
    Updates the block type and block length at block boundaries. */
-func storeSymbol(self *blockEncoder, symbol uint, bw *bitWriter) {
+func storeSymbol(self *blockEncoder, symbol uint, storage_ix *uint, storage []byte) {
 	if self.block_len_ == 0 {
 		self.block_ix_++
 		var block_ix uint = self.block_ix_
@@ -929,20 +935,20 @@ func storeSymbol(self *blockEncoder, symbol uint, bw *bitWriter) {
 		var block_type byte = self.block_types_[block_ix]
 		self.block_len_ = uint(block_len)
 		self.entropy_ix_ = uint(block_type) * self.histogram_length_
-		storeBlockSwitch(&self.block_split_code_, block_len, block_type, false, bw)
+		storeBlockSwitch(&self.block_split_code_, block_len, block_type, false, storage_ix, storage)
 	}
 
 	self.block_len_--
 	{
 		var ix uint = self.entropy_ix_ + symbol
-		bw.writeBits(uint(self.depths_[ix]), uint64(self.bits_[ix]))
+		writeBits(uint(self.depths_[ix]), uint64(self.bits_[ix]), storage_ix, storage)
 	}
 }
 
 /* Stores the next symbol with the entropy code of the current block type and
    context value.
    Updates the block type and block length at block boundaries. */
-func storeSymbolWithContext(self *blockEncoder, symbol uint, context uint, context_map []uint32, bw *bitWriter, context_bits uint) {
+func storeSymbolWithContext(self *blockEncoder, symbol uint, context uint, context_map []uint32, storage_ix *uint, storage []byte, context_bits uint) {
 	if self.block_len_ == 0 {
 		self.block_ix_++
 		var block_ix uint = self.block_ix_
@@ -950,18 +956,18 @@ func storeSymbolWithContext(self *blockEncoder, symbol uint, context uint, conte
 		var block_type byte = self.block_types_[block_ix]
 		self.block_len_ = uint(block_len)
 		self.entropy_ix_ = uint(block_type) << context_bits
-		storeBlockSwitch(&self.block_split_code_, block_len, block_type, false, bw)
+		storeBlockSwitch(&self.block_split_code_, block_len, block_type, false, storage_ix, storage)
 	}
 
 	self.block_len_--
 	{
 		var histo_ix uint = uint(context_map[self.entropy_ix_+context])
 		var ix uint = histo_ix*self.histogram_length_ + symbol
-		bw.writeBits(uint(self.depths_[ix]), uint64(self.bits_[ix]))
+		writeBits(uint(self.depths_[ix]), uint64(self.bits_[ix]), storage_ix, storage)
 	}
 }
 
-func buildAndStoreEntropyCodesLiteral(self *blockEncoder, histograms []histogramLiteral, histograms_size uint, alphabet_size uint, tree []huffmanTree, bw *bitWriter) {
+func buildAndStoreEntropyCodesLiteral(self *blockEncoder, histograms []histogramLiteral, histograms_size uint, alphabet_size uint, tree []huffmanTree, storage_ix *uint, storage []byte) {
 	var table_size uint = histograms_size * self.histogram_length_
 	if cap(self.depths_) < int(table_size) {
 		self.depths_ = make([]byte, table_size)
@@ -977,12 +983,12 @@ func buildAndStoreEntropyCodesLiteral(self *blockEncoder, histograms []histogram
 		var i uint
 		for i = 0; i < histograms_size; i++ {
 			var ix uint = i * self.histogram_length_
-			buildAndStoreHuffmanTree(histograms[i].data_[0:], self.histogram_length_, alphabet_size, tree, self.depths_[ix:], self.bits_[ix:], bw)
+			buildAndStoreHuffmanTree(histograms[i].data_[0:], self.histogram_length_, alphabet_size, tree, self.depths_[ix:], self.bits_[ix:], storage_ix, storage)
 		}
 	}
 }
 
-func buildAndStoreEntropyCodesCommand(self *blockEncoder, histograms []histogramCommand, histograms_size uint, alphabet_size uint, tree []huffmanTree, bw *bitWriter) {
+func buildAndStoreEntropyCodesCommand(self *blockEncoder, histograms []histogramCommand, histograms_size uint, alphabet_size uint, tree []huffmanTree, storage_ix *uint, storage []byte) {
 	var table_size uint = histograms_size * self.histogram_length_
 	if cap(self.depths_) < int(table_size) {
 		self.depths_ = make([]byte, table_size)
@@ -998,12 +1004,12 @@ func buildAndStoreEntropyCodesCommand(self *blockEncoder, histograms []histogram
 		var i uint
 		for i = 0; i < histograms_size; i++ {
 			var ix uint = i * self.histogram_length_
-			buildAndStoreHuffmanTree(histograms[i].data_[0:], self.histogram_length_, alphabet_size, tree, self.depths_[ix:], self.bits_[ix:], bw)
+			buildAndStoreHuffmanTree(histograms[i].data_[0:], self.histogram_length_, alphabet_size, tree, self.depths_[ix:], self.bits_[ix:], storage_ix, storage)
 		}
 	}
 }
 
-func buildAndStoreEntropyCodesDistance(self *blockEncoder, histograms []histogramDistance, histograms_size uint, alphabet_size uint, tree []huffmanTree, bw *bitWriter) {
+func buildAndStoreEntropyCodesDistance(self *blockEncoder, histograms []histogramDistance, histograms_size uint, alphabet_size uint, tree []huffmanTree, storage_ix *uint, storage []byte) {
 	var table_size uint = histograms_size * self.histogram_length_
 	if cap(self.depths_) < int(table_size) {
 		self.depths_ = make([]byte, table_size)
@@ -1019,12 +1025,17 @@ func buildAndStoreEntropyCodesDistance(self *blockEncoder, histograms []histogra
 		var i uint
 		for i = 0; i < histograms_size; i++ {
 			var ix uint = i * self.histogram_length_
-			buildAndStoreHuffmanTree(histograms[i].data_[0:], self.histogram_length_, alphabet_size, tree, self.depths_[ix:], self.bits_[ix:], bw)
+			buildAndStoreHuffmanTree(histograms[i].data_[0:], self.histogram_length_, alphabet_size, tree, self.depths_[ix:], self.bits_[ix:], storage_ix, storage)
 		}
 	}
 }
 
-func storeMetaBlock(input []byte, start_pos uint, length uint, mask uint, prev_byte byte, prev_byte2 byte, is_last bool, params *encoderParams, literal_context_mode int, commands []command, mb *metaBlockSplit, bw *bitWriter) {
+func jumpToByteBoundary(storage_ix *uint, storage []byte) {
+	*storage_ix = (*storage_ix + 7) &^ 7
+	storage[*storage_ix>>3] = 0
+}
+
+func storeMetaBlock(input []byte, start_pos uint, length uint, mask uint, prev_byte byte, prev_byte2 byte, is_last bool, params *encoderParams, literal_context_mode int, commands []command, mb *metaBlockSplit, storage_ix *uint, storage []byte) {
 	var pos uint = start_pos
 	var i uint
 	var num_distance_symbols uint32 = params.dist.alphabet_size
@@ -1036,48 +1047,48 @@ func storeMetaBlock(input []byte, start_pos uint, length uint, mask uint, prev_b
 		num_effective_distance_symbols = numHistogramDistanceSymbols
 	}
 
-	storeCompressedMetaBlockHeader(is_last, length, bw)
+	storeCompressedMetaBlockHeader(is_last, length, storage_ix, storage)
 
 	tree = make([]huffmanTree, maxHuffmanTreeSize)
 	literal_enc := getBlockEncoder(numLiteralSymbols, mb.literal_split.num_types, mb.literal_split.types, mb.literal_split.lengths, mb.literal_split.num_blocks)
 	command_enc := getBlockEncoder(numCommandSymbols, mb.command_split.num_types, mb.command_split.types, mb.command_split.lengths, mb.command_split.num_blocks)
 	distance_enc := getBlockEncoder(uint(num_effective_distance_symbols), mb.distance_split.num_types, mb.distance_split.types, mb.distance_split.lengths, mb.distance_split.num_blocks)
 
-	buildAndStoreBlockSwitchEntropyCodes(literal_enc, tree, bw)
-	buildAndStoreBlockSwitchEntropyCodes(command_enc, tree, bw)
-	buildAndStoreBlockSwitchEntropyCodes(distance_enc, tree, bw)
+	buildAndStoreBlockSwitchEntropyCodes(literal_enc, tree, storage_ix, storage)
+	buildAndStoreBlockSwitchEntropyCodes(command_enc, tree, storage_ix, storage)
+	buildAndStoreBlockSwitchEntropyCodes(distance_enc, tree, storage_ix, storage)
 
-	bw.writeBits(2, uint64(dist.distance_postfix_bits))
-	bw.writeBits(4, uint64(dist.num_direct_distance_codes)>>dist.distance_postfix_bits)
+	writeBits(2, uint64(dist.distance_postfix_bits), storage_ix, storage)
+	writeBits(4, uint64(dist.num_direct_distance_codes)>>dist.distance_postfix_bits, storage_ix, storage)
 	for i = 0; i < mb.literal_split.num_types; i++ {
-		bw.writeBits(2, uint64(literal_context_mode))
+		writeBits(2, uint64(literal_context_mode), storage_ix, storage)
 	}
 
 	if mb.literal_context_map_size == 0 {
-		storeTrivialContextMap(mb.literal_histograms_size, literalContextBits, tree, bw)
+		storeTrivialContextMap(mb.literal_histograms_size, literalContextBits, tree, storage_ix, storage)
 	} else {
-		encodeContextMap(mb.literal_context_map, mb.literal_context_map_size, mb.literal_histograms_size, tree, bw)
+		encodeContextMap(mb.literal_context_map, mb.literal_context_map_size, mb.literal_histograms_size, tree, storage_ix, storage)
 	}
 
 	if mb.distance_context_map_size == 0 {
-		storeTrivialContextMap(mb.distance_histograms_size, distanceContextBits, tree, bw)
+		storeTrivialContextMap(mb.distance_histograms_size, distanceContextBits, tree, storage_ix, storage)
 	} else {
-		encodeContextMap(mb.distance_context_map, mb.distance_context_map_size, mb.distance_histograms_size, tree, bw)
+		encodeContextMap(mb.distance_context_map, mb.distance_context_map_size, mb.distance_histograms_size, tree, storage_ix, storage)
 	}
 
-	buildAndStoreEntropyCodesLiteral(literal_enc, mb.literal_histograms, mb.literal_histograms_size, numLiteralSymbols, tree, bw)
-	buildAndStoreEntropyCodesCommand(command_enc, mb.command_histograms, mb.command_histograms_size, numCommandSymbols, tree, bw)
-	buildAndStoreEntropyCodesDistance(distance_enc, mb.distance_histograms, mb.distance_histograms_size, uint(num_distance_symbols), tree, bw)
+	buildAndStoreEntropyCodesLiteral(literal_enc, mb.literal_histograms, mb.literal_histograms_size, numLiteralSymbols, tree, storage_ix, storage)
+	buildAndStoreEntropyCodesCommand(command_enc, mb.command_histograms, mb.command_histograms_size, numCommandSymbols, tree, storage_ix, storage)
+	buildAndStoreEntropyCodesDistance(distance_enc, mb.distance_histograms, mb.distance_histograms_size, uint(num_distance_symbols), tree, storage_ix, storage)
 	tree = nil
 
 	for _, cmd := range commands {
 		var cmd_code uint = uint(cmd.cmd_prefix_)
-		storeSymbol(command_enc, cmd_code, bw)
-		storeCommandExtra(&cmd, bw)
+		storeSymbol(command_enc, cmd_code, storage_ix, storage)
+		storeCommandExtra(&cmd, storage_ix, storage)
 		if mb.literal_context_map_size == 0 {
 			var j uint
 			for j = uint(cmd.insert_len_); j != 0; j-- {
-				storeSymbol(literal_enc, uint(input[pos&mask]), bw)
+				storeSymbol(literal_enc, uint(input[pos&mask]), storage_ix, storage)
 				pos++
 			}
 		} else {
@@ -1085,7 +1096,7 @@ func storeMetaBlock(input []byte, start_pos uint, length uint, mask uint, prev_b
 			for j = uint(cmd.insert_len_); j != 0; j-- {
 				var context uint = uint(getContext(prev_byte, prev_byte2, literal_context_lut))
 				var literal byte = input[pos&mask]
-				storeSymbolWithContext(literal_enc, uint(literal), context, mb.literal_context_map, bw, literalContextBits)
+				storeSymbolWithContext(literal_enc, uint(literal), context, mb.literal_context_map, storage_ix, storage, literalContextBits)
 				prev_byte2 = prev_byte
 				prev_byte = literal
 				pos++
@@ -1101,13 +1112,13 @@ func storeMetaBlock(input []byte, start_pos uint, length uint, mask uint, prev_b
 				var distnumextra uint32 = uint32(cmd.dist_prefix_) >> 10
 				var distextra uint64 = uint64(cmd.dist_extra_)
 				if mb.distance_context_map_size == 0 {
-					storeSymbol(distance_enc, dist_code, bw)
+					storeSymbol(distance_enc, dist_code, storage_ix, storage)
 				} else {
 					var context uint = uint(commandDistanceContext(&cmd))
-					storeSymbolWithContext(distance_enc, dist_code, context, mb.distance_context_map, bw, distanceContextBits)
+					storeSymbolWithContext(distance_enc, dist_code, context, mb.distance_context_map, storage_ix, storage, distanceContextBits)
 				}
 
-				bw.writeBits(uint(distnumextra), distextra)
+				writeBits(uint(distnumextra), distextra, storage_ix, storage)
 			}
 		}
 	}
@@ -1116,7 +1127,7 @@ func storeMetaBlock(input []byte, start_pos uint, length uint, mask uint, prev_b
 	cleanupBlockEncoder(command_enc)
 	cleanupBlockEncoder(literal_enc)
 	if is_last {
-		bw.jumpToByteBoundary()
+		jumpToByteBoundary(storage_ix, storage)
 	}
 }
 
@@ -1137,16 +1148,16 @@ func buildHistograms(input []byte, start_pos uint, mask uint, commands []command
 	}
 }
 
-func storeDataWithHuffmanCodes(input []byte, start_pos uint, mask uint, commands []command, lit_depth []byte, lit_bits []uint16, cmd_depth []byte, cmd_bits []uint16, dist_depth []byte, dist_bits []uint16, bw *bitWriter) {
+func storeDataWithHuffmanCodes(input []byte, start_pos uint, mask uint, commands []command, lit_depth []byte, lit_bits []uint16, cmd_depth []byte, cmd_bits []uint16, dist_depth []byte, dist_bits []uint16, storage_ix *uint, storage []byte) {
 	var pos uint = start_pos
 	for _, cmd := range commands {
 		var cmd_code uint = uint(cmd.cmd_prefix_)
 		var j uint
-		bw.writeBits(uint(cmd_depth[cmd_code]), uint64(cmd_bits[cmd_code]))
-		storeCommandExtra(&cmd, bw)
+		writeBits(uint(cmd_depth[cmd_code]), uint64(cmd_bits[cmd_code]), storage_ix, storage)
+		storeCommandExtra(&cmd, storage_ix, storage)
 		for j = uint(cmd.insert_len_); j != 0; j-- {
 			var literal byte = input[pos&mask]
-			bw.writeBits(uint(lit_depth[literal]), uint64(lit_bits[literal]))
+			writeBits(uint(lit_depth[literal]), uint64(lit_bits[literal]), storage_ix, storage)
 			pos++
 		}
 
@@ -1155,13 +1166,13 @@ func storeDataWithHuffmanCodes(input []byte, start_pos uint, mask uint, commands
 			var dist_code uint = uint(cmd.dist_prefix_) & 0x3FF
 			var distnumextra uint32 = uint32(cmd.dist_prefix_) >> 10
 			var distextra uint32 = cmd.dist_extra_
-			bw.writeBits(uint(dist_depth[dist_code]), uint64(dist_bits[dist_code]))
-			bw.writeBits(uint(distnumextra), uint64(distextra))
+			writeBits(uint(dist_depth[dist_code]), uint64(dist_bits[dist_code]), storage_ix, storage)
+			writeBits(uint(distnumextra), uint64(distextra), storage_ix, storage)
 		}
 	}
 }
 
-func storeMetaBlockTrivial(input []byte, start_pos uint, length uint, mask uint, is_last bool, params *encoderParams, commands []command, bw *bitWriter) {
+func storeMetaBlockTrivial(input []byte, start_pos uint, length uint, mask uint, is_last bool, params *encoderParams, commands []command, storage_ix *uint, storage []byte) {
 	var lit_histo histogramLiteral
 	var cmd_histo histogramCommand
 	var dist_histo histogramDistance
@@ -1174,7 +1185,7 @@ func storeMetaBlockTrivial(input []byte, start_pos uint, length uint, mask uint,
 	var tree []huffmanTree
 	var num_distance_symbols uint32 = params.dist.alphabet_size
 
-	storeCompressedMetaBlockHeader(is_last, length, bw)
+	storeCompressedMetaBlockHeader(is_last, length, storage_ix, storage)
 
 	histogramClearLiteral(&lit_histo)
 	histogramClearCommand(&cmd_histo)
@@ -1182,26 +1193,26 @@ func storeMetaBlockTrivial(input []byte, start_pos uint, length uint, mask uint,
 
 	buildHistograms(input, start_pos, mask, commands, &lit_histo, &cmd_histo, &dist_histo)
 
-	bw.writeBits(13, 0)
+	writeBits(13, 0, storage_ix, storage)
 
 	tree = make([]huffmanTree, maxHuffmanTreeSize)
-	buildAndStoreHuffmanTree(lit_histo.data_[:], numLiteralSymbols, numLiteralSymbols, tree, lit_depth[:], lit_bits[:], bw)
-	buildAndStoreHuffmanTree(cmd_histo.data_[:], numCommandSymbols, numCommandSymbols, tree, cmd_depth[:], cmd_bits[:], bw)
-	buildAndStoreHuffmanTree(dist_histo.data_[:], maxSimpleDistanceAlphabetSize, uint(num_distance_symbols), tree, dist_depth[:], dist_bits[:], bw)
+	buildAndStoreHuffmanTree(lit_histo.data_[:], numLiteralSymbols, numLiteralSymbols, tree, lit_depth[:], lit_bits[:], storage_ix, storage)
+	buildAndStoreHuffmanTree(cmd_histo.data_[:], numCommandSymbols, numCommandSymbols, tree, cmd_depth[:], cmd_bits[:], storage_ix, storage)
+	buildAndStoreHuffmanTree(dist_histo.data_[:], maxSimpleDistanceAlphabetSize, uint(num_distance_symbols), tree, dist_depth[:], dist_bits[:], storage_ix, storage)
 	tree = nil
-	storeDataWithHuffmanCodes(input, start_pos, mask, commands, lit_depth[:], lit_bits[:], cmd_depth[:], cmd_bits[:], dist_depth[:], dist_bits[:], bw)
+	storeDataWithHuffmanCodes(input, start_pos, mask, commands, lit_depth[:], lit_bits[:], cmd_depth[:], cmd_bits[:], dist_depth[:], dist_bits[:], storage_ix, storage)
 	if is_last {
-		bw.jumpToByteBoundary()
+		jumpToByteBoundary(storage_ix, storage)
 	}
 }
 
-func storeMetaBlockFast(input []byte, start_pos uint, length uint, mask uint, is_last bool, params *encoderParams, commands []command, bw *bitWriter) {
+func storeMetaBlockFast(input []byte, start_pos uint, length uint, mask uint, is_last bool, params *encoderParams, commands []command, storage_ix *uint, storage []byte) {
 	var num_distance_symbols uint32 = params.dist.alphabet_size
 	var distance_alphabet_bits uint32 = log2FloorNonZero(uint(num_distance_symbols-1)) + 1
 
-	storeCompressedMetaBlockHeader(is_last, length, bw)
+	storeCompressedMetaBlockHeader(is_last, length, storage_ix, storage)
 
-	bw.writeBits(13, 0)
+	writeBits(13, 0, storage_ix, storage)
 
 	if len(commands) <= 128 {
 		var histogram = [numLiteralSymbols]uint32{0}
@@ -1221,11 +1232,11 @@ func storeMetaBlockFast(input []byte, start_pos uint, length uint, mask uint, is
 		}
 
 		buildAndStoreHuffmanTreeFast(histogram[:], num_literals, /* max_bits = */
-			8, lit_depth[:], lit_bits[:], bw)
+			8, lit_depth[:], lit_bits[:], storage_ix, storage)
 
-		storeStaticCommandHuffmanTree(bw)
-		storeStaticDistanceHuffmanTree(bw)
-		storeDataWithHuffmanCodes(input, start_pos, mask, commands, lit_depth[:], lit_bits[:], kStaticCommandCodeDepth[:], kStaticCommandCodeBits[:], kStaticDistanceCodeDepth[:], kStaticDistanceCodeBits[:], bw)
+		storeStaticCommandHuffmanTree(storage_ix, storage)
+		storeStaticDistanceHuffmanTree(storage_ix, storage)
+		storeDataWithHuffmanCodes(input, start_pos, mask, commands, lit_depth[:], lit_bits[:], kStaticCommandCodeDepth[:], kStaticCommandCodeBits[:], kStaticDistanceCodeDepth[:], kStaticDistanceCodeBits[:], storage_ix, storage)
 	} else {
 		var lit_histo histogramLiteral
 		var cmd_histo histogramCommand
@@ -1241,43 +1252,49 @@ func storeMetaBlockFast(input []byte, start_pos uint, length uint, mask uint, is
 		histogramClearDistance(&dist_histo)
 		buildHistograms(input, start_pos, mask, commands, &lit_histo, &cmd_histo, &dist_histo)
 		buildAndStoreHuffmanTreeFast(lit_histo.data_[:], lit_histo.total_count_, /* max_bits = */
-			8, lit_depth[:], lit_bits[:], bw)
+			8, lit_depth[:], lit_bits[:], storage_ix, storage)
 
 		buildAndStoreHuffmanTreeFast(cmd_histo.data_[:], cmd_histo.total_count_, /* max_bits = */
-			10, cmd_depth[:], cmd_bits[:], bw)
+			10, cmd_depth[:], cmd_bits[:], storage_ix, storage)
 
 		buildAndStoreHuffmanTreeFast(dist_histo.data_[:], dist_histo.total_count_, /* max_bits = */
-			uint(distance_alphabet_bits), dist_depth[:], dist_bits[:], bw)
+			uint(distance_alphabet_bits), dist_depth[:], dist_bits[:], storage_ix, storage)
 
-		storeDataWithHuffmanCodes(input, start_pos, mask, commands, lit_depth[:], lit_bits[:], cmd_depth[:], cmd_bits[:], dist_depth[:], dist_bits[:], bw)
+		storeDataWithHuffmanCodes(input, start_pos, mask, commands, lit_depth[:], lit_bits[:], cmd_depth[:], cmd_bits[:], dist_depth[:], dist_bits[:], storage_ix, storage)
 	}
 
 	if is_last {
-		bw.jumpToByteBoundary()
+		jumpToByteBoundary(storage_ix, storage)
 	}
 }
 
 /* This is for storing uncompressed blocks (simple raw storage of
    bytes-as-bytes). */
-func storeUncompressedMetaBlock(is_final_block bool, input []byte, position uint, mask uint, len uint, bw *bitWriter) {
+func storeUncompressedMetaBlock(is_final_block bool, input []byte, position uint, mask uint, len uint, storage_ix *uint, storage []byte) {
 	var masked_pos uint = position & mask
-	storeUncompressedMetaBlockHeader(uint(len), bw)
-	bw.jumpToByteBoundary()
+	storeUncompressedMetaBlockHeader(uint(len), storage_ix, storage)
+	jumpToByteBoundary(storage_ix, storage)
 
 	if masked_pos+len > mask+1 {
 		var len1 uint = mask + 1 - masked_pos
-		bw.writeBytes(input[masked_pos:][:len1])
+		copy(storage[*storage_ix>>3:], input[masked_pos:][:len1])
+		*storage_ix += len1 << 3
 		len -= len1
 		masked_pos = 0
 	}
 
-	bw.writeBytes(input[masked_pos:][:len])
+	copy(storage[*storage_ix>>3:], input[masked_pos:][:len])
+	*storage_ix += uint(len << 3)
+
+	/* We need to clear the next 4 bytes to continue to be
+	   compatible with BrotliWriteBits. */
+	writeBitsPrepareStorage(*storage_ix, storage)
 
 	/* Since the uncompressed block itself may not be the final block, add an
 	   empty one after this. */
 	if is_final_block {
-		bw.writeBits(1, 1) /* islast */
-		bw.writeBits(1, 1) /* isempty */
-		bw.jumpToByteBoundary()
+		writeBits(1, 1, storage_ix, storage) /* islast */
+		writeBits(1, 1, storage_ix, storage) /* isempty */
+		jumpToByteBoundary(storage_ix, storage)
 	}
 }
diff --git a/vendor/github.com/andybalholm/brotli/compress_fragment.go b/vendor/github.com/andybalholm/brotli/compress_fragment.go
index dbf0c43bf2..2fc2df139b 100644
--- a/vendor/github.com/andybalholm/brotli/compress_fragment.go
+++ b/vendor/github.com/andybalholm/brotli/compress_fragment.go
@@ -45,7 +45,7 @@ func isMatch5(p1 []byte, p2 []byte) bool {
    and thus have to assign a non-zero depth for each literal.
    Returns estimated compression ratio millibytes/char for encoding given input
    with generated code. */
-func buildAndStoreLiteralPrefixCode(input []byte, input_size uint, depths []byte, bits []uint16, bw *bitWriter) uint {
+func buildAndStoreLiteralPrefixCode(input []byte, input_size uint, depths []byte, bits []uint16, storage_ix *uint, storage []byte) uint {
 	var histogram = [256]uint32{0}
 	var histogram_total uint
 	var i uint
@@ -82,7 +82,7 @@ func buildAndStoreLiteralPrefixCode(input []byte, input_size uint, depths []byte
 	}
 
 	buildAndStoreHuffmanTreeFast(histogram[:], histogram_total, /* max_bits = */
-		8, depths, bits, bw)
+		8, depths, bits, storage_ix, storage)
 	{
 		var literal_ratio uint = 0
 		for i = 0; i < 256; i++ {
@@ -98,7 +98,7 @@ func buildAndStoreLiteralPrefixCode(input []byte, input_size uint, depths []byte
 
 /* Builds a command and distance prefix code (each 64 symbols) into "depth" and
    "bits" based on "histogram" and stores it into the bit stream. */
-func buildAndStoreCommandPrefixCode1(histogram []uint32, depth []byte, bits []uint16, bw *bitWriter) {
+func buildAndStoreCommandPrefixCode1(histogram []uint32, depth []byte, bits []uint16, storage_ix *uint, storage []byte) {
 	var tree [129]huffmanTree
 	var cmd_depth = [numCommandSymbols]byte{0}
 	/* Tree size for building a tree over 64 symbols is 2 * 64 + 1. */
@@ -145,141 +145,141 @@ func buildAndStoreCommandPrefixCode1(histogram []uint32, depth []byte, bits []ui
 			cmd_depth[448+8*i] = depth[56+i]
 		}
 
-		storeHuffmanTree(cmd_depth[:], numCommandSymbols, tree[:], bw)
+		storeHuffmanTree(cmd_depth[:], numCommandSymbols, tree[:], storage_ix, storage)
 	}
 
-	storeHuffmanTree(depth[64:], 64, tree[:], bw)
+	storeHuffmanTree(depth[64:], 64, tree[:], storage_ix, storage)
 }
 
 /* REQUIRES: insertlen < 6210 */
-func emitInsertLen1(insertlen uint, depth []byte, bits []uint16, histo []uint32, bw *bitWriter) {
+func emitInsertLen1(insertlen uint, depth []byte, bits []uint16, histo []uint32, storage_ix *uint, storage []byte) {
 	if insertlen < 6 {
 		var code uint = insertlen + 40
-		bw.writeBits(uint(depth[code]), uint64(bits[code]))
+		writeBits(uint(depth[code]), uint64(bits[code]), storage_ix, storage)
 		histo[code]++
 	} else if insertlen < 130 {
 		var tail uint = insertlen - 2
 		var nbits uint32 = log2FloorNonZero(tail) - 1
 		var prefix uint = tail >> nbits
 		var inscode uint = uint((nbits << 1) + uint32(prefix) + 42)
-		bw.writeBits(uint(depth[inscode]), uint64(bits[inscode]))
-		bw.writeBits(uint(nbits), uint64(tail)-(uint64(prefix)<<nbits))
+		writeBits(uint(depth[inscode]), uint64(bits[inscode]), storage_ix, storage)
+		writeBits(uint(nbits), uint64(tail)-(uint64(prefix)<<nbits), storage_ix, storage)
 		histo[inscode]++
 	} else if insertlen < 2114 {
 		var tail uint = insertlen - 66
 		var nbits uint32 = log2FloorNonZero(tail)
 		var code uint = uint(nbits + 50)
-		bw.writeBits(uint(depth[code]), uint64(bits[code]))
-		bw.writeBits(uint(nbits), uint64(tail)-(uint64(uint(1))<<nbits))
+		writeBits(uint(depth[code]), uint64(bits[code]), storage_ix, storage)
+		writeBits(uint(nbits), uint64(tail)-(uint64(uint(1))<<nbits), storage_ix, storage)
 		histo[code]++
 	} else {
-		bw.writeBits(uint(depth[61]), uint64(bits[61]))
-		bw.writeBits(12, uint64(insertlen)-2114)
+		writeBits(uint(depth[61]), uint64(bits[61]), storage_ix, storage)
+		writeBits(12, uint64(insertlen)-2114, storage_ix, storage)
 		histo[61]++
 	}
 }
 
-func emitLongInsertLen(insertlen uint, depth []byte, bits []uint16, histo []uint32, bw *bitWriter) {
+func emitLongInsertLen(insertlen uint, depth []byte, bits []uint16, histo []uint32, storage_ix *uint, storage []byte) {
 	if insertlen < 22594 {
-		bw.writeBits(uint(depth[62]), uint64(bits[62]))
-		bw.writeBits(14, uint64(insertlen)-6210)
+		writeBits(uint(depth[62]), uint64(bits[62]), storage_ix, storage)
+		writeBits(14, uint64(insertlen)-6210, storage_ix, storage)
 		histo[62]++
 	} else {
-		bw.writeBits(uint(depth[63]), uint64(bits[63]))
-		bw.writeBits(24, uint64(insertlen)-22594)
+		writeBits(uint(depth[63]), uint64(bits[63]), storage_ix, storage)
+		writeBits(24, uint64(insertlen)-22594, storage_ix, storage)
 		histo[63]++
 	}
 }
 
-func emitCopyLen1(copylen uint, depth []byte, bits []uint16, histo []uint32, bw *bitWriter) {
+func emitCopyLen1(copylen uint, depth []byte, bits []uint16, histo []uint32, storage_ix *uint, storage []byte) {
 	if copylen < 10 {
-		bw.writeBits(uint(depth[copylen+14]), uint64(bits[copylen+14]))
+		writeBits(uint(depth[copylen+14]), uint64(bits[copylen+14]), storage_ix, storage)
 		histo[copylen+14]++
 	} else if copylen < 134 {
 		var tail uint = copylen - 6
 		var nbits uint32 = log2FloorNonZero(tail) - 1
 		var prefix uint = tail >> nbits
 		var code uint = uint((nbits << 1) + uint32(prefix) + 20)
-		bw.writeBits(uint(depth[code]), uint64(bits[code]))
-		bw.writeBits(uint(nbits), uint64(tail)-(uint64(prefix)<<nbits))
+		writeBits(uint(depth[code]), uint64(bits[code]), storage_ix, storage)
+		writeBits(uint(nbits), uint64(tail)-(uint64(prefix)<<nbits), storage_ix, storage)
 		histo[code]++
 	} else if copylen < 2118 {
 		var tail uint = copylen - 70
 		var nbits uint32 = log2FloorNonZero(tail)
 		var code uint = uint(nbits + 28)
-		bw.writeBits(uint(depth[code]), uint64(bits[code]))
-		bw.writeBits(uint(nbits), uint64(tail)-(uint64(uint(1))<<nbits))
+		writeBits(uint(depth[code]), uint64(bits[code]), storage_ix, storage)
+		writeBits(uint(nbits), uint64(tail)-(uint64(uint(1))<<nbits), storage_ix, storage)
 		histo[code]++
 	} else {
-		bw.writeBits(uint(depth[39]), uint64(bits[39]))
-		bw.writeBits(24, uint64(copylen)-2118)
+		writeBits(uint(depth[39]), uint64(bits[39]), storage_ix, storage)
+		writeBits(24, uint64(copylen)-2118, storage_ix, storage)
 		histo[39]++
 	}
 }
 
-func emitCopyLenLastDistance1(copylen uint, depth []byte, bits []uint16, histo []uint32, bw *bitWriter) {
+func emitCopyLenLastDistance1(copylen uint, depth []byte, bits []uint16, histo []uint32, storage_ix *uint, storage []byte) {
 	if copylen < 12 {
-		bw.writeBits(uint(depth[copylen-4]), uint64(bits[copylen-4]))
+		writeBits(uint(depth[copylen-4]), uint64(bits[copylen-4]), storage_ix, storage)
 		histo[copylen-4]++
 	} else if copylen < 72 {
 		var tail uint = copylen - 8
 		var nbits uint32 = log2FloorNonZero(tail) - 1
 		var prefix uint = tail >> nbits
 		var code uint = uint((nbits << 1) + uint32(prefix) + 4)
-		bw.writeBits(uint(depth[code]), uint64(bits[code]))
-		bw.writeBits(uint(nbits), uint64(tail)-(uint64(prefix)<<nbits))
+		writeBits(uint(depth[code]), uint64(bits[code]), storage_ix, storage)
+		writeBits(uint(nbits), uint64(tail)-(uint64(prefix)<<nbits), storage_ix, storage)
 		histo[code]++
 	} else if copylen < 136 {
 		var tail uint = copylen - 8
 		var code uint = (tail >> 5) + 30
-		bw.writeBits(uint(depth[code]), uint64(bits[code]))
-		bw.writeBits(5, uint64(tail)&31)
-		bw.writeBits(uint(depth[64]), uint64(bits[64]))
+		writeBits(uint(depth[code]), uint64(bits[code]), storage_ix, storage)
+		writeBits(5, uint64(tail)&31, storage_ix, storage)
+		writeBits(uint(depth[64]), uint64(bits[64]), storage_ix, storage)
 		histo[code]++
 		histo[64]++
 	} else if copylen < 2120 {
 		var tail uint = copylen - 72
 		var nbits uint32 = log2FloorNonZero(tail)
 		var code uint = uint(nbits + 28)
-		bw.writeBits(uint(depth[code]), uint64(bits[code]))
-		bw.writeBits(uint(nbits), uint64(tail)-(uint64(uint(1))<<nbits))
-		bw.writeBits(uint(depth[64]), uint64(bits[64]))
+		writeBits(uint(depth[code]), uint64(bits[code]), storage_ix, storage)
+		writeBits(uint(nbits), uint64(tail)-(uint64(uint(1))<<nbits), storage_ix, storage)
+		writeBits(uint(depth[64]), uint64(bits[64]), storage_ix, storage)
 		histo[code]++
 		histo[64]++
 	} else {
-		bw.writeBits(uint(depth[39]), uint64(bits[39]))
-		bw.writeBits(24, uint64(copylen)-2120)
-		bw.writeBits(uint(depth[64]), uint64(bits[64]))
+		writeBits(uint(depth[39]), uint64(bits[39]), storage_ix, storage)
+		writeBits(24, uint64(copylen)-2120, storage_ix, storage)
+		writeBits(uint(depth[64]), uint64(bits[64]), storage_ix, storage)
 		histo[39]++
 		histo[64]++
 	}
 }
 
-func emitDistance1(distance uint, depth []byte, bits []uint16, histo []uint32, bw *bitWriter) {
+func emitDistance1(distance uint, depth []byte, bits []uint16, histo []uint32, storage_ix *uint, storage []byte) {
 	var d uint = distance + 3
 	var nbits uint32 = log2FloorNonZero(d) - 1
 	var prefix uint = (d >> nbits) & 1
 	var offset uint = (2 + prefix) << nbits
 	var distcode uint = uint(2*(nbits-1) + uint32(prefix) + 80)
-	bw.writeBits(uint(depth[distcode]), uint64(bits[distcode]))
-	bw.writeBits(uint(nbits), uint64(d)-uint64(offset))
+	writeBits(uint(depth[distcode]), uint64(bits[distcode]), storage_ix, storage)
+	writeBits(uint(nbits), uint64(d)-uint64(offset), storage_ix, storage)
 	histo[distcode]++
 }
 
-func emitLiterals(input []byte, len uint, depth []byte, bits []uint16, bw *bitWriter) {
+func emitLiterals(input []byte, len uint, depth []byte, bits []uint16, storage_ix *uint, storage []byte) {
 	var j uint
 	for j = 0; j < len; j++ {
 		var lit byte = input[j]
-		bw.writeBits(uint(depth[lit]), uint64(bits[lit]))
+		writeBits(uint(depth[lit]), uint64(bits[lit]), storage_ix, storage)
 	}
 }
 
 /* REQUIRES: len <= 1 << 24. */
-func storeMetaBlockHeader1(len uint, is_uncompressed bool, bw *bitWriter) {
+func storeMetaBlockHeader1(len uint, is_uncompressed bool, storage_ix *uint, storage []byte) {
 	var nibbles uint = 6
 
 	/* ISLAST */
-	bw.writeBits(1, 0)
+	writeBits(1, 0, storage_ix, storage)
 
 	if len <= 1<<16 {
 		nibbles = 4
@@ -287,11 +287,34 @@ func storeMetaBlockHeader1(len uint, is_uncompressed bool, bw *bitWriter) {
 		nibbles = 5
 	}
 
-	bw.writeBits(2, uint64(nibbles)-4)
-	bw.writeBits(nibbles*4, uint64(len)-1)
+	writeBits(2, uint64(nibbles)-4, storage_ix, storage)
+	writeBits(nibbles*4, uint64(len)-1, storage_ix, storage)
 
 	/* ISUNCOMPRESSED */
-	bw.writeSingleBit(is_uncompressed)
+	writeSingleBit(is_uncompressed, storage_ix, storage)
+}
+
+func updateBits(n_bits uint, bits uint32, pos uint, array []byte) {
+	for n_bits > 0 {
+		var byte_pos uint = pos >> 3
+		var n_unchanged_bits uint = pos & 7
+		var n_changed_bits uint = brotli_min_size_t(n_bits, 8-n_unchanged_bits)
+		var total_bits uint = n_unchanged_bits + n_changed_bits
+		var mask uint32 = (^((1 << total_bits) - 1)) | ((1 << n_unchanged_bits) - 1)
+		var unchanged_bits uint32 = uint32(array[byte_pos]) & mask
+		var changed_bits uint32 = bits & ((1 << n_changed_bits) - 1)
+		array[byte_pos] = byte(changed_bits<<n_unchanged_bits | unchanged_bits)
+		n_bits -= n_changed_bits
+		bits >>= n_changed_bits
+		pos += n_changed_bits
+	}
+}
+
+func rewindBitPosition1(new_storage_ix uint, storage_ix *uint, storage []byte) {
+	var bitpos uint = new_storage_ix & 7
+	var mask uint = (1 << bitpos) - 1
+	storage[new_storage_ix>>3] &= byte(mask)
+	*storage_ix = new_storage_ix
 }
 
 var shouldMergeBlock_kSampleRate uint = 43
@@ -322,26 +345,151 @@ func shouldUseUncompressedMode(metablock_start []byte, next_emit []byte, insertl
 	}
 }
 
-func emitUncompressedMetaBlock1(data []byte, storage_ix_start uint, bw *bitWriter) {
-	bw.rewind(storage_ix_start)
-	storeMetaBlockHeader1(uint(len(data)), true, bw)
-	bw.jumpToByteBoundary()
-	bw.writeBytes(data)
+func emitUncompressedMetaBlock1(begin []byte, end []byte, storage_ix_start uint, storage_ix *uint, storage []byte) {
+	var len uint = uint(-cap(end) + cap(begin))
+	rewindBitPosition1(storage_ix_start, storage_ix, storage)
+	storeMetaBlockHeader1(uint(len), true, storage_ix, storage)
+	*storage_ix = (*storage_ix + 7) &^ 7
+	copy(storage[*storage_ix>>3:], begin[:len])
+	*storage_ix += uint(len << 3)
+	storage[*storage_ix>>3] = 0
 }
 
 var kCmdHistoSeed = [128]uint32{
-	0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 0, 0, 0, 0, 0, 0, 0,
-	0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1,
-	1, 1, 1, 1, 0, 0, 0, 0,
+	0,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	0,
+	0,
+	0,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	0,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	1,
+	0,
+	0,
+	0,
+	0,
 }
 
 var compressFragmentFastImpl_kFirstBlockSize uint = 3 << 15
 var compressFragmentFastImpl_kMergeBlockSize uint = 1 << 16
 
-func compressFragmentFastImpl(in []byte, input_size uint, is_last bool, table []int, table_bits uint, cmd_depth []byte, cmd_bits []uint16, cmd_code_numbits *uint, cmd_code []byte, bw *bitWriter) {
+func compressFragmentFastImpl(in []byte, input_size uint, is_last bool, table []int, table_bits uint, cmd_depth []byte, cmd_bits []uint16, cmd_code_numbits *uint, cmd_code []byte, storage_ix *uint, storage []byte) {
 	var cmd_histo [128]uint32
 	var ip_end int
 	var next_emit int = 0
@@ -352,7 +500,7 @@ func compressFragmentFastImpl(in []byte, input_size uint, is_last bool, table []
 	var metablock_start int = input
 	var block_size uint = brotli_min_size_t(input_size, compressFragmentFastImpl_kFirstBlockSize)
 	var total_block_size uint = block_size
-	var mlen_storage_ix uint = bw.getPos() + 3
+	var mlen_storage_ix uint = *storage_ix + 3
 	var lit_depth [256]byte
 	var lit_bits [256]uint16
 	var literal_ratio uint
@@ -369,21 +517,21 @@ func compressFragmentFastImpl(in []byte, input_size uint, is_last bool, table []
 
 	/* Save the bit position of the MLEN field of the meta-block header, so that
 	   we can update it later if we decide to extend this meta-block. */
-	storeMetaBlockHeader1(block_size, false, bw)
+	storeMetaBlockHeader1(block_size, false, storage_ix, storage)
 
 	/* No block splits, no contexts. */
-	bw.writeBits(13, 0)
+	writeBits(13, 0, storage_ix, storage)
 
-	literal_ratio = buildAndStoreLiteralPrefixCode(in[input:], block_size, lit_depth[:], lit_bits[:], bw)
+	literal_ratio = buildAndStoreLiteralPrefixCode(in[input:], block_size, lit_depth[:], lit_bits[:], storage_ix, storage)
 	{
 		/* Store the pre-compressed command and distance prefix codes. */
 		var i uint
 		for i = 0; i+7 < *cmd_code_numbits; i += 8 {
-			bw.writeBits(8, uint64(cmd_code[i>>3]))
+			writeBits(8, uint64(cmd_code[i>>3]), storage_ix, storage)
 		}
 	}
 
-	bw.writeBits(*cmd_code_numbits&7, uint64(cmd_code[*cmd_code_numbits>>3]))
+	writeBits(*cmd_code_numbits&7, uint64(cmd_code[*cmd_code_numbits>>3]), storage_ix, storage)
 
 	/* Initialize the command and distance histograms. We will gather
 	   statistics of command and distance codes during the processing
@@ -482,27 +630,27 @@ emit_commands:
 				var insert uint = uint(base - next_emit)
 				ip += int(matched)
 				if insert < 6210 {
-					emitInsertLen1(insert, cmd_depth, cmd_bits, cmd_histo[:], bw)
+					emitInsertLen1(insert, cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
 				} else if shouldUseUncompressedMode(in[metablock_start:], in[next_emit:], insert, literal_ratio) {
-					emitUncompressedMetaBlock1(in[metablock_start:base], mlen_storage_ix-3, bw)
+					emitUncompressedMetaBlock1(in[metablock_start:], in[base:], mlen_storage_ix-3, storage_ix, storage)
 					input_size -= uint(base - input)
 					input = base
 					next_emit = input
 					goto next_block
 				} else {
-					emitLongInsertLen(insert, cmd_depth, cmd_bits, cmd_histo[:], bw)
+					emitLongInsertLen(insert, cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
 				}
 
-				emitLiterals(in[next_emit:], insert, lit_depth[:], lit_bits[:], bw)
+				emitLiterals(in[next_emit:], insert, lit_depth[:], lit_bits[:], storage_ix, storage)
 				if distance == last_distance {
-					bw.writeBits(uint(cmd_depth[64]), uint64(cmd_bits[64]))
+					writeBits(uint(cmd_depth[64]), uint64(cmd_bits[64]), storage_ix, storage)
 					cmd_histo[64]++
 				} else {
-					emitDistance1(uint(distance), cmd_depth, cmd_bits, cmd_histo[:], bw)
+					emitDistance1(uint(distance), cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
 					last_distance = distance
 				}
 
-				emitCopyLenLastDistance1(matched, cmd_depth, cmd_bits, cmd_histo[:], bw)
+				emitCopyLenLastDistance1(matched, cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
 
 				next_emit = ip
 				if ip >= ip_limit {
@@ -538,8 +686,8 @@ emit_commands:
 				}
 				ip += int(matched)
 				last_distance = int(base - candidate) /* > 0 */
-				emitCopyLen1(matched, cmd_depth, cmd_bits, cmd_histo[:], bw)
-				emitDistance1(uint(last_distance), cmd_depth, cmd_bits, cmd_histo[:], bw)
+				emitCopyLen1(matched, cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
+				emitDistance1(uint(last_distance), cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
 
 				next_emit = ip
 				if ip >= ip_limit {
@@ -585,7 +733,7 @@ emit_remainder:
 		   nibbles. */
 		total_block_size += block_size
 
-		bw.updateBits(20, uint32(total_block_size-1), mlen_storage_ix)
+		updateBits(20, uint32(total_block_size-1), mlen_storage_ix, storage)
 		goto emit_commands
 	}
 
@@ -593,13 +741,13 @@ emit_remainder:
 	if next_emit < ip_end {
 		var insert uint = uint(ip_end - next_emit)
 		if insert < 6210 {
-			emitInsertLen1(insert, cmd_depth, cmd_bits, cmd_histo[:], bw)
-			emitLiterals(in[next_emit:], insert, lit_depth[:], lit_bits[:], bw)
+			emitInsertLen1(insert, cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
+			emitLiterals(in[next_emit:], insert, lit_depth[:], lit_bits[:], storage_ix, storage)
 		} else if shouldUseUncompressedMode(in[metablock_start:], in[next_emit:], insert, literal_ratio) {
-			emitUncompressedMetaBlock1(in[metablock_start:ip_end], mlen_storage_ix-3, bw)
+			emitUncompressedMetaBlock1(in[metablock_start:], in[ip_end:], mlen_storage_ix-3, storage_ix, storage)
 		} else {
-			emitLongInsertLen(insert, cmd_depth, cmd_bits, cmd_histo[:], bw)
-			emitLiterals(in[next_emit:], insert, lit_depth[:], lit_bits[:], bw)
+			emitLongInsertLen(insert, cmd_depth, cmd_bits, cmd_histo[:], storage_ix, storage)
+			emitLiterals(in[next_emit:], insert, lit_depth[:], lit_bits[:], storage_ix, storage)
 		}
 	}
 
@@ -615,29 +763,30 @@ next_block:
 
 		/* Save the bit position of the MLEN field of the meta-block header, so that
 		   we can update it later if we decide to extend this meta-block. */
-		mlen_storage_ix = bw.getPos() + 3
+		mlen_storage_ix = *storage_ix + 3
 
-		storeMetaBlockHeader1(block_size, false, bw)
+		storeMetaBlockHeader1(block_size, false, storage_ix, storage)
 
 		/* No block splits, no contexts. */
-		bw.writeBits(13, 0)
+		writeBits(13, 0, storage_ix, storage)
 
-		literal_ratio = buildAndStoreLiteralPrefixCode(in[input:], block_size, lit_depth[:], lit_bits[:], bw)
-		buildAndStoreCommandPrefixCode1(cmd_histo[:], cmd_depth, cmd_bits, bw)
+		literal_ratio = buildAndStoreLiteralPrefixCode(in[input:], block_size, lit_depth[:], lit_bits[:], storage_ix, storage)
+		buildAndStoreCommandPrefixCode1(cmd_histo[:], cmd_depth, cmd_bits, storage_ix, storage)
 		goto emit_commands
 	}
 
 	if !is_last {
 		/* If this is not the last block, update the command and distance prefix
 		   codes for the next block and store the compressed forms. */
-		var bw bitWriter
-		bw.dst = cmd_code
-		buildAndStoreCommandPrefixCode1(cmd_histo[:], cmd_depth, cmd_bits, &bw)
-		*cmd_code_numbits = bw.getPos()
+		cmd_code[0] = 0
+
+		*cmd_code_numbits = 0
+		buildAndStoreCommandPrefixCode1(cmd_histo[:], cmd_depth, cmd_bits, cmd_code_numbits, cmd_code)
 	}
 }
 
-/* Compresses "input" string to bw as one or more complete meta-blocks.
+/* Compresses "input" string to the "*storage" buffer as one or more complete
+   meta-blocks, and updates the "*storage_ix" bit position.
 
    If "is_last" is 1, emits an additional empty last meta-block.
 
@@ -658,28 +807,28 @@ next_block:
    REQUIRES: "table_size" is an odd (9, 11, 13, 15) power of two
    OUTPUT: maximal copy distance <= |input_size|
    OUTPUT: maximal copy distance <= BROTLI_MAX_BACKWARD_LIMIT(18) */
-func compressFragmentFast(input []byte, input_size uint, is_last bool, table []int, table_size uint, cmd_depth []byte, cmd_bits []uint16, cmd_code_numbits *uint, cmd_code []byte, bw *bitWriter) {
-	var initial_storage_ix uint = bw.getPos()
+func compressFragmentFast(input []byte, input_size uint, is_last bool, table []int, table_size uint, cmd_depth []byte, cmd_bits []uint16, cmd_code_numbits *uint, cmd_code []byte, storage_ix *uint, storage []byte) {
+	var initial_storage_ix uint = *storage_ix
 	var table_bits uint = uint(log2FloorNonZero(table_size))
 
 	if input_size == 0 {
 		assert(is_last)
-		bw.writeBits(1, 1) /* islast */
-		bw.writeBits(1, 1) /* isempty */
-		bw.jumpToByteBoundary()
+		writeBits(1, 1, storage_ix, storage) /* islast */
+		writeBits(1, 1, storage_ix, storage) /* isempty */
+		*storage_ix = (*storage_ix + 7) &^ 7
 		return
 	}
 
-	compressFragmentFastImpl(input, input_size, is_last, table, table_bits, cmd_depth, cmd_bits, cmd_code_numbits, cmd_code, bw)
+	compressFragmentFastImpl(input, input_size, is_last, table, table_bits, cmd_depth, cmd_bits, cmd_code_numbits, cmd_code, storage_ix, storage)
 
 	/* If output is larger than single uncompressed block, rewrite it. */
-	if bw.getPos()-initial_storage_ix > 31+(input_size<<3) {
-		emitUncompressedMetaBlock1(input[:input_size], initial_storage_ix, bw)
+	if *storage_ix-initial_storage_ix > 31+(input_size<<3) {
+		emitUncompressedMetaBlock1(input, input[input_size:], initial_storage_ix, storage_ix, storage)
 	}
 
 	if is_last {
-		bw.writeBits(1, 1) /* islast */
-		bw.writeBits(1, 1) /* isempty */
-		bw.jumpToByteBoundary()
+		writeBits(1, 1, storage_ix, storage) /* islast */
+		writeBits(1, 1, storage_ix, storage) /* isempty */
+		*storage_ix = (*storage_ix + 7) &^ 7
 	}
 }
diff --git a/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go b/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go
index 2473aca3fe..172dc7f460 100644
--- a/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go
+++ b/vendor/github.com/andybalholm/brotli/compress_fragment_two_pass.go
@@ -41,7 +41,7 @@ func isMatch1(p1 []byte, p2 []byte, length uint) bool {
 
 /* Builds a command and distance prefix code (each 64 symbols) into "depth" and
    "bits" based on "histogram" and stores it into the bit stream. */
-func buildAndStoreCommandPrefixCode(histogram []uint32, depth []byte, bits []uint16, bw *bitWriter) {
+func buildAndStoreCommandPrefixCode(histogram []uint32, depth []byte, bits []uint16, storage_ix *uint, storage []byte) {
 	var tree [129]huffmanTree
 	var cmd_depth = [numCommandSymbols]byte{0}
 	/* Tree size for building a tree over 64 symbols is 2 * 64 + 1. */
@@ -87,10 +87,10 @@ func buildAndStoreCommandPrefixCode(histogram []uint32, depth []byte, bits []uin
 			cmd_depth[448+8*i] = depth[16+i]
 		}
 
-		storeHuffmanTree(cmd_depth[:], numCommandSymbols, tree[:], bw)
+		storeHuffmanTree(cmd_depth[:], numCommandSymbols, tree[:], storage_ix, storage)
 	}
 
-	storeHuffmanTree(depth[64:], 64, tree[:], bw)
+	storeHuffmanTree(depth[64:], 64, tree[:], storage_ix, storage)
 }
 
 func emitInsertLen(insertlen uint32, commands *[]uint32) {
@@ -197,11 +197,11 @@ func emitDistance(distance uint32, commands *[]uint32) {
 }
 
 /* REQUIRES: len <= 1 << 24. */
-func storeMetaBlockHeader(len uint, is_uncompressed bool, bw *bitWriter) {
+func storeMetaBlockHeader(len uint, is_uncompressed bool, storage_ix *uint, storage []byte) {
 	var nibbles uint = 6
 
 	/* ISLAST */
-	bw.writeBits(1, 0)
+	writeBits(1, 0, storage_ix, storage)
 
 	if len <= 1<<16 {
 		nibbles = 4
@@ -209,11 +209,11 @@ func storeMetaBlockHeader(len uint, is_uncompressed bool, bw *bitWriter) {
 		nibbles = 5
 	}
 
-	bw.writeBits(2, uint64(nibbles)-4)
-	bw.writeBits(nibbles*4, uint64(len)-1)
+	writeBits(2, uint64(nibbles)-4, storage_ix, storage)
+	writeBits(nibbles*4, uint64(len)-1, storage_ix, storage)
 
 	/* ISUNCOMPRESSED */
-	bw.writeSingleBit(is_uncompressed)
+	writeSingleBit(is_uncompressed, storage_ix, storage)
 }
 
 func createCommands(input []byte, block_size uint, input_size uint, base_ip_ptr []byte, table []int, table_bits uint, min_match uint, literals *[]byte, commands *[]uint32) {
@@ -440,20 +440,163 @@ emit_remainder:
 }
 
 var storeCommands_kNumExtraBits = [128]uint32{
-	0, 0, 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 7, 8, 9, 10, 12, 14, 24,
-	0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4,
-	0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 7, 8, 9, 10, 24,
-	0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0,
-	1, 1, 2, 2, 3, 3, 4, 4, 5, 5, 6, 6, 7, 7, 8, 8,
-	9, 9, 10, 10, 11, 11, 12, 12, 13, 13, 14, 14, 15, 15, 16, 16,
-	17, 17, 18, 18, 19, 19, 20, 20, 21, 21, 22, 22, 23, 23, 24, 24,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	1,
+	1,
+	2,
+	2,
+	3,
+	3,
+	4,
+	4,
+	5,
+	5,
+	6,
+	7,
+	8,
+	9,
+	10,
+	12,
+	14,
+	24,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	1,
+	1,
+	2,
+	2,
+	3,
+	3,
+	4,
+	4,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	1,
+	1,
+	2,
+	2,
+	3,
+	3,
+	4,
+	4,
+	5,
+	5,
+	6,
+	7,
+	8,
+	9,
+	10,
+	24,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	0,
+	1,
+	1,
+	2,
+	2,
+	3,
+	3,
+	4,
+	4,
+	5,
+	5,
+	6,
+	6,
+	7,
+	7,
+	8,
+	8,
+	9,
+	9,
+	10,
+	10,
+	11,
+	11,
+	12,
+	12,
+	13,
+	13,
+	14,
+	14,
+	15,
+	15,
+	16,
+	16,
+	17,
+	17,
+	18,
+	18,
+	19,
+	19,
+	20,
+	20,
+	21,
+	21,
+	22,
+	22,
+	23,
+	23,
+	24,
+	24,
 }
 var storeCommands_kInsertOffset = [24]uint32{
-	0, 1, 2, 3, 4, 5, 6, 8, 10, 14, 18, 26, 34, 50, 66, 98, 130, 194, 322, 578,
-	1090, 2114, 6210, 22594,
+	0,
+	1,
+	2,
+	3,
+	4,
+	5,
+	6,
+	8,
+	10,
+	14,
+	18,
+	26,
+	34,
+	50,
+	66,
+	98,
+	130,
+	194,
+	322,
+	578,
+	1090,
+	2114,
+	6210,
+	22594,
 }
 
-func storeCommands(literals []byte, num_literals uint, commands []uint32, num_commands uint, bw *bitWriter) {
+func storeCommands(literals []byte, num_literals uint, commands []uint32, num_commands uint, storage_ix *uint, storage []byte) {
 	var lit_depths [256]byte
 	var lit_bits [256]uint16
 	var lit_histo = [256]uint32{0}
@@ -466,7 +609,7 @@ func storeCommands(literals []byte, num_literals uint, commands []uint32, num_co
 	}
 
 	buildAndStoreHuffmanTreeFast(lit_histo[:], num_literals, /* max_bits = */
-		8, lit_depths[:], lit_bits[:], bw)
+		8, lit_depths[:], lit_bits[:], storage_ix, storage)
 
 	for i = 0; i < num_commands; i++ {
 		var code uint32 = commands[i] & 0xFF
@@ -478,21 +621,21 @@ func storeCommands(literals []byte, num_literals uint, commands []uint32, num_co
 	cmd_histo[2] += 1
 	cmd_histo[64] += 1
 	cmd_histo[84] += 1
-	buildAndStoreCommandPrefixCode(cmd_histo[:], cmd_depths[:], cmd_bits[:], bw)
+	buildAndStoreCommandPrefixCode(cmd_histo[:], cmd_depths[:], cmd_bits[:], storage_ix, storage)
 
 	for i = 0; i < num_commands; i++ {
 		var cmd uint32 = commands[i]
 		var code uint32 = cmd & 0xFF
 		var extra uint32 = cmd >> 8
 		assert(code < 128)
-		bw.writeBits(uint(cmd_depths[code]), uint64(cmd_bits[code]))
-		bw.writeBits(uint(storeCommands_kNumExtraBits[code]), uint64(extra))
+		writeBits(uint(cmd_depths[code]), uint64(cmd_bits[code]), storage_ix, storage)
+		writeBits(uint(storeCommands_kNumExtraBits[code]), uint64(extra), storage_ix, storage)
 		if code < 24 {
 			var insert uint32 = storeCommands_kInsertOffset[code] + extra
 			var j uint32
 			for j = 0; j < insert; j++ {
 				var lit byte = literals[0]
-				bw.writeBits(uint(lit_depths[lit]), uint64(lit_bits[lit]))
+				writeBits(uint(lit_depths[lit]), uint64(lit_bits[lit]), storage_ix, storage)
 				literals = literals[1:]
 			}
 		}
@@ -520,13 +663,22 @@ func shouldCompress(input []byte, input_size uint, num_literals uint) bool {
 	}
 }
 
-func emitUncompressedMetaBlock(input []byte, input_size uint, bw *bitWriter) {
-	storeMetaBlockHeader(input_size, true, bw)
-	bw.jumpToByteBoundary()
-	bw.writeBytes(input[:input_size])
+func rewindBitPosition(new_storage_ix uint, storage_ix *uint, storage []byte) {
+	var bitpos uint = new_storage_ix & 7
+	var mask uint = (1 << bitpos) - 1
+	storage[new_storage_ix>>3] &= byte(mask)
+	*storage_ix = new_storage_ix
 }
 
-func compressFragmentTwoPassImpl(input []byte, input_size uint, is_last bool, command_buf []uint32, literal_buf []byte, table []int, table_bits uint, min_match uint, bw *bitWriter) {
+func emitUncompressedMetaBlock(input []byte, input_size uint, storage_ix *uint, storage []byte) {
+	storeMetaBlockHeader(input_size, true, storage_ix, storage)
+	*storage_ix = (*storage_ix + 7) &^ 7
+	copy(storage[*storage_ix>>3:], input[:input_size])
+	*storage_ix += input_size << 3
+	storage[*storage_ix>>3] = 0
+}
+
+func compressFragmentTwoPassImpl(input []byte, input_size uint, is_last bool, command_buf []uint32, literal_buf []byte, table []int, table_bits uint, min_match uint, storage_ix *uint, storage []byte) {
 	/* Save the start of the first block for position and distance computations.
 	 */
 	var base_ip []byte = input
@@ -540,17 +692,17 @@ func compressFragmentTwoPassImpl(input []byte, input_size uint, is_last bool, co
 		num_literals = uint(-cap(literals) + cap(literal_buf))
 		if shouldCompress(input, block_size, num_literals) {
 			var num_commands uint = uint(-cap(commands) + cap(command_buf))
-			storeMetaBlockHeader(block_size, false, bw)
+			storeMetaBlockHeader(block_size, false, storage_ix, storage)
 
 			/* No block splits, no contexts. */
-			bw.writeBits(13, 0)
+			writeBits(13, 0, storage_ix, storage)
 
-			storeCommands(literal_buf, num_literals, command_buf, num_commands, bw)
+			storeCommands(literal_buf, num_literals, command_buf, num_commands, storage_ix, storage)
 		} else {
 			/* Since we did not find many backward references and the entropy of
 			   the data is close to 8 bits, we can simply emit an uncompressed block.
 			   This makes compression speed of uncompressible data about 3x faster. */
-			emitUncompressedMetaBlock(input, block_size, bw)
+			emitUncompressedMetaBlock(input, block_size, storage_ix, storage)
 		}
 
 		input = input[block_size:]
@@ -558,7 +710,8 @@ func compressFragmentTwoPassImpl(input []byte, input_size uint, is_last bool, co
 	}
 }
 
-/* Compresses "input" string to bw as one or more complete meta-blocks.
+/* Compresses "input" string to the "*storage" buffer as one or more complete
+   meta-blocks, and updates the "*storage_ix" bit position.
 
    If "is_last" is 1, emits an additional empty last meta-block.
 
@@ -570,8 +723,8 @@ func compressFragmentTwoPassImpl(input []byte, input_size uint, is_last bool, co
    REQUIRES: "table_size" is a power of two
    OUTPUT: maximal copy distance <= |input_size|
    OUTPUT: maximal copy distance <= BROTLI_MAX_BACKWARD_LIMIT(18) */
-func compressFragmentTwoPass(input []byte, input_size uint, is_last bool, command_buf []uint32, literal_buf []byte, table []int, table_size uint, bw *bitWriter) {
-	var initial_storage_ix uint = bw.getPos()
+func compressFragmentTwoPass(input []byte, input_size uint, is_last bool, command_buf []uint32, literal_buf []byte, table []int, table_size uint, storage_ix *uint, storage []byte) {
+	var initial_storage_ix uint = *storage_ix
 	var table_bits uint = uint(log2FloorNonZero(table_size))
 	var min_match uint
 	if table_bits <= 15 {
@@ -579,17 +732,17 @@ func compressFragmentTwoPass(input []byte, input_size uint, is_last bool, comman
 	} else {
 		min_match = 6
 	}
-	compressFragmentTwoPassImpl(input, input_size, is_last, command_buf, literal_buf, table, table_bits, min_match, bw)
+	compressFragmentTwoPassImpl(input, input_size, is_last, command_buf, literal_buf, table, table_bits, min_match, storage_ix, storage)
 
 	/* If output is larger than single uncompressed block, rewrite it. */
-	if bw.getPos()-initial_storage_ix > 31+(input_size<<3) {
-		bw.rewind(initial_storage_ix)
-		emitUncompressedMetaBlock(input, input_size, bw)
+	if *storage_ix-initial_storage_ix > 31+(input_size<<3) {
+		rewindBitPosition(initial_storage_ix, storage_ix, storage)
+		emitUncompressedMetaBlock(input, input_size, storage_ix, storage)
 	}
 
 	if is_last {
-		bw.writeBits(1, 1) /* islast */
-		bw.writeBits(1, 1) /* isempty */
-		bw.jumpToByteBoundary()
+		writeBits(1, 1, storage_ix, storage) /* islast */
+		writeBits(1, 1, storage_ix, storage) /* isempty */
+		*storage_ix = (*storage_ix + 7) &^ 7
 	}
 }
diff --git a/vendor/github.com/andybalholm/brotli/encode.go b/vendor/github.com/andybalholm/brotli/encode.go
index 3abaf571af..8f9eaa4216 100644
--- a/vendor/github.com/andybalholm/brotli/encode.go
+++ b/vendor/github.com/andybalholm/brotli/encode.go
@@ -87,9 +87,11 @@ type Writer struct {
 	last_processed_pos_ uint64
 	dist_cache_         [numDistanceShortCodes]int
 	saved_dist_cache_   [4]int
+	last_bytes_         uint16
+	last_bytes_bits_    byte
 	prev_byte_          byte
 	prev_byte2_         byte
-	bw                  bitWriter
+	storage             []byte
 	small_table_        [1 << 10]int
 	large_table_        []int
 	large_table_size_   uint
@@ -139,6 +141,14 @@ func wrapPosition(position uint64) uint32 {
 	return result
 }
 
+func (s *Writer) getStorage(size int) []byte {
+	if len(s.storage) < size {
+		s.storage = make([]byte, size)
+	}
+
+	return s.storage
+}
+
 func hashTableSize(max_table_size uint, input_size uint) uint {
 	var htsize uint = 256
 	for htsize < max_table_size && htsize < input_size {
@@ -184,18 +194,23 @@ func getHashTable(s *Writer, quality int, input_size uint, table_size *uint) []i
 	return table
 }
 
-func encodeWindowBits(lgwin int, large_window bool, bw *bitWriter) {
+func encodeWindowBits(lgwin int, large_window bool, last_bytes *uint16, last_bytes_bits *byte) {
 	if large_window {
-		bw.writeBits(14, uint64((lgwin&0x3F)<<8|0x11))
+		*last_bytes = uint16((lgwin&0x3F)<<8 | 0x11)
+		*last_bytes_bits = 14
 	} else {
 		if lgwin == 16 {
-			bw.writeBits(1, 0)
+			*last_bytes = 0
+			*last_bytes_bits = 1
 		} else if lgwin == 17 {
-			bw.writeBits(7, 1)
+			*last_bytes = 1
+			*last_bytes_bits = 7
 		} else if lgwin > 17 {
-			bw.writeBits(4, uint64((lgwin-17)<<1|0x01))
+			*last_bytes = uint16((lgwin-17)<<1 | 0x01)
+			*last_bytes_bits = 4
 		} else {
-			bw.writeBits(7, uint64((lgwin-8)<<4|0x01))
+			*last_bytes = uint16((lgwin-8)<<4 | 0x01)
+			*last_bytes_bits = 7
 		}
 	}
 }
@@ -417,15 +432,18 @@ func chooseContextMode(params *encoderParams, data []byte, pos uint, mask uint,
 	return contextUTF8
 }
 
-func writeMetaBlockInternal(data []byte, mask uint, last_flush_pos uint64, bytes uint, is_last bool, literal_context_mode int, params *encoderParams, prev_byte byte, prev_byte2 byte, num_literals uint, commands []command, saved_dist_cache []int, dist_cache []int, bw *bitWriter) {
+func writeMetaBlockInternal(data []byte, mask uint, last_flush_pos uint64, bytes uint, is_last bool, literal_context_mode int, params *encoderParams, prev_byte byte, prev_byte2 byte, num_literals uint, commands []command, saved_dist_cache []int, dist_cache []int, storage_ix *uint, storage []byte) {
 	var wrapped_last_flush_pos uint32 = wrapPosition(last_flush_pos)
+	var last_bytes uint16
+	var last_bytes_bits byte
 	var literal_context_lut contextLUT = getContextLUT(literal_context_mode)
 	var block_params encoderParams = *params
 
 	if bytes == 0 {
 		/* Write the ISLAST and ISEMPTY bits. */
-		bw.writeBits(2, 3)
-		bw.jumpToByteBoundary()
+		writeBits(2, 3, storage_ix, storage)
+
+		*storage_ix = (*storage_ix + 7) &^ 7
 		return
 	}
 
@@ -434,15 +452,17 @@ func writeMetaBlockInternal(data []byte, mask uint, last_flush_pos uint64, bytes
 		   CreateBackwardReferences is now unused. */
 		copy(dist_cache, saved_dist_cache[:4])
 
-		storeUncompressedMetaBlock(is_last, data, uint(wrapped_last_flush_pos), mask, bytes, bw)
+		storeUncompressedMetaBlock(is_last, data, uint(wrapped_last_flush_pos), mask, bytes, storage_ix, storage)
 		return
 	}
 
-	savedPos := bw.getPos()
+	assert(*storage_ix <= 14)
+	last_bytes = uint16(storage[1])<<8 | uint16(storage[0])
+	last_bytes_bits = byte(*storage_ix)
 	if params.quality <= maxQualityForStaticEntropyCodes {
-		storeMetaBlockFast(data, uint(wrapped_last_flush_pos), bytes, mask, is_last, params, commands, bw)
+		storeMetaBlockFast(data, uint(wrapped_last_flush_pos), bytes, mask, is_last, params, commands, storage_ix, storage)
 	} else if params.quality < minQualityForBlockSplit {
-		storeMetaBlockTrivial(data, uint(wrapped_last_flush_pos), bytes, mask, is_last, params, commands, bw)
+		storeMetaBlockTrivial(data, uint(wrapped_last_flush_pos), bytes, mask, is_last, params, commands, storage_ix, storage)
 	} else {
 		mb := getMetaBlockSplit()
 		if params.quality < minQualityForHqBlockSplitting {
@@ -469,15 +489,18 @@ func writeMetaBlockInternal(data []byte, mask uint, last_flush_pos uint64, bytes
 			optimizeHistograms(num_effective_dist_codes, mb)
 		}
 
-		storeMetaBlock(data, uint(wrapped_last_flush_pos), bytes, mask, prev_byte, prev_byte2, is_last, &block_params, literal_context_mode, commands, mb, bw)
+		storeMetaBlock(data, uint(wrapped_last_flush_pos), bytes, mask, prev_byte, prev_byte2, is_last, &block_params, literal_context_mode, commands, mb, storage_ix, storage)
 		freeMetaBlockSplit(mb)
 	}
 
-	if bytes+4 < bw.getPos()>>3 {
+	if bytes+4 < *storage_ix>>3 {
 		/* Restore the distance cache and last byte. */
 		copy(dist_cache, saved_dist_cache[:4])
-		bw.rewind(savedPos)
-		storeUncompressedMetaBlock(is_last, data, uint(wrapped_last_flush_pos), mask, bytes, bw)
+
+		storage[0] = byte(last_bytes)
+		storage[1] = byte(last_bytes >> 8)
+		*storage_ix = uint(last_bytes_bits)
+		storeUncompressedMetaBlock(is_last, data, uint(wrapped_last_flush_pos), mask, bytes, storage_ix, storage)
 	}
 }
 
@@ -510,10 +533,8 @@ func ensureInitialized(s *Writer) bool {
 		return true
 	}
 
-	s.bw.bits = 0
-	s.bw.nbits = 0
-	s.bw.dst = s.bw.dst[:0]
-
+	s.last_bytes_bits_ = 0
+	s.last_bytes_ = 0
 	s.remaining_metadata_bytes_ = math.MaxUint32
 
 	sanitizeParams(&s.params)
@@ -529,7 +550,7 @@ func ensureInitialized(s *Writer) bool {
 			lgwin = brotli_max_int(lgwin, 18)
 		}
 
-		encodeWindowBits(lgwin, s.params.large_window, &s.bw)
+		encodeWindowBits(lgwin, s.params.large_window, &s.last_bytes_, &s.last_bytes_bits_)
 	}
 
 	if s.params.quality == fastOnePassCompressionQuality {
@@ -761,6 +782,8 @@ func encodeData(s *Writer, is_last bool, force_flush bool) bool {
 	}
 
 	if s.params.quality == fastOnePassCompressionQuality || s.params.quality == fastTwoPassCompressionQuality {
+		var storage []byte
+		var storage_ix uint = uint(s.last_bytes_bits_)
 		var table_size uint
 		var table []int
 
@@ -770,16 +793,20 @@ func encodeData(s *Writer, is_last bool, force_flush bool) bool {
 			return true
 		}
 
+		storage = s.getStorage(int(2*bytes + 503))
+		storage[0] = byte(s.last_bytes_)
+		storage[1] = byte(s.last_bytes_ >> 8)
 		table = getHashTable(s, s.params.quality, uint(bytes), &table_size)
 		if s.params.quality == fastOnePassCompressionQuality {
-			compressFragmentFast(data[wrapped_last_processed_pos&mask:], uint(bytes), is_last, table, table_size, s.cmd_depths_[:], s.cmd_bits_[:], &s.cmd_code_numbits_, s.cmd_code_[:], &s.bw)
+			compressFragmentFast(data[wrapped_last_processed_pos&mask:], uint(bytes), is_last, table, table_size, s.cmd_depths_[:], s.cmd_bits_[:], &s.cmd_code_numbits_, s.cmd_code_[:], &storage_ix, storage)
 		} else {
-			compressFragmentTwoPass(data[wrapped_last_processed_pos&mask:], uint(bytes), is_last, s.command_buf_, s.literal_buf_, table, table_size, &s.bw)
+			compressFragmentTwoPass(data[wrapped_last_processed_pos&mask:], uint(bytes), is_last, s.command_buf_, s.literal_buf_, table, table_size, &storage_ix, storage)
 		}
 
+		s.last_bytes_ = uint16(storage[storage_ix>>3])
+		s.last_bytes_bits_ = byte(storage_ix & 7)
 		updateLastProcessedPos(s)
-		s.writeOutput(s.bw.dst)
-		s.bw.dst = s.bw.dst[:0]
+		s.writeOutput(storage[:storage_ix>>3])
 		return true
 	}
 	{
@@ -856,7 +883,13 @@ func encodeData(s *Writer, is_last bool, force_flush bool) bool {
 	assert(s.input_pos_-s.last_flush_pos_ <= 1<<24)
 	{
 		var metablock_size uint32 = uint32(s.input_pos_ - s.last_flush_pos_)
-		writeMetaBlockInternal(data, uint(mask), s.last_flush_pos_, uint(metablock_size), is_last, literal_context_mode, &s.params, s.prev_byte_, s.prev_byte2_, s.num_literals_, s.commands, s.saved_dist_cache_[:], s.dist_cache_[:], &s.bw)
+		var storage []byte = s.getStorage(int(2*metablock_size + 503))
+		var storage_ix uint = uint(s.last_bytes_bits_)
+		storage[0] = byte(s.last_bytes_)
+		storage[1] = byte(s.last_bytes_ >> 8)
+		writeMetaBlockInternal(data, uint(mask), s.last_flush_pos_, uint(metablock_size), is_last, literal_context_mode, &s.params, s.prev_byte_, s.prev_byte2_, s.num_literals_, s.commands, s.saved_dist_cache_[:], s.dist_cache_[:], &storage_ix, storage)
+		s.last_bytes_ = uint16(storage[storage_ix>>3])
+		s.last_bytes_bits_ = byte(storage_ix & 7)
 		s.last_flush_pos_ = s.input_pos_
 		if updateLastProcessedPos(s) {
 			hasherReset(s.hasher_)
@@ -877,22 +910,28 @@ func encodeData(s *Writer, is_last bool, force_flush bool) bool {
 		   emitting an uncompressed block. */
 		copy(s.saved_dist_cache_[:], s.dist_cache_[:])
 
-		s.writeOutput(s.bw.dst)
-		s.bw.dst = s.bw.dst[:0]
+		s.writeOutput(storage[:storage_ix>>3])
 		return true
 	}
 }
 
-/* Dumps remaining output bits and metadata header to s.bw.
+/* Dumps remaining output bits and metadata header to |header|.
+   Returns number of produced bytes.
+   REQUIRED: |header| should be 8-byte aligned and at least 16 bytes long.
    REQUIRED: |block_size| <= (1 << 24). */
-func writeMetadataHeader(s *Writer, block_size uint) {
-	bw := &s.bw
-
-	bw.writeBits(1, 0)
-	bw.writeBits(2, 3)
-	bw.writeBits(1, 0)
+func writeMetadataHeader(s *Writer, block_size uint, header []byte) uint {
+	var storage_ix uint
+	storage_ix = uint(s.last_bytes_bits_)
+	header[0] = byte(s.last_bytes_)
+	header[1] = byte(s.last_bytes_ >> 8)
+	s.last_bytes_ = 0
+	s.last_bytes_bits_ = 0
+
+	writeBits(1, 0, &storage_ix, header)
+	writeBits(2, 3, &storage_ix, header)
+	writeBits(1, 0, &storage_ix, header)
 	if block_size == 0 {
-		bw.writeBits(2, 0)
+		writeBits(2, 0, &storage_ix, header)
 	} else {
 		var nbits uint32
 		if block_size == 1 {
@@ -901,19 +940,34 @@ func writeMetadataHeader(s *Writer, block_size uint) {
 			nbits = log2FloorNonZero(uint(uint32(block_size)-1)) + 1
 		}
 		var nbytes uint32 = (nbits + 7) / 8
-		bw.writeBits(2, uint64(nbytes))
-		bw.writeBits(uint(8*nbytes), uint64(block_size)-1)
+		writeBits(2, uint64(nbytes), &storage_ix, header)
+		writeBits(uint(8*nbytes), uint64(block_size)-1, &storage_ix, header)
 	}
 
-	bw.jumpToByteBoundary()
+	return (storage_ix + 7) >> 3
 }
 
 func injectBytePaddingBlock(s *Writer) {
+	var seal uint32 = uint32(s.last_bytes_)
+	var seal_bits uint = uint(s.last_bytes_bits_)
+	s.last_bytes_ = 0
+	s.last_bytes_bits_ = 0
+
 	/* is_last = 0, data_nibbles = 11, reserved = 0, meta_nibbles = 00 */
-	s.bw.writeBits(6, 0x6)
-	s.bw.jumpToByteBoundary()
-	s.writeOutput(s.bw.dst)
-	s.bw.dst = s.bw.dst[:0]
+	seal |= 0x6 << seal_bits
+
+	seal_bits += 6
+
+	destination := s.tiny_buf_.u8[:]
+
+	destination[0] = byte(seal)
+	if seal_bits > 8 {
+		destination[1] = byte(seal >> 8)
+	}
+	if seal_bits > 16 {
+		destination[2] = byte(seal >> 16)
+	}
+	s.writeOutput(destination[:(seal_bits+7)>>3])
 }
 
 func checkFlushComplete(s *Writer) {
@@ -945,7 +999,7 @@ func encoderCompressStreamFast(s *Writer, op int, available_in *uint, next_in *[
 	}
 
 	for {
-		if s.stream_state_ == streamFlushRequested && s.bw.nbits&7 != 0 {
+		if s.stream_state_ == streamFlushRequested && s.last_bytes_bits_ != 0 {
 			injectBytePaddingBlock(s)
 			continue
 		}
@@ -957,6 +1011,9 @@ func encoderCompressStreamFast(s *Writer, op int, available_in *uint, next_in *[
 			var block_size uint = brotli_min_size_t(block_size_limit, *available_in)
 			var is_last bool = (*available_in == block_size) && (op == int(operationFinish))
 			var force_flush bool = (*available_in == block_size) && (op == int(operationFlush))
+			var max_out_size uint = 2*block_size + 503
+			var storage []byte = nil
+			var storage_ix uint = uint(s.last_bytes_bits_)
 			var table_size uint
 			var table []int
 
@@ -965,18 +1022,25 @@ func encoderCompressStreamFast(s *Writer, op int, available_in *uint, next_in *[
 				continue
 			}
 
+			storage = s.getStorage(int(max_out_size))
+
+			storage[0] = byte(s.last_bytes_)
+			storage[1] = byte(s.last_bytes_ >> 8)
 			table = getHashTable(s, s.params.quality, block_size, &table_size)
 
 			if s.params.quality == fastOnePassCompressionQuality {
-				compressFragmentFast(*next_in, block_size, is_last, table, table_size, s.cmd_depths_[:], s.cmd_bits_[:], &s.cmd_code_numbits_, s.cmd_code_[:], &s.bw)
+				compressFragmentFast(*next_in, block_size, is_last, table, table_size, s.cmd_depths_[:], s.cmd_bits_[:], &s.cmd_code_numbits_, s.cmd_code_[:], &storage_ix, storage)
 			} else {
-				compressFragmentTwoPass(*next_in, block_size, is_last, command_buf, literal_buf, table, table_size, &s.bw)
+				compressFragmentTwoPass(*next_in, block_size, is_last, command_buf, literal_buf, table, table_size, &storage_ix, storage)
 			}
 
 			*next_in = (*next_in)[block_size:]
 			*available_in -= block_size
-			s.writeOutput(s.bw.dst)
-			s.bw.dst = s.bw.dst[:0]
+			var out_bytes uint = storage_ix >> 3
+			s.writeOutput(storage[:out_bytes])
+
+			s.last_bytes_ = uint16(storage[storage_ix>>3])
+			s.last_bytes_bits_ = byte(storage_ix & 7)
 
 			if force_flush {
 				s.stream_state_ = streamFlushRequested
@@ -1010,7 +1074,7 @@ func processMetadata(s *Writer, available_in *uint, next_in *[]byte) bool {
 	}
 
 	for {
-		if s.stream_state_ == streamFlushRequested && s.bw.nbits&7 != 0 {
+		if s.stream_state_ == streamFlushRequested && s.last_bytes_bits_ != 0 {
 			injectBytePaddingBlock(s)
 			continue
 		}
@@ -1024,9 +1088,8 @@ func processMetadata(s *Writer, available_in *uint, next_in *[]byte) bool {
 		}
 
 		if s.stream_state_ == streamMetadataHead {
-			writeMetadataHeader(s, uint(s.remaining_metadata_bytes_))
-			s.writeOutput(s.bw.dst)
-			s.bw.dst = s.bw.dst[:0]
+			n := writeMetadataHeader(s, uint(s.remaining_metadata_bytes_), s.tiny_buf_.u8[:])
+			s.writeOutput(s.tiny_buf_.u8[:n])
 			s.stream_state_ = streamMetadataBody
 			continue
 		} else {
@@ -1112,7 +1175,7 @@ func encoderCompressStream(s *Writer, op int, available_in *uint, next_in *[]byt
 			continue
 		}
 
-		if s.stream_state_ == streamFlushRequested && s.bw.nbits&7 != 0 {
+		if s.stream_state_ == streamFlushRequested && s.last_bytes_bits_ != 0 {
 			injectBytePaddingBlock(s)
 			continue
 		}
diff --git a/vendor/github.com/andybalholm/brotli/entropy_encode_static.go b/vendor/github.com/andybalholm/brotli/entropy_encode_static.go
index 2543f8f07d..5ddf3fcbae 100644
--- a/vendor/github.com/andybalholm/brotli/entropy_encode_static.go
+++ b/vendor/github.com/andybalholm/brotli/entropy_encode_static.go
@@ -778,9 +778,8 @@ var kStaticDistanceCodeDepth = [64]byte{
 
 var kCodeLengthBits = [18]uint32{0, 8, 4, 12, 2, 10, 6, 14, 1, 9, 5, 13, 3, 15, 31, 0, 11, 7}
 
-func storeStaticCodeLengthCode(bw *bitWriter) {
-	bw.writeBits(32, 0x55555554)
-	bw.writeBits(8, 0xFF)
+func storeStaticCodeLengthCode(storage_ix *uint, storage []byte) {
+	writeBits(40, 0x0000FF55555554, storage_ix, storage)
 }
 
 var kZeroRepsBits = [numCommandSymbols]uint64{
@@ -4318,10 +4317,9 @@ var kStaticCommandCodeBits = [numCommandSymbols]uint16{
 	2047,
 }
 
-func storeStaticCommandHuffmanTree(bw *bitWriter) {
-	bw.writeBits(32, 0x16307003)
-	bw.writeBits(24, 0x926244)
-	bw.writeBits(3, 0x00000000)
+func storeStaticCommandHuffmanTree(storage_ix *uint, storage []byte) {
+	writeBits(56, 0x92624416307003, storage_ix, storage)
+	writeBits(3, 0x00000000, storage_ix, storage)
 }
 
 var kStaticDistanceCodeBits = [64]uint16{
@@ -4391,6 +4389,6 @@ var kStaticDistanceCodeBits = [64]uint16{
 	63,
 }
 
-func storeStaticDistanceHuffmanTree(bw *bitWriter) {
-	bw.writeBits(28, 0x0369DC03)
+func storeStaticDistanceHuffmanTree(storage_ix *uint, storage []byte) {
+	writeBits(28, 0x0369DC03, storage_ix, storage)
 }
diff --git a/vendor/github.com/andybalholm/brotli/go.mod b/vendor/github.com/andybalholm/brotli/go.mod
index 8e609842f3..1c94232c74 100644
--- a/vendor/github.com/andybalholm/brotli/go.mod
+++ b/vendor/github.com/andybalholm/brotli/go.mod
@@ -1,3 +1,5 @@
 module github.com/andybalholm/brotli
 
 go 1.12
+
+retract v1.0.1 // occasional panics and data corruption
diff --git a/vendor/github.com/andybalholm/brotli/reader.go b/vendor/github.com/andybalholm/brotli/reader.go
index 5c795e6e9e..cdc67645a8 100644
--- a/vendor/github.com/andybalholm/brotli/reader.go
+++ b/vendor/github.com/andybalholm/brotli/reader.go
@@ -33,7 +33,9 @@ func NewReader(src io.Reader) *Reader {
 func (r *Reader) Reset(src io.Reader) error {
 	decoderStateInit(r)
 	r.src = src
-	r.buf = make([]byte, readBufSize)
+	if r.buf == nil {
+		r.buf = make([]byte, readBufSize)
+	}
 	return nil
 }
 
diff --git a/vendor/github.com/andybalholm/brotli/write_bits.go b/vendor/github.com/andybalholm/brotli/write_bits.go
index 2d216d7ccd..8729901198 100644
--- a/vendor/github.com/andybalholm/brotli/write_bits.go
+++ b/vendor/github.com/andybalholm/brotli/write_bits.go
@@ -1,5 +1,7 @@
 package brotli
 
+import "encoding/binary"
+
 /* Copyright 2010 Google Inc. All Rights Reserved.
 
    Distributed under MIT license.
@@ -8,87 +10,43 @@ package brotli
 
 /* Write bits into a byte array. */
 
-type bitWriter struct {
-	dst []byte
-
-	// Data waiting to be written is the low nbits of bits.
-	bits  uint64
-	nbits uint
-}
+/* This function writes bits into bytes in increasing addresses, and within
+   a byte least-significant-bit first.
 
-func (w *bitWriter) writeBits(nb uint, b uint64) {
-	w.bits |= b << w.nbits
-	w.nbits += nb
-	if w.nbits >= 32 {
-		bits := w.bits
-		w.bits >>= 32
-		w.nbits -= 32
-		w.dst = append(w.dst,
-			byte(bits),
-			byte(bits>>8),
-			byte(bits>>16),
-			byte(bits>>24),
-		)
-	}
-}
+   The function can write up to 56 bits in one go with WriteBits
+   Example: let's assume that 3 bits (Rs below) have been written already:
 
-func (w *bitWriter) writeSingleBit(bit bool) {
-	if bit {
-		w.writeBits(1, 1)
-	} else {
-		w.writeBits(1, 0)
-	}
-}
+   BYTE-0     BYTE+1       BYTE+2
 
-func (w *bitWriter) jumpToByteBoundary() {
-	dst := w.dst
-	for w.nbits != 0 {
-		dst = append(dst, byte(w.bits))
-		w.bits >>= 8
-		if w.nbits > 8 { // Avoid underflow
-			w.nbits -= 8
-		} else {
-			w.nbits = 0
-		}
-	}
-	w.bits = 0
-	w.dst = dst
-}
+   0000 0RRR    0000 0000    0000 0000
 
-func (w *bitWriter) writeBytes(b []byte) {
-	if w.nbits&7 != 0 {
-		panic("writeBytes with unfinished bits")
-	}
-	for w.nbits != 0 {
-		w.dst = append(w.dst, byte(w.bits))
-		w.bits >>= 8
-		w.nbits -= 8
-	}
-	w.dst = append(w.dst, b...)
-}
+   Now, we could write 5 or less bits in MSB by just sifting by 3
+   and OR'ing to BYTE-0.
 
