aboutsummaryrefslogtreecommitdiffstats
path: root/routers/api/packages
Commit message (Collapse)AuthorAgeFilesLines
* Enable addtional linters (#34085)TheFox0x76 days5-10/+11
| | | | | | | | enable mirror, usestdlibbars and perfsprint part of: https://github.com/go-gitea/gitea/issues/34083 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add a config option to block "expensive" pages for anonymous users (#34024)wxiaoguang8 days2-3/+3
| | | | | | | | | | | Fix #33966 ``` ;; User must sign in to view anything. ;; It could be set to "expensive" to block anonymous users accessing some pages which consume a lot of resources, ;; for example: block anonymous AI crawlers from accessing repo code pages. ;; The "expensive" mode is experimental and subject to change. ;REQUIRE_SIGNIN_VIEW = false ```
* enable staticcheck QFxxxx rules (#34064)TheFox0x78 days1-6/+8
|
* Fix maven panic when no package exists (#33888)wxiaoguang2025-03-141-0/+5
| | | | | | Fix #33886 Restore the old logic from #16510, which was incorrectly removed by #33678
* Add composor source field (#33502)Lunny Xiao2025-02-281-2/+20
| | | Fix #33066
* Fix for Maven Package Naming Convention Handling (#33678)Diana2025-02-222-15/+11
| | | | | | | | Make legacy package names could be listed and add tests --------- Co-authored-by: diana.strebkova@t-systems.com <diana.strebkova@t-systems.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor error system (#33610)wxiaoguang2025-02-161-7/+7
|
* Make git clone URL could use current signed-in user (#33091)wxiaoguang2025-01-071-1/+1
| | | | | | | | | | | | | | close #33086 * Add a special value for "SSH_USER" setting: `(DOER_USERNAME)` * Improve parseRepositoryURL and add tests (now it doesn't have hard dependency on some setting values) Many changes are just adding "ctx" and "doer" argument to functions. By the way, improve app.example.ini, remove all `%(key)s` syntax, it only makes messy and no user really cares about it. Document: https://gitea.com/gitea/docs/pulls/138
* Refactor package (routes and error handling, npm peer dependency) (#33111)wxiaoguang2025-01-0621-214/+98
|
* Use `Project-URL` metadata field to get a PyPI package's homepage URL (#33089)Kemal Zebari2025-01-032-4/+53
| | | Resolves #33085.
* Refactor maven package registry (#33049)wxiaoguang2024-12-312-22/+56
| | | Close #33036
* Refactor arch route handlers (#32993)wxiaoguang2024-12-281-35/+4
|
* Fix maven pom inheritance (#32943)wxiaoguang2024-12-251-0/+2
| | | Fix #30568
* Refactor arch route handlers (#32972)wxiaoguang2024-12-251-16/+12
|
* Add standard-compliant route to serve outdated R packages (#32783)Sebastian T. T.2024-12-111-0/+1
| | | | | | | | | | | | | The R package repository currently does not have support for older versions of packages which should be stored in a separate /Archive router. This PR remedies that by adding a new path router. I am a member of a group that loves using Gitea and this bug has been annoying us for a long time. Hope it can be merged in time for Gitea 1.23.0. Any feedback much appreciated. Fixes #32782
* Add Arch package registry (#32692)KN4CK3R2024-12-042-0/+350
| | | | | | | | | | | | | | | | | | | | | | | Close #25037 Close #31037 This PR adds a Arch package registry usable with pacman. ![grafik](https://github.com/user-attachments/assets/81cdb0c2-02f9-4733-bee2-e48af6b45224) Rewrite of #25396 and #31037. You can follow [this tutorial](https://wiki.archlinux.org/title/Creating_packages) to build a package for testing. Docs PR: https://gitea.com/gitea/docs/pulls/111 Co-authored-by: [d1nch8g@ion.lc](mailto:d1nch8g@ion.lc) Co-authored-by: @ExplodingDragon --------- Co-authored-by: dancheg97 <dancheg97@fmnx.su> Co-authored-by: dragon <ExplodingFKL@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add Swift login endpoint (#32693)KN4CK3R2024-12-032-43/+59
| | | | | Fix #32683 This PR adds the login endpoint and fixes the documentation links.
* Fix `missing signature key` error when pulling Docker images with ↵Zettat1232024-10-312-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `SERVE_DIRECT` enabled (#32365) Fix #28121 I did some tests and found that the `missing signature key` error is caused by an incorrect `Content-Type` header. Gitea correctly sets the `Content-Type` header when serving files. https://github.com/go-gitea/gitea/blob/348d1d0f322ca57c459acd902f54821d687ca804/routers/api/packages/container/container.go#L712-L717 However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may be set to an incorrect value by the storage service. To fix this issue, we can use query parameters to override response header values. https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html <img width="600px" src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555" /> In this PR, I introduced a new parameter to the `URL` method to support additional parameters. ``` URL(path, name string, reqParams url.Values) (*url.URL, error) ``` --- Most S3-like services support specifying the content type when storing objects. However, Gitea always use `application/octet-stream`. Therefore, I believe we also need to improve the `Save` method to support storing objects with the correct content type. https://github.com/go-gitea/gitea/blob/b7fb20e73e63b8edc9b90c52073e248bef428fcc/modules/storage/minio.go#L214-L221
* Use per package global lock for container uploads instead of memory lock ↵Lunny Xiao2024-10-111-8/+18
| | | | | | (#31860) This PR uses a per-package lock instead of a global lock for container uploads. So that different packages can be uploaded simultaneously.
