Nemcio/Gogs
1
0
Fork 0
mirror of https://github.com/gogs/gogs.git synced 2026-02-27 16:50:58 +01:00
Code Issues Packages Projects Releases Wiki Activity
6,206 Commits 8 Branches 96 Tags
997011bfb24d5a3b44bdfcd8a634f6173bcbddeb
Commit Graph

6206 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
JSS
997011bfb2 markup: expand test coverage and sanitize notice banner output 
Add previously covered autolink test cases that were dropped during the
goldmark migration (hosts without dots, https variants, single-digit
issues, cross-repo issues). Add new test suites for link rewriting with
both path-only and absolute URL prefixes, and for HTML passthrough
behavior confirming raw HTML is stripped without WithUnsafe.

Sanitize RawMarkdown output in the server notice banner to prevent
potential XSS, since it was the only call site not passing through
SanitizeBytes.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-17 08:49:17 -05:00
JSS
60f62b6583 markup: address review feedback for goldmark migration 
- Use lazyregexp for linkifyURLRegexp to avoid compile-at-init overhead.
- Replace stdlib log with clog/v2 and return HTML-escaped body on
  conversion error instead of nil.
- Handle absolute URL prefixes in linkTransformer using net/url to
  preserve scheme and host.
- Remove goldmarkhtml.WithUnsafe() from RawMarkdown renderer options.
- Use exact assertions in autolink tests instead of Contains.

Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-16 23:28:15 -05:00
deepsource-autofix[bot]
3b7e331191 style: format code with Go fmt and Gofumpt 
This commit fixes the style issues introduced in f9b4c5a according to the output
from Go fmt and Gofumpt.

Details: https://github.com/gogs/gogs/pull/8163
 2026-02-08 05:48:28 +00:00
Joe Chen
f9b4c5a3ff markup: migrate from blackfriday to goldmark 
Co-authored-by: Amp <amp@ampcode.com>
Amp-Thread-ID: https://ampcode.com/threads/T-019c3baf-c434-7794-9efd-084363bad1a2
 2026-02-08 00:48:11 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
48500aa2b0 all: migrate from satori/go.uuid to google/uuid (#8161) 2026-02-08 00:13:43 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
785157ba1f all: migrate from nfnt/resize to golang.org/x/image/draw (#8158) 2026-02-08 00:08:50 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
1c8016a27b database/schemadoc: migrate to github.com/DATA-DOG/go-sqlmock (#8157) 2026-02-08 00:07:45 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
00c36d8d8a public: update jQuery from 3.6.0 to 3.7.1 (#8156) 2026-02-07 23:48:49 -05:00
Copilot
3747cd9058 Fix broken links in docs/getting-started/introduction.mdx (#8155) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
 2026-02-07 18:19:02 -05:00
Joe Chen
08e7cfd76c docs: fix up wwads-cn style in dark mode 
[skip ci]
 2026-02-07 17:49:58 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
9dd3e58f7b docs: migrate to Mintlify (#8154) 2026-02-07 17:32:52 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
edc1478f6b cmd: remove cert subcommand (#8153) 
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-07 14:23:33 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
bb86d12c36 cmd: show detected config path in web command help (#8152) 
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-07 13:38:53 -05:00
Copilot
bf17cc6c69 Replace github.com/unknwon/com with stdlib and internal helpers (#8148) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
 2026-02-05 22:08:54 -05:00
Copilot
6d56105f8f Run modernize tool across codebase (#8147) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>
Co-authored-by: deepsource-autofix[bot] <62050782+deepsource-autofix[bot]@users.noreply.github.com>
 2026-02-05 21:32:09 -05:00
Joe Chen
ed5d02e036 chore: free up "docs/" subdir for Mintlify 
[skip ci]
 2026-02-01 23:15:47 -05:00
dependabot[bot]
5874791a57 mod: bump golang.org/x/crypto from 0.45.0 to 0.47.0 (#8141) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-01 09:20:24 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
17ad3d3425 pkgr: fix up install main package path (#8146) 2026-02-01 09:12:12 -05:00
dependabot[bot]
9b2a967e45 mod: bump github.com/editorconfig/editorconfig-core-go/v2 from 2.6.3 to 2.6.4 (#8143) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-01 09:01:09 -05:00
dependabot[bot]
e80635a449 mod: bump github.com/go-ldap/ldap/v3 from 3.4.11 to 3.4.12 (#8144) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-01 09:00:50 -05:00
Joe Chen
47bccf292d pkgr: fix up install path 
[skip ci]
 2026-02-01 08:53:52 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
38def73489 Update security policy for version support and advisories 
[skip ci]
 2026-02-01 08:16:22 -05:00
Copilot
6cf6422b88 Remove codecov config and upload in CI (#8145) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: unknwon <2946214+unknwon@users.noreply.github.com>
 2026-02-01 08:10:55 -05:00
dependabot[bot]
8d8d66ec1d mod: bump github.com/olekukonko/tablewriter from 1.1.0 to 1.1.3 (#8140) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-01 07:45:08 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7ea2c4093f refactor: move main package from root to cmd/gogs (#8139) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 23:28:48 -05:00
dependabot[bot]
7ebfb202e4 mod: bump github.com/olekukonko/tablewriter from 0.0.5 to 1.1.0 (#8039) 
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 23:11:08 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7b8c560f15 ci(go): use tparse for test output in non-Windows jobs (#8138) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 22:58:41 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
a636dcf678 fix(release): remove "v" prefix from archive names (#8137) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 22:42:45 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
3dcb74be39 release: cut CHANGELOG entries for 0.14.1 
[skip ci]
 2026-01-31 22:23:09 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7ad425025e fix(ssh): git clone via built-in SSH server hangs (#8135) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 22:20:43 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
85abee4b9b chore: update release templates (#8134) 
[skip ci]
 2026-01-31 20:08:38 -05:00
Joe Chen
997c3c5eab chore: take care of legacy code 2026-01-31 20:07:49 -05:00
Joe Chen
a5ddb2665e chore: bump dev version to 0.15 
[skip ci]
 2026-01-31 20:04:55 -05:00
Joe Chen
b68e6886c6 release: cut CHANGELOG entries for 0.14.0 
[skip ci]
 2026-01-31 16:29:15 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
ac7ba9c8a7 locale: sync from Crowdin (#8131) 2026-01-31 16:07:47 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
dd862ee058 ci(docker): auto-tag minor version for stable releases (#8129) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 15:50:42 -05:00
Joe Chen
f94042ce6f chore: update release templates 
[skip ci]
 2026-01-31 15:17:59 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
628216d588 security: require authentication for attachment uploads (#8128) 
https://github.com/gogs/gogs/security/advisories/GHSA-fc3h-92p8-h36f