-func (w *bitWriter) getPos() uint {
-	return uint(len(w.dst)<<3) + w.nbits
+   For n bits, we take the last 5 bits, OR that with high bits in BYTE-0,
+   and locate the rest in BYTE+1, BYTE+2, etc. */
+func writeBits(n_bits uint, bits uint64, pos *uint, array []byte) {
+	/* This branch of the code can write up to 56 bits at a time,
+	   7 bits are lost by being perhaps already in *p and at least
+	   1 bit is needed to initialize the bit-stream ahead (i.e. if 7
+	   bits are in *p and we write 57 bits, then the next write will
+	   access a byte that was never initialized). */
+	p := array[*pos>>3:]
+	v := uint64(p[0])
+	v |= bits << (*pos & 7)
+	binary.LittleEndian.PutUint64(p, v)
+	*pos += n_bits
 }
 
-func (w *bitWriter) rewind(p uint) {
-	w.bits = uint64(w.dst[p>>3] & byte((1<<(p&7))-1))
-	w.nbits = p & 7
-	w.dst = w.dst[:p>>3]
+func writeSingleBit(bit bool, pos *uint, array []byte) {
+	if bit {
+		writeBits(1, 1, pos, array)
+	} else {
+		writeBits(1, 0, pos, array)
+	}
 }
 
-func (w *bitWriter) updateBits(n_bits uint, bits uint32, pos uint) {
-	for n_bits > 0 {
-		var byte_pos uint = pos >> 3
-		var n_unchanged_bits uint = pos & 7
-		var n_changed_bits uint = brotli_min_size_t(n_bits, 8-n_unchanged_bits)
-		var total_bits uint = n_unchanged_bits + n_changed_bits
-		var mask uint32 = (^((1 << total_bits) - 1)) | ((1 << n_unchanged_bits) - 1)
-		var unchanged_bits uint32 = uint32(w.dst[byte_pos]) & mask
-		var changed_bits uint32 = bits & ((1 << n_changed_bits) - 1)
-		w.dst[byte_pos] = byte(changed_bits<<n_unchanged_bits | unchanged_bits)
-		n_bits -= n_changed_bits
-		bits >>= n_changed_bits
-		pos += n_changed_bits
-	}
+func writeBitsPrepareStorage(pos uint, array []byte) {
+	assert(pos&7 == 0)
+	array[pos>>3] = 0
 }
diff --git a/vendor/github.com/andybalholm/cascadia/go.mod b/vendor/github.com/andybalholm/cascadia/go.mod
index e6febbbfed..51a330b500 100644
--- a/vendor/github.com/andybalholm/cascadia/go.mod
+++ b/vendor/github.com/andybalholm/cascadia/go.mod
@@ -1,3 +1,5 @@
-module "github.com/andybalholm/cascadia"
+module github.com/andybalholm/cascadia
 
-require "golang.org/x/net" v0.0.0-20180218175443-cbe0f9307d01
+require golang.org/x/net v0.0.0-20180218175443-cbe0f9307d01
+
+go 1.13
diff --git a/vendor/github.com/andybalholm/cascadia/parser.go b/vendor/github.com/andybalholm/cascadia/parser.go
index 4f8810e3ef..c40a39fed1 100644
--- a/vendor/github.com/andybalholm/cascadia/parser.go
+++ b/vendor/github.com/andybalholm/cascadia/parser.go
@@ -13,6 +13,10 @@ import (
 type parser struct {
 	s string // the source text
 	i int    // the current position
+
+	// if `false`, parsing a pseudo-element
+	// returns an error.
+	acceptPseudoElements bool
 }
 
 // parseEscape parses a backslash escape.
@@ -29,7 +33,7 @@ func (p *parser) parseEscape() (result string, err error) {
 	case hexDigit(c):
 		// unicode escape (hex)
 		var i int
-		for i = start; i < p.i+6 && i < len(p.s) && hexDigit(p.s[i]); i++ {
+		for i = start; i < start+6 && i < len(p.s) && hexDigit(p.s[i]); i++ {
 			// empty
 		}
 		v, _ := strconv.ParseUint(p.s[start:i], 16, 21)
@@ -422,17 +426,25 @@ var errExpectedParenthesis = errors.New("expected '(' but didn't find it")
 var errExpectedClosingParenthesis = errors.New("expected ')' but didn't find it")
 var errUnmatchedParenthesis = errors.New("unmatched '('")
 
-// parsePseudoclassSelector parses a pseudoclass selector like :not(p)
-func (p *parser) parsePseudoclassSelector() (out Sel, err error) {
+// parsePseudoclassSelector parses a pseudoclass selector like :not(p) or a pseudo-element
+// For backwards compatibility, both ':' and '::' prefix are allowed for pseudo-elements.
+// https://drafts.csswg.org/selectors-3/#pseudo-elements
+// Returning a nil `Sel` (and a nil `error`) means we found a pseudo-element.
+func (p *parser) parsePseudoclassSelector() (out Sel, pseudoElement string, err error) {
 	if p.i >= len(p.s) {
-		return nil, fmt.Errorf("expected pseudoclass selector (:pseudoclass), found EOF instead")
+		return nil, "", fmt.Errorf("expected pseudoclass selector (:pseudoclass), found EOF instead")
 	}
 	if p.s[p.i] != ':' {
-		return nil, fmt.Errorf("expected attribute selector (:pseudoclass), found '%c' instead", p.s[p.i])
+		return nil, "", fmt.Errorf("expected attribute selector (:pseudoclass), found '%c' instead", p.s[p.i])
 	}
 
 	p.i++
+	var mustBePseudoElement bool
+	if p.i >= len(p.s) {
+		return nil, "", fmt.Errorf("got empty pseudoclass (or pseudoelement)")
+	}
 	if p.s[p.i] == ':' { // we found a pseudo-element
+		mustBePseudoElement = true
 		p.i++
 	}
 
@@ -441,27 +453,33 @@ func (p *parser) parsePseudoclassSelector() (out Sel, err error) {
 		return
 	}
 	name = toLowerASCII(name)
+	if mustBePseudoElement && (name != "after" && name != "backdrop" && name != "before" &&
+		name != "cue" && name != "first-letter" && name != "first-line" && name != "grammar-error" &&
+		name != "marker" && name != "placeholder" && name != "selection" && name != "spelling-error") {
+		return out, "", fmt.Errorf("unknown pseudoelement :%s", name)
+	}
+
 	switch name {
 	case "not", "has", "haschild":
 		if !p.consumeParenthesis() {
-			return out, errExpectedParenthesis
+			return out, "", errExpectedParenthesis
 		}
 		sel, parseErr := p.parseSelectorGroup()
 		if parseErr != nil {
-			return out, parseErr
+			return out, "", parseErr
 		}
 		if !p.consumeClosingParenthesis() {
-			return out, errExpectedClosingParenthesis
+			return out, "", errExpectedClosingParenthesis
 		}
 
 		out = relativePseudoClassSelector{name: name, match: sel}
 
 	case "contains", "containsown":
 		if !p.consumeParenthesis() {
-			return out, errExpectedParenthesis
+			return out, "", errExpectedParenthesis
 		}
 		if p.i == len(p.s) {
-			return out, errUnmatchedParenthesis
+			return out, "", errUnmatchedParenthesis
 		}
 		var val string
 		switch p.s[p.i] {
@@ -471,46 +489,46 @@ func (p *parser) parsePseudoclassSelector() (out Sel, err error) {
 			val, err = p.parseIdentifier()
 		}
 		if err != nil {
-			return out, err
+			return out, "", err
 		}
 		val = strings.ToLower(val)
 		p.skipWhitespace()
 		if p.i >= len(p.s) {
-			return out, errors.New("unexpected EOF in pseudo selector")
+			return out, "", errors.New("unexpected EOF in pseudo selector")
 		}
 		if !p.consumeClosingParenthesis() {
-			return out, errExpectedClosingParenthesis
+			return out, "", errExpectedClosingParenthesis
 		}
 
 		out = containsPseudoClassSelector{own: name == "containsown", value: val}
 
 	case "matches", "matchesown":
 		if !p.consumeParenthesis() {
-			return out, errExpectedParenthesis
+			return out, "", errExpectedParenthesis
 		}
 		rx, err := p.parseRegex()
 		if err != nil {
-			return out, err
+			return out, "", err
 		}
 		if p.i >= len(p.s) {
-			return out, errors.New("unexpected EOF in pseudo selector")
+			return out, "", errors.New("unexpected EOF in pseudo selector")
 		}
 		if !p.consumeClosingParenthesis() {
-			return out, errExpectedClosingParenthesis
+			return out, "", errExpectedClosingParenthesis
 		}
 
 		out = regexpPseudoClassSelector{own: name == "matchesown", regexp: rx}
 
 	case "nth-child", "nth-last-child", "nth-of-type", "nth-last-of-type":
 		if !p.consumeParenthesis() {
-			return out, errExpectedParenthesis
+			return out, "", errExpectedParenthesis
 		}
 		a, b, err := p.parseNth()
 		if err != nil {
-			return out, err
+			return out, "", err
 		}
 		if !p.consumeClosingParenthesis() {
-			return out, errExpectedClosingParenthesis
+			return out, "", errExpectedClosingParenthesis
 		}
 		last := name == "nth-last-child" || name == "nth-last-of-type"
 		ofType := name == "nth-of-type" || name == "nth-last-of-type"
@@ -535,9 +553,9 @@ func (p *parser) parsePseudoclassSelector() (out Sel, err error) {
 	case "root":
 		out = rootPseudoClassSelector{}
 	case "after", "backdrop", "before", "cue", "first-letter", "first-line", "grammar-error", "marker", "placeholder", "selection", "spelling-error":
-		return out, errors.New("pseudo-elements are not yet supported")
+		return nil, name, nil
 	default:
-		return out, fmt.Errorf("unknown pseudoclass or pseudoelement :%s", name)
+		return out, "", fmt.Errorf("unknown pseudoclass or pseudoelement :%s", name)
 	}
 	return
 }
@@ -706,11 +724,13 @@ func (p *parser) parseSimpleSelectorSequence() (Sel, error) {
 		selectors = append(selectors, r)
 	}
 
+	var pseudoElement string
 loop:
 	for p.i < len(p.s) {
 		var (
-			ns  Sel
-			err error
+			ns               Sel
+			newPseudoElement string
+			err              error
 		)
 		switch p.s[p.i] {
 		case '#':
@@ -720,20 +740,37 @@ loop:
 		case '[':
 			ns, err = p.parseAttributeSelector()
 		case ':':
-			ns, err = p.parsePseudoclassSelector()
+			ns, newPseudoElement, err = p.parsePseudoclassSelector()
 		default:
 			break loop
 		}
 		if err != nil {
 			return nil, err
 		}
+		// From https://drafts.csswg.org/selectors-3/#pseudo-elements :
+		// "Only one pseudo-element may appear per selector, and if present
+		// it must appear after the sequence of simple selectors that
+		// represents the subjects of the selector.""
+		if ns == nil { // we found a pseudo-element
+			if pseudoElement != "" {
+				return nil, fmt.Errorf("only one pseudo-element is accepted per selector, got %s and %s", pseudoElement, newPseudoElement)
+			}
+			if !p.acceptPseudoElements {
+				return nil, fmt.Errorf("pseudo-element %s found, but pseudo-elements support is disabled", newPseudoElement)
+			}
+			pseudoElement = newPseudoElement
+		} else {
+			if pseudoElement != "" {
+				return nil, fmt.Errorf("pseudo-element %s must be at the end of selector", pseudoElement)
+			}
+			selectors = append(selectors, ns)
+		}
 
-		selectors = append(selectors, ns)
 	}
-	if len(selectors) == 1 { // no need wrap the selectors in compoundSelector
+	if len(selectors) == 1 && pseudoElement == "" { // no need wrap the selectors in compoundSelector
 		return selectors[0], nil
 	}
-	return compoundSelector{selectors: selectors}, nil
+	return compoundSelector{selectors: selectors, pseudoElement: pseudoElement}, nil
 }
 
 // parseSelector parses a selector that may include combinators.
diff --git a/vendor/github.com/andybalholm/cascadia/selector.go b/vendor/github.com/andybalholm/cascadia/selector.go
index 18ce116440..e2a6dc4be1 100644
--- a/vendor/github.com/andybalholm/cascadia/selector.go
+++ b/vendor/github.com/andybalholm/cascadia/selector.go
@@ -16,14 +16,19 @@ type Matcher interface {
 }
 
 // Sel is the interface for all the functionality provided by selectors.
-// It is currently the same as Matcher, but other methods may be added in the
-// future.
 type Sel interface {
 	Matcher
 	Specificity() Specificity
+
+	// Returns a CSS input compiling to this selector.
+	String() string
+
+	// Returns a pseudo-element, or an empty string.
+	PseudoElement() string
 }
 
-// Parse parses a selector.
+// Parse parses a selector. Use `ParseWithPseudoElement`
+// if you need support for pseudo-elements.
 func Parse(sel string) (Sel, error) {
 	p := &parser{s: sel}
 	compiled, err := p.parseSelector()
@@ -38,7 +43,25 @@ func Parse(sel string) (Sel, error) {
 	return compiled, nil
 }
 
+// ParseWithPseudoElement parses a single selector,
+// with support for pseudo-element.
+func ParseWithPseudoElement(sel string) (Sel, error) {
+	p := &parser{s: sel, acceptPseudoElements: true}
+	compiled, err := p.parseSelector()
+	if err != nil {
+		return nil, err
+	}
+
+	if p.i < len(sel) {
+		return nil, fmt.Errorf("parsing %q: %d bytes left over", sel, len(sel)-p.i)
+	}
+
+	return compiled, nil
+}
+
 // ParseGroup parses a selector, or a group of selectors separated by commas.
+// Use `ParseGroupWithPseudoElements`
+// if you need support for pseudo-elements.
 func ParseGroup(sel string) (SelectorGroup, error) {
 	p := &parser{s: sel}
 	compiled, err := p.parseSelectorGroup()
@@ -53,6 +76,22 @@ func ParseGroup(sel string) (SelectorGroup, error) {
 	return compiled, nil
 }
 
+// ParseGroupWithPseudoElements parses a selector, or a group of selectors separated by commas.
+// It supports pseudo-elements.
+func ParseGroupWithPseudoElements(sel string) (SelectorGroup, error) {
+	p := &parser{s: sel, acceptPseudoElements: true}
+	compiled, err := p.parseSelectorGroup()
+	if err != nil {
+		return nil, err
+	}
+
+	if p.i < len(sel) {
+		return nil, fmt.Errorf("parsing %q: %d bytes left over", sel, len(sel)-p.i)
+	}
+
+	return compiled, nil
+}
+
 // A Selector is a function which tells whether a node matches or not.
 //
 // This type is maintained for compatibility; I recommend using the newer and
@@ -182,6 +221,10 @@ func (c tagSelector) Specificity() Specificity {
 	return Specificity{0, 0, 1}
 }
 
+func (c tagSelector) PseudoElement() string {
+	return ""
+}
+
 type classSelector struct {
 	class string
 }
@@ -197,6 +240,10 @@ func (c classSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c classSelector) PseudoElement() string {
+	return ""
+}
+
 type idSelector struct {
 	id string
 }
@@ -212,6 +259,10 @@ func (c idSelector) Specificity() Specificity {
 	return Specificity{1, 0, 0}
 }
 
+func (c idSelector) PseudoElement() string {
+	return ""
+}
+
 type attrSelector struct {
 	key, val, operation string
 	regexp              *regexp.Regexp
@@ -352,6 +403,10 @@ func (c attrSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c attrSelector) PseudoElement() string {
+	return ""
+}
+
 // ---------------- Pseudo class selectors ----------------
 // we use severals concrete types of pseudo-class selectors
 
@@ -415,6 +470,10 @@ func (s relativePseudoClassSelector) Specificity() Specificity {
 	return max
 }
 
+func (c relativePseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type containsPseudoClassSelector struct {
 	own   bool
 	value string
@@ -436,6 +495,10 @@ func (s containsPseudoClassSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c containsPseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type regexpPseudoClassSelector struct {
 	own    bool
 	regexp *regexp.Regexp
@@ -488,6 +551,10 @@ func (s regexpPseudoClassSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c regexpPseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type nthPseudoClassSelector struct {
 	a, b         int
 	last, ofType bool
@@ -623,6 +690,10 @@ func (s nthPseudoClassSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c nthPseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type onlyChildPseudoClassSelector struct {
 	ofType bool
 }
@@ -661,6 +732,10 @@ func (s onlyChildPseudoClassSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c onlyChildPseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type inputPseudoClassSelector struct{}
 
 // Matches input, select, textarea and button elements.
@@ -672,6 +747,10 @@ func (s inputPseudoClassSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c inputPseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type emptyElementPseudoClassSelector struct{}
 
 // Matches empty elements.
@@ -694,6 +773,10 @@ func (s emptyElementPseudoClassSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c emptyElementPseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type rootPseudoClassSelector struct{}
 
 // Match implements :root
@@ -711,8 +794,13 @@ func (s rootPseudoClassSelector) Specificity() Specificity {
 	return Specificity{0, 1, 0}
 }
 
+func (c rootPseudoClassSelector) PseudoElement() string {
+	return ""
+}
+
 type compoundSelector struct {
-	selectors []Sel
+	selectors     []Sel
+	pseudoElement string
 }
 
 // Matches elements if each sub-selectors matches.
@@ -734,9 +822,17 @@ func (s compoundSelector) Specificity() Specificity {
 	for _, sel := range s.selectors {
 		out = out.Add(sel.Specificity())
 	}
+	if s.pseudoElement != "" {
+		// https://drafts.csswg.org/selectors-3/#specificity
+		out = out.Add(Specificity{0, 0, 1})
+	}
 	return out
 }
 
+func (c compoundSelector) PseudoElement() string {
+	return c.pseudoElement
+}
+
 type combinedSelector struct {
 	first      Sel
 	combinator byte
@@ -818,6 +914,15 @@ func (s combinedSelector) Specificity() Specificity {
 	return spec
 }
 
+// on combinedSelector, a pseudo-element only makes sens on the last
+// selector, although others increase specificity.
+func (c combinedSelector) PseudoElement() string {
+	if c.second == nil {
+		return ""
+	}
+	return c.second.PseudoElement()
+}
+
 // A SelectorGroup is a list of selectors, which matches if any of the
 // individual selectors matches.
 type SelectorGroup []Sel
diff --git a/vendor/github.com/andybalholm/cascadia/serialize.go b/vendor/github.com/andybalholm/cascadia/serialize.go
new file mode 100644
index 0000000000..f15b079527
--- /dev/null
+++ b/vendor/github.com/andybalholm/cascadia/serialize.go
@@ -0,0 +1,120 @@
+package cascadia
+
+import (
+	"fmt"
+	"strings"
+)
+
+// implements the reverse operation Sel -> string
+
+func (c tagSelector) String() string {
+	return c.tag
+}
+
+func (c idSelector) String() string {
+	return "#" + c.id
+}
+
+func (c classSelector) String() string {
+	return "." + c.class
+}
+
+func (c attrSelector) String() string {
+	val := c.val
+	if c.operation == "#=" {
+		val = c.regexp.String()
+	} else if c.operation != "" {
+		val = fmt.Sprintf(`"%s"`, val)
+	}
+	return fmt.Sprintf(`[%s%s%s]`, c.key, c.operation, val)
+}
+
+func (c relativePseudoClassSelector) String() string {
+	return fmt.Sprintf(":%s(%s)", c.name, c.match.String())
+}
+func (c containsPseudoClassSelector) String() string {
+	s := "contains"
+	if c.own {
+		s += "Own"
+	}
+	return fmt.Sprintf(`:%s("%s")`, s, c.value)
+}
+func (c regexpPseudoClassSelector) String() string {
+	s := "matches"
+	if c.own {
+		s += "Own"
+	}
+	return fmt.Sprintf(":%s(%s)", s, c.regexp.String())
+}
+func (c nthPseudoClassSelector) String() string {
+	if c.a == 0 && c.b == 1 { // special cases
+		s := ":first-"
+		if c.last {
+			s = ":last-"
+		}
+		if c.ofType {
+			s += "of-type"
+		} else {
+			s += "child"
+		}
+		return s
+	}
+	var name string
+	switch [2]bool{c.last, c.ofType} {
+	case [2]bool{true, true}:
+		name = "nth-last-of-type"
+	case [2]bool{true, false}:
+		name = "nth-last-child"
+	case [2]bool{false, true}:
+		name = "nth-of-type"
+	case [2]bool{false, false}:
+		name = "nth-child"
+	}
+	return fmt.Sprintf(":%s(%dn+%d)", name, c.a, c.b)
+}
+func (c onlyChildPseudoClassSelector) String() string {
+	if c.ofType {
+		return ":only-of-type"
+	}
+	return ":only-child"
+}
+func (c inputPseudoClassSelector) String() string {
+	return ":input"
+}
+func (c emptyElementPseudoClassSelector) String() string {
+	return ":empty"
+}
+func (c rootPseudoClassSelector) String() string {
+	return ":root"
+}
+
+func (c compoundSelector) String() string {
+	if len(c.selectors) == 0 && c.pseudoElement == "" {
+		return "*"
+	}
+	chunks := make([]string, len(c.selectors))
+	for i, sel := range c.selectors {
+		chunks[i] = sel.String()
+	}
+	s := strings.Join(chunks, "")
+	if c.pseudoElement != "" {
+		s += "::" + c.pseudoElement
+	}
+	return s
+}
+
+func (c combinedSelector) String() string {
+	start := c.first.String()
+	if c.second != nil {
+		start += fmt.Sprintf(" %s %s", string(c.combinator), c.second.String())
+	}
+	return start
+}
+
+func (c SelectorGroup) String() string {
+	ck := make([]string, len(c))
+	for i, s := range c {
+		ck[i] = s.String()
+	}
+	return strings.Join(ck, ", ")
+}
diff --git a/vendor/github.com/willf/bitset/.gitignore b/vendor/github.com/bits-and-blooms/bitset/.gitignore
index 5c204d28b0..5c204d28b0 100644
--- a/vendor/github.com/willf/bitset/.gitignore
+++ b/vendor/github.com/bits-and-blooms/bitset/.gitignore
diff --git a/vendor/github.com/willf/bitset/.travis.yml b/vendor/github.com/bits-and-blooms/bitset/.travis.yml
index 094aa5ce07..094aa5ce07 100644
--- a/vendor/github.com/willf/bitset/.travis.yml
+++ b/vendor/github.com/bits-and-blooms/bitset/.travis.yml
diff --git a/vendor/github.com/willf/bitset/LICENSE b/vendor/github.com/bits-and-blooms/bitset/LICENSE
index 59cab8a939..59cab8a939 100644
--- a/vendor/github.com/willf/bitset/LICENSE
+++ b/vendor/github.com/bits-and-blooms/bitset/LICENSE
diff --git a/vendor/github.com/willf/bitset/README.md b/vendor/github.com/bits-and-blooms/bitset/README.md
index 50338e71df..97e83071e4 100644
--- a/vendor/github.com/willf/bitset/README.md
+++ b/vendor/github.com/bits-and-blooms/bitset/README.md
@@ -2,10 +2,9 @@
 
 *Go language library to map between non-negative integers and boolean values*
 
-[![Test](https://github.com/willf/bitset/workflows/Test/badge.svg)](https://github.com/willf/bitset/actions?query=workflow%3ATest)
-[![Master Coverage Status](https://coveralls.io/repos/willf/bitset/badge.svg?branch=master&service=github)](https://coveralls.io/github/willf/bitset?branch=master)
+[![Test](https://github.com/bits-and-blooms/bitset/workflows/Test/badge.svg)](https://github.com/willf/bitset/actions?query=workflow%3ATest)
 [![Go Report Card](https://goreportcard.com/badge/github.com/willf/bitset)](https://goreportcard.com/report/github.com/willf/bitset)
-[![PkgGoDev](https://pkg.go.dev/badge/github.com/willf/bitset?tab=doc)](https://pkg.go.dev/github.com/willf/bitset?tab=doc)
+[![PkgGoDev](https://pkg.go.dev/badge/github.com/bits-and-blooms/bitset?tab=doc)](https://pkg.go.dev/github.com/bits-and-blooms/bitset?tab=doc)
 
 
 ## Description
@@ -30,7 +29,7 @@ import (
 	"fmt"
 	"math/rand"
 
-	"github.com/willf/bitset"
+	"github.com/bits-and-blooms/bitset"
 )
 
 func main() {
@@ -63,7 +62,7 @@ func main() {
 
 As an alternative to BitSets, one should check out the 'big' package, which provides a (less set-theoretical) view of bitsets.
 
-Package documentation is at: https://pkg.go.dev/github.com/willf/bitset?tab=doc
+Package documentation is at: https://pkg.go.dev/github.com/bits-and-blooms/bitset?tab=doc
 
 ## Memory Usage
 
@@ -78,7 +77,7 @@ It is possible that a later version will match the `math/bits` return signature
 ## Installation
 
 ```bash
-go get github.com/willf/bitset
+go get github.com/bits-and-blooms/bitset
 ```
 
 ## Contributing
diff --git a/vendor/github.com/willf/bitset/azure-pipelines.yml b/vendor/github.com/bits-and-blooms/bitset/azure-pipelines.yml
index f9b2959184..f9b2959184 100644
--- a/vendor/github.com/willf/bitset/azure-pipelines.yml
+++ b/vendor/github.com/bits-and-blooms/bitset/azure-pipelines.yml
diff --git a/vendor/github.com/willf/bitset/bitset.go b/vendor/github.com/bits-and-blooms/bitset/bitset.go
index 21e889da2e..d688806a54 100644
--- a/vendor/github.com/willf/bitset/bitset.go
+++ b/vendor/github.com/bits-and-blooms/bitset/bitset.go
@@ -209,6 +209,27 @@ func (b *BitSet) Flip(i uint) *BitSet {
 	return b
 }
 
+// FlipRange bit in [start, end).
+// If end>= Cap(), this function will panic.
+// Warning: using a very large value for 'end'
+// may lead to a memory shortage and a panic: the caller is responsible
+// for providing sensible parameters in line with their memory capacity.
+func (b *BitSet) FlipRange(start, end uint) *BitSet {
+	if start >= end {
+		return b
+	}
+
+	b.extendSetMaybe(end - 1)
+	var startWord uint = start >> log2WordSize
+	var endWord uint = end >> log2WordSize
+	b.set[startWord] ^= ^(^uint64(0) << (start & (wordSize - 1)))
+	for i := startWord; i < endWord; i++ {
+		b.set[i] = ^b.set[i]
+	}
+	b.set[endWord] ^= ^uint64(0) >> (-end & (wordSize - 1))
+	return b
+}
+
 // Shrink shrinks BitSet so that the provided value is the last possible
 // set value. It clears all bits > the provided index and reduces the size
 // and length of the set.
@@ -519,7 +540,7 @@ func (b *BitSet) Copy(c *BitSet) (count uint) {
 }
 
 // Count (number of set bits).
-// Also known as "popcount" or "popularity count".
+// Also known as "popcount" or "population count".
 func (b *BitSet) Count() uint {
 	if b != nil && b.set != nil {
 		return uint(popcntSlice(b.set))
diff --git a/vendor/github.com/bits-and-blooms/bitset/go.mod b/vendor/github.com/bits-and-blooms/bitset/go.mod
new file mode 100644
index 0000000000..c43e4522b7
--- /dev/null
+++ b/vendor/github.com/bits-and-blooms/bitset/go.mod
@@ -0,0 +1,3 @@
+module github.com/bits-and-blooms/bitset
+
+go 1.14
diff --git a/vendor/github.com/willf/bitset/go.sum b/vendor/github.com/bits-and-blooms/bitset/go.sum
index e69de29bb2..e69de29bb2 100644
--- a/vendor/github.com/willf/bitset/go.sum
+++ b/vendor/github.com/bits-and-blooms/bitset/go.sum
diff --git a/vendor/github.com/willf/bitset/popcnt.go b/vendor/github.com/bits-and-blooms/bitset/popcnt.go
index 76577a8382..76577a8382 100644
--- a/vendor/github.com/willf/bitset/popcnt.go
+++ b/vendor/github.com/bits-and-blooms/bitset/popcnt.go
diff --git a/vendor/github.com/willf/bitset/popcnt_19.go b/vendor/github.com/bits-and-blooms/bitset/popcnt_19.go
index fc8ff4f367..fc8ff4f367 100644
--- a/vendor/github.com/willf/bitset/popcnt_19.go
+++ b/vendor/github.com/bits-and-blooms/bitset/popcnt_19.go
diff --git a/vendor/github.com/willf/bitset/popcnt_amd64.go b/vendor/github.com/bits-and-blooms/bitset/popcnt_amd64.go
index 4cf64f24ad..4cf64f24ad 100644
--- a/vendor/github.com/willf/bitset/popcnt_amd64.go
+++ b/vendor/github.com/bits-and-blooms/bitset/popcnt_amd64.go
diff --git a/vendor/github.com/willf/bitset/popcnt_amd64.s b/vendor/github.com/bits-and-blooms/bitset/popcnt_amd64.s
index 666c0dcc17..666c0dcc17 100644
--- a/vendor/github.com/willf/bitset/popcnt_amd64.s
+++ b/vendor/github.com/bits-and-blooms/bitset/popcnt_amd64.s
diff --git a/vendor/github.com/willf/bitset/popcnt_generic.go b/vendor/github.com/bits-and-blooms/bitset/popcnt_generic.go
index 21e0ff7b4f..21e0ff7b4f 100644
--- a/vendor/github.com/willf/bitset/popcnt_generic.go
+++ b/vendor/github.com/bits-and-blooms/bitset/popcnt_generic.go
diff --git a/vendor/github.com/willf/bitset/trailing_zeros_18.go b/vendor/github.com/bits-and-blooms/bitset/trailing_zeros_18.go
index c52b61be9f..c52b61be9f 100644
--- a/vendor/github.com/willf/bitset/trailing_zeros_18.go
+++ b/vendor/github.com/bits-and-blooms/bitset/trailing_zeros_18.go
diff --git a/vendor/github.com/willf/bitset/trailing_zeros_19.go b/vendor/github.com/bits-and-blooms/bitset/trailing_zeros_19.go
index 36a988e714..36a988e714 100644
--- a/vendor/github.com/willf/bitset/trailing_zeros_19.go
+++ b/vendor/github.com/bits-and-blooms/bitset/trailing_zeros_19.go
diff --git a/vendor/github.com/blevesearch/bleve/v2/go.mod b/vendor/github.com/blevesearch/bleve/v2/go.mod
index a1a6b5977e..3282ded1ec 100644
--- a/vendor/github.com/blevesearch/bleve/v2/go.mod
+++ b/vendor/github.com/blevesearch/bleve/v2/go.mod
@@ -3,14 +3,15 @@ module github.com/blevesearch/bleve/v2
 go 1.13
 
 require (
-	github.com/RoaringBitmap/roaring v0.4.23
+	github.com/RoaringBitmap/roaring v0.7.1
+	github.com/bits-and-blooms/bitset v1.2.0
 	github.com/blevesearch/bleve_index_api v1.0.0
 	github.com/blevesearch/go-porterstemmer v1.0.3
 	github.com/blevesearch/scorch_segment_api/v2 v2.0.1
 	github.com/blevesearch/segment v0.9.0
 	github.com/blevesearch/snowballstem v0.9.0
 	github.com/blevesearch/upsidedown_store_api v1.0.1
-	github.com/blevesearch/vellum v1.0.3
+	github.com/blevesearch/vellum v1.0.4
 	github.com/blevesearch/zapx/v11 v11.2.0
 	github.com/blevesearch/zapx/v12 v12.2.0
 	github.com/blevesearch/zapx/v13 v13.2.0
@@ -23,7 +24,6 @@ require (
 	github.com/spf13/cobra v0.0.5
 	github.com/steveyen/gtreap v0.1.0
 	github.com/syndtr/goleveldb v1.0.0
-	github.com/willf/bitset v1.1.10
 	go.etcd.io/bbolt v1.3.5
 	golang.org/x/text v0.3.0
 )
diff --git a/vendor/github.com/blevesearch/bleve/v2/go.sum b/vendor/github.com/blevesearch/bleve/v2/go.sum
index e1e8edd189..734878c764 100644
--- a/vendor/github.com/blevesearch/bleve/v2/go.sum
+++ b/vendor/github.com/blevesearch/bleve/v2/go.sum
@@ -1,7 +1,12 @@
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
-github.com/RoaringBitmap/roaring v0.4.23 h1:gpyfd12QohbqhFO4NVDUdoPOCXsyahYRQhINmlHxKeo=
+github.com/Julusian/godocdown v0.0.0-20170816220326-6d19f8ff2df8/go.mod h1:INZr5t32rG59/5xeltqoCJoNY7e5x/3xoY9WSWVWg74=
 github.com/RoaringBitmap/roaring v0.4.23/go.mod h1:D0gp8kJQgE1A4LQ5wFLggQEyvDi06Mq5mKs52e1TwOo=
+github.com/RoaringBitmap/roaring v0.7.1 h1:HkcLv8q/kwGJnhEWe+vinu+04DGDdQ7nVivMhNhxP2g=
+github.com/RoaringBitmap/roaring v0.7.1/go.mod h1:jdT9ykXwHFNdJbEtxePexlFYH9LXucApeS0/+/g+p1I=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
+github.com/bits-and-blooms/bitset v1.1.10/go.mod h1:w0XsmFg8qg6cmpTtJ0z3pKgjTDBMMnI/+I2syrE6XBE=
+github.com/bits-and-blooms/bitset v1.2.0 h1:Kn4yilvwNtMACtf1eYDlG8H77R07mZSPbMjLyS07ChA=
+github.com/bits-and-blooms/bitset v1.2.0/go.mod h1:gIdJ4wp64HaoK2YrL1Q5/N7Y16edYb8uY+O0FJTyyDA=
 github.com/blevesearch/bleve_index_api v1.0.0 h1:Ds3XeuTxjXCkG6pgIwWDRyooJKNIuOKemnN0N0IkhTU=
 github.com/blevesearch/bleve_index_api v1.0.0/go.mod h1:fiwKS0xLEm+gBRgv5mumf0dhgFr2mDgZah1pqv1c1M4=
 github.com/blevesearch/go-porterstemmer v1.0.3 h1:GtmsqID0aZdCSNiY8SkuPJ12pD4jI+DdXTAn4YRcHCo=
@@ -16,8 +21,9 @@ github.com/blevesearch/snowballstem v0.9.0 h1:lMQ189YspGP6sXvZQ4WZ+MLawfV8wOmPoD
 github.com/blevesearch/snowballstem v0.9.0/go.mod h1:PivSj3JMc8WuaFkTSRDW2SlrulNWPl4ABg1tC/hlgLs=
 github.com/blevesearch/upsidedown_store_api v1.0.1 h1:1SYRwyoFLwG3sj0ed89RLtM15amfX2pXlYbFOnF8zNU=
 github.com/blevesearch/upsidedown_store_api v1.0.1/go.mod h1:MQDVGpHZrpe3Uy26zJBf/a8h0FZY6xJbthIMm8myH2Q=
-github.com/blevesearch/vellum v1.0.3 h1:U86G41A7CtXNzzpIJHM8lSTUqz1Mp8U870TkcdCzZc8=
 github.com/blevesearch/vellum v1.0.3/go.mod h1:2u5ax02KeDuNWu4/C+hVQMD6uLN4txH1JbtpaDNLJRo=
+github.com/blevesearch/vellum v1.0.4 h1:o6t7NxTnThp1es52uQvOJJx+9yK/nKXlWC5xl4LCz1U=
+github.com/blevesearch/vellum v1.0.4/go.mod h1:cMhywHI0de50f7Nj42YgvyD6bFJ2WkNRvNBlNMrEVgY=
 github.com/blevesearch/zapx/v11 v11.2.0 h1:GBkCJYsyj3eIU4+aiLPxoMz1PYvDbQZl/oXHIBZIP60=
 github.com/blevesearch/zapx/v11 v11.2.0/go.mod h1:gN/a0alGw1FZt/YGTo1G6Z6XpDkeOfujX5exY9sCQQM=
 github.com/blevesearch/zapx/v12 v12.2.0 h1:dyRcSoZVO1jktL4UpGkCEF1AYa3xhKPirh4/N+Va+Ww=
@@ -39,11 +45,11 @@ github.com/cpuguy83/go-md2man v1.0.10/go.mod h1:SmD6nW6nTyfqj6ABTjUi3V3JVMnlJmwc
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
+github.com/dvyukov/go-fuzz v0.0.0-20210429054444-fca39067bc72/go.mod h1:11Gm+ccJnvAhCNLlf5+cS9KjtbaD5I5zaZpFMsTHWTw=
+github.com/elazarl/go-bindata-assetfs v1.0.1/go.mod h1:v+YaWX3bdea5J/mo8dSETolEo7R71Vk1u8bnjau5yw4=
 github.com/fsnotify/fsnotify v1.4.7 h1:IXs+QLmnXW2CcXuY+8Mzv/fWEsPGWxqefPtCP5CnV9I=
 github.com/fsnotify/fsnotify v1.4.7/go.mod h1:jwhsz4b93w/PPRr/qN1Yymfu8t87LnFCMoQvtojpjFo=
-github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2 h1:Ujru1hufTHVb++eG6OuNDKMxZnGIvF6o/u8q/8h2+I4=
 github.com/glycerine/go-unsnap-stream v0.0.0-20181221182339-f9677308dec2/go.mod h1:/20jfyN9Y5QPEAprSgKAUr+glWDY39ZiUEAYOEv5dsE=
-github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31 h1:gclg6gY70GLy3PbkQ1AERPfmLMMagS60DKF78eWwLn8=
 github.com/glycerine/goconvey v0.0.0-20190410193231-58a59202ab31/go.mod h1:Ogl1Tioa0aV7gstGFO7KhffUsb9M4ydbEbbxpcEDc24=
 github.com/golang/protobuf v1.2.0/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5yJMmIC1U=
 github.com/golang/protobuf v1.3.2 h1:6nsPYzhq5kReh6QImI3k5qWzO4PEbvbIW2cwSfR/6xs=
@@ -51,14 +57,12 @@ github.com/golang/protobuf v1.3.2/go.mod h1:6lQm79b+lXiMfvg/cZm0SGofjICqVBUtrP5y
 github.com/golang/snappy v0.0.0-20180518054509-2e65f85255db/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
 github.com/golang/snappy v0.0.1 h1:Qgr9rKW7uDUkrbSmQeiDsGa8SjGyCOGtuasMWwvp2P4=
 github.com/golang/snappy v0.0.1/go.mod h1:/XxbfmMg8lxefKM7IXC3fBNl/7bRcc72aCRzEWrmP2Q=
-github.com/gopherjs/gopherjs v0.0.0-20190910122728-9d188e94fb99 h1:twflg0XRTjwKpxb/jFExr4HGq6on2dEOmnL6FV+fgPw=
 github.com/gopherjs/gopherjs v0.0.0-20190910122728-9d188e94fb99/go.mod h1:wJfORRmW1u3UXTncJ5qlYoELFm8eSnnEO6hX4iZ3EWY=
 github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
 github.com/hpcloud/tail v1.0.0 h1:nfCOvKYfkgYP8hkirhJocXT2+zOD8yUNjXaWfTlyFKI=
 github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpOxQnU=
 github.com/inconshreveable/mousetrap v1.0.0 h1:Z8tu5sraLXCXIcARxBp/8cbvlwVa7Z1NHg9XEKhtSvM=
 github.com/inconshreveable/mousetrap v1.0.0/go.mod h1:PxqpIevigyE2G7u3NXJIT2ANytuPF1OarO4DADm73n8=
-github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
 github.com/jtolds/gls v4.20.0+incompatible/go.mod h1:QJZ7F/aHp+rZTRtaJ1ow/lLfFfVYBRgL+9YlvaHOwJU=
 github.com/kljensen/snowball v0.6.0 h1:6DZLCcZeL0cLfodx+Md4/OLC6b/bfurWUOUGs1ydfOU=
 github.com/kljensen/snowball v0.6.0/go.mod h1:27N7E8fVU5H68RlUmnWwZCfxgt4POBJfENGMvNRhldw=
@@ -74,12 +78,12 @@ github.com/onsi/ginkgo v1.7.0/go.mod h1:lLunBs/Ym6LB5Z9jYTR76FiuTmxDTDusOGeTQH+W
 github.com/onsi/gomega v1.4.3 h1:RE1xgDvH7imwFD45h+u2SgIfERHlS2yNG4DObb5BSKU=
 github.com/onsi/gomega v1.4.3/go.mod h1:ex+gbHU/CVuBBDIJjb2X0qEXbFg53c61hWP/1CpauHY=
 github.com/pelletier/go-toml v1.2.0/go.mod h1:5z9KED0ma1S8pY6P1sdut58dfprrGBbd/94hg7ilaic=
-github.com/philhofer/fwd v1.0.0 h1:UbZqGr5Y38ApvM/V/jEljVxwocdweyH+vmYvRPBnbqQ=
 github.com/philhofer/fwd v1.0.0/go.mod h1:gk3iGcWd9+svBvR0sR+KPcfE+RNWozjowpeBVG3ZVNU=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/rcrowley/go-metrics v0.0.0-20190826022208-cac0b30c2563 h1:dY6ETXrvDG7Sa4vE8ZQG4yqWg6UnOcbqTAahkV813vQ=
 github.com/rcrowley/go-metrics v0.0.0-20190826022208-cac0b30c2563/go.mod h1:bCqnVzQkZxMG4s8nGwiZ5l3QUCyqpo9Y+/ZMZ9VjZe4=
+github.com/robertkrimen/godocdown v0.0.0-20130622164427-0bfa04905481/go.mod h1:C9WhFzY47SzYBIvzFqSvHIR6ROgDo4TtdTuRaOMjF/s=
 github.com/russross/blackfriday v1.5.2/go.mod h1:JO/DiYxRf+HjHt06OyowR9PTA263kcR/rfWxYHBV53g=
 github.com/spf13/afero v1.1.2/go.mod h1:j4pytiNVoe2o6bmDsKpLACNPDBIoEAkihy7loJ1B0CQ=
 github.com/spf13/cast v1.3.0/go.mod h1:Qx5cxh0v+4UWYiBimWS+eyWzqEqokIECu5etghLkUJE=
@@ -89,34 +93,55 @@ github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb6
 github.com/spf13/pflag v1.0.3 h1:zPAT6CGy6wXeQ7NtTnaTerfKOsV6V6F8agHXFiazDkg=
 github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnInEg4=
 github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
+github.com/stephens2424/writerset v1.0.2/go.mod h1:aS2JhsMn6eA7e82oNmW4rfsgAOp9COBTTl8mzkwADnc=
 github.com/steveyen/gtreap v0.1.0 h1:CjhzTa274PyJLJuMZwIzCO1PfC00oRa8d1Kc78bFXJM=
 github.com/steveyen/gtreap v0.1.0/go.mod h1:kl/5J7XbrOmlIbYIXdRHDDE5QxHqpk0cmkT7Z4dM9/Y=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
+github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
 github.com/syndtr/goleveldb v1.0.0 h1:fBdIW9lB4Iz0n9khmH8w27SJ3QEJ7+IgjPEwGSZiFdE=
 github.com/syndtr/goleveldb v1.0.0/go.mod h1:ZVVdQEZoIme9iO1Ch2Jdy24qqXrMMOU6lpPAyBWyWuQ=
-github.com/tinylib/msgp v1.1.0 h1:9fQd+ICuRIu/ue4vxJZu6/LzxN0HwMds2nq/0cFvxHU=
 github.com/tinylib/msgp v1.1.0/go.mod h1:+d+yLhGm8mzTaHzB+wgMYrodPfmZrzkirds8fDWklFE=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
-github.com/willf/bitset v1.1.10 h1:NotGKqX0KwQ72NUzqrjZq5ipPNDQex9lo3WpaS8L2sc=
 github.com/willf/bitset v1.1.10/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
+github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 go.etcd.io/bbolt v1.3.5 h1:XAzx9gjCb0Rxj7EoqcClPD1d5ZBxZJk0jbuoPHenBt0=
 go.etcd.io/bbolt v1.3.5/go.mod h1:G5EMThwa9y8QZGBClrRx5EY+Yw9kAhnjy3bSjsnlVTQ=
 golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/net v0.0.0-20180906233101-161cd47e91fd h1:nTDtHvHSdCn1m6ITfMRqtOd/9+7a3s8RBNOZ3eYZzJA=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/lint v0.0.0-20200302205851-738671d3881b/go.mod h1:3xt1FjdF8hUf6vQPIChWIBhFzV8gjjsPE/fR3IyQdNY=
+golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
+golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA=
 golang.org/x/net v0.0.0-20180906233101-161cd47e91fd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20200822124328-c89045814202 h1:VvcQYSHwXgi7W+TpUR6A9g6Up98WAHf3f/ulnJ62IyA=
+golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
 golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20181221143128-b4a75ba826a6/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5 h1:LfCXLvNmTYH9kEmVgqbnsWfruoXZIrh4YBgqVHtDvw0=
 golang.org/x/sys v0.0.0-20200202164722-d101bd2416d5/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd h1:xhmwyvizuTgC2qz7ZlMluP20uW+C3Rm0FD/WLDX8884=
+golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
+golang.org/x/tools v0.0.0-20200130002326-2f3ba24bd6e7/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
+golang.org/x/tools v0.0.0-20200928182047-19e03678916f/go.mod h1:z6u4i615ZeAfBE4XtMziQW1fSVJXACjjbWkB/mvPzlU=
+golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
+golang.org/x/xerrors v0.0.0-20200804184101-5ec99f83aff1/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/fsnotify.v1 v1.4.7 h1:xOHLXZwVvI9hhs+cLKq5+I5onOuwQLhQwiu63xxlHs4=
diff --git a/vendor/github.com/blevesearch/bleve/v2/index/scorch/persister.go b/vendor/github.com/blevesearch/bleve/v2/index/scorch/persister.go
index 36a0379e6d..00c92429e4 100644
--- a/vendor/github.com/blevesearch/bleve/v2/index/scorch/persister.go
+++ b/vendor/github.com/blevesearch/bleve/v2/index/scorch/persister.go
@@ -93,7 +93,6 @@ func (s *Scorch) persisterLoop() {
 	po, err := s.parsePersisterOptions()
 	if err != nil {
 		s.fireAsyncError(fmt.Errorf("persisterOptions json parsing err: %v", err))
-		s.asyncTasks.Done()
 		return
 	}
 
diff --git a/vendor/github.com/blevesearch/vellum/fst.go b/vendor/github.com/blevesearch/vellum/fst.go
index 64ee21a410..3140042b64 100644
--- a/vendor/github.com/blevesearch/vellum/fst.go
+++ b/vendor/github.com/blevesearch/vellum/fst.go
@@ -17,7 +17,7 @@ package vellum
 import (
 	"io"
 
-	"github.com/willf/bitset"
+	"github.com/bits-and-blooms/bitset"
 )
 
 // FST is an in-memory representation of a finite state transducer,
diff --git a/vendor/github.com/blevesearch/vellum/go.mod b/vendor/github.com/blevesearch/vellum/go.mod
index afc0acff9b..5c2ad3c978 100644
--- a/vendor/github.com/blevesearch/vellum/go.mod
+++ b/vendor/github.com/blevesearch/vellum/go.mod
@@ -3,8 +3,8 @@ module github.com/blevesearch/vellum
 go 1.12
 
 require (
+	github.com/bits-and-blooms/bitset v1.1.10
 	github.com/blevesearch/mmap-go v1.0.2
 	github.com/spf13/cobra v0.0.5
-	github.com/willf/bitset v1.1.10
 	golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a // indirect
 )
diff --git a/vendor/github.com/blevesearch/vellum/go.sum b/vendor/github.com/blevesearch/vellum/go.sum
index 1022e684eb..d6e89f70e1 100644
--- a/vendor/github.com/blevesearch/vellum/go.sum
+++ b/vendor/github.com/blevesearch/vellum/go.sum
@@ -1,5 +1,7 @@
 github.com/BurntSushi/toml v0.3.1/go.mod h1:xHWCNGjB5oqiDr8zfno3MHue2Ht5sIBksp03qcyfWMU=
 github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8=
+github.com/bits-and-blooms/bitset v1.1.10 h1:oTle449SfMfXO0BpZN1bMPe5SCRlQct8pX7siV30jGA=
+github.com/bits-and-blooms/bitset v1.1.10/go.mod h1:w0XsmFg8qg6cmpTtJ0z3pKgjTDBMMnI/+I2syrE6XBE=
 github.com/blevesearch/mmap-go v1.0.2 h1:JtMHb+FgQCTTYIhtMvimw15dJwu1Y5lrZDMOFXVWPk0=
 github.com/blevesearch/mmap-go v1.0.2/go.mod h1:ol2qBqYaOUsGdm7aRMRrYGgPvnwLe6Y+7LMvAB5IbSA=
 github.com/coreos/etcd v3.3.10+incompatible/go.mod h1:uF7uidLiAD3TWHmW31ZFd/JWoc32PjwdhPthX9715RE=
@@ -27,8 +29,6 @@ github.com/spf13/pflag v1.0.3/go.mod h1:DYY7MBk1bdzusC3SYhjObp+wFpr4gzcvqqNjLnIn
 github.com/spf13/viper v1.3.2/go.mod h1:ZiWeW+zYFKm7srdB9IoDzzZXaJaI5eL9QjNiN/DMA2s=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/ugorji/go/codec v0.0.0-20181204163529-d75b2dcb6bc8/go.mod h1:VFNgLljTbGfSG7qAOspJ7OScBnGdDN/yBr0sguwnwf0=
-github.com/willf/bitset v1.1.10 h1:NotGKqX0KwQ72NUzqrjZq5ipPNDQex9lo3WpaS8L2sc=
-github.com/willf/bitset v1.1.10/go.mod h1:RjeCKbqT1RxIR/KWY6phxZiaY1IyutSBfGjNPySAYV4=
 github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1:aYKd//L2LvnjZzWKhF00oedf4jCCReLcmhLdhm1A27Q=
 golang.org/x/crypto v0.0.0-20181203042331-505ab145d0a9/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
 golang.org/x/sys v0.0.0-20181205085412-a5c9d58dba9a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
diff --git a/vendor/github.com/caddyserver/certmagic/account.go b/vendor/github.com/caddyserver/certmagic/account.go
index d7c3841a7e..8633f92fcb 100644
--- a/vendor/github.com/caddyserver/certmagic/account.go
+++ b/vendor/github.com/caddyserver/certmagic/account.go
@@ -28,6 +28,7 @@ import (
 	"path"
 	"sort"
 	"strings"
+	"sync"
 
 	"github.com/mholt/acmez/acme"
 )
@@ -185,9 +186,14 @@ func (am *ACMEManager) saveAccount(ca string, account acme.Account) error {
 func (am *ACMEManager) getEmail(allowPrompts bool) error {
 	leEmail := am.Email
 
-	// First try package default email
+	// First try package default email, or a discovered email address
 	if leEmail == "" {
-		leEmail = DefaultACME.Email // TODO: racey with line 122 (or whichever line assigns to DefaultACME.Email below)
+		leEmail = DefaultACME.Email
+	}
+	if leEmail == "" {
+		discoveredEmailMu.Lock()
+		leEmail = discoveredEmail
+		discoveredEmailMu.Unlock()
 	}
 
 	// Then try to get most recent user email from storage
@@ -210,8 +216,13 @@ func (am *ACMEManager) getEmail(allowPrompts bool) error {
 
 	// save the email for later and ensure it is consistent
 	// for repeated use; then update cfg with the email
-	DefaultACME.Email = strings.TrimSpace(strings.ToLower(leEmail)) // TODO: this is racey with line 99
-	am.Email = DefaultACME.Email
+	leEmail = strings.TrimSpace(strings.ToLower(leEmail))
+	discoveredEmailMu.Lock()
+	if discoveredEmail == "" {
+		discoveredEmail = leEmail
+	}
+	discoveredEmailMu.Unlock()
+	am.Email = leEmail
 
 	return nil
 }
@@ -386,6 +397,14 @@ func getPrimaryContact(account acme.Account) string {
 	return primaryContact
 }
 
+// When an email address is not explicitly specified, we can remember
+// the last one we discovered to avoid having to ask again later.
+// (We used to store this in DefaultACME.Email but it was racey; see #127)
+var (
+	discoveredEmail   string
+	discoveredEmailMu sync.Mutex
+)
+
 // agreementTestURL is set during tests to skip requiring
 // setting up an entire ACME CA endpoint.
 var agreementTestURL string
diff --git a/vendor/github.com/caddyserver/certmagic/crypto.go b/vendor/github.com/caddyserver/certmagic/crypto.go
index ef60f27dc4..8d9f3c7669 100644
--- a/vendor/github.com/caddyserver/certmagic/crypto.go
+++ b/vendor/github.com/caddyserver/certmagic/crypto.go
@@ -31,7 +31,7 @@ import (
 	"sort"
 	"strings"
 
-	"github.com/klauspost/cpuid"
+	"github.com/klauspost/cpuid/v2"
 	"go.uber.org/zap"
 	"golang.org/x/net/idna"
 )
@@ -289,7 +289,7 @@ func namesFromCSR(csr *x509.CertificateRequest) []string {
 //
 // See https://github.com/mholt/caddy/issues/1674
 func preferredDefaultCipherSuites() []uint16 {
-	if cpuid.CPU.AesNi() {
+	if cpuid.CPU.Supports(cpuid.AESNI) {
 		return defaultCiphersPreferAES
 	}
 	return defaultCiphersPreferChaCha
diff --git a/vendor/github.com/caddyserver/certmagic/go.mod b/vendor/github.com/caddyserver/certmagic/go.mod
index ff8f6b916b..a17f10f1bd 100644
--- a/vendor/github.com/caddyserver/certmagic/go.mod
+++ b/vendor/github.com/caddyserver/certmagic/go.mod
@@ -3,7 +3,7 @@ module github.com/caddyserver/certmagic
 go 1.14
 
 require (
-	github.com/klauspost/cpuid v1.2.5
+	github.com/klauspost/cpuid/v2 v2.0.6
 	github.com/libdns/libdns v0.2.0
 	github.com/mholt/acmez v0.1.3
 	github.com/miekg/dns v1.1.30
diff --git a/vendor/github.com/caddyserver/certmagic/go.sum b/vendor/github.com/caddyserver/certmagic/go.sum
index 0d29850a65..ac4235326f 100644
--- a/vendor/github.com/caddyserver/certmagic/go.sum
+++ b/vendor/github.com/caddyserver/certmagic/go.sum
@@ -5,8 +5,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/google/renameio v0.1.0/go.mod h1:KWCgfxg9yswjAJkECMjeO8J8rahYeXnNhOm40UhjYkI=
 github.com/kisielk/gotool v1.0.0/go.mod h1:XhKaO+MFFWcvkIS/tQcRk01m1F5IRFswLeQ+oQHNcck=
-github.com/klauspost/cpuid v1.2.5 h1:VBd9MyVIiJHzzgnrLQG5Bcv75H4YaWrlKqWHjurxCGo=
-github.com/klauspost/cpuid v1.2.5/go.mod h1:bYW4mA6ZgKPob1/Dlai2LviZJO7KGI3uoWLd42rAQw4=
+github.com/klauspost/cpuid/v2 v2.0.6 h1:dQ5ueTiftKxp0gyjKSx5+8BtPWkyQbd95m8Gys/RarI=
+github.com/klauspost/cpuid/v2 v2.0.6/go.mod h1:FInQzS24/EEf25PyTYn52gqo7WaD8xa0213Md/qVLRg=
 github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
diff --git a/vendor/github.com/caddyserver/certmagic/solvers.go b/vendor/github.com/caddyserver/certmagic/solvers.go
index afd0fd28a2..8c71995814 100644
--- a/vendor/github.com/caddyserver/certmagic/solvers.go
+++ b/vendor/github.com/caddyserver/certmagic/solvers.go
@@ -418,7 +418,6 @@ func (mmu *mapMutex) Lock(key interface{}) {
 		mmu.cond.Wait()
 	}
 	mmu.set[key] = struct{}{}
-	return
 }
 
 func (mmu *mapMutex) Unlock(key interface{}) {
diff --git a/vendor/github.com/go-enry/go-enry/v2/.travis.yml b/vendor/github.com/go-enry/go-enry/v2/.travis.yml
deleted file mode 100644
index c7afb06f27..0000000000
--- a/vendor/github.com/go-enry/go-enry/v2/.travis.yml
+++ /dev/null
@@ -1,130 +0,0 @@
-dist: trusty
-language: go
-go:
-  - '1.14.x'
-  - '1.13.x'
-
-env:
-  global:
-    - GO_VERSION_FOR_JVM='1.11.x'
-    - CGO_ENABLED=0
-    - GO111MODULE=on
-    - ONIGURUMA_VERSION='6.9.1'
-  matrix:
-    - ONIGURUMA=0
-    - ONIGURUMA=1
-
-stages:
-  - name: test
-  - name: release
-    if: tag IS present
-  - name: publish
-    if: tag IS present
-
-install:
-  - >
-    if [[ "${ONIGURUMA}" -gt 0 ]]; then
-      export CGO_ENABLED=1
-      export GO_TAGS='oniguruma'
-      # install oniguruma manually as trusty has only ancient 5.x
-      sudo apt-get install -y dpkg # dpkg >= 1.17.5ubuntu5.8 fixes https://bugs.launchpad.net/ubuntu/+source/dpkg/+bug/1730627
-      wget "http://archive.ubuntu.com/ubuntu/pool/universe/libo/libonig/libonig5_${ONIGURUMA_VERSION}-1_amd64.deb"
-      sudo dpkg -i "libonig5_${ONIGURUMA_VERSION}-1_amd64.deb"
-      wget "http://archive.ubuntu.com/ubuntu/pool/universe/libo/libonig/libonig-dev_${ONIGURUMA_VERSION}-1_amd64.deb"
-      sudo dpkg -i "libonig-dev_${ONIGURUMA_VERSION}-1_amd64.deb"
-    fi;
-script:
-  - go test ./...
-after_success:
-  - bash <(curl -s https://codecov.io/bash)
-
-jobs:
-  include:
-    - name: 'java unit-tests'
-      stage: test
-      language: scala
-      jdk: oraclejdk8
-      install:
-        - export CGO_ENABLED=1
-        - eval "$(curl -sL https://raw.githubusercontent.com/travis-ci/gimme/master/gimme | GIMME_GO_VERSION=$GO_VERSION_FOR_JVM bash)"
-        - go version
-      before_script:
-        - cd java
-        - make
-      script:
-        - make test
-
-    - name: 'linux packages'
-      stage: release
-      install:
-        - go version
-      script: make packages
-      deploy:
-        provider: releases
-        api_key:
-          secure: $GITHUB_TOKEN
-        file_glob: true
-        file: build/*.tar.gz
-        skip_cleanup: true
-        on:
-          tags: true
-
-    - name: 'linux shared lib'
-      stage: release
-      install:
-        - go version
-      script: make linux-shared
-      deploy:
-        provider: releases
-        api_key:
-          secure: $GITHUB_TOKEN
-        file:
-          - ./.shared/linux-x86-64/libenry.so
-        skip_cleanup: true
-        on:
-          tags: true
-
-    - name: 'macOS shared lib'
-      stage: release
-      env:
-        - OSXCROSS_PACKAGE="osxcross_3034f7149716d815bc473d0a7b35d17e4cf175aa.tar.gz"
-        - OSXCROSS_URL="https://github.com/bblfsh/client-scala/releases/download/v1.5.2/${OSXCROSS_PACKAGE}"
-        - PATH="/$HOME/osxcross/bin:$PATH"
-      install:
-        - go version
-        - sudo apt-get update
-        - sudo apt-get install -y --no-install-recommends clang g++ gcc gcc-multilib libc6-dev libc6-dev-i386 mingw-w64 patch xz-utils
-        - cd ${HOME}
-        - curl -sfSL ${OSXCROSS_URL} | tar -C ${HOME} -xzf -
-        - cd $GOPATH/src/github.com/bzz/enry
-      script: make darwin-shared
-      deploy:
-        provider: releases
-        api_key:
-          secure: $GITHUB_TOKEN
-        file: ./.shared/darwin/libenry.dylib
-        skip_cleanup: true
-        on:
-          tags: true
-
-    - name: 'java: publish to maven'
-      stage: publish
-      language: scala
-      jdk: oraclejdk8
-      install:
-        - export CGO_ENABLED=1
-        - eval "$(curl -sL https://raw.githubusercontent.com/travis-ci/gimme/master/gimme | GIMME_GO_VERSION=$GO_VERSION_FOR_JVM bash)"
-        - go version
-      before_script:
-        - cd java
-        - make
-        - curl -o ./shared/linux-x86-64/libenry.so -sfL "https://github.com/$TRAVIS_REPO_SLUG/releases/download/$TRAVIS_TAG/libenry.so" || travis_terminate 1
-        - mkdir -p ./shared/darwin
-        - curl -o ./shared/darwin/libenry.dylib -sfL "https://github.com/$TRAVIS_REPO_SLUG/releases/download/$TRAVIS_TAG/libenry.dylib" || travis_terminate 1
-        - openssl aes-256-cbc -K $encrypted_a0e1c69dbbc7_key -iv $encrypted_a0e1c69dbbc7_iv -in key.asc.enc -out key.asc -d
-        - gpg --no-default-keyring --primary-keyring ./project/.gnupg/pubring.gpg --secret-keyring ./project/.gnupg/secring.gpg --keyring ./project/.gnupg/pubring.gpg --fingerprint --import key.asc
-      script:
-        - make test # ensure the shared objects are functional
-        - ./sbt publishLocal
-        - ./sbt publishSigned
-        - ./sbt sonatypeRelease
diff --git a/vendor/github.com/go-enry/go-enry/v2/README.md b/vendor/github.com/go-enry/go-enry/v2/README.md
index 12fe9e98f1..4f3c2abff7 100644
--- a/vendor/github.com/go-enry/go-enry/v2/README.md
+++ b/vendor/github.com/go-enry/go-enry/v2/README.md
@@ -14,6 +14,7 @@ Programming language detector and toolbox to ignore binary or vendored files. _e
     - [Go](#go)
     - [Java bindings](#java-bindings)
     - [Python bindings](#python-bindings)
+    - [Rust bindings](#rust-bindings)
 - [Divergences from linguist](#divergences-from-linguist)
 - [Benchmarks](#benchmarks)
 - [Why Enry?](#why-enry)
@@ -148,6 +149,11 @@ Generated Python bindings using a C shared library and cffi are WIP under [src-d
 A library is going to be published on pypi as [enry](https://pypi.org/project/enry/) for
 macOS and linux platforms. Windows support is planned under [src-d/enry#150](https://github.com/src-d/enry/issues/150).
 
+### Rust bindings
+
+Generated Rust bindings using a C static library are available at https://github.com/go-enry/rs-enry.
+
+
 ## Divergences from Linguist
 
 The `enry` library is based on the data from `github/linguist` version **v7.13.0**.
@@ -170,9 +176,6 @@ Parsing [linguist/samples](https://github.com/github/linguist/tree/master/sample
 
 - Bayesian classifier can't distinguish "SQL" from "PLpgSQL. See [#194](https://github.com/src-d/enry/issues/194).
 
-- Detection of [generated files](https://github.com/github/linguist/blob/bf95666fc15e49d556f2def4d0a85338423c25f3/lib/linguist/generated.rb#L53) is not supported yet.
-  (Thus they are not excluded from CLI output). See [#213](https://github.com/src-d/enry/issues/213).
-
 - Overriding languages and types though `.gitattributes` is not yet supported. See [#18](https://github.com/src-d/enry/issues/18).
 
 - `enry` CLI output does NOT exclude `.gitignore`ed files and git submodules, as Linguist does
diff --git a/vendor/github.com/go-enry/go-enry/v2/common.go b/vendor/github.com/go-enry/go-enry/v2/common.go
index 4764cf763b..a31f30840b 100644
--- a/vendor/github.com/go-enry/go-enry/v2/common.go
+++ b/vendor/github.com/go-enry/go-enry/v2/common.go
@@ -118,7 +118,13 @@ func getLanguageBySpecificClassifier(content []byte, candidates []string, classi
 }
 
 // GetLanguages applies a sequence of strategies based on the given filename and content
-// to find out the most probably languages to return.
+// to find out the most probable languages to return.
+//
+// If it finds a strategy that produces a single result, it will be returned;
+// otherise the last strategy that returned multiple results will be returned.
+// If the content is binary, no results will be returned. This matches the
+// behavior of Linguist.detect: https://github.com/github/linguist/blob/aad49acc0624c70d654a8dce447887dbbc713c7a/lib/linguist.rb#L14-L49
+//
 // At least one of arguments should be set. If content is missing, language detection will be based on the filename.
 // The function won't read the file, given an empty content.
 func GetLanguages(filename string, content []byte) []string {
@@ -127,16 +133,20 @@ func GetLanguages(filename string, content []byte) []string {
 	}
 
 	var languages []string
-	candidates := []string{}
 	for _, strategy := range DefaultStrategies {
-		languages = strategy(filename, content, candidates)
-		if len(languages) == 1 {
-			return languages
+		candidates := strategy(filename, content, languages)
+		// No candidates, continue to next strategy without updating languages
+		if len(candidates) == 0 {
+			continue
 		}
 
-		if len(languages) > 0 {
-			candidates = append(candidates, languages...)
+		// Only one candidate match, return it
+		if len(candidates) == 1 {
+			return candidates
 		}
+
+		// Save the candidates from this strategy to pass onto to the next strategy, like Linguist
+		languages = candidates
 	}
 
 	return languages
@@ -490,6 +500,16 @@ func GetLanguageExtensions(language string) []string {
 	return data.ExtensionsByLanguage[language]
 }
 
+// GetLanguageID returns the ID for the language. IDs are assigned by GitHub.
+// The input must be the canonical language name. Aliases are not supported.
+//
+// NOTE: The zero value (0) is a valid language ID, so this API mimics the Go
+// map API. Use the second return value to check if the language was found.
+func GetLanguageID(language string) (int, bool) {
+	id, ok := data.IDByLanguage[language]
+	return id, ok
+}
+
 // Type represent language's type. Either data, programming, markup, prose, or unknown.
 type Type int
 
diff --git a/vendor/github.com/go-enry/go-enry/v2/data/id.go b/vendor/github.com/go-enry/go-enry/v2/data/id.go
new file mode 100644
index 0000000000..3b623b3c3e
--- /dev/null
+++ b/vendor/github.com/go-enry/go-enry/v2/data/id.go
@@ -0,0 +1,585 @@
+// Code generated by github.com/go-enry/go-enry/v2/internal/code-generator DO NOT EDIT.
+// Extracted from github/linguist commit: 6aed0bd564f55c4f2d987c2e6035eda7aea26375
+
+package data
+
+var IDByLanguage = map[string]int{
+	"1C Enterprise":                      0,
+	"4D":                                 577529595,
+	"ABAP":                               1,
+	"ABAP CDS":                           452681853,
+	"ABNF":                               429,
+	"AGS Script":                         2,
+	"AL":                                 658971832,
+	"AMPL":                               3,
+	"ANTLR":                              4,
+	"API Blueprint":                      5,
+	"APL":                                6,
+	"ASL":                                124996147,
+	"ASN.1":                              7,
+	"ASP.NET":                            564186416,
+	"ATS":                                9,
+	"ActionScript":                       10,
+	"Ada":                                11,
+	"Adobe Font Metrics":                 147198098,
+	"Agda":                               12,
+	"Alloy":                              13,
+	"Alpine Abuild":                      14,
+	"Altium Designer":                    187772328,
+	"AngelScript":                        389477596,
+	"Ant Build System":                   15,
+	"ApacheConf":                         16,
+	"Apex":                               17,
+	"Apollo Guidance Computer":           18,
+	"AppleScript":                        19,
+	"Arc":                                20,
+	"AsciiDoc":                           22,
+	"AspectJ":                            23,
+	"Assembly":                           24,
+	"Asymptote":                          591605007,
+	"Augeas":                             25,
+	"AutoHotkey":                         26,
+	"AutoIt":                             27,
+	"Avro IDL":                           785497837,
+	"Awk":                                28,
+	"Ballerina":                          720859680,
+	"Batchfile":                          29,
+	"Beef":                               545626333,
+	"Befunge":                            30,
+	"BibTeX":                             982188347,
+	"Bison":                              31,
+	"BitBake":                            32,
+	"Blade":                              33,
+	"BlitzBasic":                         34,
+	"BlitzMax":                           35,
+	"Bluespec":                           36,
+	"Boo":                                37,
+	"Boogie":                             955017407,
+	"Brainfuck":                          38,
+	"Brightscript":                       39,
+	"Browserslist":                       153503348,
+	"C":                                  41,
+	"C#":                                 42,
+	"C++":                                43,
+	"C-ObjDump":                          44,
+	"C2hs Haskell":                       45,
+	"CLIPS":                              46,
+	"CMake":                              47,
+	"COBOL":                              48,
+	"COLLADA":                            49,
+	"CSON":                               424,
+	"CSS":                                50,
+	"CSV":                                51,
+	"CWeb":                               657332628,
+	"Cabal Config":                       677095381,
+	"Cap'n Proto":                        52,
+	"CartoCSS":                           53,
+	"Ceylon":                             54,
+	"Chapel":                             55,
+	"Charity":                            56,
+	"ChucK":                              57,
+	"Cirru":                              58,
+	"Clarion":                            59,
+	"Classic ASP":                        8,
+	"Clean":                              60,
+	"Click":                              61,
+	"Clojure":                            62,
+	"Closure Templates":                  357046146,
+	"Cloud Firestore Security Rules":     407996372,
+	"CoNLL-U":                            421026389,
+	"CodeQL":                             424259634,
+	"CoffeeScript":                       63,
+	"ColdFusion":                         64,
+	"ColdFusion CFC":                     65,
+	"Common Lisp":                        66,
+	"Common Workflow Language":           988547172,
+	"Component Pascal":                   67,
+	"Cool":                               68,
+	"Coq":                                69,
+	"Cpp-ObjDump":                        70,
+	"Creole":                             71,
+	"Crystal":                            72,
+	"Csound":                             73,
+	"Csound Document":                    74,
+	"Csound Score":                       75,
+	"Cuda":                               77,
+	"Cycript":                            78,
+	"Cython":                             79,
+	"D":                                  80,
+	"D-ObjDump":                          81,
+	"DIGITAL Command Language":           82,
+	"DM":                                 83,
+	"DNS Zone":                           84,
+	"DTrace":                             85,
+	"Dafny":                              969323346,
+	"Darcs Patch":                        86,
+	"Dart":                               87,
+	"DataWeave":                          974514097,
+	"Dhall":                              793969321,
+	"Diff":                               88,
+	"DirectX 3D File":                    201049282,
+	"Dockerfile":                         89,
+	"Dogescript":                         90,
+	"Dylan":                              91,
+	"E":                                  92,
+	"EBNF":                               430,
+	"ECL":                                93,
+	"ECLiPSe":                            94,
+	"EJS":                                95,
+	"EML":                                529653389,
+	"EQ":                                 96,
+	"Eagle":                              97,
+	"Easybuild":                          342840477,
+	"Ecere Projects":                     98,
+	"EditorConfig":                       96139566,
+	"Edje Data Collection":               342840478,
+	"Eiffel":                             99,
+	"Elixir":                             100,
+	"Elm":                                101,
+	"Emacs Lisp":                         102,
+	"EmberScript":                        103,
+	"Erlang":                             104,
+	"F#":                                 105,
+	"F*":                                 336943375,
+	"FIGlet Font":                        686129783,
+	"FLUX":                               106,
+	"Factor":                             108,
+	"Fancy":                              109,
+	"Fantom":                             110,
+	"Faust":                              622529198,
+	"Filebench WML":                      111,
+	"Filterscript":                       112,
+	"Formatted":                          113,
+	"Forth":                              114,
+	"Fortran":                            107,
+	"Fortran Free Form":                  761352333,
+	"FreeMarker":                         115,
+	"Frege":                              116,
+	"Futhark":                            97358117,
+	"G-code":                             117,
+	"GAML":                               290345951,
+	"GAMS":                               118,
+	"GAP":                                119,
+	"GCC Machine Description":            121,
+	"GDB":                                122,
+	"GDScript":                           123,
+	"GEDCOM":                             459577965,
+	"GLSL":                               124,
+	"GN":                                 302957008,
+	"Game Maker Language":                125,
+	"Genie":                              792408528,
+	"Genshi":                             126,
+	"Gentoo Ebuild":                      127,
+	"Gentoo Eclass":                      128,
+	"Gerber Image":                       404627610,
+	"Gettext Catalog":                    129,
+	"Gherkin":                            76,
+	"Git Attributes":                     956324166,
+	"Git Config":                         807968997,
+	"Glyph":                              130,
+	"Glyph Bitmap Distribution Format":   997665271,
+	"Gnuplot":                            131,
+	"Go":                                 132,
+	"Golo":                               133,
+	"Gosu":                               134,
+	"Grace":                              135,
+	"Gradle":                             136,
+	"Grammatical Framework":              137,
+	"Graph Modeling Language":            138,
+	"GraphQL":                            139,
+	"Graphviz (DOT)":                     140,
+	"Groovy":                             142,
+	"Groovy Server Pages":                143,
+	"HAProxy":                            366607477,
+	"HCL":                                144,
+	"HLSL":                               145,
+	"HTML":                               146,
+	"HTML+Django":                        147,
+	"HTML+ECR":                           148,
+	"HTML+EEX":                           149,
+	"HTML+ERB":                           150,
+	"HTML+PHP":                           151,
+	"HTML+Razor":                         479039817,
+	"HTTP":                               152,
+	"HXML":                               786683730,
+	"Hack":                               153,
+	"Haml":                               154,
+	"Handlebars":                         155,
+	"Harbour":                            156,
+	"Haskell":                            157,
+	"Haxe":                               158,
+	"HiveQL":                             931814087,
+	"HolyC":                              928121743,
+	"Hy":                                 159,
+	"HyPhy":                              160,
+	"IDL":                                161,
+	"IGOR Pro":                           162,
+	"INI":                                163,
+	"IRC log":                            164,
+	"Idris":                              165,
+	"Ignore List":                        74444240,
+	"ImageJ Macro":                       575143428,
+	"Inform 7":                           166,
+	"Inno Setup":                         167,
+	"Io":                                 168,
+	"Ioke":                               169,
+	"Isabelle":                           170,
+	"Isabelle ROOT":                      171,
+	"J":                                  172,
+	"JFlex":                              173,
+	"JSON":                               174,
+	"JSON with Comments":                 423,
+	"JSON5":                              175,
+	"JSONLD":                             176,
+	"JSONiq":                             177,
+	"Jasmin":                             180,
+	"Java":                               181,
+	"Java Properties":                    519377561,
+	"Java Server Pages":                  182,
+	"JavaScript":                         183,
+	"JavaScript+ERB":                     914318960,
+	"Jison":                              284531423,
+	"Jison Lex":                          406395330,
+	"Jolie":                              998078858,
+	"Jsonnet":                            664885656,
+	"Julia":                              184,
+	"Jupyter Notebook":                   185,
+	"KRL":                                186,
+	"Kaitai Struct":                      818804755,
+	"KiCad Layout":                       187,
+	"KiCad Legacy Layout":                140848857,
+	"KiCad Schematic":                    622447435,
+	"Kit":                                188,
+	"Kotlin":                             189,
+	"LFE":                                190,
+	"LLVM":                               191,
+	"LOLCODE":                            192,
+	"LSL":                                193,
+	"LTspice Symbol":                     1013566805,
+	"LabVIEW":                            194,
+	"Lark":                               758480799,
+	"Lasso":                              195,
+	"Latte":                              196,
+	"Lean":                               197,
+	"Less":                               198,
+	"Lex":                                199,
+	"LilyPond":                           200,
+	"Limbo":                              201,
+	"Linker Script":                      202,
+	"Linux Kernel Module":                203,
+	"Liquid":                             204,
+	"Literate Agda":                      205,
+	"Literate CoffeeScript":              206,
+	"Literate Haskell":                   207,
+	"LiveScript":                         208,
+	"Logos":                              209,
+	"Logtalk":                            210,
+	"LookML":                             211,
+	"LoomScript":                         212,
+	"Lua":                                213,
+	"M":                                  214,
+	"M4":                                 215,
+	"M4Sugar":                            216,
+	"MATLAB":                             225,
+	"MAXScript":                          217,
+	"MLIR":                               448253929,
+	"MQL4":                               426,
+	"MQL5":                               427,
+	"MTML":                               218,
+	"MUF":                                219,
+	"Macaulay2":                          34167825,
+	"Makefile":                           220,
+	"Mako":                               221,
+	"Markdown":                           222,
+	"Marko":                              932782397,
+	"Mask":                               223,
+	"Mathematica":                        224,
+	"Maven POM":                          226,
+	"Max":                                227,
+	"MediaWiki":                          228,
+	"Mercury":                            229,
+	"Meson":                              799141244,
+	"Metal":                              230,
+	"Microsoft Developer Studio Project": 800983837,
+	"MiniD":                              231,
+	"Mirah":                              232,
+	"Modelica":                           233,
+	"Modula-2":                           234,
+	"Modula-3":                           564743864,
+	"Module Management System":           235,
+	"Monkey":                             236,
+	"Moocode":                            237,
+	"MoonScript":                         238,
+	"Motorola 68K Assembly":              477582706,
+	"Muse":                               474864066,
+	"Mustache":                           638334590,
+	"Myghty":                             239,
+	"NASL":                               171666519,
+	"NCL":                                240,
+	"NEON":                               481192983,
+	"NL":                                 241,
+	"NPM Config":                         685022663,
+	"NSIS":                               242,
+	"NWScript":                           731233819,
+	"Nearley":                            521429430,
+	"Nemerle":                            243,
+	"NetLinx":                            244,
+	"NetLinx+ERB":                        245,
+	"NetLogo":                            246,
+	"NewLisp":                            247,
+	"Nextflow":                           506780613,
+	"Nginx":                              248,
+	"Nim":                                249,
+	"Ninja":                              250,
+	"Nit":                                251,
+	"Nix":                                252,
+	"Nu":                                 253,
+	"NumPy":                              254,
+	"Nunjucks":                           461856962,
+	"OCaml":                              255,
+	"ObjDump":                            256,
+	"Object Data Instance Notation":      985227236,
+	"ObjectScript":                       202735509,
+	"Objective-C":                        257,
+	"Objective-C++":                      258,
+	"Objective-J":                        259,
+	"Odin":                               889244082,
+	"Omgrofl":                            260,
+	"Opa":                                261,
+	"Opal":                               262,
+	"Open Policy Agent":                  840483232,
+	"OpenCL":                             263,
+	"OpenEdge ABL":                       264,
+	"OpenQASM":                           153739399,
+	"OpenRC runscript":                   265,
+	"OpenSCAD":                           266,
+	"OpenStep Property List":             598917541,
+	"OpenType Feature File":              374317347,
+	"Org":                                267,
+	"Ox":                                 268,
+	"Oxygene":                            269,
+	"Oz":                                 270,
+	"P4":                                 348895984,
+	"PHP":                                272,
+	"PLSQL":                              273,
+	"PLpgSQL":                            274,
+	"POV-Ray SDL":                        275,
+	"Pan":                                276,
+	"Papyrus":                            277,
+	"Parrot":                             278,
+	"Parrot Assembly":                    279,
+	"Parrot Internal Representation":     280,
+	"Pascal":                             281,
+	"Pawn":                               271,
+	"Pep8":                               840372442,
+	"Perl":                               282,
+	"Pic":                                425,
+	"Pickle":                             284,
+	"PicoLisp":                           285,
+	"PigLatin":                           286,
+	"Pike":                               287,
+	"PlantUML":                           833504686,
+	"Pod":                                288,
+	"Pod 6":                              155357471,
+	"PogoScript":                         289,
+	"Pony":                               290,
+	"PostCSS":                            262764437,
+	"PostScript":                         291,
+	"PowerBuilder":                       292,
+	"PowerShell":                         293,
+	"Prisma":                             499933428,
+	"Processing":                         294,
+	"Proguard":                           716513858,
+	"Prolog":                             295,
+	"Propeller Spin":                     296,
+	"Protocol Buffer":                    297,
+	"Public Key":                         298,
+	"Pug":                                179,
+	"Puppet":                             299,
+	"Pure Data":                          300,
+	"PureBasic":                          301,
+	"PureScript":                         302,
+	"Python":                             303,
+	"Python console":                     428,
+	"Python traceback":                   304,
+	"Q#":                                 697448245,
+	"QML":                                305,
+	"QMake":                              306,
+	"Qt Script":                          558193693,
+	"Quake":                              375265331,
+	"R":                                  307,
+	"RAML":                               308,
+	"RDoc":                               309,
+	"REALbasic":                          310,
+	"REXX":                               311,
+	"RMarkdown":                          313,
+	"RPC":                                1031374237,
+	"RPM Spec":                           314,
+	"RUNOFF":                             315,
+	"Racket":                             316,
+	"Ragel":                              317,
+	"Raku":                               283,
+	"Rascal":                             173616037,
+	"Raw token data":                     318,
+	"ReScript":                           501875647,
+	"Readline Config":                    538732839,
+	"Reason":                             869538413,
+	"Rebol":                              319,
+	"Record Jar":                         865765202,
+	"Red":                                320,
+	"Redcode":                            321,
+	"Regular Expression":                 363378884,
+	"Ren'Py":                             322,
+	"RenderScript":                       323,
+	"Rich Text Format":                   51601661,
+	"Ring":                               431,
+	"Riot":                               878396783,
+	"RobotFramework":                     324,
+	"Roff":                               141,
+	"Roff Manpage":                       612669833,
+	"Rouge":                              325,
+	"Ruby":                               326,
+	"Rust":                               327,
+	"SAS":                                328,
+	"SCSS":                               329,
+	"SMT":                                330,
+	"SPARQL":                             331,
+	"SQF":                                332,
+	"SQL":                                333,
+	"SQLPL":                              334,
+	"SRecode Template":                   335,
+	"SSH Config":                         554920715,
+	"STON":                               336,
+	"SVG":                                337,
+	"SWIG":                               1066250075,
+	"Sage":                               338,
+	"SaltStack":                          339,
+	"Sass":                               340,
+	"Scala":                              341,
+	"Scaml":                              342,
+	"Scheme":                             343,
+	"Scilab":                             344,
+	"Self":                               345,
+	"ShaderLab":                          664257356,
+	"Shell":                              346,
+	"ShellSession":                       347,
+	"Shen":                               348,
+	"Sieve":                              208976687,
+	"Slash":                              349,
+	"Slice":                              894641667,
+	"Slim":                               350,
+	"SmPL":                               164123055,
+	"Smali":                              351,
+	"Smalltalk":                          352,
+	"Smarty":                             353,
+	"Solidity":                           237469032,
+	"SourcePawn":                         354,
+	"Spline Font Database":               767169629,
+	"Squirrel":                           355,
+	"Stan":                               356,
+	"Standard ML":                        357,
+	"Starlark":                           960266174,
+	"Stata":                              358,
+	"Stylus":                             359,
+	"SubRip Text":                        360,
+	"SugarSS":                            826404698,
+	"SuperCollider":                      361,
+	"Svelte":                             928734530,
+	"Swift":                              362,
+	"SystemVerilog":                      363,
+	"TI Program":                         422,
+	"TLA":                                364,
+	"TOML":                               365,
+	"TSQL":                               918334941,
+	"TSV":                                1035892117,
+	"TSX":                                94901924,
+	"TXL":                                366,
+	"Tcl":                                367,
+	"Tcsh":                               368,
+	"TeX":                                369,
+	"Tea":                                370,
+	"Terra":                              371,
+	"Texinfo":                            988020015,
+	"Text":                               372,
+	"Textile":                            373,
+	"Thrift":                             374,
+	"Turing":                             375,
+	"Turtle":                             376,
+	"Twig":                               377,
+	"Type Language":                      632765617,
+	"TypeScript":                         378,
+	"Unified Parallel C":                 379,
+	"Unity3D Asset":                      380,
+	"Unix Assembly":                      120,
+	"Uno":                                381,
+	"UnrealScript":                       382,
+	"UrWeb":                              383,
+	"V":                                  603371597,
+	"VBA":                                399230729,
+	"VBScript":                           408016005,
+	"VCL":                                384,
+	"VHDL":                               385,
+	"Vala":                               386,
+	"Verilog":                            387,
+	"Vim Help File":                      508563686,
+	"Vim Snippet":                        81265970,
+	"Vim script":                         388,
+	"Visual Basic .NET":                  389,
+	"Volt":                               390,
+	"Vue":                                391,
+	"Wavefront Material":                 392,
+	"Wavefront Object":                   393,
+	"Web Ontology Language":              394,
+	"WebAssembly":                        956556503,
+	"WebIDL":                             395,
+	"WebVTT":                             658679714,
+	"Wget Config":                        668457123,
+	"Windows Registry Entries":           969674868,
+	"Wollok":                             632745969,
+	"World of Warcraft Addon Data":       396,
+	"X BitMap":                           782911107,
+	"X Font Directory Index":             208700028,
+	"X PixMap":                           781846279,
+	"X10":                                397,
+	"XC":                                 398,
+	"XCompose":                           225167241,
+	"XML":                                399,
+	"XML Property List":                  75622871,
+	"XPages":                             400,
+	"XProc":                              401,
+	"XQuery":                             402,
+	"XS":                                 403,
+	"XSLT":                               404,
+	"Xojo":                               405,
+	"Xtend":                              406,
+	"YAML":                               407,
+	"YANG":                               408,
+	"YARA":                               805122868,
+	"YASnippet":                          378760102,
+	"Yacc":                               409,
+	"ZAP":                                952972794,
+	"ZIL":                                973483626,
+	"Zeek":                               40,
+	"ZenScript":                          494938890,
+	"Zephir":                             410,
+	"Zig":                                646424281,
+	"Zimpl":                              411,
+	"cURL Config":                        992375436,
+	"desktop":                            412,
+	"dircolors":                          691605112,
+	"eC":                                 413,
+	"edn":                                414,
+	"fish":                               415,
+	"mIRC Script":                        517654727,
+	"mcfunction":                         462488745,
+	"mupad":                              416,
+	"nanorc":                             775996197,
+	"nesC":                               417,
+	"ooc":                                418,
+	"q":                                  970539067,
+	"reStructuredText":                   419,
+	"sed":                                847830017,
+	"wdl":                                374521672,
+	"wisp":                               420,
+	"xBase":                              421,
+}
diff --git a/vendor/github.com/go-enry/go-enry/v2/utils.go b/vendor/github.com/go-enry/go-enry/v2/utils.go
index 34da2506fb..c3ff6327ee 100644
--- a/vendor/github.com/go-enry/go-enry/v2/utils.go
+++ b/vendor/github.com/go-enry/go-enry/v2/utils.go
@@ -3,6 +3,8 @@ package enry
 import (
 	"bytes"
 	"path/filepath"
+	"regexp"
+	"sort"
 	"strings"
 
 	"github.com/go-enry/go-enry/v2/data"
@@ -61,9 +63,11 @@ func IsDotFile(path string) bool {
 	return strings.HasPrefix(base, ".") && base != "."
 }
 
+var isVendorRegExp *regexp.Regexp
+
 // IsVendor returns whether or not path is a vendor path.
 func IsVendor(path string) bool {
-	return matchRegexSlice(data.VendorMatchers, path)
+	return isVendorRegExp.MatchString(path)
 }
 
