aboutsummaryrefslogtreecommitdiffstats
path: root/services/gitdiff
Commit message (Collapse)AuthorAgeFilesLines
* Refactor git command package to improve security and maintainability (#22678)wxiaoguang2023-02-042-52/+30
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This PR follows #21535 (and replace #22592) ## Review without space diff https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1 ## Purpose of this PR 1. Make git module command completely safe (risky user inputs won't be passed as argument option anymore) 2. Avoid low-level mistakes like https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918 3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg` type 4. Simplify code when using git command ## The main idea of this PR * Move the `git.CmdArg` to the `internal` package, then no other package except `git` could use it. Then developers could never do `AddArguments(git.CmdArg(userInput))` any more. * Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already trusted arguments. It's only used in a few cases, for example: use git arguments from config file, help unit test with some arguments. * Introduce `AddOptionValues` and `AddOptionFormat`, they make code more clear and simple: * Before: `AddArguments("-m").AddDynamicArguments(message)` * After: `AddOptionValues("-m", message)` * - * Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'", sig.Name, sig.Email)))` * After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)` ## FAQ ### Why these changes were not done in #21535 ? #21535 is mainly a search&replace, it did its best to not change too much logic. Making the framework better needs a lot of changes, so this separate PR is needed as the second step. ### The naming of `AddOptionXxx` According to git's manual, the `--xxx` part is called `option`. ### How can it guarantee that `internal.CmdArg` won't be not misused? Go's specification guarantees that. Trying to access other package's internal package causes compilation error. And, `golangci-lint` also denies the git/internal package. Only the `git/command.go` can use it carefully. ### There is still a `ToTrustedCmdArgs`, will it still allow developers to make mistakes and pass untrusted arguments? Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code will be very complex (see the changes for examples). Then developers and reviewers can know that something might be unreasonable. ### Why there was a `CmdArgCheck` and why it's removed? At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck` was introduced as a hacky patch. Now, almost all code could be written as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for `CmdArgCheck` anymore. ### Why many codes for `signArg == ""` is deleted? Because in the old code, `signArg` could never be empty string, it's either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just dead code. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Implement FSFE REUSE for golang files (#21840)flynnnnnnnnnn2022-11-277-14/+7
| | | | | | | | | Change all license headers to comply with REUSE specification. Fix #16132 Co-authored-by: flynnnnnnnnnn <flynnnnnnnnnn@github> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Show syntax lexer name in file view/blame (#21814)silverwind2022-11-192-3/+4
| | | | | | | | | | | | | | | | | | | | | | Show which Chroma Lexer is used to highlight the file in the file header. It's useful for development to see what was detected, and I think it's not bad info to have for the user: <img width="233" alt="Screenshot 2022-11-14 at 22 31 16" src="https://user-images.githubusercontent.com/115237/201770854-44933dfc-70a4-487c-8457-1bb3cc43ea62.png"> <img width="226" alt="Screenshot 2022-11-14 at 22 36 06" src="https://user-images.githubusercontent.com/115237/201770856-9260ce6f-6c0f-442c-92b5-201e5b113188.png"> <img width="194" alt="Screenshot 2022-11-14 at 22 36 26" src="https://user-images.githubusercontent.com/115237/201770857-6f56591b-80ea-42cc-8ea5-21b9156c018b.png"> Also, I improved the way this header overflows on small screens: <img width="354" alt="Screenshot 2022-11-14 at 22 44 36" src="https://user-images.githubusercontent.com/115237/201774828-2ddbcde1-da15-403f-bf7a-6248449fa2c5.png"> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Refactor git command arguments and make all arguments to be safe to be used ↵wxiaoguang2022-10-232-14/+16
| | | | | | | (#21535) Follow #21464 Make all git command arguments strictly safe. Most changes are one-to-one replacing, keep all existing logic.
