extra-rules: true
lang-version: "1.20"
depguard:
- list-type: denylist
- # Check the list against standard lib.
- include-go-root: true
- packages-with-error-message:
- - encoding/json: "use gitea's modules/json instead of encoding/json"
- - github.com/unknwon/com: "use gitea's util and replacements"
- - io/ioutil: "use os or io instead"
- - golang.org/x/exp: "it's experimental and unreliable."
- - code.gitea.io/gitea/modules/git/internal: "do not use the internal package, use AddXxx function instead"
- - gopkg.in/ini.v1: "do not use the ini package, use gitea's config system instead"
+ rules:
+ main:
+ deny:
+ - pkg: encoding/json
+ desc: use gitea's modules/json instead of encoding/json
+ - pkg: github.com/unknwon/com
+ desc: use gitea's util and replacements
+ - pkg: io/ioutil
+ desc: use os or io instead
+ - pkg: golang.org/x/exp
+ desc: it's experimental and unreliable
+ - pkg: code.gitea.io/gitea/modules/git/internal
+ desc: do not use the internal package, use AddXxx function instead
+ - pkg: gopkg.in/ini.v1
+ desc: do not use the ini package, use gitea's config system instead
issues:
max-issues-per-linter: 0
XGO_VERSION := go-1.20.x
-AIR_PACKAGE ?= github.com/cosmtrek/air@v1.43.0
+AIR_PACKAGE ?= github.com/cosmtrek/air@v1.44.0
EDITORCONFIG_CHECKER_PACKAGE ?= github.com/editorconfig-checker/editorconfig-checker/cmd/editorconfig-checker@2.7.0
GOFUMPT_PACKAGE ?= mvdan.cc/gofumpt@v0.5.0
-GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@v1.52.2
+GOLANGCI_LINT_PACKAGE ?= github.com/golangci/golangci-lint/cmd/golangci-lint@v1.53.3
GXZ_PAGAGE ?= github.com/ulikunitz/xz/cmd/gxz@v0.5.11
MISSPELL_PACKAGE ?= github.com/client9/misspell/cmd/misspell@v0.3.4
-SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.30.4
+SWAGGER_PACKAGE ?= github.com/go-swagger/go-swagger/cmd/swagger@v0.30.5
XGO_PACKAGE ?= src.techknowlogick.com/xgo@latest
GO_LICENSES_PACKAGE ?= github.com/google/go-licenses@v1.6.0
-GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@latest
-ACTIONLINT_PACKAGE ?= github.com/rhysd/actionlint/cmd/actionlint@latest
+GOVULNCHECK_PACKAGE ?= golang.org/x/vuln/cmd/govulncheck@v0.2.0
+ACTIONLINT_PACKAGE ?= github.com/rhysd/actionlint/cmd/actionlint@v1.6.25
DOCKER_IMAGE ?= gitea/gitea
DOCKER_TAG ?= latest
// NotificationsForUser returns notifications for a given user and status
func NotificationsForUser(ctx context.Context, user *user_model.User, statuses []NotificationStatus, page, perPage int) (notifications NotificationList, err error) {
if len(statuses) == 0 {
- return
+ return nil, nil
}
sess := db.GetEngine(ctx).