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 14:40:39 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7306b955a9 ci: use external unknwon/send-email-on-failure action (#8127) 2026-01-31 13:29:30 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
fc6d1e2055 ci(release): add email notification on failure for main branch (#8126) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 13:13:51 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
3b01892d85 fix(docker): correct binary path in Dockerfiles(#8125) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 13:02:25 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
7b7e38c880 security: prevent deletion of protected and default branches via web UI (#8124) 
https://github.com/gogs/gogs/security/advisories/GHSA-2c6v-8r3v-gh6p

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 12:51:07 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
bb68c0a042 security: fix cross-repository label modification vulnerability (#8123) 
https://github.com/gogs/gogs/security/advisories/GHSA-cv22-72px-f4gh

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 12:28:30 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
68271e6af0 chore: update vulnerability reporting guidelines 
[skip ci]
 2026-01-31 12:01:23 -05:00
Copilot
4f5b00f8c4 Build artifacts for every commit on main (#8122) 
Co-authored-by: copilot-swe-agent[bot] <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Joe Chen <jc@unknwon.io>
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 11:58:45 -05:00
Joe Chen
5d3ffd132b chore: bunch of minor tidy-ups 
[skip ci]
 2026-01-31 09:59:32 -05:00
ᴊᴏᴇ ᴄʜᴇɴ
ee65aa89ca ci: add cross-compilation workflow for releases (#8121) 
Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
 2026-01-31 09:40:32 -05:00
dependabot[bot]
a1a97de76f mod: bump modernc.org/sqlite from 1.38.2 to 1.39.0 (#8038) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-01-30 23:19:19 -05:00
Matthias Jobst
9963268267 docker: ignore proxy for healthcheck command (#7532) 
Co-authored-by: Joe Chen <jc@unknwon.io>
 2026-01-30 23:12:49 -05:00
dependabot[bot]
49a45290ae mod: bump gopkg.in/macaron.v1 from 1.5.0 to 1.5.1 (#8035) 
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: ᴊᴏᴇ ᴄʜᴇɴ <jc@unknwon.io>
 2026-01-30 23:10:14 -05:00