 // IsTest returns whether or not path is a test path.
@@ -131,3 +135,112 @@ func IsGenerated(path string, content []byte) bool {
 
 	return false
 }
+
+func init() {
+	// We now collate the individual regexps that make up the VendorMatchers to
+	// produce a single large regexp which is around twice as fast to test than
+	// simply iterating through all the regexps or naïvely collating the
+	// regexps.
+	//
+	// ---
+	//
+	// data.VendorMatchers here is a slice containing individual regexps that
+	// match a vendor file therefore if we want to test if a filename is a
+	// Vendor we need to test whether that filename matches one or more of
+	// those regexps.
+	//
+	// Now we could test each matcher in turn using a shortcircuiting test i.e.
+	//
+	//  	func IsVendor(filename string) bool {
+	// 			for _, matcher := range data.VendorMatchers {
+	// 				if matcher.Match(filename) {
+	//					return true
+	//				}
+	//			}
+	//			return false
+	//		}
+	//
+	// Or concatentate all these regexps using groups i.e.
+	//
+	//		`(regexp1)|(regexp2)|(regexp3)|...`
+	//
+	// However both of these are relatively slow and they don't take advantage
+	// of the inherent structure within our regexps...
+	//
+	// If we look at our regexps there are essentially three types of regexp:
+	//
+	// 1. Those that start with `^`
+	// 2. Those that start with `(^|/)`
+	// 3. Others
+	//
+	// If we collate our regexps into these groups that will significantly
+	// reduce the likelihood of backtracking within the regexp trie matcher.
+	//
+	// A further improvement is to use non-capturing groups as otherwise the
+	// regexp parser, whilst matching, will have to allocate slices for
+	// matching positions. (A future improvement here could be in the use of
+	// enforcing non-capturing groups within the sub-regexps too.)
+	//
+	// Finally if we sort the segments we can help the matcher build a more
+	// efficient matcher and trie.
+
+	// alias the VendorMatchers to simplify things
+	matchers := data.VendorMatchers
+
+	// Create three temporary string slices for our three groups above - prefixes removed
+	caretStrings := make([]string, 0, 10)
+	caretSegmentStrings := make([]string, 0, 10)
+	matcherStrings := make([]string, 0, len(matchers))
+
+	// Walk the matchers and check their string representation for each group prefix, remove it and add to the respective group slices
+	for _, matcher := range matchers {
+		str := matcher.String()
+		if str[0] == '^' {
+			caretStrings = append(caretStrings, str[1:])
+		} else if str[0:5] == "(^|/)" {
+			caretSegmentStrings = append(caretSegmentStrings, str[5:])
+		} else {
+			matcherStrings = append(matcherStrings, str)
+		}
+	}
+
+	// Sort the strings within each group - a potential further improvement could be in simplifying within these groups
+	sort.Strings(caretSegmentStrings)
+	sort.Strings(caretStrings)
+	sort.Strings(matcherStrings)
+
+	// Now build the collated regexp
+	sb := &strings.Builder{}
+
+	// Start with group 1 - those that started with `^`
+	sb.WriteString("(?:^(?:")
+	sb.WriteString(caretStrings[0])
+	for _, matcher := range caretStrings[1:] {
+		sb.WriteString(")|(?:")
+		sb.WriteString(matcher)
+	}
+	sb.WriteString("))")
+	sb.WriteString("|")
+
+	// Now add group 2 - those that started with `(^|/)`
+	sb.WriteString("(?:(?:^|/)(?:")
+	sb.WriteString(caretSegmentStrings[0])
+	for _, matcher := range caretSegmentStrings[1:] {
+		sb.WriteString(")|(?:")
+		sb.WriteString(matcher)
+	}
+	sb.WriteString("))")
+	sb.WriteString("|")
+
+	// Finally add the rest
+	sb.WriteString("(?:")
+	sb.WriteString(matcherStrings[0])
+	for _, matcher := range matcherStrings[1:] {
+		sb.WriteString(")|(?:")
+		sb.WriteString(matcher)
+	}
+	sb.WriteString(")")
+
+	// Compile the whole thing as the isVendorRegExp
+	isVendorRegExp = regexp.MustCompile(sb.String())
+}
diff --git a/vendor/github.com/go-git/go-billy/v5/memfs/memory.go b/vendor/github.com/go-git/go-billy/v5/memfs/memory.go
new file mode 100644
index 0000000000..f217693e6f
--- /dev/null
+++ b/vendor/github.com/go-git/go-billy/v5/memfs/memory.go
@@ -0,0 +1,410 @@
+// Package memfs provides a billy filesystem base on memory.
+package memfs // import "github.com/go-git/go-billy/v5/memfs"
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+	"sort"
+	"strings"
+	"time"
+
+	"github.com/go-git/go-billy/v5"
+	"github.com/go-git/go-billy/v5/helper/chroot"
+	"github.com/go-git/go-billy/v5/util"
+)
+
+const separator = filepath.Separator
+
+// Memory a very convenient filesystem based on memory files
+type Memory struct {
+	s *storage
+
+	tempCount int
+}
+
+//New returns a new Memory filesystem.
+func New() billy.Filesystem {
+	fs := &Memory{s: newStorage()}
+	return chroot.New(fs, string(separator))
+}
+
+func (fs *Memory) Create(filename string) (billy.File, error) {
+	return fs.OpenFile(filename, os.O_RDWR|os.O_CREATE|os.O_TRUNC, 0666)
+}
+
+func (fs *Memory) Open(filename string) (billy.File, error) {
+	return fs.OpenFile(filename, os.O_RDONLY, 0)
+}
+
+func (fs *Memory) OpenFile(filename string, flag int, perm os.FileMode) (billy.File, error) {
+	f, has := fs.s.Get(filename)
+	if !has {
+		if !isCreate(flag) {
+			return nil, os.ErrNotExist
+		}
+
+		var err error
+		f, err = fs.s.New(filename, perm, flag)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		if isExclusive(flag) {
+			return nil, os.ErrExist
+		}
+
+		if target, isLink := fs.resolveLink(filename, f); isLink {
+			return fs.OpenFile(target, flag, perm)
+		}
+	}
+
+	if f.mode.IsDir() {
+		return nil, fmt.Errorf("cannot open directory: %s", filename)
+	}
+
+	return f.Duplicate(filename, perm, flag), nil
+}
+
+var errNotLink = errors.New("not a link")
+
+func (fs *Memory) resolveLink(fullpath string, f *file) (target string, isLink bool) {
+	if !isSymlink(f.mode) {
+		return fullpath, false
+	}
+
+	target = string(f.content.bytes)
+	if !isAbs(target) {
+		target = fs.Join(filepath.Dir(fullpath), target)
+	}
+
+	return target, true
+}
+
+// On Windows OS, IsAbs validates if a path is valid based on if stars with a
+// unit (eg.: `C:\`)  to assert that is absolute, but in this mem implementation
+// any path starting by `separator` is also considered absolute.
+func isAbs(path string) bool {
+	return filepath.IsAbs(path) || strings.HasPrefix(path, string(separator))
+}
+
+func (fs *Memory) Stat(filename string) (os.FileInfo, error) {
+	f, has := fs.s.Get(filename)
+	if !has {
+		return nil, os.ErrNotExist
+	}
+
+	fi, _ := f.Stat()
+
+	var err error
+	if target, isLink := fs.resolveLink(filename, f); isLink {
+		fi, err = fs.Stat(target)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	// the name of the file should always the name of the stated file, so we
+	// overwrite the Stat returned from the storage with it, since the
+	// filename may belong to a link.
+	fi.(*fileInfo).name = filepath.Base(filename)
+	return fi, nil
+}
+
+func (fs *Memory) Lstat(filename string) (os.FileInfo, error) {
+	f, has := fs.s.Get(filename)
+	if !has {
+		return nil, os.ErrNotExist
+	}
+
+	return f.Stat()
+}
+
+type ByName []os.FileInfo
+
+func (a ByName) Len() int           { return len(a) }
+func (a ByName) Less(i, j int) bool { return a[i].Name() < a[j].Name() }
+func (a ByName) Swap(i, j int)      { a[i], a[j] = a[j], a[i] }
+
+func (fs *Memory) ReadDir(path string) ([]os.FileInfo, error) {
+	if f, has := fs.s.Get(path); has {
+		if target, isLink := fs.resolveLink(path, f); isLink {
+			return fs.ReadDir(target)
+		}
+	}
+
+	var entries []os.FileInfo
+	for _, f := range fs.s.Children(path) {
+		fi, _ := f.Stat()
+		entries = append(entries, fi)
+	}
+
+	sort.Sort(ByName(entries))
+
+	return entries, nil
+}
+
+func (fs *Memory) MkdirAll(path string, perm os.FileMode) error {
+	_, err := fs.s.New(path, perm|os.ModeDir, 0)
+	return err
+}
+
+func (fs *Memory) TempFile(dir, prefix string) (billy.File, error) {
+	return util.TempFile(fs, dir, prefix)
+}
+
+func (fs *Memory) getTempFilename(dir, prefix string) string {
+	fs.tempCount++
+	filename := fmt.Sprintf("%s_%d_%d", prefix, fs.tempCount, time.Now().UnixNano())
+	return fs.Join(dir, filename)
+}
+
+func (fs *Memory) Rename(from, to string) error {
+	return fs.s.Rename(from, to)
+}
+
+func (fs *Memory) Remove(filename string) error {
+	return fs.s.Remove(filename)
+}
+
+func (fs *Memory) Join(elem ...string) string {
+	return filepath.Join(elem...)
+}
+
+func (fs *Memory) Symlink(target, link string) error {
+	_, err := fs.Stat(link)
+	if err == nil {
+		return os.ErrExist
+	}
+
+	if !os.IsNotExist(err) {
+		return err
+	}
+
+	return util.WriteFile(fs, link, []byte(target), 0777|os.ModeSymlink)
+}
+
+func (fs *Memory) Readlink(link string) (string, error) {
+	f, has := fs.s.Get(link)
+	if !has {
+		return "", os.ErrNotExist
+	}
+
+	if !isSymlink(f.mode) {
+		return "", &os.PathError{
+			Op:   "readlink",
+			Path: link,
+			Err:  fmt.Errorf("not a symlink"),
+		}
+	}
+
+	return string(f.content.bytes), nil
+}
+
+// Capabilities implements the Capable interface.
+func (fs *Memory) Capabilities() billy.Capability {
+	return billy.WriteCapability |
+		billy.ReadCapability |
+		billy.ReadAndWriteCapability |
+		billy.SeekCapability |
+		billy.TruncateCapability
+}
+
+type file struct {
+	name     string
+	content  *content
+	position int64
+	flag     int
+	mode     os.FileMode
+
+	isClosed bool
+}
+
+func (f *file) Name() string {
+	return f.name
+}
+
+func (f *file) Read(b []byte) (int, error) {
+	n, err := f.ReadAt(b, f.position)
+	f.position += int64(n)
+
+	if err == io.EOF && n != 0 {
+		err = nil
+	}
+
+	return n, err
+}
+
+func (f *file) ReadAt(b []byte, off int64) (int, error) {
+	if f.isClosed {
+		return 0, os.ErrClosed
+	}
+
+	if !isReadAndWrite(f.flag) && !isReadOnly(f.flag) {
+		return 0, errors.New("read not supported")
+	}
+
+	n, err := f.content.ReadAt(b, off)
+
+	return n, err
+}
+
+func (f *file) Seek(offset int64, whence int) (int64, error) {
+	if f.isClosed {
+		return 0, os.ErrClosed
+	}
+
+	switch whence {
+	case io.SeekCurrent:
+		f.position += offset
+	case io.SeekStart:
+		f.position = offset
+	case io.SeekEnd:
+		f.position = int64(f.content.Len()) + offset
+	}
+
+	return f.position, nil
+}
+
+func (f *file) Write(p []byte) (int, error) {
+	if f.isClosed {
+		return 0, os.ErrClosed
+	}
+
+	if !isReadAndWrite(f.flag) && !isWriteOnly(f.flag) {
+		return 0, errors.New("write not supported")
+	}
+
+	n, err := f.content.WriteAt(p, f.position)
+	f.position += int64(n)
+
+	return n, err
+}
+
+func (f *file) Close() error {
+	if f.isClosed {
+		return os.ErrClosed
+	}
+
+	f.isClosed = true
+	return nil
+}
+
+func (f *file) Truncate(size int64) error {
+	if size < int64(len(f.content.bytes)) {
+		f.content.bytes = f.content.bytes[:size]
+	} else if more := int(size) - len(f.content.bytes); more > 0 {
+		f.content.bytes = append(f.content.bytes, make([]byte, more)...)
+	}
+
+	return nil
+}
+
+func (f *file) Duplicate(filename string, mode os.FileMode, flag int) billy.File {
+	new := &file{
+		name:    filename,
+		content: f.content,
+		mode:    mode,
+		flag:    flag,
+	}
+
+	if isAppend(flag) {
+		new.position = int64(new.content.Len())
+	}
+
+	if isTruncate(flag) {
+		new.content.Truncate()
+	}
+
+	return new
+}
+
+func (f *file) Stat() (os.FileInfo, error) {
+	return &fileInfo{
+		name: f.Name(),
+		mode: f.mode,
+		size: f.content.Len(),
+	}, nil
+}
+
+// Lock is a no-op in memfs.
+func (f *file) Lock() error {
+	return nil
+}
+
+// Unlock is a no-op in memfs.
+func (f *file) Unlock() error {
+	return nil
+}
+
+type fileInfo struct {
+	name string
+	size int
+	mode os.FileMode
+}
+
+func (fi *fileInfo) Name() string {
+	return fi.name
+}
+
+func (fi *fileInfo) Size() int64 {
+	return int64(fi.size)
+}
+
+func (fi *fileInfo) Mode() os.FileMode {
+	return fi.mode
+}
+
+func (*fileInfo) ModTime() time.Time {
+	return time.Now()
+}
+
+func (fi *fileInfo) IsDir() bool {
+	return fi.mode.IsDir()
+}
+
+func (*fileInfo) Sys() interface{} {
+	return nil
+}
+
+func (c *content) Truncate() {
+	c.bytes = make([]byte, 0)
+}
+
+func (c *content) Len() int {
+	return len(c.bytes)
+}
+
+func isCreate(flag int) bool {
+	return flag&os.O_CREATE != 0
+}
+
+func isExclusive(flag int) bool {
+	return flag&os.O_EXCL != 0
+}
+
+func isAppend(flag int) bool {
+	return flag&os.O_APPEND != 0
+}
+
+func isTruncate(flag int) bool {
+	return flag&os.O_TRUNC != 0
+}
+
+func isReadAndWrite(flag int) bool {
+	return flag&os.O_RDWR != 0
+}
+
+func isReadOnly(flag int) bool {
+	return flag == os.O_RDONLY
+}
+
+func isWriteOnly(flag int) bool {
+	return flag&os.O_WRONLY != 0
+}
+
+func isSymlink(m os.FileMode) bool {
+	return m&os.ModeSymlink != 0
+}
diff --git a/vendor/github.com/go-git/go-billy/v5/memfs/storage.go b/vendor/github.com/go-git/go-billy/v5/memfs/storage.go
new file mode 100644
index 0000000000..d3ff5a25db
--- /dev/null
+++ b/vendor/github.com/go-git/go-billy/v5/memfs/storage.go
@@ -0,0 +1,229 @@
+package memfs
+
+import (
+	"errors"
+	"fmt"
+	"io"
+	"os"
+	"path/filepath"
+)
+
+type storage struct {
+	files    map[string]*file
+	children map[string]map[string]*file
+}
+
+func newStorage() *storage {
+	return &storage{
+		files:    make(map[string]*file, 0),
+		children: make(map[string]map[string]*file, 0),
+	}
+}
+
+func (s *storage) Has(path string) bool {
+	path = clean(path)
+
+	_, ok := s.files[path]
+	return ok
+}
+
+func (s *storage) New(path string, mode os.FileMode, flag int) (*file, error) {
+	path = clean(path)
+	if s.Has(path) {
+		if !s.MustGet(path).mode.IsDir() {
+			return nil, fmt.Errorf("file already exists %q", path)
+		}
+
+		return nil, nil
+	}
+
+	name := filepath.Base(path)
+
+	f := &file{
+		name:    name,
+		content: &content{name: name},
+		mode:    mode,
+		flag:    flag,
+	}
+
+	s.files[path] = f
+	s.createParent(path, mode, f)
+	return f, nil
+}
+
+func (s *storage) createParent(path string, mode os.FileMode, f *file) error {
+	base := filepath.Dir(path)
+	base = clean(base)
+	if f.Name() == string(separator) {
+		return nil
+	}
+
+	if _, err := s.New(base, mode.Perm()|os.ModeDir, 0); err != nil {
+		return err
+	}
+
+	if _, ok := s.children[base]; !ok {
+		s.children[base] = make(map[string]*file, 0)
+	}
+
+	s.children[base][f.Name()] = f
+	return nil
+}
+
+func (s *storage) Children(path string) []*file {
+	path = clean(path)
+
+	l := make([]*file, 0)
+	for _, f := range s.children[path] {
+		l = append(l, f)
+	}
+
+	return l
+}
+
+func (s *storage) MustGet(path string) *file {
+	f, ok := s.Get(path)
+	if !ok {
+		panic(fmt.Errorf("couldn't find %q", path))
+	}
+
+	return f
+}
+
+func (s *storage) Get(path string) (*file, bool) {
+	path = clean(path)
+	if !s.Has(path) {
+		return nil, false
+	}
+
+	file, ok := s.files[path]
+	return file, ok
+}
+
+func (s *storage) Rename(from, to string) error {
+	from = clean(from)
+	to = clean(to)
+
+	if !s.Has(from) {
+		return os.ErrNotExist
+	}
+
+	move := [][2]string{{from, to}}
+
+	for pathFrom := range s.files {
+		if pathFrom == from || !filepath.HasPrefix(pathFrom, from) {
+			continue
+		}
+
+		rel, _ := filepath.Rel(from, pathFrom)
+		pathTo := filepath.Join(to, rel)
+
+		move = append(move, [2]string{pathFrom, pathTo})
+	}
+
+	for _, ops := range move {
+		from := ops[0]
+		to := ops[1]
+
+		if err := s.move(from, to); err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+func (s *storage) move(from, to string) error {
+	s.files[to] = s.files[from]
+	s.files[to].name = filepath.Base(to)
+	s.children[to] = s.children[from]
+
+	defer func() {
+		delete(s.children, from)
+		delete(s.files, from)
+		delete(s.children[filepath.Dir(from)], filepath.Base(from))
+	}()
+
+	return s.createParent(to, 0644, s.files[to])
+}
+
+func (s *storage) Remove(path string) error {
+	path = clean(path)
+
+	f, has := s.Get(path)
+	if !has {
+		return os.ErrNotExist
+	}
+
+	if f.mode.IsDir() && len(s.children[path]) != 0 {
+		return fmt.Errorf("dir: %s contains files", path)
+	}
+
+	base, file := filepath.Split(path)
+	base = filepath.Clean(base)
+
+	delete(s.children[base], file)
+	delete(s.files, path)
+	return nil
+}
+
+func clean(path string) string {
+	return filepath.Clean(filepath.FromSlash(path))
+}
+
+type content struct {
+	name  string
+	bytes []byte
+}
+
+func (c *content) WriteAt(p []byte, off int64) (int, error) {
+	if off < 0 {
+		return 0, &os.PathError{
+			Op:   "writeat",
+			Path: c.name,
+			Err:  errors.New("negative offset"),
+		}
+	}
+
+	prev := len(c.bytes)
+
+	diff := int(off) - prev
+	if diff > 0 {
+		c.bytes = append(c.bytes, make([]byte, diff)...)
+	}
+
+	c.bytes = append(c.bytes[:off], p...)
+	if len(c.bytes) < prev {
+		c.bytes = c.bytes[:prev]
+	}
+
+	return len(p), nil
+}
+
+func (c *content) ReadAt(b []byte, off int64) (n int, err error) {
+	if off < 0 {
+		return 0, &os.PathError{
+			Op:   "readat",
+			Path: c.name,
+			Err:  errors.New("negative offset"),
+		}
+	}
+
+	size := int64(len(c.bytes))
+	if off >= size {
+		return 0, io.EOF
+	}
+
+	l := int64(len(b))
+	if off+l > size {
+		l = size - off
+	}
+
+	btr := c.bytes[off : off+l]
+	if len(btr) < len(b) {
+		err = io.EOF
+	}
+	n = copy(b, btr)
+
+	return
+}
diff --git a/vendor/github.com/go-git/go-billy/v5/osfs/os.go b/vendor/github.com/go-git/go-billy/v5/osfs/os.go
index 880389fff2..9665d2755d 100644
--- a/vendor/github.com/go-git/go-billy/v5/osfs/os.go
+++ b/vendor/github.com/go-git/go-billy/v5/osfs/os.go
@@ -1,3 +1,5 @@
+// +build !js
+
 // Package osfs provides a billy filesystem for the OS.
 package osfs // import "github.com/go-git/go-billy/v5/osfs"
 
@@ -16,12 +18,15 @@ const (
 	defaultCreateMode    = 0666
 )
 
+// Default Filesystem representing the root of the os filesystem.
+var Default = &OS{}
+
 // OS is a filesystem based on the os filesystem.
 type OS struct{}
 
 // New returns a new OS filesystem.
 func New(baseDir string) billy.Filesystem {
-	return chroot.New(&OS{}, baseDir)
+	return chroot.New(Default, baseDir)
 }
 
 func (fs *OS) Create(filename string) (billy.File, error) {
diff --git a/vendor/github.com/go-git/go-billy/v5/osfs/os_js.go b/vendor/github.com/go-git/go-billy/v5/osfs/os_js.go
new file mode 100644
index 0000000000..8ae68fed68
--- /dev/null
+++ b/vendor/github.com/go-git/go-billy/v5/osfs/os_js.go
@@ -0,0 +1,21 @@
+// +build js
+
+package osfs
+
+import (
+	"github.com/go-git/go-billy/v5"
+	"github.com/go-git/go-billy/v5/helper/chroot"
+	"github.com/go-git/go-billy/v5/memfs"
+)
+
+// globalMemFs is the global memory fs
+var globalMemFs = memfs.New()
+
+// Default Filesystem representing the root of in-memory filesystem for a
+// js/wasm environment.
+var Default = memfs.New()
+
+// New returns a new OS filesystem.
+func New(baseDir string) billy.Filesystem {
+	return chroot.New(Default, Default.Join("/", baseDir))
+}
diff --git a/vendor/github.com/go-git/go-billy/v5/osfs/os_plan9.go b/vendor/github.com/go-git/go-billy/v5/osfs/os_plan9.go
index fe1eb85df4..e8f519ffe2 100644
--- a/vendor/github.com/go-git/go-billy/v5/osfs/os_plan9.go
+++ b/vendor/github.com/go-git/go-billy/v5/osfs/os_plan9.go
@@ -1,3 +1,5 @@
+// +build plan9
+
 package osfs
 
 import (
diff --git a/vendor/github.com/go-git/go-billy/v5/osfs/os_posix.go b/vendor/github.com/go-git/go-billy/v5/osfs/os_posix.go
index 7645dd52e6..c74d60ee6b 100644
--- a/vendor/github.com/go-git/go-billy/v5/osfs/os_posix.go
+++ b/vendor/github.com/go-git/go-billy/v5/osfs/os_posix.go
@@ -1,4 +1,4 @@
-// +build !plan9,!windows
+// +build !plan9,!windows,!js
 
 package osfs
 
diff --git a/vendor/github.com/go-git/go-billy/v5/util/util.go b/vendor/github.com/go-git/go-billy/v5/util/util.go
index 34c1d9e749..5c77128c3c 100644
--- a/vendor/github.com/go-git/go-billy/v5/util/util.go
+++ b/vendor/github.com/go-git/go-billy/v5/util/util.go
@@ -146,9 +146,8 @@ func nextSuffix() string {
 // to remove the file when no longer needed.
 func TempFile(fs billy.Basic, dir, prefix string) (f billy.File, err error) {
 	// This implementation is based on stdlib ioutil.TempFile.
-
 	if dir == "" {
-		dir = os.TempDir()
+		dir = getTempDir(fs)
 	}
 
 	nconflict := 0
@@ -179,7 +178,7 @@ func TempDir(fs billy.Dir, dir, prefix string) (name string, err error) {
 	// This implementation is based on stdlib ioutil.TempDir
 
 	if dir == "" {
-		dir = os.TempDir()
+		dir = getTempDir(fs.(billy.Basic))
 	}
 
 	nconflict := 0
@@ -207,6 +206,15 @@ func TempDir(fs billy.Dir, dir, prefix string) (name string, err error) {
 	return
 }
 
+func getTempDir(fs billy.Basic) string {
+	ch, ok := fs.(billy.Chroot)
+	if !ok || ch.Root() == "" || ch.Root() == "/" || ch.Root() == string(filepath.Separator) {
+		return os.TempDir()
+	}
+
+	return ".tmp"
+}
+
 type underlying interface {
 	Underlying() billy.Basic
 }
@@ -222,3 +230,53 @@ func getUnderlyingAndPath(fs billy.Basic, path string) (billy.Basic, string) {
 
 	return u.Underlying(), path
 }
+
+// ReadFile reads the named file and returns the contents from the given filesystem.
+// A successful call returns err == nil, not err == EOF.
+// Because ReadFile reads the whole file, it does not treat an EOF from Read
+// as an error to be reported.
+func ReadFile(fs billy.Basic, name string) ([]byte, error) {
+	f, err := fs.Open(name)
+	if err != nil {
+		return nil, err
+	}
+
+	defer f.Close()
+
+	var size int
+	if info, err := fs.Stat(name); err == nil {
+		size64 := info.Size()
+		if int64(int(size64)) == size64 {
+			size = int(size64)
+		}
+	}
+
+	size++ // one byte for final read at EOF
+	// If a file claims a small size, read at least 512 bytes.
+	// In particular, files in Linux's /proc claim size 0 but
+	// then do not work right if read in small pieces,
+	// so an initial read of 1 byte would not work correctly.
+
+	if size < 512 {
+		size = 512
+	}
+
+	data := make([]byte, 0, size)
+	for {
+		if len(data) >= cap(data) {
+			d := append(data[:cap(data)], 0)
+			data = d[:len(data)]
+		}
+
+		n, err := f.Read(data[len(data):cap(data)])
+		data = data[:len(data)+n]
+
+		if err != nil {
+			if err == io.EOF {
+				err = nil
+			}
+
+			return data, err
+		}
+	}
+}
diff --git a/vendor/github.com/go-git/go-git/v5/common.go b/vendor/github.com/go-git/go-git/v5/common.go
index f837a2654c..6174339a81 100644
--- a/vendor/github.com/go-git/go-git/v5/common.go
+++ b/vendor/github.com/go-git/go-git/v5/common.go
@@ -2,8 +2,6 @@ package git
 
 import "strings"
 
-const defaultDotGitPath = ".git"
-
 // countLines returns the number of lines in a string à la git, this is
 // The newline character is assumed to be '\n'.  The empty string
 // contains 0 lines.  If the last line of the string doesn't end with a
diff --git a/vendor/github.com/go-git/go-git/v5/config/config.go b/vendor/github.com/go-git/go-git/v5/config/config.go
index 1f737b5dd4..1aee25a4c5 100644
--- a/vendor/github.com/go-git/go-git/v5/config/config.go
+++ b/vendor/github.com/go-git/go-git/v5/config/config.go
@@ -12,6 +12,7 @@ import (
 	"sort"
 	"strconv"
 
+	"github.com/go-git/go-billy/v5/osfs"
 	"github.com/go-git/go-git/v5/internal/url"
 	format "github.com/go-git/go-git/v5/plumbing/format/config"
 	"github.com/mitchellh/go-homedir"
@@ -158,7 +159,7 @@ func LoadConfig(scope Scope) (*Config, error) {
 	}
 
 	for _, file := range files {
-		f, err := os.Open(file)
+		f, err := osfs.Default.Open(file)
 		if err != nil {
 			if os.IsNotExist(err) {
 				continue
diff --git a/vendor/github.com/go-git/go-git/v5/go.mod b/vendor/github.com/go-git/go-git/v5/go.mod
index feaa2e6ba8..402613f0f1 100644
--- a/vendor/github.com/go-git/go-git/v5/go.mod
+++ b/vendor/github.com/go-git/go-git/v5/go.mod
@@ -2,14 +2,16 @@ module github.com/go-git/go-git/v5
 
 require (
 	github.com/Microsoft/go-winio v0.4.16 // indirect
+	github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7
+	github.com/acomagu/bufpipe v1.0.3
 	github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 // indirect
 	github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5
 	github.com/emirpasic/gods v1.12.0
 	github.com/flynn/go-shlex v0.0.0-20150515145356-3f9db97f8568 // indirect
 	github.com/gliderlabs/ssh v0.2.2
 	github.com/go-git/gcfg v1.5.0
-	github.com/go-git/go-billy/v5 v5.1.0
-	github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12
+	github.com/go-git/go-billy/v5 v5.3.1
+	github.com/go-git/go-git-fixtures/v4 v4.2.1
 	github.com/google/go-cmp v0.3.0
 	github.com/imdario/mergo v0.3.12
 	github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99
@@ -18,8 +20,9 @@ require (
 	github.com/mitchellh/go-homedir v1.1.0
 	github.com/sergi/go-diff v1.1.0
 	github.com/xanzy/ssh-agent v0.3.0
-	golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2
+	golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b
 	golang.org/x/net v0.0.0-20210326060303-6b1517762897
+	golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79
 	golang.org/x/text v0.3.3
 	gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c
 	gopkg.in/warnings.v0 v0.1.2 // indirect
diff --git a/vendor/github.com/go-git/go-git/v5/go.sum b/vendor/github.com/go-git/go-git/v5/go.sum
index d1d12c5633..9227247750 100644
--- a/vendor/github.com/go-git/go-git/v5/go.sum
+++ b/vendor/github.com/go-git/go-git/v5/go.sum
@@ -1,8 +1,10 @@
 github.com/Microsoft/go-winio v0.4.14/go.mod h1:qXqCSQ3Xa7+6tgxaGTIe4Kpcdsi+P8jBhyzoq1bpyYA=
 github.com/Microsoft/go-winio v0.4.16 h1:FtSW/jqD+l4ba5iPBj9CODVtgfYAD8w2wS923g/cFDk=
 github.com/Microsoft/go-winio v0.4.16/go.mod h1:XB6nPKklQyQ7GC9LdcBEcBl8PF76WugXOPRXwdLnMv0=
-github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7 h1:uSoVVbwJiQipAclBbw+8quDsfcvFjOpI5iCf4p/cqCs=
-github.com/alcortesm/tgz v0.0.0-20161220082320-9c5fe88206d7/go.mod h1:6zEj6s6u/ghQa61ZWa/C2Aw3RkjiTBOix7dkqa1VLIs=
+github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7 h1:YoJbenK9C67SkzkDfmQuVln04ygHj3vjZfd9FL+GmQQ=
+github.com/ProtonMail/go-crypto v0.0.0-20210428141323-04723f9f07d7/go.mod h1:z4/9nQmJSSwwds7ejkxaJwO37dru3geImFUdJlaLzQo=
+github.com/acomagu/bufpipe v1.0.3 h1:fxAGrHZTgQ9w5QqVItgzwj235/uYZYgbXitB+dLupOk=
+github.com/acomagu/bufpipe v1.0.3/go.mod h1:mxdxdup/WdsKVreO5GpW4+M/1CE2sMG4jeGJ2sYmHc4=
 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239 h1:kFOfPq6dUM1hTo4JG6LR5AXSUEsOjtdm0kw0FtQtMJA=
 github.com/anmitsu/go-shlex v0.0.0-20161002113705-648efa622239/go.mod h1:2FmKhYUyUczH0OGQWaF5ceTx0UBShxjsH6f8oGKYe2c=
 github.com/armon/go-socks5 v0.0.0-20160902184237-e75332964ef5 h1:0CwZNZbxp69SHPdPJAN/hZIm0C4OItdklCFmMRWYpio=
@@ -19,46 +21,38 @@ github.com/gliderlabs/ssh v0.2.2 h1:6zsha5zo/TWhRhwqCD3+EarCAgZ2yN28ipRnGPnwkI0=
 github.com/gliderlabs/ssh v0.2.2/go.mod h1:U7qILu1NlMHj9FlMhZLlkCdDnU1DBEAqr0aevW3Awn0=
 github.com/go-git/gcfg v1.5.0 h1:Q5ViNfGF8zFgyJWPqYwA7qGFoMTEiBmdlkcfRmpIMa4=
 github.com/go-git/gcfg v1.5.0/go.mod h1:5m20vg6GwYabIxaOonVkTdrILxQMpEShl1xiMF4ua+E=
-github.com/go-git/go-billy/v5 v5.0.0 h1:7NQHvd9FVid8VL4qVUMm8XifBK+2xCoZ2lSk0agRrHM=
-github.com/go-git/go-billy/v5 v5.0.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
-github.com/go-git/go-billy/v5 v5.1.0 h1:4pl5BV4o7ZG/lterP4S6WzJ6xr49Ba5ET9ygheTYahk=
-github.com/go-git/go-billy/v5 v5.1.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
-github.com/go-git/go-git-fixtures/v4 v4.0.1 h1:q+IFMfLx200Q3scvt2hN79JsEzy4AmBTp/pqnefH+Bc=
-github.com/go-git/go-git-fixtures/v4 v4.0.1/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw=
-github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12 h1:PbKy9zOy4aAKrJ5pibIRpVO2BXnK1Tlcg+caKI7Ox5M=
-github.com/go-git/go-git-fixtures/v4 v4.0.2-0.20200613231340-f56387b50c12/go.mod h1:m+ICp2rF3jDhFgEZ/8yziagdT1C+ZpZcrJjappBCDSw=
+github.com/go-git/go-billy/v5 v5.2.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
+github.com/go-git/go-billy/v5 v5.3.0 h1:KZL1OFdS+afiIjN4hr/zpj5cEtC0OJhbmTA18PsBb8c=
+github.com/go-git/go-billy/v5 v5.3.0/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
+github.com/go-git/go-billy/v5 v5.3.1 h1:CPiOUAzKtMRvolEKw+bG1PLRpT7D3LIs3/3ey4Aiu34=
+github.com/go-git/go-billy/v5 v5.3.1/go.mod h1:pmpqyWchKfYfrkb/UVH4otLvyi/5gJlGI4Hb3ZqZ3W0=
+github.com/go-git/go-git-fixtures/v4 v4.2.1 h1:n9gGL1Ct/yIw+nfsfr8s4+sbhT+Ncu2SubfXjIWgci8=
+github.com/go-git/go-git-fixtures/v4 v4.2.1/go.mod h1:K8zd3kDUAykwTdDCr+I0per6Y6vMiRR/nnVTBtavnB0=
 github.com/google/go-cmp v0.3.0 h1:crn/baboCvb5fXaQ0IJ1SGTsTVrWpDsCWC8EGETZijY=
 github.com/google/go-cmp v0.3.0/go.mod h1:8QqcDgzrUqlUb/G2PQTWiueGozuR1884gddMywk6iLU=
-github.com/imdario/mergo v0.3.9 h1:UauaLniWCFHWd+Jp9oCEkTBj8VO/9DKg3PV3VCNMDIg=
-github.com/imdario/mergo v0.3.9/go.mod h1:2EnlNZ0deacrJVfApfmtdGgDfMuh/nq6Ok1EcJh5FfA=
 github.com/imdario/mergo v0.3.12 h1:b6R2BslTbIEToALKP7LxUvijTsNI9TAe80pLWN2g/HU=
 github.com/imdario/mergo v0.3.12/go.mod h1:jmQim1M+e3UYxmgPu/WyfjB3N3VflVyUjjjwH0dnCYA=
 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99 h1:BQSFePA1RWJOlocH6Fxy8MmwDt+yVQYULKfN0RoTN8A=
 github.com/jbenet/go-context v0.0.0-20150711004518-d14ea06fba99/go.mod h1:1lJo3i6rXxKeerYnT8Nvf0QmHCRC1n8sfWVwXF2Frvo=
-github.com/jessevdk/go-flags v1.4.0 h1:4IU2WS7AumrZ/40jfhf4QVDMsQwqA7VEHozFRrGARJA=
-github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/jessevdk/go-flags v1.5.0 h1:1jKYvbxEjfUl0fmqTCOfonvskHHXMjBySTLW4y9LFvc=
 github.com/jessevdk/go-flags v1.5.0/go.mod h1:Fw0T6WPc1dYxT4mKEZRfG5kJhaTDP9pj1c2EWnYs/m4=
-github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd h1:Coekwdh0v2wtGp9Gmz1Ze3eVRAWJMLokvN3QjdzCHLY=
-github.com/kevinburke/ssh_config v0.0.0-20190725054713-01f96b0aa0cd/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
 github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351 h1:DowS9hvgyYSX4TO5NpyC606/Z4SxnNYbT+WX27or6Ck=
 github.com/kevinburke/ssh_config v0.0.0-20201106050909-4977a11b4351/go.mod h1:CT57kijsi8u/K/BOFA39wgDQJ9CxiF4nAY/ojJ6r6mM=
 github.com/konsorten/go-windows-terminal-sequences v1.0.1/go.mod h1:T0+1ngSBFLxvqU3pZ+m/2kptfBszLMUkC4ZK/EgS/cQ=
-github.com/kr/pretty v0.1.0 h1:L/CwN0zerZDmRFUapSPitk6f+Q3+0za1rQkzVuMiMFI=
 github.com/kr/pretty v0.1.0/go.mod h1:dAy3ld7l9f0ibDNOQOHHMYYIIbhfbHSm3C4ZsoJORNo=
 github.com/kr/pretty v0.2.1 h1:Fmg33tUaq4/8ym9TJN1x7sLJnHVwhP33CNkpYV/7rwI=
 github.com/kr/pretty v0.2.1/go.mod h1:ipq/a2n7PKx3OHsz4KJII5eveXtPO4qwEXGdVfWzfnI=
 github.com/kr/pty v1.1.1/go.mod h1:pFQYn66WHrOpPYNljwOMqo10TkYh1fy3cYio2l3bCsQ=
-github.com/kr/text v0.1.0 h1:45sCR5RtlFHMR4UwH9sdQ5TC8v0qDQCHnXt+kaKSTVE=
 github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/kr/text v0.2.0 h1:5Nx0Ya0ZqY2ygV366QzturHI13Jq95ApcVaJBhpS+AY=
 github.com/kr/text v0.2.0/go.mod h1:eLer722TekiGuMkidMxC/pM04lWEeraHUUmBw8l2grE=
+github.com/matryer/is v1.2.0 h1:92UTHpy8CDwaJ08GqLDzhhuixiBUUD1p3AU6PHddz4A=
+github.com/matryer/is v1.2.0/go.mod h1:2fLPjFQM9rhQ15aVEtbuwhJinnOqrmgXPNdZsdwlWXA=
 github.com/mitchellh/go-homedir v1.1.0 h1:lukF9ziXFxDFPkA1vsr5zpc1XuPDn/wFntq5mG+4E0Y=
 github.com/mitchellh/go-homedir v1.1.0/go.mod h1:SfyaCUpYCn1Vlf4IUYiD9fPX4A5wJrkLzIz1N1q0pr0=
-github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs=
 github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno=
-github.com/pkg/errors v0.8.1 h1:iURUrRGxPUNPdy5/HRSm+Yj6okJ6UtLINN0Q9M4+h3I=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
+github.com/pkg/errors v0.9.1 h1:FEBLx1zS214owpjy7qsBeixbURkuhQAwrK5UwLGTwt4=
 github.com/pkg/errors v0.9.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
@@ -68,53 +62,42 @@ github.com/sirupsen/logrus v1.4.1/go.mod h1:ni0Sbl8bgC9z8RoU9G6nDWqqs/fq4eDPysMB
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/objx v0.1.1/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
-github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
-github.com/xanzy/ssh-agent v0.2.1 h1:TCbipTQL2JiiCprBWx9frJ2eJlCYT00NmctrHxVAr70=
-github.com/xanzy/ssh-agent v0.2.1/go.mod h1:mLlQY/MoOhWBj+gOGMQkOeiEvkx+8pJSI+0Bx9h2kr4=
+github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
+github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/xanzy/ssh-agent v0.3.0 h1:wUMzuKtKilRgBAD1sUb8gOwwRr2FGoBVumcjoOACClI=
 github.com/xanzy/ssh-agent v0.3.0/go.mod h1:3s9xbODqPuuhK9JV1R321M/FlMZSBvE5aY6eAcqrDh0=
 golang.org/x/crypto v0.0.0-20190219172222-a4c6cb3142f2/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073 h1:xMPOj6Pz6UipU1wXLkrtqpHbR0AVFnyPEQq/wRWz9lM=
-golang.org/x/crypto v0.0.0-20200302210943-78000ba7a073/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
-golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2 h1:It14KIkyBFYkHkwZ7k45minvA9aorojkyjGk9KJ5B/w=
 golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20200301022130-244492dfa37a h1:GuSPYbZzB5/dcLNCwLQLsg3obCJtX9IJhpXkvY7kzk0=
-golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b h1:7mWr3k41Qtv8XlltBkDkl8LoP3mpSgBW8BUoxtEdbXg=
+golang.org/x/crypto v0.0.0-20210421170649-83a5a9bb288b/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4=
 golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210326060303-6b1517762897 h1:KrsHThm5nFk34YtATK1LsThyGhGbGe1olrte/HInHvs=
 golang.org/x/net v0.0.0-20210326060303-6b1517762897/go.mod h1:uSPa2vr4CLtc/ILN5odXGNXS6mhrKVzTaCXzk9m6W3k=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190221075227-b4e8571b14e0/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190507160741-ecd444e8653b/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190916202348-b4ddaad3f8a3/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527 h1:uYVVQ9WP/Ds2ROhcaGPeIdVq0RIXVLwsHlnvJ+cT1So=
 golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210320140829-1e4c9ba3b0c4/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210324051608-47abb6519492 h1:Paq34FxTluEPvVyayQqMPgHm+vTOrIifmcYxFBx9TLg=
 golang.org/x/sys v0.0.0-20210324051608-47abb6519492/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79 h1:RX8C8PRZc2hTIod4ds8ij+/4RQX3AqhYj3uOHmyaz4E=
+golang.org/x/sys v0.0.0-20210502180810-71e4cd670f79/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1 h1:v+OssWQX+hTHEmOBgwxdZxK4zHq3yOs8F9J7mk0PY8E=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/text v0.3.0 h1:g61tztE5qeGQ89tm6NTjjM9VPIm088od1l6aSorWRWg=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
-golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
 golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
 golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20190902080502-41f04d3bba15/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
-gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f h1:BLraFXnmrev5lT+xlilqcH8XK9/i0At2xKjWk4p6zsU=
 gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c h1:Hei/4ADfdWqJk1ZMxUNpqntNwaWcugrBjAiHlqqRiVk=
 gopkg.in/check.v1 v1.0.0-20201130134442-10cb98267c6c/go.mod h1:JHkPIbrfpd72SG/EVd6muEfDQjcINNoR0C8j2r3qZ4Q=
 gopkg.in/warnings.v0 v0.1.2 h1:wFXVbFY8DY5/xOe1ECiWdKCzZlxgshcYVNkBHstARME=
 gopkg.in/warnings.v0 v0.1.2/go.mod h1:jksf8JmL6Qr/oQM2OXTHunEvvTAsrWBLb6OOjuVWRNI=
 gopkg.in/yaml.v2 v2.2.2/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
-gopkg.in/yaml.v2 v2.2.4 h1:/eiJrUcujPVeJ3xlSWaiNi3uSVmDGBK1pDHUHAnao1I=
 gopkg.in/yaml.v2 v2.2.4/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v2 v2.3.0 h1:clyUAQHOM3G0M3f5vQj7LuJrETvjVot3Z5el9nffUtU=
 gopkg.in/yaml.v2 v2.3.0/go.mod h1:hI93XBmqTisBFMUTm0b8Fm+jr3Dg1NNxqwp+5A1VGuI=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c h1:dUUwHk2QECo/6vqA44rthZ8ie2QXMNeKRTHCNY2nXvo=
+gopkg.in/yaml.v3 v3.0.0-20200313102051-9f266ea9e77c/go.mod h1:K4uyk7z7BCEPqu6E+C64Yfv1cQ7kz7rIZviUmN+EgEM=
diff --git a/vendor/github.com/go-git/go-git/v5/options.go b/vendor/github.com/go-git/go-git/v5/options.go
index b5d1503762..70687965bb 100644
--- a/vendor/github.com/go-git/go-git/v5/options.go
+++ b/vendor/github.com/go-git/go-git/v5/options.go
@@ -7,12 +7,12 @@ import (
 	"strings"
 	"time"
 
+	"github.com/ProtonMail/go-crypto/openpgp"
 	"github.com/go-git/go-git/v5/config"
 	"github.com/go-git/go-git/v5/plumbing"
 	"github.com/go-git/go-git/v5/plumbing/object"
 	"github.com/go-git/go-git/v5/plumbing/protocol/packp/sideband"
 	"github.com/go-git/go-git/v5/plumbing/transport"
-	"golang.org/x/crypto/openpgp"
 )
 
 // SubmoduleRescursivity defines how depth will affect any submodule recursive
@@ -393,7 +393,7 @@ var (
 	ErrMissingAuthor = errors.New("author field is required")
 )
 
-// AddOptions describes how a add operation should be performed
+// AddOptions describes how an `add` operation should be performed
 type AddOptions struct {
 	// All equivalent to `git add -A`, update the index not only where the
 	// working tree has a file matching `Path` but also where the index already
@@ -401,7 +401,7 @@ type AddOptions struct {
 	// working tree.  If no `Path` nor `Glob` is given when `All` option is
 	// used, all files in the entire working tree are updated.
 	All bool
-	// Path is the exact filepath to a the file or directory to be added.
+	// Path is the exact filepath to the file or directory to be added.
 	Path string
 	// Glob adds all paths, matching pattern, to the index. If pattern matches a
 	// directory path, all directory contents are added to the index recursively.
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/format/gitignore/dir.go b/vendor/github.com/go-git/go-git/v5/plumbing/format/gitignore/dir.go
index 922c458da6..7cea50cd8f 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/format/gitignore/dir.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/format/gitignore/dir.go
@@ -5,7 +5,6 @@ import (
 	"bytes"
 	"io/ioutil"
 	"os"
-	"os/user"
 	"strings"
 
 	"github.com/go-git/go-billy/v5"
@@ -116,12 +115,12 @@ func loadPatterns(fs billy.Filesystem, path string) (ps []Pattern, err error) {
 //
 // The function assumes fs is rooted at the root filesystem.
 func LoadGlobalPatterns(fs billy.Filesystem) (ps []Pattern, err error) {
-	usr, err := user.Current()
+	home, err := os.UserHomeDir()
 	if err != nil {
 		return
 	}
 
-	return loadPatterns(fs, fs.Join(usr.HomeDir, gitconfigFile))
+	return loadPatterns(fs, fs.Join(home, gitconfigFile))
 }
 
 // LoadSystemPatterns loads gitignore patterns from from the gitignore file
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go
index 98664a1ebf..7a1b8e5ae0 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/commit.go
@@ -9,7 +9,7 @@ import (
 	"io"
 	"strings"
 
-	"golang.org/x/crypto/openpgp"
+	"github.com/ProtonMail/go-crypto/openpgp"
 
 	"github.com/go-git/go-git/v5/plumbing"
 	"github.com/go-git/go-git/v5/plumbing/storer"
@@ -374,7 +374,7 @@ func (c *Commit) Verify(armoredKeyRing string) (*openpgp.Entity, error) {
 		return nil, err
 	}
 
-	return openpgp.CheckArmoredDetachedSignature(keyring, er, signature)
+	return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil)
 }
 
 func indent(t string) string {
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/patch.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/patch.go
index 9b5f438c02..56b62c191f 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/object/patch.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/patch.go
@@ -287,8 +287,16 @@ func printStat(fileStats []FileStat) string {
 	for _, fs := range fileStats {
 		addn := float64(fs.Addition)
 		deln := float64(fs.Deletion)
-		adds := strings.Repeat("+", int(math.Floor(addn/scaleFactor)))
-		dels := strings.Repeat("-", int(math.Floor(deln/scaleFactor)))
+		addc := int(math.Floor(addn/scaleFactor))
+		delc := int(math.Floor(deln/scaleFactor))
+		if addc < 0 {
+			addc = 0
+		}
+		if delc < 0 {
+			delc = 0
+		}
+		adds := strings.Repeat("+", addc)
+		dels := strings.Repeat("-", delc)
 		finalOutput += fmt.Sprintf(" %s | %d %s%s\n", fs.Name, (fs.Addition + fs.Deletion), adds, dels)
 	}
 
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go
index 4641658045..216010d913 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/object/tag.go
@@ -8,7 +8,7 @@ import (
 	stdioutil "io/ioutil"
 	"strings"
 
-	"golang.org/x/crypto/openpgp"
+	"github.com/ProtonMail/go-crypto/openpgp"
 
 	"github.com/go-git/go-git/v5/plumbing"
 	"github.com/go-git/go-git/v5/plumbing/storer"
@@ -304,7 +304,7 @@ func (t *Tag) Verify(armoredKeyRing string) (*openpgp.Entity, error) {
 		return nil, err
 	}
 
-	return openpgp.CheckArmoredDetachedSignature(keyring, er, signature)
+	return openpgp.CheckArmoredDetachedSignature(keyring, er, signature, nil)
 }
 
 // TagIter provides an iterator for a set of tags.
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/file/client.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/file/client.go
index f6e23652a7..6f0a38012b 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/file/client.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/file/client.go
@@ -6,12 +6,13 @@ import (
 	"errors"
 	"io"
 	"os"
-	"os/exec"
 	"path/filepath"
 	"strings"
 
 	"github.com/go-git/go-git/v5/plumbing/transport"
 	"github.com/go-git/go-git/v5/plumbing/transport/internal/common"
+	"github.com/go-git/go-git/v5/utils/ioutil"
+	"golang.org/x/sys/execabs"
 )
 
 // DefaultClient is the default local client.
@@ -36,7 +37,7 @@ func NewClient(uploadPackBin, receivePackBin string) transport.Transport {
 
 func prefixExecPath(cmd string) (string, error) {
 	// Use `git --exec-path` to find the exec path.
-	execCmd := exec.Command("git", "--exec-path")
+	execCmd := execabs.Command("git", "--exec-path")
 
 	stdout, err := execCmd.StdoutPipe()
 	if err != nil {
@@ -54,7 +55,7 @@ func prefixExecPath(cmd string) (string, error) {
 		return "", err
 	}
 	if isPrefix {
-		return "", errors.New("Couldn't read exec-path line all at once")
+		return "", errors.New("couldn't read exec-path line all at once")
 	}
 
 	err = execCmd.Wait()
@@ -66,7 +67,7 @@ func prefixExecPath(cmd string) (string, error) {
 	cmd = filepath.Join(execPath, cmd)
 
 	// Make sure it actually exists.
-	_, err = exec.LookPath(cmd)
+	_, err = execabs.LookPath(cmd)
 	if err != nil {
 		return "", err
 	}
@@ -83,9 +84,9 @@ func (r *runner) Command(cmd string, ep *transport.Endpoint, auth transport.Auth
 		cmd = r.ReceivePackBin
 	}
 
-	_, err := exec.LookPath(cmd)
+	_, err := execabs.LookPath(cmd)
 	if err != nil {
-		if e, ok := err.(*exec.Error); ok && e.Err == exec.ErrNotFound {
+		if e, ok := err.(*execabs.Error); ok && e.Err == execabs.ErrNotFound {
 			cmd, err = prefixExecPath(cmd)
 			if err != nil {
 				return nil, err
@@ -95,11 +96,11 @@ func (r *runner) Command(cmd string, ep *transport.Endpoint, auth transport.Auth
 		}
 	}
 
-	return &command{cmd: exec.Command(cmd, ep.Path)}, nil
+	return &command{cmd: execabs.Command(cmd, ep.Path)}, nil
 }
 
 type command struct {
-	cmd          *exec.Cmd
+	cmd          *execabs.Cmd
 	stderrCloser io.Closer
 	closed       bool
 }
@@ -111,7 +112,7 @@ func (c *command) Start() error {
 func (c *command) StderrPipe() (io.Reader, error) {
 	// Pipe returned by Command.StderrPipe has a race with Read + Command.Wait.
 	// We use an io.Pipe and close it after the command finishes.
-	r, w := io.Pipe()
+	r, w := ioutil.Pipe()
 	c.cmd.Stderr = w
 	c.stderrCloser = r
 	return r, nil
@@ -148,7 +149,7 @@ func (c *command) Close() error {
 	}
 
 	// When a repository does not exist, the command exits with code 128.
-	if _, ok := err.(*exec.ExitError); ok {
+	if _, ok := err.(*execabs.ExitError); ok {
 		return nil
 	}
 
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go
index 75405c72f6..fdb148f599 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/internal/common/common.go
@@ -233,7 +233,7 @@ func (s *session) handleAdvRefDecodeError(err error) error {
 // UploadPack performs a request to the server to fetch a packfile. A reader is
 // returned with the packfile content. The reader must be closed after reading.
 func (s *session) UploadPack(ctx context.Context, req *packp.UploadPackRequest) (*packp.UploadPackResponse, error) {
-	if req.IsEmpty() {
+	if req.IsEmpty() && len(req.Shallows) == 0 {
 		return nil, transport.ErrEmptyUploadPackRequest
 	}
 
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/server/server.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/server/server.go
index 6f89ec397b..8ab70fe707 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/server/server.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/server/server.go
@@ -166,7 +166,7 @@ func (s *upSession) UploadPack(ctx context.Context, req *packp.UploadPackRequest
 		return nil, err
 	}
 
-	pr, pw := io.Pipe()
+	pr, pw := ioutil.Pipe()
 	e := packfile.NewEncoder(pw, s.storer, false)
 	go func() {
 		// TODO: plumb through a pack window.
diff --git a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go
index b79a74e41d..3514669546 100644
--- a/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go
+++ b/vendor/github.com/go-git/go-git/v5/plumbing/transport/ssh/auth_method.go
@@ -1,8 +1,6 @@
 package ssh
 
 import (
-	"crypto/x509"
-	"encoding/pem"
 	"errors"
 	"fmt"
 	"io/ioutil"
@@ -13,7 +11,7 @@ import (
 	"github.com/go-git/go-git/v5/plumbing/transport"
 
 	"github.com/mitchellh/go-homedir"
-	"github.com/xanzy/ssh-agent"
+	sshagent "github.com/xanzy/ssh-agent"
 	"golang.org/x/crypto/ssh"
 	"golang.org/x/crypto/ssh/knownhosts"
 )
@@ -121,27 +119,15 @@ type PublicKeys struct {
 // NewPublicKeys returns a PublicKeys from a PEM encoded private key. An
 // encryption password should be given if the pemBytes contains a password
 // encrypted PEM block otherwise password should be empty. It supports RSA
-// (PKCS#1), DSA (OpenSSL), and ECDSA private keys.
+// (PKCS#1), PKCS#8, DSA (OpenSSL), and ECDSA private keys.
 func NewPublicKeys(user string, pemBytes []byte, password string) (*PublicKeys, error) {
-	block, _ := pem.Decode(pemBytes)
-	if block == nil {
-		return nil, errors.New("invalid PEM data")
-	}
-	if x509.IsEncryptedPEMBlock(block) {
-		key, err := x509.DecryptPEMBlock(block, []byte(password))
-		if err != nil {
-			return nil, err
-		}
-
-		block = &pem.Block{Type: block.Type, Bytes: key}
-		pemBytes = pem.EncodeToMemory(block)
-	}
-
 	signer, err := ssh.ParsePrivateKey(pemBytes)
+	if _, ok := err.(*ssh.PassphraseMissingError); ok {
+		signer, err = ssh.ParsePrivateKeyWithPassphrase(pemBytes, []byte(password))
+	}
 	if err != nil {
 		return nil, err
 	}
-
 	return &PublicKeys{User: user, Signer: signer}, nil
 }
 
diff --git a/vendor/github.com/go-git/go-git/v5/remote.go b/vendor/github.com/go-git/go-git/v5/remote.go
index 85c28eeece..4a06106c53 100644
--- a/vendor/github.com/go-git/go-git/v5/remote.go
+++ b/vendor/github.com/go-git/go-git/v5/remote.go
@@ -5,6 +5,7 @@ import (
 	"errors"
 	"fmt"
 	"io"
+	"time"
 
 	"github.com/go-git/go-billy/v5/osfs"
 	"github.com/go-git/go-git/v5/config"
@@ -91,7 +92,7 @@ func (r *Remote) Push(o *PushOptions) error {
 // the remote was already up-to-date.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func (r *Remote) PushContext(ctx context.Context, o *PushOptions) (err error) {
 	if err := o.Validate(); err != nil {
@@ -284,7 +285,7 @@ func (r *Remote) updateRemoteReferenceStorage(
 // no changes to be fetched, or an error.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func (r *Remote) FetchContext(ctx context.Context, o *FetchOptions) error {
 	_, err := r.fetch(ctx, o)
@@ -349,6 +350,13 @@ func (r *Remote) fetch(ctx context.Context, o *FetchOptions) (sto storer.Referen
 		return nil, err
 	}
 
+	if !req.Depth.IsZero() {
+		req.Shallows, err = r.s.Shallow()
+		if err != nil {
+			return nil, fmt.Errorf("existing checkout is not shallow")
+		}
+	}
+
 	req.Wants, err = getWants(r.s, refs)
 	if len(req.Wants) > 0 {
 		req.Haves, err = getHaves(localRefs, remoteRefs, r.s)
@@ -367,12 +375,42 @@ func (r *Remote) fetch(ctx context.Context, o *FetchOptions) (sto storer.Referen
 	}
 
 	if !updated {
+		updated, err = depthChanged(req.Shallows, r.s)
+		if err != nil {
+			return nil, fmt.Errorf("error checking depth change: %v", err)
+		}
+	}
+
+	if !updated {
 		return remoteRefs, NoErrAlreadyUpToDate
 	}
 
 	return remoteRefs, nil
 }
 
+func depthChanged(before []plumbing.Hash, s storage.Storer) (bool, error) {
+	after, err := s.Shallow()
+	if err != nil {
+		return false, err
+	}
+
+	if len(before) != len(after) {
+		return true, nil
+	}
+
+	bm := make(map[plumbing.Hash]bool, len(before))
+	for _, b := range before {
+		bm[b] = true
+	}
+	for _, a := range after {
+		if _, ok := bm[a]; !ok {
+			return true, nil
+		}
+	}
+
+	return false, nil
+}
+
 func newUploadPackSession(url string, auth transport.AuthMethod, insecure bool, cabundle []byte) (transport.UploadPackSession, error) {
 	c, ep, err := newClient(url, auth, insecure, cabundle)
 	if err != nil {
@@ -777,6 +815,11 @@ func doCalculateRefs(
 }
 
 func getWants(localStorer storage.Storer, refs memory.ReferenceStorage) ([]plumbing.Hash, error) {
+	shallow := false
+	if s, _ := localStorer.Shallow(); len(s) > 0 {
+		shallow = true
+	}
+
 	wants := map[plumbing.Hash]bool{}
 	for _, ref := range refs {
 		hash := ref.Hash()
@@ -785,7 +828,7 @@ func getWants(localStorer storage.Storer, refs memory.ReferenceStorage) ([]plumb
 			return nil, err
 		}
 
-		if !exists {
+		if !exists || shallow {
 			wants[hash] = true
 		}
 	}
@@ -1030,7 +1073,24 @@ func (r *Remote) buildFetchedTags(refs memory.ReferenceStorage) (updated bool, e
 }
 
 // List the references on the remote repository.
+// The provided Context must be non-nil. If the context expires before the
+// operation is complete, an error is returned. The context only affects to the
+// transport operations.
+func (r *Remote) ListContext(ctx context.Context, o *ListOptions) (rfs []*plumbing.Reference, err error) {
+	refs, err := r.list(ctx, o)
+	if err != nil {
+		return refs, err
+	}
+	return refs, nil
+}
+
 func (r *Remote) List(o *ListOptions) (rfs []*plumbing.Reference, err error) {
+	ctx, cancel := context.WithTimeout(context.Background(), 10*time.Second)
+	defer cancel()
+	return r.ListContext(ctx, o)
+}
+
+func (r *Remote) list(ctx context.Context, o *ListOptions) (rfs []*plumbing.Reference, err error) {
 	s, err := newUploadPackSession(r.c.URLs[0], o.Auth, o.InsecureSkipTLS, o.CABundle)
 	if err != nil {
 		return nil, err
@@ -1038,7 +1098,7 @@ func (r *Remote) List(o *ListOptions) (rfs []*plumbing.Reference, err error) {
 
 	defer ioutil.CheckClose(s, &err)
 
-	ar, err := s.AdvertisedReferencesContext(context.TODO())
+	ar, err := s.AdvertisedReferencesContext(ctx)
 	if err != nil {
 		return nil, err
 	}
@@ -1107,7 +1167,7 @@ func pushHashes(
 	allDelete bool,
 ) (*packp.ReportStatus, error) {
 
-	rd, wr := io.Pipe()
+	rd, wr := ioutil.Pipe()
 
 	config, err := s.Config()
 	if err != nil {
diff --git a/vendor/github.com/go-git/go-git/v5/repository.go b/vendor/github.com/go-git/go-git/v5/repository.go
index cc487d48b9..d3fbf97593 100644
--- a/vendor/github.com/go-git/go-git/v5/repository.go
+++ b/vendor/github.com/go-git/go-git/v5/repository.go
@@ -6,7 +6,6 @@ import (
 	"encoding/hex"
 	"errors"
 	"fmt"
-	"io"
 	stdioutil "io/ioutil"
 	"os"
 	"path"
@@ -14,8 +13,10 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-git/go-git/v5/storage/filesystem/dotgit"
-
+	"github.com/ProtonMail/go-crypto/openpgp"
+	"github.com/go-git/go-billy/v5"
+	"github.com/go-git/go-billy/v5/osfs"
+	"github.com/go-git/go-billy/v5/util"
 	"github.com/go-git/go-git/v5/config"
 	"github.com/go-git/go-git/v5/internal/revision"
 	"github.com/go-git/go-git/v5/plumbing"
@@ -25,12 +26,9 @@ import (
 	"github.com/go-git/go-git/v5/plumbing/storer"
 	"github.com/go-git/go-git/v5/storage"
 	"github.com/go-git/go-git/v5/storage/filesystem"
+	"github.com/go-git/go-git/v5/storage/filesystem/dotgit"
 	"github.com/go-git/go-git/v5/utils/ioutil"
 	"github.com/imdario/mergo"
-	"golang.org/x/crypto/openpgp"
-
-	"github.com/go-git/go-billy/v5"
-	"github.com/go-git/go-billy/v5/osfs"
 )
 
 // GitDirName this is a special folder where all the git stuff is.
@@ -190,10 +188,6 @@ func Open(s storage.Storer, worktree billy.Filesystem) (*Repository, error) {
 // Clone a repository into the given Storer and worktree Filesystem with the
 // given options, if worktree is nil a bare repository is created. If the given
 // storer is not empty ErrRepositoryAlreadyExists is returned.
-//
-// The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
-// transport operations.
 func Clone(s storage.Storer, worktree billy.Filesystem, o *CloneOptions) (*Repository, error) {
 	return CloneContext(context.Background(), s, worktree, o)
 }
@@ -203,7 +197,7 @@ func Clone(s storage.Storer, worktree billy.Filesystem, o *CloneOptions) (*Repos
 // given storer is not empty ErrRepositoryAlreadyExists is returned.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func CloneContext(
 	ctx context.Context, s storage.Storer, worktree billy.Filesystem, o *CloneOptions,
@@ -279,17 +273,18 @@ func dotGitToOSFilesystems(path string, detect bool) (dot, wt billy.Filesystem,
 		return nil, nil, err
 	}
 
-	pathinfo, err := os.Stat(path)
-	if !os.IsNotExist(err) {
-		if !pathinfo.IsDir() && detect {
-			path = filepath.Dir(path)
-		}
-	}
-
 	var fs billy.Filesystem
 	var fi os.FileInfo
 	for {
 		fs = osfs.New(path)
+
+		pathinfo, err := fs.Stat("/")
+		if !os.IsNotExist(err) {
+			if !pathinfo.IsDir() && detect {
+				fs = osfs.New(filepath.Dir(path))
+			}
+		}
+
 		fi, err = fs.Stat(GitDirName)
 		if err == nil {
 			// no error; stop
@@ -398,7 +393,7 @@ func PlainClone(path string, isBare bool, o *CloneOptions) (*Repository, error)
 // ErrRepositoryAlreadyExists is returned.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 //
 // TODO(mcuadros): move isBare to CloneOptions in v5
@@ -433,7 +428,7 @@ func newRepository(s storage.Storer, worktree billy.Filesystem) *Repository {
 }
 
 func checkIfCleanupIsNeeded(path string) (cleanup bool, cleanParent bool, err error) {
-	fi, err := os.Stat(path)
+	fi, err := osfs.Default.Stat(path)
 	if err != nil {
 		if os.IsNotExist(err) {
 			return true, true, nil
@@ -446,44 +441,30 @@ func checkIfCleanupIsNeeded(path string) (cleanup bool, cleanParent bool, err er
 		return false, false, fmt.Errorf("path is not a directory: %s", path)
 	}
 
-	f, err := os.Open(path)
+	files, err := osfs.Default.ReadDir(path)
 	if err != nil {
 		return false, false, err
 	}
 
-	defer ioutil.CheckClose(f, &err)
-
-	_, err = f.Readdirnames(1)
-	if err == io.EOF {
+	if len(files) == 0 {
 		return true, false, nil
 	}
 
-	if err != nil {
-		return false, false, err
-	}
-
 	return false, false, nil
 }
 
 func cleanUpDir(path string, all bool) error {
 	if all {
-		return os.RemoveAll(path)
+		return util.RemoveAll(osfs.Default, path)
 	}
 
-	f, err := os.Open(path)
+	files, err := osfs.Default.ReadDir(path)
 	if err != nil {
 		return err
 	}
 
-	defer ioutil.CheckClose(f, &err)
-
-	names, err := f.Readdirnames(-1)
-	if err != nil {
-		return err
-	}
-
-	for _, name := range names {
-		if err := os.RemoveAll(filepath.Join(path, name)); err != nil {
+	for _, fi := range files {
+		if err := util.RemoveAll(osfs.Default, osfs.Default.Join(path, fi.Name())); err != nil {
 			return err
 		}
 	}
@@ -894,11 +875,13 @@ func (r *Repository) clone(ctx context.Context, o *CloneOptions) error {
 			Name:  branchName,
 			Merge: branchRef,
 		}
+
 		if o.RemoteName == "" {
 			b.Remote = "origin"
 		} else {
 			b.Remote = o.RemoteName
 		}
+
 		if err := r.CreateBranch(b); err != nil {
 			return err
 		}
@@ -1101,7 +1084,7 @@ func (r *Repository) Fetch(o *FetchOptions) error {
 // no changes to be fetched, or an error.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func (r *Repository) FetchContext(ctx context.Context, o *FetchOptions) error {
 	if err := o.Validate(); err != nil {
@@ -1128,7 +1111,7 @@ func (r *Repository) Push(o *PushOptions) error {
 // FetchOptions.RemoteName.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func (r *Repository) PushContext(ctx context.Context, o *PushOptions) error {
 	if err := o.Validate(); err != nil {
diff --git a/vendor/github.com/go-git/go-git/v5/submodule.go b/vendor/github.com/go-git/go-git/v5/submodule.go
index b6bef46cc9..a202a9b600 100644
--- a/vendor/github.com/go-git/go-git/v5/submodule.go
+++ b/vendor/github.com/go-git/go-git/v5/submodule.go
@@ -173,7 +173,7 @@ func (s *Submodule) Update(o *SubmoduleUpdateOptions) error {
 // setting in the options SubmoduleUpdateOptions.Init equals true.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func (s *Submodule) UpdateContext(ctx context.Context, o *SubmoduleUpdateOptions) error {
 	return s.update(ctx, o, plumbing.ZeroHash)
@@ -254,6 +254,24 @@ func (s *Submodule) fetchAndCheckout(
 		return err
 	}
 
+	// Handle a case when submodule refers to an orphaned commit that's still reachable
+	// through Git server using a special protocol capability[1].
+	//
+	// [1]: https://git-scm.com/docs/protocol-capabilities#_allow_reachable_sha1_in_want
+	if !o.NoFetch {
+		if _, err := w.r.Object(plumbing.AnyObject, hash); err != nil {
+			refSpec := config.RefSpec("+" + hash.String() + ":" + hash.String())
+
+			err := r.FetchContext(ctx, &FetchOptions{
+				Auth:     o.Auth,
+				RefSpecs: []config.RefSpec{refSpec},
+			})
+			if err != nil && err != NoErrAlreadyUpToDate && err != ErrExactSHA1NotSupported {
+				return err
+			}
+		}
+	}
+
 	if err := w.Checkout(&CheckoutOptions{Hash: hash}); err != nil {
 		return err
 	}
@@ -284,7 +302,7 @@ func (s Submodules) Update(o *SubmoduleUpdateOptions) error {
 // UpdateContext updates all the submodules in this list.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func (s Submodules) UpdateContext(ctx context.Context, o *SubmoduleUpdateOptions) error {
 	for _, sub := range s {
diff --git a/vendor/github.com/go-git/go-git/v5/utils/ioutil/common.go b/vendor/github.com/go-git/go-git/v5/utils/ioutil/common.go
index e9dcbfe49b..b52e85a380 100644
--- a/vendor/github.com/go-git/go-git/v5/utils/ioutil/common.go
+++ b/vendor/github.com/go-git/go-git/v5/utils/ioutil/common.go
@@ -7,7 +7,7 @@ import (
 	"errors"
 	"io"
 
-	"github.com/jbenet/go-context/io"
+	ctxio "github.com/jbenet/go-context/io"
 )
 
 type readPeeker interface {
@@ -168,3 +168,13 @@ func (r *writerOnError) Write(p []byte) (n int, err error) {
 
 	return
 }
+
+type PipeReader interface {
+	io.ReadCloser
+	CloseWithError(err error) error
+}
+
+type PipeWriter interface {
+	io.WriteCloser
+	CloseWithError(err error) error
+}
diff --git a/vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe.go b/vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe.go
new file mode 100644
index 0000000000..f30c452fa4
--- /dev/null
+++ b/vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe.go
@@ -0,0 +1,9 @@
+// +build !js
+
+package ioutil
+
+import "io"
+
+func Pipe() (PipeReader, PipeWriter) {
+	return io.Pipe()
+}
diff --git a/vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe_js.go b/vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe_js.go
new file mode 100644
index 0000000000..cf102e6ef8
--- /dev/null
+++ b/vendor/github.com/go-git/go-git/v5/utils/ioutil/pipe_js.go
@@ -0,0 +1,9 @@
+// +build js
+
+package ioutil
+
+import "github.com/acomagu/bufpipe"
+
+func Pipe() (PipeReader, PipeWriter) {
+	return bufpipe.New(nil)
+}
diff --git a/vendor/github.com/go-git/go-git/v5/worktree.go b/vendor/github.com/go-git/go-git/v5/worktree.go
index 4aeae01919..f23d9f1703 100644
--- a/vendor/github.com/go-git/go-git/v5/worktree.go
+++ b/vendor/github.com/go-git/go-git/v5/worktree.go
@@ -59,7 +59,7 @@ func (w *Worktree) Pull(o *PullOptions) error {
 // Pull only supports merges where the can be resolved as a fast-forward.
 //
 // The provided Context must be non-nil. If the context expires before the
-// operation is complete, an error is returned. The context only affects to the
+// operation is complete, an error is returned. The context only affects the
 // transport operations.
 func (w *Worktree) PullContext(ctx context.Context, o *PullOptions) error {
 	if err := o.Validate(); err != nil {
diff --git a/vendor/github.com/go-git/go-git/v5/worktree_commit.go b/vendor/github.com/go-git/go-git/v5/worktree_commit.go
index a5779fc746..dc7956909e 100644
--- a/vendor/github.com/go-git/go-git/v5/worktree_commit.go
+++ b/vendor/github.com/go-git/go-git/v5/worktree_commit.go
@@ -12,8 +12,8 @@ import (
 	"github.com/go-git/go-git/v5/plumbing/object"
 	"github.com/go-git/go-git/v5/storage"
 
+	"github.com/ProtonMail/go-crypto/openpgp"
 	"github.com/go-git/go-billy/v5"
-	"golang.org/x/crypto/openpgp"
 )
 
 // Commit stores the current contents of the index in a new commit along with
diff --git a/vendor/github.com/go-git/go-git/v5/worktree_js.go b/vendor/github.com/go-git/go-git/v5/worktree_js.go
new file mode 100644
index 0000000000..7267d055e7
--- /dev/null
+++ b/vendor/github.com/go-git/go-git/v5/worktree_js.go
@@ -0,0 +1,26 @@
+// +build js
+
+package git
+
+import (
+	"syscall"
+	"time"
+
+	"github.com/go-git/go-git/v5/plumbing/format/index"
+)
+
+func init() {
+	fillSystemInfo = func(e *index.Entry, sys interface{}) {
+		if os, ok := sys.(*syscall.Stat_t); ok {
+			e.CreatedAt = time.Unix(int64(os.Ctime), int64(os.CtimeNsec))
+			e.Dev = uint32(os.Dev)
+			e.Inode = uint32(os.Ino)
+			e.GID = os.Gid
+			e.UID = os.Uid
+		}
+	}
+}
+
+func isSymlinkWindowsNonAdmin(err error) bool {
+	return false
+}
diff --git a/vendor/github.com/go-redis/redis/v8/CHANGELOG.md b/vendor/github.com/go-redis/redis/v8/CHANGELOG.md
index 484d40f5e1..42d89b720e 100644
--- a/vendor/github.com/go-redis/redis/v8/CHANGELOG.md
+++ b/vendor/github.com/go-redis/redis/v8/CHANGELOG.md
@@ -3,6 +3,24 @@
 > :heart:
 > [**Uptrace.dev** - All-in-one tool to optimize performance and monitor errors & logs](https://uptrace.dev)
 
+## v8.10
+
+- Removed extra OpenTelemetry spans from go-redis core. Now go-redis instrumentation only adds a
+  single span with a Redis command (instead of 4 spans). There are multiple reasons behind this
+  decision:
+
+  - Traces become smaller and less noisy.
+  - It may be costly to process those 3 extra spans for each query.
+  - go-redis no longer depends on OpenTelemetry.
+
+  Eventually we hope to replace the information that we no longer collect with OpenTelemetry
+  Metrics.
+
+## v8.9
+
+- Changed `PubSub.Channel` to only rely on `Ping` result. You can now use `WithChannelSize`,
+  `WithChannelHealthCheckInterval`, and `WithChannelSendTimeout` to override default settings.
+
 ## v8.8
 
 - To make updating easier, extra modules now have the same version as go-redis does. That means that
diff --git a/vendor/github.com/go-redis/redis/v8/README.md b/vendor/github.com/go-redis/redis/v8/README.md
index 08a151e0ff..e58d867df9 100644
--- a/vendor/github.com/go-redis/redis/v8/README.md
+++ b/vendor/github.com/go-redis/redis/v8/README.md
@@ -138,7 +138,7 @@ res, err := rdb.Do(ctx, "set", "key", "value").Result()
 
 go-redis will start a redis-server and run the test cases.
 