// LoadAttributes load Repo Issue User and Comment if not loaded
func (n *Notification) LoadAttributes(ctx context.Context) (err error) {
if err = n.loadRepo(ctx); err != nil {
- return
+ return err
}
if err = n.loadIssue(ctx); err != nil {
- return
+ return err
}
if err = n.loadUser(ctx); err != nil {
- return
+ return err
}
if err = n.loadComment(ctx); err != nil {
- return
+ return err
}
return err
}
func readArmoredSign(r io.Reader) (body io.Reader, err error) {
block, err := armor.Decode(r)
if err != nil {
- return
+ return nil, err
}
if block.Type != openpgp.SignatureType {
return nil, fmt.Errorf("expected '" + openpgp.SignatureType + "', got: " + block.Type)
err = json.Unmarshal([]byte(c.Content), &data)
if err != nil {
- return
+ return err
}
c.IsForcePush = data.IsForcePush
cType = CommentTypeRemoveDependency
}
if err = issue.LoadRepo(ctx); err != nil {
- return
+ return err
}
// Make two comments, one in each issue
DependentIssueID: dependentIssue.ID,
}
if _, err = CreateComment(ctx, opts); err != nil {
- return
+ return err
}
opts = &CreateCommentOptions{
return nil, fmt.Errorf("comment type %d cannot be used to create an auto merge comment", typ)
}
if err = pr.LoadIssue(ctx); err != nil {
- return
+ return nil, err
}
if err = pr.LoadBaseRepo(ctx); err != nil {
- return
+ return nil, err
}
comment, err = CreateComment(ctx, &CreateCommentOptions{
// loadAttributes loads all attributes
func (comments CommentList) loadAttributes(ctx context.Context) (err error) {
if err = comments.LoadPosters(ctx); err != nil {
- return
+ return err
}
if err = comments.loadLabels(ctx); err != nil {
- return
+ return err
}
if err = comments.loadMilestones(ctx); err != nil {
- return
+ return err
}
if err = comments.loadOldMilestones(ctx); err != nil {
- return
+ return err
}
if err = comments.loadAssignees(ctx); err != nil {
- return
+ return err
}
if err = comments.LoadAttachments(ctx); err != nil {
- return
+ return err
}
if err = comments.loadReviews(ctx); err != nil {
- return
+ return err
}
if err = comments.LoadIssues(ctx); err != nil {
- return
- }
-
- if err = comments.loadDependentIssues(ctx); err != nil {
- return
+ return err
}
- return nil
+ return comments.loadDependentIssues(ctx)
}
// LoadAttributes loads attributes of the comments, except for attachments and
if !user_model.IsErrUserNotExist(err) {
return fmt.Errorf("getUserByID.(poster) [%d]: %w", issue.PosterID, err)
}
- err = nil
- return
+ return nil
}
}
return err
// LoadAttributes loads the attribute of this issue.
func (issue *Issue) LoadAttributes(ctx context.Context) (err error) {
if err = issue.LoadRepo(ctx); err != nil {
- return
+ return err
}
if err = issue.LoadPoster(ctx); err != nil {
- return
+ return err
}
if err = issue.LoadLabels(ctx); err != nil {
- return
+ return err
}
if err = issue.LoadMilestone(ctx); err != nil {
- return
+ return err
}
if err = issue.LoadProject(ctx); err != nil {
- return
+ return err
}
if err = issue.LoadAssignees(ctx); err != nil {
- return
+ return err
}
if err = issue.LoadPullRequest(ctx); err != nil && !IsErrPullRequestNotExist(err) {
}
if err = issue.LoadRepo(ctx); err != nil {
- return
+ return err
}
opts := &CreateCommentOptions{
}
if err = issue.LoadRepo(ctx); err != nil {
- return
+ return err
}
opts := &CreateCommentOptions{
// don't have access to reading it. Teams are expanded into their users, but organizations are ignored.
func ResolveIssueMentionsByVisibility(ctx context.Context, issue *Issue, doer *user_model.User, mentions []string) (users []*user_model.User, err error) {
if len(mentions) == 0 {
- return
+ return nil, nil
}
if err = issue.LoadRepo(ctx); err != nil {
- return
+ return nil, err
}
resolved := make(map[string]bool, 10)
}
}
if len(mentionUsers) == 0 {
- return
+ return users, err
}
if users == nil {
// Delete content histories
if _, err = sess.In("issue_id", deleteCond).
Delete(&ContentHistory{}); err != nil {
- return
+ return nil, err
}
// Delete comments and attachments
if _, err = sess.In("issue_id", deleteCond).
Delete(&Comment{}); err != nil {
- return
+ return nil, err
}
// Dependencies for issues in this repository
if _, err = sess.In("issue_id", deleteCond).
