Commit Graph

36 Commits

Author SHA1 Message Date
wxiaoguang
6bc3079c00
Refactor git command package to improve security and maintainability (#22678)
This PR follows #21535 (and replace #22592)

## Review without space diff

https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1

## Purpose of this PR

1. Make git module command completely safe (risky user inputs won't be
passed as argument option anymore)
2. Avoid low-level mistakes like
https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918
3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg`
type
4. Simplify code when using git command

## The main idea of this PR

* Move the `git.CmdArg` to the `internal` package, then no other package
except `git` could use it. Then developers could never do
`AddArguments(git.CmdArg(userInput))` any more.
* Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already
trusted arguments. It's only used in a few cases, for example: use git
arguments from config file, help unit test with some arguments.
* Introduce `AddOptionValues` and `AddOptionFormat`, they make code more
clear and simple:
    * Before: `AddArguments("-m").AddDynamicArguments(message)`
    * After: `AddOptionValues("-m", message)`
    * -
* Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'",
sig.Name, sig.Email)))`
* After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)`

## FAQ

### Why these changes were not done in #21535 ?

#21535 is mainly a search&replace, it did its best to not change too
much logic.

Making the framework better needs a lot of changes, so this separate PR
is needed as the second step.


### The naming of `AddOptionXxx`

According to git's manual, the `--xxx` part is called `option`.

### How can it guarantee that `internal.CmdArg` won't be not misused?

Go's specification guarantees that. Trying to access other package's
internal package causes compilation error.

And, `golangci-lint` also denies the git/internal package. Only the
`git/command.go` can use it carefully.

### There is still a `ToTrustedCmdArgs`, will it still allow developers
to make mistakes and pass untrusted arguments?

Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code
will be very complex (see the changes for examples). Then developers and
reviewers can know that something might be unreasonable.

### Why there was a `CmdArgCheck` and why it's removed?

At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck`
was introduced as a hacky patch. Now, almost all code could be written
as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for
`CmdArgCheck` anymore.


### Why many codes for `signArg == ""` is deleted?

Because in the old code, `signArg` could never be empty string, it's
either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just
dead code.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 10:30:43 +08:00
techknowlogick
cfb1cb1168
update to build with go1.20 (#22732)
as title

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
2023-02-03 11:23:52 -05:00
Jason Song
c86be819bb
Add more packages to denylist (#22412)
After this, we can remove
[`denylist_imports`](https://gitea.com/gitea/gitea-vet/src/branch/master/checks/denylisted-imports.go#L13)
in gitea-vet
([gitea-vet/pulls/23](https://gitea.com/gitea/gitea-vet/pulls/23)).

```go
deniedImports   = []string{"io/ioutil", "encoding/json", "gitea.com/gitea/go-crypto"}
```

However, we needn't keep `gitea.com/gitea/go-crypto` any longer, it's
gone and can't be imported again.

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-12 23:35:53 +08:00
silverwind
0585ac3ac6
Update go dev dependencies (#22064)
`golangci-lint`
[deprecated](https://github.com/golangci/golangci-lint/issues/1841) a
bunch of linters, removed them.
2022-12-08 16:21:37 +08:00
silverwind
0647df3e83
Simplify fmt-check (#21458)
`fmt-check` now simply does `fmt` before and relies on `git diff` like
other checks like 'tidy-check' already do, so we can remove the argument
in the tool that handles printing changed files.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-10-16 16:11:17 +08:00
silverwind
399514453e
Configure golangci-lint to show all issues (#21106)
golangci by default [limits](https://golangci-lint.run/usage/configuration/#issues-configuration)
"same issues" to 3 which can be hindering when many issues are present.
Change it to always show all issues.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-09-20 17:39:00 +08:00
techknowlogick
d8e6c99125
Add badge capabilities to users (#20607)
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2022-08-18 02:25:25 +03:00
techknowlogick
be824890e4
Switch to building with go1.19 (#20695) 2022-08-07 12:25:03 -04:00
Wim
cb50375e2b
Add more linters to improve code readability (#19989)
Add nakedret, unconvert, wastedassign, stylecheck and nolintlint linters to improve code readability