* Ignore error when retrieving changed PR review files (#21487)delvh2022-10-201-1/+6
| | | | | | | | | | | | | When a PR reviewer reviewed a file on a commit that was later gc'ed, they would always get a `500` response from then on when loading the PR. This PR simply ignores that error and instead marks all files as unchanged. This approach was chosen as the only feasible option without diving into **a lot** of error handling. Fixes #21392 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Stop logging CheckPath returns error: context canceled (#21064)zeripath2022-10-101-2/+0
| | | | | | | | | | We should only log CheckPath errors if they are not simply due to context cancellation - and we should add a little more context to the error message. Fix #20709 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Upgrade chroma to v2.3.0 (#21259)silverwind2022-09-261-3/+3
| | | | | | | | | | | | | The behaviour of `PreventSurroundingPre` has changed in https://github.com/alecthomas/chroma/pull/618 so that apparently it now causes line wrapper tags to be no longer emitted, but we need some form of indication to split the HTML into lines, so I did what https://github.com/yuin/goldmark-highlighting/pull/33 did and added the `nopWrapper`. Maybe there are more elegant solutions but for some reason, just splitting the HTML string on `\n` did not work. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor AssertExistsAndLoadBean to use generics (#20797)Lunny Xiao2022-08-161-2/+2
| | | | | | | * Refactor AssertExistsAndLoadBean to use generics * Fix tests Co-authored-by: zeripath <art27@cantab.net>
* Switch Unicode Escaping to a VSCode-like system (#19990)zeripath2022-08-131-16/+17
| | | | | | | | | | | | | | | This PR rewrites the invisible unicode detection algorithm to more closely match that of the Monaco editor on the system. It provides a technique for detecting ambiguous characters and relaxes the detection of combining marks. Control characters are in addition detected as invisible in this implementation whereas they are not on monaco but this is related to font issues. Close #19913 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Improve code diff highlight, fix incorrect rendered diff result (#19958)wxiaoguang2022-07-234-375/+374
| | | Use Unicode placeholders to replace HTML tags and HTML entities first, then do diff, then recover the HTML tags and HTML entities. Now the code diff with highlight has stable behavior, and won't emit broken tags.
* Add more linters to improve code readability (#19989)Wim2022-06-201-4/+3
| | | | | | | | | | Add nakedret, unconvert, wastedassign, stylecheck and nolintlint linters to improve code readability - nakedret - https://github.com/alexkohler/nakedret - nakedret is a Go static analysis tool to find naked returns in functions greater than a specified function length. - unconvert - https://github.com/mdempsky/unconvert - Remove unnecessary type conversions - wastedassign - https://github.com/sanposhiho/wastedassign - wastedassign finds wasted assignment statements. - notlintlint - Reports ill-formed or insufficient nolint directives - stylecheck - https://staticcheck.io/docs/checks/#ST - keep style consistent - excluded: [ST1003 - Poorly chosen identifier](https://staticcheck.io/docs/checks/#ST1003) and [ST1005 - Incorrectly formatted error string](https://staticcheck.io/docs/checks/#ST1005)
* Remove legacy git code (ver < 2.0), fine tune markup tests (#19930)wxiaoguang2022-06-161-31/+2
| | | | | | | | | | | | | | | | | | | | | | | | * clean git support for ver < 2.0 * fine tune tests for markup (which requires git module) * remove unnecessary comments * try to fix tests * try test again * use const for GitVersionRequired instead of var * try to fix integration test * Refactor CheckAttributeReader to make a *git.Repository version * update document for commit signing with Gitea's internal gitconfig * update document for commit signing with Gitea's internal gitconfig Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Move tests as seperate sub packages to reduce duplicated file names (#19951)Lunny Xiao2022-06-151-1/+2
|
* Move issues related files into models/issues (#19931)Lunny Xiao2022-06-133-12/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Move access and repo permission to models/perm/access * fix test * fix git test * Move functions sequence * Some improvements per @KN4CK3R and @delvh * Move issues related code to models/issues * Move some issues related sub package * Merge * Fix test * Fix test * Fix test * Fix test * Rename some files
* Move some code into models/git (#19879)Lunny Xiao2022-06-121-1/+2
| | | | | | | | | | | | | | | | | | | * Move access and repo permission to models/perm/access * fix test * Move some git related files into sub package models/git * Fix build * fix git test * move lfs to sub package * move more git related functions to models/git * Move functions sequence * Some improvements per @KN4CK3R and @delvh
* Move some repository related code into sub package (#19711)Lunny Xiao2022-06-061-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move some repository related code into sub package * Move more repository functions out of models * Fix lint * Some performance optimization for webhooks and others * some refactors * Fix lint * Fix * Update modules/repository/delete.go Co-authored-by: delvh <dev.lh@web.de> * Fix test * Merge * Fix test * Fix test * Fix test * Fix test Co-authored-by: delvh <dev.lh@web.de>
* Calculate filename hash only once (#19654)KN4CK3R2022-05-091-1/+4
| | | | | | | * Calculate hash only once. * remove unused Sha1 template helper function, use ctx.Data["FileNameHash"] * fix unit tests
* Allow to mark files in a PR as viewed (#19007)delvh2022-05-071-23/+104
| | | Users can now mark files in PRs as viewed, resulting in them not being shown again by default when they reopen the PR again.
