mirror of https://github.com/go-gitea/gitea
Tag:
Branch:
Tree:
d9a7748cdc
main
release/v1.10
release/v1.11
release/v1.12
release/v1.13
release/v1.14
release/v1.15
release/v1.16
release/v1.17
release/v1.18
release/v1.19
release/v1.20
release/v1.21
release/v1.22
release/v1.22-legacy
release/v1.8
release/v1.9
v0.9.99
v1.0.0
v1.0.1
v1.0.2
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.10.0
v1.10.0-dev
v1.10.0-rc1
v1.10.0-rc2
v1.10.1
v1.10.2
v1.10.3
v1.10.4
v1.10.5
v1.10.6
v1.11.0
v1.11.0-dev
v1.11.0-rc1
v1.11.0-rc2
v1.11.1
v1.11.2
v1.11.3
v1.11.4
v1.11.5
v1.11.6
v1.11.7
v1.11.8
v1.12.0
v1.12.0-dev
v1.12.0-rc1
v1.12.0-rc2
v1.12.1
v1.12.2
v1.12.3
v1.12.4
v1.12.5
v1.12.6
v1.13.0
v1.13.0-dev
v1.13.0-rc1
v1.13.0-rc2
v1.13.1
v1.13.2
v1.13.3
v1.13.4
v1.13.5
v1.13.6
v1.13.7
v1.14.0
v1.14.0-dev
v1.14.0-rc1
v1.14.0-rc2
v1.14.1
v1.14.2
v1.14.3
v1.14.4
v1.14.5
v1.14.6
v1.14.7
v1.15.0
v1.15.0-dev
v1.15.0-rc1
v1.15.0-rc2
v1.15.0-rc3
v1.15.1
v1.15.10
v1.15.11
v1.15.2
v1.15.3
v1.15.4
v1.15.5
v1.15.6
v1.15.7
v1.15.8
v1.15.9
v1.16.0
v1.16.0-dev
v1.16.0-rc1
v1.16.1
v1.16.2
v1.16.3
v1.16.4
v1.16.5
v1.16.6
v1.16.7
v1.16.8
v1.16.9
v1.17.0
v1.17.0-dev
v1.17.0-rc1
v1.17.0-rc2
v1.17.1
v1.17.2
v1.17.3
v1.17.4
v1.18.0
v1.18.0-dev
v1.18.0-rc0
v1.18.0-rc1
v1.18.1
v1.18.2
v1.18.3
v1.18.4
v1.18.5
v1.19.0
v1.19.0-dev
v1.19.0-rc0
v1.19.0-rc1
v1.19.1
v1.19.2
v1.19.3
v1.19.4
v1.2.0
v1.2.0-rc1
v1.2.0-rc2
v1.2.0-rc3
v1.2.1
v1.2.2
v1.2.3
v1.20.0
v1.20.0-dev
v1.20.0-rc0
v1.20.0-rc1
v1.20.0-rc2
v1.20.1
v1.20.2
v1.20.3
v1.20.4
v1.20.5
v1.20.6
v1.21.0
v1.21.0-dev
v1.21.0-rc0
v1.21.0-rc1
v1.21.0-rc2
v1.21.1
v1.21.10
v1.21.11
v1.21.2
v1.21.3
v1.21.4
v1.21.5
v1.21.6
v1.21.7
v1.21.8
v1.21.9
v1.22.0
v1.22.0-dev
v1.22.0-rc0
v1.22.0-rc1
v1.22.1
v1.22.2
v1.22.3
v1.23.0-dev
v1.3.0
v1.3.0-rc1
v1.3.0-rc2
v1.3.1
v1.3.2
v1.3.3
v1.4.0
v1.4.0-rc1
v1.4.0-rc2
v1.4.0-rc3
v1.4.1
v1.4.2
v1.4.3
v1.5.0
v1.5.0-dev
v1.5.0-rc1
v1.5.0-rc2
v1.5.1
v1.5.2
v1.5.3
v1.6.0
v1.6.0-dev
v1.6.0-rc1
v1.6.0-rc2
v1.6.1
v1.6.2
v1.6.3
v1.6.4
v1.7.0
v1.7.0-dev
v1.7.0-rc1
v1.7.0-rc2
v1.7.0-rc3
v1.7.1
v1.7.2
v1.7.3
v1.7.4
v1.7.5
v1.7.6
v1.8.0
v1.8.0-rc1
v1.8.0-rc2
v1.8.0-rc3
v1.8.1
v1.8.2
v1.8.3
v1.9.0
v1.9.0-dev
v1.9.0-rc1
v1.9.0-rc2
v1.9.1
v1.9.2
v1.9.3
v1.9.4
v1.9.5
v1.9.6
${ noResults }
11 Commits (d9a7748cdc3f13392acbde87edd18602b566c216)
Author | SHA1 | Message | Date |
---|---|---|---|
Wim |
01dec7577a
|
Remove SHA1 for support for ssh rsa signing (#31857)
https://github.com/go-fed/httpsig seems to be unmaintained. Switch to github.com/42wim/httpsig which has removed deprecated crypto and default sha256 signing for ssh rsa. No impact for those that use ed25519 ssh certificates. This is a breaking change for: - gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too - activitypub using deprecated crypto (is this actually used?) |
3 months ago |
Lunny Xiao |
29f149bd9f
|
Move context from modules to services (#29440)
Since `modules/context` has to depend on `models` and many other packages, it should be moved from `modules/context` to `services/context` according to design principles. There is no logic code change on this PR, only move packages. - Move `code.gitea.io/gitea/modules/context` to `code.gitea.io/gitea/services/context` - Move `code.gitea.io/gitea/modules/contexttest` to `code.gitea.io/gitea/services/contexttest` because of depending on context - Move `code.gitea.io/gitea/modules/upload` to `code.gitea.io/gitea/services/context/upload` because of depending on context |
9 months ago |
JakobDev |
c548dde205
|
More refactoring of `db.DefaultContext` (#27083)
Next step of #27065 |
1 year ago |
silverwind |
887a683af9
|
Update tool dependencies, lock govulncheck and actionlint (#25655)
- Update all tool dependencies - Lock `govulncheck` and `actionlint` to their latest tags --------- Co-authored-by: 6543 <m.huber@kithara.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
1 year ago |
wxiaoguang |
17f23182ff
|
Use User.ID instead of User.Name in ActivityPub API for Person IRI (#23823)
Thanks to @trwnh Close #23802 The ActivityPub id is an HTTPS URI that should remain constant, even if the user changes their name. |
2 years ago |
Lunny Xiao |
bd820aa9c5
|
Add context cache as a request level cache (#22294)
