bat modifies body from stdin if it is also valid JSON

[dch]

Reading https://github.com/astaxie/bat/blob/master/bat.go#L195-L204 bat attempts to parse stdin as JSON, and when it succeeds, the body content may be different to what was originally submitted. For example if that content has been previously used to calculate a signature such as HMAC-SHA1,
then the signature may no longer be valid.

In practice, when POSTing a file and adding its HMAC as a header, bat effectively appends 0x0a and it's possible that the final output JSON may be altered -- I haven't yet checked this but it could have different key/object order, or changed keys, as JSON allows repeated keys within objects.

I can understand if this is intended behaviour but it took a surprisingly long time to realise
this was the case, and track it down.

I'd propose that PoLA should apply for content from stdin and it not be altered, or at least, only if the -json=true flag has been specified.

[dch]

just confirming that order of JSON keys undergoes significant changes. Here's the first part of the JSON from github webhook, from the original file, and via bat POST ... without the -j flags:

# good file
{"zen":"Practicality beats purity."...
# bad bat
{"hook":{"active":true,"config":...