* Use a struct as test options (#19393)Lunny Xiao2022-04-141-1/+3
| | | | | | | * Use a struct as test options * Fix name * Fix test
* Remove `git.Command.Run` and `git.Command.RunInDir*` (#19280)wxiaoguang2022-04-011-1/+1
| | | | | | Follows #19266, #8553, Close #18553, now there are only three `Run..(&RunOpts{})` functions. * before: `stdout, err := RunInDir(path)` * now: `stdout, _, err := RunStdString(&git.RunOpts{Dir:path})`
* Make git.OpenRepository accept Context (#19260)65432022-03-301-1/+1
| | | | | * OpenRepositoryCtx -> OpenRepository * OpenRepository -> openRepositoryWithDefaultContext, only for internal usage
* rm .sample hooks which aren't used (#19101)techknowlogick2022-03-1611-640/+0
|
* Prevent dangling GetAttribute calls (#18754)zeripath2022-02-141-0/+1
| | | | | | It appears possible that there could be a hang due to unread data from the repo-attribute command pipes. This PR simply closes these during the defer. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Added auto-save whitespace behavior if it changed manually (#15566)Viktor Suprun2022-02-081-3/+7
|
* Delete old git.NewCommand() and use it as git.NewCommandContext() (#18552)65432022-02-061-1/+1
|
* Fix partial cloning a repo (#18373)Gusted2022-01-231-1/+1
| | | | | | | | - Pass the Global command args into serviceRPC. - Fixes error with partial cloning. - Add partial clone test - Include diff Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Always use git command but not os.Command (#18363)Lunny Xiao2022-01-231-25/+22
|
* format with gofumpt (#18184)65432022-01-204-21/+29
| | | | | | | | | | | * gofumpt -w -l . * gofumpt -w -l -extra . * Add linter * manual fix * change make fmt
* Updated Chroma to v0.10.0 (#18270)Jelle Hulter2022-01-201-1/+2
|
* Propagate context and ensure git commands run in request context (#17868)zeripath2022-01-192-6/+7
| | | | | | | | | This PR continues the work in #17125 by progressively ensuring that git commands run within the request context. This now means that the if there is a git repo already open in the context it will be used instead of reopening it. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix various typos (#18219)luzpaz2022-01-101-1/+1
| | | | | Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby,te,unknwon` Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add warning for BIDI characters in page renders and in diffs (#17562)zeripath2022-01-072-22/+40
| | | | | | | | | | | | Fix #17514 Given the comments I've adjusted this somewhat. The numbers of characters detected are increased and include things like the use of U+300 to make à instead of à and non-breaking spaces. There is a button which can be used to escape the content to show it. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Gwyneth Morgan <gwymor@tilde.club> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Simplify parameter types (#18006)Gusted2021-12-201-3/+3
| | | Remove repeated type declarations in function definitions.
* Make Requests Processes and create process hierarchy. Associate ↵zeripath2021-11-301-5/+3
| | | | | | | | | OpenRepository with context. (#17125) This PR registers requests with the process manager and manages hierarchy within the processes. Git repos are then associated with a context, (usually the request's context) - with sub commands using this context as their base context. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move user related model into models/user (#17781)Lunny Xiao2021-11-242-2/+4
| | | | | | | | | | | | | * Move user related model into models/user * Fix lint for windows * Fix windows lint * Fix windows lint * Move some tests in models * Merge
* Allow Loading of Diffs that are too large (#17739)zeripath2021-11-222-42/+65
| | | | | | | | | | | * Allow Loading of Diffs that are too large This PR allows the loading of diffs that are suppressed because the file is too large. It does not handle diffs of files which have lines which are too long. Fix #17738 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Enable show more files in diff for git <2.31 (#17733)zeripath2021-11-203-31/+252
| | | | | | | | | | | | | Unfortunately due to a misread on my behalf I missed that git diff only learned --skip-to in version 2.31.0. Thus this functionality was not working on older versions of git. This PR adds a handler that simply allows for us to skip reading the diffs until we find the correct file to skip to. Fix #17731 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add .gitattribute assisted language detection to blame, diff and render (#17590)zeripath2021-11-172-22/+25
| | | | | | | Use check attribute code to check the assigned language of a file and send that in to chroma as a hint for the language of the file. Signed-off-by: Andrew Thornton <art27@cantab.net>
* A better go code formatter, and now `make fmt` can run in Windows (#17684)wxiaoguang2021-11-171-0/+1
| | | | * go build / format tools * re-format imports
* Decouple unit test, remove intermediate `unittestbridge` package (#17662)wxiaoguang2021-11-161-3/+2
| | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Decouple unit test code from business code (#17623)wxiaoguang2021-11-122-3/+4
|
* Make ParsePatch more robust (#17573)Gusted2021-11-072-1/+30
|
