Nemcio/Gogs
1
0
Fork 0
mirror of https://github.com/gogs/gogs.git synced 2026-02-27 16:50:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,206 Commits 8 Branches 96 Tags
migrate/goldmark
Commit Graph

390 Commits

Author SHA1 Message Date
JSS
997011bfb2 markup: expand test coverage and sanitize notice banner output 
Add previously covered autolink test cases that were dropped during the
goldmark migration (hosts without dots, https variants, single-digit
issues, cross-repo issues). Add new test suites for link rewriting with
both path-only and absolute URL prefixes, and for HTML passthrough
behavior confirming raw HTML is stripped without WithUnsafe.

Sanitize RawMarkdown output in the server notice banner to prevent
potential XSS, since it was the only call site not passing through
SanitizeBytes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 08:49:17 -05:00
JSS
60f62b6583 markup: address review feedback for goldmark migration 
- Use lazyregexp for linkifyURLRegexp to avoid compile-at-init overhead.
- Replace stdlib log with clog/v2 and return HTML-escaped body on
  conversion error instead of nil.
- Handle absolute URL prefixes in linkTransformer using net/url to
  preserve scheme and host.
- Remove goldmarkhtml.WithUnsafe() from RawMarkdown renderer options.
- Use exact assertions in autolink tests instead of Contains.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 23:28:15 -05:00
deepsource-autofix[bot]
3b7e331191 style: format code with Go fmt and Gofumpt 
This commit fixes the style issues introduced in f9b4c5a according to the output
from Go fmt and Gofumpt.

Details: https://github.com/gogs/gogs/pull/8163
 2026-02-08 05:48:28 +00:00
Joe Chen
f9b4c5a3ff markup: migrate from blackfriday to goldmark 
Co-authored-by: Amp <amp@ampcode.com>
Amp-Thread-ID: https://ampcode.com/threads/T-019c3baf-c434-7794-9efd-084363bad1a2
 2026-02-08 00:48:11 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
48500aa2b0 all: migrate from satori/go.uuid to google/uuid (#8161) 2026-02-08 00:13:43 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
785157ba1f all: migrate from nfnt/resize to golang.org/x/image/draw (#8158) 2026-02-08 00:08:50 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
1c8016a27b database/schemadoc: migrate to github.com/DATA-DOG/go-sqlmock (#8157) 2026-02-08 00:07:45 -05:00
Copilot
bf17cc6c69 Replace github.com/unknwon/com with stdlib and internal helpers (#8148) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-05 22:08:54 -05:00
Copilot
6d56105f8f Run modernize tool across codebase (#8147) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
 2026-02-05 21:32:09 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7ea2c4093f refactor: move main package from root to cmd/gogs (#8139) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 23:28:48 -05:00
dependabot[bot]
7ebfb202e4 mod: bump github.com/olekukonko/tablewriter from 0.0.5 to 1.1.0 (#8039) 
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 23:11:08 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7ad425025e fix(ssh): git clone via built-in SSH server hangs (#8135) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 22:20:43 -05:00
Joe Chen
997c3c5eab chore: take care of legacy code 2026-01-31 20:07:49 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
628216d588 security: require authentication for attachment uploads (#8128) 
https://github.com/gogs/gogs/security/advisories/GHSA-fc3h-92p8-h36f

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 14:40:39 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7b7e38c880 security: prevent deletion of protected and default branches via web UI (#8124) 
https://github.com/gogs/gogs/security/advisories/GHSA-2c6v-8r3v-gh6p

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 12:51:07 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
bb68c0a042 security: fix cross-repository label modification vulnerability (#8123) 
https://github.com/gogs/gogs/security/advisories/GHSA-cv22-72px-f4gh