* Fix bug when a token is given public only (#32204)Lunny Xiao2024-10-081-0/+14
|
* Fix wrong last modify time (#32102)Lunny Xiao2024-09-211-1/+3
|
* Fix upload maven pacakge parallelly (#31851)Lunny Xiao2024-09-211-0/+13
| | | | | | | Use globallock for maven package uploads. Thanks @tlusser for the test code. Depends on ~#31813~
* Fix nuget/conan/container packages upload bugs (#31967)Lunny Xiao2024-09-055-10/+66
|
* Fix RPM resource leak (#31794)KN4CK3R2024-08-081-4/+5
| | | | | | | Fixes a resource leak introduced by #27069. - add defer - move sign code out of `repository.go`
* Add signature support for the RPM module (#27069)Exploding Dragon2024-08-061-1/+15
| | | | | | | | close #27031 If the rpm package does not contain a matching gpg signature, the installation will fail. See (#27031) , now auto-signing rpm uploads. This option is turned off by default for compatibility.
* Refactor names (#31405)wxiaoguang2024-06-1922-210/+210
| | | | | | | This PR only does "renaming": * `Route` should be `Router` (and chi router is also called "router") * `Params` should be `PathParam` (to distingush it from URL query param, and to match `FormString`) * Use lower case for private functions to avoid exposing or abusing
* Improve rubygems package registry (#31357)wxiaoguang2024-06-172-6/+134
| | | | | | | To make it work with Bundler: https://guides.rubygems.org/rubygems-org-compact-index-api/ It only adds 2 new API endpoints and improves some tests, existing logic is not changed.
* Fix duplicate sub-path for avatars (#31365)wxiaoguang2024-06-151-1/+1
| | | | | | | | | | | Fix #31361, and add tests And this PR introduces an undocumented & debug-purpose-only config option: `USE_SUB_URL_PATH`. It does nothing for end users, it only helps the development of sub-path related problems. And also fix #31366 Co-authored-by: @ExplodingDragon
* Enable `unparam` linter (#31277)silverwind2024-06-112-2/+2
| | | | | | | | | | | | Enable [unparam](https://github.com/mvdan/unparam) linter. Often I could not tell the intention why param is unused, so I put `//nolint` for those cases like webhook request creation functions never using `ctx`. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de>
* Remove sub-path from container registry realm (#31293)wxiaoguang2024-06-091-3/+3
| | | | Container registry requires that the "/v2" must be in the root, so the sub-path in AppURL should be removed
* Fix NuGet Package API for $filter with Id equality (#31188)Thomas Desveaux2024-06-041-19/+29
| | | | | | | | | | | | | | | | Fixes issue when running `choco info pkgname` where `pkgname` is also a substring of another package Id. Relates to #31168 --- This might fix the issue linked, but I'd like to test it with more choco commands before closing the issue in case I find other problems if that's ok. --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Improve reverse proxy documents and clarify the AppURL guessing behavior ↵wxiaoguang2024-05-191-0/+2
| | | | | | | | | | | | (#31003) Fix #31002 1. Mention Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea 2. Clarify the basic requirements and move the "general configuration" to the top 3. Add a comment for the "container registry" 4. Use 1.21 behavior if the reverse proxy is not correctly configured Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Refactor AppURL usage (#30885)wxiaoguang2024-05-071-1/+2
| | | | | | | | Fix #30883 Fix #29591 --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Ignore useless error message "broken pipe" (#30801)wxiaoguang2024-05-031-3/+1
| | | Fix #30792
* Add support for npm bundleDependencies (#30751)Micash2024-04-291-0/+1
|
* Update misspell to 0.5.1 and add `misspellings.csv` (#30573)silverwind2024-04-271-1/+1
| | | | | | Misspell 0.5.0 supports passing a csv file to extend the list of misspellings, so I added some common ones from the codebase. There is at least one typo in a API response so we need to decided whether to revert that and then likely remove the dict entry.
* Enable more `revive` linter rules (#30608)silverwind2024-04-2211-23/+23
| | | | | | | | | | | Noteable additions: - `redefines-builtin-id` forbid variable names that shadow go builtins - `empty-lines` remove unnecessary empty lines that `gofumpt` does not remove for some reason - `superfluous-else` eliminate more superfluous `else` branches Rules are also sorted alphabetically and I cleaned up various parts of `.golangci.yml`.