* Properly determine CSV delimiter (#17459)Richard Mahn2021-10-301-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fixes #16558 CSV delimiter determiner * Fixes #16558 - properly determine CSV delmiiter * Moves quoteString to a new function * Adds big test with lots of commas for tab delimited csv * Adds comments * Shortens the text of the test * Removes single quotes from regexp as only double quotes need to be searched * Fixes spelling * Fixes check of length as it probalby will only be 1e4, not greater * Makes sample size a const, properly removes truncated line * Makes sample size a const, properly removes truncated line * Fixes comment * Fixes comment * tests for FormatError() function * Adds logic to find the limiter before or after a quoted value * Simplifies regex * Error tests * Error tests * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> * Adds comments * Update modules/csv/csv.go Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: delvh <dev.lh@web.de>
* Prevent NPE in CSV diff rendering when column removed (#17018)Richard Mahn2021-10-202-132/+322
| | | | | | | | | | | | | | | | Fixes #16837 if a column is deleted. We were clobbering the columns that were added by looping through the aline (base) and then when bline (head) was looped through, it clobbered what was in the "cells" array that is show in the diff, and then left a nil cell because nothing was shifted. This fix properly shifts the cells, and properly puts the b cell either at its location or after, according to what the aline placed in the cells. This includes test, adding a new test function since adding/removing cells works best with three columns, not two, which results in 4 columns of the resulting cells because it has a deleted column and an added column. If you try this locally, you can try those cases and others, such as adding a column. There was no need to do anything special for the rows when `aline == 0 || bline == 0` so that was removed. This allows the same code to be used for removed or added lines, with the bcell text always being the RightCell, acell text being the LeftCell. I still added the patch zeripath gave at https://github.com/go-gitea/gitea/issues/16837#issuecomment-913007382 so that just in case for some reason a cell is nil (which shouldn't happen now) it doesn't throw a 500 error, so the user can at least view the raw diff. Also fixes in the [view.go](https://github.com/go-gitea/gitea/pull/17018/files#diff-43a7f4747c7ba8bff888c9be11affaafd595fd55d27f3333840eb19df9fad393L521) file how if a CSV file is empty (either created empty or if you edit it and remove all contents) it throws a huge 500 error when you then save it (when you view the file). Since we allow creating, saving and pushing empty files, we shouldn't throw an error on an empty CSV file, but just show its empty contents. This doesn't happen if it is a Markdown file or other type of file that is empty. EDIT: Now handled in the markup/csv renderer code
* Add buttons to allow loading of incomplete diffs (#16829)zeripath2021-10-152-10/+26
| | | | | | | | | | | | | | | | | This PR adds two buttons to the stats and the end of the diffs list to load the (some of) the remaining incomplete diff sections. Contains #16775 Signed-off-by: Andrew Thornton <art27@cantab.net> ## Screenshots ### Show more button at the end of the diff ![Screenshot from 2021-09-04 11-12-37](https://user-images.githubusercontent.com/1824502/132091009-b1f6113e-2c04-4be5-8a04-b8ecea56887b.png) ### Show more button at the end of the diff stats box ![Screenshot from 2021-09-04 11-14-54](https://user-images.githubusercontent.com/1824502/132091063-86da5a6d-6628-4b82-bea9-3655cd9f40f6.png)
* Support direct comparison (git diff a..b) as well merge comparison (a...b) ↵zeripath2021-09-272-5/+10
| | | | | | | | | | | | (#16635) This PR changes the compare page to make the "..." in the between branches a clickable link. This changes the comparison type from "..." to "..". Similarly it makes the initial compare icon clickable to switch the head and base branches. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* refactor: move from io/ioutil to io and os package (#17109)Eng Zer Jun2021-09-221-3/+2
| | | | | | | | | The io/ioutil package has been deprecated as of Go 1.16, see https://golang.org/doc/go1.16#ioutil. This commit replaces the existing io/ioutil functions with their new definitions in io and os packages. Signed-off-by: Eng Zer Jun <engzerjun@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Move db related basic functions to models/db (#17075)Lunny Xiao2021-09-193-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | * Move db related basic functions to models/db * Fix lint * Fix lint * Fix test * Fix lint * Fix lint * revert unnecessary change * Fix test * Fix wrong replace string * Use *Context * Correct committer spelling and fix wrong replaced words Co-authored-by: zeripath <art27@cantab.net>
* Use git attributes to determine generated and vendored status for language ↵zeripath2021-09-091-0/+78
| | | | | | | | | | | | | | | | stats and diffs (#16773) Replaces #16262 Replaces #16250 Replaces #14833 This PR first implements a `git check-attr` pipe reader - using `git check-attr --stdin -z --cached` - taking account of the change in the output format in git 1.8.5 and creates a helper function to read a tree into a temporary index file for that pipe reader. It then wires this in to the language stats helper and into the git diff generation. Files which are marked generated will be folded by default. Fixes #14786 Fixes #12653
* Prevent panic on diff generation (#16950)zeripath2021-09-051-0/+4
| | | | | | | | The lastLeftIdx should be reset at the same time as creating a new section otherwise it is possible for a second addition to end up attempting to read a nil entry. Fix #16943 Signed-off-by: Andrew Thornton <art27@cantab.net>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 12:26:09 +0000