Delete(&IssueDependency{}); err != nil {
- return
+ return nil, err
}
// Delete dependencies for issues in other repositories
if _, err = sess.In("dependency_id", deleteCond).
Delete(&IssueDependency{}); err != nil {
- return
+ return nil, err
}
if _, err = sess.In("issue_id", deleteCond).
Delete(&IssueUser{}); err != nil {
- return
+ return nil, err
}
if _, err = sess.In("issue_id", deleteCond).
Delete(&Reaction{}); err != nil {
- return
+ return nil, err
}
if _, err = sess.In("issue_id", deleteCond).
Delete(&IssueWatch{}); err != nil {
- return
+ return nil, err
}
if _, err = sess.In("issue_id", deleteCond).
Delete(&Stopwatch{}); err != nil {
- return
+ return nil, err
}
if _, err = sess.In("issue_id", deleteCond).
Delete(&TrackedTime{}); err != nil {
- return
+ return nil, err
}
if _, err = sess.In("issue_id", deleteCond).
Delete(&project_model.ProjectIssue{}); err != nil {
- return
+ return nil, err
}
if _, err = sess.In("dependent_issue_id", deleteCond).
Delete(&Comment{}); err != nil {
- return
+ return nil, err
}
var attachments []*repo_model.Attachment
if err = sess.In("issue_id", deleteCond).
Find(&attachments); err != nil {
- return
+ return nil, err
}
for j := range attachments {
if _, err = sess.In("issue_id", deleteCond).
Delete(&repo_model.Attachment{}); err != nil {
- return
+ return nil, err
}
if _, err = db.DeleteByBean(ctx, &Issue{RepoID: repoID}); err != nil {
- return
+ return nil, err
}
return attachmentPaths, err
// LoadCodeComments loads CodeComments
func (r *Review) LoadCodeComments(ctx context.Context) (err error) {
if r.CodeComments != nil {
- return
+ return err
}
if err = r.loadIssue(ctx); err != nil {
- return
+ return err
}
r.CodeComments, err = fetchCodeCommentsByReview(ctx, r.Issue, nil, r, false)
return err
func (r *Review) loadIssue(ctx context.Context) (err error) {
if r.Issue != nil {
- return
+ return err
}
r.Issue, err = GetIssueByID(ctx, r.IssueID)
return err
// LoadReviewer loads reviewer
func (r *Review) LoadReviewer(ctx context.Context) (err error) {
if r.ReviewerID == 0 || r.Reviewer != nil {
- return
+ return err
}
r.Reviewer, err = user_model.GetPossibleUserByID(ctx, r.ReviewerID)
return err
// LoadReviewerTeam loads reviewer team
func (r *Review) LoadReviewerTeam(ctx context.Context) (err error) {
if r.ReviewerTeamID == 0 || r.ReviewerTeam != nil {
- return
+ return nil
}
r.ReviewerTeam, err = organization.GetTeamByID(ctx, r.ReviewerTeamID)
// LoadAttributes loads all attributes except CodeComments
func (r *Review) LoadAttributes(ctx context.Context) (err error) {
if err = r.loadIssue(ctx); err != nil {
- return
+ return err
}
if err = r.LoadCodeComments(ctx); err != nil {
- return
+ return err
}
if err = r.LoadReviewer(ctx); err != nil {
- return
+ return err
}
if err = r.LoadReviewerTeam(ctx); err != nil {
- return
+ return err
}
return err
}
func deleteTimes(ctx context.Context, opts FindTrackedTimesOptions) (removedTime int64, err error) {
removedTime, err = GetTrackedSeconds(ctx, opts)
if err != nil || removedTime == 0 {
- return
+ return removedTime, err
}
_, err = opts.toSession(db.GetEngine(ctx)).Table("tracked_time").Cols("deleted").Update(&TrackedTime{Deleted: true})