-The paths of redis-server bin file and redis config file are definded in `main_test.go`:
+The paths of redis-server bin file and redis config file are defined in `main_test.go`:
 
 ```
 var (
@@ -163,7 +163,5 @@ go test
 
 ## See also
 
-- [Fast and flexible HTTP router](https://github.com/vmihailenco/treemux)
-- [Golang PostgreSQL ORM](https://github.com/go-pg/pg)
-- [Golang msgpack](https://github.com/vmihailenco/msgpack)
-- [Golang message task queue](https://github.com/vmihailenco/taskq)
+- [Fast and flexible ORM](https://github.com/uptrace/bun)
+- [msgpack for Go](https://github.com/vmihailenco/msgpack)
diff --git a/vendor/github.com/go-redis/redis/v8/cluster_commands.go b/vendor/github.com/go-redis/redis/v8/cluster_commands.go
index 1f0bae067a..336ea98dd7 100644
--- a/vendor/github.com/go-redis/redis/v8/cluster_commands.go
+++ b/vendor/github.com/go-redis/redis/v8/cluster_commands.go
@@ -2,6 +2,7 @@ package redis
 
 import (
 	"context"
+	"sync"
 	"sync/atomic"
 )
 
@@ -23,3 +24,76 @@ func (c *ClusterClient) DBSize(ctx context.Context) *IntCmd {
 	cmd.val = size
 	return cmd
 }
+
+func (c *ClusterClient) ScriptLoad(ctx context.Context, script string) *StringCmd {
+	cmd := NewStringCmd(ctx, "script", "load", script)
+	mu := &sync.Mutex{}
+	err := c.ForEachShard(ctx, func(ctx context.Context, shard *Client) error {
+		val, err := shard.ScriptLoad(ctx, script).Result()
+		if err != nil {
+			return err
+		}
+
+		mu.Lock()
+		if cmd.Val() == "" {
+			cmd.val = val
+		}
+		mu.Unlock()
+
+		return nil
+	})
+	if err != nil {
+		cmd.SetErr(err)
+	}
+
+	return cmd
+}
+
+func (c *ClusterClient) ScriptFlush(ctx context.Context) *StatusCmd {
+	cmd := NewStatusCmd(ctx, "script", "flush")
+	_ = c.ForEachShard(ctx, func(ctx context.Context, shard *Client) error {
+		shard.ScriptFlush(ctx)
+
+		return nil
+	})
+
+	return cmd
+}
+
+func (c *ClusterClient) ScriptExists(ctx context.Context, hashes ...string) *BoolSliceCmd {
+	args := make([]interface{}, 2+len(hashes))
+	args[0] = "script"
+	args[1] = "exists"
+	for i, hash := range hashes {
+		args[2+i] = hash
+	}
+	cmd := NewBoolSliceCmd(ctx, args...)
+
+	result := make([]bool, len(hashes))
+	for i := range result {
+		result[i] = true
+	}
+
+	mu := &sync.Mutex{}
+	err := c.ForEachShard(ctx, func(ctx context.Context, shard *Client) error {
+		val, err := shard.ScriptExists(ctx, hashes...).Result()
+		if err != nil {
+			return err
+		}
+
+		mu.Lock()
+		for i, v := range val {
+			result[i] = result[i] && v
+		}
+		mu.Unlock()
+
+		return nil
+	})
+	if err != nil {
+		cmd.SetErr(err)
+	}
+
+	cmd.val = result
+
+	return cmd
+}
diff --git a/vendor/github.com/go-redis/redis/v8/command.go b/vendor/github.com/go-redis/redis/v8/command.go
index f10c4781aa..9a3018d3b4 100644
--- a/vendor/github.com/go-redis/redis/v8/command.go
+++ b/vendor/github.com/go-redis/redis/v8/command.go
@@ -1512,7 +1512,7 @@ type XInfoConsumer struct {
 	Idle    int64
 }
 
-var _ Cmder = (*XInfoGroupsCmd)(nil)
+var _ Cmder = (*XInfoConsumersCmd)(nil)
 
 func NewXInfoConsumersCmd(ctx context.Context, stream string, group string) *XInfoConsumersCmd {
 	return &XInfoConsumersCmd{
@@ -1769,8 +1769,14 @@ func xStreamInfoParser(rd *proto.Reader, n int64) (interface{}, error) {
 			info.LastGeneratedID, err = rd.ReadString()
 		case "first-entry":
 			info.FirstEntry, err = readXMessage(rd)
+			if err == Nil {
+				err = nil
+			}
 		case "last-entry":
 			info.LastEntry, err = readXMessage(rd)
+			if err == Nil {
+				err = nil
+			}
 		default:
 			return nil, fmt.Errorf("redis: unexpected content %s "+
 				"in XINFO STREAM reply", key)
@@ -1784,6 +1790,302 @@ func xStreamInfoParser(rd *proto.Reader, n int64) (interface{}, error) {
 
 //------------------------------------------------------------------------------
 
+type XInfoStreamFullCmd struct {
+	baseCmd
+	val *XInfoStreamFull
+}
+
+type XInfoStreamFull struct {
+	Length          int64
+	RadixTreeKeys   int64
+	RadixTreeNodes  int64
+	LastGeneratedID string
+	Entries         []XMessage
+	Groups          []XInfoStreamGroup
+}
+
+type XInfoStreamGroup struct {
+	Name            string
+	LastDeliveredID string
+	PelCount        int64
+	Pending         []XInfoStreamGroupPending
+	Consumers       []XInfoStreamConsumer
+}
+
+type XInfoStreamGroupPending struct {
+	ID            string
+	Consumer      string
+	DeliveryTime  time.Time
+	DeliveryCount int64
+}
+
+type XInfoStreamConsumer struct {
+	Name     string
+	SeenTime time.Time
+	PelCount int64
+	Pending  []XInfoStreamConsumerPending
+}
+
+type XInfoStreamConsumerPending struct {
+	ID            string
+	DeliveryTime  time.Time
+	DeliveryCount int64
+}
+
+var _ Cmder = (*XInfoStreamFullCmd)(nil)
+
+func NewXInfoStreamFullCmd(ctx context.Context, args ...interface{}) *XInfoStreamFullCmd {
+	return &XInfoStreamFullCmd{
+		baseCmd: baseCmd{
+			ctx:  ctx,
+			args: args,
+		},
+	}
+}
+
+func (cmd *XInfoStreamFullCmd) Val() *XInfoStreamFull {
+	return cmd.val
+}
+
+func (cmd *XInfoStreamFullCmd) Result() (*XInfoStreamFull, error) {
+	return cmd.val, cmd.err
+}
+
+func (cmd *XInfoStreamFullCmd) String() string {
+	return cmdString(cmd, cmd.val)
+}
+
+func (cmd *XInfoStreamFullCmd) readReply(rd *proto.Reader) error {
+	n, err := rd.ReadArrayLen()
+	if err != nil {
+		return err
+	}
+	if n != 12 {
+		return fmt.Errorf("redis: got %d elements in XINFO STREAM FULL reply,"+
+			"wanted 12", n)
+	}
+
+	cmd.val = &XInfoStreamFull{}
+
+	for i := 0; i < 6; i++ {
+		key, err := rd.ReadString()
+		if err != nil {
+			return err
+		}
+
+		switch key {
+		case "length":
+			cmd.val.Length, err = rd.ReadIntReply()
+		case "radix-tree-keys":
+			cmd.val.RadixTreeKeys, err = rd.ReadIntReply()
+		case "radix-tree-nodes":
+			cmd.val.RadixTreeNodes, err = rd.ReadIntReply()
+		case "last-generated-id":
+			cmd.val.LastGeneratedID, err = rd.ReadString()
+		case "entries":
+			cmd.val.Entries, err = readXMessageSlice(rd)
+		case "groups":
+			cmd.val.Groups, err = readStreamGroups(rd)
+		default:
+			return fmt.Errorf("redis: unexpected content %s "+
+				"in XINFO STREAM reply", key)
+		}
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
+
+func readStreamGroups(rd *proto.Reader) ([]XInfoStreamGroup, error) {
+	n, err := rd.ReadArrayLen()
+	if err != nil {
+		return nil, err
+	}
+	groups := make([]XInfoStreamGroup, 0, n)
+	for i := 0; i < n; i++ {
+		nn, err := rd.ReadArrayLen()
+		if err != nil {
+			return nil, err
+		}
+		if nn != 10 {
+			return nil, fmt.Errorf("redis: got %d elements in XINFO STREAM FULL reply,"+
+				"wanted 10", nn)
+		}
+
+		group := XInfoStreamGroup{}
+
+		for f := 0; f < 5; f++ {
+			key, err := rd.ReadString()
+			if err != nil {
+				return nil, err
+			}
+
+			switch key {
+			case "name":
+				group.Name, err = rd.ReadString()
+			case "last-delivered-id":
+				group.LastDeliveredID, err = rd.ReadString()
+			case "pel-count":
+				group.PelCount, err = rd.ReadIntReply()
+			case "pending":
+				group.Pending, err = readXInfoStreamGroupPending(rd)
+			case "consumers":
+				group.Consumers, err = readXInfoStreamConsumers(rd)
+			default:
+				return nil, fmt.Errorf("redis: unexpected content %s "+
+					"in XINFO STREAM reply", key)
+			}
+
+			if err != nil {
+				return nil, err
+			}
+		}
+
+		groups = append(groups, group)
+	}
+
+	return groups, nil
+}
+
+func readXInfoStreamGroupPending(rd *proto.Reader) ([]XInfoStreamGroupPending, error) {
+	n, err := rd.ReadArrayLen()
+	if err != nil {
+		return nil, err
+	}
+
+	pending := make([]XInfoStreamGroupPending, 0, n)
+
+	for i := 0; i < n; i++ {
+		nn, err := rd.ReadArrayLen()
+		if err != nil {
+			return nil, err
+		}
+		if nn != 4 {
+			return nil, fmt.Errorf("redis: got %d elements in XINFO STREAM FULL reply,"+
+				"wanted 4", nn)
+		}
+
+		p := XInfoStreamGroupPending{}
+
+		p.ID, err = rd.ReadString()
+		if err != nil {
+			return nil, err
+		}
+
+		p.Consumer, err = rd.ReadString()
+		if err != nil {
+			return nil, err
+		}
+
+		delivery, err := rd.ReadIntReply()
+		if err != nil {
+			return nil, err
+		}
+		p.DeliveryTime = time.Unix(delivery/1000, delivery%1000*int64(time.Millisecond))
+
+		p.DeliveryCount, err = rd.ReadIntReply()
+		if err != nil {
+			return nil, err
+		}
+
+		pending = append(pending, p)
+	}
+
+	return pending, nil
+}
+
+func readXInfoStreamConsumers(rd *proto.Reader) ([]XInfoStreamConsumer, error) {
+	n, err := rd.ReadArrayLen()
+	if err != nil {
+		return nil, err
+	}
+
+	consumers := make([]XInfoStreamConsumer, 0, n)
+
+	for i := 0; i < n; i++ {
+		nn, err := rd.ReadArrayLen()
+		if err != nil {
+			return nil, err
+		}
+		if nn != 8 {
+			return nil, fmt.Errorf("redis: got %d elements in XINFO STREAM FULL reply,"+
+				"wanted 8", nn)
+		}
+
+		c := XInfoStreamConsumer{}
+
+		for f := 0; f < 4; f++ {
+			cKey, err := rd.ReadString()
+			if err != nil {
+				return nil, err
+			}
+
+			switch cKey {
+			case "name":
+				c.Name, err = rd.ReadString()
+			case "seen-time":
+				seen, err := rd.ReadIntReply()
+				if err != nil {
+					return nil, err
+				}
+				c.SeenTime = time.Unix(seen/1000, seen%1000*int64(time.Millisecond))
+			case "pel-count":
+				c.PelCount, err = rd.ReadIntReply()
+			case "pending":
+				pendingNumber, err := rd.ReadArrayLen()
+				if err != nil {
+					return nil, err
+				}
+
+				c.Pending = make([]XInfoStreamConsumerPending, 0, pendingNumber)
+
+				for pn := 0; pn < pendingNumber; pn++ {
+					nn, err := rd.ReadArrayLen()
+					if err != nil {
+						return nil, err
+					}
+					if nn != 3 {
+						return nil, fmt.Errorf("redis: got %d elements in XINFO STREAM reply,"+
+							"wanted 3", nn)
+					}
+
+					p := XInfoStreamConsumerPending{}
+
+					p.ID, err = rd.ReadString()
+					if err != nil {
+						return nil, err
+					}
+
+					delivery, err := rd.ReadIntReply()
+					if err != nil {
+						return nil, err
+					}
+					p.DeliveryTime = time.Unix(delivery/1000, delivery%1000*int64(time.Millisecond))
+
+					p.DeliveryCount, err = rd.ReadIntReply()
+					if err != nil {
+						return nil, err
+					}
+
+					c.Pending = append(c.Pending, p)
+				}
+			default:
+				return nil, fmt.Errorf("redis: unexpected content %s "+
+					"in XINFO STREAM reply", cKey)
+			}
+			if err != nil {
+				return nil, err
+			}
+		}
+		consumers = append(consumers, c)
+	}
+
+	return consumers, nil
+}
+
+//------------------------------------------------------------------------------
+
 type ZSliceCmd struct {
 	baseCmd
 
diff --git a/vendor/github.com/go-redis/redis/v8/commands.go b/vendor/github.com/go-redis/redis/v8/commands.go
index 37746334df..4ac42ecdbd 100644
--- a/vendor/github.com/go-redis/redis/v8/commands.go
+++ b/vendor/github.com/go-redis/redis/v8/commands.go
@@ -179,6 +179,7 @@ type Cmdable interface {
 	LInsertAfter(ctx context.Context, key string, pivot, value interface{}) *IntCmd
 	LLen(ctx context.Context, key string) *IntCmd
 	LPop(ctx context.Context, key string) *StringCmd
+	LPopCount(ctx context.Context, key string, count int) *StringSliceCmd
 	LPos(ctx context.Context, key string, value string, args LPosArgs) *IntCmd
 	LPosCount(ctx context.Context, key string, value string, count int64, args LPosArgs) *IntSliceCmd
 	LPush(ctx context.Context, key string, values ...interface{}) *IntCmd
@@ -200,6 +201,7 @@ type Cmdable interface {
 	SInter(ctx context.Context, keys ...string) *StringSliceCmd
 	SInterStore(ctx context.Context, destination string, keys ...string) *IntCmd
 	SIsMember(ctx context.Context, key string, member interface{}) *BoolCmd
+	SMIsMember(ctx context.Context, key string, members ...interface{}) *BoolSliceCmd
 	SMembers(ctx context.Context, key string) *StringSliceCmd
 	SMembersMap(ctx context.Context, key string) *StringStructMapCmd
 	SMove(ctx context.Context, source, destination string, member interface{}) *BoolCmd
@@ -252,6 +254,8 @@ type Cmdable interface {
 	ZCount(ctx context.Context, key, min, max string) *IntCmd
 	ZLexCount(ctx context.Context, key, min, max string) *IntCmd
 	ZIncrBy(ctx context.Context, key string, increment float64, member string) *FloatCmd
+	ZInter(ctx context.Context, store *ZStore) *StringSliceCmd
+	ZInterWithScores(ctx context.Context, store *ZStore) *ZSliceCmd
 	ZInterStore(ctx context.Context, destination string, store *ZStore) *IntCmd
 	ZMScore(ctx context.Context, key string, members ...string) *FloatSliceCmd
 	ZPopMax(ctx context.Context, key string, count ...int64) *ZSliceCmd
@@ -275,6 +279,9 @@ type Cmdable interface {
 	ZScore(ctx context.Context, key, member string) *FloatCmd
 	ZUnionStore(ctx context.Context, dest string, store *ZStore) *IntCmd
 	ZRandMember(ctx context.Context, key string, count int, withScores bool) *StringSliceCmd
+	ZDiff(ctx context.Context, keys ...string) *StringSliceCmd
+	ZDiffWithScores(ctx context.Context, keys ...string) *ZSliceCmd
+	ZDiffStore(ctx context.Context, destination string, keys ...string) *IntCmd
 
 	PFAdd(ctx context.Context, key string, els ...interface{}) *IntCmd
 	PFCount(ctx context.Context, keys ...string) *IntCmd
@@ -1313,6 +1320,12 @@ func (c cmdable) LPop(ctx context.Context, key string) *StringCmd {
 	return cmd
 }
 
+func (c cmdable) LPopCount(ctx context.Context, key string, count int) *StringSliceCmd {
+	cmd := NewStringSliceCmd(ctx, "lpop", key, count)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
 type LPosArgs struct {
 	Rank, MaxLen int64
 }
@@ -1508,6 +1521,17 @@ func (c cmdable) SIsMember(ctx context.Context, key string, member interface{})
 	return cmd
 }
 
+// Redis `SMISMEMBER key member [member ...]` command.
+func (c cmdable) SMIsMember(ctx context.Context, key string, members ...interface{}) *BoolSliceCmd {
+	args := make([]interface{}, 2, 2+len(members))
+	args[0] = "smismember"
+	args[1] = key
+	args = appendArgs(args, members)
+	cmd := NewBoolSliceCmd(ctx, args...)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
 // Redis `SMEMBERS key` command output as a slice.
 func (c cmdable) SMembers(ctx context.Context, key string) *StringSliceCmd {
 	cmd := NewStringSliceCmd(ctx, "smembers", key)
@@ -1752,7 +1776,7 @@ func (c cmdable) XReadGroup(ctx context.Context, a *XReadGroupArgs) *XStreamSlic
 	args := make([]interface{}, 0, 8+len(a.Streams))
 	args = append(args, "xreadgroup", "group", a.Group, a.Consumer)
 
-	keyPos := int8(1)
+	keyPos := int8(4)
 	if a.Count > 0 {
 		args = append(args, "count", a.Count)
 		keyPos += 2
@@ -1799,6 +1823,7 @@ func (c cmdable) XPending(ctx context.Context, stream, group string) *XPendingCm
 type XPendingExtArgs struct {
 	Stream   string
 	Group    string
+	Idle     time.Duration
 	Start    string
 	End      string
 	Count    int64
@@ -1806,8 +1831,12 @@ type XPendingExtArgs struct {
 }
 
 func (c cmdable) XPendingExt(ctx context.Context, a *XPendingExtArgs) *XPendingExtCmd {
-	args := make([]interface{}, 0, 7)
-	args = append(args, "xpending", a.Stream, a.Group, a.Start, a.End, a.Count)
+	args := make([]interface{}, 0, 9)
+	args = append(args, "xpending", a.Stream, a.Group)
+	if a.Idle != 0 {
+		args = append(args, "idle", formatMs(ctx, a.Idle))
+	}
+	args = append(args, a.Start, a.End, a.Count)
 	if a.Consumer != "" {
 		args = append(args, a.Consumer)
 	}
@@ -1882,6 +1911,19 @@ func (c cmdable) XInfoStream(ctx context.Context, key string) *XInfoStreamCmd {
 	return cmd
 }
 
+// XInfoStreamFull XINFO STREAM FULL [COUNT count]
+// redis-server >= 6.0.
+func (c cmdable) XInfoStreamFull(ctx context.Context, key string, count int) *XInfoStreamFullCmd {
+	args := make([]interface{}, 0, 6)
+	args = append(args, "xinfo", "stream", key, "full")
+	if count > 0 {
+		args = append(args, "count", count)
+	}
+	cmd := NewXInfoStreamFullCmd(ctx, args...)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
 //------------------------------------------------------------------------------
 
 // Z represents sorted set member.
@@ -1904,6 +1946,17 @@ type ZStore struct {
 	Aggregate string
 }
 
+func (z *ZStore) len() (n int) {
+	n = len(z.Keys)
+	if len(z.Weights) > 0 {
+		n += 1 + len(z.Weights)
+	}
+	if z.Aggregate != "" {
+		n += 2
+	}
+	return n
+}
+
 // Redis `BZPOPMAX key [key ...] timeout` command.
 func (c cmdable) BZPopMax(ctx context.Context, timeout time.Duration, keys ...string) *ZWithKeyCmd {
 	args := make([]interface{}, 1+len(keys)+1)
@@ -2049,7 +2102,7 @@ func (c cmdable) ZIncrBy(ctx context.Context, key string, increment float64, mem
 }
 
 func (c cmdable) ZInterStore(ctx context.Context, destination string, store *ZStore) *IntCmd {
-	args := make([]interface{}, 0, 3+len(store.Keys))
+	args := make([]interface{}, 0, 3+store.len())
 	args = append(args, "zinterstore", destination, len(store.Keys))
 	for _, key := range store.Keys {
 		args = append(args, key)
@@ -2069,6 +2122,50 @@ func (c cmdable) ZInterStore(ctx context.Context, destination string, store *ZSt
 	return cmd
 }
 
+func (c cmdable) ZInter(ctx context.Context, store *ZStore) *StringSliceCmd {
+	args := make([]interface{}, 0, 2+store.len())
+	args = append(args, "zinter", len(store.Keys))
+	for _, key := range store.Keys {
+		args = append(args, key)
+	}
+	if len(store.Weights) > 0 {
+		args = append(args, "weights")
+		for _, weights := range store.Weights {
+			args = append(args, weights)
+		}
+	}
+
+	if store.Aggregate != "" {
+		args = append(args, "aggregate", store.Aggregate)
+	}
+	cmd := NewStringSliceCmd(ctx, args...)
+	cmd.setFirstKeyPos(2)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
+func (c cmdable) ZInterWithScores(ctx context.Context, store *ZStore) *ZSliceCmd {
+	args := make([]interface{}, 0, 3+store.len())
+	args = append(args, "zinter", len(store.Keys))
+	for _, key := range store.Keys {
+		args = append(args, key)
+	}
+	if len(store.Weights) > 0 {
+		args = append(args, "weights")
+		for _, weights := range store.Weights {
+			args = append(args, weights)
+		}
+	}
+	if store.Aggregate != "" {
+		args = append(args, "aggregate", store.Aggregate)
+	}
+	args = append(args, "withscores")
+	cmd := NewZSliceCmd(ctx, args...)
+	cmd.setFirstKeyPos(2)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
 func (c cmdable) ZMScore(ctx context.Context, key string, members ...string) *FloatSliceCmd {
 	args := make([]interface{}, 2+len(members))
 	args[0] = "zmscore"
@@ -2295,7 +2392,7 @@ func (c cmdable) ZScore(ctx context.Context, key, member string) *FloatCmd {
 }
 
 func (c cmdable) ZUnionStore(ctx context.Context, dest string, store *ZStore) *IntCmd {
-	args := make([]interface{}, 0, 3+len(store.Keys))
+	args := make([]interface{}, 0, 3+store.len())
 	args = append(args, "zunionstore", dest, len(store.Keys))
 	for _, key := range store.Keys {
 		args = append(args, key)
@@ -2331,6 +2428,49 @@ func (c cmdable) ZRandMember(ctx context.Context, key string, count int, withSco
 	return cmd
 }
 
+// redis-server version >= 6.2.0.
+func (c cmdable) ZDiff(ctx context.Context, keys ...string) *StringSliceCmd {
+	args := make([]interface{}, 2+len(keys))
+	args[0] = "zdiff"
+	args[1] = len(keys)
+	for i, key := range keys {
+		args[i+2] = key
+	}
+
+	cmd := NewStringSliceCmd(ctx, args...)
+	cmd.setFirstKeyPos(2)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
+// redis-server version >= 6.2.0.
+func (c cmdable) ZDiffWithScores(ctx context.Context, keys ...string) *ZSliceCmd {
+	args := make([]interface{}, 3+len(keys))
+	args[0] = "zdiff"
+	args[1] = len(keys)
+	for i, key := range keys {
+		args[i+2] = key
+	}
+	args[len(keys)+2] = "withscores"
+
+	cmd := NewZSliceCmd(ctx, args...)
+	cmd.setFirstKeyPos(2)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
+// redis-server version >=6.2.0.
+func (c cmdable) ZDiffStore(ctx context.Context, destination string, keys ...string) *IntCmd {
+	args := make([]interface{}, 0, 3+len(keys))
+	args = append(args, "zdiffstore", destination, len(keys))
+	for _, key := range keys {
+		args = append(args, key)
+	}
+	cmd := NewIntCmd(ctx, args...)
+	_ = c(ctx, cmd)
+	return cmd
+}
+
 //------------------------------------------------------------------------------
 
 func (c cmdable) PFAdd(ctx context.Context, key string, els ...interface{}) *IntCmd {
@@ -2590,6 +2730,7 @@ func (c cmdable) MemoryUsage(ctx context.Context, key string, samples ...int) *I
 		args = append(args, "SAMPLES", samples[0])
 	}
 	cmd := NewIntCmd(ctx, args...)
+	cmd.setFirstKeyPos(2)
 	_ = c(ctx, cmd)
 	return cmd
 }
@@ -2606,6 +2747,7 @@ func (c cmdable) Eval(ctx context.Context, script string, keys []string, args ..
 	}
 	cmdArgs = appendArgs(cmdArgs, args)
 	cmd := NewCmd(ctx, cmdArgs...)
+	cmd.setFirstKeyPos(3)
 	_ = c(ctx, cmd)
 	return cmd
 }
@@ -2620,6 +2762,7 @@ func (c cmdable) EvalSha(ctx context.Context, sha1 string, keys []string, args .
 	}
 	cmdArgs = appendArgs(cmdArgs, args)
 	cmd := NewCmd(ctx, cmdArgs...)
+	cmd.setFirstKeyPos(3)
 	_ = c(ctx, cmd)
 	return cmd
 }
diff --git a/vendor/github.com/go-redis/redis/v8/error.go b/vendor/github.com/go-redis/redis/v8/error.go
index 2ed5dc6284..ad9e173ea7 100644
--- a/vendor/github.com/go-redis/redis/v8/error.go
+++ b/vendor/github.com/go-redis/redis/v8/error.go
@@ -10,6 +10,7 @@ import (
 	"github.com/go-redis/redis/v8/internal/proto"
 )
 
+// ErrClosed performs any operation on the closed client will return this error.
 var ErrClosed = pool.ErrClosed
 
 type Error interface {
diff --git a/vendor/github.com/go-redis/redis/v8/go.mod b/vendor/github.com/go-redis/redis/v8/go.mod
index 938768f2b8..aa13d2ef2d 100644
--- a/vendor/github.com/go-redis/redis/v8/go.mod
+++ b/vendor/github.com/go-redis/redis/v8/go.mod
@@ -7,7 +7,5 @@ require (
 	github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f
 	github.com/onsi/ginkgo v1.15.0
 	github.com/onsi/gomega v1.10.5
-	go.opentelemetry.io/otel v0.19.0
-	go.opentelemetry.io/otel/metric v0.19.0
-	go.opentelemetry.io/otel/trace v0.19.0
+	go.opentelemetry.io/otel/metric v0.20.0
 )
diff --git a/vendor/github.com/go-redis/redis/v8/go.sum b/vendor/github.com/go-redis/redis/v8/go.sum
index 182608edcc..b8309364d9 100644
--- a/vendor/github.com/go-redis/redis/v8/go.sum
+++ b/vendor/github.com/go-redis/redis/v8/go.sum
@@ -37,14 +37,14 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.7.0 h1:nwc3DEeHmmLAfoZucVR881uASk0Mfjw8xYJ99tb5CcY=
 github.com/stretchr/testify v1.7.0/go.mod h1:6Fq8oRcR53rry900zMqJjRRixrwX3KX962/h/Wwjteg=
 github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-go.opentelemetry.io/otel v0.19.0 h1:Lenfy7QHRXPZVsw/12CWpxX6d/JkrX8wrx2vO8G80Ng=
-go.opentelemetry.io/otel v0.19.0/go.mod h1:j9bF567N9EfomkSidSfmMwIwIBuP37AMAIzVW85OxSg=
-go.opentelemetry.io/otel/metric v0.19.0 h1:dtZ1Ju44gkJkYvo+3qGqVXmf88tc+a42edOywypengg=
-go.opentelemetry.io/otel/metric v0.19.0/go.mod h1:8f9fglJPRnXuskQmKpnad31lcLJ2VmNNqIsx/uIwBSc=
-go.opentelemetry.io/otel/oteltest v0.19.0 h1:YVfA0ByROYqTwOxqHVZYZExzEpfZor+MU1rU+ip2v9Q=
-go.opentelemetry.io/otel/oteltest v0.19.0/go.mod h1:tI4yxwh8U21v7JD6R3BcA/2+RBoTKFexE/PJ/nSO7IA=
-go.opentelemetry.io/otel/trace v0.19.0 h1:1ucYlenXIDA1OlHVLDZKX0ObXV5RLaq06DtUKz5e5zc=
-go.opentelemetry.io/otel/trace v0.19.0/go.mod h1:4IXiNextNOpPnRlI4ryK69mn5iC84bjBWZQA5DXz/qg=
+go.opentelemetry.io/otel v0.20.0 h1:eaP0Fqu7SXHwvjiqDq83zImeehOHX8doTvU9AwXON8g=
+go.opentelemetry.io/otel v0.20.0/go.mod h1:Y3ugLH2oa81t5QO+Lty+zXf8zC9L26ax4Nzoxm/dooo=
+go.opentelemetry.io/otel/metric v0.20.0 h1:4kzhXFP+btKm4jwxpjIqjs41A7MakRFUS86bqLHTIw8=
+go.opentelemetry.io/otel/metric v0.20.0/go.mod h1:598I5tYlH1vzBjn+BTuhzTCSb/9debfNp6R3s7Pr1eU=
+go.opentelemetry.io/otel/oteltest v0.20.0 h1:HiITxCawalo5vQzdHfKeZurV8x7ljcqAgiWzF6Vaeaw=
+go.opentelemetry.io/otel/oteltest v0.20.0/go.mod h1:L7bgKf9ZB7qCwT9Up7i9/pn0PWIa9FqQ2IQ8LoxiGnw=
+go.opentelemetry.io/otel/trace v0.20.0 h1:1DL6EXUdcg95gukhuRRvLDO/4X5THh/5dIV52lqtnbw=
+go.opentelemetry.io/otel/trace v0.20.0/go.mod h1:6GjCW8zgDjwGHGa6GkyeB8+/5vjT16gUEi0Nf1iBdgw=
 golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
 golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
diff --git a/vendor/github.com/go-redis/redis/v8/internal/hashtag/hashtag.go b/vendor/github.com/go-redis/redis/v8/internal/hashtag/hashtag.go
index 2fc74ad1cd..b3a4f211e3 100644
--- a/vendor/github.com/go-redis/redis/v8/internal/hashtag/hashtag.go
+++ b/vendor/github.com/go-redis/redis/v8/internal/hashtag/hashtag.go
@@ -60,7 +60,7 @@ func RandomSlot() int {
 	return rand.Intn(slotNumber)
 }
 
-// hashSlot returns a consistent slot number between 0 and 16383
+// Slot returns a consistent slot number between 0 and 16383
 // for any given string key.
 func Slot(key string) int {
 	if key == "" {
diff --git a/vendor/github.com/go-redis/redis/v8/internal/log.go b/vendor/github.com/go-redis/redis/v8/internal/log.go
index 3810f9e4e7..c8b9213de4 100644
--- a/vendor/github.com/go-redis/redis/v8/internal/log.go
+++ b/vendor/github.com/go-redis/redis/v8/internal/log.go
@@ -19,6 +19,8 @@ func (l *logger) Printf(ctx context.Context, format string, v ...interface{}) {
 	_ = l.log.Output(2, fmt.Sprintf(format, v...))
 }
 
+// Logger calls Output to print to the stderr.
+// Arguments are handled in the manner of fmt.Print.
 var Logger Logging = &logger{
 	log: log.New(os.Stderr, "redis: ", log.LstdFlags|log.Lshortfile),
 }
diff --git a/vendor/github.com/go-redis/redis/v8/internal/pool/conn.go b/vendor/github.com/go-redis/redis/v8/internal/pool/conn.go
index ee064c9fc9..1ce29edd4b 100644
--- a/vendor/github.com/go-redis/redis/v8/internal/pool/conn.go
+++ b/vendor/github.com/go-redis/redis/v8/internal/pool/conn.go
@@ -65,26 +65,17 @@ func (cn *Conn) RemoteAddr() net.Addr {
 }
 
 func (cn *Conn) WithReader(ctx context.Context, timeout time.Duration, fn func(rd *proto.Reader) error) error {
-	ctx, span := internal.StartSpan(ctx, "redis.with_reader")
-	defer span.End()
-
 	if err := cn.netConn.SetReadDeadline(cn.deadline(ctx, timeout)); err != nil {
-		return internal.RecordError(ctx, span, err)
-	}
-	if err := fn(cn.rd); err != nil {
-		return internal.RecordError(ctx, span, err)
+		return err
 	}
-	return nil
+	return fn(cn.rd)
 }
 
 func (cn *Conn) WithWriter(
 	ctx context.Context, timeout time.Duration, fn func(wr *proto.Writer) error,
 ) error {
-	ctx, span := internal.StartSpan(ctx, "redis.with_writer")
-	defer span.End()
-
 	if err := cn.netConn.SetWriteDeadline(cn.deadline(ctx, timeout)); err != nil {
-		return internal.RecordError(ctx, span, err)
+		return err
 	}
 
 	if cn.bw.Buffered() > 0 {
@@ -92,11 +83,11 @@ func (cn *Conn) WithWriter(
 	}
 
 	if err := fn(cn.wr); err != nil {
-		return internal.RecordError(ctx, span, err)
+		return err
 	}
 
 	if err := cn.bw.Flush(); err != nil {
-		return internal.RecordError(ctx, span, err)
+		return err
 	}
 
 	internal.WritesCounter.Add(ctx, 1)
diff --git a/vendor/github.com/go-redis/redis/v8/internal/pool/pool.go b/vendor/github.com/go-redis/redis/v8/internal/pool/pool.go
index 74fbb37a6a..4d247b3010 100644
--- a/vendor/github.com/go-redis/redis/v8/internal/pool/pool.go
+++ b/vendor/github.com/go-redis/redis/v8/internal/pool/pool.go
@@ -12,7 +12,10 @@ import (
 )
 
 var (
-	ErrClosed      = errors.New("redis: client is closed")
+	// ErrClosed performs any operation on the closed client will return this error.
+	ErrClosed = errors.New("redis: client is closed")
+
+	// ErrPoolTimeout timed out waiting to get a connection from the connection pool.
 	ErrPoolTimeout = errors.New("redis: connection pool timeout")
 )
 
diff --git a/vendor/github.com/go-redis/redis/v8/internal/proto/reader.go b/vendor/github.com/go-redis/redis/v8/internal/proto/reader.go
index 0ab8c9d2fc..10d1b4235b 100644
--- a/vendor/github.com/go-redis/redis/v8/internal/proto/reader.go
+++ b/vendor/github.com/go-redis/redis/v8/internal/proto/reader.go
@@ -8,6 +8,7 @@ import (
 	"github.com/go-redis/redis/v8/internal/util"
 )
 
+// redis resp protocol data type.
 const (
 	ErrorReply  = '-'
 	StatusReply = '+'
diff --git a/vendor/github.com/go-redis/redis/v8/internal/util.go b/vendor/github.com/go-redis/redis/v8/internal/util.go
index 1a648fe63c..e34a7f0326 100644
--- a/vendor/github.com/go-redis/redis/v8/internal/util.go
+++ b/vendor/github.com/go-redis/redis/v8/internal/util.go
@@ -4,16 +4,10 @@ import (
 	"context"
 	"time"
 
-	"github.com/go-redis/redis/v8/internal/proto"
 	"github.com/go-redis/redis/v8/internal/util"
-	"go.opentelemetry.io/otel"
-	"go.opentelemetry.io/otel/trace"
 )
 
 func Sleep(ctx context.Context, dur time.Duration) error {
-	_, span := StartSpan(ctx, "time.Sleep")
-	defer span.End()
-
 	t := time.NewTimer(dur)
 	defer t.Stop()
 
@@ -50,21 +44,3 @@ func isLower(s string) bool {
 	}
 	return true
 }
-
-//------------------------------------------------------------------------------
-
-var tracer = otel.Tracer("github.com/go-redis/redis")
-
-func StartSpan(ctx context.Context, name string) (context.Context, trace.Span) {
-	if span := trace.SpanFromContext(ctx); !span.IsRecording() {
-		return ctx, span
-	}
-	return tracer.Start(ctx, name)
-}
-
-func RecordError(ctx context.Context, span trace.Span, err error) error {
-	if err != proto.Nil {
-		span.RecordError(err)
-	}
-	return err
-}
diff --git a/vendor/github.com/go-redis/redis/v8/options.go b/vendor/github.com/go-redis/redis/v8/options.go
index 0fd8e880af..7cf1bc1bbf 100644
--- a/vendor/github.com/go-redis/redis/v8/options.go
+++ b/vendor/github.com/go-redis/redis/v8/options.go
@@ -12,9 +12,7 @@ import (
 	"strings"
 	"time"
 
-	"github.com/go-redis/redis/v8/internal"
 	"github.com/go-redis/redis/v8/internal/pool"
-	"go.opentelemetry.io/otel/attribute"
 )
 
 // Limiter is the interface of a rate limiter or a circuit breaker.
@@ -291,21 +289,7 @@ func getUserPassword(u *url.URL) (string, string) {
 func newConnPool(opt *Options) *pool.ConnPool {
 	return pool.NewConnPool(&pool.Options{
 		Dialer: func(ctx context.Context) (net.Conn, error) {
-			ctx, span := internal.StartSpan(ctx, "redis.dial")
-			defer span.End()
-
-			if span.IsRecording() {
-				span.SetAttributes(
-					attribute.String("db.connection_string", opt.Addr),
-				)
-			}
-
-			cn, err := opt.Dialer(ctx, opt.Network, opt.Addr)
-			if err != nil {
-				return nil, internal.RecordError(ctx, span, err)
-			}
-
-			return cn, nil
+			return opt.Dialer(ctx, opt.Network, opt.Addr)
 		},
 		PoolSize:           opt.PoolSize,
 		MinIdleConns:       opt.MinIdleConns,
diff --git a/vendor/github.com/go-redis/redis/v8/pubsub.go b/vendor/github.com/go-redis/redis/v8/pubsub.go
index c56270b443..c6ffb25622 100644
--- a/vendor/github.com/go-redis/redis/v8/pubsub.go
+++ b/vendor/github.com/go-redis/redis/v8/pubsub.go
@@ -2,7 +2,6 @@ package redis
 
 import (
 	"context"
-	"errors"
 	"fmt"
 	"strings"
 	"sync"
@@ -13,13 +12,6 @@ import (
 	"github.com/go-redis/redis/v8/internal/proto"
 )
 
-const (
-	pingTimeout     = time.Second
-	chanSendTimeout = time.Minute
-)
-
-var errPingTimeout = errors.New("redis: ping timeout")
-
 // PubSub implements Pub/Sub commands as described in
 // http://redis.io/topics/pubsub. Message receiving is NOT safe
 // for concurrent use by multiple goroutines.
@@ -43,9 +35,12 @@ type PubSub struct {
 	cmd *Cmd
 
 	chOnce sync.Once
-	msgCh  chan *Message
-	allCh  chan interface{}
-	ping   chan struct{}
+	msgCh  *channel
+	allCh  *channel
+}
+
+func (c *PubSub) init() {
+	c.exit = make(chan struct{})
 }
 
 func (c *PubSub) String() string {
@@ -54,10 +49,6 @@ func (c *PubSub) String() string {
 	return fmt.Sprintf("PubSub(%s)", strings.Join(channels, ", "))
 }
 
-func (c *PubSub) init() {
-	c.exit = make(chan struct{})
-}
-
 func (c *PubSub) connWithLock(ctx context.Context) (*pool.Conn, error) {
 	c.mu.Lock()
 	cn, err := c.conn(ctx, nil)
@@ -418,6 +409,15 @@ func (c *PubSub) ReceiveMessage(ctx context.Context) (*Message, error) {
 	}
 }
 
+func (c *PubSub) getContext() context.Context {
+	if c.cmd != nil {
+		return c.cmd.ctx
+	}
+	return context.Background()
+}
+
+//------------------------------------------------------------------------------
+
 // Channel returns a Go channel for concurrently receiving messages.
 // The channel is closed together with the PubSub. If the Go channel
 // is blocked full for 30 seconds the message is dropped.
@@ -425,26 +425,24 @@ func (c *PubSub) ReceiveMessage(ctx context.Context) (*Message, error) {
 //
 // go-redis periodically sends ping messages to test connection health
 // and re-subscribes if ping can not not received for 30 seconds.
-func (c *PubSub) Channel() <-chan *Message {
-	return c.ChannelSize(100)
-}
-
-// ChannelSize is like Channel, but creates a Go channel
-// with specified buffer size.
-func (c *PubSub) ChannelSize(size int) <-chan *Message {
+func (c *PubSub) Channel(opts ...ChannelOption) <-chan *Message {
 	c.chOnce.Do(func() {
-		c.initPing()
-		c.initMsgChan(size)
+		c.msgCh = newChannel(c, opts...)
+		c.msgCh.initMsgChan()
 	})
 	if c.msgCh == nil {
 		err := fmt.Errorf("redis: Channel can't be called after ChannelWithSubscriptions")
 		panic(err)
 	}
-	if cap(c.msgCh) != size {
-		err := fmt.Errorf("redis: PubSub.Channel size can not be changed once created")
-		panic(err)
-	}
-	return c.msgCh
+	return c.msgCh.msgCh
+}
+
+// ChannelSize is like Channel, but creates a Go channel
+// with specified buffer size.
+//
+// Deprecated: use Channel(WithChannelSize(size)), remove in v9.
+func (c *PubSub) ChannelSize(size int) <-chan *Message {
+	return c.Channel(WithChannelSize(size))
 }
 
 // ChannelWithSubscriptions is like Channel, but message type can be either
@@ -452,59 +450,101 @@ func (c *PubSub) ChannelSize(size int) <-chan *Message {
 // reconnections.
 //
 // ChannelWithSubscriptions can not be used together with Channel or ChannelSize.
-func (c *PubSub) ChannelWithSubscriptions(ctx context.Context, size int) <-chan interface{} {
+func (c *PubSub) ChannelWithSubscriptions(_ context.Context, size int) <-chan interface{} {
 	c.chOnce.Do(func() {
-		c.initPing()
-		c.initAllChan(size)
+		c.allCh = newChannel(c, WithChannelSize(size))
+		c.allCh.initAllChan()
 	})
 	if c.allCh == nil {
 		err := fmt.Errorf("redis: ChannelWithSubscriptions can't be called after Channel")
 		panic(err)
 	}
-	if cap(c.allCh) != size {
-		err := fmt.Errorf("redis: PubSub.Channel size can not be changed once created")
-		panic(err)
+	return c.allCh.allCh
+}
+
+type ChannelOption func(c *channel)
+
+// WithChannelSize specifies the Go chan size that is used to buffer incoming messages.
+//
+// The default is 100 messages.
+func WithChannelSize(size int) ChannelOption {
+	return func(c *channel) {
+		c.chanSize = size
 	}
-	return c.allCh
 }
 
-func (c *PubSub) getContext() context.Context {
-	if c.cmd != nil {
-		return c.cmd.ctx
+// WithChannelHealthCheckInterval specifies the health check interval.
+// PubSub will ping Redis Server if it does not receive any messages within the interval.
+// To disable health check, use zero interval.
+//
+// The default is 3 seconds.
+func WithChannelHealthCheckInterval(d time.Duration) ChannelOption {
+	return func(c *channel) {
+		c.checkInterval = d
 	}
-	return context.Background()
 }
 
-func (c *PubSub) initPing() {
+// WithChannelSendTimeout specifies the channel send timeout after which
+// the message is dropped.
+//
+// The default is 60 seconds.
+func WithChannelSendTimeout(d time.Duration) ChannelOption {
+	return func(c *channel) {
+		c.chanSendTimeout = d
+	}
+}
+
+type channel struct {
+	pubSub *PubSub
+
+	msgCh chan *Message
+	allCh chan interface{}
+	ping  chan struct{}
+
+	chanSize        int
+	chanSendTimeout time.Duration
+	checkInterval   time.Duration
+}
+
+func newChannel(pubSub *PubSub, opts ...ChannelOption) *channel {
+	c := &channel{
+		pubSub: pubSub,
+
+		chanSize:        100,
+		chanSendTimeout: time.Minute,
+		checkInterval:   3 * time.Second,
+	}
+	for _, opt := range opts {
+		opt(c)
+	}
+	if c.checkInterval > 0 {
+		c.initHealthCheck()
+	}
+	return c
+}
+
+func (c *channel) initHealthCheck() {
 	ctx := context.TODO()
 	c.ping = make(chan struct{}, 1)
+
 	go func() {
 		timer := time.NewTimer(time.Minute)
 		timer.Stop()
 
-		healthy := true
 		for {
-			timer.Reset(pingTimeout)
+			timer.Reset(c.checkInterval)
 			select {
 			case <-c.ping:
-				healthy = true
 				if !timer.Stop() {
 					<-timer.C
 				}
 			case <-timer.C:
-				pingErr := c.Ping(ctx)
-				if healthy {
-					healthy = false
-				} else {
-					if pingErr == nil {
-						pingErr = errPingTimeout
-					}
-					c.mu.Lock()
-					c.reconnect(ctx, pingErr)
-					healthy = true
-					c.mu.Unlock()
+				if pingErr := c.pubSub.Ping(ctx); pingErr != nil {
+					c.pubSub.mu.Lock()
+					c.pubSub.reconnect(ctx, pingErr)
+					c.pubSub.mu.Unlock()
 				}
-			case <-c.exit:
+			case <-c.pubSub.exit:
 				return
 			}
 		}
@@ -512,16 +552,17 @@ func (c *PubSub) initPing() {
 }
 
 // initMsgChan must be in sync with initAllChan.
-func (c *PubSub) initMsgChan(size int) {
+func (c *channel) initMsgChan() {
 	ctx := context.TODO()
-	c.msgCh = make(chan *Message, size)
+	c.msgCh = make(chan *Message, c.chanSize)
+
 	go func() {
 		timer := time.NewTimer(time.Minute)
 		timer.Stop()
 
 		var errCount int
 		for {
-			msg, err := c.Receive(ctx)
+			msg, err := c.pubSub.Receive(ctx)
 			if err != nil {
 				if err == pool.ErrClosed {
 					close(c.msgCh)
@@ -548,7 +589,7 @@ func (c *PubSub) initMsgChan(size int) {
 			case *Pong:
 				// Ignore.
 			case *Message:
-				timer.Reset(chanSendTimeout)
+				timer.Reset(c.chanSendTimeout)
 				select {
 				case c.msgCh <- msg:
 					if !timer.Stop() {
@@ -556,30 +597,28 @@ func (c *PubSub) initMsgChan(size int) {
 					}
 				case <-timer.C:
 					internal.Logger.Printf(
-						c.getContext(),
-						"redis: %s channel is full for %s (message is dropped)",
-						c,
-						chanSendTimeout,
-					)
+						ctx, "redis: %s channel is full for %s (message is dropped)",
+						c, c.chanSendTimeout)
 				}
 			default:
-				internal.Logger.Printf(c.getContext(), "redis: unknown message type: %T", msg)
+				internal.Logger.Printf(ctx, "redis: unknown message type: %T", msg)
 			}
 		}
 	}()
 }
 
 // initAllChan must be in sync with initMsgChan.
-func (c *PubSub) initAllChan(size int) {
+func (c *channel) initAllChan() {
 	ctx := context.TODO()
-	c.allCh = make(chan interface{}, size)
+	c.allCh = make(chan interface{}, c.chanSize)
+
 	go func() {
-		timer := time.NewTimer(pingTimeout)
+		timer := time.NewTimer(time.Minute)
 		timer.Stop()
 
 		var errCount int
 		for {
-			msg, err := c.Receive(ctx)
+			msg, err := c.pubSub.Receive(ctx)
 			if err != nil {
 				if err == pool.ErrClosed {
 					close(c.allCh)
@@ -601,29 +640,23 @@ func (c *PubSub) initAllChan(size int) {
 			}
 
 			switch msg := msg.(type) {
-			case *Subscription:
-				c.sendMessage(msg, timer)
 			case *Pong:
 				// Ignore.
-			case *Message:
-				c.sendMessage(msg, timer)
+			case *Subscription, *Message:
+				timer.Reset(c.chanSendTimeout)
+				select {
+				case c.allCh <- msg:
+					if !timer.Stop() {
+						<-timer.C
+					}
+				case <-timer.C:
+					internal.Logger.Printf(
+						ctx, "redis: %s channel is full for %s (message is dropped)",
+						c, c.chanSendTimeout)
+				}
 			default:
-				internal.Logger.Printf(c.getContext(), "redis: unknown message type: %T", msg)
+				internal.Logger.Printf(ctx, "redis: unknown message type: %T", msg)
 			}
 		}
 	}()
 }
-
-func (c *PubSub) sendMessage(msg interface{}, timer *time.Timer) {
-	timer.Reset(pingTimeout)
-	select {
-	case c.allCh <- msg:
-		if !timer.Stop() {
-			<-timer.C
-		}
-	case <-timer.C:
-		internal.Logger.Printf(
-			c.getContext(),
-			"redis: %s channel is full for %s (message is dropped)", c, pingTimeout)
-	}
-}
diff --git a/vendor/github.com/go-redis/redis/v8/redis.go b/vendor/github.com/go-redis/redis/v8/redis.go
index 7995c43657..98d603497f 100644
--- a/vendor/github.com/go-redis/redis/v8/redis.go
+++ b/vendor/github.com/go-redis/redis/v8/redis.go
@@ -10,7 +10,6 @@ import (
 	"github.com/go-redis/redis/v8/internal"
 	"github.com/go-redis/redis/v8/internal/pool"
 	"github.com/go-redis/redis/v8/internal/proto"
-	"go.opentelemetry.io/otel/attribute"
 )
 
 // Nil reply returned by Redis when key does not exist.
@@ -237,9 +236,6 @@ func (c *baseClient) initConn(ctx context.Context, cn *pool.Conn) error {
 		return nil
 	}
 
-	ctx, span := internal.StartSpan(ctx, "redis.init_conn")
-	defer span.End()
-
 	connPool := pool.NewSingleConnPool(c.connPool, cn)
 	conn := newConn(ctx, c.opt, connPool)
 
@@ -287,20 +283,11 @@ func (c *baseClient) releaseConn(ctx context.Context, cn *pool.Conn, err error)
 func (c *baseClient) withConn(
 	ctx context.Context, fn func(context.Context, *pool.Conn) error,
 ) error {
-	ctx, span := internal.StartSpan(ctx, "redis.with_conn")
-	defer span.End()
-
 	cn, err := c.getConn(ctx)
 	if err != nil {
 		return err
 	}
 
-	if span.IsRecording() {
-		if remoteAddr := cn.RemoteAddr(); remoteAddr != nil {
-			span.SetAttributes(attribute.String("net.peer.ip", remoteAddr.String()))
-		}
-	}
-
 	defer func() {
 		c.releaseConn(ctx, cn, err)
 	}()
diff --git a/vendor/github.com/go-redis/redis/v8/sentinel.go b/vendor/github.com/go-redis/redis/v8/sentinel.go
index efa2a41d71..ca2e088a76 100644
--- a/vendor/github.com/go-redis/redis/v8/sentinel.go
+++ b/vendor/github.com/go-redis/redis/v8/sentinel.go
@@ -40,8 +40,6 @@ type FailoverOptions struct {
 	// Now, this option only works in RandomSlaveAddr function.
 	UseDisconnectedSlaves bool
 
-	// Client queries sentinels in a random order
-	QuerySentinelRandomly bool
 	// Following options are copied from Options struct.
 
 	Dialer    func(ctx context.Context, network, addr string) (net.Conn, error)
@@ -221,14 +219,21 @@ func masterSlaveDialer(
 				failover.trySwitchMaster(ctx, addr)
 			}
 		}
-
 		if err != nil {
 			return nil, err
 		}
 		if failover.opt.Dialer != nil {
 			return failover.opt.Dialer(ctx, network, addr)
 		}
-		return net.DialTimeout("tcp", addr, failover.opt.DialTimeout)
+
+		netDialer := &net.Dialer{
+			Timeout:   failover.opt.DialTimeout,
+			KeepAlive: 5 * time.Minute,
+		}
+		if failover.opt.TLSConfig == nil {
+			return netDialer.DialContext(ctx, network, addr)
+		}
+		return tls.DialWithDialer(netDialer, network, addr, failover.opt.TLSConfig)
 	}
 }
 
diff --git a/vendor/github.com/go-testfixtures/testfixtures/v3/CHANGELOG.md b/vendor/github.com/go-testfixtures/testfixtures/v3/CHANGELOG.md
index 1cab63cedc..538859f13e 100644
--- a/vendor/github.com/go-testfixtures/testfixtures/v3/CHANGELOG.md
+++ b/vendor/github.com/go-testfixtures/testfixtures/v3/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## v3.6.1 - 2021-05-20
+
+- Fix possible security vulnerability by upgrading golang.org/x/crypto
+  ([#100](https://github.com/go-testfixtures/testfixtures/pull/100)).
+
 ## v3.6.0 - 2021-04-17
 
 - Add support for dumping a database using the CLI (use the `--dump` flag)
diff --git a/vendor/github.com/go-testfixtures/testfixtures/v3/README.md b/vendor/github.com/go-testfixtures/testfixtures/v3/README.md
index 1c6bc293c3..f0d7705a3a 100644
--- a/vendor/github.com/go-testfixtures/testfixtures/v3/README.md
+++ b/vendor/github.com/go-testfixtures/testfixtures/v3/README.md
@@ -139,7 +139,7 @@ func TestMain(m *testing.M) {
         fixtures, err = testfixtures.New(
                 testfixtures.Database(db), // You database connection
                 testfixtures.Dialect("postgres"), // Available: "postgresql", "timescaledb", "mysql", "mariadb", "sqlite" and "sqlserver"
-                testfixtures.Directory("testdata/fixtures"), // the directory containing the YAML files
+                testfixtures.Directory("testdata/fixtures"), // The directory containing the YAML files
         )
         if err != nil {
                 ...
@@ -188,15 +188,6 @@ fixtures, err := testfixtures.New(
 if err != nil {
         ...
 }
-
-fixtures, err := testfixtures.NewFiles(db, &testfixtures.PostgreSQL{},
-        "fixtures/orders.yml",
-        "fixtures/customers.yml",
-        // add as many files you want
-)
-if err != nil {
-        ...
-}
 ```
 
 With `Paths` option, you can specify the paths that fixtures will load
@@ -234,8 +225,9 @@ testfixtures.New(
 