* Support nuspec manifest download for nuget packages (#28921)Michael Kriese2024-04-171-2/+30
| | | | | | | | | | | | | | | | Support downloading nuget nuspec manifest[^1]. This is useful for renovate because it uses this api to find the corresponding repository - Store nuspec along with nupkg on upload - allow downloading nuspec - add doctor command to add missing nuspec files [^1]: https://learn.microsoft.com/en-us/nuget/api/package-base-address-resource#download-package-manifest-nuspec --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Relax generic package filename restrictions (#30135)wxiaoguang2024-03-272-5/+89
| | | | | | | | Now, the chars `=:;()[]{}~!@#$%^ &` are possible as well Fixes #30134 --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Fix incorrect relative/absolute URL usages (#29531)wxiaoguang2024-03-021-1/+2
| | | | Add two "HTMLURL" methods for PackageDescriptor. And rename "FullWebLink" to "VersionWebLink"
* remove util.OptionalBool and related functions (#29513)65432024-03-029-18/+27
| | | | | | and migrate affected code _last refactoring bits to replace **util.OptionalBool** with **optional.Option[bool]**_
* Move context from modules to services (#29440)Lunny Xiao2024-02-2724-27/+26
| | | | | | | | | | | | | | | Since `modules/context` has to depend on `models` and many other packages, it should be moved from `modules/context` to `services/context` according to design principles. There is no logic code change on this PR, only move packages. - Move `code.gitea.io/gitea/modules/context` to `code.gitea.io/gitea/services/context` - Move `code.gitea.io/gitea/modules/contexttest` to `code.gitea.io/gitea/services/contexttest` because of depending on context - Move `code.gitea.io/gitea/modules/upload` to `code.gitea.io/gitea/services/context/upload` because of depending on context
* Integrate alpine `noarch` packages into other architectures index (#29137)KN4CK3R2024-02-251-7/+26
| | | | | | | | | | | | Fixes #26691 Revert #24972 The alpine package manager expects `noarch` packages in the index of other architectures too. --------- Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Use `crypto/sha256` (#29386)KN4CK3R2024-02-252-4/+2
| | | | | | | | Go 1.21 improved the performance of `crypto/sha256`. It's now similar to `minio/sha256-simd`, so we should just use the standard libs. https://go.dev/doc/go1.21#crypto/sha256 https://go-review.googlesource.com/c/go/+/408795 https://github.com/multiformats/go-multihash/pull/173
* Fix swift packages not resolving (#29095)CEnnis912024-02-081-1/+1
| | | Fixes #29094
* Prevent anonymous container access if `RequireSignInView` is enabled (#28877)KN4CK3R2024-01-211-5/+14
| | | | | Fixes #28875 If `RequireSignInView` is enabled, the ghost user has no access rights.
* Fix some RPM registry flaws (#28782)KN4CK3R2024-01-192-89/+90
| | | | | | | | | | | | | | | | | | | Related #26984 (https://github.com/go-gitea/gitea/pull/26984#issuecomment-1889588912) Fix admin cleanup message. Fix models `Get` not respecting default values. Rebuild RPM repository files after cleanup. Do not add RPM group to package version name. Force stable sorting of Alpine/Debian/RPM repository data. Fix missing deferred `Close`. Add tests for multiple RPM groups. Removed non-cached `ReplaceAllStringRegex`. If there are multiple groups available, it's stated in the package installation screen: ![grafik](https://github.com/go-gitea/gitea/assets/1666336/8f132760-882c-4ab8-9678-77e47dfc4415)
* Support for grouping RPMs using paths (#26984)Exploding Dragon2024-01-122-30/+105
| | | | | | | | | | | | The current rpm repository places all packages in the same repository, and different systems (el7,f34) may hit packages that do not belong to this distribution ( #25304 ) , which now supports grouping of rpm. ![图片](https://github.com/go-gitea/gitea/assets/33776693/d1e1d99f-7799-4b2b-a19b-cb2a5c692914) Fixes #25304 . Fixes #27056 . Refactor: [#25866](https://github.com/go-gitea/gitea/pull/25866)
* Add endpoint for not implemented Docker auth (#28457)KN4CK3R2023-12-132-1/+15
| | | | | | | | | | Recently Docker started to use the optional `POST /v2/token` endpoint which should respond with a `404 Not Found` status code instead of the current `405 Method Not Allowed`. > Note: Not all token servers implement oauth2. If the request to the endpoint returns 404 using the HTTP POST method, refer to Token Documentation for using the HTTP GET method supported by all token servers.
* Add `HEAD` support for rpm repo files (#28309)KN4CK3R2023-12-052-1/+28
| | | | | | | | | | | Fixes https://codeberg.org/forgejo/forgejo/issues/1810 zypper uses HEAD requests to check file existence. https://github.com/openSUSE/libzypp/blob/HEAD/zypp/RepoManager.cc#L2549 https://github.com/openSUSE/libzypp/blob/HEAD/zypp-curl/ng/network/private/downloaderstates/basicdownloader_p.cc#L116 @ExplodingDragon fyi
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-06 23:40:03 +0000