for start := 0; ; start += batchSize {
users := make([]*User, 0, batchSize)
if err = sess.Limit(batchSize, start).Where(builder.Neq{"passwd": ""}, 0).Find(&users); err != nil {
- return
+ return err
}
if len(users) == 0 {
break
}
if err = sess.Begin(); err != nil {
- return
+ return err
}
for _, user := range users {
}
if err = sess.Commit(); err != nil {
- return
+ return err
}
}
for start := 0; ; start += batchSize {
users := make([]user_model.User, 0, batchSize)
if err = db.GetEngine(db.DefaultContext).Limit(batchSize, start).Where("type = ?", 0).Cols("id").Find(&users); err != nil {
- return
+ return err
}
if len(users) == 0 {
break
}
if err = updateUserStarNumbers(users); err != nil {
- return
+ return err
}
}
// NewClient function
func NewClient(user *user_model.User, pubID string) (c *Client, err error) {
if err = containsRequiredHTTPHeaders(http.MethodGet, setting.Federation.GetHeaders); err != nil {
- return
+ return nil, err
} else if err = containsRequiredHTTPHeaders(http.MethodPost, setting.Federation.PostHeaders); err != nil {
- return
+ return nil, err
}
priv, err := GetPrivateKey(user)
if err != nil {
- return
+ return nil, err
}
privPem, _ := pem.Decode([]byte(priv))
privParsed, err := x509.ParsePKCS1PrivateKey(privPem.Bytes)
if err != nil {
- return
+ return nil, err
}
c = &Client{
buf := bytes.NewBuffer(b)
req, err = http.NewRequest(http.MethodPost, to, buf)
if err != nil {
- return
+ return nil, err
}
req.Header.Add("Content-Type", ActivityStreamsContentType)
req.Header.Add("Date", CurrentTime())
req.Header.Add("User-Agent", "Gitea/"+setting.AppVer)
signer, _, err := httpsig.NewSigner(c.algs, c.digestAlg, c.postHeaders, httpsig.Signature, httpsigExpirationTime)
if err != nil {
- return
+ return nil, err
}
err = signer.SignRequest(c.priv, c.pubID, req, b)
return req, err
func (c *Client) Post(b []byte, to string) (resp *http.Response, err error) {
var req *http.Request
if req, err = c.NewRequest(b, to); err != nil {
- return
+ return nil, err
}
resp, err = c.client.Do(req)
return resp, err
var settings map[string]*user_model.Setting
settings, err = user_model.GetSettings(user.ID, []string{user_model.UserActivityPubPrivPem, user_model.UserActivityPubPubPem})
if err != nil {
- return
+ return pub, priv, err
} else if len(settings) == 0 {
if priv, pub, err = util.GenerateKeyPair(rsaBits); err != nil {
- return
+ return pub, priv, err
}
if err = user_model.SetUserSetting(user.ID, user_model.UserActivityPubPrivPem, priv); err != nil {
- return
+ return pub, priv, err
}
if err = user_model.SetUserSetting(user.ID, user_model.UserActivityPubPubPem, pub); err != nil {
- return
+ return pub, priv, err
}
- return
+ return pub, priv, err
} else {
priv = settings[user_model.UserActivityPubPrivPem].SettingValue
pub = settings[user_model.UserActivityPubPubPem].SettingValue
- return
+ return pub, priv, err
}
}
return func(ctx *APIContext) (cancel context.CancelFunc) {
// Empty repository does not have reference information.
if ctx.Repo.Repository.IsEmpty && !(len(allowEmpty) != 0 && allowEmpty[0]) {
- return
+ return nil
}
// For API calls.