 ## Sequences
 
-For PostgreSQL, this package also resets all sequences to a high
-number to prevent duplicated primary keys while running the tests.
+For PostgreSQL and MySQL/MariaDB, this package also resets all
+sequences to a high number to prevent duplicated primary keys while
+running the tests.
 The default is 10000, but you can change that with:
 
 ```go
diff --git a/vendor/github.com/go-testfixtures/testfixtures/v3/go.mod b/vendor/github.com/go-testfixtures/testfixtures/v3/go.mod
index 71e1594754..267597440a 100644
--- a/vendor/github.com/go-testfixtures/testfixtures/v3/go.mod
+++ b/vendor/github.com/go-testfixtures/testfixtures/v3/go.mod
@@ -1,13 +1,14 @@
 module github.com/go-testfixtures/testfixtures/v3
 
 require (
-	github.com/denisenkom/go-mssqldb v0.0.0-20191128021309-1d7a30a10f73
+	github.com/denisenkom/go-mssqldb v0.10.0
 	github.com/go-sql-driver/mysql v1.6.0
 	github.com/jackc/pgx/v4 v4.6.0
 	github.com/joho/godotenv v1.3.0
-	github.com/lib/pq v1.10.0
+	github.com/lib/pq v1.10.2
 	github.com/mattn/go-sqlite3 v1.14.7
 	github.com/spf13/pflag v1.0.5
+	golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a // indirect
 	gopkg.in/yaml.v2 v2.4.0
 )
 
diff --git a/vendor/github.com/go-testfixtures/testfixtures/v3/go.sum b/vendor/github.com/go-testfixtures/testfixtures/v3/go.sum
index 5af6a429d8..5d245e0b56 100644
--- a/vendor/github.com/go-testfixtures/testfixtures/v3/go.sum
+++ b/vendor/github.com/go-testfixtures/testfixtures/v3/go.sum
@@ -6,8 +6,8 @@ github.com/creack/pty v1.1.7/go.mod h1:lj5s0c3V2DBrqTV7llrYr5NG6My20zk30Fl46Y7Do
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/denisenkom/go-mssqldb v0.0.0-20191128021309-1d7a30a10f73 h1:OGNva6WhsKst5OZf7eZOklDztV3hwtTHovdrLHV+MsA=
-github.com/denisenkom/go-mssqldb v0.0.0-20191128021309-1d7a30a10f73/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
+github.com/denisenkom/go-mssqldb v0.10.0 h1:QykgLZBorFE95+gO3u9esLd0BmbvpWp0/waNNZfHBM8=
+github.com/denisenkom/go-mssqldb v0.10.0/go.mod h1:xbL0rPBG9cCiLr28tMa8zpbdarY27NDyej4t/EjAShU=
 github.com/go-sql-driver/mysql v1.6.0 h1:BCTh4TKNUYmOmMUcQ3IipzF5prigylS7XXjEkfCHuOE=
 github.com/go-sql-driver/mysql v1.6.0/go.mod h1:DCzpHaOWr8IXmIStZouvnhqoel9Qv2LBy8hT2VhHyBg=
 github.com/go-stack/stack v1.8.0/go.mod h1:v0f6uXyyMGvRgIKkXu+yp6POWl0qKG85gN/melR3HDY=
@@ -69,8 +69,8 @@ github.com/kr/text v0.1.0/go.mod h1:4Jbv+DJW3UT/LiOwJeYQe1efqtUx/iVham/4vfdArNI=
 github.com/lib/pq v1.0.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.1.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
 github.com/lib/pq v1.2.0/go.mod h1:5WUZQaWbwv1U+lTReE5YruASi9Al49XbQIvNi/34Woo=
-github.com/lib/pq v1.10.0 h1:Zx5DJFEYQXio93kgXnQ09fXNiUKsqv4OUEu2UtGcB1E=
-github.com/lib/pq v1.10.0/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
+github.com/lib/pq v1.10.2 h1:AqzbZs4ZoCBp+GtejcpCpcxM3zlSMx29dXbUSeVtJb8=
+github.com/lib/pq v1.10.2/go.mod h1:AlVN5x4E4T544tWzH6hKfbfQvm3HdbOxrmggDNAPY9o=
 github.com/mattn/go-colorable v0.1.1/go.mod h1:FuOcm+DKB9mbwrcAfNl7/TZVBZ6rcnceauSikq3lYCQ=
 github.com/mattn/go-colorable v0.1.2/go.mod h1:U0ppj6V5qS13XJ6of8GYAs25YV2eR4EVcfRqFIhoBtE=
 github.com/mattn/go-isatty v0.0.5/go.mod h1:Iq45c/XA43vh69/j3iqttzPXn0bhXyGjM0Hdxcsrc5s=
@@ -115,12 +115,14 @@ golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACk
 golang.org/x/crypto v0.0.0-20190325154230-a5d413f7728c/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
 golang.org/x/crypto v0.0.0-20190411191339-88737f569e3a/go.mod h1:WFFai1msRO1wXaEeE5yQxYXgSfI8pQAWXbQop6sCtWE=
 golang.org/x/crypto v0.0.0-20190820162420-60c769a6c586/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59 h1:3zb4D3T4G8jdExgVU/95+vQXfpEPiMdCaZgmGVxjNHM=
 golang.org/x/crypto v0.0.0-20200323165209-0ec3e9974c59/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
+golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a h1:kr2P4QFmQr29mSLA43kwrOcgcReGTfbE9N577tCTuBc=
+golang.org/x/crypto v0.0.0-20210513164829-c07d793c2f9a/go.mod h1:P+XmwS30IXTQdn5tA2iutPOUgjI07+tq3H3K9MVA1s8=
 golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
 golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20190813141303-74dc4d7220e7/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
 golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
 golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
@@ -131,9 +133,12 @@ golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20190422165155-953cdadca894/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190813064441-fde4db37ae7a/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20190826190057-c7b8b68b1456/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.2 h1:tW2bmiBqwgJj/UpqtC8EpXEZVYOwU0yG4iWbprSVAcs=
 golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/text v0.3.3 h1:cokOdA+Jmi5PJGXLlLllQSgYigAEfHXJAERHVMaCc2k=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 golang.org/x/tools v0.0.0-20190425163242-31fd60d6bfdc/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q=
 golang.org/x/tools v0.0.0-20190823170909-c4a336ef6a2f/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
diff --git a/vendor/github.com/hashicorp/go-retryablehttp/client.go b/vendor/github.com/hashicorp/go-retryablehttp/client.go
index 79dc931e40..adbdd92e3b 100644
--- a/vendor/github.com/hashicorp/go-retryablehttp/client.go
+++ b/vendor/github.com/hashicorp/go-retryablehttp/client.go
@@ -471,7 +471,7 @@ func baseRetryPolicy(resp *http.Response, err error) (bool, error) {
 // seconds the server states it may be ready to process more requests from this client.
 func DefaultBackoff(min, max time.Duration, attemptNum int, resp *http.Response) time.Duration {
 	if resp != nil {
-		if resp.StatusCode == http.StatusTooManyRequests {
+		if resp.StatusCode == http.StatusTooManyRequests || resp.StatusCode == http.StatusServiceUnavailable {
 			if s, ok := resp.Header["Retry-After"]; ok {
 				if sleep, err := strconv.ParseInt(s[0], 10, 64); err == nil {
 					return time.Second * time.Duration(sleep)
diff --git a/vendor/github.com/json-iterator/go/go.sum b/vendor/github.com/json-iterator/go/go.sum
index d778b5a14d..be00a6df96 100644
--- a/vendor/github.com/json-iterator/go/go.sum
+++ b/vendor/github.com/json-iterator/go/go.sum
@@ -9,6 +9,7 @@ github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742 h1:Esafd1046DLD
 github.com/modern-go/reflect2 v0.0.0-20180701023420-4b7aa43c6742/go.mod h1:bx2lNnkwVCuqBIxFjflWJWanXIb3RllmbCylyMrvgv0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
+github.com/stretchr/objx v0.1.0 h1:4G4v2dO3VZwixGIRoQ5Lfboy6nUhCyYzaqnIAPPhYs4=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
 github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
diff --git a/vendor/github.com/json-iterator/go/iter_float.go b/vendor/github.com/json-iterator/go/iter_float.go
index b9754638e8..8a3d8b6fb4 100644
--- a/vendor/github.com/json-iterator/go/iter_float.go
+++ b/vendor/github.com/json-iterator/go/iter_float.go
@@ -288,6 +288,9 @@ non_decimal_loop:
 				return iter.readFloat64SlowPath()
 			}
 			value = (value << 3) + (value << 1) + uint64(ind)
+			if value > maxFloat64 {
+				return iter.readFloat64SlowPath()
+			}
 		}
 	}
 	return iter.readFloat64SlowPath()
diff --git a/vendor/github.com/json-iterator/go/iter_int.go b/vendor/github.com/json-iterator/go/iter_int.go
index 2142320355..d786a89fe1 100644
--- a/vendor/github.com/json-iterator/go/iter_int.go
+++ b/vendor/github.com/json-iterator/go/iter_int.go
@@ -9,6 +9,7 @@ var intDigits []int8
 
 const uint32SafeToMultiply10 = uint32(0xffffffff)/10 - 1
 const uint64SafeToMultiple10 = uint64(0xffffffffffffffff)/10 - 1
+const maxFloat64 = 1<<53 - 1
 
 func init() {
 	intDigits = make([]int8, 256)
@@ -339,7 +340,7 @@ func (iter *Iterator) readUint64(c byte) (ret uint64) {
 }
 
 func (iter *Iterator) assertInteger() {
-	if iter.head < len(iter.buf) && iter.buf[iter.head] == '.' {
+	if iter.head < iter.tail && iter.buf[iter.head] == '.' {
 		iter.ReportError("assertInteger", "can not decode float as int")
 	}
 }
diff --git a/vendor/github.com/json-iterator/go/reflect.go b/vendor/github.com/json-iterator/go/reflect.go
index 74974ba74b..39acb320ac 100644
--- a/vendor/github.com/json-iterator/go/reflect.go
+++ b/vendor/github.com/json-iterator/go/reflect.go
@@ -65,7 +65,7 @@ func (iter *Iterator) ReadVal(obj interface{}) {
 	decoder := iter.cfg.getDecoderFromCache(cacheKey)
 	if decoder == nil {
 		typ := reflect2.TypeOf(obj)
-		if typ.Kind() != reflect.Ptr {
+		if typ == nil || typ.Kind() != reflect.Ptr {
 			iter.ReportError("ReadVal", "can only unmarshal into pointer")
 			return
 		}
diff --git a/vendor/github.com/json-iterator/go/reflect_json_raw_message.go b/vendor/github.com/json-iterator/go/reflect_json_raw_message.go
index f2619936c8..eba434f2f1 100644
--- a/vendor/github.com/json-iterator/go/reflect_json_raw_message.go
+++ b/vendor/github.com/json-iterator/go/reflect_json_raw_message.go
@@ -33,11 +33,19 @@ type jsonRawMessageCodec struct {
 }
 
 func (codec *jsonRawMessageCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*json.RawMessage)(ptr)) = json.RawMessage(iter.SkipAndReturnBytes())
+	if iter.ReadNil() {
+		*((*json.RawMessage)(ptr)) = nil
+	} else {
+		*((*json.RawMessage)(ptr)) = iter.SkipAndReturnBytes()
+	}
 }
 
 func (codec *jsonRawMessageCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
-	stream.WriteRaw(string(*((*json.RawMessage)(ptr))))
+	if *((*json.RawMessage)(ptr)) == nil {
+		stream.WriteNil()
+	} else {
+		stream.WriteRaw(string(*((*json.RawMessage)(ptr))))
+	}
 }
 
 func (codec *jsonRawMessageCodec) IsEmpty(ptr unsafe.Pointer) bool {
@@ -48,11 +56,19 @@ type jsoniterRawMessageCodec struct {
 }
 
 func (codec *jsoniterRawMessageCodec) Decode(ptr unsafe.Pointer, iter *Iterator) {
-	*((*RawMessage)(ptr)) = RawMessage(iter.SkipAndReturnBytes())
+	if iter.ReadNil() {
+		*((*RawMessage)(ptr)) = nil
+	} else {
+		*((*RawMessage)(ptr)) = iter.SkipAndReturnBytes()
+	}
 }
 
 func (codec *jsoniterRawMessageCodec) Encode(ptr unsafe.Pointer, stream *Stream) {
-	stream.WriteRaw(string(*((*RawMessage)(ptr))))
+	if *((*RawMessage)(ptr)) == nil {
+		stream.WriteNil()
+	} else {
+		stream.WriteRaw(string(*((*RawMessage)(ptr))))
+	}
 }
 
 func (codec *jsoniterRawMessageCodec) IsEmpty(ptr unsafe.Pointer) bool {
diff --git a/vendor/github.com/json-iterator/go/reflect_struct_decoder.go b/vendor/github.com/json-iterator/go/reflect_struct_decoder.go
index d7eb0eb5ca..92ae912dc2 100644
--- a/vendor/github.com/json-iterator/go/reflect_struct_decoder.go
+++ b/vendor/github.com/json-iterator/go/reflect_struct_decoder.go
@@ -1075,6 +1075,11 @@ type stringModeNumberDecoder struct {
 }
 
 func (decoder *stringModeNumberDecoder) Decode(ptr unsafe.Pointer, iter *Iterator) {
+	if iter.WhatIsNext() == NilValue {
+		decoder.elemDecoder.Decode(ptr, iter)
+		return
+	}
+
 	c := iter.nextToken()
 	if c != '"' {
 		iter.ReportError("stringModeNumberDecoder", `expect ", but found `+string([]byte{c}))
diff --git a/vendor/github.com/klauspost/compress/flate/deflate.go b/vendor/github.com/klauspost/compress/flate/deflate.go
index 40b5802deb..5283ac5a53 100644
--- a/vendor/github.com/klauspost/compress/flate/deflate.go
+++ b/vendor/github.com/klauspost/compress/flate/deflate.go
@@ -644,7 +644,7 @@ func (d *compressor) init(w io.Writer, level int) (err error) {
 		d.fill = (*compressor).fillBlock
 		d.step = (*compressor).store
 	case level == ConstantCompression:
-		d.w.logNewTablePenalty = 8
+		d.w.logNewTablePenalty = 10
 		d.window = make([]byte, 32<<10)
 		d.fill = (*compressor).fillBlock
 		d.step = (*compressor).storeHuff
diff --git a/vendor/github.com/klauspost/compress/flate/fast_encoder.go b/vendor/github.com/klauspost/compress/flate/fast_encoder.go
index 678f081052..347ac2c902 100644
--- a/vendor/github.com/klauspost/compress/flate/fast_encoder.go
+++ b/vendor/github.com/klauspost/compress/flate/fast_encoder.go
@@ -45,7 +45,7 @@ const (
 
 	bTableBits   = 17                                               // Bits used in the big tables
 	bTableSize   = 1 << bTableBits                                  // Size of the table
-	allocHistory = maxStoreBlockSize * 10                           // Size to preallocate for history.
+	allocHistory = maxStoreBlockSize * 5                            // Size to preallocate for history.
 	bufferReset  = (1 << 31) - allocHistory - maxStoreBlockSize - 1 // Reset the buffer offset when reaching this.
 )
 
diff --git a/vendor/github.com/klauspost/compress/flate/huffman_bit_writer.go b/vendor/github.com/klauspost/compress/flate/huffman_bit_writer.go
index db54be1398..3ad5e98072 100644
--- a/vendor/github.com/klauspost/compress/flate/huffman_bit_writer.go
+++ b/vendor/github.com/klauspost/compress/flate/huffman_bit_writer.go
@@ -6,6 +6,7 @@ package flate
 
 import (
 	"encoding/binary"
+	"fmt"
 	"io"
 )
 
@@ -27,7 +28,7 @@ const (
 	// after which bytes are flushed to the writer.
 	// Should preferably be a multiple of 6, since
 	// we accumulate 6 bytes between writes to the buffer.
-	bufferFlushSize = 240
+	bufferFlushSize = 246
 
 	// bufferSize is the actual output byte buffer size.
 	// It must have additional headroom for a flush
@@ -59,19 +60,31 @@ var offsetExtraBits = [64]int8{
 	14, 14, 15, 15, 16, 16, 17, 17, 18, 18, 19, 19, 20, 20,
 }
 
-var offsetBase = [64]uint32{
-	/* normal deflate */
-	0x000000, 0x000001, 0x000002, 0x000003, 0x000004,
-	0x000006, 0x000008, 0x00000c, 0x000010, 0x000018,
-	0x000020, 0x000030, 0x000040, 0x000060, 0x000080,
-	0x0000c0, 0x000100, 0x000180, 0x000200, 0x000300,
-	0x000400, 0x000600, 0x000800, 0x000c00, 0x001000,
-	0x001800, 0x002000, 0x003000, 0x004000, 0x006000,
+var offsetCombined = [32]uint32{}
 
-	/* extended window */
-	0x008000, 0x00c000, 0x010000, 0x018000, 0x020000,
-	0x030000, 0x040000, 0x060000, 0x080000, 0x0c0000,
-	0x100000, 0x180000, 0x200000, 0x300000,
+func init() {
+	var offsetBase = [64]uint32{
+		/* normal deflate */
+		0x000000, 0x000001, 0x000002, 0x000003, 0x000004,
+		0x000006, 0x000008, 0x00000c, 0x000010, 0x000018,
+		0x000020, 0x000030, 0x000040, 0x000060, 0x000080,
+		0x0000c0, 0x000100, 0x000180, 0x000200, 0x000300,
+		0x000400, 0x000600, 0x000800, 0x000c00, 0x001000,
+		0x001800, 0x002000, 0x003000, 0x004000, 0x006000,
+
+		/* extended window */
+		0x008000, 0x00c000, 0x010000, 0x018000, 0x020000,
+		0x030000, 0x040000, 0x060000, 0x080000, 0x0c0000,
+		0x100000, 0x180000, 0x200000, 0x300000,
+	}
+
+	for i := range offsetCombined[:] {
+		// Don't use extended window values...
+		if offsetBase[i] > 0x006000 {
+			continue
+		}
+		offsetCombined[i] = uint32(offsetExtraBits[i])<<16 | (offsetBase[i])
+	}
 }
 
 // The odd order in which the codegen code sizes are written.
@@ -88,15 +101,16 @@ type huffmanBitWriter struct {
 	bits            uint64
 	nbits           uint16
 	nbytes          uint8
+	lastHuffMan     bool
 	literalEncoding *huffmanEncoder
+	tmpLitEncoding  *huffmanEncoder
 	offsetEncoding  *huffmanEncoder
 	codegenEncoding *huffmanEncoder
 	err             error
 	lastHeader      int
 	// Set between 0 (reused block can be up to 2x the size)
 	logNewTablePenalty uint
-	lastHuffMan        bool
-	bytes              [256]byte
+	bytes              [256 + 8]byte
 	literalFreq        [lengthCodesStart + 32]uint16
 	offsetFreq         [32]uint16
 	codegenFreq        [codegenCodeCount]uint16
@@ -128,6 +142,7 @@ func newHuffmanBitWriter(w io.Writer) *huffmanBitWriter {
 	return &huffmanBitWriter{
 		writer:          w,
 		literalEncoding: newHuffmanEncoder(literalCount),
+		tmpLitEncoding:  newHuffmanEncoder(literalCount),
 		codegenEncoding: newHuffmanEncoder(codegenCodeCount),
 		offsetEncoding:  newHuffmanEncoder(offsetCodeCount),
 	}
@@ -745,9 +760,31 @@ func (w *huffmanBitWriter) writeTokens(tokens []token, leCodes, oeCodes []hcode)
 	offs := oeCodes[:32]
 	lengths := leCodes[lengthCodesStart:]
 	lengths = lengths[:32]
+
+	// Go 1.16 LOVES having these on stack.
+	bits, nbits, nbytes := w.bits, w.nbits, w.nbytes
+
 	for _, t := range tokens {
 		if t < matchType {
-			w.writeCode(lits[t.literal()])
+			//w.writeCode(lits[t.literal()])
+			c := lits[t.literal()]
+			bits |= uint64(c.code) << nbits
+			nbits += c.len
+			if nbits >= 48 {
+				binary.LittleEndian.PutUint64(w.bytes[nbytes:], bits)
+				//*(*uint64)(unsafe.Pointer(&w.bytes[nbytes])) = bits
+				bits >>= 48
+				nbits -= 48
+				nbytes += 6
+				if nbytes >= bufferFlushSize {
+					if w.err != nil {
+						nbytes = 0
+						return
+					}
+					_, w.err = w.writer.Write(w.bytes[:nbytes])
+					nbytes = 0
+				}
+			}
 			continue
 		}
 
@@ -759,38 +796,99 @@ func (w *huffmanBitWriter) writeTokens(tokens []token, leCodes, oeCodes []hcode)
 		} else {
 			// inlined
 			c := lengths[lengthCode&31]
-			w.bits |= uint64(c.code) << w.nbits
-			w.nbits += c.len
-			if w.nbits >= 48 {
-				w.writeOutBits()
+			bits |= uint64(c.code) << nbits
+			nbits += c.len
+			if nbits >= 48 {
+				binary.LittleEndian.PutUint64(w.bytes[nbytes:], bits)
+				//*(*uint64)(unsafe.Pointer(&w.bytes[nbytes])) = bits
+				bits >>= 48
+				nbits -= 48
+				nbytes += 6
+				if nbytes >= bufferFlushSize {
+					if w.err != nil {
+						nbytes = 0
+						return
+					}
+					_, w.err = w.writer.Write(w.bytes[:nbytes])
+					nbytes = 0
+				}
 			}
 		}
 
 		extraLengthBits := uint16(lengthExtraBits[lengthCode&31])
 		if extraLengthBits > 0 {
+			//w.writeBits(extraLength, extraLengthBits)
 			extraLength := int32(length - lengthBase[lengthCode&31])
-			w.writeBits(extraLength, extraLengthBits)
+			bits |= uint64(extraLength) << nbits
+			nbits += extraLengthBits
+			if nbits >= 48 {
+				binary.LittleEndian.PutUint64(w.bytes[nbytes:], bits)
+				//*(*uint64)(unsafe.Pointer(&w.bytes[nbytes])) = bits
+				bits >>= 48
+				nbits -= 48
+				nbytes += 6
+				if nbytes >= bufferFlushSize {
+					if w.err != nil {
+						nbytes = 0
+						return
+					}
+					_, w.err = w.writer.Write(w.bytes[:nbytes])
+					nbytes = 0
+				}
+			}
 		}
 		// Write the offset
 		offset := t.offset()
-		offsetCode := offsetCode(offset)
+		offsetCode := offset >> 16
+		offset &= matchOffsetOnlyMask
 		if false {
 			w.writeCode(offs[offsetCode&31])
 		} else {
 			// inlined
-			c := offs[offsetCode&31]
-			w.bits |= uint64(c.code) << w.nbits
-			w.nbits += c.len
-			if w.nbits >= 48 {
-				w.writeOutBits()
+			c := offs[offsetCode]
+			bits |= uint64(c.code) << nbits
+			nbits += c.len
+			if nbits >= 48 {
+				binary.LittleEndian.PutUint64(w.bytes[nbytes:], bits)
+				//*(*uint64)(unsafe.Pointer(&w.bytes[nbytes])) = bits
+				bits >>= 48
+				nbits -= 48
+				nbytes += 6
+				if nbytes >= bufferFlushSize {
+					if w.err != nil {
+						nbytes = 0
+						return
+					}
+					_, w.err = w.writer.Write(w.bytes[:nbytes])
+					nbytes = 0
+				}
 			}
 		}
-		extraOffsetBits := uint16(offsetExtraBits[offsetCode&63])
-		if extraOffsetBits > 0 {
-			extraOffset := int32(offset - offsetBase[offsetCode&63])
-			w.writeBits(extraOffset, extraOffsetBits)
+		offsetComb := offsetCombined[offsetCode]
+		if offsetComb > 1<<16 {
+			//w.writeBits(extraOffset, extraOffsetBits)
+			bits |= uint64(offset&matchOffsetOnlyMask-(offsetComb&0xffff)) << nbits
+			nbits += uint16(offsetComb >> 16)
+			if nbits >= 48 {
+				binary.LittleEndian.PutUint64(w.bytes[nbytes:], bits)
+				//*(*uint64)(unsafe.Pointer(&w.bytes[nbytes])) = bits
+				bits >>= 48
+				nbits -= 48
+				nbytes += 6
+				if nbytes >= bufferFlushSize {
+					if w.err != nil {
+						nbytes = 0
+						return
+					}
+					_, w.err = w.writer.Write(w.bytes[:nbytes])
+					nbytes = 0
+				}
+			}
 		}
 	}
+	// Restore...
+	w.bits, w.nbits, w.nbytes = bits, nbits, nbytes
+
 	if deferEOB {
 		w.writeCode(leCodes[endBlockMarker])
 	}
@@ -825,13 +923,28 @@ func (w *huffmanBitWriter) writeBlockHuff(eof bool, input []byte, sync bool) {
 		}
 	}
 
+	// Fill is rarely better...
+	const fill = false
+	const numLiterals = endBlockMarker + 1
+	const numOffsets = 1
+
 	// Add everything as literals
 	// We have to estimate the header size.
 	// Assume header is around 70 bytes:
 	// https://stackoverflow.com/a/25454430
 	const guessHeaderSizeBits = 70 * 8
-	estBits := histogramSize(input, w.literalFreq[:], !eof && !sync)
-	estBits += w.lastHeader + len(input)/32
+	histogram(input, w.literalFreq[:numLiterals], fill)
+	w.literalFreq[endBlockMarker] = 1
+	w.tmpLitEncoding.generate(w.literalFreq[:numLiterals], 15)
+	if fill {
+		// Clear fill...
+		for i := range w.literalFreq[:numLiterals] {
+			w.literalFreq[i] = 0
+		}
+		histogram(input, w.literalFreq[:numLiterals], false)
+	}
+	estBits := w.tmpLitEncoding.canReuseBits(w.literalFreq[:numLiterals])
+	estBits += w.lastHeader
 	if w.lastHeader == 0 {
 		estBits += guessHeaderSizeBits
 	}
@@ -839,33 +952,31 @@ func (w *huffmanBitWriter) writeBlockHuff(eof bool, input []byte, sync bool) {
 
 	// Store bytes, if we don't get a reasonable improvement.
 	ssize, storable := w.storedSize(input)
-	if storable && ssize < estBits {
+	if storable && ssize <= estBits {
 		w.writeStoredHeader(len(input), eof)
 		w.writeBytes(input)
 		return
 	}
 
-	reuseSize := 0
 	if w.lastHeader > 0 {
-		reuseSize = w.literalEncoding.bitLength(w.literalFreq[:256])
+		reuseSize := w.literalEncoding.canReuseBits(w.literalFreq[:256])
 
 		if estBits < reuseSize {
+			if debugDeflate {
+				//fmt.Println("not reusing, reuse:", reuseSize/8, "> new:", estBits/8, "- header est:", w.lastHeader/8)
+			}
 			// We owe an EOB
 			w.writeCode(w.literalEncoding.codes[endBlockMarker])
 			w.lastHeader = 0
+		} else if debugDeflate {
+			fmt.Println("reusing, reuse:", reuseSize/8, "> new:", estBits/8, "- header est:", w.lastHeader/8)
 		}
 	}
 
-	const numLiterals = endBlockMarker + 1
-	const numOffsets = 1
+	count := 0
 	if w.lastHeader == 0 {
-		if !eof && !sync {
-			// Generate a slightly suboptimal tree that can be used for all.
-			fillHist(w.literalFreq[:numLiterals])
-		}
-		w.literalFreq[endBlockMarker] = 1
-		w.literalEncoding.generate(w.literalFreq[:numLiterals], 15)
-
+		// Use the temp encoding, so swap.
+		w.literalEncoding, w.tmpLitEncoding = w.tmpLitEncoding, w.literalEncoding
 		// Generate codegen and codegenFrequencies, which indicates how to encode
 		// the literalEncoding and the offsetEncoding.
 		w.generateCodegen(numLiterals, numOffsets, w.literalEncoding, huffOffset)
@@ -876,34 +987,47 @@ func (w *huffmanBitWriter) writeBlockHuff(eof bool, input []byte, sync bool) {
 		w.writeDynamicHeader(numLiterals, numOffsets, numCodegens, eof)
 		w.lastHuffMan = true
 		w.lastHeader, _ = w.headerSize()
+		if debugDeflate {
+			count += w.lastHeader
+			fmt.Println("header:", count/8)
+		}
 	}
 
-	encoding := w.literalEncoding.codes[:257]
+	encoding := w.literalEncoding.codes[:256]
+	// Go 1.16 LOVES having these on stack. At least 1.5x the speed.
+	bits, nbits, nbytes := w.bits, w.nbits, w.nbytes
 	for _, t := range input {
 		// Bitwriting inlined, ~30% speedup
 		c := encoding[t]
-		w.bits |= uint64(c.code) << w.nbits
-		w.nbits += c.len
-		if w.nbits >= 48 {
-			bits := w.bits
-			w.bits >>= 48
-			w.nbits -= 48
-			n := w.nbytes
-			binary.LittleEndian.PutUint64(w.bytes[n:], bits)
-			n += 6
-			if n >= bufferFlushSize {
+		bits |= uint64(c.code) << nbits
+		nbits += c.len
+		if debugDeflate {
+			count += int(c.len)
+		}
+		if nbits >= 48 {
+			binary.LittleEndian.PutUint64(w.bytes[nbytes:], bits)
+			//*(*uint64)(unsafe.Pointer(&w.bytes[nbytes])) = bits
+			bits >>= 48
+			nbits -= 48
+			nbytes += 6
+			if nbytes >= bufferFlushSize {
 				if w.err != nil {
-					n = 0
+					nbytes = 0
 					return
 				}
-				w.write(w.bytes[:n])
-				n = 0
+				_, w.err = w.writer.Write(w.bytes[:nbytes])
+				nbytes = 0
 			}
-			w.nbytes = n
 		}
 	}
+	// Restore...
+	w.bits, w.nbits, w.nbytes = bits, nbits, nbytes
+
+	if debugDeflate {
+		fmt.Println("wrote", count/8, "bytes")
+	}
 	if eof || sync {
-		w.writeCode(encoding[endBlockMarker])
+		w.writeCode(w.literalEncoding.codes[endBlockMarker])
 		w.lastHeader = 0
 		w.lastHuffMan = false
 	}
diff --git a/vendor/github.com/klauspost/compress/flate/huffman_code.go b/vendor/github.com/klauspost/compress/flate/huffman_code.go
index 0d3445a1cc..67b2b38728 100644
--- a/vendor/github.com/klauspost/compress/flate/huffman_code.go
+++ b/vendor/github.com/klauspost/compress/flate/huffman_code.go
@@ -21,9 +21,13 @@ type hcode struct {
 }
 
 type huffmanEncoder struct {
-	codes     []hcode
-	freqcache []literalNode
-	bitCount  [17]int32
+	codes    []hcode
+	bitCount [17]int32
+
+	// Allocate a reusable buffer with the longest possible frequency table.
+	// Possible lengths are codegenCodeCount, offsetCodeCount and literalCount.
+	// The largest of these is literalCount, so we allocate for that case.
+	freqcache [literalCount + 1]literalNode
 }
 
 type literalNode struct {
@@ -132,6 +136,21 @@ func (h *huffmanEncoder) bitLengthRaw(b []byte) int {
 	return total
 }
 
+// canReuseBits returns the number of bits or math.MaxInt32 if the encoder cannot be reused.
+func (h *huffmanEncoder) canReuseBits(freq []uint16) int {
+	var total int
+	for i, f := range freq {
+		if f != 0 {
+			code := h.codes[i]
+			if code.len == 0 {
+				return math.MaxInt32
+			}
+			total += int(f) * int(code.len)
+		}
+	}
+	return total
+}
+
 // Return the number of literals assigned to each bit size in the Huffman encoding
 //
 // This method is only called when list.length >= 3
@@ -291,12 +310,6 @@ func (h *huffmanEncoder) assignEncodingAndSize(bitCount []int32, list []literalN
 // freq  An array of frequencies, in which frequency[i] gives the frequency of literal i.
 // maxBits  The maximum number of bits to use for any literal.
 func (h *huffmanEncoder) generate(freq []uint16, maxBits int32) {
-	if h.freqcache == nil {
-		// Allocate a reusable buffer with the longest possible frequency table.
-		// Possible lengths are codegenCodeCount, offsetCodeCount and literalCount.
-		// The largest of these is literalCount, so we allocate for that case.
-		h.freqcache = make([]literalNode, literalCount+1)
-	}
 	list := h.freqcache[:len(freq)+1]
 	// Number of non-zero literals
 	count := 0
@@ -330,10 +343,14 @@ func (h *huffmanEncoder) generate(freq []uint16, maxBits int32) {
 	h.assignEncodingAndSize(bitCount, list)
 }
 
+// atLeastOne clamps the result between 1 and 15.
 func atLeastOne(v float32) float32 {
 	if v < 1 {
 		return 1
 	}
+	if v > 15 {
+		return 15
+	}
 	return v
 }
 
@@ -346,31 +363,12 @@ func fillHist(b []uint16) {
 	}
 }
 
-// histogramSize accumulates a histogram of b in h.
-// An estimated size in bits is returned.
-// len(h) must be >= 256, and h's elements must be all zeroes.
-func histogramSize(b []byte, h []uint16, fill bool) (bits int) {
+func histogram(b []byte, h []uint16, fill bool) {
 	h = h[:256]
 	for _, t := range b {
 		h[t]++
 	}
-	total := len(b)
 	if fill {
-		for _, v := range h {
-			if v == 0 {
-				total++
-			}
-		}
+		fillHist(h)
 	}
-
-	invTotal := 1.0 / float32(total)
-	shannon := float32(0.0)
-	for _, v := range h {
-		if v > 0 {
-			n := float32(v)
-			shannon += atLeastOne(-mFastLog2(n*invTotal)) * n
-		}
-	}
-
-	return int(shannon + 0.99)
 }
diff --git a/vendor/github.com/klauspost/compress/flate/level5.go b/vendor/github.com/klauspost/compress/flate/level5.go
index d513f1ffd3..293a3a320b 100644
--- a/vendor/github.com/klauspost/compress/flate/level5.go
+++ b/vendor/github.com/klauspost/compress/flate/level5.go
@@ -182,12 +182,27 @@ func (e *fastEncL5) Encode(dst *tokens, src []byte) {
 		// match. But, prior to the match, src[nextEmit:s] are unmatched. Emit
 		// them as literal bytes.
 
-		// Extend the 4-byte match as long as possible.
 		if l == 0 {
+			// Extend the 4-byte match as long as possible.
 			l = e.matchlenLong(s+4, t+4, src) + 4
 		} else if l == maxMatchLength {
 			l += e.matchlenLong(s+l, t+l, src)
 		}
+
+		// Try to locate a better match by checking the end of best match...
+		if sAt := s + l; l < 30 && sAt < sLimit {
+			eLong := e.bTable[hash7(load6432(src, sAt), tableBits)].Cur.offset
+			// Test current
+			t2 := eLong - e.cur - l
+			off := s - t2
+			if t2 >= 0 && off < maxMatchOffset && off > 0 {
+				if l2 := e.matchlenLong(s, t2, src); l2 > l {
+					t = t2
+					l = l2
+				}
+			}
+		}
+
 		// Extend backwards
 		for t > 0 && s > nextEmit && src[t-1] == src[s-1] {
 			s--
diff --git a/vendor/github.com/klauspost/compress/flate/level6.go b/vendor/github.com/klauspost/compress/flate/level6.go
index a52c80ea45..a709977ec4 100644
--- a/vendor/github.com/klauspost/compress/flate/level6.go
+++ b/vendor/github.com/klauspost/compress/flate/level6.go
@@ -211,6 +211,31 @@ func (e *fastEncL6) Encode(dst *tokens, src []byte) {
 			l += e.matchlenLong(s+l, t+l, src)
 		}
 
+		// Try to locate a better match by checking the end-of-match...
+		if sAt := s + l; sAt < sLimit {
+			eLong := &e.bTable[hash7(load6432(src, sAt), tableBits)]
+			// Test current
+			t2 := eLong.Cur.offset - e.cur - l
+			off := s - t2
+			if off < maxMatchOffset {
+				if off > 0 && t2 >= 0 {
+					if l2 := e.matchlenLong(s, t2, src); l2 > l {
+						t = t2
+						l = l2
+					}
+				}
+				// Test next:
+				t2 = eLong.Prev.offset - e.cur - l
+				off := s - t2
+				if off > 0 && off < maxMatchOffset && t2 >= 0 {
+					if l2 := e.matchlenLong(s, t2, src); l2 > l {
+						t = t2
+						l = l2
+					}
+				}
+			}
+		}
+
 		// Extend backwards
 		for t > 0 && s > nextEmit && src[t-1] == src[s-1] {
 			s--
diff --git a/vendor/github.com/klauspost/compress/flate/token.go b/vendor/github.com/klauspost/compress/flate/token.go
index f9abf606d6..eb862d7a92 100644
--- a/vendor/github.com/klauspost/compress/flate/token.go
+++ b/vendor/github.com/klauspost/compress/flate/token.go
@@ -13,14 +13,17 @@ import (
 )
 
 const (
+	// From top
 	// 2 bits:   type   0 = literal  1=EOF  2=Match   3=Unused
 	// 8 bits:   xlength = length - MIN_MATCH_LENGTH
-	// 22 bits   xoffset = offset - MIN_OFFSET_SIZE, or literal
-	lengthShift = 22
-	offsetMask  = 1<<lengthShift - 1
-	typeMask    = 3 << 30
-	literalType = 0 << 30
-	matchType   = 1 << 30
+	// 5 bits    offsetcode
+	// 16 bits   xoffset = offset - MIN_OFFSET_SIZE, or literal
+	lengthShift         = 22
+	offsetMask          = 1<<lengthShift - 1
+	typeMask            = 3 << 30
+	literalType         = 0 << 30
+	matchType           = 1 << 30
+	matchOffsetOnlyMask = 0xffff
 )
 
 // The length code for length X (MIN_MATCH_LENGTH <= X <= MAX_MATCH_LENGTH)
@@ -187,7 +190,7 @@ func (t *tokens) indexTokens(in []token) {
 			t.AddLiteral(tok.literal())
 			continue
 		}
-		t.AddMatch(uint32(tok.length()), tok.offset())
+		t.AddMatch(uint32(tok.length()), tok.offset()&matchOffsetOnlyMask)
 	}
 }
 
@@ -232,7 +235,7 @@ func (t *tokens) EstimatedBits() int {
 		for _, v := range t.litHist[:] {
 			if v > 0 {
 				n := float32(v)
-				shannon += -mFastLog2(n*invTotal) * n
+				shannon += atLeastOne(-mFastLog2(n*invTotal)) * n
 			}
 		}
 		// Just add 15 for EOB
@@ -240,7 +243,7 @@ func (t *tokens) EstimatedBits() int {
 		for i, v := range t.extraHist[1 : literalCount-256] {
 			if v > 0 {
 				n := float32(v)
-				shannon += -mFastLog2(n*invTotal) * n
+				shannon += atLeastOne(-mFastLog2(n*invTotal)) * n
 				bits += int(lengthExtraBits[i&31]) * int(v)
 				nMatches += int(v)
 			}
@@ -251,7 +254,7 @@ func (t *tokens) EstimatedBits() int {
 		for i, v := range t.offHist[:offsetCodeCount] {
 			if v > 0 {
 				n := float32(v)
-				shannon += -mFastLog2(n*invTotal) * n
+				shannon += atLeastOne(-mFastLog2(n*invTotal)) * n
 				bits += int(offsetExtraBits[i&31]) * int(v)
 			}
 		}
@@ -270,11 +273,13 @@ func (t *tokens) AddMatch(xlength uint32, xoffset uint32) {
 			panic(fmt.Errorf("invalid offset: %v", xoffset))
 		}
 	}
+	oCode := offsetCode(xoffset)
+	xoffset |= oCode << 16
 	t.nLits++
-	lengthCode := lengthCodes1[uint8(xlength)] & 31
+
+	t.extraHist[lengthCodes1[uint8(xlength)]]++
+	t.offHist[oCode]++
 	t.tokens[t.n] = token(matchType | xlength<<lengthShift | xoffset)
-	t.extraHist[lengthCode]++
-	t.offHist[offsetCode(xoffset)&31]++
 	t.n++
 }
 
@@ -286,7 +291,8 @@ func (t *tokens) AddMatchLong(xlength int32, xoffset uint32) {
 			panic(fmt.Errorf("invalid offset: %v", xoffset))
 		}
 	}
-	oc := offsetCode(xoffset) & 31
+	oc := offsetCode(xoffset)
+	xoffset |= oc << 16
 	for xlength > 0 {
 		xl := xlength
 		if xl > 258 {
@@ -294,12 +300,11 @@ func (t *tokens) AddMatchLong(xlength int32, xoffset uint32) {
 			xl = 258 - baseMatchLength
 		}
 		xlength -= xl
-		xl -= 3
+		xl -= baseMatchLength
 		t.nLits++
-		lengthCode := lengthCodes1[uint8(xl)] & 31
-		t.tokens[t.n] = token(matchType | uint32(xl)<<lengthShift | xoffset)
-		t.extraHist[lengthCode]++
+		t.extraHist[lengthCodes1[uint8(xl)]]++
 		t.offHist[oc]++
+		t.tokens[t.n] = token(matchType | uint32(xl)<<lengthShift | xoffset)
 		t.n++
 	}
 }
diff --git a/vendor/github.com/klauspost/compress/gzip/gunzip.go b/vendor/github.com/klauspost/compress/gzip/gunzip.go
index 568b5d4fb8..21e768b360 100644
--- a/vendor/github.com/klauspost/compress/gzip/gunzip.go
+++ b/vendor/github.com/klauspost/compress/gzip/gunzip.go
@@ -75,6 +75,7 @@ type Header struct {
 type Reader struct {
 	Header       // valid after NewReader or Reader.Reset
 	r            flate.Reader
+	br           *bufio.Reader
 	decompressor io.ReadCloser
 	digest       uint32 // CRC-32, IEEE polynomial (section 8)
 	size         uint32 // Uncompressed size (section 2.3.1)
@@ -109,7 +110,13 @@ func (z *Reader) Reset(r io.Reader) error {
 	if rr, ok := r.(flate.Reader); ok {
 		z.r = rr
 	} else {
-		z.r = bufio.NewReader(r)
+		// Reuse if we can.
+		if z.br != nil {
+			z.br.Reset(r)
+		} else {
+			z.br = bufio.NewReader(r)
+		}
+		z.r = z.br
 	}
 	z.Header, z.err = z.readHeader()
 	return z.err
diff --git a/vendor/github.com/klauspost/compress/zstd/README.md b/vendor/github.com/klauspost/compress/zstd/README.md
index 7680bfe1dd..787813fa9e 100644
--- a/vendor/github.com/klauspost/compress/zstd/README.md
+++ b/vendor/github.com/klauspost/compress/zstd/README.md
@@ -16,8 +16,7 @@ Currently the package is heavily optimized for 64 bit processors and will be sig
 
 Install using `go get -u github.com/klauspost/compress`. The package is located in `github.com/klauspost/compress/zstd`.
 
-Godoc Documentation: https://godoc.org/github.com/klauspost/compress/zstd
-
+[![Go Reference](https://pkg.go.dev/badge/github.com/klauspost/compress/zstd.svg)](https://pkg.go.dev/github.com/klauspost/compress/zstd)
 
 ## Compressor
 
@@ -152,8 +151,8 @@ This package:
 file    out     level   insize      outsize     millis  mb/s
 silesia.tar zskp    1   211947520   73101992    643     313.87
 silesia.tar zskp    2   211947520   67504318    969     208.38
-silesia.tar zskp    3   211947520   65177448    1899    106.44
-silesia.tar zskp    4   211947520   61381950    8115    24.91
+silesia.tar zskp    3   211947520   64595893    2007    100.68
+silesia.tar zskp    4   211947520   60995370    7691    26.28
 
 cgo zstd:
 silesia.tar zstd    1   211947520   73605392    543     371.56
@@ -171,8 +170,8 @@ https://files.klauspost.com/compress/gob-stream.7z
 file        out     level   insize  outsize     millis  mb/s
 gob-stream  zskp    1   1911399616  235022249   3088    590.30
 gob-stream  zskp    2   1911399616  205669791   3786    481.34
-gob-stream  zskp    3   1911399616  185792019   9324    195.48
-gob-stream  zskp    4   1911399616  171537212   32113   56.76
+gob-stream  zskp    3   1911399616  175034659   9636    189.17
+gob-stream  zskp    4   1911399616  167273881   29337   62.13
 gob-stream  zstd    1   1911399616  249810424   2637    691.26
 gob-stream  zstd    3   1911399616  208192146   3490    522.31
 gob-stream  zstd    6   1911399616  193632038   6687    272.56
@@ -187,8 +186,8 @@ http://mattmahoney.net/dc/textdata.html
 file    out level   insize      outsize     millis  mb/s
 enwik9  zskp    1   1000000000  343848582   3609    264.18
 enwik9  zskp    2   1000000000  317276632   5746    165.97
-enwik9  zskp    3   1000000000  294540704   11725   81.34
-enwik9  zskp    4   1000000000  276609671   44029   21.66
+enwik9  zskp    3   1000000000  292243069   12162   78.41
+enwik9  zskp    4   1000000000  275241169   36430   26.18
 enwik9  zstd    1   1000000000  358072021   3110    306.65
 enwik9  zstd    3   1000000000  313734672   4784    199.35
 enwik9  zstd    6   1000000000  295138875   10290   92.68
@@ -202,8 +201,8 @@ https://files.klauspost.com/compress/github-june-2days-2019.json.zst
 file                        out level   insize      outsize     millis  mb/s
 github-june-2days-2019.json zskp    1   6273951764  699045015   10620   563.40
 github-june-2days-2019.json zskp    2   6273951764  617881763   11687   511.96
-github-june-2days-2019.json zskp    3   6273951764  537511906   29252   204.54
-github-june-2days-2019.json zskp    4   6273951764  512796117   97791   61.18
+github-june-2days-2019.json zskp    3   6273951764  524340691   34043   175.75
+github-june-2days-2019.json zskp    4   6273951764  503314661   93811   63.78
 github-june-2days-2019.json zstd    1   6273951764  766284037   8450    708.00
 github-june-2days-2019.json zstd    3   6273951764  661889476   10927   547.57
 github-june-2days-2019.json zstd    6   6273951764  642756859   22996   260.18
@@ -217,8 +216,8 @@ https://files.klauspost.com/compress/rawstudio-mint14.7z
 file                    out level   insize      outsize     millis  mb/s
 rawstudio-mint14.tar    zskp    1   8558382592  3667489370  20210   403.84
 rawstudio-mint14.tar    zskp    2   8558382592  3364592300  31873   256.07
-rawstudio-mint14.tar    zskp    3   8558382592  3224594213  71751   113.75
-rawstudio-mint14.tar    zskp    4   8558382592  3027332295  486243  16.79
+rawstudio-mint14.tar    zskp    3   8558382592  3158085214  77675   105.08
+rawstudio-mint14.tar    zskp    4   8558382592  3020370044  404956  20.16
 rawstudio-mint14.tar    zstd    1   8558382592  3609250104  17136   476.27
 rawstudio-mint14.tar    zstd    3   8558382592  3341679997  29262   278.92
 rawstudio-mint14.tar    zstd    6   8558382592  3235846406  77904   104.77
@@ -232,8 +231,8 @@ https://files.klauspost.com/compress/nyc-taxi-data-10M.csv.zst
 file                    out level   insize      outsize     millis  mb/s
 nyc-taxi-data-10M.csv   zskp    1   3325605752  641339945   8925    355.35
 nyc-taxi-data-10M.csv   zskp    2   3325605752  591748091   11268   281.44
-nyc-taxi-data-10M.csv   zskp    3   3325605752  538490114   19880   159.53
-nyc-taxi-data-10M.csv   zskp    4   3325605752  495986829   89368   35.49
+nyc-taxi-data-10M.csv   zskp    3   3325605752  530289687   25239   125.66
+nyc-taxi-data-10M.csv   zskp    4   3325605752  490907191   65939   48.10
 nyc-taxi-data-10M.csv   zstd    1   3325605752  687399637   8233    385.18
 nyc-taxi-data-10M.csv   zstd    3   3325605752  598514411   10065   315.07
 nyc-taxi-data-10M.csv   zstd    6   3325605752  570522953   20038   158.27
@@ -405,13 +404,28 @@ BenchmarkDecoder_DecodeAllParallelCgo/comp-data.bin.zst-16        749938
 
 This reflects the performance around May 2020, but this may be out of date.
 
+## Zstd inside ZIP files
+
+It is possible to use zstandard to compress individual files inside zip archives.
+While this isn't widely supported it can be useful for internal files.
+
+To support the compression and decompression of these files you must register a compressor and decompressor.
+
+It is highly recommended registering the (de)compressors on individual zip Reader/Writer and NOT
+use the global registration functions. The main reason for this is that 2 registrations from 
+different packages will result in a panic.
+
+It is a good idea to only have a single compressor and decompressor, since they can be used for multiple zip
+files concurrently, and using a single instance will allow reusing some resources.
+
+See [this example](https://pkg.go.dev/github.com/klauspost/compress/zstd#example-ZipCompressor) for 
+how to compress and decompress files inside zip archives.
+
 # Contributions
 
 Contributions are always welcome. 
 For new features/fixes, remember to add tests and for performance enhancements include benchmarks.
 
-For sending files for reproducing errors use a service like [goobox](https://goobox.io/#/upload) or similar to share your files.
-
 For general feedback and experience reports, feel free to open an issue or write me on [Twitter](https://twitter.com/sh0dan).
 
 This package includes the excellent [`github.com/cespare/xxhash`](https://github.com/cespare/xxhash) package Copyright (c) 2016 Caleb Spare.
diff --git a/vendor/github.com/klauspost/compress/zstd/blockdec.go b/vendor/github.com/klauspost/compress/zstd/blockdec.go
index b51d922bda..e30af505ca 100644
--- a/vendor/github.com/klauspost/compress/zstd/blockdec.go
+++ b/vendor/github.com/klauspost/compress/zstd/blockdec.go
@@ -123,12 +123,10 @@ func newBlockDec(lowMem bool) *blockDec {
 // Input must be a start of a block and will be at the end of the block when returned.
 func (b *blockDec) reset(br byteBuffer, windowSize uint64) error {
 	b.WindowSize = windowSize
-	tmp := br.readSmall(3)
-	if tmp == nil {
-		if debug {
-			println("Reading block header:", io.ErrUnexpectedEOF)
-		}
-		return io.ErrUnexpectedEOF
+	tmp, err := br.readSmall(3)
+	if err != nil {
+		println("Reading block header:", err)
+		return err
 	}
 	bh := uint32(tmp[0]) | (uint32(tmp[1]) << 8) | (uint32(tmp[2]) << 16)
 	b.Last = bh&1 != 0
@@ -146,7 +144,7 @@ func (b *blockDec) reset(br byteBuffer, windowSize uint64) error {
 		}
 		cSize = 1
 	case blockTypeCompressed:
-		if debug {
+		if debugDecoder {
 			println("Data size on stream:", cSize)
 		}
 		b.RLESize = 0
@@ -155,7 +153,7 @@ func (b *blockDec) reset(br byteBuffer, windowSize uint64) error {
 			maxSize = int(windowSize)
 		}
 		if cSize > maxCompressedBlockSize || uint64(cSize) > b.WindowSize {
-			if debug {
+			if debugDecoder {
 				printf("compressed block too big: csize:%d block: %+v\n", uint64(cSize), b)
 			}
 			return ErrCompressedSizeTooBig
@@ -179,10 +177,9 @@ func (b *blockDec) reset(br byteBuffer, windowSize uint64) error {
 	if cap(b.dst) <= maxSize {
 		b.dst = make([]byte, 0, maxSize+1)
 	}
-	var err error
 	b.data, err = br.readBig(cSize, b.dataStorage)
 	if err != nil {
-		if debug {
+		if debugDecoder {
 			println("Reading block:", err, "(", cSize, ")", len(b.data))
 			printf("%T", br)
 		}
@@ -252,7 +249,7 @@ func (b *blockDec) startDecoder() {
 				b:   b.dst,
 				err: err,
 			}
-			if debug {
+			if debugDecoder {
 				println("Decompressed to", len(b.dst), "bytes, error:", err)
 			}
 			b.result <- o
@@ -267,7 +264,7 @@ func (b *blockDec) startDecoder() {
 		default:
 			panic("Invalid block type")
 		}
-		if debug {
+		if debugDecoder {
 			println("blockDec: Finished block")
 		}
 	}
@@ -300,7 +297,7 @@ func (b *blockDec) decodeBuf(hist *history) error {
 		b.dst = hist.b
 		hist.b = nil
 		err := b.decodeCompressed(hist)
-		if debug {
+		if debugDecoder {
 			println("Decompressed to total", len(b.dst), "bytes, hash:", xxhash.Sum64(b.dst), "error:", err)
 		}
 		hist.b = b.dst
@@ -393,7 +390,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 			in = in[5:]
 		}
 	}
-	if debug {
+	if debugDecoder {
 		println("literals type:", litType, "litRegenSize:", litRegenSize, "litCompSize:", litCompSize, "sizeFormat:", sizeFormat, "4X:", fourStreams)
 	}
 	var literals []byte
@@ -431,7 +428,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 			literals[i] = v
 		}
 		in = in[1:]
-		if debug {
+		if debugDecoder {
 			printf("Found %d RLE compressed literals\n", litRegenSize)
 		}
 	case literalsBlockTreeless:
@@ -442,7 +439,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 		// Store compressed literals, so we defer decoding until we get history.
 		literals = in[:litCompSize]
 		in = in[litCompSize:]
-		if debug {
+		if debugDecoder {
 			printf("Found %d compressed literals\n", litCompSize)
 		}
 	case literalsBlockCompressed:
@@ -484,7 +481,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 		if len(literals) != litRegenSize {
 			return fmt.Errorf("literal output size mismatch want %d, got %d", litRegenSize, len(literals))
 		}
-		if debug {
+		if debugDecoder {
 			printf("Decompressed %d literals into %d bytes\n", litCompSize, litRegenSize)
 		}
 	}
@@ -535,12 +532,12 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 		br := byteReader{b: in, off: 0}
 		compMode := br.Uint8()
 		br.advance(1)
-		if debug {
+		if debugDecoder {
 			printf("Compression modes: 0b%b", compMode)
 		}
 		for i := uint(0); i < 3; i++ {
 			mode := seqCompMode((compMode >> (6 - i*2)) & 3)
-			if debug {
+			if debugDecoder {
 				println("Table", tableIndex(i), "is", mode)
 			}
 			var seq *sequenceDec
@@ -571,7 +568,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 				}
 				dec.setRLE(symb)
 				seq.fse = dec
-				if debug {
+				if debugDecoder {
 					printf("RLE set to %+v, code: %v", symb, v)
 				}
 			case compModeFSE:
@@ -587,7 +584,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 					println("Transform table error:", err)
 					return err
 				}
-				if debug {
+				if debugDecoder {
 					println("Read table ok", "symbolLen:", dec.symbolLen)
 				}
 				seq.fse = dec
@@ -655,7 +652,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 	if huff != nil {
 		hist.huffTree = huff
 	}
-	if debug {
+	if debugDecoder {
 		println("Final literals:", len(literals), "hash:", xxhash.Sum64(literals), "and", nSeqs, "sequences.")
 	}
 
@@ -672,7 +669,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 	if err != nil {
 		return err
 	}
-	if debug {
+	if debugDecoder {
 		println("History merged ok")
 	}
 	br := &bitReader{}
@@ -731,7 +728,7 @@ func (b *blockDec) decodeCompressed(hist *history) error {
 	}
 	hist.append(b.dst)
 	hist.recentOffsets = seqs.prevOffset
-	if debug {
+	if debugDecoder {
 		println("Finished block with literals:", len(literals), "and", nSeqs, "sequences.")
 	}
 
diff --git a/vendor/github.com/klauspost/compress/zstd/blockenc.go b/vendor/github.com/klauspost/compress/zstd/blockenc.go
index e1be092f32..3df185ee46 100644
--- a/vendor/github.com/klauspost/compress/zstd/blockenc.go
+++ b/vendor/github.com/klauspost/compress/zstd/blockenc.go
@@ -156,7 +156,7 @@ func (h *literalsHeader) setSize(regenLen int) {
 	switch {
 	case inBits < 5:
 		lh |= (uint64(regenLen) << 3) | (1 << 60)
-		if debug {
+		if debugEncoder {
 			got := int(lh>>3) & 0xff
 			if got != regenLen {
 				panic(fmt.Sprint("litRegenSize = ", regenLen, "(want) != ", got, "(got)"))
@@ -184,7 +184,7 @@ func (h *literalsHeader) setSizes(compLen, inLen int, single bool) {
 			lh |= 1 << 2
 		}
 		lh |= (uint64(inLen) << 4) | (uint64(compLen) << (10 + 4)) | (3 << 60)
-		if debug {
+		if debugEncoder {
 			const mmask = (1 << 24) - 1
 			n := (lh >> 4) & mmask
 			if int(n&1023) != inLen {
@@ -312,7 +312,7 @@ func (b *blockEnc) encodeRaw(a []byte) {
 	bh.setType(blockTypeRaw)
 	b.output = bh.appendTo(b.output[:0])
 	b.output = append(b.output, a...)
-	if debug {
+	if debugEncoder {
 		println("Adding RAW block, length", len(a), "last:", b.last)
 	}
 }
@@ -325,7 +325,7 @@ func (b *blockEnc) encodeRawTo(dst, src []byte) []byte {
 	bh.setType(blockTypeRaw)
 	dst = bh.appendTo(dst)
 	dst = append(dst, src...)
-	if debug {
+	if debugEncoder {
 		println("Adding RAW block, length", len(src), "last:", b.last)
 	}
 	return dst
@@ -339,7 +339,7 @@ func (b *blockEnc) encodeLits(lits []byte, raw bool) error {
 
 	// Don't compress extremely small blocks
 	if len(lits) < 8 || (len(lits) < 32 && b.dictLitEnc == nil) || raw {
-		if debug {
+		if debugEncoder {
 			println("Adding RAW block, length", len(lits), "last:", b.last)
 		}
 		bh.setType(blockTypeRaw)
@@ -371,7 +371,7 @@ func (b *blockEnc) encodeLits(lits []byte, raw bool) error {
 
 	switch err {
 	case huff0.ErrIncompressible:
-		if debug {
+		if debugEncoder {
 			println("Adding RAW block, length", len(lits), "last:", b.last)
 		}
 		bh.setType(blockTypeRaw)
@@ -379,7 +379,7 @@ func (b *blockEnc) encodeLits(lits []byte, raw bool) error {
 		b.output = append(b.output, lits...)
 		return nil
 	case huff0.ErrUseRLE:
-		if debug {
+		if debugEncoder {
 			println("Adding RLE block, length", len(lits))
 		}
 		bh.setType(blockTypeRLE)
@@ -396,12 +396,12 @@ func (b *blockEnc) encodeLits(lits []byte, raw bool) error {
 	bh.setType(blockTypeCompressed)
 	var lh literalsHeader
 	if reUsed {
-		if debug {
+		if debugEncoder {
 			println("Reused tree, compressed to", len(out))
 		}
 		lh.setType(literalsBlockTreeless)
 	} else {
-		if debug {
+		if debugEncoder {
 			println("New tree, compressed to", len(out), "tree size:", len(b.litEnc.OutTable))
 		}
 		lh.setType(literalsBlockCompressed)
@@ -517,7 +517,7 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 		lh.setSize(len(b.literals))
 		b.output = lh.appendTo(b.output)
 		b.output = append(b.output, b.literals...)
-		if debug {
+		if debugEncoder {
 			println("Adding literals RAW, length", len(b.literals))
 		}
 	case huff0.ErrUseRLE:
@@ -525,22 +525,22 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 		lh.setSize(len(b.literals))
 		b.output = lh.appendTo(b.output)
 		b.output = append(b.output, b.literals[0])
-		if debug {
+		if debugEncoder {
 			println("Adding literals RLE")
 		}
 	case nil:
 		// Compressed litLen...
 		if reUsed {
-			if debug {
+			if debugEncoder {
 				println("reused tree")
 			}
 			lh.setType(literalsBlockTreeless)
 		} else {
-			if debug {
+			if debugEncoder {
 				println("new tree, size:", len(b.litEnc.OutTable))
 			}
 			lh.setType(literalsBlockCompressed)
-			if debug {
+			if debugEncoder {
 				_, _, err := huff0.ReadTable(out, nil)
 				if err != nil {
 					panic(err)
@@ -548,18 +548,18 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 			}
 		}
 		lh.setSizes(len(out), len(b.literals), single)
-		if debug {
+		if debugEncoder {
 			printf("Compressed %d literals to %d bytes", len(b.literals), len(out))
 			println("Adding literal header:", lh)
 		}
 		b.output = lh.appendTo(b.output)
 		b.output = append(b.output, out...)
 		b.litEnc.Reuse = huff0.ReusePolicyAllow
-		if debug {
+		if debugEncoder {
 			println("Adding literals compressed")
 		}
 	default:
-		if debug {
+		if debugEncoder {
 			println("Adding literals ERROR:", err)
 		}
 		return err
@@ -577,7 +577,7 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 		n := len(b.sequences) - 0x7f00
 		b.output = append(b.output, 255, uint8(n), uint8(n>>8))
 	}
-	if debug {
+	if debugEncoder {
 		println("Encoding", len(b.sequences), "sequences")
 	}
 	b.genCodes()
@@ -611,17 +611,17 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 		nSize = nSize + (nSize+2*8*16)>>4
 		switch {
 		case predefSize <= prevSize && predefSize <= nSize || forcePreDef:
-			if debug {
+			if debugEncoder {
 				println("Using predefined", predefSize>>3, "<=", nSize>>3)
 			}
 			return preDef, compModePredefined
 		case prevSize <= nSize:
-			if debug {
+			if debugEncoder {
 				println("Using previous", prevSize>>3, "<=", nSize>>3)
 			}
 			return prev, compModeRepeat
 		default:
-			if debug {
+			if debugEncoder {
 				println("Using new, predef", predefSize>>3, ". previous:", prevSize>>3, ">", nSize>>3, "header max:", cur.maxHeaderSize()>>3, "bytes")
 				println("tl:", cur.actualTableLog, "symbolLen:", cur.symbolLen, "norm:", cur.norm[:cur.symbolLen], "hist", cur.count[:cur.symbolLen])
 			}
@@ -634,7 +634,7 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 	if llEnc.useRLE {
 		mode |= uint8(compModeRLE) << 6
 		llEnc.setRLE(b.sequences[0].llCode)
-		if debug {
+		if debugEncoder {
 			println("llEnc.useRLE")
 		}
 	} else {
@@ -645,7 +645,7 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 	if ofEnc.useRLE {
 		mode |= uint8(compModeRLE) << 4
 		ofEnc.setRLE(b.sequences[0].ofCode)
-		if debug {
+		if debugEncoder {
 			println("ofEnc.useRLE")
 		}
 	} else {
@@ -657,7 +657,7 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 	if mlEnc.useRLE {
 		mode |= uint8(compModeRLE) << 2
 		mlEnc.setRLE(b.sequences[0].mlCode)
-		if debug {
+		if debugEncoder {
 			println("mlEnc.useRLE, code: ", b.sequences[0].mlCode, "value", b.sequences[0].matchLen)
 		}
 	} else {
@@ -666,7 +666,7 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 		mode |= uint8(m) << 2
 	}
 	b.output = append(b.output, mode)
-	if debug {
+	if debugEncoder {
 		printf("Compression modes: 0b%b", mode)
 	}
 	b.output, err = llEnc.writeCount(b.output)
@@ -786,7 +786,7 @@ func (b *blockEnc) encode(org []byte, raw, rawAllLits bool) error {
 
 	// Size is output minus block header.
 	bh.setSize(uint32(len(b.output)-bhOffset) - 3)
-	if debug {
+	if debugEncoder {
 		println("Rewriting block header", bh)
 	}
 	_ = bh.appendTo(b.output[bhOffset:bhOffset])
diff --git a/vendor/github.com/klauspost/compress/zstd/bytebuf.go b/vendor/github.com/klauspost/compress/zstd/bytebuf.go
index 658ef78380..aab71c6cf8 100644
--- a/vendor/github.com/klauspost/compress/zstd/bytebuf.go
+++ b/vendor/github.com/klauspost/compress/zstd/bytebuf.go
@@ -12,8 +12,8 @@ import (
 
 type byteBuffer interface {
 	// Read up to 8 bytes.
-	// Returns nil if no more input is available.
-	readSmall(n int) []byte
+	// Returns io.ErrUnexpectedEOF if this cannot be satisfied.
+	readSmall(n int) ([]byte, error)
 
 	// Read >8 bytes.
 	// MAY use the destination slice.
@@ -29,17 +29,17 @@ type byteBuffer interface {
 // in-memory buffer
 type byteBuf []byte
 
-func (b *byteBuf) readSmall(n int) []byte {
+func (b *byteBuf) readSmall(n int) ([]byte, error) {
 	if debugAsserts && n > 8 {
 		panic(fmt.Errorf("small read > 8 (%d). use readBig", n))
 	}
 	bb := *b
 	if len(bb) < n {
-		return nil
+		return nil, io.ErrUnexpectedEOF
 	}
 	r := bb[:n]
 	*b = bb[n:]
-	return r
+	return r, nil
 }
 
 func (b *byteBuf) readBig(n int, dst []byte) ([]byte, error) {
@@ -81,19 +81,22 @@ type readerWrapper struct {
 	tmp [8]byte
 }
 
-func (r *readerWrapper) readSmall(n int) []byte {
+func (r *readerWrapper) readSmall(n int) ([]byte, error) {
 	if debugAsserts && n > 8 {
 		panic(fmt.Errorf("small read > 8 (%d). use readBig", n))
 	}
 	n2, err := io.ReadFull(r.r, r.tmp[:n])
 	// We only really care about the actual bytes read.
-	if n2 != n {
-		if debug {
+	if err != nil {
+		if err == io.EOF {
+			return nil, io.ErrUnexpectedEOF
+		}
+		if debugDecoder {
 			println("readSmall: got", n2, "want", n, "err", err)
 		}
-		return nil
+		return nil, err
 	}
-	return r.tmp[:n]
+	return r.tmp[:n], nil
 }
 
 func (r *readerWrapper) readBig(n int, dst []byte) ([]byte, error) {
diff --git a/vendor/github.com/klauspost/compress/zstd/decoder.go b/vendor/github.com/klauspost/compress/zstd/decoder.go
index f593e464b6..4d984c3b26 100644
--- a/vendor/github.com/klauspost/compress/zstd/decoder.go
+++ b/vendor/github.com/klauspost/compress/zstd/decoder.go
@@ -113,9 +113,6 @@ func NewReader(r io.Reader, opts ...DOption) (*Decoder, error) {
 // Returns the number of bytes written and any error that occurred.
 // When the stream is done, io.EOF will be returned.
 func (d *Decoder) Read(p []byte) (int, error) {
-	if d.stream == nil {
-		return 0, ErrDecoderNilInput
-	}
 	var n int
 	for {
 		if len(d.current.b) > 0 {
@@ -138,7 +135,7 @@ func (d *Decoder) Read(p []byte) (int, error) {
 		}
 	}
 	if len(d.current.b) > 0 {
-		if debug {
+		if debugDecoder {
 			println("returning", n, "still bytes left:", len(d.current.b))
 		}
 		// Only return error at end of block
@@ -147,7 +144,7 @@ func (d *Decoder) Read(p []byte) (int, error) {
 	if d.current.err != nil {
 		d.drainOutput()
 	}
-	if debug {
+	if debugDecoder {
 		println("returning", n, d.current.err, len(d.decoders))
 	}
 	return n, d.current.err
@@ -167,20 +164,17 @@ func (d *Decoder) Reset(r io.Reader) error {
 
 	if r == nil {
 		d.current.err = ErrDecoderNilInput
+		if len(d.current.b) > 0 {
+			d.current.b = d.current.b[:0]
+		}
 		d.current.flushed = true
 		return nil
 	}
 
-	if d.stream == nil {
-		d.stream = make(chan decodeStream, 1)
-		d.streamWg.Add(1)
-		go d.startStreamDecoder(d.stream)
-	}
-
-	// If bytes buffer and < 1MB, do sync decoding anyway.
-	if bb, ok := r.(byter); ok && bb.Len() < 1<<20 {
+	// If bytes buffer and < 5MB, do sync decoding anyway.
+	if bb, ok := r.(byter); ok && bb.Len() < 5<<20 {
 		bb2 := bb
-		if debug {
+		if debugDecoder {
 			println("*bytes.Buffer detected, doing sync decode, len:", bb.Len())
 		}
 		b := bb2.Bytes()
@@ -196,12 +190,18 @@ func (d *Decoder) Reset(r io.Reader) error {
 		d.current.b = dst
 		d.current.err = err
 		d.current.flushed = true
-		if debug {
+		if debugDecoder {
 			println("sync decode to", len(dst), "bytes, err:", err)
 		}
 		return nil
 	}
 
+	if d.stream == nil {
+		d.stream = make(chan decodeStream, 1)
+		d.streamWg.Add(1)
+		go d.startStreamDecoder(d.stream)
+	}
+
 	// Remove current block.
 	d.current.decodeOutput = decodeOutput{}
 	d.current.err = nil
@@ -225,7 +225,7 @@ func (d *Decoder) drainOutput() {
 		d.current.cancel = nil
 	}
 	if d.current.d != nil {
-		if debug {
+		if debugDecoder {
 			printf("re-adding current decoder %p, decoders: %d", d.current.d, len(d.decoders))
 		}
 		d.decoders <- d.current.d
@@ -238,7 +238,7 @@ func (d *Decoder) drainOutput() {
 	}
 	for v := range d.current.output {
 		if v.d != nil {
-			if debug {
+			if debugDecoder {
 				printf("re-adding decoder %p", v.d)
 			}
 			d.decoders <- v.d
@@ -255,9 +255,6 @@ func (d *Decoder) drainOutput() {
 // The return value n is the number of bytes written.
 // Any error encountered during the write is also returned.
 func (d *Decoder) WriteTo(w io.Writer) (int64, error) {
-	if d.stream == nil {
-		return 0, ErrDecoderNilInput
-	}
 	var n int64
 	for {
 		if len(d.current.b) > 0 {
@@ -297,7 +294,7 @@ func (d *Decoder) DecodeAll(input, dst []byte) ([]byte, error) {
 	block := <-d.decoders
 	frame := block.localFrame
 	defer func() {
-		if debug {
+		if debugDecoder {
 			printf("re-adding decoder: %p", block)
 		}
 		frame.rawInput = nil
@@ -310,7 +307,7 @@ func (d *Decoder) DecodeAll(input, dst []byte) ([]byte, error) {
 		frame.history.reset()
 		err := frame.reset(&frame.bBuf)
 		if err == io.EOF {
-			if debug {
+			if debugDecoder {
 				println("frame reset return EOF")
 			}
 			return dst, nil
@@ -355,7 +352,7 @@ func (d *Decoder) DecodeAll(input, dst []byte) ([]byte, error) {
 			return dst, err
 		}
 		if len(frame.bBuf) == 0 {
-			if debug {
+			if debugDecoder {
 				println("frame dbuf empty")
 			}
 			break
@@ -371,7 +368,7 @@ func (d *Decoder) DecodeAll(input, dst []byte) ([]byte, error) {
 // if no data was available without blocking.
 func (d *Decoder) nextBlock(blocking bool) (ok bool) {
 	if d.current.d != nil {
-		if debug {
+		if debugDecoder {
 			printf("re-adding current decoder %p", d.current.d)
 		}
 		d.decoders <- d.current.d
@@ -391,7 +388,7 @@ func (d *Decoder) nextBlock(blocking bool) (ok bool) {
 			return false
 		}
 	}
-	if debug {
+	if debugDecoder {
 		println("got", len(d.current.b), "bytes, error:", d.current.err)
 	}
 	return true
@@ -485,7 +482,7 @@ func (d *Decoder) startStreamDecoder(inStream chan decodeStream) {
 	defer d.streamWg.Done()
 	frame := newFrameDec(d.o)
 	for stream := range inStream {
-		if debug {
+		if debugDecoder {
 			println("got new stream")
 		}
 		br := readerWrapper{r: stream.r}
@@ -493,7 +490,7 @@ func (d *Decoder) startStreamDecoder(inStream chan decodeStream) {
 		for {
 			frame.history.reset()
 			err := frame.reset(&br)
-			if debug && err != nil {
+			if debugDecoder && err != nil {
 				println("Frame decoder returned", err)
 			}
 			if err == nil && frame.DictionaryID != nil {
@@ -510,7 +507,7 @@ func (d *Decoder) startStreamDecoder(inStream chan decodeStream) {
 				}
 				break
 			}
-			if debug {
+			if debugDecoder {
 				println("starting frame decoder")
 			}
 
diff --git a/vendor/github.com/klauspost/compress/zstd/dict.go b/vendor/github.com/klauspost/compress/zstd/dict.go
index fa25a18d86..a36ae83ef5 100644
--- a/vendor/github.com/klauspost/compress/zstd/dict.go
+++ b/vendor/github.com/klauspost/compress/zstd/dict.go
@@ -82,7 +82,7 @@ func loadDict(b []byte) (*dict, error) {
 			println("Transform table error:", err)
 			return err
 		}
-		if debug {
+		if debugDecoder || debugEncoder {
 			println("Read table ok", "symbolLen:", dec.symbolLen)
 		}
 		// Set decoders as predefined so they aren't reused.
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_best.go b/vendor/github.com/klauspost/compress/zstd/enc_best.go
index fe3625c5f5..b7d4b90047 100644
--- a/vendor/github.com/klauspost/compress/zstd/enc_best.go
+++ b/vendor/github.com/klauspost/compress/zstd/enc_best.go
@@ -132,7 +132,7 @@ func (e *bestFastEncoder) Encode(blk *blockEnc, src []byte) {
 	}
 	_ = addLiterals
 
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -220,6 +220,20 @@ encodeLoop:
 			best = bestOf(best, matchAt(candidateL.prev-e.cur, s, uint32(cv), -1))
 			best = bestOf(best, matchAt(candidateL2.offset-e.cur, s+1, uint32(cv2), -1))
 			best = bestOf(best, matchAt(candidateL2.prev-e.cur, s+1, uint32(cv2), -1))
+
+			// See if we can find a better match by checking where the current best ends.
+			// Use that offset to see if we can find a better full match.
+			if sAt := best.s + best.length; sAt < sLimit {
+				nextHashL := hash8(load6432(src, sAt), bestLongTableBits)
+				candidateEnd := e.longTable[nextHashL]
+				if pos := candidateEnd.offset - e.cur - best.length; pos >= 0 {
+					bestEnd := bestOf(best, matchAt(pos, best.s, load3232(src, best.s), -1))
+					if pos := candidateEnd.prev - e.cur - best.length; pos >= 0 {
+						bestEnd = bestOf(bestEnd, matchAt(pos, best.s, load3232(src, best.s), -1))
+					}
+					best = bestEnd
+				}
+			}
 		}
 
 		// We have a match, we can store the forward value
@@ -260,7 +274,7 @@ encodeLoop:
 
 			nextEmit = s
 			if s >= sLimit {
-				if debug {
+				if debugEncoder {
 					println("repeat ended", s, best.length)
 
 				}
@@ -398,7 +412,7 @@ encodeLoop:
 	blk.recentOffsets[0] = uint32(offset1)
 	blk.recentOffsets[1] = uint32(offset2)
 	blk.recentOffsets[2] = uint32(offset3)
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 }
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_better.go b/vendor/github.com/klauspost/compress/zstd/enc_better.go
index c2ce4a2bac..eab7b5083e 100644
--- a/vendor/github.com/klauspost/compress/zstd/enc_better.go
+++ b/vendor/github.com/klauspost/compress/zstd/enc_better.go
@@ -138,7 +138,7 @@ func (e *betterFastEncoder) Encode(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -204,7 +204,7 @@ encodeLoop:
 
 					nextEmit = s
 					if s >= sLimit {
-						if debug {
+						if debugEncoder {
 							println("repeat ended", s, lenght)
 
 						}
@@ -264,7 +264,7 @@ encodeLoop:
 					s += lenght + repOff2
 					nextEmit = s
 					if s >= sLimit {
-						if debug {
+						if debugEncoder {
 							println("repeat ended", s, lenght)
 
 						}
@@ -412,8 +412,41 @@ encodeLoop:
 			cv = load6432(src, s)
 		}
 
-		// A 4-byte match has been found. Update recent offsets.
-		// We'll later see if more than 4 bytes.
+		// Try to find a better match by searching for a long match at the end of the current best match
+		if true && s+matched < sLimit {
+			nextHashL := hash8(load6432(src, s+matched), betterLongTableBits)
+			cv := load3232(src, s)
+			candidateL := e.longTable[nextHashL]
+			coffsetL := candidateL.offset - e.cur - matched
+			if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+				// Found a long match, at least 4 bytes.
+				matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
+				if matchedNext > matched {
+					t = coffsetL
+					matched = matchedNext
+					if debugMatches {
+						println("long match at end-of-match")
+					}
+				}
+			}
+
+			// Check prev long...
+			if true {
+				coffsetL = candidateL.prev - e.cur - matched
+				if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+					// Found a long match, at least 4 bytes.
+					matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
+					if matchedNext > matched {
+						t = coffsetL
+						matched = matchedNext
+						if debugMatches {
+							println("prev long match at end-of-match")
+						}
+					}
+				}
+			}
+		}
+		// A match has been found. Update recent offsets.
 		offset2 = offset1
 		offset1 = s - t
 
@@ -520,7 +553,7 @@ encodeLoop:
 	}
 	blk.recentOffsets[0] = uint32(offset1)
 	blk.recentOffsets[1] = uint32(offset2)
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 }
@@ -623,7 +656,7 @@ func (e *betterFastEncoderDict) Encode(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -691,7 +724,7 @@ encodeLoop:
 
 					nextEmit = s
 					if s >= sLimit {
-						if debug {
+						if debugEncoder {
 							println("repeat ended", s, lenght)
 
 						}
@@ -754,7 +787,7 @@ encodeLoop:
 					s += lenght + repOff2
 					nextEmit = s
 					if s >= sLimit {
-						if debug {
+						if debugEncoder {
 							println("repeat ended", s, lenght)
 
 						}
@@ -905,9 +938,41 @@ encodeLoop:
 			}
 			cv = load6432(src, s)
 		}
+		// Try to find a better match by searching for a long match at the end of the current best match
+		if s+matched < sLimit {
+			nextHashL := hash8(load6432(src, s+matched), betterLongTableBits)
+			cv := load3232(src, s)
+			candidateL := e.longTable[nextHashL]
+			coffsetL := candidateL.offset - e.cur - matched
+			if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+				// Found a long match, at least 4 bytes.
+				matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
+				if matchedNext > matched {
+					t = coffsetL
+					matched = matchedNext
+					if debugMatches {
+						println("long match at end-of-match")
+					}
+				}
+			}
 
-		// A 4-byte match has been found. Update recent offsets.
-		// We'll later see if more than 4 bytes.
+			// Check prev long...
+			if true {
+				coffsetL = candidateL.prev - e.cur - matched
+				if coffsetL >= 0 && coffsetL < s && s-coffsetL < e.maxMatchOff && cv == load3232(src, coffsetL) {
+					// Found a long match, at least 4 bytes.
+					matchedNext := e.matchlen(s+4, coffsetL+4, src) + 4
+					if matchedNext > matched {
+						t = coffsetL
+						matched = matchedNext
+						if debugMatches {
+							println("prev long match at end-of-match")
+						}
+					}
+				}
+			}
+		}
+		// A match has been found. Update recent offsets.
 		offset2 = offset1
 		offset1 = s - t
 
@@ -1019,7 +1084,7 @@ encodeLoop:
 	}
 	blk.recentOffsets[0] = uint32(offset1)
 	blk.recentOffsets[1] = uint32(offset2)
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 }
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_dfast.go b/vendor/github.com/klauspost/compress/zstd/enc_dfast.go
index 8629d43d86..96b21b90e8 100644
--- a/vendor/github.com/klauspost/compress/zstd/enc_dfast.go
+++ b/vendor/github.com/klauspost/compress/zstd/enc_dfast.go
@@ -109,7 +109,7 @@ func (e *doubleFastEncoder) Encode(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -170,7 +170,7 @@ encodeLoop:
 					s += lenght + repOff
 					nextEmit = s
 					if s >= sLimit {
-						if debug {
+						if debugEncoder {
 							println("repeat ended", s, lenght)
 
 						}
@@ -368,7 +368,7 @@ encodeLoop:
 	}
 	blk.recentOffsets[0] = uint32(offset1)
 	blk.recentOffsets[1] = uint32(offset2)
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 }
@@ -427,7 +427,7 @@ func (e *doubleFastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -483,7 +483,7 @@ encodeLoop:
 					s += length + repOff
 					nextEmit = s
 					if s >= sLimit {
-						if debug {
+						if debugEncoder {
 							println("repeat ended", s, length)
 
 						}
@@ -677,7 +677,7 @@ encodeLoop:
 		blk.literals = append(blk.literals, src[nextEmit:]...)
 		blk.extraLits = len(src) - int(nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 
@@ -767,7 +767,7 @@ func (e *doubleFastEncoderDict) Encode(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -830,7 +830,7 @@ encodeLoop:
 					s += lenght + repOff
 					nextEmit = s
 					if s >= sLimit {
-						if debug {
+						if debugEncoder {
 							println("repeat ended", s, lenght)
 
 						}
@@ -1039,7 +1039,7 @@ encodeLoop:
 	}
 	blk.recentOffsets[0] = uint32(offset1)
 	blk.recentOffsets[1] = uint32(offset2)
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 	// If we encoded more than 64K mark all dirty.
diff --git a/vendor/github.com/klauspost/compress/zstd/enc_fast.go b/vendor/github.com/klauspost/compress/zstd/enc_fast.go
index ba4a17e106..2246d286dc 100644
--- a/vendor/github.com/klauspost/compress/zstd/enc_fast.go
+++ b/vendor/github.com/klauspost/compress/zstd/enc_fast.go
@@ -103,7 +103,7 @@ func (e *fastEncoder) Encode(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -178,7 +178,7 @@ encodeLoop:
 				s += length + 2
 				nextEmit = s
 				if s >= sLimit {
-					if debug {
+					if debugEncoder {
 						println("repeat ended", s, length)
 
 					}
@@ -330,7 +330,7 @@ encodeLoop:
 	}
 	blk.recentOffsets[0] = uint32(offset1)
 	blk.recentOffsets[1] = uint32(offset2)
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 }
@@ -343,7 +343,7 @@ func (e *fastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
 		inputMargin            = 8
 		minNonLiteralBlockSize = 1 + 1 + inputMargin
 	)
-	if debug {
+	if debugEncoder {
 		if len(src) > maxBlockSize {
 			panic("src too big")
 		}
@@ -391,7 +391,7 @@ func (e *fastEncoder) EncodeNoHist(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -462,7 +462,7 @@ encodeLoop:
 				s += length + 2
 				nextEmit = s
 				if s >= sLimit {
-					if debug {
+					if debugEncoder {
 						println("repeat ended", s, length)
 
 					}
@@ -616,7 +616,7 @@ encodeLoop:
 		blk.literals = append(blk.literals, src[nextEmit:]...)
 		blk.extraLits = len(src) - int(nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 	// We do not store history, so we must offset e.cur to avoid false matches for next user.
@@ -696,7 +696,7 @@ func (e *fastEncoderDict) Encode(blk *blockEnc, src []byte) {
 		blk.literals = append(blk.literals, src[nextEmit:until]...)
 		s.litLen = uint32(until - nextEmit)
 	}
-	if debug {
+	if debugEncoder {
 		println("recent offsets:", blk.recentOffsets)
 	}
 
@@ -773,7 +773,7 @@ encodeLoop:
 				s += length + 2
 				nextEmit = s
 				if s >= sLimit {
-					if debug {
+					if debugEncoder {
 						println("repeat ended", s, length)
 
 					}
@@ -926,7 +926,7 @@ encodeLoop:
 	}
 	blk.recentOffsets[0] = uint32(offset1)
 	blk.recentOffsets[1] = uint32(offset2)
-	if debug {
+	if debugEncoder {
 		println("returning, recent offsets:", blk.recentOffsets, "extra literals:", blk.extraLits)
 	}
 }
diff --git a/vendor/github.com/klauspost/compress/zstd/encoder.go b/vendor/github.com/klauspost/compress/zstd/encoder.go
index 4871dd03af..ea85548fc9 100644
--- a/vendor/github.com/klauspost/compress/zstd/encoder.go
+++ b/vendor/github.com/klauspost/compress/zstd/encoder.go
@@ -245,7 +245,7 @@ func (e *Encoder) nextBlock(final bool) error {
 	s.filling, s.current, s.previous = s.previous[:0], s.filling, s.current
 	s.wg.Add(1)
 	go func(src []byte) {
-		if debug {
+		if debugEncoder {
 			println("Adding block,", len(src), "bytes, final:", final)
 		}
 		defer func() {
@@ -290,7 +290,7 @@ func (e *Encoder) nextBlock(final bool) error {
 			}
 			switch err {
 			case errIncompressible:
-				if debug {
+				if debugEncoder {
 					println("Storing incompressible block as raw")
 				}
 				blk.encodeRaw(src)
@@ -313,7 +313,7 @@ func (e *Encoder) nextBlock(final bool) error {
 //
 // The Copy function uses ReaderFrom if available.
 func (e *Encoder) ReadFrom(r io.Reader) (n int64, err error) {
-	if debug {
+	if debugEncoder {
 		println("Using ReadFrom")
 	}
 
@@ -336,20 +336,20 @@ func (e *Encoder) ReadFrom(r io.Reader) (n int64, err error) {
 		switch err {
 		case io.EOF:
 			e.state.filling = e.state.filling[:len(e.state.filling)-len(src)]
-			if debug {
+			if debugEncoder {
 				println("ReadFrom: got EOF final block:", len(e.state.filling))
 			}
 			return n, nil
 		case nil:
 		default:
-			if debug {
+			if debugEncoder {
 				println("ReadFrom: got error:", err)
 			}
 			e.state.err = err
 			return n, err
 		}
 		if len(src) > 0 {
-			if debug {
+			if debugEncoder {
 				println("ReadFrom: got space left in source:", len(src))
 			}
 			continue
@@ -512,7 +512,7 @@ func (e *Encoder) EncodeAll(src, dst []byte) []byte {
 
 		switch err {
 		case errIncompressible:
-			if debug {
+			if debugEncoder {
 				println("Storing incompressible block as raw")
 			}
 			dst = blk.encodeRawTo(dst, src)
@@ -548,7 +548,7 @@ func (e *Encoder) EncodeAll(src, dst []byte) []byte {
 
 			switch err {
 			case errIncompressible:
-				if debug {
+				if debugEncoder {
 					println("Storing incompressible block as raw")
 				}
 				dst = blk.encodeRawTo(dst, todo)
diff --git a/vendor/github.com/klauspost/compress/zstd/framedec.go b/vendor/github.com/klauspost/compress/zstd/framedec.go
index 693c5f05d2..e8cc9a2c22 100644
--- a/vendor/github.com/klauspost/compress/zstd/framedec.go
+++ b/vendor/github.com/klauspost/compress/zstd/framedec.go
@@ -78,44 +78,68 @@ func newFrameDec(o decoderOptions) *frameDec {
 func (d *frameDec) reset(br byteBuffer) error {
 	d.HasCheckSum = false
 	d.WindowSize = 0
-	var b []byte
+	var signature [4]byte
 	for {
-		b = br.readSmall(4)
-		if b == nil {
+		var err error
+		// Check if we can read more...
+		b, err := br.readSmall(1)
+		switch err {
+		case io.EOF, io.ErrUnexpectedEOF:
 			return io.EOF
+		default:
+			return err
+		case nil:
+			signature[0] = b[0]
 		}
-		if !bytes.Equal(b[1:4], skippableFrameMagic) || b[0]&0xf0 != 0x50 {
-			if debug {
-				println("Not skippable", hex.EncodeToString(b), hex.EncodeToString(skippableFrameMagic))
+		// Read the rest, don't allow io.ErrUnexpectedEOF
+		b, err = br.readSmall(3)
+		switch err {
+		case io.EOF:
+			return io.EOF
+		default:
+			return err
+		case nil:
+			copy(signature[1:], b)
+		}
+
+		if !bytes.Equal(signature[1:4], skippableFrameMagic) || signature[0]&0xf0 != 0x50 {
+			if debugDecoder {
+				println("Not skippable", hex.EncodeToString(signature[:]), hex.EncodeToString(skippableFrameMagic))
 			}
 			// Break if not skippable frame.
 			break
 		}
 		// Read size to skip
-		b = br.readSmall(4)
-		if b == nil {
-			println("Reading Frame Size EOF")
-			return io.ErrUnexpectedEOF
+		b, err = br.readSmall(4)
+		if err != nil {
+			if debugDecoder {
+				println("Reading Frame Size", err)
+			}
+			return err
 		}
 		n := uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
 		println("Skipping frame with", n, "bytes.")
-		err := br.skipN(int(n))
+		err = br.skipN(int(n))
 		if err != nil {
-			if debug {
+			if debugDecoder {
 				println("Reading discarded frame", err)
 			}
 			return err
 		}
 	}
-	if !bytes.Equal(b, frameMagic) {
-		println("Got magic numbers: ", b, "want:", frameMagic)
+	if !bytes.Equal(signature[:], frameMagic) {
+		if debugDecoder {
+			println("Got magic numbers: ", signature, "want:", frameMagic)
+		}
 		return ErrMagicMismatch
 	}
 
 	// Read Frame_Header_Descriptor
 	fhd, err := br.readByte()
 	if err != nil {
-		println("Reading Frame_Header_Descriptor", err)
+		if debugDecoder {
+			println("Reading Frame_Header_Descriptor", err)
+		}
 		return err
 	}
 	d.SingleSegment = fhd&(1<<5) != 0
@@ -130,7 +154,9 @@ func (d *frameDec) reset(br byteBuffer) error {
 	if !d.SingleSegment {
 		wd, err := br.readByte()
 		if err != nil {
-			println("Reading Window_Descriptor", err)
+			if debugDecoder {
+				println("Reading Window_Descriptor", err)
+			}
 			return err
 		}
 		printf("raw: %x, mantissa: %d, exponent: %d\n", wd, wd&7, wd>>3)
@@ -147,12 +173,11 @@ func (d *frameDec) reset(br byteBuffer) error {
 		if size == 3 {
 			size = 4
 		}
-		b = br.readSmall(int(size))
-		if b == nil {
-			if debug {
-				println("Reading Dictionary_ID", io.ErrUnexpectedEOF)
-			}
-			return io.ErrUnexpectedEOF
+
+		b, err := br.readSmall(int(size))
+		if err != nil {
+			println("Reading Dictionary_ID", err)
+			return err
 		}
 		var id uint32
 		switch size {
@@ -163,7 +188,7 @@ func (d *frameDec) reset(br byteBuffer) error {
 		case 4:
 			id = uint32(b[0]) | (uint32(b[1]) << 8) | (uint32(b[2]) << 16) | (uint32(b[3]) << 24)
 		}
-		if debug {
+		if debugDecoder {
 			println("Dict size", size, "ID:", id)
 		}
 		if id > 0 {
@@ -187,10 +212,10 @@ func (d *frameDec) reset(br byteBuffer) error {
 	}
 	d.FrameContentSize = 0
 	if fcsSize > 0 {
-		b := br.readSmall(fcsSize)
-		if b == nil {
-			println("Reading Frame content", io.ErrUnexpectedEOF)
-			return io.ErrUnexpectedEOF
+		b, err := br.readSmall(fcsSize)
+		if err != nil {
+			println("Reading Frame content", err)
+			return err
 		}
 		switch fcsSize {
 		case 1:
@@ -205,7 +230,7 @@ func (d *frameDec) reset(br byteBuffer) error {
 			d2 := uint32(b[4]) | (uint32(b[5]) << 8) | (uint32(b[6]) << 16) | (uint32(b[7]) << 24)
 			d.FrameContentSize = uint64(d1) | (uint64(d2) << 32)
 		}
-		if debug {
+		if debugDecoder {
 			println("field size bits:", v, "fcsSize:", fcsSize, "FrameContentSize:", d.FrameContentSize, hex.EncodeToString(b[:fcsSize]), "singleseg:", d.SingleSegment, "window:", d.WindowSize)
 		}
 	}
@@ -248,7 +273,7 @@ func (d *frameDec) reset(br byteBuffer) error {
 
 // next will start decoding the next block from stream.
 func (d *frameDec) next(block *blockDec) error {
-	if debug {
+	if debugDecoder {
 		printf("decoding new block %p:%p", block, block.data)
 	}
 	err := block.reset(d.rawInput, d.WindowSize)
@@ -259,7 +284,7 @@ func (d *frameDec) next(block *blockDec) error {
 		return err
 	}
 	block.input <- struct{}{}
-	if debug {
+	if debugDecoder {
 		println("next block:", block)
 	}
 	d.asyncRunningMu.Lock()
@@ -307,19 +332,19 @@ func (d *frameDec) checkCRC() error {
 	tmp[3] = byte(got >> 24)
 
 	// We can overwrite upper tmp now
-	want := d.rawInput.readSmall(4)
-	if want == nil {
-		println("CRC missing?")
-		return io.ErrUnexpectedEOF
+	want, err := d.rawInput.readSmall(4)
+	if err != nil {
+		println("CRC missing?", err)
+		return err
 	}
 
 	if !bytes.Equal(tmp[:], want) {
-		if debug {
+		if debugDecoder {
 			println("CRC Check Failed:", tmp[:], "!=", want)
 		}
 		return ErrCRCMismatch
 	}
-	if debug {
+	if debugDecoder {
 		println("CRC ok", tmp[:])
 	}
 	return nil
@@ -340,7 +365,7 @@ func (d *frameDec) initAsync() {
 	if cap(d.decoding) < d.o.concurrent {
 		d.decoding = make(chan *blockDec, d.o.concurrent)
 	}
-	if debug {
+	if debugDecoder {
 		h := d.history
 		printf("history init. len: %d, cap: %d", len(h.b), cap(h.b))
 	}
@@ -388,7 +413,7 @@ func (d *frameDec) startDecoder(output chan decodeOutput) {
 			output <- r
 			return
 		}
-		if debug {
+		if debugDecoder {
 			println("got result, from ", d.offset, "to", d.offset+int64(len(r.b)))
 			d.offset += int64(len(r.b))
 		}
@@ -396,7 +421,7 @@ func (d *frameDec) startDecoder(output chan decodeOutput) {
 			// Send history to next block
 			select {
 			case next = <-d.decoding:
-				if debug {
+				if debugDecoder {
 					println("Sending ", len(d.history.b), "bytes as history")
 				}
 				next.history <- &d.history
@@ -434,7 +459,7 @@ func (d *frameDec) startDecoder(output chan decodeOutput) {
 		output <- r
 		if next == nil {
 			// There was no decoder available, we wait for one now that we have sent to the writer.
-			if debug {
+			if debugDecoder {
 				println("Sending ", len(d.history.b), " bytes as history")
 			}
 			next = <-d.decoding
@@ -458,7 +483,7 @@ func (d *frameDec) runDecoder(dst []byte, dec *blockDec) ([]byte, error) {
 		if err != nil {
 			break
 		}
-		if debug {
+		if debugDecoder {
 			println("next block:", dec)
 		}
 		err = dec.decodeBuf(&d.history)
diff --git a/vendor/github.com/klauspost/compress/zstd/fse_encoder.go b/vendor/github.com/klauspost/compress/zstd/fse_encoder.go
index c74681b999..b4757ee3f0 100644
--- a/vendor/github.com/klauspost/compress/zstd/fse_encoder.go
+++ b/vendor/github.com/klauspost/compress/zstd/fse_encoder.go
@@ -229,7 +229,7 @@ func (s *fseEncoder) setRLE(val byte) {
 		deltaFindState: 0,
 		deltaNbBits:    0,
 	}
-	if debug {
+	if debugEncoder {
 		println("setRLE: val", val, "symbolTT", s.ct.symbolTT[val])
 	}
 	s.rleVal = val
diff --git a/vendor/github.com/klauspost/compress/zstd/snappy.go b/vendor/github.com/klauspost/compress/zstd/snappy.go
index 9d9d1d567e..0372b1714a 100644
--- a/vendor/github.com/klauspost/compress/zstd/snappy.go
+++ b/vendor/github.com/klauspost/compress/zstd/snappy.go
@@ -203,7 +203,7 @@ func (r *SnappyConverter) Convert(in io.Reader, w io.Writer) (int64, error) {
 			written += int64(n)
 			continue
 		case chunkTypeUncompressedData:
-			if debug {
+			if debugEncoder {
 				println("Uncompressed, chunklen", chunkLen)
 			}
 			// Section 4.3. Uncompressed data (chunk type 0x01).
@@ -246,7 +246,7 @@ func (r *SnappyConverter) Convert(in io.Reader, w io.Writer) (int64, error) {
 			continue
 
 		case chunkTypeStreamIdentifier:
-			if debug {
+			if debugEncoder {
 				println("stream id", chunkLen, len(snappyMagicBody))
 			}
 			// Section 4.1. Stream identifier (chunk type 0xff).
diff --git a/vendor/github.com/klauspost/compress/zstd/zip.go b/vendor/github.com/klauspost/compress/zstd/zip.go
new file mode 100644
index 0000000000..9325b928ae
--- /dev/null
+++ b/vendor/github.com/klauspost/compress/zstd/zip.go
@@ -0,0 +1,121 @@
+// Copyright 2019+ Klaus Post. All rights reserved.
+// License information can be found in the LICENSE file.
+
+package zstd
+
+import (
+	"errors"
+	"io"
+	"sync"
+)
+
+// ZipMethodWinZip is the method for Zstandard compressed data inside Zip files for WinZip.
+// See https://www.winzip.com/win/en/comp_info.html
+const ZipMethodWinZip = 93
+
+// ZipMethodPKWare is the original method number used by PKWARE to indicate Zstandard compression.
+// Deprecated: This has been deprecated by PKWARE, use ZipMethodWinZip instead for compression.
+// See https://pkware.cachefly.net/webdocs/APPNOTE/APPNOTE-6.3.9.TXT
+const ZipMethodPKWare = 20
+
+var zipReaderPool sync.Pool
+
+// newZipReader cannot be used since we would leak goroutines...
+func newZipReader(r io.Reader) io.ReadCloser {
+	dec, ok := zipReaderPool.Get().(*Decoder)
+	if ok {
+		dec.Reset(r)
+	} else {
+		d, err := NewReader(r, WithDecoderConcurrency(1), WithDecoderLowmem(true))
+		if err != nil {
+			panic(err)
+		}
+		dec = d
+	}
+	return &pooledZipReader{dec: dec}
+}
+
+type pooledZipReader struct {
+	mu  sync.Mutex // guards Close and Read
+	dec *Decoder
+}
+
+func (r *pooledZipReader) Read(p []byte) (n int, err error) {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	if r.dec == nil {
+		return 0, errors.New("Read after Close")
+	}
+	dec, err := r.dec.Read(p)
+
+	return dec, err
+}
+
+func (r *pooledZipReader) Close() error {
+	r.mu.Lock()
+	defer r.mu.Unlock()
+	var err error
+	if r.dec != nil {
+		err = r.dec.Reset(nil)
+		zipReaderPool.Put(r.dec)
+		r.dec = nil
+	}
+	return err
+}
+
+type pooledZipWriter struct {
+	mu  sync.Mutex // guards Close and Read
+	enc *Encoder
+}
+
+func (w *pooledZipWriter) Write(p []byte) (n int, err error) {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	if w.enc == nil {
+		return 0, errors.New("Write after Close")
+	}
+	return w.enc.Write(p)
+}
+
+func (w *pooledZipWriter) Close() error {
+	w.mu.Lock()
+	defer w.mu.Unlock()
+	var err error
+	if w.enc != nil {
+		err = w.enc.Close()
+		zipReaderPool.Put(w.enc)
+		w.enc = nil
+	}
+	return err
+}
+
+// ZipCompressor returns a compressor that can be registered with zip libraries.
+// The provided encoder options will be used on all encodes.
+func ZipCompressor(opts ...EOption) func(w io.Writer) (io.WriteCloser, error) {
+	var pool sync.Pool
+	return func(w io.Writer) (io.WriteCloser, error) {
+		enc, ok := pool.Get().(*Encoder)
+		if ok {
+			enc.Reset(w)
+		} else {
+			var err error
+			enc, err = NewWriter(w, opts...)
+			if err != nil {
+				return nil, err
+			}
+		}
+		return &pooledZipWriter{enc: enc}, nil
+	}
+}
+
+// ZipDecompressor returns a decompressor that can be registered with zip libraries.
+// See ZipCompressor for example.
+func ZipDecompressor() func(r io.Reader) io.ReadCloser {
+	return func(r io.Reader) io.ReadCloser {
+		d, err := NewReader(r, WithDecoderConcurrency(1), WithDecoderLowmem(true))
+		if err != nil {
+			panic(err)
+		}
+		return d.IOReadCloser()
+	}
+}
diff --git a/vendor/github.com/klauspost/compress/zstd/zstd.go b/vendor/github.com/klauspost/compress/zstd/zstd.go
index 1ba308c8bf..ef1d49a009 100644
--- a/vendor/github.com/klauspost/compress/zstd/zstd.go
+++ b/vendor/github.com/klauspost/compress/zstd/zstd.go
@@ -15,6 +15,12 @@ import (
 // enable debug printing
 const debug = false
 
+// enable encoding debug printing
+const debugEncoder = debug
+
+// enable decoding debug printing
+const debugDecoder = debug
+
 // Enable extra assertions.
 const debugAsserts = debug || false
 
@@ -82,13 +88,13 @@ var (
 )
 
 func println(a ...interface{}) {
-	if debug {
+	if debug || debugDecoder || debugEncoder {
 		log.Println(a...)
 	}
 }
 
 func printf(format string, a ...interface{}) {
-	if debug {
+	if debug || debugDecoder || debugEncoder {
 		log.Printf(format, a...)
 	}
 }
diff --git a/vendor/github.com/klauspost/cpuid/.gitignore b/vendor/github.com/klauspost/cpuid/.gitignore
deleted file mode 100644
index daf913b1b3..0000000000
--- a/vendor/github.com/klauspost/cpuid/.gitignore
+++ /dev/null
@@ -1,24 +0,0 @@
-# Compiled Object files, Static and Dynamic libs (Shared Objects)
-*.o
-*.a
-*.so
-
-# Folders
-_obj
-_test
-
-# Architecture specific extensions/prefixes
-*.[568vq]
-[568vq].out
-
-*.cgo1.go
-*.cgo2.c
-_cgo_defun.c
-_cgo_gotypes.go
-_cgo_export.*
-
-_testmain.go
-
-*.exe
-*.test
-*.prof
diff --git a/vendor/github.com/klauspost/cpuid/.travis.yml b/vendor/github.com/klauspost/cpuid/.travis.yml
deleted file mode 100644
index 77d975fe28..0000000000
--- a/vendor/github.com/klauspost/cpuid/.travis.yml
+++ /dev/null
@@ -1,46 +0,0 @@
-language: go
-
-os:
-  - linux
-  - osx
-  - windows
-
-arch:
-  - amd64
-  - arm64
-
-go:
-  - 1.12.x
-  - 1.13.x
-  - 1.14.x
-  - master
-
-script:
-  - go vet ./...
-  - go test -race ./...
-  - go test -tags=noasm ./...
-
-stages:
-  - gofmt
-  - test
-
-matrix:
-  allow_failures:
-    - go: 'master'
-  fast_finish: true
-  include:
-    - stage: gofmt
-      go: 1.14.x
-      os: linux
-      arch: amd64
-      script:
-        - diff <(gofmt -d .) <(printf "")
-        - diff <(gofmt -d ./private) <(printf "")
-        - go install github.com/klauspost/asmfmt/cmd/asmfmt
-        - diff <(asmfmt -d .) <(printf "")
-    - stage: i386
-      go: 1.14.x
-      os: linux
-      arch: amd64
-      script:
-        - GOOS=linux GOARCH=386 go test .
diff --git a/vendor/github.com/klauspost/cpuid/CONTRIBUTING.txt b/vendor/github.com/klauspost/cpuid/CONTRIBUTING.txt
deleted file mode 100644
index 2ef4714f71..0000000000
--- a/vendor/github.com/klauspost/cpuid/CONTRIBUTING.txt
+++ /dev/null
@@ -1,35 +0,0 @@
-Developer Certificate of Origin

-Version 1.1

-

-Copyright (C) 2015- Klaus Post & Contributors.

-Email: klauspost@gmail.com

-

-Everyone is permitted to copy and distribute verbatim copies of this

-license document, but changing it is not allowed.

-

-

-Developer's Certificate of Origin 1.1

-

-By making a contribution to this project, I certify that:

-

-(a) The contribution was created in whole or in part by me and I

-    have the right to submit it under the open source license

-    indicated in the file; or

-

-(b) The contribution is based upon previous work that, to the best

-    of my knowledge, is covered under an appropriate open source

-    license and I have the right under that license to submit that

-    work with modifications, whether created in whole or in part

-    by me, under the same open source license (unless I am

-    permitted to submit under a different license), as indicated

-    in the file; or

-

-(c) The contribution was provided directly to me by some other

-    person who certified (a), (b) or (c) and I have not modified

-    it.

-

-(d) I understand and agree that this project and the contribution

-    are public and that a record of the contribution (including all

-    personal information I submit with it, including my sign-off) is

-    maintained indefinitely and may be redistributed consistent with

-    this project or the open source license(s) involved.

diff --git a/vendor/github.com/klauspost/cpuid/LICENSE b/vendor/github.com/klauspost/cpuid/LICENSE
deleted file mode 100644
index 5cec7ee949..0000000000
--- a/vendor/github.com/klauspost/cpuid/LICENSE
+++ /dev/null
@@ -1,22 +0,0 @@
-The MIT License (MIT)
-
-Copyright (c) 2015 Klaus Post
-
-Permission is hereby granted, free of charge, to any person obtaining a copy
-of this software and associated documentation files (the "Software"), to deal
-in the Software without restriction, including without limitation the rights
-to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
-copies of the Software, and to permit persons to whom the Software is
-furnished to do so, subject to the following conditions:
-
-The above copyright notice and this permission notice shall be included in all
-copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
-IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
-FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
-AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
-LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
-OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
-SOFTWARE.
-
diff --git a/vendor/github.com/klauspost/cpuid/README.md b/vendor/github.com/klauspost/cpuid/README.md
deleted file mode 100644
index 38d4a8b936..0000000000
--- a/vendor/github.com/klauspost/cpuid/README.md
+++ /dev/null
@@ -1,191 +0,0 @@
-# cpuid
-Package cpuid provides information about the CPU running the current program.
-
-CPU features are detected on startup, and kept for fast access through the life of the application.
-Currently x86 / x64 (AMD64/i386) and ARM (ARM64) is supported, and no external C (cgo) code is used, which should make the library very easy to use.
-
-You can access the CPU information by accessing the shared CPU variable of the cpuid library.
-
-Package home: https://github.com/klauspost/cpuid
-
-[![GoDoc][1]][2] [![Build Status][3]][4]
-
-[1]: https://godoc.org/github.com/klauspost/cpuid?status.svg
-[2]: https://godoc.org/github.com/klauspost/cpuid
-[3]: https://travis-ci.org/klauspost/cpuid.svg?branch=master
-[4]: https://travis-ci.org/klauspost/cpuid
-
-# features
-
-## x86 CPU Instructions
-*  **CMOV** (i686 CMOV)
-*  **NX** (NX (No-Execute) bit)
-*  **AMD3DNOW** (AMD 3DNOW)
-*  **AMD3DNOWEXT** (AMD 3DNowExt)
-*  **MMX** (standard MMX)
-*  **MMXEXT** (SSE integer functions or AMD MMX ext)
-*  **SSE** (SSE functions)
-*  **SSE2** (P4 SSE functions)
-*  **SSE3** (Prescott SSE3 functions)
-*  **SSSE3** (Conroe SSSE3 functions)
-*  **SSE4** (Penryn SSE4.1 functions)
-*  **SSE4A** (AMD Barcelona microarchitecture SSE4a instructions)
-*  **SSE42** (Nehalem SSE4.2 functions)
-*  **AVX** (AVX functions)
-*  **AVX2** (AVX2 functions)
-*  **FMA3** (Intel FMA 3)
-*  **FMA4** (Bulldozer FMA4 functions)
-*  **XOP** (Bulldozer XOP functions)
-*  **F16C** (Half-precision floating-point conversion)
-*  **BMI1** (Bit Manipulation Instruction Set 1)
-*  **BMI2** (Bit Manipulation Instruction Set 2)
-*  **TBM** (AMD Trailing Bit Manipulation)
-*  **LZCNT** (LZCNT instruction)
-*  **POPCNT** (POPCNT instruction)
-*  **AESNI** (Advanced Encryption Standard New Instructions)
-*  **CLMUL** (Carry-less Multiplication)
-*  **HTT** (Hyperthreading (enabled))
-*  **HLE** (Hardware Lock Elision)
-*  **RTM** (Restricted Transactional Memory)
-*  **RDRAND** (RDRAND instruction is available)
-*  **RDSEED** (RDSEED instruction is available)
-*  **ADX** (Intel ADX (Multi-Precision Add-Carry Instruction Extensions))
-*  **SHA** (Intel SHA Extensions)
-*  **AVX512F** (AVX-512 Foundation)
-*  **AVX512DQ** (AVX-512 Doubleword and Quadword Instructions)
-*  **AVX512IFMA** (AVX-512 Integer Fused Multiply-Add Instructions)
-*  **AVX512PF** (AVX-512 Prefetch Instructions)
-*  **AVX512ER** (AVX-512 Exponential and Reciprocal Instructions)
-*  **AVX512CD** (AVX-512 Conflict Detection Instructions)
-*  **AVX512BW** (AVX-512 Byte and Word Instructions)
-*  **AVX512VL** (AVX-512 Vector Length Extensions)
-*  **AVX512VBMI** (AVX-512 Vector Bit Manipulation Instructions)
-*  **AVX512VBMI2** (AVX-512 Vector Bit Manipulation Instructions, Version 2)
-*  **AVX512VNNI** (AVX-512 Vector Neural Network Instructions)
-*  **AVX512VPOPCNTDQ** (AVX-512 Vector Population Count Doubleword and Quadword)
-*  **GFNI** (Galois Field New Instructions)
-*  **VAES** (Vector AES)
-*  **AVX512BITALG** (AVX-512 Bit Algorithms)
-*  **VPCLMULQDQ** (Carry-Less Multiplication Quadword)
-*  **AVX512BF16** (AVX-512 BFLOAT16 Instructions)
-*  **AVX512VP2INTERSECT** (AVX-512 Intersect for D/Q)
-*  **MPX** (Intel MPX (Memory Protection Extensions))
-*  **ERMS** (Enhanced REP MOVSB/STOSB)
-*  **RDTSCP** (RDTSCP Instruction)
-*  **CX16** (CMPXCHG16B Instruction)
-*  **SGX** (Software Guard Extensions, with activation details)
-*  **VMX** (Virtual Machine Extensions)
-
-## Performance
-*  **RDTSCP()** Returns current cycle count. Can be used for benchmarking.
-*  **SSE2SLOW** (SSE2 is supported, but usually not faster)
-*  **SSE3SLOW** (SSE3 is supported, but usually not faster)
-*  **ATOM** (Atom processor, some SSSE3 instructions are slower)
-*  **Cache line** (Probable size of a cache line).
-*  **L1, L2, L3 Cache size** on newer Intel/AMD CPUs.
-
-## ARM CPU features
-
-# ARM FEATURE DETECTION DISABLED!
-
-See [#52](https://github.com/klauspost/cpuid/issues/52).
- 
-Currently only `arm64` platforms are implemented. 
-
-*  **FP**  Single-precision and double-precision floating point
-*  **ASIMD**  Advanced SIMD
-*  **EVTSTRM**  Generic timer
-*  **AES**  AES instructions
-*  **PMULL**  Polynomial Multiply instructions (PMULL/PMULL2)
-*  **SHA1**  SHA-1 instructions (SHA1C, etc)
-*  **SHA2**      SHA-2 instructions (SHA256H, etc)
-*  **CRC32**   CRC32/CRC32C instructions
-*  **ATOMICS**   Large System Extensions (LSE)
-*  **FPHP** Half-precision floating point
-*  **ASIMDHP**  Advanced SIMD half-precision floating point
-*  **ARMCPUID**  Some CPU ID registers readable at user-level
-*  **ASIMDRDM**  Rounding Double Multiply Accumulate/Subtract (SQRDMLAH/SQRDMLSH)
-*  **JSCVT** Javascript-style double->int convert (FJCVTZS)
-*  **FCMA**  Floating point complex number addition and multiplication
-*  **LRCPC**  Weaker release consistency (LDAPR, etc)
-*  **DCPOP**  Data cache clean to Point of Persistence (DC CVAP)
-*  **SHA3**  SHA-3 instructions (EOR3, RAXI, XAR, BCAX)
-*  **SM3** SM3 instructions
-*  **SM4**  SM4 instructions
-*  **ASIMDDP**  SIMD Dot Product
-*  **SHA512**  SHA512 instructions
-*  **SVE** Scalable Vector Extension
-*  **GPA**  Generic Pointer Authentication
-
-## Cpu Vendor/VM
-* **Intel**
-* **AMD**
-* **VIA**
-* **Transmeta**
-* **NSC**
-* **KVM**  (Kernel-based Virtual Machine)
-* **MSVM** (Microsoft Hyper-V or Windows Virtual PC)
-* **VMware**
-* **XenHVM**
-* **Bhyve**
-* **Hygon**
-
-# installing
-
-```go get github.com/klauspost/cpuid```
-
-# example
-
-```Go
-package main
-
-import (
-	"fmt"
-	"github.com/klauspost/cpuid"
-)
-
-func main() {
-	// Print basic CPU information:
-	fmt.Println("Name:", cpuid.CPU.BrandName)
-	fmt.Println("PhysicalCores:", cpuid.CPU.PhysicalCores)
-	fmt.Println("ThreadsPerCore:", cpuid.CPU.ThreadsPerCore)
-	fmt.Println("LogicalCores:", cpuid.CPU.LogicalCores)
-	fmt.Println("Family", cpuid.CPU.Family, "Model:", cpuid.CPU.Model)
-	fmt.Println("Features:", cpuid.CPU.Features)
-	fmt.Println("Cacheline bytes:", cpuid.CPU.CacheLine)
-	fmt.Println("L1 Data Cache:", cpuid.CPU.Cache.L1D, "bytes")
-	fmt.Println("L1 Instruction Cache:", cpuid.CPU.Cache.L1D, "bytes")
-	fmt.Println("L2 Cache:", cpuid.CPU.Cache.L2, "bytes")
-	fmt.Println("L3 Cache:", cpuid.CPU.Cache.L3, "bytes")
-
-	// Test if we have a specific feature:
-	if cpuid.CPU.SSE() {
-		fmt.Println("We have Streaming SIMD Extensions")
-	}
-}
-```
-
-Sample output:
-```
->go run main.go
-Name: Intel(R) Core(TM) i5-2540M CPU @ 2.60GHz
-PhysicalCores: 2
-ThreadsPerCore: 2
-LogicalCores: 4
-Family 6 Model: 42
-Features: CMOV,MMX,MMXEXT,SSE,SSE2,SSE3,SSSE3,SSE4.1,SSE4.2,AVX,AESNI,CLMUL
-Cacheline bytes: 64
-We have Streaming SIMD Extensions
-```
-
-# private package
-
-In the "private" folder you can find an autogenerated version of the library you can include in your own packages.
-
-For this purpose all exports are removed, and functions and constants are lowercased.
-
-This is not a recommended way of using the library, but provided for convenience, if it is difficult for you to use external packages.
-
-# license
-
-This code is published under an MIT license. See LICENSE file for more information.
diff --git a/vendor/github.com/klauspost/cpuid/cpuid.go b/vendor/github.com/klauspost/cpuid/cpuid.go
deleted file mode 100644
index 208b3e79b1..0000000000
--- a/vendor/github.com/klauspost/cpuid/cpuid.go
+++ /dev/null
@@ -1,1504 +0,0 @@
-// Copyright (c) 2015 Klaus Post, released under MIT License. See LICENSE file.
-
-// Package cpuid provides information about the CPU running the current program.
-//
-// CPU features are detected on startup, and kept for fast access through the life of the application.
-// Currently x86 / x64 (AMD64) as well as arm64 is supported.
-//
-// You can access the CPU information by accessing the shared CPU variable of the cpuid library.
-//
-// Package home: https://github.com/klauspost/cpuid
-package cpuid
-
-import (
-	"math"
-	"strings"
-)
-
-// AMD refererence: https://www.amd.com/system/files/TechDocs/25481.pdf
-// and Processor Programming Reference (PPR)
-
-// Vendor is a representation of a CPU vendor.
-type Vendor int
-
-const (
-	Other Vendor = iota
-	Intel
-	AMD
-	VIA
-	Transmeta
-	NSC
-	KVM  // Kernel-based Virtual Machine
-	MSVM // Microsoft Hyper-V or Windows Virtual PC
-	VMware
-	XenHVM
-	Bhyve
-	Hygon
-	SiS
-	RDC
-)
-
-const (
-	CMOV               = 1 << iota // i686 CMOV
-	NX                             // NX (No-Execute) bit
-	AMD3DNOW                       // AMD 3DNOW
-	AMD3DNOWEXT                    // AMD 3DNowExt
-	MMX                            // standard MMX
-	MMXEXT                         // SSE integer functions or AMD MMX ext
-	SSE                            // SSE functions
-	SSE2                           // P4 SSE functions
-	SSE3                           // Prescott SSE3 functions
-	SSSE3                          // Conroe SSSE3 functions
-	SSE4                           // Penryn SSE4.1 functions
-	SSE4A                          // AMD Barcelona microarchitecture SSE4a instructions
-	SSE42                          // Nehalem SSE4.2 functions
-	AVX                            // AVX functions
-	AVX2                           // AVX2 functions
-	FMA3                           // Intel FMA 3
-	FMA4                           // Bulldozer FMA4 functions
-	XOP                            // Bulldozer XOP functions
-	F16C                           // Half-precision floating-point conversion
-	BMI1                           // Bit Manipulation Instruction Set 1
-	BMI2                           // Bit Manipulation Instruction Set 2
-	TBM                            // AMD Trailing Bit Manipulation
-	LZCNT                          // LZCNT instruction
-	POPCNT                         // POPCNT instruction
-	AESNI                          // Advanced Encryption Standard New Instructions
-	CLMUL                          // Carry-less Multiplication
-	HTT                            // Hyperthreading (enabled)
-	HLE                            // Hardware Lock Elision
-	RTM                            // Restricted Transactional Memory
-	RDRAND                         // RDRAND instruction is available
-	RDSEED                         // RDSEED instruction is available
-	ADX                            // Intel ADX (Multi-Precision Add-Carry Instruction Extensions)
-	SHA                            // Intel SHA Extensions
-	AVX512F                        // AVX-512 Foundation
-	AVX512DQ                       // AVX-512 Doubleword and Quadword Instructions
-	AVX512IFMA                     // AVX-512 Integer Fused Multiply-Add Instructions
-	AVX512PF                       // AVX-512 Prefetch Instructions
-	AVX512ER                       // AVX-512 Exponential and Reciprocal Instructions
-	AVX512CD                       // AVX-512 Conflict Detection Instructions
-	AVX512BW                       // AVX-512 Byte and Word Instructions
-	AVX512VL                       // AVX-512 Vector Length Extensions
-	AVX512VBMI                     // AVX-512 Vector Bit Manipulation Instructions
-	AVX512VBMI2                    // AVX-512 Vector Bit Manipulation Instructions, Version 2
-	AVX512VNNI                     // AVX-512 Vector Neural Network Instructions
-	AVX512VPOPCNTDQ                // AVX-512 Vector Population Count Doubleword and Quadword
-	GFNI                           // Galois Field New Instructions
-	VAES                           // Vector AES
-	AVX512BITALG                   // AVX-512 Bit Algorithms
-	VPCLMULQDQ                     // Carry-Less Multiplication Quadword
-	AVX512BF16                     // AVX-512 BFLOAT16 Instructions
-	AVX512VP2INTERSECT             // AVX-512 Intersect for D/Q
-	MPX                            // Intel MPX (Memory Protection Extensions)
-	ERMS                           // Enhanced REP MOVSB/STOSB
-	RDTSCP                         // RDTSCP Instruction
-	CX16                           // CMPXCHG16B Instruction
-	SGX                            // Software Guard Extensions
-	SGXLC                          // Software Guard Extensions Launch Control
-	IBPB                           // Indirect Branch Restricted Speculation (IBRS) and Indirect Branch Predictor Barrier (IBPB)
-	STIBP                          // Single Thread Indirect Branch Predictors
-	VMX                            // Virtual Machine Extensions
-
-	// Performance indicators
-	SSE2SLOW // SSE2 is supported, but usually not faster
-	SSE3SLOW // SSE3 is supported, but usually not faster
-	ATOM     // Atom processor, some SSSE3 instructions are slower
-)
-
-var flagNames = map[Flags]string{
-	CMOV:               "CMOV",               // i686 CMOV
-	NX:                 "NX",                 // NX (No-Execute) bit
-	AMD3DNOW:           "AMD3DNOW",           // AMD 3DNOW
-	AMD3DNOWEXT:        "AMD3DNOWEXT",        // AMD 3DNowExt
-	MMX:                "MMX",                // Standard MMX
-	MMXEXT:             "MMXEXT",             // SSE integer functions or AMD MMX ext
-	SSE:                "SSE",                // SSE functions
-	SSE2:               "SSE2",               // P4 SSE2 functions
-	SSE3:               "SSE3",               // Prescott SSE3 functions
-	SSSE3:              "SSSE3",              // Conroe SSSE3 functions
-	SSE4:               "SSE4.1",             // Penryn SSE4.1 functions
-	SSE4A:              "SSE4A",              // AMD Barcelona microarchitecture SSE4a instructions
-	SSE42:              "SSE4.2",             // Nehalem SSE4.2 functions
-	AVX:                "AVX",                // AVX functions
-	AVX2:               "AVX2",               // AVX functions
-	FMA3:               "FMA3",               // Intel FMA 3
-	FMA4:               "FMA4",               // Bulldozer FMA4 functions
-	XOP:                "XOP",                // Bulldozer XOP functions
-	F16C:               "F16C",               // Half-precision floating-point conversion
-	BMI1:               "BMI1",               // Bit Manipulation Instruction Set 1
-	BMI2:               "BMI2",               // Bit Manipulation Instruction Set 2
-	TBM:                "TBM",                // AMD Trailing Bit Manipulation
-	LZCNT:              "LZCNT",              // LZCNT instruction
-	POPCNT:             "POPCNT",             // POPCNT instruction
-	AESNI:              "AESNI",              // Advanced Encryption Standard New Instructions
-	CLMUL:              "CLMUL",              // Carry-less Multiplication
-	HTT:                "HTT",                // Hyperthreading (enabled)
-	HLE:                "HLE",                // Hardware Lock Elision
-	RTM:                "RTM",                // Restricted Transactional Memory
-	RDRAND:             "RDRAND",             // RDRAND instruction is available
-	RDSEED:             "RDSEED",             // RDSEED instruction is available
-	ADX:                "ADX",                // Intel ADX (Multi-Precision Add-Carry Instruction Extensions)
-	SHA:                "SHA",                // Intel SHA Extensions
-	AVX512F:            "AVX512F",            // AVX-512 Foundation
-	AVX512DQ:           "AVX512DQ",           // AVX-512 Doubleword and Quadword Instructions
-	AVX512IFMA:         "AVX512IFMA",         // AVX-512 Integer Fused Multiply-Add Instructions
-	AVX512PF:           "AVX512PF",           // AVX-512 Prefetch Instructions
-	AVX512ER:           "AVX512ER",           // AVX-512 Exponential and Reciprocal Instructions
-	AVX512CD:           "AVX512CD",           // AVX-512 Conflict Detection Instructions
-	AVX512BW:           "AVX512BW",           // AVX-512 Byte and Word Instructions
-	AVX512VL:           "AVX512VL",           // AVX-512 Vector Length Extensions
-	AVX512VBMI:         "AVX512VBMI",         // AVX-512 Vector Bit Manipulation Instructions
-	AVX512VBMI2:        "AVX512VBMI2",        // AVX-512 Vector Bit Manipulation Instructions, Version 2
-	AVX512VNNI:         "AVX512VNNI",         // AVX-512 Vector Neural Network Instructions
-	AVX512VPOPCNTDQ:    "AVX512VPOPCNTDQ",    // AVX-512 Vector Population Count Doubleword and Quadword
-	GFNI:               "GFNI",               // Galois Field New Instructions
-	VAES:               "VAES",               // Vector AES
-	AVX512BITALG:       "AVX512BITALG",       // AVX-512 Bit Algorithms
-	VPCLMULQDQ:         "VPCLMULQDQ",         // Carry-Less Multiplication Quadword
-	AVX512BF16:         "AVX512BF16",         // AVX-512 BFLOAT16 Instruction
-	AVX512VP2INTERSECT: "AVX512VP2INTERSECT", // AVX-512 Intersect for D/Q
-	MPX:                "MPX",                // Intel MPX (Memory Protection Extensions)
-	ERMS:               "ERMS",               // Enhanced REP MOVSB/STOSB
-	RDTSCP:             "RDTSCP",             // RDTSCP Instruction
-	CX16:               "CX16",               // CMPXCHG16B Instruction
-	SGX:                "SGX",                // Software Guard Extensions
-	SGXLC:              "SGXLC",              // Software Guard Extensions Launch Control
-	IBPB:               "IBPB",               // Indirect Branch Restricted Speculation and Indirect Branch Predictor Barrier
-	STIBP:              "STIBP",              // Single Thread Indirect Branch Predictors
-	VMX:                "VMX",                // Virtual Machine Extensions
-
-	// Performance indicators
-	SSE2SLOW: "SSE2SLOW", // SSE2 supported, but usually not faster
-	SSE3SLOW: "SSE3SLOW", // SSE3 supported, but usually not faster
-	ATOM:     "ATOM",     // Atom processor, some SSSE3 instructions are slower
-
-}
-
-/* all special features for arm64 should be defined here */
-const (
-	/* extension instructions */
-	FP ArmFlags = 1 << iota
-	ASIMD
-	EVTSTRM
-	AES
-	PMULL
-	SHA1
-	SHA2
-	CRC32
-	ATOMICS
-	FPHP
-	ASIMDHP
-	ARMCPUID
-	ASIMDRDM
-	JSCVT
-	FCMA
-	LRCPC
-	DCPOP
-	SHA3
-	SM3
-	SM4
-	ASIMDDP
-	SHA512
-	SVE
-	GPA
-)
-
-var flagNamesArm = map[ArmFlags]string{
-	FP:       "FP",       // Single-precision and double-precision floating point
-	ASIMD:    "ASIMD",    // Advanced SIMD
-	EVTSTRM:  "EVTSTRM",  // Generic timer
-	AES:      "AES",      // AES instructions
-	PMULL:    "PMULL",    // Polynomial Multiply instructions (PMULL/PMULL2)
-	SHA1:     "SHA1",     // SHA-1 instructions (SHA1C, etc)
-	SHA2:     "SHA2",     // SHA-2 instructions (SHA256H, etc)
-	CRC32:    "CRC32",    // CRC32/CRC32C instructions
-	ATOMICS:  "ATOMICS",  // Large System Extensions (LSE)
-	FPHP:     "FPHP",     // Half-precision floating point
-	ASIMDHP:  "ASIMDHP",  // Advanced SIMD half-precision floating point
-	ARMCPUID: "CPUID",    // Some CPU ID registers readable at user-level
-	ASIMDRDM: "ASIMDRDM", // Rounding Double Multiply Accumulate/Subtract (SQRDMLAH/SQRDMLSH)
-	JSCVT:    "JSCVT",    // Javascript-style double->int convert (FJCVTZS)
-	FCMA:     "FCMA",     // Floatin point complex number addition and multiplication
-	LRCPC:    "LRCPC",    // Weaker release consistency (LDAPR, etc)
-	DCPOP:    "DCPOP",    // Data cache clean to Point of Persistence (DC CVAP)
-	SHA3:     "SHA3",     // SHA-3 instructions (EOR3, RAXI, XAR, BCAX)
-	SM3:      "SM3",      // SM3 instructions
-	SM4:      "SM4",      // SM4 instructions
-	ASIMDDP:  "ASIMDDP",  // SIMD Dot Product
-	SHA512:   "SHA512",   // SHA512 instructions
-	SVE:      "SVE",      // Scalable Vector Extension
-	GPA:      "GPA",      // Generic Pointer Authentication
-}
-
-// CPUInfo contains information about the detected system CPU.
-type CPUInfo struct {
-	BrandName      string   // Brand name reported by the CPU
-	VendorID       Vendor   // Comparable CPU vendor ID
-	VendorString   string   // Raw vendor string.
-	Features       Flags    // Features of the CPU (x64)
-	Arm            ArmFlags // Features of the CPU (arm)
-	PhysicalCores  int      // Number of physical processor cores in your CPU. Will be 0 if undetectable.
-	ThreadsPerCore int      // Number of threads per physical core. Will be 1 if undetectable.
-	LogicalCores   int      // Number of physical cores times threads that can run on each core through the use of hyperthreading. Will be 0 if undetectable.
-	Family         int      // CPU family number
-	Model          int      // CPU model number
-	CacheLine      int      // Cache line size in bytes. Will be 0 if undetectable.
-	Hz             int64    // Clock speed, if known
-	Cache          struct {
-		L1I int // L1 Instruction Cache (per core or shared). Will be -1 if undetected
-		L1D int // L1 Data Cache (per core or shared). Will be -1 if undetected
-		L2  int // L2 Cache (per core or shared). Will be -1 if undetected
-		L3  int // L3 Cache (per core, per ccx or shared). Will be -1 if undetected
-	}
-	SGX       SGXSupport
-	maxFunc   uint32
-	maxExFunc uint32
-}
-
-var cpuid func(op uint32) (eax, ebx, ecx, edx uint32)
-var cpuidex func(op, op2 uint32) (eax, ebx, ecx, edx uint32)
-var xgetbv func(index uint32) (eax, edx uint32)
-var rdtscpAsm func() (eax, ebx, ecx, edx uint32)
-
-// CPU contains information about the CPU as detected on startup,
-// or when Detect last was called.
-//
-// Use this as the primary entry point to you data.
-var CPU CPUInfo
-
-func init() {
-	initCPU()
-	Detect()
-}
-
-// Detect will re-detect current CPU info.
-// This will replace the content of the exported CPU variable.
-//
-// Unless you expect the CPU to change while you are running your program
-// you should not need to call this function.
-// If you call this, you must ensure that no other goroutine is accessing the
-// exported CPU variable.
-func Detect() {
-	// Set defaults
-	CPU.ThreadsPerCore = 1
-	CPU.Cache.L1I = -1
-	CPU.Cache.L1D = -1
-	CPU.Cache.L2 = -1
-	CPU.Cache.L3 = -1
-	addInfo(&CPU)
-}
-
-// Generated here: http://play.golang.org/p/BxFH2Gdc0G
-
-// Cmov indicates support of CMOV instructions
-func (c CPUInfo) Cmov() bool {
-	return c.Features&CMOV != 0
-}
-
-// Amd3dnow indicates support of AMD 3DNOW! instructions
-func (c CPUInfo) Amd3dnow() bool {
-	return c.Features&AMD3DNOW != 0
-}
-
-// Amd3dnowExt indicates support of AMD 3DNOW! Extended instructions
-func (c CPUInfo) Amd3dnowExt() bool {
-	return c.Features&AMD3DNOWEXT != 0
-}
-
-// VMX indicates support of VMX
-func (c CPUInfo) VMX() bool {
-	return c.Features&VMX != 0
-}
-
-// MMX indicates support of MMX instructions
-func (c CPUInfo) MMX() bool {
-	return c.Features&MMX != 0
-}
-
-// MMXExt indicates support of MMXEXT instructions
-// (SSE integer functions or AMD MMX ext)
-func (c CPUInfo) MMXExt() bool {
-	return c.Features&MMXEXT != 0
-}
-
-// SSE indicates support of SSE instructions
-func (c CPUInfo) SSE() bool {
-	return c.Features&SSE != 0
-}
-
-// SSE2 indicates support of SSE 2 instructions
-func (c CPUInfo) SSE2() bool {
-	return c.Features&SSE2 != 0
-}
-
-// SSE3 indicates support of SSE 3 instructions
-func (c CPUInfo) SSE3() bool {
-	return c.Features&SSE3 != 0
-}
-
-// SSSE3 indicates support of SSSE 3 instructions
-func (c CPUInfo) SSSE3() bool {
-	return c.Features&SSSE3 != 0
-}
-
-// SSE4 indicates support of SSE 4 (also called SSE 4.1) instructions
-func (c CPUInfo) SSE4() bool {
-	return c.Features&SSE4 != 0
-}
-
-// SSE42 indicates support of SSE4.2 instructions
-func (c CPUInfo) SSE42() bool {
-	return c.Features&SSE42 != 0
-}
-
-// AVX indicates support of AVX instructions
-// and operating system support of AVX instructions
-func (c CPUInfo) AVX() bool {
-	return c.Features&AVX != 0
-}
-
-// AVX2 indicates support of AVX2 instructions
-func (c CPUInfo) AVX2() bool {
-	return c.Features&AVX2 != 0
-}
-
-// FMA3 indicates support of FMA3 instructions
-func (c CPUInfo) FMA3() bool {
-	return c.Features&FMA3 != 0
-}
-
-// FMA4 indicates support of FMA4 instructions
-func (c CPUInfo) FMA4() bool {
-	return c.Features&FMA4 != 0
-}
-
-// XOP indicates support of XOP instructions
-func (c CPUInfo) XOP() bool {
-	return c.Features&XOP != 0
-}
-
-// F16C indicates support of F16C instructions
-func (c CPUInfo) F16C() bool {
-	return c.Features&F16C != 0
-}
-
-// BMI1 indicates support of BMI1 instructions
-func (c CPUInfo) BMI1() bool {
-	return c.Features&BMI1 != 0
-}
-
-// BMI2 indicates support of BMI2 instructions
-func (c CPUInfo) BMI2() bool {
-	return c.Features&BMI2 != 0
-}
-
-// TBM indicates support of TBM instructions
-// (AMD Trailing Bit Manipulation)
-func (c CPUInfo) TBM() bool {
-	return c.Features&TBM != 0
-}
-
-// Lzcnt indicates support of LZCNT instruction
-func (c CPUInfo) Lzcnt() bool {
-	return c.Features&LZCNT != 0
-}
-
-// Popcnt indicates support of POPCNT instruction
-func (c CPUInfo) Popcnt() bool {
-	return c.Features&POPCNT != 0
-}
-
-// HTT indicates the processor has Hyperthreading enabled
-func (c CPUInfo) HTT() bool {
-	return c.Features&HTT != 0
-}
-
-// SSE2Slow indicates that SSE2 may be slow on this processor
-func (c CPUInfo) SSE2Slow() bool {
-	return c.Features&SSE2SLOW != 0
-}
-
-// SSE3Slow indicates that SSE3 may be slow on this processor
-func (c CPUInfo) SSE3Slow() bool {
-	return c.Features&SSE3SLOW != 0
-}
-
-// AesNi indicates support of AES-NI instructions
-// (Advanced Encryption Standard New Instructions)
-func (c CPUInfo) AesNi() bool {
-	return c.Features&AESNI != 0
-}
-
-// Clmul indicates support of CLMUL instructions
-// (Carry-less Multiplication)
-func (c CPUInfo) Clmul() bool {
-	return c.Features&CLMUL != 0
-}
-
-// NX indicates support of NX (No-Execute) bit
-func (c CPUInfo) NX() bool {
-	return c.Features&NX != 0
-}
-
-// SSE4A indicates support of AMD Barcelona microarchitecture SSE4a instructions
-func (c CPUInfo) SSE4A() bool {
-	return c.Features&SSE4A != 0
-}
-
-// HLE indicates support of Hardware Lock Elision
-func (c CPUInfo) HLE() bool {
-	return c.Features&HLE != 0
-}
-
-// RTM indicates support of Restricted Transactional Memory
-func (c CPUInfo) RTM() bool {
-	return c.Features&RTM != 0
-}
-
-// Rdrand indicates support of RDRAND instruction is available
-func (c CPUInfo) Rdrand() bool {
-	return c.Features&RDRAND != 0
-}
-
-// Rdseed indicates support of RDSEED instruction is available
-func (c CPUInfo) Rdseed() bool {
-	return c.Features&RDSEED != 0
-}
-
-// ADX indicates support of Intel ADX (Multi-Precision Add-Carry Instruction Extensions)
-func (c CPUInfo) ADX() bool {
-	return c.Features&ADX != 0
-}
-
-// SHA indicates support of Intel SHA Extensions
-func (c CPUInfo) SHA() bool {
-	return c.Features&SHA != 0
-}
-
-// AVX512F indicates support of AVX-512 Foundation
-func (c CPUInfo) AVX512F() bool {
-	return c.Features&AVX512F != 0
-}
-
-// AVX512DQ indicates support of AVX-512 Doubleword and Quadword Instructions
-func (c CPUInfo) AVX512DQ() bool {
-	return c.Features&AVX512DQ != 0
-}
-
-// AVX512IFMA indicates support of AVX-512 Integer Fused Multiply-Add Instructions
-func (c CPUInfo) AVX512IFMA() bool {
-	return c.Features&AVX512IFMA != 0
-}
-
-// AVX512PF indicates support of AVX-512 Prefetch Instructions
-func (c CPUInfo) AVX512PF() bool {
-	return c.Features&AVX512PF != 0
-}
-
-// AVX512ER indicates support of AVX-512 Exponential and Reciprocal Instructions
-func (c CPUInfo) AVX512ER() bool {
-	return c.Features&AVX512ER != 0
-}
-
-// AVX512CD indicates support of AVX-512 Conflict Detection Instructions
-func (c CPUInfo) AVX512CD() bool {
-	return c.Features&AVX512CD != 0
-}
-
-// AVX512BW indicates support of AVX-512 Byte and Word Instructions
-func (c CPUInfo) AVX512BW() bool {
-	return c.Features&AVX512BW != 0
-}
-
-// AVX512VL indicates support of AVX-512 Vector Length Extensions
-func (c CPUInfo) AVX512VL() bool {
-	return c.Features&AVX512VL != 0
-}
-
-// AVX512VBMI indicates support of AVX-512 Vector Bit Manipulation Instructions
-func (c CPUInfo) AVX512VBMI() bool {
-	return c.Features&AVX512VBMI != 0
-}
-
-// AVX512VBMI2 indicates support of AVX-512 Vector Bit Manipulation Instructions, Version 2
-func (c CPUInfo) AVX512VBMI2() bool {
-	return c.Features&AVX512VBMI2 != 0
-}
-
-// AVX512VNNI indicates support of AVX-512 Vector Neural Network Instructions
-func (c CPUInfo) AVX512VNNI() bool {
-	return c.Features&AVX512VNNI != 0
-}
-
-// AVX512VPOPCNTDQ indicates support of AVX-512 Vector Population Count Doubleword and Quadword
-func (c CPUInfo) AVX512VPOPCNTDQ() bool {
-	return c.Features&AVX512VPOPCNTDQ != 0
-}
-
-// GFNI indicates support of Galois Field New Instructions
-func (c CPUInfo) GFNI() bool {
-	return c.Features&GFNI != 0
-}
-
-// VAES indicates support of Vector AES
-func (c CPUInfo) VAES() bool {
-	return c.Features&VAES != 0
-}
-
-// AVX512BITALG indicates support of AVX-512 Bit Algorithms
-func (c CPUInfo) AVX512BITALG() bool {
-	return c.Features&AVX512BITALG != 0
-}
-
-// VPCLMULQDQ indicates support of Carry-Less Multiplication Quadword
-func (c CPUInfo) VPCLMULQDQ() bool {
-	return c.Features&VPCLMULQDQ != 0
-}
-
-// AVX512BF16 indicates support of
-func (c CPUInfo) AVX512BF16() bool {
-	return c.Features&AVX512BF16 != 0
-}
-
-// AVX512VP2INTERSECT indicates support of
-func (c CPUInfo) AVX512VP2INTERSECT() bool {
-	return c.Features&AVX512VP2INTERSECT != 0
-}
-
-// MPX indicates support of Intel MPX (Memory Protection Extensions)
-func (c CPUInfo) MPX() bool {
-	return c.Features&MPX != 0
-}
-
-// ERMS indicates support of Enhanced REP MOVSB/STOSB
-func (c CPUInfo) ERMS() bool {
-	return c.Features&ERMS != 0
-}
-
-// RDTSCP Instruction is available.
-func (c CPUInfo) RDTSCP() bool {
-	return c.Features&RDTSCP != 0
-}
-
-// CX16 indicates if CMPXCHG16B instruction is available.
-func (c CPUInfo) CX16() bool {
-	return c.Features&CX16 != 0
-}
-
-// TSX is split into HLE (Hardware Lock Elision) and RTM (Restricted Transactional Memory) detection.
-// So TSX simply checks that.
-func (c CPUInfo) TSX() bool {
-	return c.Features&(HLE|RTM) == HLE|RTM
-}
-
-// Atom indicates an Atom processor
-func (c CPUInfo) Atom() bool {
-	return c.Features&ATOM != 0
-}
-
-// Intel returns true if vendor is recognized as Intel
-func (c CPUInfo) Intel() bool {
-	return c.VendorID == Intel
-}
-
-// AMD returns true if vendor is recognized as AMD
-func (c CPUInfo) AMD() bool {
-	return c.VendorID == AMD
-}
-
-// Hygon returns true if vendor is recognized as Hygon
-func (c CPUInfo) Hygon() bool {
-	return c.VendorID == Hygon
-}
-
-// Transmeta returns true if vendor is recognized as Transmeta
-func (c CPUInfo) Transmeta() bool {
-	return c.VendorID == Transmeta
-}
-
-// NSC returns true if vendor is recognized as National Semiconductor
-func (c CPUInfo) NSC() bool {
-	return c.VendorID == NSC
-}
-
-// VIA returns true if vendor is recognized as VIA
-func (c CPUInfo) VIA() bool {
-	return c.VendorID == VIA
-}
-
-// RTCounter returns the 64-bit time-stamp counter
-// Uses the RDTSCP instruction. The value 0 is returned
-// if the CPU does not support the instruction.
-func (c CPUInfo) RTCounter() uint64 {
-	if !c.RDTSCP() {
-		return 0
-	}
-	a, _, _, d := rdtscpAsm()
-	return uint64(a) | (uint64(d) << 32)
-}
-
-// Ia32TscAux returns the IA32_TSC_AUX part of the RDTSCP.
-// This variable is OS dependent, but on Linux contains information
-// about the current cpu/core the code is running on.
-// If the RDTSCP instruction isn't supported on the CPU, the value 0 is returned.
-func (c CPUInfo) Ia32TscAux() uint32 {
-	if !c.RDTSCP() {
-		return 0
-	}
-	_, _, ecx, _ := rdtscpAsm()
-	return ecx
-}
-
-// LogicalCPU will return the Logical CPU the code is currently executing on.
-// This is likely to change when the OS re-schedules the running thread
-// to another CPU.
-// If the current core cannot be detected, -1 will be returned.
-func (c CPUInfo) LogicalCPU() int {
-	if c.maxFunc < 1 {
-		return -1
-	}
-	_, ebx, _, _ := cpuid(1)
-	return int(ebx >> 24)
-}
-
-// hertz tries to compute the clock speed of the CPU. If leaf 15 is