To avoid duplicated load of the same data in an HTTP request, we can set a context cache to do that. i.e. Some pages may load a user from a database with the same id in different areas on the same page. But the code is hidden in two different deep logic. How should we share the user? As a result of this PR, now if both entry functions accept `context.Context` as the first parameter and we just need to refactor `GetUserByID` to reuse the user from the context cache. Then it will not be loaded twice on an HTTP request. But of course, sometimes we would like to reload an object from the database, that's why `RemoveContextData` is also exposed. The core context cache is here. It defines a new context ```go type cacheContext struct { ctx context.Context data map[any]map[any]any lock sync.RWMutex } var cacheContextKey = struct{}{} func WithCacheContext(ctx context.Context) context.Context { return context.WithValue(ctx, cacheContextKey, &cacheContext{ ctx: ctx, data: make(map[any]map[any]any), }) } ``` Then you can use the below 4 methods to read/write/del the data within the same context. ```go func GetContextData(ctx context.Context, tp, key any) any func SetContextData(ctx context.Context, tp, key, value any) func RemoveContextData(ctx context.Context, tp, key any) func GetWithContextCache[T any](ctx context.Context, cacheGroupKey string, cacheTargetID any, f func() (T, error)) (T, error) ``` Then let's take a look at how `system.GetString` implement it. ```go func GetSetting(ctx context.Context, key string) (string, error) { return cache.GetWithContextCache(ctx, contextCacheKey, key, func() (string, error) { return cache.GetString(genSettingCacheKey(key), func() (string, error) { res, err := GetSettingNoCache(ctx, key) if err != nil { return "", err } return res.SettingValue, nil }) }) } ``` First, it will check if context data include the setting object with the key. If not, it will query from the global cache which may be memory or a Redis cache. If not, it will get the object from the database. In the end, if the object gets from the global cache or database, it will be set into the context cache. An object stored in the context cache will only be destroyed after the context disappeared. |
2 years ago |
flynnnnnnnnnn |
e81ccc406b
|
Implement FSFE REUSE for golang files (#21840)
Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com> |
2 years ago |
delvh |
0ebb45cfe7
|
Replace all instances of fmt.Errorf(%v) with fmt.Errorf(%w) (#21551)
Found using `find . -type f -name '*.go' -print -exec vim {} -c ':%s/fmt\.Errorf(\(.*\)%v\(.*\)err/fmt.Errorf(\1%w\2err/g' -c ':wq' \;` Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> |
2 years ago |
John Olheiser |
a48d6ba4b4
|
Go 1.19 format (#20758)
* 1.19 gofumpt Signed-off-by: jolheiser <john.olheiser@gmail.com> * Change CSV test Signed-off-by: jolheiser <john.olheiser@gmail.com> * Commit whitespace fixes from @zeripath Co-authored-by: zeripath <art27@cantab.net> * Update emoji Signed-off-by: jolheiser <john.olheiser@gmail.com> * bump swagger & fix generate-swagger Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv> |
2 years ago |
Wim |
cb50375e2b
|
Add more linters to improve code readability (#19989)
Add nakedret, unconvert, wastedassign, stylecheck and nolintlint linters to improve code readability - nakedret - https://github.com/alexkohler/nakedret - nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length. - unconvert - https://github.com/mdempsky/unconvert - Remove unnecessary type conversions - wastedassign - https://github.com/sanposhiho/wastedassign - wastedassign finds wasted assignment statements. - notlintlint - Reports ill-formed or insufficient nolint directives - stylecheck - https://staticcheck.io/docs/checks/#ST - keep style consistent - excluded: [ST1003 - Poorly chosen identifier](https://staticcheck.io/docs/checks/#ST1003) and [ST1005 - Incorrectly formatted error string](https://staticcheck.io/docs/checks/#ST1005) |
2 years ago |
Anthony Wang |
e86f18a05a
|
User keypairs and HTTP signatures for ActivityPub federation using go-ap (#19133)
* go.mod: add go-fed/{httpsig,activity/pub,activity/streams} dependency go get github.com/go-fed/activity/streams@master go get github.com/go-fed/activity/pub@master go get github.com/go-fed/httpsig@master * activitypub: implement /api/v1/activitypub/user/{username} (#14186) Return informations regarding a Person (as defined in ActivityStreams https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person). Refs: https://github.com/go-gitea/gitea/issues/14186 Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: add the public key to Person (#14186) Refs: https://github.com/go-gitea/gitea/issues/14186 Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: go-fed conformant Clock instance Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: signing http client Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: implement the ReqSignature middleware Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: hack_16834 Signed-off-by: Loïc Dachary <loic@dachary.org> * Fix CI checks-backend errors with go mod tidy Signed-off-by: Anthony Wang <ta180m@pm.me> * Change 2021 to 2022, properly format package imports Signed-off-by: Anthony Wang <ta180m@pm.me> * Run make fmt and make generate-swagger Signed-off-by: Anthony Wang <ta180m@pm.me> * Use Gitea JSON library, add assert for pkp Signed-off-by: Anthony Wang <ta180m@pm.me> * Run make fmt again, fix err var redeclaration Signed-off-by: Anthony Wang <ta180m@pm.me> * Remove LogSQL from ActivityPub person test Signed-off-by: Anthony Wang <ta180m@pm.me> * Assert if json.Unmarshal succeeds Signed-off-by: Anthony Wang <ta180m@pm.me> * Cleanup, handle invalid usernames for ActivityPub person GET request Signed-off-by: Anthony Wang <ta180m@pm.me> * Rename hack_16834 to user_settings Signed-off-by: Anthony Wang <ta180m@pm.me> * Use the httplib module instead of http for GET requests * Clean up whitespace with make fmt * Use time.RFC1123 and make the http.Client proxy-aware * Check if digest algo is supported in setting module * Clean up some variable declarations * Remove unneeded copy * Use system timezone instead of setting.DefaultUILocation * Use named constant for httpsigExpirationTime * Make pubKey IRI #main-key instead of /#main-key * Move /#main-key to #main-key in tests * Implemented Webfinger endpoint. * Add visible check. * Add user profile as alias. * Add actor IRI and remote interaction URL to WebFinger response * fmt * Fix lint errors * Use go-ap instead of go-fed * Run go mod tidy to fix missing modules in go.mod and go.sum * make fmt * Convert remaining code to go-ap * Clean up go.sum * Fix JSON unmarshall error * Fix CI errors by adding @context to Person() and making sure types match * Correctly decode JSON in api_activitypub_person_test.go * Force CI rerun * Fix TestActivityPubPersonInbox segfault * Fix lint error * Use @mariusor's suggestions for idiomatic go-ap usage * Correctly add inbox/outbox IRIs to person * Code cleanup * Remove another LogSQL from ActivityPub person test * Move httpsig algos slice to an init() function * Add actor IRI and remote interaction URL to WebFinger response * Update TestWebFinger to check for ActivityPub IRI in aliases * make fmt * Force CI rerun * WebFinger: Add CORS header and fix Href -> Template for remote interactions The CORS header is needed due to https://datatracker.ietf.org/doc/html/rfc7033#section-5 and fixes some Peertube <-> Gitea federation issues * make lint-backend * Make sure Person endpoint has Content-Type application/activity+json and includes PreferredUsername, URL, and Icon Setting the correct Content-Type is essential for federating with Mastodon * Use UTC instead of GMT * Rename pkey to pubKey * Make sure HTTP request Date in GMT * make fmt * dont drop err * Make sure API responses always refer to username in original case Copied from what I wrote on #19133 discussion: Handling username case is a very tricky issue and I've already encountered a Mastodon <-> Gitea federation bug due to Gitea considering Ta180m and ta180m to be the same user while Mastodon thinks they are two different users. I think the best way forward is for Gitea to only use the original case version of the username for federation so other AP software don't get confused. * Move httpsig algs constant slice to modules/setting/federation.go * Add new federation settings to app.example.ini and config-cheat-sheet * Return if marshalling error * Make sure Person IRIs are generated correctly This commit ensures that if the setting.AppURL is something like "http://127.0.0.1:42567" (like in the integration tests), a trailing slash will be added after that URL. * If httpsig verification fails, fix Host header and try again This fixes a very rare bug when Gitea and another AP server (confirmed to happen with Mastodon) are running on the same machine, Gitea fails to verify incoming HTTP signatures. This is because the other AP server creates the sig with the public Gitea domain as the Host. However, when Gitea receives the request, the Host header is instead localhost, so the signature verification fails. Manually changing the host header to the correct value and trying the veification again fixes the bug. * Revert "If httpsig verification fails, fix Host header and try again" This reverts commit |
2 years ago |