gitRepo, err := git.OpenRepository(ctx, repoPath)
if err != nil {
ctx.Error(http.StatusInternalServerError, "RepoRef Invalid repo "+repoPath, err)
- return
+ return cancel
}
ctx.Repo.GitRepo = gitRepo
// We opened it, we should close it
func ReadBatchLine(rd *bufio.Reader) (sha []byte, typ string, size int64, err error) {
typ, err = rd.ReadString('\n')
if err != nil {
- return
+ return sha, typ, size, err
}
if len(typ) == 1 {
typ, err = rd.ReadString('\n')
if err != nil {
- return
+ return sha, typ, size, err
}
}
idx := strings.IndexByte(typ, ' ')
if idx < 0 {
log.Debug("missing space typ: %s", typ)
- err = ErrNotExist{ID: string(sha)}
- return
+ return sha, typ, size, ErrNotExist{ID: string(sha)}
}
sha = []byte(typ[:idx])
typ = typ[idx+1:]
idx = strings.IndexByte(typ, ' ')
if idx < 0 {
- err = ErrNotExist{ID: string(sha)}
- return
+ return sha, typ, size, ErrNotExist{ID: string(sha)}
}
sizeStr := typ[idx+1 : len(typ)-1]
// Read the Mode & fname
readBytes, err = rd.ReadSlice('\x00')
if err != nil {
- return
+ return mode, fname, sha, n, err
}
idx := bytes.IndexByte(readBytes, ' ')
if idx < 0 {
log.Debug("missing space in readBytes ParseTreeLine: %s", readBytes)
-
- err = &ErrNotExist{}
- return
+ return mode, fname, sha, n, &ErrNotExist{}
}
n += idx + 1
}
n += len(fnameBuf)
if err != nil {
- return
+ return mode, fname, sha, n, err
}
fnameBuf = fnameBuf[:len(fnameBuf)-1]
fname = fnameBuf
read, err = rd.Read(shaBuf[idx:20])
n += read
if err != nil {
- return
+ return mode, fname, sha, n, err
}
idx += read
}
// LoadBranchName load branch name for commit
func (c *Commit) LoadBranchName() (err error) {
if len(c.Branch) != 0 {
- return
+ return nil
}
c.Branch, err = c.GetBranchName()
}
if err = InitSimple(ctx); err != nil {
- return
+ return err
}
// when git works with gnupg (commit signing), there should be a stable home for gnupg commands
// Close this repository, in particular close the underlying gogitStorage if this is not nil
func (repo *Repository) Close() (err error) {
if repo == nil {
- return
+ return nil
}
if repo.batchCancel != nil {
repo.batchCancel()
func (repo *Repository) ReadTreeToTemporaryIndex(treeish string) (filename, tmpDir string, cancel context.CancelFunc, err error) {
tmpDir, err = os.MkdirTemp("", "index")
if err != nil {
- return
+ return filename, tmpDir, cancel, err
}
filename = filepath.Join(tmpDir, ".tmp-index")
//
// but without the "author " at the beginning (this method should)
// be used for author and committer.
+// FIXME: there are a lot of "return sig, err" (but the err is also nil), that's the old behavior, to avoid breaking
func newSignatureFromCommitline(line []byte) (sig *Signature, err error) {
sig = new(Signature)
emailStart := bytes.LastIndexByte(line, '<')
emailEnd := bytes.LastIndexByte(line, '>')
if emailStart == -1 || emailEnd == -1 || emailEnd < emailStart {
- return
+ return sig, err
}
if emailStart > 0 { // Empty name has already occurred, even if it shouldn't
hasTime := emailEnd+2 < len(line)
if !hasTime {
- return
+ return sig, err
}
// Check date format.