-// supported, use it, otherwise parse the brand string. Yes, really.
-func hertz(model string) int64 {
-	mfi := maxFunctionID()
-	if mfi >= 0x15 {
-		eax, ebx, ecx, _ := cpuid(0x15)
-		if eax != 0 && ebx != 0 && ecx != 0 {
-			return int64((int64(ecx) * int64(ebx)) / int64(eax))
-		}
-	}
-	// computeHz determines the official rated speed of a CPU from its brand
-	// string. This insanity is *actually the official documented way to do
-	// this according to Intel*, prior to leaf 0x15 existing. The official
-	// documentation only shows this working for exactly `x.xx` or `xxxx`
-	// cases, e.g., `2.50GHz` or `1300MHz`; this parser will accept other
-	// sizes.
-	hz := strings.LastIndex(model, "Hz")
-	if hz < 3 {
-		return -1
-	}
-	var multiplier int64
-	switch model[hz-1] {
-	case 'M':
-		multiplier = 1000 * 1000
-	case 'G':
-		multiplier = 1000 * 1000 * 1000
-	case 'T':
-		multiplier = 1000 * 1000 * 1000 * 1000
-	}
-	if multiplier == 0 {
-		return -1
-	}
-	freq := int64(0)
-	divisor := int64(0)
-	decimalShift := int64(1)
-	var i int
-	for i = hz - 2; i >= 0 && model[i] != ' '; i-- {
-		if model[i] >= '0' && model[i] <= '9' {
-			freq += int64(model[i]-'0') * decimalShift
-			decimalShift *= 10
-		} else if model[i] == '.' {
-			if divisor != 0 {
-				return -1
-			}
-			divisor = decimalShift
-		} else {
-			return -1
-		}
-	}
-	// we didn't find a space
-	if i < 0 {
-		return -1
-	}
-	if divisor != 0 {
-		return (freq * multiplier) / divisor
-	}
-	return freq * multiplier
-}
-
-// VM Will return true if the cpu id indicates we are in
-// a virtual machine. This is only a hint, and will very likely
-// have many false negatives.
-func (c CPUInfo) VM() bool {
-	switch c.VendorID {
-	case MSVM, KVM, VMware, XenHVM, Bhyve:
-		return true
-	}
-	return false
-}
-
-// Flags contains detected cpu features and characteristics
-type Flags uint64
-
-// ArmFlags contains detected ARM cpu features and characteristics
-type ArmFlags uint64
-
-// String returns a string representation of the detected
-// CPU features.
-func (f Flags) String() string {
-	return strings.Join(f.Strings(), ",")
-}
-
-// Strings returns an array of the detected features.
-func (f Flags) Strings() []string {
-	r := make([]string, 0, 20)
-	for i := uint(0); i < 64; i++ {
-		key := Flags(1 << i)
-		val := flagNames[key]
-		if f&key != 0 {
-			r = append(r, val)
-		}
-	}
-	return r
-}
-
-// String returns a string representation of the detected
-// CPU features.
-func (f ArmFlags) String() string {
-	return strings.Join(f.Strings(), ",")
-}
-
-// Strings returns an array of the detected features.
-func (f ArmFlags) Strings() []string {
-	r := make([]string, 0, 20)
-	for i := uint(0); i < 64; i++ {
-		key := ArmFlags(1 << i)
-		val := flagNamesArm[key]
-		if f&key != 0 {
-			r = append(r, val)
-		}
-	}
-	return r
-}
-func maxExtendedFunction() uint32 {
-	eax, _, _, _ := cpuid(0x80000000)
-	return eax
-}
-
-func maxFunctionID() uint32 {
-	a, _, _, _ := cpuid(0)
-	return a
-}
-
-func brandName() string {
-	if maxExtendedFunction() >= 0x80000004 {
-		v := make([]uint32, 0, 48)
-		for i := uint32(0); i < 3; i++ {
-			a, b, c, d := cpuid(0x80000002 + i)
-			v = append(v, a, b, c, d)
-		}
-		return strings.Trim(string(valAsString(v...)), " ")
-	}
-	return "unknown"
-}
-
-func threadsPerCore() int {
-	mfi := maxFunctionID()
-	vend, _ := vendorID()
-
-	if mfi < 0x4 || (vend != Intel && vend != AMD) {
-		return 1
-	}
-
-	if mfi < 0xb {
-		if vend != Intel {
-			return 1
-		}
-		_, b, _, d := cpuid(1)
-		if (d & (1 << 28)) != 0 {
-			// v will contain logical core count
-			v := (b >> 16) & 255
-			if v > 1 {
-				a4, _, _, _ := cpuid(4)
-				// physical cores
-				v2 := (a4 >> 26) + 1
-				if v2 > 0 {
-					return int(v) / int(v2)
-				}
-			}
-		}
-		return 1
-	}
-	_, b, _, _ := cpuidex(0xb, 0)
-	if b&0xffff == 0 {
-		return 1
-	}
-	return int(b & 0xffff)
-}
-
-func logicalCores() int {
-	mfi := maxFunctionID()
-	v, _ := vendorID()
-	switch v {
-	case Intel:
-		// Use this on old Intel processors
-		if mfi < 0xb {
-			if mfi < 1 {
-				return 0
-			}
-			// CPUID.1:EBX[23:16] represents the maximum number of addressable IDs (initial APIC ID)
-			// that can be assigned to logical processors in a physical package.
-			// The value may not be the same as the number of logical processors that are present in the hardware of a physical package.
-			_, ebx, _, _ := cpuid(1)
-			logical := (ebx >> 16) & 0xff
-			return int(logical)
-		}
-		_, b, _, _ := cpuidex(0xb, 1)
-		return int(b & 0xffff)
-	case AMD, Hygon:
-		_, b, _, _ := cpuid(1)
-		return int((b >> 16) & 0xff)
-	default:
-		return 0
-	}
-}
-
-func familyModel() (int, int) {
-	if maxFunctionID() < 0x1 {
-		return 0, 0
-	}
-	eax, _, _, _ := cpuid(1)
-	family := ((eax >> 8) & 0xf) + ((eax >> 20) & 0xff)
-	model := ((eax >> 4) & 0xf) + ((eax >> 12) & 0xf0)
-	return int(family), int(model)
-}
-
-func physicalCores() int {
-	v, _ := vendorID()
-	switch v {
-	case Intel:
-		return logicalCores() / threadsPerCore()
-	case AMD, Hygon:
-		lc := logicalCores()
-		tpc := threadsPerCore()
-		if lc > 0 && tpc > 0 {
-			return lc / tpc
-		}
-		// The following is inaccurate on AMD EPYC 7742 64-Core Processor
-
-		if maxExtendedFunction() >= 0x80000008 {
-			_, _, c, _ := cpuid(0x80000008)
-			return int(c&0xff) + 1
-		}
-	}
-	return 0
-}
-
-// Except from http://en.wikipedia.org/wiki/CPUID#EAX.3D0:_Get_vendor_ID
-var vendorMapping = map[string]Vendor{
-	"AMDisbetter!": AMD,
-	"AuthenticAMD": AMD,
-	"CentaurHauls": VIA,
-	"GenuineIntel": Intel,
-	"TransmetaCPU": Transmeta,
-	"GenuineTMx86": Transmeta,
-	"Geode by NSC": NSC,
-	"VIA VIA VIA ": VIA,
-	"KVMKVMKVMKVM": KVM,
-	"Microsoft Hv": MSVM,
-	"VMwareVMware": VMware,
-	"XenVMMXenVMM": XenHVM,
-	"bhyve bhyve ": Bhyve,
-	"HygonGenuine": Hygon,
-	"Vortex86 SoC": SiS,
-	"SiS SiS SiS ": SiS,
-	"RiseRiseRise": SiS,
-	"Genuine  RDC": RDC,
-}
-
-func vendorID() (Vendor, string) {
-	_, b, c, d := cpuid(0)
-	v := string(valAsString(b, d, c))
-	vend, ok := vendorMapping[v]
-	if !ok {
-		return Other, v
-	}
-	return vend, v
-}
-
-func cacheLine() int {
-	if maxFunctionID() < 0x1 {
-		return 0
-	}
-
-	_, ebx, _, _ := cpuid(1)
-	cache := (ebx & 0xff00) >> 5 // cflush size
-	if cache == 0 && maxExtendedFunction() >= 0x80000006 {
-		_, _, ecx, _ := cpuid(0x80000006)
-		cache = ecx & 0xff // cacheline size
-	}
-	// TODO: Read from Cache and TLB Information
-	return int(cache)
-}
-
-func (c *CPUInfo) cacheSize() {
-	c.Cache.L1D = -1
-	c.Cache.L1I = -1
-	c.Cache.L2 = -1
-	c.Cache.L3 = -1
-	vendor, _ := vendorID()
-	switch vendor {
-	case Intel:
-		if maxFunctionID() < 4 {
-			return
-		}
-		for i := uint32(0); ; i++ {
-			eax, ebx, ecx, _ := cpuidex(4, i)
-			cacheType := eax & 15
-			if cacheType == 0 {
-				break
-			}
-			cacheLevel := (eax >> 5) & 7
-			coherency := int(ebx&0xfff) + 1
-			partitions := int((ebx>>12)&0x3ff) + 1
-			associativity := int((ebx>>22)&0x3ff) + 1
-			sets := int(ecx) + 1
-			size := associativity * partitions * coherency * sets
-			switch cacheLevel {
-			case 1:
-				if cacheType == 1 {
-					// 1 = Data Cache
-					c.Cache.L1D = size
-				} else if cacheType == 2 {
-					// 2 = Instruction Cache
-					c.Cache.L1I = size
-				} else {
-					if c.Cache.L1D < 0 {
-						c.Cache.L1I = size
-					}
-					if c.Cache.L1I < 0 {
-						c.Cache.L1I = size
-					}
-				}
-			case 2:
-				c.Cache.L2 = size
-			case 3:
-				c.Cache.L3 = size
-			}
-		}
-	case AMD, Hygon:
-		// Untested.
-		if maxExtendedFunction() < 0x80000005 {
-			return
-		}
-		_, _, ecx, edx := cpuid(0x80000005)
-		c.Cache.L1D = int(((ecx >> 24) & 0xFF) * 1024)
-		c.Cache.L1I = int(((edx >> 24) & 0xFF) * 1024)
-
-		if maxExtendedFunction() < 0x80000006 {
-			return
-		}
-		_, _, ecx, _ = cpuid(0x80000006)
-		c.Cache.L2 = int(((ecx >> 16) & 0xFFFF) * 1024)
-
-		// CPUID Fn8000_001D_EAX_x[N:0] Cache Properties
-		if maxExtendedFunction() < 0x8000001D {
-			return
-		}
-		for i := uint32(0); i < math.MaxUint32; i++ {
-			eax, ebx, ecx, _ := cpuidex(0x8000001D, i)
-
-			level := (eax >> 5) & 7
-			cacheNumSets := ecx + 1
-			cacheLineSize := 1 + (ebx & 2047)
-			cachePhysPartitions := 1 + ((ebx >> 12) & 511)
-			cacheNumWays := 1 + ((ebx >> 22) & 511)
-
-			typ := eax & 15
-			size := int(cacheNumSets * cacheLineSize * cachePhysPartitions * cacheNumWays)
-			if typ == 0 {
-				return
-			}
-
-			switch level {
-			case 1:
-				switch typ {
-				case 1:
-					// Data cache
-					c.Cache.L1D = size
-				case 2:
-					// Inst cache
-					c.Cache.L1I = size
-				default:
-					if c.Cache.L1D < 0 {
-						c.Cache.L1I = size
-					}
-					if c.Cache.L1I < 0 {
-						c.Cache.L1I = size
-					}
-				}
-			case 2:
-				c.Cache.L2 = size
-			case 3:
-				c.Cache.L3 = size
-			}
-		}
-	}
-
-	return
-}
-
-type SGXEPCSection struct {
-	BaseAddress uint64
-	EPCSize     uint64
-}
-
-type SGXSupport struct {
-	Available           bool
-	LaunchControl       bool
-	SGX1Supported       bool
-	SGX2Supported       bool
-	MaxEnclaveSizeNot64 int64
-	MaxEnclaveSize64    int64
-	EPCSections         []SGXEPCSection
-}
-
-func hasSGX(available, lc bool) (rval SGXSupport) {
-	rval.Available = available
-
-	if !available {
-		return
-	}
-
-	rval.LaunchControl = lc
-
-	a, _, _, d := cpuidex(0x12, 0)
-	rval.SGX1Supported = a&0x01 != 0
-	rval.SGX2Supported = a&0x02 != 0
-	rval.MaxEnclaveSizeNot64 = 1 << (d & 0xFF)     // pow 2
-	rval.MaxEnclaveSize64 = 1 << ((d >> 8) & 0xFF) // pow 2
-	rval.EPCSections = make([]SGXEPCSection, 0)
-
-	for subleaf := uint32(2); subleaf < 2+8; subleaf++ {
-		eax, ebx, ecx, edx := cpuidex(0x12, subleaf)
-		leafType := eax & 0xf
-
-		if leafType == 0 {
-			// Invalid subleaf, stop iterating
-			break
-		} else if leafType == 1 {
-			// EPC Section subleaf
-			baseAddress := uint64(eax&0xfffff000) + (uint64(ebx&0x000fffff) << 32)
-			size := uint64(ecx&0xfffff000) + (uint64(edx&0x000fffff) << 32)
-
-			section := SGXEPCSection{BaseAddress: baseAddress, EPCSize: size}
-			rval.EPCSections = append(rval.EPCSections, section)
-		}
-	}
-
-	return
-}
-
-func support() Flags {
-	mfi := maxFunctionID()
-	vend, _ := vendorID()
-	if mfi < 0x1 {
-		return 0
-	}
-	rval := uint64(0)
-	_, _, c, d := cpuid(1)
-	if (d & (1 << 15)) != 0 {
-		rval |= CMOV
-	}
-	if (d & (1 << 23)) != 0 {
-		rval |= MMX
-	}
-	if (d & (1 << 25)) != 0 {
-		rval |= MMXEXT
-	}
-	if (d & (1 << 25)) != 0 {
-		rval |= SSE
-	}
-	if (d & (1 << 26)) != 0 {
-		rval |= SSE2
-	}
-	if (c & 1) != 0 {
-		rval |= SSE3
-	}
-	if (c & (1 << 5)) != 0 {
-		rval |= VMX
-	}
-	if (c & 0x00000200) != 0 {
-		rval |= SSSE3
-	}
-	if (c & 0x00080000) != 0 {
-		rval |= SSE4
-	}
-	if (c & 0x00100000) != 0 {
-		rval |= SSE42
-	}
-	if (c & (1 << 25)) != 0 {
-		rval |= AESNI
-	}
-	if (c & (1 << 1)) != 0 {
-		rval |= CLMUL
-	}
-	if c&(1<<23) != 0 {
-		rval |= POPCNT
-	}
-	if c&(1<<30) != 0 {
-		rval |= RDRAND
-	}
-	if c&(1<<29) != 0 {
-		rval |= F16C
-	}
-	if c&(1<<13) != 0 {
-		rval |= CX16
-	}
-	if vend == Intel && (d&(1<<28)) != 0 && mfi >= 4 {
-		if threadsPerCore() > 1 {
-			rval |= HTT
-		}
-	}
-	if vend == AMD && (d&(1<<28)) != 0 && mfi >= 4 {
-		if threadsPerCore() > 1 {
-			rval |= HTT
-		}
-	}
-	// Check XGETBV, OXSAVE and AVX bits
-	if c&(1<<26) != 0 && c&(1<<27) != 0 && c&(1<<28) != 0 {
-		// Check for OS support
-		eax, _ := xgetbv(0)
-		if (eax & 0x6) == 0x6 {
-			rval |= AVX
-			if (c & 0x00001000) != 0 {
-				rval |= FMA3
-			}
-		}
-	}
-
-	// Check AVX2, AVX2 requires OS support, but BMI1/2 don't.
-	if mfi >= 7 {
-		_, ebx, ecx, edx := cpuidex(7, 0)
-		eax1, _, _, _ := cpuidex(7, 1)
-		if (rval&AVX) != 0 && (ebx&0x00000020) != 0 {
-			rval |= AVX2
-		}
-		if (ebx & 0x00000008) != 0 {
-			rval |= BMI1
-			if (ebx & 0x00000100) != 0 {
-				rval |= BMI2
-			}
-		}
-		if ebx&(1<<2) != 0 {
-			rval |= SGX
-		}
-		if ebx&(1<<4) != 0 {
-			rval |= HLE
-		}
-		if ebx&(1<<9) != 0 {
-			rval |= ERMS
-		}
-		if ebx&(1<<11) != 0 {
-			rval |= RTM
-		}
-		if ebx&(1<<14) != 0 {
-			rval |= MPX
-		}
-		if ebx&(1<<18) != 0 {
-			rval |= RDSEED
-		}
-		if ebx&(1<<19) != 0 {
-			rval |= ADX
-		}
-		if ebx&(1<<29) != 0 {
-			rval |= SHA
-		}
-		if edx&(1<<26) != 0 {
-			rval |= IBPB
-		}
-		if ecx&(1<<30) != 0 {
-			rval |= SGXLC
-		}
-		if edx&(1<<27) != 0 {
-			rval |= STIBP
-		}
-
-		// Only detect AVX-512 features if XGETBV is supported
-		if c&((1<<26)|(1<<27)) == (1<<26)|(1<<27) {
-			// Check for OS support
-			eax, _ := xgetbv(0)
-
-			// Verify that XCR0[7:5] = ‘111b’ (OPMASK state, upper 256-bit of ZMM0-ZMM15 and
-			// ZMM16-ZMM31 state are enabled by OS)
-			/// and that XCR0[2:1] = ‘11b’ (XMM state and YMM state are enabled by OS).
-			if (eax>>5)&7 == 7 && (eax>>1)&3 == 3 {
-				if ebx&(1<<16) != 0 {
-					rval |= AVX512F
-				}
-				if ebx&(1<<17) != 0 {
-					rval |= AVX512DQ
-				}
-				if ebx&(1<<21) != 0 {
-					rval |= AVX512IFMA
-				}
-				if ebx&(1<<26) != 0 {
-					rval |= AVX512PF
-				}
-				if ebx&(1<<27) != 0 {
-					rval |= AVX512ER
-				}
-				if ebx&(1<<28) != 0 {
-					rval |= AVX512CD
-				}
-				if ebx&(1<<30) != 0 {
-					rval |= AVX512BW
-				}
-				if ebx&(1<<31) != 0 {
-					rval |= AVX512VL
-				}
-				// ecx
-				if ecx&(1<<1) != 0 {
-					rval |= AVX512VBMI
-				}
-				if ecx&(1<<6) != 0 {
-					rval |= AVX512VBMI2
-				}
-				if ecx&(1<<8) != 0 {
-					rval |= GFNI
-				}
-				if ecx&(1<<9) != 0 {
-					rval |= VAES
-				}
-				if ecx&(1<<10) != 0 {
-					rval |= VPCLMULQDQ
-				}
-				if ecx&(1<<11) != 0 {
-					rval |= AVX512VNNI
-				}
-				if ecx&(1<<12) != 0 {
-					rval |= AVX512BITALG
-				}
-				if ecx&(1<<14) != 0 {
-					rval |= AVX512VPOPCNTDQ
-				}
-				// edx
-				if edx&(1<<8) != 0 {
-					rval |= AVX512VP2INTERSECT
-				}
-				// cpuid eax 07h,ecx=1
-				if eax1&(1<<5) != 0 {
-					rval |= AVX512BF16
-				}
-			}
-		}
-	}
-
-	if maxExtendedFunction() >= 0x80000001 {
-		_, _, c, d := cpuid(0x80000001)
-		if (c & (1 << 5)) != 0 {
-			rval |= LZCNT
-			rval |= POPCNT
-		}
-		if (d & (1 << 31)) != 0 {
-			rval |= AMD3DNOW
-		}
-		if (d & (1 << 30)) != 0 {
-			rval |= AMD3DNOWEXT
-		}
-		if (d & (1 << 23)) != 0 {
-			rval |= MMX
-		}
-		if (d & (1 << 22)) != 0 {
-			rval |= MMXEXT
-		}
-		if (c & (1 << 6)) != 0 {
-			rval |= SSE4A
-		}
-		if d&(1<<20) != 0 {
-			rval |= NX
-		}
-		if d&(1<<27) != 0 {
-			rval |= RDTSCP
-		}
-
-		/* Allow for selectively disabling SSE2 functions on AMD processors
-		   with SSE2 support but not SSE4a. This includes Athlon64, some
-		   Opteron, and some Sempron processors. MMX, SSE, or 3DNow! are faster
-		   than SSE2 often enough to utilize this special-case flag.
-		   AV_CPU_FLAG_SSE2 and AV_CPU_FLAG_SSE2SLOW are both set in this case
-		   so that SSE2 is used unless explicitly disabled by checking
-		   AV_CPU_FLAG_SSE2SLOW. */
-		if vend != Intel &&
-			rval&SSE2 != 0 && (c&0x00000040) == 0 {
-			rval |= SSE2SLOW
-		}
-
-		/* XOP and FMA4 use the AVX instruction coding scheme, so they can't be
-		 * used unless the OS has AVX support. */
-		if (rval & AVX) != 0 {
-			if (c & 0x00000800) != 0 {
-				rval |= XOP
-			}
-			if (c & 0x00010000) != 0 {
-				rval |= FMA4
-			}
-		}
-
-		if vend == Intel {
-			family, model := familyModel()
-			if family == 6 && (model == 9 || model == 13 || model == 14) {
-				/* 6/9 (pentium-m "banias"), 6/13 (pentium-m "dothan"), and
-				 * 6/14 (core1 "yonah") theoretically support sse2, but it's
-				 * usually slower than mmx. */
-				if (rval & SSE2) != 0 {
-					rval |= SSE2SLOW
-				}
-				if (rval & SSE3) != 0 {
-					rval |= SSE3SLOW
-				}
-			}
-			/* The Atom processor has SSSE3 support, which is useful in many cases,
-			 * but sometimes the SSSE3 version is slower than the SSE2 equivalent
-			 * on the Atom, but is generally faster on other processors supporting
-			 * SSSE3. This flag allows for selectively disabling certain SSSE3
-			 * functions on the Atom. */
-			if family == 6 && model == 28 {
-				rval |= ATOM
-			}
-		}
-	}
-	return Flags(rval)
-}
-
-func valAsString(values ...uint32) []byte {
-	r := make([]byte, 4*len(values))
-	for i, v := range values {
-		dst := r[i*4:]
-		dst[0] = byte(v & 0xff)
-		dst[1] = byte((v >> 8) & 0xff)
-		dst[2] = byte((v >> 16) & 0xff)
-		dst[3] = byte((v >> 24) & 0xff)
-		switch {
-		case dst[0] == 0:
-			return r[:i*4]
-		case dst[1] == 0:
-			return r[:i*4+1]
-		case dst[2] == 0:
-			return r[:i*4+2]
-		case dst[3] == 0:
-			return r[:i*4+3]
-		}
-	}
-	return r
-}
-
-// Single-precision and double-precision floating point
-func (c CPUInfo) ArmFP() bool {
-	return c.Arm&FP != 0
-}
-
-// Advanced SIMD
-func (c CPUInfo) ArmASIMD() bool {
-	return c.Arm&ASIMD != 0
-}
-
-// Generic timer
-func (c CPUInfo) ArmEVTSTRM() bool {
-	return c.Arm&EVTSTRM != 0
-}
-
-// AES instructions
-func (c CPUInfo) ArmAES() bool {
-	return c.Arm&AES != 0
-}
-
-// Polynomial Multiply instructions (PMULL/PMULL2)
-func (c CPUInfo) ArmPMULL() bool {
-	return c.Arm&PMULL != 0
-}
-
-// SHA-1 instructions (SHA1C, etc)
-func (c CPUInfo) ArmSHA1() bool {
-	return c.Arm&SHA1 != 0
-}
-
-// SHA-2 instructions (SHA256H, etc)
-func (c CPUInfo) ArmSHA2() bool {
-	return c.Arm&SHA2 != 0
-}
-
-// CRC32/CRC32C instructions
-func (c CPUInfo) ArmCRC32() bool {
-	return c.Arm&CRC32 != 0
-}
-
-// Large System Extensions (LSE)
-func (c CPUInfo) ArmATOMICS() bool {
-	return c.Arm&ATOMICS != 0
-}
-
-// Half-precision floating point
-func (c CPUInfo) ArmFPHP() bool {
-	return c.Arm&FPHP != 0
-}
-
-// Advanced SIMD half-precision floating point
-func (c CPUInfo) ArmASIMDHP() bool {
-	return c.Arm&ASIMDHP != 0
-}
-
-// Rounding Double Multiply Accumulate/Subtract (SQRDMLAH/SQRDMLSH)
-func (c CPUInfo) ArmASIMDRDM() bool {
-	return c.Arm&ASIMDRDM != 0
-}
-
-// Javascript-style double->int convert (FJCVTZS)
-func (c CPUInfo) ArmJSCVT() bool {
-	return c.Arm&JSCVT != 0
-}
-
-// Floatin point complex number addition and multiplication
-func (c CPUInfo) ArmFCMA() bool {
-	return c.Arm&FCMA != 0
-}
-
-// Weaker release consistency (LDAPR, etc)
-func (c CPUInfo) ArmLRCPC() bool {
-	return c.Arm&LRCPC != 0
-}
-
-// Data cache clean to Point of Persistence (DC CVAP)
-func (c CPUInfo) ArmDCPOP() bool {
-	return c.Arm&DCPOP != 0
-}
-
-// SHA-3 instructions (EOR3, RAXI, XAR, BCAX)
-func (c CPUInfo) ArmSHA3() bool {
-	return c.Arm&SHA3 != 0
-}
-
-// SM3 instructions
-func (c CPUInfo) ArmSM3() bool {
-	return c.Arm&SM3 != 0
-}
-
-// SM4 instructions
-func (c CPUInfo) ArmSM4() bool {
-	return c.Arm&SM4 != 0
-}
-
-// SIMD Dot Product
-func (c CPUInfo) ArmASIMDDP() bool {
-	return c.Arm&ASIMDDP != 0
-}
-
-// SHA512 instructions
-func (c CPUInfo) ArmSHA512() bool {
-	return c.Arm&SHA512 != 0
-}
-
-// Scalable Vector Extension
-func (c CPUInfo) ArmSVE() bool {
-	return c.Arm&SVE != 0
-}
-
-// Generic Pointer Authentication
-func (c CPUInfo) ArmGPA() bool {
-	return c.Arm&GPA != 0
-}
diff --git a/vendor/github.com/klauspost/cpuid/cpuid_386.s b/vendor/github.com/klauspost/cpuid/cpuid_386.s
deleted file mode 100644
index 089638f51a..0000000000
--- a/vendor/github.com/klauspost/cpuid/cpuid_386.s
+++ /dev/null
@@ -1,42 +0,0 @@
-// Copyright (c) 2015 Klaus Post, released under MIT License. See LICENSE file.
-
-//+build 386,!gccgo,!noasm,!appengine
-
-// func asmCpuid(op uint32) (eax, ebx, ecx, edx uint32)
-TEXT ·asmCpuid(SB), 7, $0
-	XORL CX, CX
-	MOVL op+0(FP), AX
-	CPUID
-	MOVL AX, eax+4(FP)
-	MOVL BX, ebx+8(FP)
-	MOVL CX, ecx+12(FP)
-	MOVL DX, edx+16(FP)
-	RET
-
-// func asmCpuidex(op, op2 uint32) (eax, ebx, ecx, edx uint32)
-TEXT ·asmCpuidex(SB), 7, $0
-	MOVL op+0(FP), AX
-	MOVL op2+4(FP), CX
-	CPUID
-	MOVL AX, eax+8(FP)
-	MOVL BX, ebx+12(FP)
-	MOVL CX, ecx+16(FP)
-	MOVL DX, edx+20(FP)
-	RET
-
-// func xgetbv(index uint32) (eax, edx uint32)
-TEXT ·asmXgetbv(SB), 7, $0
-	MOVL index+0(FP), CX
-	BYTE $0x0f; BYTE $0x01; BYTE $0xd0 // XGETBV
-	MOVL AX, eax+4(FP)
-	MOVL DX, edx+8(FP)
-	RET
-
-// func asmRdtscpAsm() (eax, ebx, ecx, edx uint32)
-TEXT ·asmRdtscpAsm(SB), 7, $0
-	BYTE $0x0F; BYTE $0x01; BYTE $0xF9 // RDTSCP
-	MOVL AX, eax+0(FP)
-	MOVL BX, ebx+4(FP)
-	MOVL CX, ecx+8(FP)
-	MOVL DX, edx+12(FP)
-	RET
diff --git a/vendor/github.com/klauspost/cpuid/cpuid_amd64.s b/vendor/github.com/klauspost/cpuid/cpuid_amd64.s
deleted file mode 100644
index 3ba0559e93..0000000000
--- a/vendor/github.com/klauspost/cpuid/cpuid_amd64.s
+++ /dev/null
@@ -1,42 +0,0 @@
-// Copyright (c) 2015 Klaus Post, released under MIT License. See LICENSE file.
-
-//+build amd64,!gccgo,!noasm,!appengine
-
-// func asmCpuid(op uint32) (eax, ebx, ecx, edx uint32)
-TEXT ·asmCpuid(SB), 7, $0
-	XORQ CX, CX
-	MOVL op+0(FP), AX
-	CPUID
-	MOVL AX, eax+8(FP)
-	MOVL BX, ebx+12(FP)
-	MOVL CX, ecx+16(FP)
-	MOVL DX, edx+20(FP)
-	RET
-
-// func asmCpuidex(op, op2 uint32) (eax, ebx, ecx, edx uint32)
-TEXT ·asmCpuidex(SB), 7, $0
-	MOVL op+0(FP), AX
-	MOVL op2+4(FP), CX
-	CPUID
-	MOVL AX, eax+8(FP)
-	MOVL BX, ebx+12(FP)
-	MOVL CX, ecx+16(FP)
-	MOVL DX, edx+20(FP)
-	RET
-
-// func asmXgetbv(index uint32) (eax, edx uint32)
-TEXT ·asmXgetbv(SB), 7, $0
-	MOVL index+0(FP), CX
-	BYTE $0x0f; BYTE $0x01; BYTE $0xd0 // XGETBV
-	MOVL AX, eax+8(FP)
-	MOVL DX, edx+12(FP)
-	RET
-
-// func asmRdtscpAsm() (eax, ebx, ecx, edx uint32)
-TEXT ·asmRdtscpAsm(SB), 7, $0
-	BYTE $0x0F; BYTE $0x01; BYTE $0xF9 // RDTSCP
-	MOVL AX, eax+0(FP)
-	MOVL BX, ebx+4(FP)
-	MOVL CX, ecx+8(FP)
-	MOVL DX, edx+12(FP)
-	RET
diff --git a/vendor/github.com/klauspost/cpuid/cpuid_arm64.s b/vendor/github.com/klauspost/cpuid/cpuid_arm64.s
deleted file mode 100644
index 8975ee8dba..0000000000
--- a/vendor/github.com/klauspost/cpuid/cpuid_arm64.s
+++ /dev/null
@@ -1,26 +0,0 @@
-// Copyright (c) 2015 Klaus Post, released under MIT License. See LICENSE file.
-
-//+build arm64,!gccgo
-
-// See https://www.kernel.org/doc/Documentation/arm64/cpu-feature-registers.txt
-
-// func getMidr
-TEXT ·getMidr(SB), 7, $0
-	WORD $0xd5380000    // mrs x0, midr_el1         /* Main ID Register */
-	MOVD R0, midr+0(FP)
-	RET
-
-// func getProcFeatures
-TEXT ·getProcFeatures(SB), 7, $0
-	WORD $0xd5380400            // mrs x0, id_aa64pfr0_el1  /* Processor Feature Register 0 */
-	MOVD R0, procFeatures+0(FP)
-	RET
-
-// func getInstAttributes
-TEXT ·getInstAttributes(SB), 7, $0
-	WORD $0xd5380600            // mrs x0, id_aa64isar0_el1 /* Instruction Set Attribute Register 0 */
-	WORD $0xd5380621            // mrs x1, id_aa64isar1_el1 /* Instruction Set Attribute Register 1 */
-	MOVD R0, instAttrReg0+0(FP)
-	MOVD R1, instAttrReg1+8(FP)
-	RET
-
diff --git a/vendor/github.com/klauspost/cpuid/detect_arm64.go b/vendor/github.com/klauspost/cpuid/detect_arm64.go
deleted file mode 100644
index 923a826183..0000000000
--- a/vendor/github.com/klauspost/cpuid/detect_arm64.go
+++ /dev/null
@@ -1,219 +0,0 @@
-// Copyright (c) 2015 Klaus Post, released under MIT License. See LICENSE file.
-
-//+build arm64,!gccgo,!noasm,!appengine
-
-package cpuid
-
-func getMidr() (midr uint64)
-func getProcFeatures() (procFeatures uint64)
-func getInstAttributes() (instAttrReg0, instAttrReg1 uint64)
-
-func initCPU() {
-	cpuid = func(uint32) (a, b, c, d uint32) { return 0, 0, 0, 0 }
-	cpuidex = func(x, y uint32) (a, b, c, d uint32) { return 0, 0, 0, 0 }
-	xgetbv = func(uint32) (a, b uint32) { return 0, 0 }
-	rdtscpAsm = func() (a, b, c, d uint32) { return 0, 0, 0, 0 }
-}
-
-func addInfo(c *CPUInfo) {
-	// ARM64 disabled for now.
-	if true {
-		return
-	}
-	// 	midr := getMidr()
-
-	// MIDR_EL1 - Main ID Register
-	//  x--------------------------------------------------x
-	//  | Name                         |  bits   | visible |
-	//  |--------------------------------------------------|
-	//  | Implementer                  | [31-24] |    y    |
-	//  |--------------------------------------------------|
-	//  | Variant                      | [23-20] |    y    |
-	//  |--------------------------------------------------|
-	//  | Architecture                 | [19-16] |    y    |
-	//  |--------------------------------------------------|
-	//  | PartNum                      | [15-4]  |    y    |
-	//  |--------------------------------------------------|
-	//  | Revision                     | [3-0]   |    y    |
-	//  x--------------------------------------------------x
-
-	// 	fmt.Printf(" implementer:  0x%02x\n", (midr>>24)&0xff)
-	// 	fmt.Printf("     variant:   0x%01x\n", (midr>>20)&0xf)
-	// 	fmt.Printf("architecture:   0x%01x\n", (midr>>16)&0xf)
-	// 	fmt.Printf("    part num: 0x%03x\n", (midr>>4)&0xfff)
-	// 	fmt.Printf("    revision:   0x%01x\n", (midr>>0)&0xf)
-
-	procFeatures := getProcFeatures()
-
-	// ID_AA64PFR0_EL1 - Processor Feature Register 0
-	// x--------------------------------------------------x
-	// | Name                         |  bits   | visible |
-	// |--------------------------------------------------|
-	// | DIT                          | [51-48] |    y    |
-	// |--------------------------------------------------|
-	// | SVE                          | [35-32] |    y    |
-	// |--------------------------------------------------|
-	// | GIC                          | [27-24] |    n    |
-	// |--------------------------------------------------|
-	// | AdvSIMD                      | [23-20] |    y    |
-	// |--------------------------------------------------|
-	// | FP                           | [19-16] |    y    |
-	// |--------------------------------------------------|
-	// | EL3                          | [15-12] |    n    |
-	// |--------------------------------------------------|
-	// | EL2                          | [11-8]  |    n    |
-	// |--------------------------------------------------|
-	// | EL1                          | [7-4]   |    n    |
-	// |--------------------------------------------------|
-	// | EL0                          | [3-0]   |    n    |
-	// x--------------------------------------------------x
-
-	var f ArmFlags
-	// if procFeatures&(0xf<<48) != 0 {
-	// 	fmt.Println("DIT")
-	// }
-	if procFeatures&(0xf<<32) != 0 {
-		f |= SVE
-	}
-	if procFeatures&(0xf<<20) != 15<<20 {
-		f |= ASIMD
-		if procFeatures&(0xf<<20) == 1<<20 {
-			// https://developer.arm.com/docs/ddi0595/b/aarch64-system-registers/id_aa64pfr0_el1
-			// 0b0001 --> As for 0b0000, and also includes support for half-precision floating-point arithmetic.
-			f |= FPHP
-			f |= ASIMDHP
-		}
-	}
-	if procFeatures&(0xf<<16) != 0 {
-		f |= FP
-	}
-
-	instAttrReg0, instAttrReg1 := getInstAttributes()
-
-	// https://developer.arm.com/docs/ddi0595/b/aarch64-system-registers/id_aa64isar0_el1
-	//
-	// ID_AA64ISAR0_EL1 - Instruction Set Attribute Register 0
-	// x--------------------------------------------------x
-	// | Name                         |  bits   | visible |
-	// |--------------------------------------------------|
-	// | TS                           | [55-52] |    y    |
-	// |--------------------------------------------------|
-	// | FHM                          | [51-48] |    y    |
-	// |--------------------------------------------------|
-	// | DP                           | [47-44] |    y    |
-	// |--------------------------------------------------|
-	// | SM4                          | [43-40] |    y    |
-	// |--------------------------------------------------|
-	// | SM3                          | [39-36] |    y    |
-	// |--------------------------------------------------|
-	// | SHA3                         | [35-32] |    y    |
-	// |--------------------------------------------------|
-	// | RDM                          | [31-28] |    y    |
-	// |--------------------------------------------------|
-	// | ATOMICS                      | [23-20] |    y    |
-	// |--------------------------------------------------|
-	// | CRC32                        | [19-16] |    y    |
-	// |--------------------------------------------------|
-	// | SHA2                         | [15-12] |    y    |
-	// |--------------------------------------------------|
-	// | SHA1                         | [11-8]  |    y    |
-	// |--------------------------------------------------|
-	// | AES                          | [7-4]   |    y    |
-	// x--------------------------------------------------x
-
-	// if instAttrReg0&(0xf<<52) != 0 {
-	// 	fmt.Println("TS")
-	// }
-	// if instAttrReg0&(0xf<<48) != 0 {
-	// 	fmt.Println("FHM")
-	// }
-	if instAttrReg0&(0xf<<44) != 0 {
-		f |= ASIMDDP
-	}
-	if instAttrReg0&(0xf<<40) != 0 {
-		f |= SM4
-	}
-	if instAttrReg0&(0xf<<36) != 0 {
-		f |= SM3
-	}
-	if instAttrReg0&(0xf<<32) != 0 {
-		f |= SHA3
-	}
-	if instAttrReg0&(0xf<<28) != 0 {
-		f |= ASIMDRDM
-	}
-	if instAttrReg0&(0xf<<20) != 0 {
-		f |= ATOMICS
-	}
-	if instAttrReg0&(0xf<<16) != 0 {
-		f |= CRC32
-	}
-	if instAttrReg0&(0xf<<12) != 0 {
-		f |= SHA2
-	}
-	if instAttrReg0&(0xf<<12) == 2<<12 {
-		// https://developer.arm.com/docs/ddi0595/b/aarch64-system-registers/id_aa64isar0_el1
-		// 0b0010 --> As 0b0001, plus SHA512H, SHA512H2, SHA512SU0, and SHA512SU1 instructions implemented.
-		f |= SHA512
-	}
-	if instAttrReg0&(0xf<<8) != 0 {
-		f |= SHA1
-	}
-	if instAttrReg0&(0xf<<4) != 0 {
-		f |= AES
-	}
-	if instAttrReg0&(0xf<<4) == 2<<4 {
-		// https://developer.arm.com/docs/ddi0595/b/aarch64-system-registers/id_aa64isar0_el1
-		// 0b0010 --> As for 0b0001, plus PMULL/PMULL2 instructions operating on 64-bit data quantities.
-		f |= PMULL
-	}
-
-	// https://developer.arm.com/docs/ddi0595/b/aarch64-system-registers/id_aa64isar1_el1
-	//
-	// ID_AA64ISAR1_EL1 - Instruction set attribute register 1
-	// x--------------------------------------------------x
-	// | Name                         |  bits   | visible |
-	// |--------------------------------------------------|
-	// | GPI                          | [31-28] |    y    |
-	// |--------------------------------------------------|
-	// | GPA                          | [27-24] |    y    |
-	// |--------------------------------------------------|
-	// | LRCPC                        | [23-20] |    y    |
-	// |--------------------------------------------------|
-	// | FCMA                         | [19-16] |    y    |
-	// |--------------------------------------------------|
-	// | JSCVT                        | [15-12] |    y    |
-	// |--------------------------------------------------|
-	// | API                          | [11-8]  |    y    |
-	// |--------------------------------------------------|
-	// | APA                          | [7-4]   |    y    |
-	// |--------------------------------------------------|
-	// | DPB                          | [3-0]   |    y    |
-	// x--------------------------------------------------x
-
-	// if instAttrReg1&(0xf<<28) != 0 {
-	// 	fmt.Println("GPI")
-	// }
-	if instAttrReg1&(0xf<<28) != 24 {
-		f |= GPA
-	}
-	if instAttrReg1&(0xf<<20) != 0 {
-		f |= LRCPC
-	}
-	if instAttrReg1&(0xf<<16) != 0 {
-		f |= FCMA
-	}
-	if instAttrReg1&(0xf<<12) != 0 {
-		f |= JSCVT
-	}
-	// if instAttrReg1&(0xf<<8) != 0 {
-	// 	fmt.Println("API")
-	// }
-	// if instAttrReg1&(0xf<<4) != 0 {
-	// 	fmt.Println("APA")
-	// }
-	if instAttrReg1&(0xf<<0) != 0 {
-		f |= DCPOP
-	}
-	c.Arm = f
-}
diff --git a/vendor/github.com/klauspost/cpuid/detect_intel.go b/vendor/github.com/klauspost/cpuid/detect_intel.go
deleted file mode 100644
index 363951b3b2..0000000000
--- a/vendor/github.com/klauspost/cpuid/detect_intel.go
+++ /dev/null
@@ -1,33 +0,0 @@
-// Copyright (c) 2015 Klaus Post, released under MIT License. See LICENSE file.
-
-//+build 386,!gccgo,!noasm amd64,!gccgo,!noasm,!appengine
-
-package cpuid
-
-func asmCpuid(op uint32) (eax, ebx, ecx, edx uint32)
-func asmCpuidex(op, op2 uint32) (eax, ebx, ecx, edx uint32)
-func asmXgetbv(index uint32) (eax, edx uint32)
-func asmRdtscpAsm() (eax, ebx, ecx, edx uint32)
-
-func initCPU() {
-	cpuid = asmCpuid
-	cpuidex = asmCpuidex
-	xgetbv = asmXgetbv
-	rdtscpAsm = asmRdtscpAsm
-}
-
-func addInfo(c *CPUInfo) {
-	c.maxFunc = maxFunctionID()
-	c.maxExFunc = maxExtendedFunction()
-	c.BrandName = brandName()
-	c.CacheLine = cacheLine()
-	c.Family, c.Model = familyModel()
-	c.Features = support()
-	c.SGX = hasSGX(c.Features&SGX != 0, c.Features&SGXLC != 0)
-	c.ThreadsPerCore = threadsPerCore()
-	c.LogicalCores = logicalCores()
-	c.PhysicalCores = physicalCores()
-	c.VendorID, c.VendorString = vendorID()
-	c.Hz = hertz(c.BrandName)
-	c.cacheSize()
-}
diff --git a/vendor/github.com/klauspost/cpuid/detect_ref.go b/vendor/github.com/klauspost/cpuid/detect_ref.go
deleted file mode 100644
index 970ff3d22b..0000000000
--- a/vendor/github.com/klauspost/cpuid/detect_ref.go
+++ /dev/null
@@ -1,14 +0,0 @@
-// Copyright (c) 2015 Klaus Post, released under MIT License. See LICENSE file.
-
-//+build !amd64,!386,!arm64 gccgo noasm appengine
-
-package cpuid
-
-func initCPU() {
-	cpuid = func(uint32) (a, b, c, d uint32) { return 0, 0, 0, 0 }
-	cpuidex = func(x, y uint32) (a, b, c, d uint32) { return 0, 0, 0, 0 }
-	xgetbv = func(uint32) (a, b uint32) { return 0, 0 }
-	rdtscpAsm = func() (a, b, c, d uint32) { return 0, 0, 0, 0 }
-}
-
-func addInfo(info *CPUInfo) {}
diff --git a/vendor/github.com/klauspost/cpuid/go.mod b/vendor/github.com/klauspost/cpuid/go.mod
deleted file mode 100644
index 55563f2a85..0000000000
--- a/vendor/github.com/klauspost/cpuid/go.mod
+++ /dev/null
@@ -1,3 +0,0 @@
-module github.com/klauspost/cpuid
-
-go 1.12
diff --git a/vendor/github.com/klauspost/cpuid/v2/.goreleaser.yml b/vendor/github.com/klauspost/cpuid/v2/.goreleaser.yml
new file mode 100644
index 0000000000..944cc00075
--- /dev/null
+++ b/vendor/github.com/klauspost/cpuid/v2/.goreleaser.yml
@@ -0,0 +1,74 @@
+# This is an example goreleaser.yaml file with some sane defaults.
+# Make sure to check the documentation at http://goreleaser.com
+
+builds:
+  -
+    id: "cpuid"
+    binary: cpuid
+    main: ./cmd/cpuid/main.go
+    env:
+      - CGO_ENABLED=0
+    flags:
+      - -ldflags=-s -w
+    goos:
+      - aix
+      - linux
+      - freebsd
+      - netbsd
+      - windows
+      - darwin
+    goarch:
+      - 386
+      - amd64
+      - arm64
+    goarm:
+      - 7
+
+archives:
+  -
+    id: cpuid
+    name_template: "cpuid-{{ .Os }}_{{ .Arch }}_{{ .Version }}"
+    replacements:
+      aix: AIX
+      darwin: OSX
+      linux: Linux
+      windows: Windows
+      386: i386
+      amd64: x86_64
+      freebsd: FreeBSD
+      netbsd: NetBSD
+    format_overrides:
+      - goos: windows
+        format: zip
+    files:
+      - LICENSE
+checksum:
+  name_template: 'checksums.txt'
+snapshot:
+  name_template: "{{ .Tag }}-next"
+changelog:
+  sort: asc
+  filters:
+    exclude:
+    - '^doc:'
+    - '^docs:'
+    - '^test:'
+    - '^tests:'
+    - '^Update\sREADME.md'
+
+nfpms:
+  -
+    file_name_template: "cpuid_package_{{ .Version }}_{{ .Os }}_{{ .Arch }}"
+    vendor: Klaus Post
+    homepage: https://github.com/klauspost/cpuid
+    maintainer: Klaus Post <klauspost@gmail.com>
+    description: CPUID Tool
+    license: BSD 3-Clause
+    formats:
+      - deb
+      - rpm
+    replacements:
+      darwin: Darwin
+      linux: Linux
+      freebsd: FreeBSD
+      amd64: x86_64
diff --git a/vendor/github.com/klauspost/cpuid/v2/.travis.yml b/vendor/github.com/klauspost/cpuid/v2/.travis.yml
index 894bb8f692..aa9bad7e58 100644
--- a/vendor/github.com/klauspost/cpuid/v2/.travis.yml
+++ b/vendor/github.com/klauspost/cpuid/v2/.travis.yml
@@ -16,41 +16,52 @@ go:
   - 1.16.x
   - master
 
+env:
+  - CGO_ENABLED=0
+
 script:
   - go vet ./...
   - go test -test.v -test.run ^TestCPUID$
-  - go test -race ./...
+  - CGO_ENABLED=1 go test -race ./...
+  - go test -tags=nounsafe -test.v -test.run ^TestCPUID$
   - go test -tags=noasm ./...
+  - go run ./cmd/cpuid/main.go
+  - go run ./cmd/cpuid/main.go -json
 
 matrix:
   allow_failures:
     - go: 'master'
   fast_finish: true
   include:
-    - stage: gofmt
-      go: 1.15.x
+    - stage: other
+      go: 1.16.x
       os: linux
       arch: amd64
       script:
         - diff <(gofmt -d .) <(printf "")
         - diff <(gofmt -d ./private) <(printf "")
-        - go install github.com/klauspost/asmfmt/cmd/asmfmt
+        - curl -sfL https://git.io/goreleaser | VERSION=v0.157.0 sh -s -- check # check goreleaser config for deprecations
+        - curl -sL https://git.io/goreleaser | VERSION=v0.157.0 sh -s -- --snapshot --skip-publish --rm-dist
+        - go get github.com/klauspost/asmfmt&&go install github.com/klauspost/asmfmt/cmd/asmfmt
         - diff <(asmfmt -d .) <(printf "")
-    - stage: i386
-      go: 1.15.x
-      os: linux
-      arch: amd64
-      script:
         - GOOS=linux GOARCH=386 go test .
-    - stage: buildotherprev
+        - ./test-architectures.sh
+    - stage: other
       go: 1.15.x
       os: linux
       arch: amd64
       script:
         - ./test-architectures.sh
-    - stage: buildother
+
+deploy:
+  - provider: script
+    skip_cleanup: true
+    script: curl -sL https://git.io/goreleaser | VERSION=v0.157.0 bash || true
+    on:
+      tags: true
+      condition: ($TRAVIS_OS_NAME = linux) && ($TRAVIS_CPU_ARCH = amd64)
       go: 1.16.x
-      os: linux
-      arch: amd64
-      script:
-        - ./test-architectures.sh
+branches:
+  only:
+    - master
+    - /^v\d+\.\d+(\.\d+)?(-\S*)?$/
diff --git a/vendor/github.com/klauspost/cpuid/v2/cpuid.go b/vendor/github.com/klauspost/cpuid/v2/cpuid.go
index e298a9edd7..43e9cc173f 100644
--- a/vendor/github.com/klauspost/cpuid/v2/cpuid.go
+++ b/vendor/github.com/klauspost/cpuid/v2/cpuid.go
@@ -15,6 +15,7 @@ import (
 	"fmt"
 	"math"
 	"os"
+	"runtime"
 	"strings"
 )
 
@@ -209,6 +210,7 @@ var cpuid func(op uint32) (eax, ebx, ecx, edx uint32)
 var cpuidex func(op, op2 uint32) (eax, ebx, ecx, edx uint32)
 var xgetbv func(index uint32) (eax, edx uint32)
 var rdtscpAsm func() (eax, ebx, ecx, edx uint32)
+var darwinHasAVX512 = func() bool { return false }
 
 // CPU contains information about the CPU as detected on startup,
 // or when Detect last was called.
@@ -922,7 +924,11 @@ func support() flagSet {
 			// Verify that XCR0[7:5] = ‘111b’ (OPMASK state, upper 256-bit of ZMM0-ZMM15 and
 			// ZMM16-ZMM31 state are enabled by OS)
 			/// and that XCR0[2:1] = ‘11b’ (XMM state and YMM state are enabled by OS).
-			if (eax>>5)&7 == 7 && (eax>>1)&3 == 3 {
+			hasAVX512 := (eax>>5)&7 == 7 && (eax>>1)&3 == 3
+			if runtime.GOOS == "darwin" {
+				hasAVX512 = fs.inSet(AVX) && darwinHasAVX512()
+			}
+			if hasAVX512 {
 				fs.setIf(ebx&(1<<16) != 0, AVX512F)
 				fs.setIf(ebx&(1<<17) != 0, AVX512DQ)
 				fs.setIf(ebx&(1<<21) != 0, AVX512IFMA)
diff --git a/vendor/github.com/klauspost/cpuid/v2/cpuid_386.s b/vendor/github.com/klauspost/cpuid/v2/cpuid_386.s
index 089638f51a..8587c3a1fc 100644
--- a/vendor/github.com/klauspost/cpuid/v2/cpuid_386.s
+++ b/vendor/github.com/klauspost/cpuid/v2/cpuid_386.s
@@ -40,3 +40,8 @@ TEXT ·asmRdtscpAsm(SB), 7, $0
 	MOVL CX, ecx+8(FP)
 	MOVL DX, edx+12(FP)
 	RET
+
+// func asmDarwinHasAVX512() bool
+TEXT ·asmDarwinHasAVX512(SB), 7, $0
+	MOVL $0, eax+0(FP)
+	RET
diff --git a/vendor/github.com/klauspost/cpuid/v2/cpuid_amd64.s b/vendor/github.com/klauspost/cpuid/v2/cpuid_amd64.s
index 3ba0559e93..bc11f89421 100644
--- a/vendor/github.com/klauspost/cpuid/v2/cpuid_amd64.s
+++ b/vendor/github.com/klauspost/cpuid/v2/cpuid_amd64.s
@@ -40,3 +40,33 @@ TEXT ·asmRdtscpAsm(SB), 7, $0
 	MOVL CX, ecx+8(FP)
 	MOVL DX, edx+12(FP)
 	RET
+
+// From https://go-review.googlesource.com/c/sys/+/285572/
+// func asmDarwinHasAVX512() bool
+TEXT ·asmDarwinHasAVX512(SB), 7, $0-1
+	MOVB $0, ret+0(FP) // default to false
+
+#ifdef GOOS_darwin // return if not darwin
+#ifdef GOARCH_amd64 // return if not amd64
+// These values from:
+// https://github.com/apple/darwin-xnu/blob/xnu-4570.1.46/osfmk/i386/cpu_capabilities.h
+#define commpage64_base_address         0x00007fffffe00000
+#define commpage64_cpu_capabilities64   (commpage64_base_address+0x010)
+#define commpage64_version              (commpage64_base_address+0x01E)
+#define hasAVX512F                      0x0000004000000000
+	MOVQ $commpage64_version, BX
+	MOVW (BX), AX
+	CMPW AX, $13                            // versions < 13 do not support AVX512
+	JL   no_avx512
+	MOVQ $commpage64_cpu_capabilities64, BX
+	MOVQ (BX), AX
+	MOVQ $hasAVX512F, CX
+	ANDQ CX, AX
+	JZ   no_avx512
+	MOVB $1, ret+0(FP)
+
+no_avx512:
+#endif
+#endif
+	RET
+
diff --git a/vendor/github.com/klauspost/cpuid/v2/detect_x86.go b/vendor/github.com/klauspost/cpuid/v2/detect_x86.go
index 381940ebdf..93bc20f4fe 100644
--- a/vendor/github.com/klauspost/cpuid/v2/detect_x86.go
+++ b/vendor/github.com/klauspost/cpuid/v2/detect_x86.go
@@ -8,12 +8,14 @@ func asmCpuid(op uint32) (eax, ebx, ecx, edx uint32)
 func asmCpuidex(op, op2 uint32) (eax, ebx, ecx, edx uint32)
 func asmXgetbv(index uint32) (eax, edx uint32)
 func asmRdtscpAsm() (eax, ebx, ecx, edx uint32)
+func asmDarwinHasAVX512() bool
 
 func initCPU() {
 	cpuid = asmCpuid
 	cpuidex = asmCpuidex
 	xgetbv = asmXgetbv
 	rdtscpAsm = asmRdtscpAsm
+	darwinHasAVX512 = asmDarwinHasAVX512
 }
 
 func addInfo(c *CPUInfo, safe bool) {
diff --git a/vendor/github.com/klauspost/cpuid/v2/os_darwin_arm64.go b/vendor/github.com/klauspost/cpuid/v2/os_darwin_arm64.go
index 82d272fab3..8d2cb0368b 100644
--- a/vendor/github.com/klauspost/cpuid/v2/os_darwin_arm64.go
+++ b/vendor/github.com/klauspost/cpuid/v2/os_darwin_arm64.go
@@ -11,5 +11,9 @@ func detectOS(c *CPUInfo) bool {
 	// to all Go programs running on darwin/arm64.
 	// TODO: Add more if we know them.
 	c.featureSet.setIf(runtime.GOOS != "ios", AESARM, PMULL, SHA1, SHA2)
+	c.PhysicalCores = runtime.NumCPU()
+	// For now assuming 1 thread per core...
+	c.ThreadsPerCore = 1
+	c.LogicalCores = c.PhysicalCores
 	return true
 }
diff --git a/vendor/github.com/klauspost/cpuid/v2/os_linux_arm64.go b/vendor/github.com/klauspost/cpuid/v2/os_linux_arm64.go
index a01afad81c..ee278b9e4b 100644
--- a/vendor/github.com/klauspost/cpuid/v2/os_linux_arm64.go
+++ b/vendor/github.com/klauspost/cpuid/v2/os_linux_arm64.go
@@ -11,7 +11,6 @@ import (
 	"encoding/binary"
 	"io/ioutil"
 	"runtime"
-	"unsafe"
 )
 
 // HWCAP bits.
@@ -42,12 +41,9 @@ const (
 	hwcap_ASIMDFHM = 1 << 23
 )
 
-//go:linkname hwcap internal/cpu.HWCap
-var hwcap uint
-
 func detectOS(c *CPUInfo) bool {
 	// For now assuming no hyperthreading is reasonable.
-	c.LogicalCores = int(getproccount())
+	c.LogicalCores = runtime.NumCPU()
 	c.PhysicalCores = c.LogicalCores
 	c.ThreadsPerCore = 1
 	if hwcap == 0 {
@@ -132,30 +128,3 @@ func detectOS(c *CPUInfo) bool {
 func isSet(hwc uint, value uint) bool {
 	return hwc&value != 0
 }
-
-//go:noescape
-//go:linkname sched_getaffinity runtime.sched_getaffinity
-func sched_getaffinity(pid, len uintptr, buf *byte) int32
-
-func getproccount() int32 {
-	// This buffer is huge (8 kB) but we are on the system stack
-	// and there should be plenty of space (64 kB).
-	// Also this is a leaf, so we're not holding up the memory for long.
-	const maxCPUs = 64 * 1024
-	var buf [maxCPUs / 8]byte
-	r := sched_getaffinity(0, unsafe.Sizeof(buf), &buf[0])
-	if r < 0 {
-		return 0
-	}
-	n := int32(0)
-	for _, v := range buf[:r] {
-		for v != 0 {
-			n += int32(v & 1)
-			v >>= 1
-		}
-	}
-	if n == 0 {
-		n = 1
-	}
-	return n
-}
diff --git a/vendor/github.com/klauspost/cpuid/v2/os_other_arm64.go b/vendor/github.com/klauspost/cpuid/v2/os_other_arm64.go
index df0ad06b38..1a951e6ca0 100644
--- a/vendor/github.com/klauspost/cpuid/v2/os_other_arm64.go
+++ b/vendor/github.com/klauspost/cpuid/v2/os_other_arm64.go
@@ -6,6 +6,12 @@
 
 package cpuid
 
+import "runtime"
+
 func detectOS(c *CPUInfo) bool {
+	c.PhysicalCores = runtime.NumCPU()
+	// For now assuming 1 thread per core...
+	c.ThreadsPerCore = 1
+	c.LogicalCores = c.PhysicalCores
 	return false
 }
diff --git a/vendor/github.com/klauspost/cpuid/v2/os_safe_linux_arm64.go b/vendor/github.com/klauspost/cpuid/v2/os_safe_linux_arm64.go
new file mode 100644
index 0000000000..4d0b8b465b
--- /dev/null
+++ b/vendor/github.com/klauspost/cpuid/v2/os_safe_linux_arm64.go
@@ -0,0 +1,7 @@
+// Copyright (c) 2021 Klaus Post, released under MIT License. See LICENSE file.
+
+//+build nounsafe
+
+package cpuid
+
+var hwcap uint
diff --git a/vendor/github.com/klauspost/cpuid/v2/os_unsafe_linux_arm64.go b/vendor/github.com/klauspost/cpuid/v2/os_unsafe_linux_arm64.go
new file mode 100644
index 0000000000..329800286e
--- /dev/null
+++ b/vendor/github.com/klauspost/cpuid/v2/os_unsafe_linux_arm64.go
@@ -0,0 +1,10 @@
+// Copyright (c) 2021 Klaus Post, released under MIT License. See LICENSE file.
+
+//+build !nounsafe
+
+package cpuid
+
+import _ "unsafe" // needed for go:linkname
+
+//go:linkname hwcap internal/cpu.HWCap
+var hwcap uint
diff --git a/vendor/github.com/klauspost/cpuid/v2/test-architectures.sh b/vendor/github.com/klauspost/cpuid/v2/test-architectures.sh
index 50150eaabe..471d986d24 100644
--- a/vendor/github.com/klauspost/cpuid/v2/test-architectures.sh
+++ b/vendor/github.com/klauspost/cpuid/v2/test-architectures.sh
@@ -5,11 +5,11 @@ set -e
 go tool dist list | while IFS=/ read os arch; do
     echo "Checking $os/$arch..."
     echo " normal"
-    GOARCH=$arch GOOS=$os go build -o /dev/null ./...
+    GOARCH=$arch GOOS=$os go build -o /dev/null .
     echo " noasm"
-    GOARCH=$arch GOOS=$os go build -tags noasm -o /dev/null ./...
+    GOARCH=$arch GOOS=$os go build -tags noasm -o /dev/null .
     echo " appengine"
-    GOARCH=$arch GOOS=$os go build -tags appengine -o /dev/null ./...
+    GOARCH=$arch GOOS=$os go build -tags appengine -o /dev/null .
     echo " noasm,appengine"
-    GOARCH=$arch GOOS=$os go build -tags 'appengine noasm' -o /dev/null ./...
+    GOARCH=$arch GOOS=$os go build -tags 'appengine noasm' -o /dev/null .
 done
diff --git a/vendor/github.com/lib/pq/.travis.sh b/vendor/github.com/lib/pq/.travis.sh
index ebf447030b..15607b50d3 100644
--- a/vendor/github.com/lib/pq/.travis.sh
+++ b/vendor/github.com/lib/pq/.travis.sh
@@ -1,17 +1,15 @@
 #!/bin/bash
 
-set -eu
+set -eux
 
 client_configure() {
 	sudo chmod 600 $PQSSLCERTTEST_PATH/postgresql.key
 }
 
 pgdg_repository() {
-	local sourcelist='sources.list.d/postgresql.list'
-
 	curl -sS 'https://www.postgresql.org/media/keys/ACCC4CF8.asc' | sudo apt-key add -
-	echo deb http://apt.postgresql.org/pub/repos/apt/ $(lsb_release -cs)-pgdg main $PGVERSION | sudo tee "/etc/apt/$sourcelist"
-	sudo apt-get -o Dir::Etc::sourcelist="$sourcelist" -o Dir::Etc::sourceparts='-' -o APT::Get::List-Cleanup='0' update
+ 	echo "deb http://apt.postgresql.org/pub/repos/apt/ `lsb_release -cs`-pgdg main" | sudo tee /etc/apt/sources.list.d/pgdg.list
+	sudo apt-get update
 }
 
 postgresql_configure() {
@@ -51,10 +49,10 @@ postgresql_configure() {
 }
 
 postgresql_install() {
-	xargs sudo apt-get -y -o Dpkg::Options::='--force-confdef' -o Dpkg::Options::='--force-confnew' install <<-packages
+	xargs sudo apt-get -y install <<-packages
 		postgresql-$PGVERSION
+		postgresql-client-$PGVERSION
 		postgresql-server-dev-$PGVERSION
-		postgresql-contrib-$PGVERSION
 	packages
 }
 
diff --git a/vendor/github.com/lib/pq/.travis.yml b/vendor/github.com/lib/pq/.travis.yml
index f378207f20..283f35f234 100644
--- a/vendor/github.com/lib/pq/.travis.yml
+++ b/vendor/github.com/lib/pq/.travis.yml
@@ -3,7 +3,7 @@ language: go
 go:
   - 1.14.x
   - 1.15.x
-  - master
+  - 1.16.x
 
 sudo: true
 
diff --git a/vendor/github.com/lib/pq/encode.go b/vendor/github.com/lib/pq/encode.go
index c4dafe2705..51c143ee4c 100644
--- a/vendor/github.com/lib/pq/encode.go
+++ b/vendor/github.com/lib/pq/encode.go
@@ -200,11 +200,17 @@ func appendEscapedText(buf []byte, text string) []byte {
 func mustParse(f string, typ oid.Oid, s []byte) time.Time {
 	str := string(s)
 
-	// check for a 30-minute-offset timezone
-	if (typ == oid.T_timestamptz || typ == oid.T_timetz) &&
-		str[len(str)-3] == ':' {
-		f += ":00"
+	// Check for a minute and second offset in the timezone.
+	if typ == oid.T_timestamptz || typ == oid.T_timetz {
+		for i := 3; i <= 6; i += 3 {
+			if str[len(str)-i] == ':' {
+				f += ":00"
+				continue
+			}
+			break
+		}
 	}
+
 	// Special case for 24:00 time.
 	// Unfortunately, golang does not parse 24:00 as a proper time.
 	// In this case, we want to try "round to the next day", to differentiate.
diff --git a/vendor/github.com/lib/pq/user_other.go b/vendor/github.com/lib/pq/user_other.go
new file mode 100644
index 0000000000..f1c33134da
--- /dev/null
+++ b/vendor/github.com/lib/pq/user_other.go
@@ -0,0 +1,9 @@
+// Package pq is a pure Go Postgres driver for the database/sql package.
+
+// +build js android hurd illumos zos
+
+package pq
+
+func userCurrent() (string, error) {
+	return "", ErrCouldNotDetectUsername
+}
diff --git a/vendor/github.com/libdns/libdns/libdns.go b/vendor/github.com/libdns/libdns/libdns.go
index 5544e27667..9a2bbcbcc2 100644
--- a/vendor/github.com/libdns/libdns/libdns.go
+++ b/vendor/github.com/libdns/libdns/libdns.go
@@ -99,6 +99,9 @@ type Record struct {
 	Name  string // partially-qualified (relative to zone)
 	Value string
 	TTL   time.Duration
+
+	// type-dependent record fields
+	Priority int // used by MX, SRV, and URI records
 }
 
 // RelativeName makes fqdn relative to zone. For example, for a FQDN of
diff --git a/vendor/github.com/mattn/go-isatty/isatty_others.go b/vendor/github.com/mattn/go-isatty/isatty_others.go
index ff714a3761..3eba4cb34a 100644
--- a/vendor/github.com/mattn/go-isatty/isatty_others.go
+++ b/vendor/github.com/mattn/go-isatty/isatty_others.go
@@ -1,4 +1,4 @@
-// +build appengine js nacl
+// +build appengine js nacl wasm
 
 package isatty
 
diff --git a/vendor/github.com/mattn/go-isatty/isatty_solaris.go b/vendor/github.com/mattn/go-isatty/isatty_solaris.go
index bdd5c79a07..3010670783 100644
--- a/vendor/github.com/mattn/go-isatty/isatty_solaris.go
+++ b/vendor/github.com/mattn/go-isatty/isatty_solaris.go
@@ -8,10 +8,9 @@ import (
 )
 
 // IsTerminal returns true if the given file descriptor is a terminal.
-// see: http://src.illumos.org/source/xref/illumos-gate/usr/src/lib/libbc/libc/gen/common/isatty.c
+// see: https://src.illumos.org/source/xref/illumos-gate/usr/src/lib/libc/port/gen/isatty.c
 func IsTerminal(fd uintptr) bool {
-	var termio unix.Termio
-	err := unix.IoctlSetTermio(int(fd), unix.TCGETA, &termio)
+	_, err := unix.IoctlGetTermio(int(fd), unix.TCGETA)
 	return err == nil
 }
 
diff --git a/vendor/github.com/mattn/go-isatty/isatty_tcgets.go b/vendor/github.com/mattn/go-isatty/isatty_tcgets.go
index 31a1ca973c..4e7b850ecf 100644
--- a/vendor/github.com/mattn/go-isatty/isatty_tcgets.go
+++ b/vendor/github.com/mattn/go-isatty/isatty_tcgets.go
@@ -1,4 +1,4 @@
-// +build linux aix
+// +build linux aix zos
 // +build !appengine
 
 package isatty
diff --git a/vendor/github.com/mattn/go-isatty/renovate.json b/vendor/github.com/mattn/go-isatty/renovate.json
deleted file mode 100644
index 5ae9d96b74..0000000000
--- a/vendor/github.com/mattn/go-isatty/renovate.json
+++ /dev/null
@@ -1,8 +0,0 @@
-{
-  "extends": [
-    "config:base"
-  ],
-  "postUpdateOptions": [
-    "gomodTidy"
-  ]
-}
diff --git a/vendor/github.com/mattn/go-runewidth/go.mod b/vendor/github.com/mattn/go-runewidth/go.mod
index 8a9d524ece..62dba1bfc8 100644
--- a/vendor/github.com/mattn/go-runewidth/go.mod
+++ b/vendor/github.com/mattn/go-runewidth/go.mod
@@ -2,4 +2,4 @@ module github.com/mattn/go-runewidth
 
 go 1.9
 
-require github.com/rivo/uniseg v0.1.0
+require github.com/rivo/uniseg v0.2.0
diff --git a/vendor/github.com/mattn/go-runewidth/go.sum b/vendor/github.com/mattn/go-runewidth/go.sum
index 02135660b6..03f902d56d 100644
--- a/vendor/github.com/mattn/go-runewidth/go.sum
+++ b/vendor/github.com/mattn/go-runewidth/go.sum
@@ -1,2 +1,2 @@
-github.com/rivo/uniseg v0.1.0 h1:+2KBaVoUmb9XzDsrx/Ct0W/EYOSFf/nWTauy++DprtY=
-github.com/rivo/uniseg v0.1.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
+github.com/rivo/uniseg v0.2.0 h1:S1pD9weZBuJdFmowNwbpi7BJ8TNftyUImj/0WQi72jY=
+github.com/rivo/uniseg v0.2.0/go.mod h1:J6wj4VEh+S6ZtnVlnTBMWIodfgj8LQOQFoIToxlJtxc=
diff --git a/vendor/github.com/microcosm-cc/bluemonday/go.mod b/vendor/github.com/microcosm-cc/bluemonday/go.mod
index 0ff3d77b03..edbd585f26 100644
--- a/vendor/github.com/microcosm-cc/bluemonday/go.mod
+++ b/vendor/github.com/microcosm-cc/bluemonday/go.mod
@@ -5,5 +5,5 @@ go 1.16
 require (
 	github.com/aymerick/douceur v0.2.0
 	github.com/gorilla/css v1.0.0 // indirect
-	golang.org/x/net v0.0.0-20210331212208-0fccb6fa2b5c
+	golang.org/x/net v0.0.0-20210421230115-4e50805a0758
 )
diff --git a/vendor/github.com/microcosm-cc/bluemonday/go.sum b/vendor/github.com/microcosm-cc/bluemonday/go.sum
index 7955d9eb02..e195d4eafd 100644
--- a/vendor/github.com/microcosm-cc/bluemonday/go.sum
+++ b/vendor/github.com/microcosm-cc/bluemonday/go.sum
@@ -2,10 +2,10 @@ github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuP
 github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
 github.com/gorilla/css v1.0.0 h1:BQqNyPTi50JCFMTw/b67hByjMVXZRwGha6wxVGkeihY=
 github.com/gorilla/css v1.0.0/go.mod h1:Dn721qIggHpt4+EFCcTLTU/vk5ySda2ReITrtgBl60c=
-golang.org/x/net v0.0.0-20210331212208-0fccb6fa2b5c h1:KHUzaHIpjWVlVVNh65G3hhuj3KB1HnjY6Cq5cTvRQT8=
-golang.org/x/net v0.0.0-20210331212208-0fccb6fa2b5c/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
+golang.org/x/net v0.0.0-20210421230115-4e50805a0758 h1:aEpZnXcAmXkd6AvLb2OPt+EN1Zu/8Ne3pCqPjja5PXY=
+golang.org/x/net v0.0.0-20210421230115-4e50805a0758/go.mod h1:72T/g9IO56b78aLF+1Kcs5dz7/ng1VjMUvfKvpfy+jM=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210420072515-93ed5bcd2bfe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
-golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
+golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
diff --git a/vendor/github.com/miekg/dns/Makefile.release b/vendor/github.com/miekg/dns/Makefile.release
index 8fb748e8aa..a0ce9b712d 100644
--- a/vendor/github.com/miekg/dns/Makefile.release
+++ b/vendor/github.com/miekg/dns/Makefile.release
@@ -1,7 +1,7 @@
 # Makefile for releasing.
 #
 # The release is controlled from version.go. The version found there is
-# used to tag the git repo, we're not building any artifects so there is nothing
+# used to tag the git repo, we're not building any artifacts so there is nothing
 # to upload to github.
 #
 # * Up the version in version.go
diff --git a/vendor/github.com/miekg/dns/README.md b/vendor/github.com/miekg/dns/README.md
index 3594492b7c..d5b78ef41b 100644
--- a/vendor/github.com/miekg/dns/README.md
+++ b/vendor/github.com/miekg/dns/README.md
@@ -171,6 +171,7 @@ Example programs can be found in the `github.com/miekg/exdns` repository.
 * 8080 - EdDSA for DNSSEC
 * 8499 - DNS Terminology
 * 8659 - DNS Certification Authority Authorization (CAA) Resource Record
+* 8914 - Extended DNS Errors
 * 8976 - Message Digest for DNS Zones (ZONEMD RR)
 
 ## Loosely Based Upon
diff --git a/vendor/github.com/miekg/dns/client.go b/vendor/github.com/miekg/dns/client.go
index 000dc013cf..f907698b5d 100644
--- a/vendor/github.com/miekg/dns/client.go
+++ b/vendor/github.com/miekg/dns/client.go
@@ -379,7 +379,7 @@ func Dial(network, address string) (conn *Conn, err error) {
 func ExchangeContext(ctx context.Context, m *Msg, a string) (r *Msg, err error) {
 	client := Client{Net: "udp"}
 	r, _, err = client.ExchangeContext(ctx, m, a)
-	// ignorint rtt to leave the original ExchangeContext API unchanged, but
+	// ignoring rtt to leave the original ExchangeContext API unchanged, but
 	// this function will go away
 	return r, err
 }
diff --git a/vendor/github.com/miekg/dns/defaults.go b/vendor/github.com/miekg/dns/defaults.go
index d874e3008c..d47b0b1f2b 100644
--- a/vendor/github.com/miekg/dns/defaults.go
+++ b/vendor/github.com/miekg/dns/defaults.go
@@ -349,10 +349,7 @@ func ReverseAddr(addr string) (arpa string, err error) {
 	// Add it, in reverse, to the buffer
 	for i := len(ip) - 1; i >= 0; i-- {
 		v := ip[i]
-		buf = append(buf, hexDigit[v&0xF])
-		buf = append(buf, '.')
-		buf = append(buf, hexDigit[v>>4])
-		buf = append(buf, '.')
+		buf = append(buf, hexDigit[v&0xF], '.', hexDigit[v>>4], '.')
 	}
 	// Append "ip6.arpa." and return (buf already has the final .)
 	buf = append(buf, "ip6.arpa."...)
diff --git a/vendor/github.com/miekg/dns/dnssec.go b/vendor/github.com/miekg/dns/dnssec.go
index 900f6e059d..7880d7a826 100644
--- a/vendor/github.com/miekg/dns/dnssec.go
+++ b/vendor/github.com/miekg/dns/dnssec.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"crypto"
 	"crypto/ecdsa"
+	"crypto/ed25519"
 	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/rsa"
@@ -17,8 +18,6 @@ import (
 	"sort"
 	"strings"
 	"time"
-
-	"golang.org/x/crypto/ed25519"
 )
 
 // DNSSEC encryption algorithm codes.
@@ -373,6 +372,8 @@ func sign(k crypto.Signer, hashed []byte, hash crypto.Hash, alg uint8) ([]byte,
 // Verify validates an RRSet with the signature and key. This is only the
 // cryptographic test, the signature validity period must be checked separately.
 // This function copies the rdata of some RRs (to lowercase domain names) for the validation to work.
+// It also checks that the Zone Key bit (RFC 4034 2.1.1) is set on the DNSKEY
+// and that the Protocol field is set to 3 (RFC 4034 2.1.2).
 func (rr *RRSIG) Verify(k *DNSKEY, rrset []RR) error {
 	// First the easy checks
 	if !IsRRset(rrset) {
@@ -393,6 +394,12 @@ func (rr *RRSIG) Verify(k *DNSKEY, rrset []RR) error {
 	if k.Protocol != 3 {
 		return ErrKey
 	}
+	// RFC 4034 2.1.1 If bit 7 has value 0, then the DNSKEY record holds some
+	// other type of DNS public key and MUST NOT be used to verify RRSIGs that
+	// cover RRsets.
+	if k.Flags&ZONE == 0 {
+		return ErrKey
+	}
 
 	// IsRRset checked that we have at least one RR and that the RRs in
 	// the set have consistent type, class, and name. Also check that type and
@@ -500,7 +507,7 @@ func (rr *RRSIG) ValidityPeriod(t time.Time) bool {
 	return ti <= utc && utc <= te
 }
 
-// Return the signatures base64 encodedig sigdata as a byte slice.
+// Return the signatures base64 encoding sigdata as a byte slice.
 func (rr *RRSIG) sigBuf() []byte {
 	sigbuf, err := fromBase64([]byte(rr.Signature))
 	if err != nil {
diff --git a/vendor/github.com/miekg/dns/dnssec_keygen.go b/vendor/github.com/miekg/dns/dnssec_keygen.go
index 2ab7b6d73b..b8124b5618 100644
--- a/vendor/github.com/miekg/dns/dnssec_keygen.go
+++ b/vendor/github.com/miekg/dns/dnssec_keygen.go
@@ -3,12 +3,11 @@ package dns
 import (
 	"crypto"
 	"crypto/ecdsa"
+	"crypto/ed25519"
 	"crypto/elliptic"
 	"crypto/rand"
 	"crypto/rsa"
 	"math/big"
-
-	"golang.org/x/crypto/ed25519"
 )
 
 // Generate generates a DNSKEY of the given bit size.
diff --git a/vendor/github.com/miekg/dns/dnssec_keyscan.go b/vendor/github.com/miekg/dns/dnssec_keyscan.go
index 6cbc28483f..f79658169f 100644
--- a/vendor/github.com/miekg/dns/dnssec_keyscan.go
+++ b/vendor/github.com/miekg/dns/dnssec_keyscan.go
@@ -4,13 +4,12 @@ import (
 	"bufio"
 	"crypto"
 	"crypto/ecdsa"
+	"crypto/ed25519"
 	"crypto/rsa"
 	"io"
 	"math/big"
 	"strconv"
 	"strings"
-
-	"golang.org/x/crypto/ed25519"
 )
 
 // NewPrivateKey returns a PrivateKey by parsing the string s.
diff --git a/vendor/github.com/miekg/dns/dnssec_privkey.go b/vendor/github.com/miekg/dns/dnssec_privkey.go
index 072e445dad..f160772964 100644
--- a/vendor/github.com/miekg/dns/dnssec_privkey.go
+++ b/vendor/github.com/miekg/dns/dnssec_privkey.go
@@ -3,11 +3,10 @@ package dns
 import (
 	"crypto"
 	"crypto/ecdsa"
+	"crypto/ed25519"
 	"crypto/rsa"
 	"math/big"
 	"strconv"
-
-	"golang.org/x/crypto/ed25519"
 )
 
 const format = "Private-key-format: v1.3\n"
diff --git a/vendor/github.com/miekg/dns/doc.go b/vendor/github.com/miekg/dns/doc.go
index f7629ec3ff..5c83f82e49 100644
--- a/vendor/github.com/miekg/dns/doc.go
+++ b/vendor/github.com/miekg/dns/doc.go
@@ -159,7 +159,7 @@ shows the options you have and what functions to call.
 TRANSACTION SIGNATURE
 
 An TSIG or transaction signature adds a HMAC TSIG record to each message sent.
-The supported algorithms include: HmacMD5, HmacSHA1, HmacSHA256 and HmacSHA512.
+The supported algorithms include: HmacSHA1, HmacSHA256 and HmacSHA512.
 
 Basic use pattern when querying with a TSIG name "axfr." (note that these key names
 must be fully qualified - as they are domain names) and the base64 secret
@@ -174,7 +174,7 @@ changes to the RRset after calling SetTsig() the signature will be incorrect.
 	c.TsigSecret = map[string]string{"axfr.": "so6ZGir4GPAqINNh9U5c3A=="}
 	m := new(dns.Msg)
 	m.SetQuestion("miek.nl.", dns.TypeMX)
-	m.SetTsig("axfr.", dns.HmacMD5, 300, time.Now().Unix())
+	m.SetTsig("axfr.", dns.HmacSHA256, 300, time.Now().Unix())
 	...
 	// When sending the TSIG RR is calculated and filled in before sending
 
@@ -187,7 +187,7 @@ request an AXFR for miek.nl. with TSIG key named "axfr." and secret
 	m := new(dns.Msg)
 	t.TsigSecret = map[string]string{"axfr.": "so6ZGir4GPAqINNh9U5c3A=="}
 	m.SetAxfr("miek.nl.")
-	m.SetTsig("axfr.", dns.HmacMD5, 300, time.Now().Unix())
+	m.SetTsig("axfr.", dns.HmacSHA256, 300, time.Now().Unix())
 	c, err := t.In(m, "176.58.119.54:53")
 	for r := range c { ... }
 
@@ -214,7 +214,7 @@ client must be configured with an implementation of the TsigProvider interface:
 	c.TsigProvider = new(Provider)
 	m := new(dns.Msg)
 	m.SetQuestion("miek.nl.", dns.TypeMX)
-	m.SetTsig(keyname, dns.HmacSHA1, 300, time.Now().Unix())
+	m.SetTsig(keyname, dns.HmacSHA256, 300, time.Now().Unix())
 	...
 	// TSIG RR is calculated by calling your Generate method
 
@@ -231,7 +231,7 @@ Basic use pattern validating and replying to a message that has TSIG set.
 		if r.IsTsig() != nil {
 			if w.TsigStatus() == nil {
 				// *Msg r has an TSIG record and it was validated
-				m.SetTsig("axfr.", dns.HmacMD5, 300, time.Now().Unix())
+				m.SetTsig("axfr.", dns.HmacSHA256, 300, time.Now().Unix())
 			} else {
 				// *Msg r has an TSIG records and it was not validated
 			}
diff --git a/vendor/github.com/miekg/dns/edns.go b/vendor/github.com/miekg/dns/edns.go
index f3fb1c6849..844cf92b8c 100644
--- a/vendor/github.com/miekg/dns/edns.go
+++ b/vendor/github.com/miekg/dns/edns.go
@@ -22,6 +22,7 @@ const (
 	EDNS0COOKIE       = 0xa     // EDNS0 Cookie
 	EDNS0TCPKEEPALIVE = 0xb     // EDNS0 tcp keep alive (See RFC 7828)
 	EDNS0PADDING      = 0xc     // EDNS0 padding (See RFC 7830)
+	EDNS0EDE          = 0xf     // EDNS0 extended DNS errors (See RFC 8914)
 	EDNS0LOCALSTART   = 0xFDE9  // Beginning of range reserved for local/experimental use (See RFC 6891)
 	EDNS0LOCALEND     = 0xFFFE  // End of range reserved for local/experimental use (See RFC 6891)
 	_DO               = 1 << 15 // DNSSEC OK
@@ -73,6 +74,8 @@ func (rr *OPT) String() string {
 			s += "\n; LOCAL OPT: " + o.String()
 		case *EDNS0_PADDING:
 			s += "\n; PADDING: " + o.String()
+		case *EDNS0_EDE:
+			s += "\n; EDE: " + o.String()
 		}
 	}
 	return s
@@ -148,6 +151,16 @@ func (rr *OPT) SetDo(do ...bool) {
 	}
 }
 
+// Z returns the Z part of the OPT RR as a uint16 with only the 15 least significant bits used.
+func (rr *OPT) Z() uint16 {
+	return uint16(rr.Hdr.Ttl & 0x7FFF)
+}
+
+// SetZ sets the Z part of the OPT RR, note only the 15 least significant bits of z are used.
+func (rr *OPT) SetZ(z uint16) {
+	rr.Hdr.Ttl = rr.Hdr.Ttl&^0x7FFF | uint32(z&0x7FFF)
+}
+
 // EDNS0 defines an EDNS0 Option. An OPT RR can have multiple options appended to it.
 type EDNS0 interface {
 	// Option returns the option code for the option.
@@ -525,7 +538,7 @@ func (e *EDNS0_N3U) String() string {
 }
 func (e *EDNS0_N3U) copy() EDNS0 { return &EDNS0_N3U{e.Code, e.AlgCode} }
 
-// EDNS0_EXPIRE implementes the EDNS0 option as described in RFC 7314.
+// EDNS0_EXPIRE implements the EDNS0 option as described in RFC 7314.
 type EDNS0_EXPIRE struct {
 	Code   uint16 // Always EDNS0EXPIRE
 	Expire uint32
@@ -673,3 +686,101 @@ func (e *EDNS0_PADDING) copy() EDNS0 {
 	copy(b, e.Padding)
 	return &EDNS0_PADDING{b}
 }
+
+// Extended DNS Error Codes (RFC 8914).
+const (
+	ExtendedErrorCodeOther uint16 = iota
+	ExtendedErrorCodeUnsupportedDNSKEYAlgorithm
+	ExtendedErrorCodeUnsupportedDSDigestType
+	ExtendedErrorCodeStaleAnswer
+	ExtendedErrorCodeForgedAnswer
+	ExtendedErrorCodeDNSSECIndeterminate
+	ExtendedErrorCodeDNSBogus
+	ExtendedErrorCodeSignatureExpired
+	ExtendedErrorCodeSignatureNotYetValid
+	ExtendedErrorCodeDNSKEYMissing
+	ExtendedErrorCodeRRSIGsMissing
+	ExtendedErrorCodeNoZoneKeyBitSet
+	ExtendedErrorCodeNSECMissing
+	ExtendedErrorCodeCachedError
+	ExtendedErrorCodeNotReady
+	ExtendedErrorCodeBlocked
+	ExtendedErrorCodeCensored
+	ExtendedErrorCodeFiltered
+	ExtendedErrorCodeProhibited
+	ExtendedErrorCodeStaleNXDOMAINAnswer
+	ExtendedErrorCodeNotAuthoritative
+	ExtendedErrorCodeNotSupported
+	ExtendedErrorCodeNoReachableAuthority
+	ExtendedErrorCodeNetworkError
+	ExtendedErrorCodeInvalidData
+)
+
+// ExtendedErrorCodeToString maps extended error info codes to a human readable
+// description.
+var ExtendedErrorCodeToString = map[uint16]string{
+	ExtendedErrorCodeOther:                      "Other",
+	ExtendedErrorCodeUnsupportedDNSKEYAlgorithm: "Unsupported DNSKEY Algorithm",
+	ExtendedErrorCodeUnsupportedDSDigestType:    "Unsupported DS Digest Type",
+	ExtendedErrorCodeStaleAnswer:                "Stale Answer",
+	ExtendedErrorCodeForgedAnswer:               "Forged Answer",
+	ExtendedErrorCodeDNSSECIndeterminate:        "DNSSEC Indeterminate",
+	ExtendedErrorCodeDNSBogus:                   "DNSSEC Bogus",
+	ExtendedErrorCodeSignatureExpired:           "Signature Expired",
+	ExtendedErrorCodeSignatureNotYetValid:       "Signature Not Yet Valid",
+	ExtendedErrorCodeDNSKEYMissing:              "DNSKEY Missing",
+	ExtendedErrorCodeRRSIGsMissing:              "RRSIGs Missing",
+	ExtendedErrorCodeNoZoneKeyBitSet:            "No Zone Key Bit Set",
+	ExtendedErrorCodeNSECMissing:                "NSEC Missing",
+	ExtendedErrorCodeCachedError:                "Cached Error",
+	ExtendedErrorCodeNotReady:                   "Not Ready",
+	ExtendedErrorCodeBlocked:                    "Blocked",
+	ExtendedErrorCodeCensored:                   "Censored",
+	ExtendedErrorCodeFiltered:                   "Filtered",
+	ExtendedErrorCodeProhibited:                 "Prohibited",
+	ExtendedErrorCodeStaleNXDOMAINAnswer:        "Stale NXDOMAIN Answer",
+	ExtendedErrorCodeNotAuthoritative:           "Not Authoritative",
+	ExtendedErrorCodeNotSupported:               "Not Supported",
+	ExtendedErrorCodeNoReachableAuthority:       "No Reachable Authority",
+	ExtendedErrorCodeNetworkError:               "Network Error",
+	ExtendedErrorCodeInvalidData:                "Invalid Data",
+}
+
+// StringToExtendedErrorCode is a map from human readable descriptions to
+// extended error info codes.
+var StringToExtendedErrorCode = reverseInt16(ExtendedErrorCodeToString)
+
+// EDNS0_EDE option is used to return additional information about the cause of
+// DNS errors.
+type EDNS0_EDE struct {
+	InfoCode  uint16
+	ExtraText string
+}
+
+// Option implements the EDNS0 interface.
+func (e *EDNS0_EDE) Option() uint16 { return EDNS0EDE }
+func (e *EDNS0_EDE) copy() EDNS0    { return &EDNS0_EDE{e.InfoCode, e.ExtraText} }
+
+func (e *EDNS0_EDE) String() string {
+	info := strconv.FormatUint(uint64(e.InfoCode), 10)
+	if s, ok := ExtendedErrorCodeToString[e.InfoCode]; ok {
+		info += fmt.Sprintf(" (%s)", s)
+	}
+	return fmt.Sprintf("%s: (%s)", info, e.ExtraText)
+}
+
+func (e *EDNS0_EDE) pack() ([]byte, error) {
+	b := make([]byte, 2+len(e.ExtraText))
+	binary.BigEndian.PutUint16(b[0:], e.InfoCode)
+	copy(b[2:], []byte(e.ExtraText))
+	return b, nil
+}
+
+func (e *EDNS0_EDE) unpack(b []byte) error {
+	if len(b) < 2 {
+		return ErrBuf
+	}
+	e.InfoCode = binary.BigEndian.Uint16(b[0:])
+	e.ExtraText = string(b[2:])
+	return nil
+}
diff --git a/vendor/github.com/miekg/dns/go.mod b/vendor/github.com/miekg/dns/go.mod
index 6003d0573c..aff65114de 100644
--- a/vendor/github.com/miekg/dns/go.mod
+++ b/vendor/github.com/miekg/dns/go.mod
@@ -1,11 +1,9 @@
 module github.com/miekg/dns
 
-go 1.12
+go 1.14
 
 require (
-	golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550
-	golang.org/x/net v0.0.0-20190923162816-aa69164e4478
-	golang.org/x/sync v0.0.0-20190423024810-112230192c58
-	golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe
-	golang.org/x/tools v0.0.0-20191216052735-49a3e744a425 // indirect
+	golang.org/x/net v0.0.0-20210226172049-e18ecbb05110
+	golang.org/x/sync v0.0.0-20210220032951-036812b2e83c
+	golang.org/x/sys v0.0.0-20210303074136-134d130e1a04
 )
diff --git a/vendor/github.com/miekg/dns/go.sum b/vendor/github.com/miekg/dns/go.sum
index 96bda3a941..3359ebea4e 100644
--- a/vendor/github.com/miekg/dns/go.sum
+++ b/vendor/github.com/miekg/dns/go.sum
@@ -1,39 +1,10 @@
-golang.org/x/crypto v0.0.0-20181001203147-e3636079e1a4 h1:Vk3wNqEZwyGyei9yq5ekj7frek2u7HUfffJ1/opblzc=
-golang.org/x/crypto v0.0.0-20181001203147-e3636079e1a4/go.mod h1:6SG95UA2DQfeDnfUPMdvaQW0Q7yPrPDi9nlGo2tz2b4=
-golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
-golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472 h1:Gv7RPwsi3eZ2Fgewe3CBsuOebPwO27PoXzRpJPsvSSM=
-golang.org/x/crypto v0.0.0-20190829043050-9756ffdc2472/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392 h1:ACG4HJsFiNMf47Y4PeRoebLNy/2lXT9EtprMuTFWt1M=
-golang.org/x/crypto v0.0.0-20190923035154-9ee001bba392/go.mod h1:/lpIB1dKB+9EgE3H3cr1v9wB50oz8l4C4h62xy7jSTY=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550 h1:ObdrDkeb4kJdCP557AjRjq69pTHfNouLtWZG7j9rPN8=
-golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI=
-golang.org/x/mod v0.1.1-0.20191105210325-c90efee705ee/go.mod h1:QqPTAvyqsEbceGzBzNggFXnrqF1CaUcvgkdR5Ot7KZg=
-golang.org/x/net v0.0.0-20180926154720-4dfa2610cdf3 h1:dgd4x4kJt7G4k4m93AYLzM8Ni6h2qLTfh9n9vXJT3/0=
-golang.org/x/net v0.0.0-20180926154720-4dfa2610cdf3/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
-golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297 h1:k7pJ2yAPLPgbskkFdhRCsA77k2fySZ1zf2zCjvQCiIM=
-golang.org/x/net v0.0.0-20190827160401-ba9fcec4b297/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/net v0.0.0-20190923162816-aa69164e4478 h1:l5EDrHhldLYb3ZRHDUhXF7Om7MvYXnkV9/iQNo1lX6g=
-golang.org/x/net v0.0.0-20190923162816-aa69164e4478/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f h1:wMNYb4v58l5UBM7MYRLPG6ZhfOqbKu7X5eyFl8ZhKvA=
-golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58 h1:8gQV6CLnAEikrhgkHFbMAEhagSSnXWGV915qUMm9mrU=
-golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
-golang.org/x/sys v0.0.0-20180928133829-e4b3c5e90611 h1:O33LKL7WyJgjN9CvxfTIomjIClbd/Kq86/iipowHQU0=
-golang.org/x/sys v0.0.0-20180928133829-e4b3c5e90611/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
-golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190904154756-749cb33beabd h1:DBH9mDw0zluJT/R+nGuV3jWFWLFaHyYZWD4tOT+cjn0=
-golang.org/x/sys v0.0.0-20190904154756-749cb33beabd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190922100055-0a153f010e69/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe h1:6fAMxZRR6sl1Uq8U61gxU+kPTs2tR8uOySCbBP7BN/M=
-golang.org/x/sys v0.0.0-20190924154521-2837fb4f24fe/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
-golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
-golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110 h1:qWPm9rbaAMKs8Bq/9LRpbMqxWRVUAQwMI9fVrssnTfw=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c h1:5KslGYwFpkhGh+Q16bwMP3cOontH8FOep7tGV86Y7SQ=
+golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210303074136-134d130e1a04 h1:cEhElsAv9LUt9ZUUocxzWe05oFLVd+AA2nstydTeI8g=
+golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
-golang.org/x/tools v0.0.0-20190907020128-2ca718005c18/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo=
-golang.org/x/tools v0.0.0-20191216052735-49a3e744a425 h1:VvQyQJN0tSuecqgcIxMWnnfG5kSmgy9KZR9sW3W5QeA=
-golang.org/x/tools v0.0.0-20191216052735-49a3e744a425/go.mod h1:TB2adYChydJhpapKDTa4BR/hXlZSLoq2Wpct/0txZ28=
-golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
-golang.org/x/xerrors v0.0.0-20191011141410-1b5146add898/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
diff --git a/vendor/github.com/miekg/dns/labels.go b/vendor/github.com/miekg/dns/labels.go
index df1675dfd2..f9faacfeb4 100644
--- a/vendor/github.com/miekg/dns/labels.go
+++ b/vendor/github.com/miekg/dns/labels.go
@@ -10,7 +10,7 @@ package dns
 // escaped dots (\.) for instance.
 // s must be a syntactically valid domain name, see IsDomainName.
 func SplitDomainName(s string) (labels []string) {
-	if len(s) == 0 {
+	if s == "" {
 		return nil
 	}
 	fqdnEnd := 0 // offset of the final '.' or the length of the name
diff --git a/vendor/github.com/miekg/dns/listen_go_not111.go b/vendor/github.com/miekg/dns/listen_no_reuseport.go
index b9201417ab..b9201417ab 100644
--- a/vendor/github.com/miekg/dns/listen_go_not111.go
+++ b/vendor/github.com/miekg/dns/listen_no_reuseport.go
diff --git a/vendor/github.com/miekg/dns/listen_go111.go b/vendor/github.com/miekg/dns/listen_reuseport.go
index fad195cfeb..fad195cfeb 100644
--- a/vendor/github.com/miekg/dns/listen_go111.go
+++ b/vendor/github.com/miekg/dns/listen_reuseport.go
diff --git a/vendor/github.com/miekg/dns/msg.go b/vendor/github.com/miekg/dns/msg.go
index 1728a98b7d..ead4b6931d 100644
--- a/vendor/github.com/miekg/dns/msg.go
+++ b/vendor/github.com/miekg/dns/msg.go
@@ -742,7 +742,7 @@ func (dns *Msg) packBufferWithCompressionMap(buf []byte, compression compression
 	}
 
 	// Set extended rcode unconditionally if we have an opt, this will allow
-	// reseting the extended rcode bits if they need to.
+	// resetting the extended rcode bits if they need to.
 	if opt := dns.IsEdns0(); opt != nil {
 		opt.SetExtendedRcode(uint16(dns.Rcode))
 	} else if dns.Rcode > 0xF {
diff --git a/vendor/github.com/miekg/dns/msg_helpers.go b/vendor/github.com/miekg/dns/msg_helpers.go
index 47625ed090..472ada5d19 100644
--- a/vendor/github.com/miekg/dns/msg_helpers.go
+++ b/vendor/github.com/miekg/dns/msg_helpers.go
@@ -460,6 +460,8 @@ func makeDataOpt(code uint16) EDNS0 {
 		return new(EDNS0_N3U)
 	case EDNS0PADDING:
 		return new(EDNS0_PADDING)
+	case EDNS0EDE:
+		return new(EDNS0_EDE)
 	default:
 		e := new(EDNS0_LOCAL)
 		e.Code = code
diff --git a/vendor/github.com/miekg/dns/privaterr.go b/vendor/github.com/miekg/dns/privaterr.go
index cda6cae31e..45c7f26d85 100644
--- a/vendor/github.com/miekg/dns/privaterr.go
+++ b/vendor/github.com/miekg/dns/privaterr.go
@@ -6,7 +6,7 @@ import "strings"
 // RFC 6895. This allows one to experiment with new RR types, without requesting an
 // official type code. Also see dns.PrivateHandle and dns.PrivateHandleRemove.
 type PrivateRdata interface {
-	// String returns the text presentaton of the Rdata of the Private RR.
+	// String returns the text presentation of the Rdata of the Private RR.
 	String() string
 	// Parse parses the Rdata of the private RR.
 	Parse([]string) error
diff --git a/vendor/github.com/miekg/dns/scan.go b/vendor/github.com/miekg/dns/scan.go
index 67161de29c..57be988277 100644
--- a/vendor/github.com/miekg/dns/scan.go
+++ b/vendor/github.com/miekg/dns/scan.go
@@ -150,6 +150,9 @@ func ReadRR(r io.Reader, file string) (RR, error) {
 // The text "; this is comment" is returned from Comment. Comments inside
 // the RR are returned concatenated along with the RR. Comments on a line
 // by themselves are discarded.
+//
+// Callers should not assume all returned data in an Resource Record is
+// syntactically correct, e.g. illegal base64 in RRSIGs will be returned as-is.
 type ZoneParser struct {
 	c *zlexer
 
@@ -1233,7 +1236,7 @@ func stringToCm(token string) (e, m uint8, ok bool) {
 			// 'nn.1' must be treated as 'nn-meters and 10cm, not 1cm.
 			cmeters *= 10
 		}
-		if len(s[0]) == 0 {
+		if s[0] == "" {
 			// This will allow omitting the 'meter' part, like .01 (meaning 0.01m = 1cm).
 			break
 		}
@@ -1352,7 +1355,7 @@ func stringToNodeID(l lex) (uint64, *ParseError) {
 	if len(l.token) < 19 {
 		return 0, &ParseError{l.token, "bad NID/L64 NodeID/Locator64", l}
 	}
-	// There must be three colons at fixes postitions, if not its a parse error
+	// There must be three colons at fixes positions, if not its a parse error
 	if l.token[4] != ':' && l.token[9] != ':' && l.token[14] != ':' {
 		return 0, &ParseError{l.token, "bad NID/L64 NodeID/Locator64", l}
 	}
diff --git a/vendor/github.com/miekg/dns/scan_rr.go b/vendor/github.com/miekg/dns/scan_rr.go
index 23b4043bcd..05765aed87 100644
--- a/vendor/github.com/miekg/dns/scan_rr.go
+++ b/vendor/github.com/miekg/dns/scan_rr.go
@@ -609,7 +609,7 @@ func (rr *LOC) parse(c *zlexer, o string) *ParseError {
 
 	c.Next() // zBlank
 	l, _ = c.Next()
-	if i, err := strconv.ParseFloat(l.token, 32); err != nil || l.err || i < 0 || i >= 60 {
+	if i, err := strconv.ParseFloat(l.token, 64); err != nil || l.err || i < 0 || i >= 60 {
 		return &ParseError{"", "bad LOC Latitude seconds", l}
 	} else {
 		rr.Latitude += uint32(1000 * i)
@@ -645,7 +645,7 @@ East:
 	}
 	c.Next() // zBlank
 	l, _ = c.Next()
-	if i, err := strconv.ParseFloat(l.token, 32); err != nil || l.err || i < 0 || i >= 60 {
+	if i, err := strconv.ParseFloat(l.token, 64); err != nil || l.err || i < 0 || i >= 60 {
 		return &ParseError{"", "bad LOC Longitude seconds", l}
 	} else {
 		rr.Longitude += uint32(1000 * i)
@@ -662,7 +662,7 @@ East:
 Altitude:
 	c.Next() // zBlank
 	l, _ = c.Next()
-	if len(l.token) == 0 || l.err {
+	if l.token == "" || l.err {
 		return &ParseError{"", "bad LOC Altitude", l}
 	}
 	if l.token[len(l.token)-1] == 'M' || l.token[len(l.token)-1] == 'm' {
@@ -722,7 +722,7 @@ func (rr *HIP) parse(c *zlexer, o string) *ParseError {
 
 	c.Next()        // zBlank
 	l, _ = c.Next() // zString
-	if len(l.token) == 0 || l.err {
+	if l.token == "" || l.err {
 		return &ParseError{"", "bad HIP Hit", l}
 	}
 	rr.Hit = l.token // This can not contain spaces, see RFC 5205 Section 6.
@@ -730,7 +730,7 @@ func (rr *HIP) parse(c *zlexer, o string) *ParseError {
 
 	c.Next()        // zBlank
 	l, _ = c.Next() // zString
-	if len(l.token) == 0 || l.err {
+	if l.token == "" || l.err {
 		return &ParseError{"", "bad HIP PublicKey", l}
 	}
 	rr.PublicKey = l.token // This cannot contain spaces
@@ -846,6 +846,38 @@ func (rr *CSYNC) parse(c *zlexer, o string) *ParseError {
 	return nil
 }
 
+func (rr *ZONEMD) parse(c *zlexer, o string) *ParseError {
+	l, _ := c.Next()
+	i, e := strconv.ParseUint(l.token, 10, 32)
+	if e != nil || l.err {
+		return &ParseError{"", "bad ZONEMD Serial", l}
+	}
+	rr.Serial = uint32(i)
+
+	c.Next() // zBlank
+	l, _ = c.Next()
+	i, e1 := strconv.ParseUint(l.token, 10, 8)
+	if e1 != nil || l.err {
+		return &ParseError{"", "bad ZONEMD Scheme", l}
+	}
+	rr.Scheme = uint8(i)
+
+	c.Next() // zBlank
+	l, _ = c.Next()
+	i, err := strconv.ParseUint(l.token, 10, 8)
+	if err != nil || l.err {
+		return &ParseError{"", "bad ZONEMD Hash Algorithm", l}
+	}
+	rr.Hash = uint8(i)
+
+	s, e2 := endingToString(c, "bad ZONEMD Digest")
+	if e2 != nil {
+		return e2
+	}
+	rr.Digest = s
+	return nil
+}
+
 func (rr *SIG) parse(c *zlexer, o string) *ParseError { return rr.RRSIG.parse(c, o) }
 
 func (rr *RRSIG) parse(c *zlexer, o string) *ParseError {
@@ -997,7 +1029,7 @@ func (rr *NSEC3) parse(c *zlexer, o string) *ParseError {
 	rr.Iterations = uint16(i)
 	c.Next()
 	l, _ = c.Next()
-	if len(l.token) == 0 || l.err {
+	if l.token == "" || l.err {
 		return &ParseError{"", "bad NSEC3 Salt", l}
 	}
 	if l.token != "-" {
@@ -1007,7 +1039,7 @@ func (rr *NSEC3) parse(c *zlexer, o string) *ParseError {
 
 	c.Next()
 	l, _ = c.Next()
-	if len(l.token) == 0 || l.err {
+	if l.token == "" || l.err {
 		return &ParseError{"", "bad NSEC3 NextDomain", l}
 	}
 	rr.HashLength = 20 // Fix for NSEC3 (sha1 160 bits)
diff --git a/vendor/github.com/miekg/dns/sig0.go b/vendor/github.com/miekg/dns/sig0.go
index 9ef13ccf39..e781c9bb6c 100644
--- a/vendor/github.com/miekg/dns/sig0.go
+++ b/vendor/github.com/miekg/dns/sig0.go
@@ -17,7 +17,7 @@ func (rr *SIG) Sign(k crypto.Signer, m *Msg) ([]byte, error) {
 	if k == nil {
 		return nil, ErrPrivKey
 	}
-	if rr.KeyTag == 0 || len(rr.SignerName) == 0 || rr.Algorithm == 0 {
+	if rr.KeyTag == 0 || rr.SignerName == "" || rr.Algorithm == 0 {
 		return nil, ErrKey
 	}
 
@@ -78,7 +78,7 @@ func (rr *SIG) Verify(k *KEY, buf []byte) error {
 	if k == nil {
 		return ErrKey
 	}
-	if rr.KeyTag == 0 || len(rr.SignerName) == 0 || rr.Algorithm == 0 {
+	if rr.KeyTag == 0 || rr.SignerName == "" || rr.Algorithm == 0 {
 		return ErrKey
 	}
 
diff --git a/vendor/github.com/miekg/dns/svcb.go b/vendor/github.com/miekg/dns/svcb.go
index 1373fe21b7..64800daa6d 100644
--- a/vendor/github.com/miekg/dns/svcb.go
+++ b/vendor/github.com/miekg/dns/svcb.go
@@ -321,7 +321,7 @@ func (s *SVCBAlpn) pack() ([]byte, error) {
 	// Liberally estimate the size of an alpn as 10 octets
 	b := make([]byte, 0, 10*len(s.Alpn))
 	for _, e := range s.Alpn {
-		if len(e) == 0 {
+		if e == "" {
 			return nil, errors.New("dns: svcbalpn: empty alpn-id")
 		}
 		if len(e) > 255 {
@@ -390,7 +390,7 @@ func (*SVCBNoDefaultAlpn) unpack(b []byte) error {
 }
 
 func (*SVCBNoDefaultAlpn) parse(b string) error {
-	if len(b) != 0 {
+	if b != "" {
 		return errors.New("dns: svcbnodefaultalpn: no_default_alpn must have no value")
 	}
 	return nil
@@ -511,8 +511,13 @@ func (s *SVCBIPv4Hint) parse(b string) error {
 }
 
 func (s *SVCBIPv4Hint) copy() SVCBKeyValue {
+	hint := make([]net.IP, len(s.Hint))
+	for i, ip := range s.Hint {
+		hint[i] = copyIP(ip)
+	}
+
 	return &SVCBIPv4Hint{
-		append([]net.IP(nil), s.Hint...),
+		Hint: hint,
 	}
 }
 
@@ -629,8 +634,13 @@ func (s *SVCBIPv6Hint) parse(b string) error {
 }
 
 func (s *SVCBIPv6Hint) copy() SVCBKeyValue {
+	hint := make([]net.IP, len(s.Hint))
+	for i, ip := range s.Hint {
+		hint[i] = copyIP(ip)
+	}
+
 	return &SVCBIPv6Hint{
-		append([]net.IP(nil), s.Hint...),
+		Hint: hint,
 	}
 }
 
diff --git a/vendor/github.com/miekg/dns/types.go b/vendor/github.com/miekg/dns/types.go
index 9e379eb351..99dd315bf1 100644
--- a/vendor/github.com/miekg/dns/types.go
+++ b/vendor/github.com/miekg/dns/types.go
@@ -81,6 +81,7 @@ const (
 	TypeCDNSKEY    uint16 = 60
 	TypeOPENPGPKEY uint16 = 61
 	TypeCSYNC      uint16 = 62
+	TypeZONEMD     uint16 = 63
 	TypeSVCB       uint16 = 64
 	TypeHTTPS      uint16 = 65
 	TypeSPF        uint16 = 99
@@ -150,6 +151,17 @@ const (
 	OpcodeUpdate = 5
 )
 
+// Used in ZONEMD https://tools.ietf.org/html/rfc8976
+
+const (
+	// ZoneMD Accepted Schemes
+	ZoneMDSchemeSimple = 1
+
+	// ZoneMD Hash Algorithms
+	ZoneMDHashAlgSHA384 = 1
+	ZoneMDHashAlgSHA512 = 2
+)
+
 // Header is the wire format for the DNS packet header.
 type Header struct {
 	Id                                 uint16
@@ -1361,6 +1373,23 @@ func (rr *CSYNC) len(off int, compression map[string]struct{}) int {
 	return l
 }
 
+// ZONEMD RR, from draft-ietf-dnsop-dns-zone-digest
+type ZONEMD struct {
+	Hdr    RR_Header
+	Serial uint32
+	Scheme uint8
+	Hash   uint8
+	Digest string `dns:"hex"`
+}
+
+func (rr *ZONEMD) String() string {
+	return rr.Hdr.String() +
+		strconv.Itoa(int(rr.Serial)) +
+		" " + strconv.Itoa(int(rr.Scheme)) +
+		" " + strconv.Itoa(int(rr.Hash)) +
+		" " + rr.Digest
+}
+
 // APL RR. See RFC 3123.
 type APL struct {
 	Hdr      RR_Header
@@ -1472,7 +1501,7 @@ func StringToTime(s string) (uint32, error) {
 
 // saltToString converts a NSECX salt to uppercase and returns "-" when it is empty.
 func saltToString(s string) string {
-	if len(s) == 0 {
+	if s == "" {
 		return "-"
 	}
 	return strings.ToUpper(s)
diff --git a/vendor/github.com/miekg/dns/version.go b/vendor/github.com/miekg/dns/version.go
index 8f7cf76881..695d1e8b48 100644
--- a/vendor/github.com/miekg/dns/version.go
+++ b/vendor/github.com/miekg/dns/version.go
@@ -3,7 +3,7 @@ package dns
 import "fmt"
 
 // Version is current version of this library.
-var Version = v{1, 1, 40}
+var Version = v{1, 1, 42}
 
 // v holds the version of this library.
 type v struct {
diff --git a/vendor/github.com/miekg/dns/zduplicate.go b/vendor/github.com/miekg/dns/zduplicate.go
index 0d3b34bd9b..9eb1dac299 100644
--- a/vendor/github.com/miekg/dns/zduplicate.go
+++ b/vendor/github.com/miekg/dns/zduplicate.go
@@ -1317,3 +1317,24 @@ func (r1 *X25) isDuplicate(_r2 RR) bool {
 	}
 	return true
 }
+
+func (r1 *ZONEMD) isDuplicate(_r2 RR) bool {
+	r2, ok := _r2.(*ZONEMD)
+	if !ok {
+		return false
+	}
+	_ = r2
+	if r1.Serial != r2.Serial {
+		return false
+	}
+	if r1.Scheme != r2.Scheme {
+		return false
+	}
+	if r1.Hash != r2.Hash {
+		return false
+	}
+	if r1.Digest != r2.Digest {
+		return false
+	}
+	return true
+}
diff --git a/vendor/github.com/miekg/dns/zmsg.go b/vendor/github.com/miekg/dns/zmsg.go
index d24a10fa24..fc0822f982 100644
--- a/vendor/github.com/miekg/dns/zmsg.go
+++ b/vendor/github.com/miekg/dns/zmsg.go
@@ -1118,6 +1118,26 @@ func (rr *X25) pack(msg []byte, off int, compression compressionMap, compress bo
 	return off, nil
 }
 
+func (rr *ZONEMD) pack(msg []byte, off int, compression compressionMap, compress bool) (off1 int, err error) {
+	off, err = packUint32(rr.Serial, msg, off)
+	if err != nil {
+		return off, err
+	}
+	off, err = packUint8(rr.Scheme, msg, off)
+	if err != nil {
+		return off, err
+	}
+	off, err = packUint8(rr.Hash, msg, off)
+	if err != nil {
+		return off, err
+	}
+	off, err = packStringHex(rr.Digest, msg, off)
+	if err != nil {
+		return off, err
+	}
+	return off, nil
+}
+
 // unpack*() functions
 
 func (rr *A) unpack(msg []byte, off int) (off1 int, err error) {
@@ -2821,3 +2841,35 @@ func (rr *X25) unpack(msg []byte, off int) (off1 int, err error) {
 	}
 	return off, nil
 }
+
+func (rr *ZONEMD) unpack(msg []byte, off int) (off1 int, err error) {
+	rdStart := off
+	_ = rdStart
+
+	rr.Serial, off, err = unpackUint32(msg, off)
+	if err != nil {
+		return off, err
+	}
+	if off == len(msg) {
+		return off, nil
+	}
+	rr.Scheme, off, err = unpackUint8(msg, off)
+	if err != nil {
+		return off, err
+	}
+	if off == len(msg) {
+		return off, nil
+	}
+	rr.Hash, off, err = unpackUint8(msg, off)
+	if err != nil {
+		return off, err
+	}
+	if off == len(msg) {
+		return off, nil
+	}
+	rr.Digest, off, err = unpackStringHex(msg, off, rdStart+int(rr.Hdr.Rdlength))
+	if err != nil {
+		return off, err
+	}
+	return off, nil
+}
diff --git a/vendor/github.com/miekg/dns/ztypes.go b/vendor/github.com/miekg/dns/ztypes.go
index 11b51bf217..5d060cfee1 100644
--- a/vendor/github.com/miekg/dns/ztypes.go
+++ b/vendor/github.com/miekg/dns/ztypes.go
@@ -82,6 +82,7 @@ var TypeToRR = map[uint16]func() RR{
 	TypeUINFO:      func() RR { return new(UINFO) },
 	TypeURI:        func() RR { return new(URI) },
 	TypeX25:        func() RR { return new(X25) },
+	TypeZONEMD:     func() RR { return new(ZONEMD) },
 }
 
 // TypeToString is a map of strings for each RR type.
@@ -168,6 +169,7 @@ var TypeToString = map[uint16]string{
 	TypeUNSPEC:     "UNSPEC",
 	TypeURI:        "URI",
 	TypeX25:        "X25",
+	TypeZONEMD:     "ZONEMD",
 	TypeNSAPPTR:    "NSAP-PTR",
 }
 
@@ -245,6 +247,7 @@ func (rr *UID) Header() *RR_Header        { return &rr.Hdr }
 func (rr *UINFO) Header() *RR_Header      { return &rr.Hdr }
 func (rr *URI) Header() *RR_Header        { return &rr.Hdr }
 func (rr *X25) Header() *RR_Header        { return &rr.Hdr }
+func (rr *ZONEMD) Header() *RR_Header     { return &rr.Hdr }
 
 // len() functions
 func (rr *A) len(off int, compression map[string]struct{}) int {
@@ -684,6 +687,14 @@ func (rr *X25) len(off int, compression map[string]struct{}) int {
 	l += len(rr.PSDNAddress) + 1
 	return l
 }
+func (rr *ZONEMD) len(off int, compression map[string]struct{}) int {
+	l := rr.Hdr.len(off, compression)
+	l += 4 // Serial
+	l++    // Scheme
+	l++    // Hash
+	l += len(rr.Digest) / 2
+	return l
+}
 
 // copy() functions
 func (rr *A) copy() RR {
@@ -936,3 +947,6 @@ func (rr *URI) copy() RR {
 func (rr *X25) copy() RR {
 	return &X25{rr.Hdr, rr.PSDNAddress}
 }
+func (rr *ZONEMD) copy() RR {
+	return &ZONEMD{rr.Hdr, rr.Serial, rr.Scheme, rr.Hash, rr.Digest}
+}
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/block.go b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/block.go
index f382649430..88319105a6 100644
--- a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/block.go
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/block.go
@@ -41,11 +41,11 @@ func CompressBlockBound(n int) int {
 	return n + n/255 + 16
 }
 
-func UncompressBlock(src, dst []byte) (int, error) {
+func UncompressBlock(src, dst, dict []byte) (int, error) {
 	if len(src) == 0 {
 		return 0, nil
 	}
-	if di := decodeBlock(dst, src); di >= 0 {
+	if di := decodeBlock(dst, src, dict); di >= 0 {
 		return di, nil
 	}
 	return 0, lz4errors.ErrInvalidSourceShortBuffer
@@ -187,6 +187,9 @@ func (c *Compressor) CompressBlock(src, dst []byte) (int, error) {
 		}
 
 		mLen = si - mLen
+		if di >= len(dst) {
+			return 0, lz4errors.ErrInvalidSourceShortBuffer
+		}
 		if mLen < 0xF {
 			dst[di] = byte(mLen)
 		} else {
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_asm.go b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_amd64.go
index e26f8cd613..e16bd57937 100644
--- a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_asm.go
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_amd64.go
@@ -1,4 +1,3 @@
-// +build amd64 arm
 // +build !appengine
 // +build gc
 // +build !noasm
@@ -6,4 +5,4 @@
 package lz4block
 
 //go:noescape
-func decodeBlock(dst, src []byte) int
+func decodeBlock(dst, src, dict []byte) int
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_amd64.s b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_amd64.s
index be79faa3fe..dfcca57291 100644
--- a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_amd64.s
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_amd64.s
@@ -16,9 +16,11 @@
 // R11 &dst
 // R12 short output end
 // R13 short input end
-// func decodeBlock(dst, src []byte) int
-// using 50 bytes of stack currently
-TEXT ·decodeBlock(SB), NOSPLIT, $64-56
+// R14 &dict
+// R15 &dict + len(dict)
+
+// func decodeBlock(dst, src, dict []byte) int
+TEXT ·decodeBlock(SB), NOSPLIT, $48-80
 	MOVQ dst_base+0(FP), DI
 	MOVQ DI, R11
 	MOVQ dst_len+8(FP), R8
@@ -30,6 +32,10 @@ TEXT ·decodeBlock(SB), NOSPLIT, $64-56
 	JE   err_corrupt
 	ADDQ SI, R9
 
+	MOVQ dict_base+48(FP), R14
+	MOVQ dict_len+56(FP), R15
+	ADDQ R14, R15
+
 	// shortcut ends
 	// short output end
 	MOVQ R8, R12
@@ -96,6 +102,8 @@ loop:
 	// match length, we already have the offset.
 	CMPQ CX, $0xF
 	JEQ match_len_loop_pre
+	CMPQ DX, R11
+	JLT match_len_loop_pre
 	CMPQ DX, $8
 	JLT match_len_loop_pre
 	CMPQ AX, R11
@@ -174,6 +182,9 @@ copy_literal:
 	MOVOU (SI), X0
 	MOVOU X0, (DI)
 
+	ADDQ CX, SI
+	ADDQ CX, DI
+
 	JMP finish_lit_copy
 
 memmove_lit:
@@ -181,18 +192,20 @@ memmove_lit:
 	MOVQ DI, 0(SP)
 	MOVQ SI, 8(SP)
 	MOVQ CX, 16(SP)
-	// spill
+
+	// Spill registers. Increment SI, DI now so we don't need to save CX.
+	ADDQ CX, DI
+	ADDQ CX, SI
 	MOVQ DI, 24(SP)
 	MOVQ SI, 32(SP)
-	MOVQ CX, 40(SP) // need len to inc SI, DI after
-	MOVB DX, 48(SP)
+	MOVL DX, 40(SP)
+
 	CALL runtime·memmove(SB)
 
 	// restore registers
 	MOVQ 24(SP), DI
 	MOVQ 32(SP), SI
-	MOVQ 40(SP), CX
-	MOVB 48(SP), DX
+	MOVL 40(SP), DX
 
 	// recalc initial values
 	MOVQ dst_base+0(FP), R8
@@ -206,9 +219,6 @@ memmove_lit:
 	SUBQ $16, R13
 
 finish_lit_copy:
-	ADDQ CX, SI
-	ADDQ CX, DI
-
 	CMPQ SI, R9
 	JGE end
 
@@ -278,7 +288,7 @@ copy_match:
 	// check BX is within dst
 	// if BX < &dst
 	CMPQ BX, R11
-	JLT err_short_buf
+	JLT copy_match_from_dict
 
 	// if offset + match_len < di
 	LEAQ (BX)(CX*1), AX
@@ -325,21 +335,49 @@ copy_interior_match:
 	ADDQ CX, DI
 	JMP loop
 
-memmove_match:
+copy_match_from_dict:
+	// CX = match_len
+	// BX = &dst + (di - offset)
+
+	// AX = offset - di = dict_bytes_available => count of bytes potentially covered by the dictionary
+	MOVQ R11, AX
+	SUBQ BX, AX
+
+	// BX = &dict_end - dict_bytes_available
+	MOVQ R15, BX
+	SUBQ AX, BX
+
+	// check BX is within dict
+	// if BX < &dict
+	CMPQ BX, R14
+	JLT err_short_dict
+
+	// if match_len > dict_bytes_available, match fits entirely within external dictionary : just copy
+	CMPQ CX, AX
+	JLT memmove_match
+
+	// The match stretches over the dictionary and our block
+	// 1) copy what comes from the dictionary
+	// AX = dict_bytes_available = copy_size
+	// BX = &dict_end - copy_size
+	// CX = match_len
+
 	// memmove(to, from, len)
 	MOVQ DI, 0(SP)
 	MOVQ BX, 8(SP)
-	MOVQ CX, 16(SP)
+	MOVQ AX, 16(SP)
+	// store extra stuff we want to recover
 	// spill
 	MOVQ DI, 24(SP)
 	MOVQ SI, 32(SP)
-	MOVQ CX, 40(SP) // need len to inc SI, DI after
+	MOVQ CX, 40(SP)
 	CALL runtime·memmove(SB)
 
 	// restore registers
+	MOVQ 16(SP), AX // copy_size
 	MOVQ 24(SP), DI
 	MOVQ 32(SP), SI
-	MOVQ 40(SP), CX
+	MOVQ 40(SP), CX // match_len
 
 	// recalc initial values
 	MOVQ dst_base+0(FP), R8
@@ -347,23 +385,77 @@ memmove_match:
 	ADDQ dst_len+8(FP), R8
 	MOVQ src_base+24(FP), R9
 	ADDQ src_len+32(FP), R9
+	MOVQ dict_base+48(FP), R14
+	MOVQ dict_len+56(FP), R15
+	ADDQ R14, R15
 	MOVQ R8, R12
 	SUBQ $32, R12
 	MOVQ R9, R13
 	SUBQ $16, R13
 
+	// di+=copy_size
+	ADDQ AX, DI
+
+	// 2) copy the rest from the current block
+	// CX = match_len - copy_size = rest_size
+	SUBQ AX, CX
+	MOVQ R11, BX
+
+	// check if we have a copy overlap
+	// AX = &dst + rest_size
+	MOVQ CX, AX
+	ADDQ BX, AX
+	// if &dst + rest_size > di, copy byte by byte
+	CMPQ AX, DI
+
+	JGT copy_match_loop
+
+memmove_match:
+	// memmove(to, from, len)
+	MOVQ DI, 0(SP)
+	MOVQ BX, 8(SP)
+	MOVQ CX, 16(SP)
+
+	// Spill registers. Increment DI now so we don't need to save CX.
 	ADDQ CX, DI
+	MOVQ DI, 24(SP)
+	MOVQ SI, 32(SP)
+
+	CALL runtime·memmove(SB)
+
+	// restore registers
+	MOVQ 24(SP), DI
+	MOVQ 32(SP), SI
+
+	// recalc initial values
+	MOVQ dst_base+0(FP), R8
+	MOVQ R8, R11 // TODO: make these sensible numbers
+	ADDQ dst_len+8(FP), R8
+	MOVQ src_base+24(FP), R9
+	ADDQ src_len+32(FP), R9
+	MOVQ R8, R12
+	SUBQ $32, R12
+	MOVQ R9, R13
+	SUBQ $16, R13
+	MOVQ dict_base+48(FP), R14
+	MOVQ dict_len+56(FP), R15
+	ADDQ R14, R15
+
 	JMP loop
 
 err_corrupt:
-	MOVQ $-1, ret+48(FP)
+	MOVQ $-1, ret+72(FP)
 	RET
 
 err_short_buf:
-	MOVQ $-2, ret+48(FP)
+	MOVQ $-2, ret+72(FP)
+	RET
+
+err_short_dict:
+	MOVQ $-3, ret+72(FP)
 	RET
 
 end:
 	SUBQ R11, DI
-	MOVQ DI, ret+48(FP)
+	MOVQ DI, ret+72(FP)
 	RET
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_arm.go b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_arm.go
new file mode 100644
index 0000000000..c35acda055
--- /dev/null
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_arm.go
@@ -0,0 +1,15 @@
+// +build gc,!noasm
+
+package lz4block
+
+func decodeBlock(dst, src, dict []byte) int {
+	if len(dict) == 0 {
+		return decodeBlockNodict(dst, src)
+	}
+	return decodeBlockGo(dst, src, dict)
+}
+
+// Assembler version of decodeBlock, without linked block support.
+
+//go:noescape
+func decodeBlockNodict(dst, src []byte) int
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_arm.s b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_arm.s
index 64be9adcaa..5ae3214685 100644
--- a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_arm.s
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_arm.s
@@ -19,12 +19,12 @@
 
 #define minMatch	$4
 
-// func decodeBlock(dst, src []byte) int
-TEXT ·decodeBlock(SB), NOFRAME|NOSPLIT, $-4-28
-	MOVW dst_base +0(FP), dst
-	MOVW dst_len  +4(FP), dstend
-	MOVW src_base+12(FP), src
-	MOVW src_len +16(FP), srcend
+// func decodeBlockNodict(dst, src []byte) int
+TEXT ·decodeBlockNodict(SB), NOFRAME+NOSPLIT, $-4-28
+	MOVW dst_base  +0(FP), dst
+	MOVW dst_len   +4(FP), dstend
+	MOVW src_base +12(FP), src
+	MOVW src_len  +16(FP), srcend
 
 	CMP $0, srcend
 	BEQ shortSrc
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_noasm.go b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_noasm.go
new file mode 100644
index 0000000000..1cc703834e
--- /dev/null
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_noasm.go
@@ -0,0 +1,7 @@
+// +build !amd64,!arm appengine !gc noasm
+
+package lz4block
+
+func decodeBlock(dst, src, dict []byte) int {
+	return decodeBlockGo(dst, src, dict)
+}
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_other.go b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_other.go
index 52df2f2b8e..4b580d4a6f 100644
--- a/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_other.go
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4block/decode_other.go
@@ -1,13 +1,14 @@
-// +build !amd64,!arm appengine !gc noasm
-
 package lz4block
 
-import "encoding/binary"
+import (
+	"encoding/binary"
+)
 
-func decodeBlock(dst, src []byte) (ret int) {
+func decodeBlockGo(dst, src, dict []byte) (ret int) {
 	// Restrict capacities so we don't read or write out of bounds.
 	dst = dst[:len(dst):len(dst)]
 	src = src[:len(src):len(src)]
+	dictLen := uint(len(dict))
 
 	const hasError = -2
 	defer func() {
@@ -38,7 +39,7 @@ func decodeBlock(dst, src []byte) (ret int) {
 					// if the match length (4..18) fits within the literals, then copy
 					// all 18 bytes, even if not all are part of the literals.
 					mLen += 4
-					if offset := u16(src[si:]); mLen <= offset {
+					if offset := u16(src[si:]); mLen <= offset && offset < di {
 						i := di - offset
 						end := i + 18
 						if end > uint(len(dst)) {
@@ -91,6 +92,38 @@ func decodeBlock(dst, src []byte) (ret int) {
 		mLen += minMatch
 
 		// Copy the match.
+		if di < offset {
+			// The match is beyond our block, meaning in the dictionary
+			if offset-di > mLen {
+				// The match is entirely contained in the dictionary. Just copy!
+				copy(dst[di:di+mLen], dict[dictLen+di-offset:dictLen+di-offset+mLen])
+				di = di + mLen
+			} else {
+				// The match stretches over the dictionary and our block
+				copySize := offset - di
+				restSize := mLen - copySize
+
+				copy(dst[di:di+copySize], dict[dictLen-copySize:])
+				di = di + copySize
+
+				if di < restSize {
+					// Overlap - we want to copy more than what we have available,
+					// so copy byte per byte.
+					copyFrom := 0
+					endOfMatch := di + restSize
+					for di < endOfMatch {
+						dst[di] = dst[copyFrom]
+						di = di + 1
+						copyFrom = copyFrom + 1
+					}
+				} else {
+					copy(dst[di:di+restSize], dst[0:restSize])
+					di = di + restSize
+				}
+			}
+			continue
+		}
+
 		expanded := dst[di-offset:]
 		if mLen > offset {
 			// Efficiently copy the match dst[di-offset:di] into the dst slice.
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/block.go b/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/block.go
index c7b929fdfe..e96465460c 100644
--- a/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/block.go
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/block.go
@@ -127,9 +127,11 @@ func (b *Blocks) initR(f *Frame, num int, src io.Reader) (chan []byte, error) {
 			blocks <- c
 			go func() {
 				defer block.Close(f)
-				data, err := block.Uncompress(f, size.Get(), false)
+				data, err := block.Uncompress(f, size.Get(), nil, false)
 				if err != nil {
 					b.closeR(err)
+					// Close the block channel to indicate an error.
+					close(c)
 				} else {
 					c <- data
 				}
@@ -150,13 +152,24 @@ func (b *Blocks) initR(f *Frame, num int, src io.Reader) (chan []byte, error) {
 	// on the returned channel.
 	go func(leg bool) {
 		defer close(blocks)
+		skipBlocks := false
 		for c := range blocks {
-			buf := <-c
+			buf, ok := <-c
+			if !ok {
+				// A closed channel indicates an error.
+				// All remaining channels should be discarded.
+				skipBlocks = true
+				continue
+			}
 			if buf == nil {
 				// Signal to end the loop.
 				close(c)
 				return
 			}
+			if skipBlocks {
+				// A previous error has occurred, skipping remaining channels.
+				continue
+			}
 			// Perform checksum now as the blocks are received in order.
 			if f.Descriptor.Flags.ContentChecksum() {
 				_, _ = f.checksum.Write(buf)
@@ -303,12 +316,12 @@ func (b *FrameDataBlock) Read(f *Frame, src io.Reader, cum uint32) (uint32, erro
 	return x, nil
 }
 
-func (b *FrameDataBlock) Uncompress(f *Frame, dst []byte, sum bool) ([]byte, error) {
+func (b *FrameDataBlock) Uncompress(f *Frame, dst, dict []byte, sum bool) ([]byte, error) {
 	if b.Size.Uncompressed() {
 		n := copy(dst, b.data)
 		dst = dst[:n]
 	} else {
-		n, err := lz4block.UncompressBlock(b.data, dst)
+		n, err := lz4block.UncompressBlock(b.data, dst, dict)
 		if err != nil {
 			return nil, err
 		}
diff --git a/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/frame.go b/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/frame.go
index cfbd5674d9..18192a9433 100644
--- a/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/frame.go
+++ b/vendor/github.com/pierrec/lz4/v4/internal/lz4stream/frame.go
@@ -77,16 +77,16 @@ func (f *Frame) isLegacy() bool {
 	return f.Magic == frameMagicLegacy
 }
 
-func (f *Frame) InitR(src io.Reader, num int) (chan []byte, error) {
+func (f *Frame) ParseHeaders(src io.Reader) error {
 	if f.Magic > 0 {
 		// Header already read.
-		return nil, nil
+		return nil
 	}
 
 newFrame:
 	var err error
 	if f.Magic, err = f.readUint32(src); err != nil {
-		return nil, err
+		return err
 	}
 	switch m := f.Magic; {
 	case m == frameMagic || m == frameMagicLegacy:
@@ -94,19 +94,23 @@ newFrame:
 	case m>>8 == frameSkipMagic>>8:
 		skip, err := f.readUint32(src)
 		if err != nil {
-			return nil, err
+			return err
 		}
 		if _, err := io.CopyN(ioutil.Discard, src, int64(skip)); err != nil {
-			return nil, err
+			return err
 		}
 		goto newFrame
 	default:
-		return nil, lz4errors.ErrInvalidFrame
+		return lz4errors.ErrInvalidFrame
 	}
 	if err := f.Descriptor.initR(f, src); err != nil {
-		return nil, err
+		return err
 	}
 	f.checksum.Reset()
+	return nil
+}
+
+func (f *Frame) InitR(src io.Reader, num int) (chan []byte, error) {
 	return f.Blocks.initR(f, num, src)
 }
 
diff --git a/vendor/github.com/pierrec/lz4/v4/lz4.go b/vendor/github.com/pierrec/lz4/v4/lz4.go
index c585d4064f..a62022e088 100644
--- a/vendor/github.com/pierrec/lz4/v4/lz4.go
+++ b/vendor/github.com/pierrec/lz4/v4/lz4.go
@@ -35,7 +35,17 @@ func CompressBlockBound(n int) int {
 //
 // An error is returned if the source data is invalid or the destination buffer is too small.
 func UncompressBlock(src, dst []byte) (int, error) {
-	return lz4block.UncompressBlock(src, dst)
+	return lz4block.UncompressBlock(src, dst, nil)
+}
+
+// UncompressBlockWithDict uncompresses the source buffer into the destination one using a
+// dictionary, and returns the uncompressed size.
+//
+// The destination buffer must be sized appropriately.
+//
+// An error is returned if the source data is invalid or the destination buffer is too small.
+func UncompressBlockWithDict(src, dst, dict []byte) (int, error) {
+	return lz4block.UncompressBlock(src, dst, dict)
 }
 
 // A Compressor compresses data into the LZ4 block format.
diff --git a/vendor/github.com/pierrec/lz4/v4/options.go b/vendor/github.com/pierrec/lz4/v4/options.go
index 4e1b6703b5..46a8738031 100644
--- a/vendor/github.com/pierrec/lz4/v4/options.go
+++ b/vendor/github.com/pierrec/lz4/v4/options.go
@@ -2,10 +2,11 @@ package lz4
 
 import (
 	"fmt"
-	"github.com/pierrec/lz4/v4/internal/lz4block"
-	"github.com/pierrec/lz4/v4/internal/lz4errors"
 	"reflect"
 	"runtime"
+
+	"github.com/pierrec/lz4/v4/internal/lz4block"
+	"github.com/pierrec/lz4/v4/internal/lz4errors"
 )
 
 //go:generate go run golang.org/x/tools/cmd/stringer -type=BlockSize,CompressionLevel -output options_gen.go
diff --git a/vendor/github.com/pierrec/lz4/v4/reader.go b/vendor/github.com/pierrec/lz4/v4/reader.go
index 403aaf697a..f8458807c4 100644
--- a/vendor/github.com/pierrec/lz4/v4/reader.go
+++ b/vendor/github.com/pierrec/lz4/v4/reader.go
@@ -40,6 +40,7 @@ type Reader struct {
 	idx     int              // size of pending data
 	handler func(int)
 	cum     uint32
+	dict    []byte
 }
 
 func (*Reader) private() {}
@@ -77,6 +78,15 @@ func (r *Reader) isNotConcurrent() bool {
 }
 
 func (r *Reader) init() error {
+	err := r.frame.ParseHeaders(r.src)
+	if err != nil {
+		return err
+	}
+	if !r.frame.Descriptor.Flags.BlockIndependence() {
+		// We can't decompress dependent blocks concurrently.
+		// Instead of throwing an error to the user, silently drop concurrency
+		r.num = 1
+	}
 	data, err := r.frame.InitR(r.src, r.num)
 	if err != nil {
 		return err
@@ -162,10 +172,20 @@ func (r *Reader) read(buf []byte) (int, error) {
 		direct = true
 		dst = buf
 	}
-	dst, err = block.Uncompress(r.frame, dst, true)
+	dst, err = block.Uncompress(r.frame, dst, r.dict, true)
 	if err != nil {
 		return 0, err
 	}
+	if !r.frame.Descriptor.Flags.BlockIndependence() {
+		if len(r.dict)+len(dst) > 128*1024 {
+			preserveSize := 64*1024 - len(dst)
+			if preserveSize < 0 {
+				preserveSize = 0
+			}
+			r.dict = r.dict[len(r.dict)-preserveSize:]
+		}
+		r.dict = append(r.dict, dst...)
+	}
 	r.cum += uint32(len(dst))
 	if direct {
 		return len(dst), nil
diff --git a/vendor/github.com/pierrec/lz4/v4/writer.go b/vendor/github.com/pierrec/lz4/v4/writer.go
index 44a43d251b..05a6aa14a8 100644
--- a/vendor/github.com/pierrec/lz4/v4/writer.go
+++ b/vendor/github.com/pierrec/lz4/v4/writer.go
@@ -89,7 +89,7 @@ func (w *Writer) Write(buf []byte) (n int, err error) {
 
 	zn := len(w.data)
 	for len(buf) > 0 {
-		if w.idx == 0 && len(buf) >= zn {
+		if w.isNotConcurrent() && w.idx == 0 && len(buf) >= zn {
 			// Avoid a copy as there is enough data for a block.
 			if err = w.write(buf[:zn], false); err != nil {
 				return
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go
index 18a99d5faa..c41ab37f3b 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/expvar_collector.go
@@ -22,43 +22,10 @@ type expvarCollector struct {
 	exports map[string]*Desc
 }
 
-// NewExpvarCollector returns a newly allocated expvar Collector that still has
-// to be registered with a Prometheus registry.
+// NewExpvarCollector is the obsolete version of collectors.NewExpvarCollector.
+// See there for documentation.
 //
-// An expvar Collector collects metrics from the expvar interface. It provides a
-// quick way to expose numeric values that are already exported via expvar as
-// Prometheus metrics. Note that the data models of expvar and Prometheus are
-// fundamentally different, and that the expvar Collector is inherently slower
-// than native Prometheus metrics. Thus, the expvar Collector is probably great
-// for experiments and prototying, but you should seriously consider a more
-// direct implementation of Prometheus metrics for monitoring production
-// systems.
-//
-// The exports map has the following meaning:
-//
-// The keys in the map correspond to expvar keys, i.e. for every expvar key you
-// want to export as Prometheus metric, you need an entry in the exports
-// map. The descriptor mapped to each key describes how to export the expvar
-// value. It defines the name and the help string of the Prometheus metric
-// proxying the expvar value. The type will always be Untyped.
-//
-// For descriptors without variable labels, the expvar value must be a number or
-// a bool. The number is then directly exported as the Prometheus sample
-// value. (For a bool, 'false' translates to 0 and 'true' to 1). Expvar values
-// that are not numbers or bools are silently ignored.
-//
-// If the descriptor has one variable label, the expvar value must be an expvar
-// map. The keys in the expvar map become the various values of the one
-// Prometheus label. The values in the expvar map must be numbers or bools again
-// as above.
-//
-// For descriptors with more than one variable label, the expvar must be a
-// nested expvar map, i.e. where the values of the topmost map are maps again
-// etc. until a depth is reached that corresponds to the number of labels. The
-// leaves of that structure must be numbers or bools as above to serve as the
-// sample values.
-//
-// Anything that does not fit into the scheme above is silently ignored.
+// Deprecated: Use collectors.NewExpvarCollector instead.
 func NewExpvarCollector(exports map[string]*Desc) Collector {
 	return &expvarCollector{
 		exports: exports,
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
index db43ca5bab..a96ed1cee8 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/go_collector.go
@@ -36,32 +36,10 @@ type goCollector struct {
 	msMaxAge        time.Duration           // Maximum allowed age of old memstats.
 }
 
-// NewGoCollector returns a collector that exports metrics about the current Go
-// process. This includes memory stats. To collect those, runtime.ReadMemStats
-// is called. This requires to “stop the world”, which usually only happens for
-// garbage collection (GC). Take the following implications into account when
-// deciding whether to use the Go collector:
+// NewGoCollector is the obsolete version of collectors.NewGoCollector.
+// See there for documentation.
 //
-// 1. The performance impact of stopping the world is the more relevant the more
-// frequently metrics are collected. However, with Go1.9 or later the
-// stop-the-world time per metrics collection is very short (~25µs) so that the
-// performance impact will only matter in rare cases. However, with older Go
-// versions, the stop-the-world duration depends on the heap size and can be
-// quite significant (~1.7 ms/GiB as per
-// https://go-review.googlesource.com/c/go/+/34937).
-//
-// 2. During an ongoing GC, nothing else can stop the world. Therefore, if the
-// metrics collection happens to coincide with GC, it will only complete after
-// GC has finished. Usually, GC is fast enough to not cause problems. However,
-// with a very large heap, GC might take multiple seconds, which is enough to
-// cause scrape timeouts in common setups. To avoid this problem, the Go
-// collector will use the memstats from a previous collection if
-// runtime.ReadMemStats takes more than 1s. However, if there are no previously
-// collected memstats, or their collection is more than 5m ago, the collection
-// will block until runtime.ReadMemStats succeeds.
-//
-// NOTE: The problem is solved in Go 1.15, see
-// https://github.com/golang/go/issues/19812 for the related Go issue.
+// Deprecated: Use collectors.NewGoCollector instead.
 func NewGoCollector() Collector {
 	return &goCollector{
 		goroutinesDesc: NewDesc(
@@ -366,23 +344,10 @@ type memStatsMetrics []struct {
 	valType ValueType
 }
 
-// NewBuildInfoCollector returns a collector collecting a single metric
-// "go_build_info" with the constant value 1 and three labels "path", "version",
-// and "checksum". Their label values contain the main module path, version, and
-// checksum, respectively. The labels will only have meaningful values if the
-// binary is built with Go module support and from source code retrieved from
-// the source repository (rather than the local file system). This is usually
-// accomplished by building from outside of GOPATH, specifying the full address
-// of the main package, e.g. "GO111MODULE=on go run
-// github.com/prometheus/client_golang/examples/random". If built without Go
-// module support, all label values will be "unknown". If built with Go module
-// support but using the source code from the local file system, the "path" will
-// be set appropriately, but "checksum" will be empty and "version" will be
-// "(devel)".
+// NewBuildInfoCollector is the obsolete version of collectors.NewBuildInfoCollector.
+// See there for documentation.
 //
-// This collector uses only the build information for the main module. See
-// https://github.com/povilasv/prommod for an example of a collector for the
-// module dependencies.
+// Deprecated: Use collectors.NewBuildInfoCollector instead.
 func NewBuildInfoCollector() Collector {
 	path, version, sum := "unknown", "unknown", "unknown"
 	if bi, ok := debug.ReadBuildInfo(); ok {
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
index 3346fa1c55..8425640b39 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/histogram.go
@@ -47,7 +47,12 @@ type Histogram interface {
 	Metric
 	Collector
 
-	// Observe adds a single observation to the histogram.
+	// Observe adds a single observation to the histogram. Observations are
+	// usually positive or zero. Negative observations are accepted but
+	// prevent current versions of Prometheus from properly detecting
+	// counter resets in the sum of observations. See
+	// https://prometheus.io/docs/practices/histograms/#count-and-sum-of-observations
+	// for details.
 	Observe(float64)
 }
 
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go b/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
index c46702d60b..5bfe0ff5bb 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/process_collector.go
@@ -54,16 +54,10 @@ type ProcessCollectorOpts struct {
 	ReportErrors bool
 }
 
-// NewProcessCollector returns a collector which exports the current state of
-// process metrics including CPU, memory and file descriptor usage as well as
-// the process start time. The detailed behavior is defined by the provided
-// ProcessCollectorOpts. The zero value of ProcessCollectorOpts creates a
-// collector for the current process with an empty namespace string and no error
-// reporting.
+// NewProcessCollector is the obsolete version of collectors.NewProcessCollector.
+// See there for documentation.
 //
-// The collector only works on operating systems with a Linux-style proc
-// filesystem and on Microsoft Windows. On other operating systems, it will not
-// collect any metrics.
+// Deprecated: Use collectors.NewProcessCollector instead.
 func NewProcessCollector(opts ProcessCollectorOpts) Collector {
 	ns := ""
 	if len(opts.Namespace) > 0 {
diff --git a/vendor/github.com/prometheus/client_golang/prometheus/summary.go b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
index fb5ce22bf6..c5fa8ed7c7 100644
--- a/vendor/github.com/prometheus/client_golang/prometheus/summary.go
+++ b/vendor/github.com/prometheus/client_golang/prometheus/summary.go
@@ -55,7 +55,12 @@ type Summary interface {
 	Metric
 	Collector
 
-	// Observe adds a single observation to the summary.
+	// Observe adds a single observation to the summary. Observations are
+	// usually positive or zero. Negative observations are accepted but
+	// prevent current versions of Prometheus from properly detecting
+	// counter resets in the sum of observations. See
+	// https://prometheus.io/docs/practices/histograms/#count-and-sum-of-observations
+	// for details.
 	Observe(float64)
 }
 
@@ -121,7 +126,9 @@ type SummaryOpts struct {
 	Objectives map[float64]float64
 
 	// MaxAge defines the duration for which an observation stays relevant
-	// for the summary. Must be positive. The default value is DefMaxAge.
+	// for the summary. Only applies to pre-calculated quantiles, does not
+	// apply to _sum and _count. Must be positive. The default value is
+	// DefMaxAge.
 	MaxAge time.Duration
 
 	// AgeBuckets is the number of buckets used to exclude observations that
diff --git a/vendor/github.com/prometheus/common/model/labels.go b/vendor/github.com/prometheus/common/model/labels.go
index 41051a01a3..ef89563354 100644
--- a/vendor/github.com/prometheus/common/model/labels.go
+++ b/vendor/github.com/prometheus/common/model/labels.go
@@ -45,6 +45,14 @@ const (
 	// scrape a target.
 	MetricsPathLabel = "__metrics_path__"
 
+	// ScrapeIntervalLabel is the name of the label that holds the scrape interval
+	// used to scrape a target.
+	ScrapeIntervalLabel = "__scrape_interval__"
+
+	// ScrapeTimeoutLabel is the name of the label that holds the scrape
+	// timeout used to scrape a target.
+	ScrapeTimeoutLabel = "__scrape_timeout__"
+
 	// ReservedLabelPrefix is a prefix which is not legal in user-supplied
 	// label names.
 	ReservedLabelPrefix = "__"
diff --git a/vendor/github.com/prometheus/common/model/time.go b/vendor/github.com/prometheus/common/model/time.go
index 77b82b2baa..7f67b16e42 100644
--- a/vendor/github.com/prometheus/common/model/time.go
+++ b/vendor/github.com/prometheus/common/model/time.go
@@ -14,6 +14,8 @@
 package model
 
 import (
+	"encoding/json"
+	"errors"
 	"fmt"
 	"math"
 	"regexp"
@@ -201,13 +203,23 @@ func ParseDuration(durationStr string) (Duration, error) {
 
 	// Parse the match at pos `pos` in the regex and use `mult` to turn that
 	// into ms, then add that value to the total parsed duration.
+	var overflowErr error
 	m := func(pos int, mult time.Duration) {
 		if matches[pos] == "" {
 			return
 		}
 		n, _ := strconv.Atoi(matches[pos])
+
+		// Check if the provided duration overflows time.Duration (> ~ 290years).
+		if n > int((1<<63-1)/mult/time.Millisecond) {
+			overflowErr = errors.New("duration out of range")
+		}
 		d := time.Duration(n) * time.Millisecond
 		dur += d * mult
+
+		if dur < 0 {
+			overflowErr = errors.New("duration out of range")
+		}
 	}
 
 	m(2, 1000*60*60*24*365) // y
@@ -218,7 +230,7 @@ func ParseDuration(durationStr string) (Duration, error) {
 	m(12, 1000)             // s
 	m(14, 1)                // ms
 
-	return Duration(dur), nil
+	return Duration(dur), overflowErr
 }
 
 func (d Duration) String() string {
@@ -254,6 +266,25 @@ func (d Duration) String() string {
 	return r
 }
 
+// MarshalJSON implements the json.Marshaler interface.
+func (d Duration) MarshalJSON() ([]byte, error) {
+	return json.Marshal(d.String())
+}
+
+// UnmarshalJSON implements the json.Unmarshaler interface.
+func (d *Duration) UnmarshalJSON(bytes []byte) error {
+	var s string
+	if err := json.Unmarshal(bytes, &s); err != nil {
+		return err
+	}
+	dur, err := ParseDuration(s)
+	if err != nil {
+		return err
+	}
+	*d = dur
+	return nil
+}
+
 // MarshalText implements the encoding.TextMarshaler interface.
 func (d *Duration) MarshalText() ([]byte, error) {
 	return []byte(d.String()), nil
diff --git a/vendor/github.com/rs/xid/README.md b/vendor/github.com/rs/xid/README.md
index 1f886fd7c0..79818877bc 100644
--- a/vendor/github.com/rs/xid/README.md
+++ b/vendor/github.com/rs/xid/README.md
@@ -2,9 +2,9 @@
 
 [![godoc](http://img.shields.io/badge/godoc-reference-blue.svg?style=flat)](https://godoc.org/github.com/rs/xid) [![license](http://img.shields.io/badge/license-MIT-red.svg?style=flat)](https://raw.githubusercontent.com/rs/xid/master/LICENSE) [![Build Status](https://travis-ci.org/rs/xid.svg?branch=master)](https://travis-ci.org/rs/xid) [![Coverage](http://gocover.io/_badge/github.com/rs/xid)](http://gocover.io/github.com/rs/xid)
 
-Package xid is a globally unique id generator library, ready to be used safely directly in your server code.
+Package xid is a globally unique id generator library, ready to safely be used directly in your server code.
 
-Xid is using Mongo Object ID algorithm to generate globally unique ids with a different serialization (base64) to make it shorter when transported as a string:
+Xid uses the Mongo Object ID algorithm to generate globally unique ids with a different serialization (base64) to make it shorter when transported as a string:
 https://docs.mongodb.org/manual/reference/object-id/
 
 - 4-byte value representing the seconds since the Unix epoch,
@@ -33,7 +33,7 @@ is required so it can be used directly in server's code.
 |-------------|-------------|----------------|----------------
 | [UUID]      | 16 bytes    | 36 chars       | configuration free, not sortable
 | [shortuuid] | 16 bytes    | 22 chars       | configuration free, not sortable
-| [Snowflake] | 8 bytes     | up to 20 chars | needs machin/DC configuration, needs central server, sortable
+| [Snowflake] | 8 bytes     | up to 20 chars | needs machine/DC configuration, needs central server, sortable
 | [MongoID]   | 12 bytes    | 24 chars       | configuration free, sortable
 | xid         | 12 bytes    | 20 chars       | configuration free, sortable
 
@@ -57,7 +57,7 @@ Best used with [zerolog](https://github.com/rs/zerolog)'s
 
 Notes:
 
-- Xid is dependent on the system time, a monotonic counter and so is not cryptographically secure. If unpredictability of IDs is important, you should not use Xids. It is worth noting that most of the other UUID like implementations are also not cryptographically secure. You shoud use libraries that rely on cryptographically secure sources (like /dev/urandom on unix, crypto/rand in golang), if you want a truly random ID generator.
+- Xid is dependent on the system time, a monotonic counter and so is not cryptographically secure. If unpredictability of IDs is important, you should not use Xids. It is worth noting that most other UUID-like implementations are also not cryptographically secure. You should use libraries that rely on cryptographically secure sources (like /dev/urandom on unix, crypto/rand in golang), if you want a truly random ID generator.
 
 References:
 
@@ -66,6 +66,9 @@ References:
 - https://blog.twitter.com/2010/announcing-snowflake
 - Python port by [Graham Abbott](https://github.com/graham): https://github.com/graham/python_xid
 - Scala port by [Egor Kolotaev](https://github.com/kolotaev): https://github.com/kolotaev/ride
+- Rust port by [Jérôme Renard](https://github.com/jeromer/): https://github.com/jeromer/libxid
+- Ruby port by [Valar](https://github.com/valarpirai/): https://github.com/valarpirai/ruby_xid
+- Java port by [0xShamil](https://github.com/0xShamil/): https://github.com/0xShamil/java-xid
 
 ## Install
 
@@ -105,7 +108,7 @@ BenchmarkUUIDv4-2   	 1000000	      1427 ns/op	      64 B/op	       2 allocs/op
 BenchmarkUUIDv4-4   	 1000000	      1452 ns/op	      64 B/op	       2 allocs/op
 ```
 
