mirror of
https://github.com/go-gitea/gitea.git
synced 2025-07-24 10:44:32 -04:00
use tag version
fix linting
This commit is contained in:
parent
22739f1888
commit
bd6ae403a1
2
go.mod
2
go.mod
@ -348,4 +348,4 @@ exclude github.com/goccy/go-json v0.4.11
|
||||
|
||||
exclude github.com/satori/go.uuid v1.2.0
|
||||
|
||||
replace github.com/zricethezav/gitleaks/v8 => github.com/TheFox0x7/gitleaks/v8 v8.0.0-20250416161107-ce27b3ebd696
|
||||
replace github.com/zricethezav/gitleaks/v8 => github.com/TheFox0x7/gitleaks/v8 v8.24.4-patch-gitea
|
||||
|
4
go.sum
4
go.sum
@ -83,8 +83,8 @@ github.com/RoaringBitmap/roaring v1.9.4 h1:yhEIoH4YezLYT04s1nHehNO64EKFTop/wBhxv
|
||||
github.com/RoaringBitmap/roaring v1.9.4/go.mod h1:6AXUsoIEzDTFFQCe1RbGA6uFONMhvejWj5rqITANK90=
|
||||
github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3 h1:BP0HiyNT3AQEYi+if3wkRcIdQFHtsw6xX3Kx0glckgA=
|
||||
github.com/SaveTheRbtz/zstd-seekable-format-go/pkg v0.7.3/go.mod h1:hMNtySovKkn2gdDuLqnqveP+mfhUSaBdoBcr2I7Zt0E=
|
||||
github.com/TheFox0x7/gitleaks/v8 v8.0.0-20250416161107-ce27b3ebd696 h1:HLdcIxXpEGZ1IrqAiQ+ExvAiUBSVPn1xCcmAmR0zaeI=
|
||||
github.com/TheFox0x7/gitleaks/v8 v8.0.0-20250416161107-ce27b3ebd696/go.mod h1:D3AhHRLVp0DigFQNxAgHcQks8EbF7wCZanT/UbGd0Jo=
|
||||
github.com/TheFox0x7/gitleaks/v8 v8.24.4-patch-gitea h1:VMXSHOeB5t4e3Hqet9GSTx5oULskEp7dV2i0/cgEhd4=
|
||||
github.com/TheFox0x7/gitleaks/v8 v8.24.4-patch-gitea/go.mod h1:D3AhHRLVp0DigFQNxAgHcQks8EbF7wCZanT/UbGd0Jo=
|
||||
github.com/alecthomas/assert/v2 v2.11.0 h1:2Q9r3ki8+JYXvGsDyBXwH3LcJ+WK5D0gc5E8vS6K3D0=
|
||||
github.com/alecthomas/assert/v2 v2.11.0/go.mod h1:Bze95FyfUr7x34QZrjL+XP+0qgp/zg8yS+TtBj1WA3k=
|
||||
github.com/alecthomas/chroma/v2 v2.2.0/go.mod h1:vf4zrexSH54oEjJ7EdB65tGNHmH3pGZmVkgTP5RHvAs=
|
||||
|
@ -25,6 +25,7 @@ import (
|
||||
"code.gitea.io/gitea/modules/web"
|
||||
gitea_context "code.gitea.io/gitea/services/context"
|
||||
pull_service "code.gitea.io/gitea/services/pull"
|
||||
|
||||
"github.com/gitleaks/go-gitdiff/gitdiff"
|
||||
"github.com/zricethezav/gitleaks/v8/cmd/scm"
|
||||
gitleaks "github.com/zricethezav/gitleaks/v8/detect"
|
||||
@ -121,7 +122,7 @@ func HookPreReceive(ctx *gitea_context.PrivateContext) {
|
||||
newCommitID := opts.NewCommitIDs[i]
|
||||
refFullName := opts.RefFullNames[i]
|
||||
|
||||
preReceiveSecrets(ourCtx, oldCommitID, newCommitID, refFullName)
|
||||
preReceiveSecrets(ourCtx, oldCommitID, newCommitID)
|
||||
switch {
|
||||
case refFullName.IsBranch():
|
||||
preReceiveBranch(ourCtx, oldCommitID, newCommitID, refFullName)
|
||||
@ -542,7 +543,7 @@ func (ctx *preReceiveContext) loadPusherAndPermission() bool {
|
||||
}
|
||||
|
||||
// checks commits for secrets
|
||||
func preReceiveSecrets(ctx *preReceiveContext, oldCommitID, newCommitID string, refFullName git.RefName) {
|
||||
func preReceiveSecrets(ctx *preReceiveContext, oldCommitID, newCommitID string) {
|
||||
detector, err := gitleaks.NewDetectorDefaultConfig()
|
||||
if err != nil {
|
||||
ctx.Status(http.StatusTeapot)
|
||||
@ -551,22 +552,20 @@ func preReceiveSecrets(ctx *preReceiveContext, oldCommitID, newCommitID string,
|
||||
|
||||
repo := ctx.Repo.Repository
|
||||
out, _, err := git.NewCommand("diff", "-U0").AddDynamicArguments(oldCommitID, newCommitID).RunStdBytes(ctx, &git.RunOpts{Dir: repo.RepoPath(), Env: ctx.env})
|
||||
// r, w, err := os.Pipe()
|
||||
if err != nil {
|
||||
ctx.Status(http.StatusTeapot)
|
||||
return
|
||||
}
|
||||
log.Info("done with diff")
|
||||
giteaCmd, err := newPreRecieveDiff(bytes.NewReader(out))
|
||||
log.Info("crerated cmd!")
|
||||
giteaCmd, err := newPreReceiveDiff(bytes.NewReader(out))
|
||||
if err != nil {
|
||||
log.Info("look! a wild error! %v", err)
|
||||
ctx.Status(http.StatusTeapot)
|
||||
return
|
||||
}
|
||||
log.Info("running the detector!")
|
||||
findings, err := detector.DetectGit(giteaCmd, gitleaks.NewRemoteInfo(scm.GitHubPlatform, repo.Website))
|
||||
log.Info("done!")
|
||||
if err != nil {
|
||||
ctx.Status(http.StatusTeapot)
|
||||
return
|
||||
}
|
||||
if len(findings) != 0 {
|
||||
msg := strings.Builder{}
|
||||
msg.WriteString("This repository has secret detection enabled! Following secrets were detected:\n\n")
|
||||
@ -578,18 +577,14 @@ func preReceiveSecrets(ctx *preReceiveContext, oldCommitID, newCommitID string,
|
||||
}
|
||||
|
||||
ctx.JSON(http.StatusForbidden, private.Response{UserMsg: msg.String()})
|
||||
|
||||
}
|
||||
return
|
||||
|
||||
}
|
||||
|
||||
type giteacmd struct {
|
||||
diffCh <-chan *gitdiff.File
|
||||
errCh <-chan error
|
||||
}
|
||||
|
||||
func newPreRecieveDiff(r io.Reader) (*giteacmd, error) {
|
||||
func newPreReceiveDiff(r io.Reader) (*giteacmd, error) {
|
||||
diffCh, err := gitdiff.Parse(r)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
@ -597,7 +592,6 @@ func newPreRecieveDiff(r io.Reader) (*giteacmd, error) {
|
||||
return &giteacmd{
|
||||
diffCh: diffCh,
|
||||
}, nil
|
||||
|
||||
}
|
||||
|
||||
// DiffFilesCh implements sources.Git.
|
||||
|
Loading…
x
Reference in New Issue
Block a user