- nakedret - https://github.com/alexkohler/nakedret - nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length.
- unconvert - https://github.com/mdempsky/unconvert - Remove unnecessary type conversions
- wastedassign - https://github.com/sanposhiho/wastedassign -  wastedassign finds wasted assignment statements.
- notlintlint -  Reports ill-formed or insufficient nolint directives
- stylecheck - https://staticcheck.io/docs/checks/#ST - keep style consistent
  - excluded: [ST1003 - Poorly chosen identifier](https://staticcheck.io/docs/checks/#ST1003) and [ST1005 - Incorrectly formatted error string](https://staticcheck.io/docs/checks/#ST1005)
2022-06-20 12:02:49 +02:00
silverwind
318f360252
Update go tool dependencies (#19676)
* Update go tool dependencies

Updated all tool dependencies to latest tags, hoping CI will like it.

* fix new lint errors

* handle more strings.Title cases

* remove lint skip
2022-05-10 23:55:54 +02:00
wxiaoguang
65f17bfc31
Refactor legacy unknwon/com package, improve golangci lint (#19284)
The main purpose is to refactor the legacy `unknwon/com` package.
1. Remove most imports of `unknwon/com`, only `util/legacy.go` imports the legacy `unknwon/com`
2. Use golangci's depguard to process denied packages
3. Fix some incorrect values in golangci.yml, eg, the version should be quoted string `"1.18"`
4. Use correctly escaped content for `go-import` and `go-source` meta tags
5. Refactor `com.Expand` to our stable (and the same fast) `vars.Expand`, our `vars.Expand` can still return partially rendered content even if the template is not good (eg: key mistach).
2022-04-01 16:47:50 +08:00
Sasha Melentyev
c604c9ae66
Add 1.18 (#19151)
Co-authored-by: 6543 <6543@obermui.de>
2022-03-21 11:22:34 +08:00
techknowlogick
ed1d95c55d
use go1.18 to build gitea (#19099)
* use go1.18 to build gitea& update min go version to 1.17

* bump in a few more places

* add a few simple tests for isipprivate

* update go.mod

* update URL to https://go.dev/dl/

* golangci-lint

* attempt golangci-lint workaround

* change version

* bump fumpt version

* skip strings.title test

* go mod tidy

* update tests as some aren't private??

* update tests
2022-03-16 00:08:31 -04:00
silverwind
fe9626af29
Use go run for tool dependencies, require go 1.17 (#18874)
This ensures the tools only run in the versions we've tested and it also
does not polute PATH with those tools so they are truly isolated. This
syntax of `go run` requires go 1.17, so the minimum version is set
accordingly.

Fixes: https://github.com/go-gitea/gitea/issues/18867

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-03-15 22:50:26 -04:00
silverwind
2ddff74a54
Reduce CI go module downloads, add make targets (#18708)
The CI currently downloads all go modules in each pipeline step because
go modules reside outside the project directory. Fix this by introducing
a volume for the `/go` directory [1] so modules are only downloaded once per
pipeline using a new `deps-backend` make target.

For completeness, I also included new `deps` and `deps-frontend` targets
and the frontend one is also triggered explicitly on CI where needed.

[1] https://docs.drone.io/pipeline/kubernetes/examples/language/golang/#dependencies
2022-02-12 07:08:53 +00:00
6543
54e9ee37a7
format with gofumpt (#18184)
* gofumpt -w -l .

* gofumpt -w -l -extra .