-Note: UUIDv1 requires a global lock, hence the performence degrading as we add more CPUs.
+Note: UUIDv1 requires a global lock, hence the performance degradation as we add more CPUs.
 
 ## Licenses
 
diff --git a/vendor/github.com/rs/xid/go.mod b/vendor/github.com/rs/xid/go.mod
index 95b8338613..3d61b50693 100644
--- a/vendor/github.com/rs/xid/go.mod
+++ b/vendor/github.com/rs/xid/go.mod
@@ -1 +1,3 @@
 module github.com/rs/xid
+
+go 1.12
diff --git a/vendor/github.com/rs/xid/hostid_linux.go b/vendor/github.com/rs/xid/hostid_linux.go
index 7d0c4a9ec4..837b20436c 100644
--- a/vendor/github.com/rs/xid/hostid_linux.go
+++ b/vendor/github.com/rs/xid/hostid_linux.go
@@ -5,6 +5,9 @@ package xid
 import "io/ioutil"
 
 func readPlatformMachineID() (string, error) {
-	b, err := ioutil.ReadFile("/sys/class/dmi/id/product_uuid")
+	b, err := ioutil.ReadFile("/etc/machine-id")
+	if err != nil || len(b) == 0 {
+		b, err = ioutil.ReadFile("/sys/class/dmi/id/product_uuid")
+	}
 	return string(b), err
 }
diff --git a/vendor/github.com/rs/xid/id.go b/vendor/github.com/rs/xid/id.go
index 466faf2628..f1db1a18e9 100644
--- a/vendor/github.com/rs/xid/id.go
+++ b/vendor/github.com/rs/xid/id.go
@@ -55,6 +55,7 @@ import (
 	"sort"
 	"sync/atomic"
 	"time"
+	"unsafe"
 )
 
 // Code inspired from mgo/bson ObjectId
@@ -177,7 +178,13 @@ func FromString(id string) (ID, error) {
 func (id ID) String() string {
 	text := make([]byte, encodedLen)
 	encode(text, id[:])
-	return string(text)
+	return *(*string)(unsafe.Pointer(&text))
+}
+
+// Encode encodes the id using base32 encoding, writing 20 bytes to dst and return it.
+func (id ID) Encode(dst []byte) []byte {
+	encode(dst, id[:])
+	return dst
 }
 
 // MarshalText implements encoding/text TextMarshaler interface
@@ -192,32 +199,37 @@ func (id ID) MarshalJSON() ([]byte, error) {
 	if id.IsNil() {
 		return []byte("null"), nil
 	}
-	text, err := id.MarshalText()
-	return []byte(`"` + string(text) + `"`), err
+	text := make([]byte, encodedLen+2)
+	encode(text[1:encodedLen+1], id[:])
+	text[0], text[encodedLen+1] = '"', '"'
+	return text, nil
 }
 
 // encode by unrolling the stdlib base32 algorithm + removing all safe checks
 func encode(dst, id []byte) {
-	dst[0] = encoding[id[0]>>3]
-	dst[1] = encoding[(id[1]>>6)&0x1F|(id[0]<<2)&0x1F]
-	dst[2] = encoding[(id[1]>>1)&0x1F]
-	dst[3] = encoding[(id[2]>>4)&0x1F|(id[1]<<4)&0x1F]
-	dst[4] = encoding[id[3]>>7|(id[2]<<1)&0x1F]
-	dst[5] = encoding[(id[3]>>2)&0x1F]
-	dst[6] = encoding[id[4]>>5|(id[3]<<3)&0x1F]
-	dst[7] = encoding[id[4]&0x1F]
-	dst[8] = encoding[id[5]>>3]
-	dst[9] = encoding[(id[6]>>6)&0x1F|(id[5]<<2)&0x1F]
-	dst[10] = encoding[(id[6]>>1)&0x1F]
-	dst[11] = encoding[(id[7]>>4)&0x1F|(id[6]<<4)&0x1F]
-	dst[12] = encoding[id[8]>>7|(id[7]<<1)&0x1F]
-	dst[13] = encoding[(id[8]>>2)&0x1F]
-	dst[14] = encoding[(id[9]>>5)|(id[8]<<3)&0x1F]
-	dst[15] = encoding[id[9]&0x1F]
-	dst[16] = encoding[id[10]>>3]
-	dst[17] = encoding[(id[11]>>6)&0x1F|(id[10]<<2)&0x1F]
-	dst[18] = encoding[(id[11]>>1)&0x1F]
+	_ = dst[19]
+	_ = id[11]
+
 	dst[19] = encoding[(id[11]<<4)&0x1F]
+	dst[18] = encoding[(id[11]>>1)&0x1F]
+	dst[17] = encoding[(id[11]>>6)&0x1F|(id[10]<<2)&0x1F]
+	dst[16] = encoding[id[10]>>3]
+	dst[15] = encoding[id[9]&0x1F]
+	dst[14] = encoding[(id[9]>>5)|(id[8]<<3)&0x1F]
+	dst[13] = encoding[(id[8]>>2)&0x1F]
+	dst[12] = encoding[id[8]>>7|(id[7]<<1)&0x1F]
+	dst[11] = encoding[(id[7]>>4)&0x1F|(id[6]<<4)&0x1F]
+	dst[10] = encoding[(id[6]>>1)&0x1F]
+	dst[9] = encoding[(id[6]>>6)&0x1F|(id[5]<<2)&0x1F]
+	dst[8] = encoding[id[5]>>3]
+	dst[7] = encoding[id[4]&0x1F]
+	dst[6] = encoding[id[4]>>5|(id[3]<<3)&0x1F]
+	dst[5] = encoding[(id[3]>>2)&0x1F]
+	dst[4] = encoding[id[3]>>7|(id[2]<<1)&0x1F]
+	dst[3] = encoding[(id[2]>>4)&0x1F|(id[1]<<4)&0x1F]
+	dst[2] = encoding[(id[1]>>1)&0x1F]
+	dst[1] = encoding[(id[1]>>6)&0x1F|(id[0]<<2)&0x1F]
+	dst[0] = encoding[id[0]>>3]
 }
 
 // UnmarshalText implements encoding/text TextUnmarshaler interface
@@ -246,18 +258,21 @@ func (id *ID) UnmarshalJSON(b []byte) error {
 
 // decode by unrolling the stdlib base32 algorithm + removing all safe checks
 func decode(id *ID, src []byte) {
-	id[0] = dec[src[0]]<<3 | dec[src[1]]>>2
-	id[1] = dec[src[1]]<<6 | dec[src[2]]<<1 | dec[src[3]]>>4
-	id[2] = dec[src[3]]<<4 | dec[src[4]]>>1
-	id[3] = dec[src[4]]<<7 | dec[src[5]]<<2 | dec[src[6]]>>3
-	id[4] = dec[src[6]]<<5 | dec[src[7]]
-	id[5] = dec[src[8]]<<3 | dec[src[9]]>>2
-	id[6] = dec[src[9]]<<6 | dec[src[10]]<<1 | dec[src[11]]>>4
-	id[7] = dec[src[11]]<<4 | dec[src[12]]>>1
-	id[8] = dec[src[12]]<<7 | dec[src[13]]<<2 | dec[src[14]]>>3
-	id[9] = dec[src[14]]<<5 | dec[src[15]]
-	id[10] = dec[src[16]]<<3 | dec[src[17]]>>2
+	_ = src[19]
+	_ = id[11]
+
 	id[11] = dec[src[17]]<<6 | dec[src[18]]<<1 | dec[src[19]]>>4
+	id[10] = dec[src[16]]<<3 | dec[src[17]]>>2
+	id[9] = dec[src[14]]<<5 | dec[src[15]]
+	id[8] = dec[src[12]]<<7 | dec[src[13]]<<2 | dec[src[14]]>>3
+	id[7] = dec[src[11]]<<4 | dec[src[12]]>>1
+	id[6] = dec[src[9]]<<6 | dec[src[10]]<<1 | dec[src[11]]>>4
+	id[5] = dec[src[8]]<<3 | dec[src[9]]>>2
+	id[4] = dec[src[6]]<<5 | dec[src[7]]
+	id[3] = dec[src[4]]<<7 | dec[src[5]]<<2 | dec[src[6]]>>3
+	id[2] = dec[src[3]]<<4 | dec[src[4]]>>1
+	id[1] = dec[src[1]]<<6 | dec[src[2]]<<1 | dec[src[3]]>>4
+	id[0] = dec[src[0]]<<3 | dec[src[1]]>>2
 }
 
 // Time returns the timestamp part of the id.
diff --git a/vendor/github.com/unrolled/render/.gitignore b/vendor/github.com/unrolled/render/.gitignore
deleted file mode 100644
index 05f4eaf615..0000000000
--- a/vendor/github.com/unrolled/render/.gitignore
+++ /dev/null
@@ -1,27 +0,0 @@
-# Compiled Object files, Static and Dynamic libs (Shared Objects)
-*.o
-*.a
-*.so
-
-# Folders
-_obj
-_test
-
-# Architecture specific extensions/prefixes
-*.[568vq]
-[568vq].out
-
-*.cgo1.go
-*.cgo2.c
-_cgo_defun.c
-_cgo_gotypes.go
-_cgo_export.*
-
-_testmain.go
-
-*.exe
-*.test
-
-
-*.pem
-.DS_Store
diff --git a/vendor/github.com/unrolled/render/.golangci.yaml b/vendor/github.com/unrolled/render/.golangci.yaml
new file mode 100644
index 0000000000..a8d0feef46
--- /dev/null
+++ b/vendor/github.com/unrolled/render/.golangci.yaml
@@ -0,0 +1,56 @@
+issues:
+  exclude:
+    - G203
+
+linters:
+  disable-all: true
+  enable:
+    - bodyclose
+    - deadcode
+    - depguard
+    - dogsled
+    - dupl
+    - errcheck
+    - exhaustive
+    - goconst
+    - gocritic
+    - gocyclo
+    - goimports
+    - goprintffuncname
+    - gosec
+    - gosimple
+    - govet
+    - ineffassign
+    - nakedret
+    - nolintlint
+    - rowserrcheck
+    - staticcheck
+    - structcheck
+    - stylecheck
+    - typecheck
+    - unconvert
+    - unparam
+    - unused
+    - varcheck
+    - whitespace
+    - noctx
+    - misspell
+    # - golint
+    # - gochecknoinits
+    # - funlen
+    # - gofmt
+    # - scopelint
+    # - interfacer
+    # - gomnd
+    # - lll
+    # - asciicheck
+    # - gochecknoglobals
+    # - gocognit
+    # - godot
+    # - godox
+    # - goerr113
+    # - maligned
+    # - nestif
+    # - prealloc
+    # - testpackage
+    # - wsl
diff --git a/vendor/github.com/unrolled/render/Makefile b/vendor/github.com/unrolled/render/Makefile
new file mode 100644
index 0000000000..25b5d1e11f
--- /dev/null
+++ b/vendor/github.com/unrolled/render/Makefile
@@ -0,0 +1,14 @@
+.PHONY: help test
+.DEFAULT_GOAL := help
+
+help: ## Displays this help message.
+	@awk 'BEGIN {FS = ":.*?## "} /^[a-zA-Z_-]+:.*?## / {printf "\033[36m%-30s\033[0m %s\n", $$1, $$2}' $(MAKEFILE_LIST)
+
+test: ## Runs the linter, tests, and vetting.
+	golangci-lint run ./...
+	go test -cover -race -count=1 ./...
+	go vet ./...
+
+ci: ## Runs on the tests and vetting for CI.
+	go test -cover -race -count=1 ./...
+	go vet ./...
diff --git a/vendor/github.com/unrolled/render/README.md b/vendor/github.com/unrolled/render/README.md
index abc210ea4b..a3de9bc56a 100644
--- a/vendor/github.com/unrolled/render/README.md
+++ b/vendor/github.com/unrolled/render/README.md
@@ -1,10 +1,7 @@
 # Render [![GoDoc](http://godoc.org/github.com/unrolled/render?status.svg)](http://godoc.org/github.com/unrolled/render) [![Test](https://github.com/unrolled/render/workflows/Test/badge.svg?branch=v1)](https://github.com/unrolled/render/actions)
 
 
-Render is a package that provides functionality for easily rendering JSON, XML, text, binary data, and HTML templates. This package is based on the [Martini](https://github.com/go-martini/martini) [render](https://github.com/martini-contrib/render) work.
-
-## Block Deprecation Notice
-Go 1.6 introduces a new [block](https://github.com/golang/go/blob/release-branch.go1.6/src/html/template/example_test.go#L128) action. This conflicts with Render's included `block` template function. To provide an easy migration path, a new function was created called `partial`. It is a duplicate of the old `block` function. It is advised that all users of the `block` function update their code to avoid any issues in the future. Previous to Go 1.6, Render's `block` functionality will continue to work but a message will be logged urging you to migrate to the new `partial` function.
+Render is a package that provides functionality for easily rendering JSON, XML, text, binary data, and HTML templates.
 
 ## Usage
 Render can be used with pretty much any web framework providing you can access the `http.ResponseWriter` from your handler. The rendering functions simply wraps Go's existing functionality for marshaling and rendering data.
@@ -23,7 +20,7 @@ import (
     "encoding/xml"
     "net/http"
 
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 type ExampleXml struct {
@@ -101,6 +98,7 @@ r := render.New(render.Options{
     PrefixXML: []byte("<?xml version='1.0' encoding='UTF-8'?>"), // Prefixes XML responses with the given bytes.
     HTMLContentType: "application/xhtml+xml", // Output XHTML content type instead of default "text/html".
     IsDevelopment: true, // Render will now recompile the templates on every HTML response.
+    UseMutexLock: true, // Overrides the default no lock implementation and uses the standard `sync.RWMutex` lock.
     UnEscapeHTML: true, // Replace ensure '&<>' are output correctly (JSON only).
     StreamingJSON: true, // Streams the JSON response via json.Encoder.
     RequirePartials: true, // Return an error if a template is missing a partial used in a layout.
@@ -139,10 +137,13 @@ r := render.New(render.Options{
     TextContentType: "text/plain",
     XMLContentType: "application/xhtml+xml",
     IsDevelopment: false,
+    UseMutexLock: false,
     UnEscapeHTML: false,
     StreamingJSON: false,
     RequirePartials: false,
     DisableHTTPErrorRendering: false,
+    RenderPartialsWithoutPrefix: false,
+    BufferPool: GenericBufferPool,
 })
 ~~~
 
@@ -171,7 +172,27 @@ admin/edit
 home
 ~~~
 
-You can also load templates from memory by providing the Asset and AssetNames options,
+Templates can be loaded from an `embed.FS`.
+
+~~~ go
+// ...
+
+//go:embed templates/*.html templates/*.tmpl
+var embeddedTemplates embed.FS
+
+// ...
+
+r := render.New(render.Options{
+    Directory: "templates",
+    FileSystem: &render.EmbedFileSystem{
+        FS: embeddedTemplates,
+    },
+    Extensions: []string{".html", ".tmpl"},
+})
+// ...
+~~~
+
+You can also load templates from memory by providing the `Asset` and `AssetNames` options,
 e.g. when generating an asset file using [go-bindata](https://github.com/jteeuwen/go-bindata).
 
 ### Layouts
@@ -243,7 +264,7 @@ import (
     "encoding/xml"
     "net/http"
 
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 type ExampleXml struct {
@@ -297,7 +318,7 @@ import (
     "encoding/xml"
     "net/http"
 
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 type ExampleXml struct {
@@ -376,7 +397,7 @@ import (
     "net/http"
 
     "github.com/labstack/echo"
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 type RenderWrapper struct { // We need to wrap the renderer because we need a different signature for echo.
@@ -398,7 +419,7 @@ func main() {
         return c.Render(http.StatusOK, "TemplateName", "TemplateData")
     })
 
-    e.Logger.Fatal(e.Start(":1323"))
+    e.Logger.Fatal(e.Start("127.0.0.1:8080"))
 }
 ~~~
 
@@ -411,7 +432,7 @@ import (
     "net/http"
 
     "github.com/gin-gonic/gin"
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 func main() {
@@ -425,7 +446,7 @@ func main() {
         r.JSON(c.Writer, http.StatusOK, map[string]string{"welcome": "This is rendered JSON!"})
     })
 
-    router.Run(":3000")
+    router.Run("127.0.0.1:8080")
 }
 ~~~
 
@@ -439,7 +460,7 @@ import (
 
     "github.com/zenazn/goji"
     "github.com/zenazn/goji/web"
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 func main() {
@@ -463,7 +484,7 @@ import (
     "net/http"
 
     "github.com/urfave/negroni"
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 func main() {
@@ -478,7 +499,7 @@ func main() {
 
     n := negroni.Classic()
     n.UseHandler(mux)
-    n.Run(":3000")
+    n.Run("127.0.0.1:8080")
 }
 ~~~
 
@@ -491,7 +512,7 @@ import (
     "net/http"
 
     "github.com/pilu/traffic"
-    "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+    "github.com/unrolled/render"
 )
 
 func main() {
@@ -504,6 +525,6 @@ func main() {
         r.JSON(w, http.StatusOK, map[string]string{"welcome": "This is rendered JSON!"})
     })
 
-    router.Run()
+    router.Run()  // Defaults to "127.0.0.1:3000".
 }
 ~~~
diff --git a/vendor/github.com/unrolled/render/buffer.go b/vendor/github.com/unrolled/render/buffer.go
deleted file mode 100644
index 804d775b7d..0000000000
--- a/vendor/github.com/unrolled/render/buffer.go
+++ /dev/null
@@ -1,38 +0,0 @@
-package render
-
-import "bytes"
-
-// BufferPool implements a pool of bytes.Buffers in the form of a bounded channel.
-// Pulled from the github.com/oxtoacart/bpool package (Apache licensed).
-type BufferPool struct {
-	c chan *bytes.Buffer
-}
-
-// NewBufferPool creates a new BufferPool bounded to the given size.
-func NewBufferPool(size int) (bp *BufferPool) {
-	return &BufferPool{
-		c: make(chan *bytes.Buffer, size),
-	}
-}
-
-// Get gets a Buffer from the BufferPool, or creates a new one if none are
-// available in the pool.
-func (bp *BufferPool) Get() (b *bytes.Buffer) {
-	select {
-	case b = <-bp.c:
-	// reuse existing buffer
-	default:
-		// create new buffer
-		b = bytes.NewBuffer([]byte{})
-	}
-	return
-}
-
-// Put returns the given Buffer to the BufferPool.
-func (bp *BufferPool) Put(b *bytes.Buffer) {
-	b.Reset()
-	select {
-	case bp.c <- b:
-	default: // Discard the buffer if the pool is full.
-	}
-}
diff --git a/vendor/github.com/unrolled/render/doc.go b/vendor/github.com/unrolled/render/doc.go
index d3487ffba2..e84975c0cb 100644
--- a/vendor/github.com/unrolled/render/doc.go
+++ b/vendor/github.com/unrolled/render/doc.go
@@ -6,7 +6,7 @@
       "encoding/xml"
       "net/http"
 
-      "github.com/unrolled/render"  // or "gopkg.in/unrolled/render.v1"
+      "github.com/unrolled/render"
   )
 
   type ExampleXml struct {
@@ -49,7 +49,7 @@
           r.HTML(w, http.StatusOK, "example", nil)
       })
 
-      http.ListenAndServe("0.0.0.0:3000", mux)
+      http.ListenAndServe("127.0.0.1:3000", mux)
   }
 */
 package render
diff --git a/vendor/github.com/unrolled/render/engine.go b/vendor/github.com/unrolled/render/engine.go
index 283a3772cd..ec4f5885a7 100644
--- a/vendor/github.com/unrolled/render/engine.go
+++ b/vendor/github.com/unrolled/render/engine.go
@@ -78,7 +78,7 @@ func (d Data) Render(w io.Writer, v interface{}) error {
 		d.Head.Write(hw)
 	}
 
-	w.Write(v.([]byte))
+	_, _ = w.Write(v.([]byte))
 	return nil
 }
 
@@ -99,7 +99,7 @@ func (h HTML) Render(w io.Writer, binding interface{}) error {
 	if hw, ok := w.(http.ResponseWriter); ok {
 		h.Head.Write(hw)
 	}
-	buf.WriteTo(w)
+	_, _ = buf.WriteTo(w)
 
 	return nil
 }
@@ -125,9 +125,9 @@ func (j JSON) Render(w io.Writer, v interface{}) error {
 
 	// Unescape HTML if needed.
 	if j.UnEscapeHTML {
-		result = bytes.Replace(result, []byte("\\u003c"), []byte("<"), -1)
-		result = bytes.Replace(result, []byte("\\u003e"), []byte(">"), -1)
-		result = bytes.Replace(result, []byte("\\u0026"), []byte("&"), -1)
+		result = bytes.ReplaceAll(result, []byte("\\u003c"), []byte("<"))
+		result = bytes.ReplaceAll(result, []byte("\\u003e"), []byte(">"))
+		result = bytes.ReplaceAll(result, []byte("\\u0026"), []byte("&"))
 	}
 
 	// JSON marshaled fine, write out the result.
@@ -135,9 +135,9 @@ func (j JSON) Render(w io.Writer, v interface{}) error {
 		j.Head.Write(hw)
 	}
 	if len(j.Prefix) > 0 {
-		w.Write(j.Prefix)
+		_, _ = w.Write(j.Prefix)
 	}
-	w.Write(result)
+	_, _ = w.Write(result)
 	return nil
 }
 
@@ -146,7 +146,7 @@ func (j JSON) renderStreamingJSON(w io.Writer, v interface{}) error {
 		j.Head.Write(hw)
 	}
 	if len(j.Prefix) > 0 {
-		w.Write(j.Prefix)
+		_, _ = w.Write(j.Prefix)
 	}
 
 	return json.NewEncoder(w).Encode(v)
@@ -170,13 +170,13 @@ func (j JSONP) Render(w io.Writer, v interface{}) error {
 	if hw, ok := w.(http.ResponseWriter); ok {
 		j.Head.Write(hw)
 	}
-	w.Write([]byte(j.Callback + "("))
-	w.Write(result)
-	w.Write([]byte(");"))
+	_, _ = w.Write([]byte(j.Callback + "("))
+	_, _ = w.Write(result)
+	_, _ = w.Write([]byte(");"))
 
 	// If indenting, append a new line.
 	if j.Indent {
-		w.Write([]byte("\n"))
+		_, _ = w.Write([]byte("\n"))
 	}
 	return nil
 }
@@ -191,7 +191,7 @@ func (t Text) Render(w io.Writer, v interface{}) error {
 		t.Head.Write(hw)
 	}
 
-	w.Write([]byte(v.(string)))
+	_, _ = w.Write([]byte(v.(string)))
 	return nil
 }
 
@@ -215,8 +215,8 @@ func (x XML) Render(w io.Writer, v interface{}) error {
 		x.Head.Write(hw)
 	}
 	if len(x.Prefix) > 0 {
-		w.Write(x.Prefix)
+		_, _ = w.Write(x.Prefix)
 	}
-	w.Write(result)
+	_, _ = w.Write(result)
 	return nil
 }
diff --git a/vendor/github.com/unrolled/render/fs_embed.go b/vendor/github.com/unrolled/render/fs_embed.go
new file mode 100644
index 0000000000..5dd2d2ba02
--- /dev/null
+++ b/vendor/github.com/unrolled/render/fs_embed.go
@@ -0,0 +1,31 @@
+// +build go1.16
+
+package render
+
+import (
+	"embed"
+	"io/fs"
+	"path/filepath"
+)
+
+// EmbedFileSystem implements FileSystem on top of an embed.FS
+type EmbedFileSystem struct {
+	embed.FS
+}
+
+var _ FileSystem = &EmbedFileSystem{}
+
+func (e *EmbedFileSystem) Walk(root string, walkFn filepath.WalkFunc) error {
+	return fs.WalkDir(e.FS, root, func(path string, d fs.DirEntry, _ error) error {
+		if d == nil {
+			return nil
+		}
+
+		info, err := d.Info()
+		if err != nil {
+			return err
+		}
+
+		return walkFn(path, info, err)
+	})
+}
diff --git a/vendor/github.com/unrolled/render/go.mod b/vendor/github.com/unrolled/render/go.mod
index 22d793cbcf..628e54e5f0 100644
--- a/vendor/github.com/unrolled/render/go.mod
+++ b/vendor/github.com/unrolled/render/go.mod
@@ -1,5 +1,8 @@
 module github.com/unrolled/render
 
-go 1.12
+go 1.16
 
-require github.com/eknkc/amber v0.0.0-20171010120322-cdade1c07385
+require (
+	github.com/fsnotify/fsnotify v1.4.9
+	golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea // indirect
+)
diff --git a/vendor/github.com/unrolled/render/go.sum b/vendor/github.com/unrolled/render/go.sum
index 2199959075..4ed2330005 100644
--- a/vendor/github.com/unrolled/render/go.sum
+++ b/vendor/github.com/unrolled/render/go.sum
@@ -1,2 +1,5 @@
-github.com/eknkc/amber v0.0.0-20171010120322-cdade1c07385 h1:clC1lXBpe2kTj2VHdaIu9ajZQe4kcEY9j0NsnDDBZ3o=
-github.com/eknkc/amber v0.0.0-20171010120322-cdade1c07385/go.mod h1:0vRUJqYpeSZifjYj7uP3BG/gKcuzL9xWVV/Y+cK33KM=
+github.com/fsnotify/fsnotify v1.4.9 h1:hsms1Qyu0jgnwNXIxa+/V/PDsU6CfLf6CNO8H7IWoS4=
+github.com/fsnotify/fsnotify v1.4.9/go.mod h1:znqG4EE+3YCdAaPaxE2ZRY/06pZUdp0tY4IgpuI1SZQ=
+golang.org/x/sys v0.0.0-20191005200804-aed5e4c7ecf9/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea h1:+WiDlPBBaO+h9vPNZi8uJ3k4BkKQB7Iow3aqwHVA5hI=
+golang.org/x/sys v0.0.0-20210525143221-35b2ab0089ea/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg=
diff --git a/vendor/github.com/unrolled/render/helpers.go b/vendor/github.com/unrolled/render/helpers.go
index 699508a491..50b234a5a1 100644
--- a/vendor/github.com/unrolled/render/helpers.go
+++ b/vendor/github.com/unrolled/render/helpers.go
@@ -1,5 +1,3 @@
-// +build go1.6
-
 package render
 
 import (
diff --git a/vendor/github.com/unrolled/render/helpers_pre16.go b/vendor/github.com/unrolled/render/helpers_pre16.go
deleted file mode 100644
index 999d9af497..0000000000
--- a/vendor/github.com/unrolled/render/helpers_pre16.go
+++ /dev/null
@@ -1,26 +0,0 @@
-// +build !go1.6
-
-package render
-
-import (
-	"fmt"
-	"html/template"
-)
-
-// Included helper functions for use when rendering HTML.
-var helperFuncs = template.FuncMap{
-	"yield": func() (string, error) {
-		return "", fmt.Errorf("yield called with no layout defined")
-	},
-	// `block` is deprecated! Use the `partial` below if you need this functionality still.
-	// Otherwise, checkout Go's `block` implementation introduced in 1.6
-	"block": func() (string, error) {
-		return "", fmt.Errorf("block called with no layout defined")
-	},
-	"partial": func() (string, error) {
-		return "", fmt.Errorf("block called with no layout defined")
-	},
-	"current": func() (string, error) {
-		return "", nil
-	},
-}
diff --git a/vendor/github.com/unrolled/render/lock.go b/vendor/github.com/unrolled/render/lock.go
new file mode 100644
index 0000000000..44f7beb276
--- /dev/null
+++ b/vendor/github.com/unrolled/render/lock.go
@@ -0,0 +1,25 @@
+package render
+
+import "sync"
+
+// rwLock represents an interface for sync.RWMutex.
+type rwLock interface {
+	Lock()
+	Unlock()
+	RLock()
+	RUnlock()
+}
+
+var (
+	// Ensure our interface is correct.
+	_ rwLock = &sync.RWMutex{}
+	_ rwLock = emptyLock{}
+)
+
+// emptyLock is a noop RWLock implementation.
+type emptyLock struct{}
+
+func (emptyLock) Lock()    {}
+func (emptyLock) Unlock()  {}
+func (emptyLock) RLock()   {}
+func (emptyLock) RUnlock() {}
diff --git a/vendor/github.com/unrolled/render/render.go b/vendor/github.com/unrolled/render/render.go
index ad2e77ee19..ff9593c34e 100644
--- a/vendor/github.com/unrolled/render/render.go
+++ b/vendor/github.com/unrolled/render/render.go
@@ -11,6 +11,8 @@ import (
 	"path/filepath"
 	"strings"
 	"sync"
+
+	"github.com/fsnotify/fsnotify"
 )
 
 const (
@@ -90,6 +92,9 @@ type Options struct {
 	XMLContentType string
 	// If IsDevelopment is set to true, this will recompile the templates on every request. Default is false.
 	IsDevelopment bool
+	// If UseMutexLock is set to true, the standard `sync.RWMutex` lock will be used instead of the lock free implementation. Default is false.
+	// Note that when `IsDevelopment` is true, the standard `sync.RWMutex` lock is always used. Lock free is only a production feature.
+	UseMutexLock bool
 	// Unescape HTML characters "&<>" to their original values. Default is false.
 	UnEscapeHTML bool
 	// Streams JSON responses instead of marshalling prior to sending. Default is false.
@@ -103,7 +108,6 @@ type Options struct {
 	// Enables using partials without the current filename suffix which allows use of the same template in multiple files. e.g {{ partial "carosuel" }} inside the home template will match carosel-home or carosel.
 	// ***NOTE*** - This option should be named RenderPartialsWithoutSuffix as that is what it does. "Prefix" is a typo. Maintaining the existing name for backwards compatibility.
 	RenderPartialsWithoutPrefix bool
-
 	// BufferPool to use when rendering HTML templates. If none is supplied
 	// defaults to SizedBufferPool of size 32 with 512KiB buffers.
 	BufferPool GenericBufferPool
@@ -120,11 +124,13 @@ type HTMLOptions struct {
 // Render is a service that provides functions for easily writing JSON, XML,
 // binary data, and HTML templates out to a HTTP Response.
 type Render struct {
+	lock rwLock
+
 	// Customize Secure with an Options struct.
 	opt             Options
 	templates       *template.Template
-	templatesLk     sync.RWMutex
 	compiledCharset string
+	hasWatcher      bool
 }
 
 // New constructs a new Render instance with the supplied options.
@@ -134,12 +140,10 @@ func New(options ...Options) *Render {
 		o = options[0]
 	}
 