if firstChar >= 48 && firstChar <= 57 {
idx := bytes.IndexByte(line[emailEnd+2:], ' ')
if idx < 0 {
- return
+ return sig, err
}
timestring := string(line[emailEnd+2 : emailEnd+2+idx])
idx += emailEnd + 3
if idx >= len(line) || idx+5 > len(line) {
- return
+ return sig, err
}
timezone := string(line[idx : idx+5])
tzhours, err1 := strconv.ParseInt(timezone[0:3], 10, 64)
tzmins, err2 := strconv.ParseInt(timezone[3:], 10, 64)
if err1 != nil || err2 != nil {
- return
+ return sig, err
}
if tzhours < 0 {
tzmins *= -1
} else {
sig.When, err = time.Parse(GitTimeLayout, string(line[emailEnd+2:]))
if err != nil {
- return
+ return sig, err
}
}
return sig, err
result = time.Duration(val)
}
if err == nil {
- return
+ return result
}
}
return result
func (q *WorkerPoolQueue[T]) FlushWithContext(ctx context.Context, timeout time.Duration) (err error) {
if q.isBaseQueueDummy() {
- return
+ return nil
}
log.Debug("Try to flush queue %q with timeout %v", q.GetName(), timeout)
person := ap.PersonNew(ap.IRI(keyID.String()))
err = person.UnmarshalJSON(b)
if err != nil {
- err = fmt.Errorf("ActivityStreams type cannot be converted to one known to have publicKey property: %w", err)
- return
+ return nil, fmt.Errorf("ActivityStreams type cannot be converted to one known to have publicKey property: %w", err)
}
pubKey := person.PublicKey
if pubKey.ID.String() != keyID.String() {
- err = fmt.Errorf("cannot find publicKey with id: %s in %s", keyID, string(b))
- return
+ return nil, fmt.Errorf("cannot find publicKey with id: %s in %s", keyID, string(b))
}
pubKeyPem := pubKey.PublicKeyPem
block, _ := pem.Decode([]byte(pubKeyPem))
if block == nil || block.Type != "PUBLIC KEY" {
- err = fmt.Errorf("could not decode publicKeyPem to PUBLIC KEY pem block type")
- return
+ return nil, fmt.Errorf("could not decode publicKeyPem to PUBLIC KEY pem block type")
}
p, err = x509.ParsePKIXPublicKey(block.Bytes)
return p, err
req.Header("User-Agent", "Gitea/"+setting.AppVer)
resp, err := req.Response()
if err != nil {
- return
+ return nil, err
}
defer resp.Body.Close()
if resp.StatusCode != http.StatusOK {
- err = fmt.Errorf("url IRI fetch [%s] failed with status (%d): %s", iri, resp.StatusCode, resp.Status)
- return
+ return nil, fmt.Errorf("url IRI fetch [%s] failed with status (%d): %s", iri, resp.StatusCode, resp.Status)
}
b, err = io.ReadAll(io.LimitReader(resp.Body, setting.Federation.MaxSize))
return b, err
// 1. Figure out what key we need to verify
v, err := httpsig.NewVerifier(r)
if err != nil {
- return
+ return false, err
}
ID := v.KeyId()
idIRI, err := url.Parse(ID)
if err != nil {
- return
+ return false, err
}
// 2. Fetch the public key of the other actor
b, err := fetch(idIRI)
if err != nil {
- return
+ return false, err
}
pubKey, err := getPublicKeyFromResponse(b, idIRI)
if err != nil {
- return
+ return false, err
}
// 3. Verify the other actor's key
algo := httpsig.Algorithm(setting.Federation.Algorithms[0])
}()
if err = t.LoadRepo(); err != nil {
- return
+ return err
}
// if repository is ready, then just finish the task
}
if err = t.LoadDoer(); err != nil {
- return
+ return err
}
if err = t.LoadOwner(); err != nil {
- return
+ return err
}
var opts *migration.MigrateOptions
opts, err = t.MigrateConfig()
if err != nil {
- return
+ return err
}
opts.MigrateToRepoID = t.RepoID
t.StartTime = timeutil.TimeStampNow()
t.Status = structs.TaskStatusRunning
if err = t.UpdateCols("start_time", "status"); err != nil {
- return
+ return err
}
// check whether the task should be canceled, this goroutine is also managed by process manager
if err == nil {
log.Trace("Repository migrated [%d]: %s/%s", t.Repo.ID, t.Owner.Name, t.Repo.Name)
- return
+ return nil
}
if repo_model.IsErrRepoAlreadyExist(err) {
- err = errors.New("the repository name is already used")
- return
+ return errors.New("the repository name is already used")
}
// remoteAddr may contain credentials, so we sanitize it
projects / gitea.git / commitdiff