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 12:28:30 -05:00
Yaroslav Halchenko
3cc8e7aa6d Fix typos throughout the codebase (#7514) 2026-01-30 23:03:05 -05:00
Rajat Jain
9f1499f3ab Support comparing tags in addition to branches (#6493) 
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude <noreply@anthropic.com>
 2026-01-30 22:45:03 -05:00
Jeff Li
77dba1b5ea repo: fix 500 error on watchers and stargazers pages using MSSQL (#6386) 
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude <noreply@anthropic.com>
 2026-01-30 22:24:43 -05:00
Georg Wicke-Arndt
f70f29fdb0 Show file name in browser tab title when viewing files (#5896) 2026-01-30 22:11:10 -05:00
Sino
87c8faaf08 Standardize HTTP status codes (#7851) 
Co-authored-by: Joe Chen <jc@unknwon.io>
 2026-01-30 09:27:59 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
1b226ca48d repo: improve authz for resources (#8119) 
https://github.com/gogs/gogs/security/advisories/GHSA-jj5m-h57j-5gv7
 2026-01-29 20:56:09 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
e3bb4165dc database: impersonate pure-Go SQLite driver as the old "sqlite3" (#8118) 2026-01-29 14:49:36 -05:00
pikomonde
df3d945a2c config: validate and print warnings for invalid options (#7705) 
Co-authored-by: Joe Chen <jc@unknwon.io>
 2026-01-28 11:36:03 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
ae41bab5f2 repo: always list tree entries with verbatim (#8116) 
Co-authored-by: Ali <alicse3@gmail.com>
 2026-01-28 10:11:30 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
2316b09eaf database: fully switch over to pure-Go SQLite driver (#8115) 2026-01-27 22:45:50 -05:00
Copilot
3477bbac0e Add ED25519 test coverage and refactor SSH key parsing tests (#8107) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: unknwon <2946214+unknwon@users.noreply.github.com>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-27 14:04:12 -05:00
Copilot
1cdeef2ce8 Replace tool.IsMaliciousPath with pathutil.Clean and move IsSameSite to urlutil (#8106) 2026-01-23 21:13:27 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
26ef07f60d repo: validate Git server hook name for editing (#8103) 2026-01-23 09:40:36 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
ca59e76a53 api: verify write access to update repo content (#8102) 2026-01-23 09:19:11 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
27f1250d00 api: verify owner access to delete repos (#8101) 2026-01-22 22:52:57 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
560f92ec5f two_factor: verify recovery code ownership upon using (#8100) 2026-01-22 22:30:27 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
1bbc36149a wiki: sanitize old wiki page name when editing (#8099) 2026-01-22 11:00:27 -05:00
Copilot
4ee706b2bf chore: replace pkg/errors with cockroachdb/errors (#8098) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: unknwon <2946214+unknwon@users.noreply.github.com>
 2026-01-22 08:20:53 -05:00
Copilot
ae59787ff5 chore: remove internal/database/errors package (#8096) 2026-01-22 07:17:34 -05:00
Copilot
389ec54b2c chore: rename osutil.IsExist to osutil.Exist (#8097) 2026-01-21 22:22:07 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
5544212adb wiki: auto-detect default branch (#8094) 2026-01-20 23:38:10 -05:00
deepsource-autofix[bot]
8e08450182 style: format code with Go fmt and Gofumpt (#8092) 2026-01-19 14:54:13 -05:00
Shivam Kumar
beeeb64969 repo: check directory existence before creation (#8091) 
Co-authored-by: ᴊᴏᴇ ᴄʜᴇɴ <jc@unknwon.io>
 2026-01-19 14:36:38 -05:00
Mukaiu
3ef71a43d9 api: fix nil pointer dereference when listing user repos (#8069) 
Co-authored-by: Joe Chen <jc@unknwon.io>
 2026-01-18 21:01:03 -05:00
Shivam Kumar
b7010084b7 auth: support redirecting to custom URL upon sign out (#8089) 
Co-authored-by: ᴊᴏᴇ ᴄʜᴇɴ <jc@unknwon.io>
 2026-01-16 15:44:26 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
59e9fa191b chore: remove all MIT license file headers (#8083) 
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
 2026-01-08 19:32:15 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
553707f3fd repository: reject any updates that has symlink in path hierarchy (#8082) 
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
 2026-01-08 14:22:04 -05:00
Copilot
04cc48339f chore: update Go version from 1.24 to 1.25 in CI and related files (#8066) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: unknwon <2946214+unknwon@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-12-03 20:11:14 -05:00
Neptunium93
3666718ec5 repo: fix potential null pointer dereference in mirror sync (#8065) 2025-12-03 18:04:42 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
79cc921892 conf: enable value mapping from env vars (#8057) 2025-11-23 20:59:52 -05:00
Joe Chen
591810e405 web_editor: prohibit CRUD to symbolic files (#7981) 
Fixes
[GHSA-wj44-9vcg-wjq7](https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7)

---------

Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
 2025-06-08 18:28:28 -04:00
dependabot[bot]
139ea3ce7d mod: bump modernc.org/sqlite from 1.36.0 to 1.37.0 (#7947) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-04-14 18:00:07 -04:00
宋子桓🌈
46a84fdad5 email: fix unable to override templates in custom directory (#7905) 
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-02-12 21:52:18 -05:00
dependabot[bot]
e6896eb393 mod: bump gorm.io/driver/postgres from 1.5.7 to 1.5.11 (#7895) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
 2025-01-01 11:11:51 -05:00