-	r := Render{
-		opt: o,
-	}
+	r := Render{opt: o}
 
 	r.prepareOptions()
-	r.compileTemplates()
+	r.CompileTemplates()
 
 	return &r
 }
@@ -149,10 +153,9 @@ func (r *Render) prepareOptions() {
 	if len(r.opt.Charset) == 0 {
 		r.opt.Charset = defaultCharset
 	}
-	if r.opt.DisableCharset == false {
+	if !r.opt.DisableCharset {
 		r.compiledCharset = "; charset=" + r.opt.Charset
 	}
-
 	if len(r.opt.Directory) == 0 {
 		r.opt.Directory = "templates"
 	}
@@ -181,16 +184,21 @@ func (r *Render) prepareOptions() {
 		r.opt.XMLContentType = ContentXML
 	}
 	if r.opt.BufferPool == nil {
-		// 32 buffers of size 512KiB each
-		r.opt.BufferPool = NewSizedBufferPool(32, 1<<19)
+		r.opt.BufferPool = NewSizedBufferPool(32, 1<<19) // 32 buffers of size 512KiB each
+	}
+	if r.opt.IsDevelopment || r.opt.UseMutexLock {
+		r.lock = &sync.RWMutex{}
+	} else {
+		r.lock = &emptyLock{}
 	}
 }
 
-func (r *Render) compileTemplates() {
+func (r *Render) CompileTemplates() {
 	if r.opt.Asset == nil || r.opt.AssetNames == nil {
 		r.compileTemplatesFromDir()
 		return
 	}
+
 	r.compileTemplatesFromAsset()
 }
 
@@ -199,12 +207,24 @@ func (r *Render) compileTemplatesFromDir() {
 	tmpTemplates := template.New(dir)
 	tmpTemplates.Delims(r.opt.Delims.Left, r.opt.Delims.Right)
 
+	var watcher *fsnotify.Watcher
+	if r.opt.IsDevelopment {
+		var err error
+		watcher, err = fsnotify.NewWatcher()
+		if err != nil {
+			log.Printf("Unable to create new watcher for template files. Templates will be recompiled on every render. Error: %v\n", err)
+		}
+	}
+
 	// Walk the supplied directory and compile any files that match our extension list.
-	r.opt.FileSystem.Walk(dir, func(path string, info os.FileInfo, err error) error {
+	_ = r.opt.FileSystem.Walk(dir, func(path string, info os.FileInfo, _ error) error {
 		// Fix same-extension-dirs bug: some dir might be named to: "users.tmpl", "local.html".
 		// These dirs should be excluded as they are not valid golang templates, but files under
 		// them should be treat as normal.
 		// If is a dir, return immediately (dir is not a valid golang template).
+		if info != nil && watcher != nil {
+			_ = watcher.Add(path)
+		}
 		if info == nil || info.IsDir() {
 			return nil
 		}
@@ -215,7 +235,7 @@ func (r *Render) compileTemplatesFromDir() {
 		}
 
 		ext := ""
-		if strings.Index(rel, ".") != -1 {
+		if strings.Contains(rel, ".") {
 			ext = filepath.Ext(rel)
 		}
 
@@ -242,9 +262,25 @@ func (r *Render) compileTemplatesFromDir() {
 		return nil
 	})
 
-	r.templatesLk.Lock()
+	r.lock.Lock()
+	defer r.lock.Unlock()
 	r.templates = tmpTemplates
-	r.templatesLk.Unlock()
+	if r.hasWatcher = watcher != nil; r.hasWatcher {
+		go func() {
+			select {
+			case _, ok := <-watcher.Events:
+				if !ok {
+					return
+				}
+			case _, ok := <-watcher.Errors:
+				if !ok {
+					return
+				}
+			}
+			watcher.Close()
+			r.CompileTemplates()
+		}()
+	}
 }
 
 func (r *Render) compileTemplatesFromAsset() {
@@ -263,13 +299,12 @@ func (r *Render) compileTemplatesFromAsset() {
 		}
 
 		ext := ""
-		if strings.Index(rel, ".") != -1 {
+		if strings.Contains(rel, ".") {
 			ext = "." + strings.Join(strings.Split(rel, ".")[1:], ".")
 		}
 
 		for _, extension := range r.opt.Extensions {
 			if ext == extension {
-
 				buf, err := r.opt.Asset(path)
 				if err != nil {
 					panic(err)
@@ -289,28 +324,29 @@ func (r *Render) compileTemplatesFromAsset() {
 			}
 		}
 	}
-
-	r.templatesLk.Lock()
+	r.lock.Lock()
+	defer r.lock.Unlock()
 	r.templates = tmpTemplates
-	r.templatesLk.Unlock()
 }
 
 // TemplateLookup is a wrapper around template.Lookup and returns
 // the template with the given name that is associated with t, or nil
 // if there is no such template.
 func (r *Render) TemplateLookup(t string) *template.Template {
+	r.lock.RLock()
+	defer r.lock.RUnlock()
 	return r.templates.Lookup(t)
 }
 
-func (r *Render) execute(name string, binding interface{}) (*bytes.Buffer, error) {
+func (r *Render) execute(templates *template.Template, name string, binding interface{}) (*bytes.Buffer, error) {
 	buf := new(bytes.Buffer)
-	return buf, r.templates.ExecuteTemplate(buf, name, binding)
+	return buf, templates.ExecuteTemplate(buf, name, binding)
 }
 
-func (r *Render) layoutFuncs(name string, binding interface{}) template.FuncMap {
+func (r *Render) layoutFuncs(templates *template.Template, name string, binding interface{}) template.FuncMap {
 	return template.FuncMap{
 		"yield": func() (template.HTML, error) {
-			buf, err := r.execute(name, binding)
+			buf, err := r.execute(templates, name, binding)
 			// Return safe HTML here since we are rendering our own template.
 			return template.HTML(buf.String()), err
 		},
@@ -318,13 +354,13 @@ func (r *Render) layoutFuncs(name string, binding interface{}) template.FuncMap
 			return name, nil
 		},
 		"block": func(partialName string) (template.HTML, error) {
-			log.Print("Render's `block` implementation is now depericated. Use `partial` as a drop in replacement.")
+			log.Println("Render's `block` implementation is now depericated. Use `partial` as a drop in replacement.")
 			fullPartialName := fmt.Sprintf("%s-%s", partialName, name)
-			if r.TemplateLookup(fullPartialName) == nil && r.opt.RenderPartialsWithoutPrefix {
+			if templates.Lookup(fullPartialName) == nil && r.opt.RenderPartialsWithoutPrefix {
 				fullPartialName = partialName
 			}
-			if r.opt.RequireBlocks || r.TemplateLookup(fullPartialName) != nil {
-				buf, err := r.execute(fullPartialName, binding)
+			if r.opt.RequireBlocks || templates.Lookup(fullPartialName) != nil {
+				buf, err := r.execute(templates, fullPartialName, binding)
 				// Return safe HTML here since we are rendering our own template.
 				return template.HTML(buf.String()), err
 			}
@@ -332,11 +368,11 @@ func (r *Render) layoutFuncs(name string, binding interface{}) template.FuncMap
 		},
 		"partial": func(partialName string) (template.HTML, error) {
 			fullPartialName := fmt.Sprintf("%s-%s", partialName, name)
-			if r.TemplateLookup(fullPartialName) == nil && r.opt.RenderPartialsWithoutPrefix {
+			if templates.Lookup(fullPartialName) == nil && r.opt.RenderPartialsWithoutPrefix {
 				fullPartialName = partialName
 			}
-			if r.opt.RequirePartials || r.TemplateLookup(fullPartialName) != nil {
-				buf, err := r.execute(fullPartialName, binding)
+			if r.opt.RequirePartials || templates.Lookup(fullPartialName) != nil {
+				buf, err := r.execute(templates, fullPartialName, binding)
 				// Return safe HTML here since we are rendering our own template.
 				return template.HTML(buf.String()), err
 			}
@@ -397,19 +433,20 @@ func (r *Render) Data(w io.Writer, status int, v []byte) error {
 
 // HTML builds up the response from the specified template and bindings.
 func (r *Render) HTML(w io.Writer, status int, name string, binding interface{}, htmlOpt ...HTMLOptions) error {
-
 	// If we are in development mode, recompile the templates on every HTML request.
-	if r.opt.IsDevelopment {
-		r.compileTemplates()
+	r.lock.RLock() // rlock here because we're reading the hasWatcher
+	if r.opt.IsDevelopment && !r.hasWatcher {
+		r.lock.RUnlock() // runlock here because CompileTemplates will lock
+		r.CompileTemplates()
+		r.lock.RLock()
 	}
-
-	r.templatesLk.RLock()
-	defer r.templatesLk.RUnlock()
+	templates := r.templates
+	r.lock.RUnlock()
 
 	opt := r.prepareHTMLOptions(htmlOpt)
-	if tpl := r.templates.Lookup(name); tpl != nil {
+	if tpl := templates.Lookup(name); tpl != nil {
 		if len(opt.Layout) > 0 {
-			tpl.Funcs(r.layoutFuncs(name, binding))
+			tpl.Funcs(r.layoutFuncs(templates, name, binding))
 			name = opt.Layout
 		}
 
@@ -426,7 +463,7 @@ func (r *Render) HTML(w io.Writer, status int, name string, binding interface{},
 	h := HTML{
 		Head:      head,
 		Name:      name,
-		Templates: r.templates,
+		Templates: templates,
 		bp:        r.opt.BufferPool,
 	}
 
diff --git a/vendor/github.com/unrolled/render/testdata/basic/admin/index.tmpl b/vendor/github.com/unrolled/render/testdata/basic/admin/index.tmpl
new file mode 100644
index 0000000000..047ff3411e
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/admin/index.tmpl
@@ -0,0 +1 @@
+<h1>Admin {{.}}</h1>
diff --git a/vendor/github.com/unrolled/render/testdata/basic/another_layout.tmpl b/vendor/github.com/unrolled/render/testdata/basic/another_layout.tmpl
new file mode 100644
index 0000000000..3d71f5fb20
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/another_layout.tmpl
@@ -0,0 +1,3 @@
+another head
+{{ yield }}
+another foot
diff --git a/vendor/github.com/unrolled/render/testdata/basic/content.tmpl b/vendor/github.com/unrolled/render/testdata/basic/content.tmpl
new file mode 100644
index 0000000000..f8fa1b39d0
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/content.tmpl
@@ -0,0 +1 @@
+<h1>{{ . }}</h1>
diff --git a/vendor/github.com/unrolled/render/testdata/basic/current_layout.tmpl b/vendor/github.com/unrolled/render/testdata/basic/current_layout.tmpl
new file mode 100644
index 0000000000..877524e62d
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/current_layout.tmpl
@@ -0,0 +1,3 @@
+{{ current }} head
+{{ yield }}
+{{ current }} foot
diff --git a/vendor/github.com/unrolled/render/testdata/basic/delims.tmpl b/vendor/github.com/unrolled/render/testdata/basic/delims.tmpl
new file mode 100644
index 0000000000..c6fc9c05c0
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/delims.tmpl
@@ -0,0 +1 @@
+<h1>Hello {[{.}]}</h1>
\ No newline at end of file
diff --git a/vendor/github.com/unrolled/render/testdata/basic/hello.tmpl b/vendor/github.com/unrolled/render/testdata/basic/hello.tmpl
new file mode 100644
index 0000000000..e4a4cea396
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/hello.tmpl
@@ -0,0 +1 @@
+<h1>Hello {{.}}</h1>
diff --git a/vendor/github.com/unrolled/render/testdata/basic/hypertext.html b/vendor/github.com/unrolled/render/testdata/basic/hypertext.html
new file mode 100644
index 0000000000..8521165186
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/hypertext.html
@@ -0,0 +1 @@
+Hypertext!
diff --git a/vendor/github.com/unrolled/render/testdata/basic/layout.tmpl b/vendor/github.com/unrolled/render/testdata/basic/layout.tmpl
new file mode 100644
index 0000000000..b131425097
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/basic/layout.tmpl
@@ -0,0 +1,3 @@
+head
+{{ yield }}
+foot
diff --git a/vendor/github.com/unrolled/render/testdata/blocks/content-partial.tmpl b/vendor/github.com/unrolled/render/testdata/blocks/content-partial.tmpl
new file mode 100644
index 0000000000..a4f97af189
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/blocks/content-partial.tmpl
@@ -0,0 +1 @@
+{{define "after-content-partial"}}after {{ . }}{{end}}
diff --git a/vendor/github.com/unrolled/render/testdata/blocks/content.tmpl b/vendor/github.com/unrolled/render/testdata/blocks/content.tmpl
new file mode 100644
index 0000000000..3fac1bb84a
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/blocks/content.tmpl
@@ -0,0 +1,2 @@
+{{define "before-content"}}before {{ . }}{{end}}
+{{define "after-content"}}after {{ . }}{{end}}
diff --git a/vendor/github.com/unrolled/render/testdata/blocks/layout.tmpl b/vendor/github.com/unrolled/render/testdata/blocks/layout.tmpl
new file mode 100644
index 0000000000..0ebbe6a6d9
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/blocks/layout.tmpl
@@ -0,0 +1,3 @@
+{{ block "before" }}
+<h1>during</h1>
+{{ block "after" }}
diff --git a/vendor/github.com/unrolled/render/testdata/custom_funcs/index.tmpl b/vendor/github.com/unrolled/render/testdata/custom_funcs/index.tmpl
new file mode 100644
index 0000000000..7b553fc5a5
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/custom_funcs/index.tmpl
@@ -0,0 +1 @@
+{{ myCustomFunc }}
diff --git a/vendor/github.com/unrolled/render/testdata/partials/content-partial.tmpl b/vendor/github.com/unrolled/render/testdata/partials/content-partial.tmpl
new file mode 100644
index 0000000000..a4f97af189
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/partials/content-partial.tmpl
@@ -0,0 +1 @@
+{{define "after-content-partial"}}after {{ . }}{{end}}
diff --git a/vendor/github.com/unrolled/render/testdata/partials/content.tmpl b/vendor/github.com/unrolled/render/testdata/partials/content.tmpl
new file mode 100644
index 0000000000..3fac1bb84a
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/partials/content.tmpl
@@ -0,0 +1,2 @@
+{{define "before-content"}}before {{ . }}{{end}}
+{{define "after-content"}}after {{ . }}{{end}}
diff --git a/vendor/github.com/unrolled/render/testdata/partials/layout.tmpl b/vendor/github.com/unrolled/render/testdata/partials/layout.tmpl
new file mode 100644
index 0000000000..069f9710c2
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/partials/layout.tmpl
@@ -0,0 +1,3 @@
+{{ partial "before" }}
+<h1>during</h1>
+{{ partial "after" }}
diff --git a/vendor/github.com/unrolled/render/testdata/template-dir-test/0.tmpl b/vendor/github.com/unrolled/render/testdata/template-dir-test/0.tmpl
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/template-dir-test/0.tmpl
diff --git a/vendor/github.com/unrolled/render/testdata/template-dir-test/dedicated.tmpl/notbad.tmpl b/vendor/github.com/unrolled/render/testdata/template-dir-test/dedicated.tmpl/notbad.tmpl
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/template-dir-test/dedicated.tmpl/notbad.tmpl
diff --git a/vendor/github.com/unrolled/render/testdata/template-dir-test/subdir/1.tmpl b/vendor/github.com/unrolled/render/testdata/template-dir-test/subdir/1.tmpl
new file mode 100644
index 0000000000..e69de29bb2
--- /dev/null
+++ b/vendor/github.com/unrolled/render/testdata/template-dir-test/subdir/1.tmpl
diff --git a/vendor/github.com/willf/bitset/go.mod b/vendor/github.com/willf/bitset/go.mod
deleted file mode 100644
index 583ecab78f..0000000000
--- a/vendor/github.com/willf/bitset/go.mod
+++ /dev/null
@@ -1,3 +0,0 @@
-module github.com/willf/bitset
-
-go 1.14
diff --git a/vendor/github.com/xanzy/go-gitlab/client_options.go b/vendor/github.com/xanzy/go-gitlab/client_options.go
index b09ae07817..9f740460a0 100644
--- a/vendor/github.com/xanzy/go-gitlab/client_options.go
+++ b/vendor/github.com/xanzy/go-gitlab/client_options.go
@@ -40,6 +40,14 @@ func WithCustomBackoff(backoff retryablehttp.Backoff) ClientOptionFunc {
 	}
 }
 
+// WithCustomLogger can be used to configure a custom retryablehttp leveled logger
+func WithCustomLeveledLogger(leveledLogger retryablehttp.LeveledLogger) ClientOptionFunc {
+	return func(c *Client) error {
+		c.client.Logger = leveledLogger
+		return nil
+	}
+}
+
 // WithCustomLimiter injects a custom rate limiter to the client.
 func WithCustomLimiter(limiter RateLimiter) ClientOptionFunc {
 	return func(c *Client) error {
@@ -50,6 +58,14 @@ func WithCustomLimiter(limiter RateLimiter) ClientOptionFunc {
 	}
 }
 
+// WithCustomLogger can be used to configure a custom retryablehttp logger
+func WithCustomLogger(logger retryablehttp.Logger) ClientOptionFunc {
+	return func(c *Client) error {
+		c.client.Logger = logger
+		return nil
+	}
+}
+
 // WithCustomRetry can be used to configure a custom retry policy.
 func WithCustomRetry(checkRetry retryablehttp.CheckRetry) ClientOptionFunc {
 	return func(c *Client) error {
diff --git a/vendor/github.com/xanzy/go-gitlab/commits.go b/vendor/github.com/xanzy/go-gitlab/commits.go
index 504d5c5d32..acc0998705 100644
--- a/vendor/github.com/xanzy/go-gitlab/commits.go
+++ b/vendor/github.com/xanzy/go-gitlab/commits.go
@@ -185,7 +185,7 @@ type CreateCommitOptions struct {
 	StartBranch   *string                `url:"start_branch,omitempty" json:"start_branch,omitempty"`
 	StartSHA      *string                `url:"start_sha,omitempty" json:"start_sha,omitempty"`
 	StartProject  *string                `url:"start_project,omitempty" json:"start_project,omitempty"`
-	Actions       []*CommitActionOptions `url:"actions,omitempty" json:"actions,omitempty"`
+	Actions       []*CommitActionOptions `url:"actions" json:"actions"`
 	AuthorEmail   *string                `url:"author_email,omitempty" json:"author_email,omitempty"`
 	AuthorName    *string                `url:"author_name,omitempty" json:"author_name,omitempty"`
 	Stats         *bool                  `url:"stats,omitempty" json:"stats,omitempty"`
diff --git a/vendor/github.com/xanzy/go-gitlab/gitlab.go b/vendor/github.com/xanzy/go-gitlab/gitlab.go
index 265aaf200f..feed61088f 100644
--- a/vendor/github.com/xanzy/go-gitlab/gitlab.go
+++ b/vendor/github.com/xanzy/go-gitlab/gitlab.go
@@ -122,6 +122,7 @@ type Client struct {
 	GitIgnoreTemplates    *GitIgnoreTemplatesService
 	GroupBadges           *GroupBadgesService
 	GroupCluster          *GroupClustersService
+	GroupImportExport     *GroupImportExportService
 	GroupIssueBoards      *GroupIssueBoardsService
 	GroupLabels           *GroupLabelsService
 	GroupMembers          *GroupMembersService
@@ -140,6 +141,7 @@ type Client struct {
 	Labels                *LabelsService
 	License               *LicenseService
 	LicenseTemplates      *LicenseTemplatesService
+	ManagedLicenses       *ManagedLicensesService
 	MergeRequestApprovals *MergeRequestApprovalsService
 	MergeRequests         *MergeRequestsService
 	Milestones            *MilestonesService
@@ -293,6 +295,7 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	c.GitIgnoreTemplates = &GitIgnoreTemplatesService{client: c}
 	c.GroupBadges = &GroupBadgesService{client: c}
 	c.GroupCluster = &GroupClustersService{client: c}
+	c.GroupImportExport = &GroupImportExportService{client: c}
 	c.GroupIssueBoards = &GroupIssueBoardsService{client: c}
 	c.GroupLabels = &GroupLabelsService{client: c}
 	c.GroupMembers = &GroupMembersService{client: c}
@@ -311,6 +314,7 @@ func newClient(options ...ClientOptionFunc) (*Client, error) {
 	c.Labels = &LabelsService{client: c}
 	c.License = &LicenseService{client: c}
 	c.LicenseTemplates = &LicenseTemplatesService{client: c}
+	c.ManagedLicenses = &ManagedLicensesService{client: c}
 	c.MergeRequestApprovals = &MergeRequestApprovalsService{client: c}
 	c.MergeRequests = &MergeRequestsService{client: c, timeStats: timeStats}
 	c.Milestones = &MilestonesService{client: c}
diff --git a/vendor/github.com/xanzy/go-gitlab/go.mod b/vendor/github.com/xanzy/go-gitlab/go.mod
index eb13bcef72..e363c27377 100644
--- a/vendor/github.com/xanzy/go-gitlab/go.mod
+++ b/vendor/github.com/xanzy/go-gitlab/go.mod
@@ -5,9 +5,9 @@ require (
 	github.com/hashicorp/go-cleanhttp v0.5.1
 	github.com/hashicorp/go-retryablehttp v0.6.8
 	github.com/stretchr/testify v1.4.0
-	golang.org/x/net v0.0.0-20181108082009-03003ca0c849 // indirect
+	golang.org/x/net v0.0.0-20201021035429-f5854403a974 // indirect
 	golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288
-	golang.org/x/sync v0.0.0-20181108010431-42b317875d0f // indirect
+	golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 // indirect
 	golang.org/x/time v0.0.0-20191024005414-555d28b269f0
 	google.golang.org/appengine v1.3.0 // indirect
 )
diff --git a/vendor/github.com/xanzy/go-gitlab/go.sum b/vendor/github.com/xanzy/go-gitlab/go.sum
index 74ea228e91..671236d704 100644
--- a/vendor/github.com/xanzy/go-gitlab/go.sum
+++ b/vendor/github.com/xanzy/go-gitlab/go.sum
@@ -17,16 +17,24 @@ github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.4.0 h1:2E4SXV/wtOkTonXsotYi4li6zVWxYlZuYNCXe9XRJyk=
 github.com/stretchr/testify v1.4.0/go.mod h1:j7eGeouHqKxXV5pUuKE4zz7dFj8WfuZ+81PSLYec5m4=
+golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w=
+golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto=
 golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
-golang.org/x/net v0.0.0-20181108082009-03003ca0c849 h1:FSqE2GGG7wzsYUsWiQ8MZrvEd1EOyU3NCF0AW3Wtltg=
-golang.org/x/net v0.0.0-20181108082009-03003ca0c849/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4=
+golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974 h1:IX6qOQeG5uLjB/hjjwjedwfjND0hgjPMMyO1RoIXQNI=
+golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU=
 golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288 h1:JIqe8uIcRBHXDQVvZtHwp80ai3Lw3IJAeJEs55Dc1W0=
 golang.org/x/oauth2 v0.0.0-20181106182150-f42d05182288/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f h1:Bl/8QSvNqXvPGPGXa2z5xUTmV7VDcZyvRZ+QQXkXTZQ=
-golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9 h1:SQFwaSi55rU7vdNs9Yr0Z324VNlrF+0wMqRXT4St8ck=
+golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
+golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
+golang.org/x/sys v0.0.0-20190412213103-97732733099d/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20200930185726-fdedc70b468f/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ=
+golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0 h1:/5xXl8Y5W96D+TtHSlonuFqGHIWVuyCkGJLwGh9JJFs=
 golang.org/x/time v0.0.0-20191024005414-555d28b269f0/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ=
+golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ=
 google.golang.org/appengine v1.3.0 h1:FBSsiFRMz3LBeXIomRnVzrQwSDj4ibvcRexLG0LZGQk=
 google.golang.org/appengine v1.3.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4=
 gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405 h1:yhCVgyC4o1eVCa2tZl7eS0r+SDo693bJlVdllGtEeKM=
diff --git a/vendor/github.com/xanzy/go-gitlab/group_import_export.go b/vendor/github.com/xanzy/go-gitlab/group_import_export.go
new file mode 100644
index 0000000000..c578805833
--- /dev/null
+++ b/vendor/github.com/xanzy/go-gitlab/group_import_export.go
@@ -0,0 +1,180 @@
+//
+// Copyright 2021, Sander van Harmelen
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"bytes"
+	"fmt"
+	"io"
+	"mime/multipart"
+	"net/http"
+	"os"
+	"path/filepath"
+	"strconv"
+)
+
+// GroupImportExportService handles communication with the group import export
+// related methods of the GitLab API.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/group_import_export.html
+type GroupImportExportService struct {
+	client *Client
+}
+
+// ScheduleExport starts a new group export.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/group_import_export.html#schedule-new-export
+func (s *GroupImportExportService) ScheduleExport(gid interface{}, options ...RequestOptionFunc) (*Response, error) {
+	group, err := parseID(gid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("groups/%s/export", pathEscape(group))
+
+	req, err := s.client.NewRequest(http.MethodPost, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
+
+// ExportDownload downloads the finished export.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/group_import_export.html#export-download
+func (s *GroupImportExportService) ExportDownload(gid interface{}, options ...RequestOptionFunc) (*bytes.Reader, *Response, error) {
+	group, err := parseID(gid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("groups/%s/export/download", pathEscape(group))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	exportDownload := new(bytes.Buffer)
+	resp, err := s.client.Do(req, exportDownload)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return bytes.NewReader(exportDownload.Bytes()), resp, err
+}
+
+// GroupImportFileOptions represents the available ImportFile() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/group_import_export.html#import-a-file
+type GroupImportFileOptions struct {
+	Name     *string `url:"name,omitempty" json:"name,omitempty"`
+	Path     *string `url:"path,omitempty" json:"path,omitempty"`
+	File     *string `url:"file,omitempty" json:"file,omitempty"`
+	ParentID *int    `url:"parent_id,omitempty" json:"parent_id,omitempty"`
+}
+
+// ImportFile imports a file.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/group_import_export.html#import-a-file
+func (s *GroupImportExportService) ImportFile(opt *GroupImportFileOptions, options ...RequestOptionFunc) (*Response, error) {
+	// First check if we got all required options.
+	if opt.Name == nil || *opt.Name == "" {
+		return nil, fmt.Errorf("Missing required option: Name")
+	}
+	if opt.Path == nil || *opt.Path == "" {
+		return nil, fmt.Errorf("Missing required option: Path")
+	}
+	if opt.File == nil || *opt.File == "" {
+		return nil, fmt.Errorf("Missing required option: File")
+	}
+
+	f, err := os.Open(*opt.File)
+	if err != nil {
+		return nil, err
+	}
+	defer f.Close()
+
+	b := &bytes.Buffer{}
+	w := multipart.NewWriter(b)
+
+	_, filename := filepath.Split(*opt.File)
+	fw, err := w.CreateFormFile("file", filename)
+	if err != nil {
+		return nil, err
+	}
+
+	_, err = io.Copy(fw, f)
+	if err != nil {
+		return nil, err
+	}
+
+	// Populate the additional fields.
+	fw, err = w.CreateFormField("name")
+	if err != nil {
+		return nil, err
+	}
+
+	_, err = fw.Write([]byte(*opt.Name))
+	if err != nil {
+		return nil, err
+	}
+
+	fw, err = w.CreateFormField("path")
+	if err != nil {
+		return nil, err
+	}
+
+	_, err = fw.Write([]byte(*opt.Path))
+	if err != nil {
+		return nil, err
+	}
+
+	if opt.ParentID != nil {
+		fw, err = w.CreateFormField("parent_id")
+		if err != nil {
+			return nil, err
+		}
+
+		_, err = fw.Write([]byte(strconv.Itoa(*opt.ParentID)))
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	if err = w.Close(); err != nil {
+		return nil, err
+	}
+
+	req, err := s.client.NewRequest(http.MethodPost, "groups/import", nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	// Set the buffer as the request body.
+	if err = req.SetBody(b); err != nil {
+		return nil, err
+	}
+
+	// Overwrite the default content type.
+	req.Header.Set("Content-Type", w.FormDataContentType())
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/github.com/xanzy/go-gitlab/group_variables.go b/vendor/github.com/xanzy/go-gitlab/group_variables.go
index bcc7b4928b..4cf9714813 100644
--- a/vendor/github.com/xanzy/go-gitlab/group_variables.go
+++ b/vendor/github.com/xanzy/go-gitlab/group_variables.go
@@ -36,11 +36,12 @@ type GroupVariablesService struct {
 // GitLab API docs:
 // https://docs.gitlab.com/ee/api/group_level_variables.html
 type GroupVariable struct {
-	Key          string            `json:"key"`
-	Value        string            `json:"value"`
-	VariableType VariableTypeValue `json:"variable_type"`
-	Protected    bool              `json:"protected"`
-	Masked       bool              `json:"masked"`
+	Key              string            `json:"key"`
+	Value            string            `json:"value"`
+	VariableType     VariableTypeValue `json:"variable_type"`
+	Protected        bool              `json:"protected"`
+	Masked           bool              `json:"masked"`
+	EnvironmentScope string            `json:"environment_scope"`
 }
 
 func (v GroupVariable) String() string {
@@ -110,11 +111,12 @@ func (s *GroupVariablesService) GetVariable(gid interface{}, key string, options
 // GitLab API docs:
 // https://docs.gitlab.com/ee/api/group_level_variables.html#create-variable
 type CreateGroupVariableOptions struct {
-	Key          *string            `url:"key,omitempty" json:"key,omitempty"`
-	Value        *string            `url:"value,omitempty" json:"value,omitempty"`
-	VariableType *VariableTypeValue `url:"variable_type,omitempty" json:"variable_type,omitempty"`
-	Protected    *bool              `url:"protected,omitempty" json:"protected,omitempty"`
-	Masked       *bool              `url:"masked,omitempty" json:"masked,omitempty"`
+	Key              *string            `url:"key,omitempty" json:"key,omitempty"`
+	Value            *string            `url:"value,omitempty" json:"value,omitempty"`
+	VariableType     *VariableTypeValue `url:"variable_type,omitempty" json:"variable_type,omitempty"`
+	Protected        *bool              `url:"protected,omitempty" json:"protected,omitempty"`
+	Masked           *bool              `url:"masked,omitempty" json:"masked,omitempty"`
+	EnvironmentScope *string            `url:"environment_scope,omitempty" json:"environment_scope,omitempty"`
 }
 
 // CreateVariable creates a new group variable.
@@ -148,10 +150,11 @@ func (s *GroupVariablesService) CreateVariable(gid interface{}, opt *CreateGroup
 // GitLab API docs:
 // https://docs.gitlab.com/ee/api/group_level_variables.html#update-variable
 type UpdateGroupVariableOptions struct {
-	Value        *string            `url:"value,omitempty" json:"value,omitempty"`
-	VariableType *VariableTypeValue `url:"variable_type,omitempty" json:"variable_type,omitempty"`
-	Protected    *bool              `url:"protected,omitempty" json:"protected,omitempty"`
-	Masked       *bool              `url:"masked,omitempty" json:"masked,omitempty"`
+	Value            *string            `url:"value,omitempty" json:"value,omitempty"`
+	VariableType     *VariableTypeValue `url:"variable_type,omitempty" json:"variable_type,omitempty"`
+	Protected        *bool              `url:"protected,omitempty" json:"protected,omitempty"`
+	Masked           *bool              `url:"masked,omitempty" json:"masked,omitempty"`
+	EnvironmentScope *string            `url:"environment_scope,omitempty" json:"environment_scope,omitempty"`
 }
 
 // UpdateVariable updates the position of an existing
diff --git a/vendor/github.com/xanzy/go-gitlab/issues.go b/vendor/github.com/xanzy/go-gitlab/issues.go
index e01544a4fb..397e8c20bf 100644
--- a/vendor/github.com/xanzy/go-gitlab/issues.go
+++ b/vendor/github.com/xanzy/go-gitlab/issues.go
@@ -580,6 +580,33 @@ func (s *IssuesService) UnsubscribeFromIssue(pid interface{}, issue int, options
 	return i, resp, err
 }
 
+// CreateTodo creates a todo for the current user for an issue.
+// If there already exists a todo for the user on that issue, status code
+// 304 is returned.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/issues.html#create-a-to-do-item
+func (s *IssuesService) CreateTodo(pid interface{}, issue int, options ...RequestOptionFunc) (*Todo, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/issues/%d/todo", pathEscape(project), issue)
+
+	req, err := s.client.NewRequest(http.MethodPost, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	t := new(Todo)
+	resp, err := s.client.Do(req, t)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return t, resp, err
+}
+
 // ListMergeRequestsClosingIssueOptions represents the available
 // ListMergeRequestsClosingIssue() options.
 //
diff --git a/vendor/github.com/xanzy/go-gitlab/jobs.go b/vendor/github.com/xanzy/go-gitlab/jobs.go
index 410e5a6f10..2d3c110fa4 100644
--- a/vendor/github.com/xanzy/go-gitlab/jobs.go
+++ b/vendor/github.com/xanzy/go-gitlab/jobs.go
@@ -103,7 +103,8 @@ type Bridge struct {
 // ListJobsOptions are options for two list apis
 type ListJobsOptions struct {
 	ListOptions
-	Scope []BuildStateValue `url:"scope[],omitempty" json:"scope,omitempty"`
+	Scope          []BuildStateValue `url:"scope[],omitempty" json:"scope,omitempty"`
+	IncludeRetried bool              `url:"include_retried,omitempty" json:"include_retried,omitempty"`
 }
 
 // ListProjectJobs gets a list of jobs in a project.
@@ -186,6 +187,31 @@ func (s *JobsService) ListPipelineBridges(pid interface{}, pipelineID int, opts
 	return bridges, resp, err
 }
 
+// GetJobTokensJobOptions represents the available GetJobTokensJob() options.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/jobs.html#get-job-tokens-job
+type GetJobTokensJobOptions struct {
+	JobToken *string `url:"job_token,omitempty" json:"job_token,omitempty"`
+}
+
+// GetJobTokensJob retrieves the job that generated a job token.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/jobs.html#get-job-tokens-job
+func (s *JobsService) GetJobTokensJob(opts *GetJobTokensJobOptions, options ...RequestOptionFunc) (*Job, *Response, error) {
+	req, err := s.client.NewRequest(http.MethodGet, "job", opts, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	job := new(Job)
+	resp, err := s.client.Do(req, job)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return job, resp, err
+}
+
 // GetJob gets a single job of a project.
 //
 // GitLab API docs:
diff --git a/vendor/github.com/xanzy/go-gitlab/merge_requests.go b/vendor/github.com/xanzy/go-gitlab/merge_requests.go
index 9b9b2361b3..3ec2a7e717 100644
--- a/vendor/github.com/xanzy/go-gitlab/merge_requests.go
+++ b/vendor/github.com/xanzy/go-gitlab/merge_requests.go
@@ -100,6 +100,7 @@ type MergeRequest struct {
 	RebaseInProgress     bool   `json:"rebase_in_progress"`
 	ApprovalsBeforeMerge int    `json:"approvals_before_merge"`
 	Reference            string `json:"reference"`
+	FirstContribution    bool   `json:"first_contribution"`
 	TaskCompletionStatus struct {
 		Count          int `json:"count"`
 		CompletedCount int `json:"completed_count"`
diff --git a/vendor/github.com/xanzy/go-gitlab/project_access_tokens.go b/vendor/github.com/xanzy/go-gitlab/project_access_tokens.go
index 9bca815d54..ea545870d8 100644
--- a/vendor/github.com/xanzy/go-gitlab/project_access_tokens.go
+++ b/vendor/github.com/xanzy/go-gitlab/project_access_tokens.go
@@ -118,7 +118,7 @@ func (s *ProjectAccessTokensService) CreateProjectAccessToken(pid interface{}, o
 	return pat, resp, err
 }
 
-// RemoveProjectAccessToken deletes a Project Access Token.
+// DeleteProjectAccessToken deletes a Project Access Token.
 //
 // GitLab API docs:
 // https://docs.gitlab.com/ee/api/resource_access_tokens.html#revoke-a-project-access-token
diff --git a/vendor/github.com/xanzy/go-gitlab/project_managed_licenses.go b/vendor/github.com/xanzy/go-gitlab/project_managed_licenses.go
new file mode 100644
index 0000000000..186bdef57e
--- /dev/null
+++ b/vendor/github.com/xanzy/go-gitlab/project_managed_licenses.go
@@ -0,0 +1,188 @@
+//
+// Copyright 2021, Andrea Perizzato
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+package gitlab
+
+import (
+	"fmt"
+	"net/http"
+)
+
+// ManagedLicensesService handles communication with the managed licenses
+// methods of the GitLab API.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/managed_licenses.html
+type ManagedLicensesService struct {
+	client *Client
+}
+
+// ManagedLicense represents a managed license.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/managed_licenses.html
+type ManagedLicense struct {
+	ID             int                        `json:"id"`
+	Name           string                     `json:"name"`
+	ApprovalStatus LicenseApprovalStatusValue `json:"approval_status"`
+}
+
+// ListManagedLicenses returns a list of managed licenses from a project.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/managed_licenses.html#list-managed-licenses
+func (s *ManagedLicensesService) ListManagedLicenses(pid interface{}, options ...RequestOptionFunc) ([]*ManagedLicense, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/managed_licenses", pathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var mls []*ManagedLicense
+	resp, err := s.client.Do(req, &mls)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return mls, resp, err
+}
+
+// GetManagedLicense returns an existing managed license.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/managed_licenses.html#show-an-existing-managed-license
+func (s *ManagedLicensesService) GetManagedLicense(pid, mlid interface{}, options ...RequestOptionFunc) (*ManagedLicense, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	license, err := parseID(mlid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/managed_licenses/%s", pathEscape(project), pathEscape(license))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	ml := new(ManagedLicense)
+	resp, err := s.client.Do(req, ml)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ml, resp, err
+}
+
+// AddManagedLicenseOptions represents the available AddManagedLicense() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/managed_licenses.html#create-a-new-managed-license
+type AddManagedLicenseOptions struct {
+	Name           *string                     `url:"name,omitempty" json:"name,omitempty"`
+	ApprovalStatus *LicenseApprovalStatusValue `url:"approval_status,omitempty" json:"approval_status,omitempty"`
+}
+
+// AddManagedLicense adds a managed license to a project.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/managed_licenses.html#create-a-new-managed-license
+func (s *ManagedLicensesService) AddManagedLicense(pid interface{}, opt *AddManagedLicenseOptions, options ...RequestOptionFunc) (*ManagedLicense, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/managed_licenses", pathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodPost, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	ml := new(ManagedLicense)
+	resp, err := s.client.Do(req, ml)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ml, resp, err
+}
+
+// DeleteManagedLicense deletes a managed license with a given ID.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/managed_licenses.html#delete-a-managed-license
+func (s *ManagedLicensesService) DeleteManagedLicense(pid, mlid interface{}, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	license, err := parseID(mlid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("projects/%s/managed_licenses/%s", pathEscape(project), pathEscape(license))
+
+	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
+
+// EditManagedLicenceOptions represents the available EditManagedLicense() options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/managed_licenses.html#edit-an-existing-managed-license
+type EditManagedLicenceOptions struct {
+	ApprovalStatus *LicenseApprovalStatusValue `url:"approval_status,omitempty" json:"approval_status,omitempty"`
+}
+
+// EditManagedLicense updates an existing managed license with a new approval
+// status.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/managed_licenses.html#edit-an-existing-managed-license
+func (s *ManagedLicensesService) EditManagedLicense(pid, mlid interface{}, opt *EditManagedLicenceOptions, options ...RequestOptionFunc) (*ManagedLicense, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	license, err := parseID(mlid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/managed_licenses/%s", pathEscape(project), pathEscape(license))
+
+	req, err := s.client.NewRequest(http.MethodPatch, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	ml := new(ManagedLicense)
+	resp, err := s.client.Do(req, ml)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return ml, resp, err
+}
diff --git a/vendor/github.com/xanzy/go-gitlab/projects.go b/vendor/github.com/xanzy/go-gitlab/projects.go
index fb58eefbcf..c58907cee9 100644
--- a/vendor/github.com/xanzy/go-gitlab/projects.go
+++ b/vendor/github.com/xanzy/go-gitlab/projects.go
@@ -75,6 +75,8 @@ type Project struct {
 	EmptyRepo                                 bool                       `json:"empty_repo"`
 	Archived                                  bool                       `json:"archived"`
 	AvatarURL                                 string                     `json:"avatar_url"`
+	LicenseURL                                string                     `json:"license_url"`
+	License                                   *ProjectLicense            `json:"license"`
 	SharedRunnersEnabled                      bool                       `json:"shared_runners_enabled"`
 	ForksCount                                int                        `json:"forks_count"`
 	StarCount                                 int                        `json:"star_count"`
@@ -113,13 +115,15 @@ type Project struct {
 		GroupName        string `json:"group_name"`
 		GroupAccessLevel int    `json:"group_access_level"`
 	} `json:"shared_with_groups"`
-	Statistics           *ProjectStatistics `json:"statistics"`
-	Links                *Links             `json:"_links,omitempty"`
-	CIConfigPath         string             `json:"ci_config_path"`
-	CIDefaultGitDepth    int                `json:"ci_default_git_depth"`
-	CustomAttributes     []*CustomAttribute `json:"custom_attributes"`
-	ComplianceFrameworks []string           `json:"compliance_frameworks"`
-	BuildCoverageRegex   string             `json:"build_coverage_regex"`
+	Statistics            *ProjectStatistics `json:"statistics"`
+	Links                 *Links             `json:"_links,omitempty"`
+	CIConfigPath          string             `json:"ci_config_path"`
+	CIDefaultGitDepth     int                `json:"ci_default_git_depth"`
+	CustomAttributes      []*CustomAttribute `json:"custom_attributes"`
+	ComplianceFrameworks  []string           `json:"compliance_frameworks"`
+	BuildCoverageRegex    string             `json:"build_coverage_regex"`
+	IssuesTemplate        string             `json:"issues_template"`
+	MergeRequestsTemplate string             `json:"merge_requests_template"`
 }
 
 // ContainerExpirationPolicy represents the container expiration policy.
@@ -133,6 +137,73 @@ type ContainerExpirationPolicy struct {
 	NextRunAt       *time.Time `json:"next_run_at"`
 }
 
+// ForkParent represents the parent project when this is a fork.
+type ForkParent struct {
+	HTTPURLToRepo     string `json:"http_url_to_repo"`
+	ID                int    `json:"id"`
+	Name              string `json:"name"`
+	NameWithNamespace string `json:"name_with_namespace"`
+	Path              string `json:"path"`
+	PathWithNamespace string `json:"path_with_namespace"`
+	WebURL            string `json:"web_url"`
+}
+
+// GroupAccess represents group access.
+type GroupAccess struct {
+	AccessLevel       AccessLevelValue       `json:"access_level"`
+	NotificationLevel NotificationLevelValue `json:"notification_level"`
+}
+
+// Links represents a project web links for self, issues, merge_requests,
+// repo_branches, labels, events, members.
+type Links struct {
+	Self          string `json:"self"`
+	Issues        string `json:"issues"`
+	MergeRequests string `json:"merge_requests"`
+	RepoBranches  string `json:"repo_branches"`
+	Labels        string `json:"labels"`
+	Events        string `json:"events"`
+	Members       string `json:"members"`
+}
+
+// Permissions represents permissions.
+type Permissions struct {
+	ProjectAccess *ProjectAccess `json:"project_access"`
+	GroupAccess   *GroupAccess   `json:"group_access"`
+}
+
+// ProjectAccess represents project access.
+type ProjectAccess struct {
+	AccessLevel       AccessLevelValue       `json:"access_level"`
+	NotificationLevel NotificationLevelValue `json:"notification_level"`
+}
+
+// ProjectLicense represent the license for a project.
+type ProjectLicense struct {
+	Key       string `json:"key"`
+	Name      string `json:"name"`
+	Nickname  string `json:"nickname"`
+	HTMLURL   string `json:"html_url"`
+	SourceURL string `json:"source_url"`
+}
+
+// ProjectNamespace represents a project namespace.
+type ProjectNamespace struct {
+	ID        int    `json:"id"`
+	Name      string `json:"name"`
+	Path      string `json:"path"`
+	Kind      string `json:"kind"`
+	FullPath  string `json:"full_path"`
+	AvatarURL string `json:"avatar_url"`
+	WebURL    string `json:"web_url"`
+}
+
+// ProjectStatistics represents a statistics record for a project.
+type ProjectStatistics struct {
+	StorageStatistics
+	CommitCount int `json:"commit_count"`
+}
+
 // Repository represents a repository.
 type Repository struct {
 	Name              string          `json:"name"`
@@ -151,17 +222,6 @@ type Repository struct {
 	HTTPURL           string          `json:"http_url"`
 }
 
-// ProjectNamespace represents a project namespace.
-type ProjectNamespace struct {
-	ID        int    `json:"id"`
-	Name      string `json:"name"`
-	Path      string `json:"path"`
-	Kind      string `json:"kind"`
-	FullPath  string `json:"full_path"`
-	AvatarURL string `json:"avatar_url"`
-	WebURL    string `json:"web_url"`
-}
-
 // StorageStatistics represents a statistics record for a group or project.
 type StorageStatistics struct {
 	StorageSize      int64 `json:"storage_size"`
@@ -170,53 +230,6 @@ type StorageStatistics struct {
 	JobArtifactsSize int64 `json:"job_artifacts_size"`
 }
 
-// ProjectStatistics represents a statistics record for a project.
-type ProjectStatistics struct {
-	StorageStatistics
-	CommitCount int `json:"commit_count"`
-}
-
-// Permissions represents permissions.
-type Permissions struct {
-	ProjectAccess *ProjectAccess `json:"project_access"`
-	GroupAccess   *GroupAccess   `json:"group_access"`
-}
-
-// ProjectAccess represents project access.
-type ProjectAccess struct {
-	AccessLevel       AccessLevelValue       `json:"access_level"`
-	NotificationLevel NotificationLevelValue `json:"notification_level"`
-}
-
-// GroupAccess represents group access.
-type GroupAccess struct {
-	AccessLevel       AccessLevelValue       `json:"access_level"`
-	NotificationLevel NotificationLevelValue `json:"notification_level"`
-}
-
-// ForkParent represents the parent project when this is a fork.
-type ForkParent struct {
-	HTTPURLToRepo     string `json:"http_url_to_repo"`
-	ID                int    `json:"id"`
-	Name              string `json:"name"`
-	NameWithNamespace string `json:"name_with_namespace"`
-	Path              string `json:"path"`
-	PathWithNamespace string `json:"path_with_namespace"`
-	WebURL            string `json:"web_url"`
-}
-
-// Links represents a project web links for self, issues, merge_requests,
-// repo_branches, labels, events, members.
-type Links struct {
-	Self          string `json:"self"`
-	Issues        string `json:"issues"`
-	MergeRequests string `json:"merge_requests"`
-	RepoBranches  string `json:"repo_branches"`
-	Labels        string `json:"labels"`
-	Events        string `json:"events"`
-	Members       string `json:"members"`
-}
-
 func (s Project) String() string {
 	return Stringify(s)
 }
@@ -356,6 +369,53 @@ func (s *ProjectsService) ListProjectsUsers(pid interface{}, opt *ListProjectUse
 	return p, resp, err
 }
 
+// ProjectGroup represents a GitLab project group.
+type ProjectGroup struct {
+	ID        int    `json:"id"`
+	Name      string `json:"name"`
+	AvatarURL string `json:"avatar_url"`
+	WebURL    string `json:"web_url"`
+	FullName  string `json:"full_name"`
+	FullPath  string `json:"full_path"`
+}
+
+// ListProjectGroupOptions represents the available ListProjectsGroups() options.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/projects.html#list-a-projects-groups
+type ListProjectGroupOptions struct {
+	ListOptions
+	Search               *string           `url:"search,omitempty" json:"search,omitempty"`
+	SkipGroups           []int             `url:"skip_groups,omitempty" json:"skip_groups,omitempty"`
+	WithShared           *bool             `url:"with_shared,omitempty" json:"with_shared,omitempty"`
+	SharedMinAccessLevel *AccessLevelValue `url:"shared_min_access_level,omitempty" json:"shared_min_access_level,omitempty"`
+	SharedVisiableOnly   *bool             `url:"shared_visible_only,omitempty" json:"shared_visible_only,omitempty"`
+}
+
+// ListProjectsGroups gets a list of groups for the given project.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/projects.html#list-a-projects-groups
+func (s *ProjectsService) ListProjectsGroups(pid interface{}, opt *ListProjectGroupOptions, options ...RequestOptionFunc) ([]*ProjectGroup, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/groups", pathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	var p []*ProjectGroup
+	resp, err := s.client.Do(req, &p)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return p, resp, err
+}
+
 // ProjectLanguages is a map of strings because the response is arbitrary
 //
 // Gitlab API docs: https://docs.gitlab.com/ce/api/projects.html#languages
@@ -537,6 +597,8 @@ type CreateProjectOptions struct {
 	ServiceDeskEnabled                        *bool                                `url:"service_desk_enabled,omitempty" json:"service_desk_enabled,omitempty"`
 	AutocloseReferencedIssues                 *bool                                `url:"autoclose_referenced_issues,omitempty" json:"autoclose_referenced_issues,omitempty"`
 	SuggestionCommitMessage                   *string                              `url:"suggestion_commit_message,omitempty" json:"suggestion_commit_message,omitempty"`
+	IssuesTemplate                            *string                              `url:"issues_template,omitempty" json:"issues_template,omitempty"`
+	MergeRequestsTemplate                     *string                              `url:"merge_requests_template,omitempty" json:"merge_requests_template,omitempty"`
 
 	// Deprecated members
 	IssuesEnabled        *bool `url:"issues_enabled,omitempty" json:"issues_enabled,omitempty"`
@@ -675,6 +737,8 @@ type EditProjectOptions struct {
 	ServiceDeskEnabled                        *bool                                `url:"service_desk_enabled,omitempty" json:"service_desk_enabled,omitempty"`
 	AutocloseReferencedIssues                 *bool                                `url:"autoclose_referenced_issues,omitempty" json:"autoclose_referenced_issues,omitempty"`
 	SuggestionCommitMessage                   *string                              `url:"suggestion_commit_message,omitempty" json:"suggestion_commit_message,omitempty"`
+	IssuesTemplate                            *string                              `url:"issues_template,omitempty" json:"issues_template,omitempty"`
+	MergeRequestsTemplate                     *string                              `url:"merge_requests_template,omitempty" json:"merge_requests_template,omitempty"`
 
 	// Deprecated members
 	IssuesEnabled        *bool `url:"issues_enabled,omitempty" json:"issues_enabled,omitempty"`
@@ -1431,6 +1495,7 @@ type ProjectApprovals struct {
 	DisableOverridingApproversPerMergeRequest bool                         `json:"disable_overriding_approvers_per_merge_request"`
 	MergeRequestsAuthorApproval               bool                         `json:"merge_requests_author_approval"`
 	MergeRequestsDisableCommittersApproval    bool                         `json:"merge_requests_disable_committers_approval"`
+	RequirePasswordToApprove                  bool                         `json:"require_password_to_approve"`
 }
 
 // GetApprovalConfiguration get the approval configuration for a project.
@@ -1469,6 +1534,7 @@ type ChangeApprovalConfigurationOptions struct {
 	DisableOverridingApproversPerMergeRequest *bool `url:"disable_overriding_approvers_per_merge_request,omitempty" json:"disable_overriding_approvers_per_merge_request,omitempty"`
 	MergeRequestsAuthorApproval               *bool `url:"merge_requests_author_approval,omitempty" json:"merge_requests_author_approval,omitempty"`
 	MergeRequestsDisableCommittersApproval    *bool `url:"merge_requests_disable_committers_approval,omitempty" json:"merge_requests_disable_committers_approval,omitempty"`
+	RequirePasswordToApprove                  *bool `url:"require_password_to_approve,omitempty" json:"require_password_to_approve,omitempty"`
 }
 
 // ChangeApprovalConfiguration updates the approval configuration for a project.
diff --git a/vendor/github.com/xanzy/go-gitlab/protected_branches.go b/vendor/github.com/xanzy/go-gitlab/protected_branches.go
index bcc0369dbd..af3e7f2111 100644
--- a/vendor/github.com/xanzy/go-gitlab/protected_branches.go
+++ b/vendor/github.com/xanzy/go-gitlab/protected_branches.go
@@ -41,6 +41,7 @@ type ProtectedBranch struct {
 	PushAccessLevels          []*BranchAccessDescription `json:"push_access_levels"`
 	MergeAccessLevels         []*BranchAccessDescription `json:"merge_access_levels"`
 	UnprotectAccessLevels     []*BranchAccessDescription `json:"unprotect_access_levels"`
+	AllowForcePush            bool                       `json:"allow_force_push"`
 	CodeOwnerApprovalRequired bool                       `json:"code_owner_approval_required"`
 }
 
@@ -123,6 +124,7 @@ type ProtectRepositoryBranchesOptions struct {
 	PushAccessLevel           *AccessLevelValue          `url:"push_access_level,omitempty" json:"push_access_level,omitempty"`
 	MergeAccessLevel          *AccessLevelValue          `url:"merge_access_level,omitempty" json:"merge_access_level,omitempty"`
 	UnprotectAccessLevel      *AccessLevelValue          `url:"unprotect_access_level,omitempty" json:"unprotect_access_level,omitempty"`
+	AllowForcePush            *bool                      `url:"allow_force_push,omitempty" json:"allow_force_push,omitempty"`
 	AllowedToPush             []*BranchPermissionOptions `url:"allowed_to_push,omitempty" json:"allowed_to_push,omitempty"`
 	AllowedToMerge            []*BranchPermissionOptions `url:"allowed_to_merge,omitempty" json:"allowed_to_merge,omitempty"`
 	AllowedToUnprotect        []*BranchPermissionOptions `url:"allowed_to_unprotect,omitempty" json:"allowed_to_unprotect,omitempty"`
@@ -194,7 +196,7 @@ type RequireCodeOwnerApprovalsOptions struct {
 	CodeOwnerApprovalRequired *bool `url:"code_owner_approval_required,omitempty" json:"code_owner_approval_required,omitempty"`
 }
 
-// RequireCodeOwnerApprovals updates the code owner approval.
+// RequireCodeOwnerApprovals updates the code owner approval option.
 //
 // Gitlab API docs:
 // https://docs.gitlab.com/ee/api/protected_branches.html#require-code-owner-approvals-for-a-single-branch
diff --git a/vendor/github.com/xanzy/go-gitlab/releaselinks.go b/vendor/github.com/xanzy/go-gitlab/releaselinks.go
index 4ea1af8f31..7d56ff5bf3 100644
--- a/vendor/github.com/xanzy/go-gitlab/releaselinks.go
+++ b/vendor/github.com/xanzy/go-gitlab/releaselinks.go
@@ -33,10 +33,12 @@ type ReleaseLinksService struct {
 //
 // GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html
 type ReleaseLink struct {
-	ID       int    `json:"id"`
-	Name     string `json:"name"`
-	URL      string `json:"url"`
-	External bool   `json:"external"`
+	ID             int           `json:"id"`
+	Name           string        `json:"name"`
+	URL            string        `json:"url"`
+	DirectAssetURL string        `json:"direct_asset_url"`
+	External       bool          `json:"external"`
+	LinkType       LinkTypeValue `json:"link_type"`
 }
 
 // ListReleaseLinksOptions represents ListReleaseLinks() options.
@@ -99,8 +101,10 @@ func (s *ReleaseLinksService) GetReleaseLink(pid interface{}, tagName string, li
 //
 // GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#create-a-link
 type CreateReleaseLinkOptions struct {
-	Name *string `url:"name" json:"name"`
-	URL  *string `url:"url" json:"url"`
+	Name     *string        `url:"name,omitempty" json:"name,omitempty"`
+	URL      *string        `url:"url,omitempty" json:"url,omitempty"`
+	FilePath *string        `url:"filepath,omitempty" json:"filepath,omitempty"`
+	LinkType *LinkTypeValue `url:"link_type,omitempty" json:"link_type,omitempty"`
 }
 
 // CreateReleaseLink creates a link.
@@ -133,8 +137,10 @@ func (s *ReleaseLinksService) CreateReleaseLink(pid interface{}, tagName string,
 //
 // GitLab API docs: https://docs.gitlab.com/ee/api/releases/links.html#update-a-link
 type UpdateReleaseLinkOptions struct {
-	Name *string `url:"name,omitempty" json:"name,omitempty"`
-	URL  *string `url:"url,omitempty" json:"url,omitempty"`
+	Name     *string        `url:"name,omitempty" json:"name,omitempty"`
+	URL      *string        `url:"url,omitempty" json:"url,omitempty"`
+	FilePath *string        `url:"filepath,omitempty" json:"filepath,omitempty"`
+	LinkType *LinkTypeValue `url:"link_type,omitempty" json:"link_type,omitempty"`
 }
 
 // UpdateReleaseLink updates an asset link.
diff --git a/vendor/github.com/xanzy/go-gitlab/releases.go b/vendor/github.com/xanzy/go-gitlab/releases.go
index e4d16524ef..bb91ab47a8 100644
--- a/vendor/github.com/xanzy/go-gitlab/releases.go
+++ b/vendor/github.com/xanzy/go-gitlab/releases.go
@@ -37,9 +37,10 @@ type ReleasesService struct {
 type Release struct {
 	TagName         string     `json:"tag_name"`
 	Name            string     `json:"name"`
-	Description     string     `json:"description,omitempty"`
-	DescriptionHTML string     `json:"description_html,omitempty"`
-	CreatedAt       *time.Time `json:"created_at,omitempty"`
+	Description     string     `json:"description"`
+	DescriptionHTML string     `json:"description_html"`
+	CreatedAt       *time.Time `json:"created_at"`
+	ReleasedAt      *time.Time `json:"released_at"`
 	Author          struct {
 		ID        int    `json:"id"`
 		Name      string `json:"name"`
diff --git a/vendor/github.com/xanzy/go-gitlab/services.go b/vendor/github.com/xanzy/go-gitlab/services.go
index ecfed70135..973a30cb8d 100644
--- a/vendor/github.com/xanzy/go-gitlab/services.go
+++ b/vendor/github.com/xanzy/go-gitlab/services.go
@@ -596,10 +596,13 @@ func (s *ServicesService) GetJenkinsCIService(pid interface{}, options ...Reques
 // GitLab API docs:
 // https://docs.gitlab.com/ee/api/services.html#jenkins-ci
 type SetJenkinsCIServiceOptions struct {
-	URL         *string `url:"jenkins_url,omitempty" json:"jenkins_url,omitempty"`
-	ProjectName *string `url:"project_name,omitempty" json:"project_name,omitempty"`
-	Username    *string `url:"username,omitempty" json:"username,omitempty"`
-	Password    *string `url:"password,omitempty" json:"password,omitempty"`
+	URL                 *string `url:"jenkins_url,omitempty" json:"jenkins_url,omitempty"`
+	ProjectName         *string `url:"project_name,omitempty" json:"project_name,omitempty"`
+	Username            *string `url:"username,omitempty" json:"username,omitempty"`
+	Password            *string `url:"password,omitempty" json:"password,omitempty"`
+	PushEvents          *bool   `url:"push_events,omitempty" json:"push_events,omitempty"`
+	MergeRequestsEvents *bool   `url:"merge_requests_events,omitempty" json:"merge_requests_events,omitempty"`
+	TagPushEvents       *bool   `url:"tag_push_events,omitempty" json:"tag_push_events,omitempty"`
 }
 
 // SetJenkinsCIService sets Jenkins service for a project
@@ -1327,3 +1330,98 @@ func (s *ServicesService) DeleteSlackService(pid interface{}, options ...Request
 
 	return s.client.Do(req, nil)
 }
+
+// YouTrackService represents YouTrack service settings.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/services.html#youtrack
+type YouTrackService struct {
+	Service
+	Properties *YouTrackServiceProperties `json:"properties"`
+}
+
+// YouTrackServiceProperties represents YouTrack specific properties.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/services.html#youtrack
+type YouTrackServiceProperties struct {
+	IssuesURL   string `json:"issues_url"`
+	ProjectURL  string `json:"project_url"`
+	Description string `json:"description"`
+	PushEvents  bool   `json:"push_events"`
+}
+
+// GetYouTrackService gets YouTrack service settings for a project.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/services.html#get-youtrack-service-settings
+func (s *ServicesService) GetYouTrackService(pid interface{}, options ...RequestOptionFunc) (*YouTrackService, *Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, nil, err
+	}
+	u := fmt.Sprintf("projects/%s/services/youtrack", pathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	if err != nil {
+		return nil, nil, err
+	}
+
+	svc := new(YouTrackService)
+	resp, err := s.client.Do(req, svc)
+	if err != nil {
+		return nil, resp, err
+	}
+
+	return svc, resp, err
+}
+
+// SetYouTrackServiceOptions represents the available SetYouTrackService()
+// options.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/services.html#createedit-youtrack-service
+type SetYouTrackServiceOptions struct {
+	IssuesURL   *string `url:"issues_url,omitempty" json:"issues_url,omitempty"`
+	ProjectURL  *string `url:"project_url,omitempty" json:"project_url,omitempty"`
+	Description *string `url:"description,omitempty" json:"description,omitempty"`
+	PushEvents  *bool   `url:"push_events,omitempty" json:"push_events,omitempty"`
+}
+
+// SetYouTrackService sets YouTrack service for a project
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/services.html#createedit-youtrack-service
+func (s *ServicesService) SetYouTrackService(pid interface{}, opt *SetYouTrackServiceOptions, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("projects/%s/services/youtrack", pathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodPut, u, opt, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
+
+// DeleteYouTrackService deletes YouTrack service settings for a project.
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ce/api/services.html#delete-youtrack-service
+func (s *ServicesService) DeleteYouTrackService(pid interface{}, options ...RequestOptionFunc) (*Response, error) {
+	project, err := parseID(pid)
+	if err != nil {
+		return nil, err
+	}
+	u := fmt.Sprintf("projects/%s/services/youtrack", pathEscape(project))
+
+	req, err := s.client.NewRequest(http.MethodDelete, u, nil, options)
+	if err != nil {
+		return nil, err
+	}
+
+	return s.client.Do(req, nil)
+}
diff --git a/vendor/github.com/xanzy/go-gitlab/types.go b/vendor/github.com/xanzy/go-gitlab/types.go
index a893def051..805cd5b914 100644
--- a/vendor/github.com/xanzy/go-gitlab/types.go
+++ b/vendor/github.com/xanzy/go-gitlab/types.go
@@ -121,6 +121,42 @@ func DeploymentStatus(v DeploymentStatusValue) *DeploymentStatusValue {
 	return p
 }
 
+// EventTypeValue represents actions type for contribution events
+type EventTypeValue string
+
+// List of available action type
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/events.html#action-types
+const (
+	CreatedEventType   EventTypeValue = "created"
+	UpdatedEventType   EventTypeValue = "updated"
+	ClosedEventType    EventTypeValue = "closed"
+	ReopenedEventType  EventTypeValue = "reopened"
+	PushedEventType    EventTypeValue = "pushed"
+	CommentedEventType EventTypeValue = "commented"
+	MergedEventType    EventTypeValue = "merged"
+	JoinedEventType    EventTypeValue = "joined"
+	LeftEventType      EventTypeValue = "left"
+	DestroyedEventType EventTypeValue = "destroyed"
+	ExpiredEventType   EventTypeValue = "expired"
+)
+
+// EventTargetTypeValue represents actions type value for contribution events
+type EventTargetTypeValue string
+
+// List of available action type
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/events.html#target-types
+const (
+	IssueEventTargetType        EventTargetTypeValue = "issue"
+	MilestoneEventTargetType    EventTargetTypeValue = "milestone"
+	MergeRequestEventTargetType EventTargetTypeValue = "merge_request"
+	NoteEventTargetType         EventTargetTypeValue = "note"
+	ProjectEventTargetType      EventTargetTypeValue = "project"
+	SnippetEventTargetType      EventTargetTypeValue = "snippet"
+	UserEventTargetType         EventTargetTypeValue = "user"
+)
+
 // FileActionValue represents the available actions that can be performed on a file.
 //
 // GitLab API docs: https://docs.gitlab.com/ce/api/commits.html#create-a-commit-with-multiple-files-and-actions
@@ -191,6 +227,69 @@ func (t ISOTime) String() string {
 	return time.Time(t).Format(iso8601)
 }
 
+// LinkTypeValue represents a release link type.
+type LinkTypeValue string
+
+// List of available release link types
+//
+// GitLab API docs:
+// https://docs.gitlab.com/ee/api/releases/links.html#create-a-link
+const (
+	ImageLinkType   LinkTypeValue = "image"
+	OtherLinkType   LinkTypeValue = "other"
+	PackageLinkType LinkTypeValue = "package"
+	RunbookLinkType LinkTypeValue = "runbook"
+)
+
+// LinkType is a helper routine that allocates a new LinkType value
+// to store v and returns a pointer to it.
+func LinkType(v LinkTypeValue) *LinkTypeValue {
+	p := new(LinkTypeValue)
+	*p = v
+	return p
+}
+
+// LicenseApprovalStatusValue describe the approval statuses of a license.
+//
+// GitLab API docs: https://docs.gitlab.com/ee/api/managed_licenses.html
+type LicenseApprovalStatusValue string
+
+// List of available license approval statuses.
+const (
+	LicenseApproved    LicenseApprovalStatusValue = "approved"
+	LicenseBlacklisted LicenseApprovalStatusValue = "blacklisted"
+)
+
+// LicenseApprovalStatus is a helper routine that allocates a new license
+// approval status value to store v and returns a pointer to it.
+func LicenseApprovalStatus(v LicenseApprovalStatusValue) *LicenseApprovalStatusValue {
+	p := new(LicenseApprovalStatusValue)
+	*p = v
+	return p
+}
+
+// MergeMethodValue represents a project merge type within GitLab.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/projects.html#project-merge-method
+type MergeMethodValue string
+
+// List of available merge type
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/projects.html#project-merge-method
+const (
+	NoFastForwardMerge MergeMethodValue = "merge"
+	FastForwardMerge   MergeMethodValue = "ff"
+	RebaseMerge        MergeMethodValue = "rebase_merge"
+)
+
+// MergeMethod is a helper routine that allocates a new MergeMethod
+// to sotre v and returns a pointer to it.
+func MergeMethod(v MergeMethodValue) *MergeMethodValue {
+	p := new(MergeMethodValue)
+	*p = v
+	return p
+}
+
 // NotificationLevelValue represents a notification level.
 type NotificationLevelValue int
 
@@ -261,28 +360,6 @@ func NotificationLevel(v NotificationLevelValue) *NotificationLevelValue {
 	return p
 }
 
-// VisibilityValue represents a visibility level within GitLab.
-//
-// GitLab API docs: https://docs.gitlab.com/ce/api/
-type VisibilityValue string
-
-// List of available visibility levels.
-//
-// GitLab API docs: https://docs.gitlab.com/ce/api/
-const (
-	PrivateVisibility  VisibilityValue = "private"
-	InternalVisibility VisibilityValue = "internal"
-	PublicVisibility   VisibilityValue = "public"
-)
-
-// Visibility is a helper routine that allocates a new VisibilityValue
-// to store v and returns a pointer to it.
-func Visibility(v VisibilityValue) *VisibilityValue {
-	p := new(VisibilityValue)
-	*p = v
-	return p
-}
-
 // ProjectCreationLevelValue represents a project creation level within GitLab.
 //
 // GitLab API docs: https://docs.gitlab.com/ce/api/
@@ -347,6 +424,28 @@ func VariableType(v VariableTypeValue) *VariableTypeValue {
 	return p
 }
 
+// VisibilityValue represents a visibility level within GitLab.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/
+type VisibilityValue string
+
+// List of available visibility levels.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/
+const (
+	PrivateVisibility  VisibilityValue = "private"
+	InternalVisibility VisibilityValue = "internal"
+	PublicVisibility   VisibilityValue = "public"
+)
+
+// Visibility is a helper routine that allocates a new VisibilityValue
+// to store v and returns a pointer to it.
+func Visibility(v VisibilityValue) *VisibilityValue {
+	p := new(VisibilityValue)
+	*p = v
+	return p
+}
+
 // WikiFormatValue represents the available wiki formats.
 //
 // GitLab API docs: https://docs.gitlab.com/ce/api/wikis.html
@@ -368,64 +467,6 @@ func WikiFormat(v WikiFormatValue) *WikiFormatValue {
 	return p
 }
 
-// MergeMethodValue represents a project merge type within GitLab.
-//
-// GitLab API docs: https://docs.gitlab.com/ce/api/projects.html#project-merge-method
-type MergeMethodValue string
-
-// List of available merge type
-//
-// GitLab API docs: https://docs.gitlab.com/ce/api/projects.html#project-merge-method
-const (
-	NoFastForwardMerge MergeMethodValue = "merge"
-	FastForwardMerge   MergeMethodValue = "ff"
-	RebaseMerge        MergeMethodValue = "rebase_merge"
-)
-
-// MergeMethod is a helper routine that allocates a new MergeMethod
-// to sotre v and returns a pointer to it.
-func MergeMethod(v MergeMethodValue) *MergeMethodValue {
-	p := new(MergeMethodValue)
-	*p = v
-	return p
-}
-
-// EventTypeValue represents actions type for contribution events
-type EventTypeValue string
-
-// List of available action type
-//
-// GitLab API docs: https://docs.gitlab.com/ce/api/events.html#action-types
-const (
-	CreatedEventType   EventTypeValue = "created"
-	UpdatedEventType   EventTypeValue = "updated"
-	ClosedEventType    EventTypeValue = "closed"
-	ReopenedEventType  EventTypeValue = "reopened"
-	PushedEventType    EventTypeValue = "pushed"
-	CommentedEventType EventTypeValue = "commented"
-	MergedEventType    EventTypeValue = "merged"
-	JoinedEventType    EventTypeValue = "joined"
-	LeftEventType      EventTypeValue = "left"
-	DestroyedEventType EventTypeValue = "destroyed"
-	ExpiredEventType   EventTypeValue = "expired"
-)
-
-// EventTargetTypeValue represents actions type value for contribution events
-type EventTargetTypeValue string
-
-// List of available action type
-//
-// GitLab API docs: https://docs.gitlab.com/ce/api/events.html#target-types
-const (
-	IssueEventTargetType        EventTargetTypeValue = "issue"
-	MilestoneEventTargetType    EventTargetTypeValue = "milestone"
-	MergeRequestEventTargetType EventTargetTypeValue = "merge_request"
-	NoteEventTargetType         EventTargetTypeValue = "note"
-	ProjectEventTargetType      EventTargetTypeValue = "project"
-	SnippetEventTargetType      EventTargetTypeValue = "snippet"
-	UserEventTargetType         EventTargetTypeValue = "user"
-)
-
 // Bool is a helper routine that allocates a new bool value
 // to store v and returns a pointer to it.
 func Bool(v bool) *bool {
diff --git a/vendor/github.com/xanzy/go-gitlab/users.go b/vendor/github.com/xanzy/go-gitlab/users.go
index 965a0ed13b..d43e802e19 100644
--- a/vendor/github.com/xanzy/go-gitlab/users.go
+++ b/vendor/github.com/xanzy/go-gitlab/users.go
@@ -143,13 +143,20 @@ func (s *UsersService) ListUsers(opt *ListUsersOptions, options ...RequestOption
 	return usr, resp, err
 }
 
+// GetUsersOptions represents the available GetUser() options.
+//
+// GitLab API docs: https://docs.gitlab.com/ce/api/users.html#single-user
+type GetUsersOptions struct {
+	WithCustomAttributes *bool `url:"with_custom_attributes,omitempty" json:"with_custom_attributes,omitempty"`
+}
+
 // GetUser gets a single user.
 //
 // GitLab API docs: https://docs.gitlab.com/ce/api/users.html#single-user
-func (s *UsersService) GetUser(user int, options ...RequestOptionFunc) (*User, *Response, error) {
+func (s *UsersService) GetUser(user int, opt GetUsersOptions, options ...RequestOptionFunc) (*User, *Response, error) {
 	u := fmt.Sprintf("users/%d", user)
 
-	req, err := s.client.NewRequest(http.MethodGet, u, nil, options)
+	req, err := s.client.NewRequest(http.MethodGet, u, opt, options)
 	if err != nil {
 		return nil, nil, err
 	}
@@ -838,7 +845,7 @@ type PersonalAccessToken struct {
 	Revoked   bool       `json:"revoked"`
 	CreatedAt *time.Time `json:"created_at"`
 	Scopes    []string   `json:"scopes"`
-	UserID    string     `json:"user_id"`
+	UserID    int        `json:"user_id"`
 	Active    bool       `json:"active"`
 	ExpiresAt *ISOTime   `json:"expires_at"`
 	Token     string     `json:"token"`
diff --git a/vendor/github.com/yuin/goldmark-highlighting/go.mod b/vendor/github.com/yuin/goldmark-highlighting/go.mod
index 87a5bc0092..0fe74375b2 100644
--- a/vendor/github.com/yuin/goldmark-highlighting/go.mod
+++ b/vendor/github.com/yuin/goldmark-highlighting/go.mod
@@ -3,12 +3,7 @@ module github.com/yuin/goldmark-highlighting
 go 1.13
 
 require (
-	github.com/GeertJohan/go.rice v1.0.0 // indirect
 	github.com/alecthomas/chroma v0.7.2-0.20200305040604-4f3623dce67a
-	github.com/alecthomas/kong-hcl v0.1.8-0.20190615233001-b21fea9723c8 // indirect
 	github.com/dlclark/regexp2 v1.2.0 // indirect
-	github.com/gorilla/csrf v1.6.0 // indirect
-	github.com/gorilla/handlers v1.4.1 // indirect
-	github.com/gorilla/mux v1.7.3 // indirect
-	github.com/yuin/goldmark v1.1.22
+	github.com/yuin/goldmark v1.3.6
 )
diff --git a/vendor/github.com/yuin/goldmark-highlighting/go.sum b/vendor/github.com/yuin/goldmark-highlighting/go.sum
index 68947e114e..cedf339a3b 100644
--- a/vendor/github.com/yuin/goldmark-highlighting/go.sum
+++ b/vendor/github.com/yuin/goldmark-highlighting/go.sum
@@ -1,58 +1,34 @@
-github.com/GeertJohan/go.incremental v1.0.0/go.mod h1:6fAjUhbVuX1KcMD3c8TEgVUqmo4seqhv0i0kdATSkM0=
-github.com/GeertJohan/go.rice v1.0.0/go.mod h1:eH6gbSOAUv07dQuZVnBmoDP8mgsM1rtixis4Tib9if0=
-github.com/akavel/rsrc v0.8.0/go.mod h1:uLoCtb9J+EyAqh+26kdrTgmzRBFPGOolLWKpdxkKq+c=
 github.com/alecthomas/assert v0.0.0-20170929043011-405dbfeb8e38 h1:smF2tmSOzy2Mm+0dGI2AIUHY+w0BUc+4tn40djz7+6U=
 github.com/alecthomas/assert v0.0.0-20170929043011-405dbfeb8e38/go.mod h1:r7bzyVFMNntcxPZXK3/+KdruV1H5KSlyVY0gc+NgInI=
-github.com/alecthomas/chroma v0.7.0 h1:z+0HgTUmkpRDRz0SRSdMaqOLfJV4F+N1FPDZUZIDUzw=
-github.com/alecthomas/chroma v0.7.0/go.mod h1:1U/PfCsTALWWYHDnsIQkxEBM0+6LLe0v8+RSVMOwxeY=
-github.com/alecthomas/chroma v0.7.1 h1:G1i02OhUbRi2nJxcNkwJaY/J1gHXj9tt72qN6ZouLFQ=
-github.com/alecthomas/chroma v0.7.1/go.mod h1:gHw09mkX1Qp80JlYbmN9L3+4R5o6DJJ3GRShh+AICNc=
 github.com/alecthomas/chroma v0.7.2-0.20200305040604-4f3623dce67a h1:3v1NrYWWqp2S72e4HLgxKt83B3l0lnORDholH/ihoMM=
 github.com/alecthomas/chroma v0.7.2-0.20200305040604-4f3623dce67a/go.mod h1:fv5SzZPFJbwp2NXJWpFIX7DZS4HgV1K4ew4Pc2OZD9s=
 github.com/alecthomas/colour v0.0.0-20160524082231-60882d9e2721 h1:JHZL0hZKJ1VENNfmXvHbgYlbUOvpzYzvy2aZU5gXVeo=
 github.com/alecthomas/colour v0.0.0-20160524082231-60882d9e2721/go.mod h1:QO9JBoKquHd+jz9nshCh40fOfO+JzsoXy8qTHF68zU0=
-github.com/alecthomas/kong v0.1.17-0.20190424132513-439c674f7ae0/go.mod h1:+inYUSluD+p4L8KdviBSgzcqEjUQOfC5fQDRFuc36lI=
 github.com/alecthomas/kong v0.2.1-0.20190708041108-0548c6b1afae/go.mod h1:+inYUSluD+p4L8KdviBSgzcqEjUQOfC5fQDRFuc36lI=
-github.com/alecthomas/kong-hcl v0.1.8-0.20190615233001-b21fea9723c8/go.mod h1:MRgZdU3vrFd05IQ89AxUZ0aYdF39BYoNFa324SodPCA=
 github.com/alecthomas/repr v0.0.0-20180818092828-117648cd9897 h1:p9Sln00KOTlrYkxI1zYWl1QLnEqAqEARBEYa8FQnQcY=
 github.com/alecthomas/repr v0.0.0-20180818092828-117648cd9897/go.mod h1:xTS7Pm1pD1mvyM075QCDSRqH6qRLXylzS24ZTpRiSzQ=
-github.com/daaku/go.zipexe v1.0.0/go.mod h1:z8IiR6TsVLEYKwXAoE/I+8ys/sDkgTzSL0CLnGVd57E=
 github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964 h1:y5HC9v93H5EPKqaS1UYVg1uYah5Xf51mBfIoWehClUQ=
 github.com/danwakefield/fnmatch v0.0.0-20160403171240-cbb64ac3d964/go.mod h1:Xd9hchkHSWYkEqJwUGisez3G1QY8Ryz0sdWrLPMGjLk=
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/dlclark/regexp2 v1.1.6 h1:CqB4MjHw0MFCDj+PHHjiESmHX+N7t0tJzKvC6M97BRg=
 github.com/dlclark/regexp2 v1.1.6/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
 github.com/dlclark/regexp2 v1.2.0 h1:8sAhBGEM0dRWogWqWyQeIJnxjWO6oIjl8FKqREDsGfk=
 github.com/dlclark/regexp2 v1.2.0/go.mod h1:2pZnwuY/m+8K6iRw6wQdMtk+rH5tNGR1i55kozfMjCc=
-github.com/gorilla/csrf v1.6.0/go.mod h1:7tSf8kmjNYr7IWDCYhd3U8Ck34iQ/Yw5CJu7bAkHEGI=
-github.com/gorilla/handlers v1.4.1/go.mod h1:Qkdc/uu4tH4g6mTK6auzZ766c4CA0Ng8+o/OAirnOIQ=
-github.com/gorilla/mux v1.7.3/go.mod h1:1lud6UwP+6orDFRuTfBEV8e9/aOM/c4fVVCaMa2zaAs=
-github.com/gorilla/securecookie v1.1.1/go.mod h1:ra0sb63/xPlUeL+yeDciTfxMRAA+MP+HVt/4epWDjd4=
-github.com/hashicorp/hcl v1.0.0/go.mod h1:E5yfLk+7swimpb2L/Alb/PJmXilQ/rhwaUYs4T20WEQ=
-github.com/jessevdk/go-flags v1.4.0/go.mod h1:4FA24M0QyGHXBuZZK/XkWh8h0e1EYbRYJSGM75WSRxI=
 github.com/mattn/go-colorable v0.0.9/go.mod h1:9vuHe8Xs5qXnSaW/c/ABM9alt+Vo+STaOChaDxuIBZU=
 github.com/mattn/go-isatty v0.0.4 h1:bnP0vzxcAdeI1zdubAl5PjU6zsERjGZb7raWodagDYs=
 github.com/mattn/go-isatty v0.0.4/go.mod h1:M+lRXTBqGeGNdLjl/ufCoiOlB5xdOkqRJdNxMWT7Zi4=
 github.com/mitchellh/mapstructure v1.1.2/go.mod h1:FVVH3fgwuzCH5S8UJGiWEs2h04kUh9fWfEaFds41c1Y=
-github.com/nkovacs/streamquote v0.0.0-20170412213628-49af9bddb229/go.mod h1:0aYXnNPJ8l7uZxf45rWW1a/uME32OF0rhiYGNQ2oF2E=
-github.com/pkg/errors v0.8.0/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pkg/errors v0.8.1/go.mod h1:bwawxfHBFNV+L2hUp1rHADufV3IMtnDRdf1r5NINEl0=
 github.com/pmezard/go-difflib v1.0.0 h1:4DBwDE0NGyQoBHbLQYPwSUPoCMWR5BEzIk/f1lZbAQM=
 github.com/pmezard/go-difflib v1.0.0/go.mod h1:iKH77koFhYxTK1pcRnkKkqfTogsbg7gZNVY4sRDYZ/4=
 github.com/sergi/go-diff v1.0.0 h1:Kpca3qRNrduNnOQeazBd0ysaKrUJiIuISHxogkT9RPQ=
 github.com/sergi/go-diff v1.0.0/go.mod h1:0CfEIISq7TuYL3j771MWULgwwjU+GofnZX9QAmXWZgo=
 github.com/stretchr/objx v0.1.0/go.mod h1:HFkY916IF+rwdDfMAkV7OtwuqBVzrE8GR6GFx+wExME=
-github.com/stretchr/testify v1.2.2 h1:bSDNvY7ZPG5RlJ8otE/7V6gMiyenm9RtJ7IUVIAoJ1w=
 github.com/stretchr/testify v1.2.2/go.mod h1:a8OnRcib4nhh0OaRAV+Yts87kKdq0PP7pXfy6kDkUVs=
 github.com/stretchr/testify v1.3.0 h1:TivCn/peBQ7UY8ooIcPgZFpTNSz0Q2U6UrFlUfqbe0Q=
 github.com/stretchr/testify v1.3.0/go.mod h1:M5WIy9Dh21IEIfnGCwXGc5bZfKNJtfHm1UVUgZn+9EI=
-github.com/valyala/bytebufferpool v1.0.0/go.mod h1:6bBcMArwyJ5K/AmCkWv1jt77kVWyCJ6HpOuEn7z0Csc=
-github.com/valyala/fasttemplate v1.0.1/go.mod h1:UQGH1tvbgY+Nz5t2n7tXsz52dQxojPUpymEIMZ47gx8=
-github.com/yuin/goldmark v1.1.7 h1:XiwWADvxJeIM1JbXqthrEhDc19hTMui+o+QaY1hGXlk=
-github.com/yuin/goldmark v1.1.7/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
-github.com/yuin/goldmark v1.1.22 h1:0e0f6Zee9SAQ5yOZGNMWaOxqVvcc/9/kUWu/Kl91Jk8=
-github.com/yuin/goldmark v1.1.22/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
+github.com/yuin/goldmark v1.3.6 h1:rvdBidUJAJM2O9VLcNTB4oRwxG33uIxY+zUq6yWUT8c=
+github.com/yuin/goldmark v1.3.6/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
 golang.org/x/sys v0.0.0-20181128092732-4ed8d59d0b35 h1:YAFjXN64LMvktoUZH9zgY4lGc/msGN7HQfoSuKCgaDU=
 golang.org/x/sys v0.0.0-20181128092732-4ed8d59d0b35/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY=
diff --git a/vendor/github.com/yuin/goldmark-highlighting/highlighting.go b/vendor/github.com/yuin/goldmark-highlighting/highlighting.go
index 3b39d2ced7..2937e3fa30 100644
--- a/vendor/github.com/yuin/goldmark-highlighting/highlighting.go
+++ b/vendor/github.com/yuin/goldmark-highlighting/highlighting.go
@@ -112,6 +112,9 @@ type Config struct {
 	// Supported styles are defined under https://github.com/alecthomas/chroma/tree/master/formatters.
 	Style string
 
+	// Pass in a custom Chroma style. If this is not nil, the Style string will be ignored
+	CustomStyle *chroma.Style
+
 	// If set, will try to guess language if none provided.
 	// If the guessing fails, we will fall back to a text lexer.
 	// Note that while Chroma's API supports language guessing, the implementation
@@ -150,6 +153,8 @@ func (c *Config) SetOption(name renderer.OptionName, value interface{}) {
 	switch name {
 	case optStyle:
 		c.Style = value.(string)
+	case optCustomStyle:
+		c.CustomStyle = value.(*chroma.Style)
 	case optFormatOptions:
 		if value != nil {
 			c.FormatOptions = value.([]chromahtml.Option)
@@ -200,6 +205,7 @@ func WithHTMLOptions(opts ...html.Option) Option {
 }
 
 const optStyle renderer.OptionName = "HighlightingStyle"
+const optCustomStyle renderer.OptionName = "HighlightingCustomStyle"
 
 var highlightLinesAttrName = []byte("hl_lines")
 
@@ -227,6 +233,23 @@ func WithStyle(style string) Option {
 	return &withStyle{style}
 }
 
+type withCustomStyle struct {
+	value *chroma.Style
+}
+
+func (o *withCustomStyle) SetConfig(c *renderer.Config) {
+	c.Options[optCustomStyle] = o.value
+}
+
+func (o *withCustomStyle) SetHighlightingOption(c *Config) {
+	c.CustomStyle = o.value
+}
+
+// WithStyle is a functional option that changes highlighting style.
+func WithCustomStyle(style *chroma.Style) Option {
+	return &withCustomStyle{style}
+}
+
 const optCSSWriter renderer.OptionName = "HighlightingCSSWriter"
 
 type withCSSWriter struct {
@@ -316,7 +339,7 @@ func (o *withFormatOptions) SetConfig(c *renderer.Config) {
 	if _, ok := c.Options[optFormatOptions]; !ok {
 		c.Options[optFormatOptions] = []chromahtml.Option{}
 	}
-	c.Options[optStyle] = append(c.Options[optFormatOptions].([]chromahtml.Option), o.value...)
+	c.Options[optFormatOptions] = append(c.Options[optFormatOptions].([]chromahtml.Option), o.value...)
 }
 
 func (o *withFormatOptions) SetHighlightingOption(c *Config) {
@@ -385,7 +408,11 @@ func (r *HTMLRenderer) renderFencedCodeBlock(w util.BufWriter, source []byte, no
 
 	chromaFormatterOptions := make([]chromahtml.Option, len(r.FormatOptions))
 	copy(chromaFormatterOptions, r.FormatOptions)
-	style := styles.Get(r.Style)
+
+	style := r.CustomStyle
+	if style == nil {
+		style = styles.Get(r.Style)
+	}
 	nohl := false
 
 	var info []byte
diff --git a/vendor/github.com/yuin/goldmark/README.md b/vendor/github.com/yuin/goldmark/README.md
index f7a66f66f7..5520346acd 100644
--- a/vendor/github.com/yuin/goldmark/README.md
+++ b/vendor/github.com/yuin/goldmark/README.md
@@ -423,6 +423,7 @@ Extensions
 - [goldmark-emoji](https://github.com/yuin/goldmark-emoji): An emoji
   extension for the goldmark Markdown parser.
 - [goldmark-mathjax](https://github.com/litao91/goldmark-mathjax): Mathjax support for the goldmark markdown parser
+- [goldmark-pdf](https://github.com/stephenafamo/goldmark-pdf): A PDF renderer that can be passed to `goldmark.WithRenderer()`.
 
 goldmark internal(for extension developers)
 ----------------------------------------------
diff --git a/vendor/github.com/yuin/goldmark/parser/attribute.go b/vendor/github.com/yuin/goldmark/parser/attribute.go
index ea8c0645df..4c7cc24922 100644
--- a/vendor/github.com/yuin/goldmark/parser/attribute.go
+++ b/vendor/github.com/yuin/goldmark/parser/attribute.go
@@ -129,6 +129,11 @@ func parseAttribute(reader text.Reader) (Attribute, bool) {
 	if !ok {
 		return Attribute{}, false
 	}
+	if bytes.Equal(name, attrNameClass) {
+		if _, ok = value.([]byte); !ok {
+			return Attribute{}, false
+		}
+	}
 	return Attribute{Name: name, Value: value}, true
 }
 
diff --git a/vendor/github.com/yuin/goldmark/parser/parser.go b/vendor/github.com/yuin/goldmark/parser/parser.go
index e58b5ee936..6e0e935674 100644
--- a/vendor/github.com/yuin/goldmark/parser/parser.go
+++ b/vendor/github.com/yuin/goldmark/parser/parser.go
@@ -1129,21 +1129,27 @@ func (p *parser) parseBlock(block text.BlockReader, parent ast.Node, pc Context)
 			break
 		}
 		lineLength := len(line)
+		softLinebreak := false
 		hardlineBreak := false
-		softLinebreak := line[lineLength-1] == '\n'
-		if lineLength >= 2 && line[lineLength-2] == '\\' && softLinebreak { // ends with \\n
+		hasNewLine := line[lineLength-1] == '\n'
+		if lineLength >= 2 && line[lineLength-2] == '\\' && hasNewLine { // ends with \\n
 			lineLength -= 2
 			hardlineBreak = true
 
-		} else if lineLength >= 3 && line[lineLength-3] == '\\' && line[lineLength-2] == '\r' && softLinebreak { // ends with \\r\n
+		} else if lineLength >= 3 && line[lineLength-3] == '\\' && line[lineLength-2] == '\r' && hasNewLine { // ends with \\r\n
 			lineLength -= 3
 			hardlineBreak = true
-		} else if lineLength >= 3 && line[lineLength-3] == ' ' && line[lineLength-2] == ' ' && softLinebreak { // ends with [space][space]\n
+		} else if lineLength >= 3 && line[lineLength-3] == ' ' && line[lineLength-2] == ' ' && hasNewLine { // ends with [space][space]\n
 			lineLength -= 3
 			hardlineBreak = true
-		} else if lineLength >= 4 && line[lineLength-4] == ' ' && line[lineLength-3] == ' ' && line[lineLength-2] == '\r' && softLinebreak { // ends with [space][space]\r\n
+		} else if lineLength >= 4 && line[lineLength-4] == ' ' && line[lineLength-3] == ' ' && line[lineLength-2] == '\r' && hasNewLine { // ends with [space][space]\r\n
 			lineLength -= 4
 			hardlineBreak = true
+		} else if hasNewLine {
+			// If the line ends with a newline character, but it is not a hardlineBreak, then it is a softLinebreak
+			// If the line ends with a hardlineBreak, then it cannot end with a softLinebreak
+			// See https://spec.commonmark.org/0.29/#soft-line-breaks
+			softLinebreak = true
 		}
 
 		l, startPosition := block.Position()