gitea/issues at 6f5def0f372e345fa8d729f8dea3e7c46acb522e - gitea - Gitea

Mirrors/gitea

mirror of https://github.com/go-gitea/gitea.git synced 2026-06-18 11:27:35 +02:00

History

Giteabot 3b705738ab

fix: bound CODEOWNERS regex match time (#38011 ) (#38025 )

Backport #38011 by @bircni

User-supplied CODEOWNERS patterns were compiled without a match timeout,
so a crafted pattern (e.g. (a+)+) against a crafted file path could
backtrack for tens of seconds inside the PR creation transaction and
exhaust the database connection pool. Set MatchTimeout on each compiled
rule; the caller already treats match errors as non-matches.

Signed-off-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: bircni <bircni@icloud.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

2026-06-07 16:40:34 +00:00

..

assignees_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

assignees.go

Use db.WithTx/WithTx2 instead of TxContext when possible (#35428 )

2025-09-10 03:15:01 +00:00

comment_code.go

Add resolve/unresolve review comment API endpoints (#36441 )

2026-02-01 12:28:28 +00:00

comment_list.go

Run gopls modernize on codebase (#34751 )

2025-06-18 01:48:09 +00:00

comment_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

comment.go

Make GetPossibleUserByID can handle deleted user (#37430 ) (#37431 )

2026-04-27 00:33:09 +08:00

content_history_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

content_history.go

…

dependency_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

dependency.go

Use db.WithTx/WithTx2 instead of TxContext when possible (#35130 )

2025-07-22 10:02:01 -07:00

issue_index.go

Use db.WithTx/WithTx2 instead of TxContext when possible (#35130 )

2025-07-22 10:02:01 -07:00

issue_label_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

issue_label.go

Fix issue label deletion with Actions tokens (#37013 )

2026-03-29 09:21:14 +00:00

issue_list_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

issue_list.go

Run gopls modernize on codebase (#34751 )

2025-06-18 01:48:09 +00:00

issue_lock.go

Use db.WithTx/WithTx2 instead of TxContext when possible (#35130 )

2025-07-22 10:02:01 -07:00

issue_pin.go

…

issue_project.go

Refactor issue sidebar and fix various problems (#37045 )

2026-03-31 10:03:52 +08:00

issue_search.go

Fix various bugs (#35684 )

2025-10-19 00:37:50 +08:00

issue_stats.go

Run gopls modernize on codebase (#34751 )

2025-06-18 01:48:09 +00:00

issue_test.go

Fix various bugs (#35684 )

2025-10-19 00:37:50 +08:00

issue_update.go

Fix issue label deletion with Actions tokens (#37013 )

2026-03-29 09:21:14 +00:00

issue_user_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

issue_user.go

…

issue_watch_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

issue_watch.go

…

issue_xref_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

issue_xref.go

Fix issue label deletion with Actions tokens (#37013 )

2026-03-29 09:21:14 +00:00

issue.go

Make GetPossibleUserByID can handle deleted user (#37430 ) (#37431 )

2026-04-27 00:33:09 +08:00

label_test.go

Fix typos in code comments: doesnt, dont, wont (#36890 )

2026-03-13 09:58:44 -07:00

label.go

Use db.WithTx/WithTx2 instead of TxContext when possible (#35130 )

2025-07-22 10:02:01 -07:00

main_test.go

…

milestone_list.go

feature to be able to filter project boards by milestones (#36321 )

2026-02-12 22:09:32 +00:00

milestone_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

milestone.go

Closed milestones with no issues now show as 100% completed (#36220 )

2025-12-20 16:16:20 +00:00

pull_list_test.go

Fix allow maintainer edit permission check (#37479 ) (#37484 )

2026-04-29 17:07:09 +00:00

pull_list.go

Fix allow maintainer edit permission check (#37479 ) (#37484 )

2026-04-29 17:07:09 +00:00

pull_test.go

fix: bound CODEOWNERS regex match time (#38011 ) (#38025 )

2026-06-07 16:40:34 +00:00

pull.go

fix: bound CODEOWNERS regex match time (#38011 ) (#38025 )

2026-06-07 16:40:34 +00:00

reaction.go

Use db.WithTx/WithTx2 instead of TxContext when possible (#35130 )

2025-07-22 10:02:01 -07:00

review_list.go

Correct spelling (#36783 )

2026-02-28 11:23:20 -08:00

review_test.go

fix(issues): clear stale ReviewTypeRequest when submitting pending re… (#37809 ) (#37815 )

2026-05-22 20:43:03 +02:00

review.go

fix(issues): clear stale ReviewTypeRequest when submitting pending re… (#37809 ) (#37815 )

2026-05-22 20:43:03 +02:00

stopwatch_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

stopwatch.go

Add more check for stopwatch read or list (#36340 )

2026-01-13 13:13:39 +00:00

tracked_time_test.go

Remove incorrect "db.DefaultContext" usages (#35366 )

2025-08-28 03:52:43 +00:00

tracked_time.go

Fix track time issue id (#36664 )

2026-02-20 21:48:54 +00:00