* Add linter

* manual fix

* change make fmt
2022-01-20 18:46:10 +01:00
Bo-Yi Wu
948949f429
chore(lint): use golangci-lint to call revive and misspell checker. (#18145)
replace revive and misspell with golangci-lint

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2022-01-02 19:30:40 +00:00
Gusted
c98dd7a3e0
Remove unnecessary variable assignments (#17695)
* Remove unnecessary variable assignments

As title

* enable ineffassign

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-18 09:33:06 +08:00
Lunny Xiao
95d3266bee
Move user follow and openid into models/user/ (#17613)
* Move UserRedirect into models/user/

* Fix lint & test

* Fix lint

* Fix lint

* remove nolint comment

* Fix lint

* Move user follow and openid into models/user

* Ignore the lint

* Ignore the lint

* Fix test

* ignore stutters lint on UserOpenID
2021-11-17 17:58:31 +08:00
Gusted
adda27668b
Enable bidichk (#17610)
- https://github.com/breml/bidichk

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-11-17 16:47:28 +08:00
Gusted
a4dc0c5a82
Remove golint as linter (#17609)
- Partialy resolvess #17596
- In the newer versions of `golangci-lint`, golint is  deprecated and
replaced by the `revive` linter. Thus removing the `golint` linter is a
good idea, as we're already using the `revive` linter which covers all
the current `golint` cases.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-11 13:28:45 +08:00
Lunny Xiao
5842a55b31
Move login related structs and functions to models/login (#17093)
* Move login related structs and functions to models/login

* Fix test

* Fix lint

* Fix lint

* Fix lint of windows

* Fix lint

* Fix test

* Fix test

* Only load necessary fixtures when preparing unit tests envs

* Fix lint

* Fix test

* Fix test

* Fix error log

* Fix error log

* Fix error log

* remove unnecessary change

* fix error log

* merge main branch
2021-09-24 19:32:56 +08:00
Lunny Xiao
1bfb0a24d8
Refactor routers directory (#15800)
* refactor routers directory

* move func used for web and api to common

* make corsHandler a function to prohibit side efects

* rm unused func

Co-authored-by: 6543 <6543@obermui.de>
2021-06-09 01:33:54 +02:00
zeripath
bdc1697729
Drop back to use IsAnInteractiveSession for SVC (#15749)
* Drop back to use IsAnInteractiveSession for SVC

There is an apparent permission change problem when using
IsWindowsService to determine if the SVC manager should be
used.

This PR simply drops back to using IsAnInteractiveSession as
this does not change behaviour.

Fix #15454

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Yes staticcheck I know this is deprecated

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Just leave me alone lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
2021-05-07 11:27:31 +02:00
Ikko Ashimine
5b94a07ab5
Fix typo in .golangci.yml (#14933)
occured -> occurred
2021-03-09 03:38:18 -05:00
Lunny Xiao
6433ba0ec3
Move macaron to chi (#14293)
Use [chi](https://github.com/go-chi/chi) instead of the forked [macaron](https://gitea.com/macaron/macaron). Since macaron and chi have conflicts with session share, this big PR becomes a have-to thing. According my previous idea, we can replace macaron step by step but I'm wrong. :( Below is a list of big changes on this PR.

- [x] Define `context.ResponseWriter` interface with an implementation `context.Response`.
- [x] Use chi instead of macaron, and also a customize `Route` to wrap chi so that the router usage is similar as before.
- [x] Create different routers for `web`, `api`, `internal` and `install` so that the codes will be more clear and no magic .
- [x] Use https://github.com/unrolled/render instead of macaron's internal render
- [x] Use https://github.com/NYTimes/gziphandler instead of https://gitea.com/macaron/gzip
- [x] Use https://gitea.com/go-chi/session which is a modified version of https://gitea.com/macaron/session and removed `nodb` support since it will not be maintained. **BREAK**
- [x] Use https://gitea.com/go-chi/captcha which is a modified version of https://gitea.com/macaron/captcha
- [x] Use https://gitea.com/go-chi/cache which is a modified version of https://gitea.com/macaron/cache
- [x] Use https://gitea.com/go-chi/binding which is a modified version of https://gitea.com/macaron/binding
- [x] Use https://github.com/go-chi/cors instead of https://gitea.com/macaron/cors
- [x] Dropped https://gitea.com/macaron/i18n and make a new one in `code.gitea.io/gitea/modules/translation`
- [x] Move validation form structs from `code.gitea.io/gitea/modules/auth` to `code.gitea.io/gitea/modules/forms` to avoid dependency cycle.
- [x] Removed macaron log service because it's not need any more. **BREAK**
- [x] All form structs have to be get by `web.GetForm(ctx)` in the route function but not as a function parameter on routes definition.
- [x] Move Git HTTP protocol implementation to use routers directly.
- [x] Fix the problem that chi routes don't support trailing slash but macaron did.
- [x] `/api/v1/swagger` now will be redirect to `/api/swagger` but not render directly so that `APIContext` will not create a html render. 

Notices:
- Chi router don't support request with trailing slash
- Integration test `TestUserHeatmap` maybe mysql version related. It's failed on my macOS(mysql 5.7.29 installed via brew) but succeed on CI.

Co-authored-by: 6543 <6543@obermui.de>
2021-01-26 16:36:53 +01:00
Lunny Xiao
42354dfe45
Move webhook type from int to string (#13664)
* Move webhook type from int to string

* rename webhook_services

* finish refactor

* Fix merge

* Ignore unnecessary ci

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-12-08 11:41:14 +01:00
Lunny Xiao
c296f4fed6
Introduce go chi web framework as frontend of macaron, so that we can move routes from macaron to chi step by step (#7420)
* When route cannot be found on chi, go to macaron

* Stick chi version to 1.5.0

* Follow router log setting
2020-11-13 14:51:07 +02:00
kolaente
64133126cd
Update golangci-lint to version 1.31.0 (#13102)
This PR updates golangci-lint to the latest version 1.31.0.

The upgrade introduced a new check for which I've fixed or disabled most cases.

Signed-off-by: kolaente <k@knt.li>
2020-10-11 21:27:20 +01:00
Lunny Xiao
3878e985b6
Add default storage configurations (#12813)
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2020-09-29 12:05:13 +03:00
Lunny Xiao
bf1970d0bd
Improve push update options (#10105)
* Improve push update options

* fix test

* More refactor and fix lint

* fix lint

* Fix lint

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-02 15:27:34 -05:00
6543
5a187f4bcc Add API for Issue set Subscription (#8729)
* add issue subscriber API

* subscribers return []user.APIFormat

* add comments

* more meaningfull description

* without "reqToken()" api works ...
 * should be still secure beause ctx.user has to be there or nothing will hapen

* FIX: getIssueWatchers() get only aktive suscriber

* add return avter error on right position

* Revert "FIX: getIssueWatchers() get only aktive suscriber"

This reverts commit 5eca929185.

* Update routers/api/v1/repo/issue.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* test go linter again

* update swagger

* GetIssueWatchers -> GetIssueSubscribers

part one

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* GetIssueWatchers -> GetIssueSubscribers
part two

* Revert "test go linter again"

This reverts commit bab1235622.

* change description for unsubscribe too

* golangci-lint timeout avter 5min

* move issueSubscription to seperate file

* dont create black entitys

* use IsWatching until refactoring

* Update License Info

* better swagger description

* Update .golangci.yml

because functions moved from issue.go to issue_subscription.go

* add IssueWatchList type

* batch tasks

* use e Engien

* add error handling

* error should be the last type when returning multiple items

* short version

* reurn empy UserList instead of nil
2019-11-02 23:27:49 +08:00
kolaente
7408942c80 Update golangci to v1.20 (#8432)
* Update golangci to v1.20

Signed-off-by: kolaente <k@knt.li>

* Use the timeout flag instead of deadline, move it to config

Signed-off-by: kolaente <k@knt.li>
2019-10-08 16:42:30 -04:00
Tamal Saha
171b359877 Use gitea forked macaron (#7933)
Signed-off-by: Tamal Saha <tamal@appscode.com>
2019-08-23 12:40:29 -04:00
techknowlogick
99a004c343
Update golangci-lint to v1.17.1 (#7848) 2019-08-13 23:32:38 -04:00
kolaente
f9ec2f89f2 Add golangci (#6418) 2019-06-12 15:41:28 -04:00