mirror of https://github.com/go-gitea/gitea.git synced 2026-06-18 20:10:04 +02:00

History

fix(sec): block redirects in repository migration clone (SSRF)

Migration validates the initial clone address against the allow/block
list, but a git-service migration clones with `git clone`, which follows
an HTTP 302 from the remote to an internal address without re-validating.
This let a low-privilege user reach internal services through Gitea.

Refuse redirects on the migration clone via `http.followRedirects=false`,
the only reliable guard since git resolves redirects below Gitea's
validation layer. Applied to both the repository and wiki clones.

Assisted-by: Claude:claude-opus-4-8

2026-06-14 11:51:39 +02:00

attribute

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

foreachref

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

gitcmd

fix: git cmd (#38084 )

2026-06-12 07:35:59 +02:00

internal

…

languagestats

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

pipeline

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

tests/repos

…

url

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

blob_gogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

blob_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

blob_test.go

…

blob.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

catfile_batch_command.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

catfile_batch_legacy.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

catfile_batch_reader.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

catfile_batch_test.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

catfile_batch.go

Refactor cat-file batch operations and support --batch-command approach (#35775 )

2026-01-08 13:37:36 -08:00

cmdverb.go

…

commit_convert_gogit.go

fix: Invalid UTF-8 commit messages in JSON API responses (#37542 )

2026-05-07 16:19:45 +02:00

commit_info_gogit.go

fix: catch and fix more lint problems (#37674 )

2026-05-13 09:00:41 +02:00

commit_info_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

commit_info_test.go

Refactor cat-file batch operations and support --batch-command approach (#35775 )

2026-01-08 13:37:36 -08:00

commit_info.go

…

commit_message_test.go

feat: Add avatar stacks (#37594 )

2026-06-08 17:16:22 +00:00

commit_message.go

feat: Add avatar stacks (#37594 )

2026-06-08 17:16:22 +00:00

commit_reader.go

fix: Invalid UTF-8 commit messages in JSON API responses (#37542 )

2026-05-07 16:19:45 +02:00

commit_sha256_test.go

fix: Invalid UTF-8 commit messages in JSON API responses (#37542 )

2026-05-07 16:19:45 +02:00

commit_submodule_file_test.go

…

commit_submodule_file.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

commit_submodule.go

Enable nilnil linter for new code (#36591 )

2026-02-16 09:57:18 +00:00

commit_test.go

chore: fix git commit "rev-list" (#38069 )

2026-06-11 18:08:55 +00:00

commit.go

chore: fix git commit "rev-list" (#38069 )

2026-06-11 18:08:55 +00:00

config_submodule_test.go

…

config_submodule.go

…

config_test.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

config.go

fix!: raise git required version to 2.13 (#37996 )

2026-06-04 13:56:16 +00:00

diff_test.go

…

diff.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

error.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

git_test.go

Fix various version parsing problems (#36553 )

2026-02-08 20:25:30 +00:00

git.go

fix!: raise git required version to 2.13 (#37996 )

2026-06-04 13:56:16 +00:00

gpg.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

grep_test.go

…

grep.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

hook.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

key.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

last_commit_cache_gogit.go

…

last_commit_cache_nogogit.go

…

last_commit_cache.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

log_name_status.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

notes_gogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

notes_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

notes_test.go

…

notes.go

…

object_format.go

…

object_id_gogit.go

…

object_id_test.go

Fix the wrong push commits in the pull request when force push (#36914 )

2026-04-04 16:27:57 -07:00

object_id.go

chore: fix git commit "rev-list" (#38069 )

2026-06-11 18:08:55 +00:00

parse_treeentry_test.go

refactor: simplify ParseCatFileTreeLine and catBatchParseTreeEntries (#37210 )

2026-04-14 12:03:26 +00:00

parse_treeentry.go

fix: catch and fix more lint problems (#37674 )

2026-05-13 09:00:41 +02:00

parse.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

README.md

…

ref_test.go

…

ref.go

fix: parse HEAD ref (#38088 )

2026-06-12 18:27:38 +00:00

remote.go

fix: refactor git error handling and make archive streaming handle non-existing commit id (#38007 )

2026-06-06 11:06:08 +00:00

repo_base_gogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_base_nogogit_test.go

Refactor cat-file batch operations and support --batch-command approach (#35775 )

2026-01-08 13:37:36 -08:00

repo_base_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_blob_test.go

…

repo_blob.go

Fix panic when get editor config file (#36241 )

2025-12-25 19:26:23 -08:00

repo_branch_gogit.go

…

repo_branch_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_branch_test.go

…

repo_branch.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_commit_gogit.go

feat(api): Add GET /repos/{owner}/{repo}/actions/workflows/{workflow_id}/runs (#37196 )

2026-06-11 17:12:30 +00:00

repo_commit_nogogit.go

fix: refactor git error handling and make archive streaming handle non-existing commit id (#38007 )

2026-06-06 11:06:08 +00:00

repo_commit_test.go

chore: fix git commit "rev-list" (#38069 )

2026-06-11 18:08:55 +00:00

repo_commit.go

fix: git push hook post receive (#38089 )

2026-06-13 04:43:25 +00:00

repo_commitgraph_gogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_commitgraph.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_compare_test.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_compare.go

chore: fix git commit "rev-list" (#38069 )

2026-06-11 18:08:55 +00:00

repo_hook.go

…

repo_index.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_object.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_ref_gogit.go

…

repo_ref_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_ref_test.go

…

repo_ref.go

fix: parse HEAD ref (#38088 )

2026-06-12 18:27:38 +00:00

repo_stats_test.go

…

repo_stats.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_tag_gogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_tag_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_tag_test.go

fix: Invalid UTF-8 commit messages in JSON API responses (#37542 )

2026-05-07 16:19:45 +02:00

repo_tag.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_test.go

fix(sec): block redirects in repository migration clone (SSRF)

2026-06-14 11:51:39 +02:00

repo_tree_gogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo_tree_nogogit.go

Refactor cat-file batch operations and support --batch-command approach (#35775 )

2026-01-08 13:37:36 -08:00

repo_tree.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

repo.go

fix(sec): block redirects in repository migration clone (SSRF)

2026-06-14 11:51:39 +02:00

signature_gogit.go

…

signature_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

signature_test.go

…

signature.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

submodule_test.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

submodule.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

tag_test.go

fix: Invalid UTF-8 commit messages in JSON API responses (#37542 )

2026-05-07 16:19:45 +02:00

tag.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

tree_blob_gogit.go

…

tree_blob_nogogit.go

…

tree_blob.go

…

tree_entry_common_test.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

tree_entry_gogit_test.go

fix: catch and fix more lint problems (#37674 )

2026-05-13 09:00:41 +02:00

tree_entry_gogit.go

Fix panic when get editor config file (#36241 )

2025-12-25 19:26:23 -08:00

tree_entry_mode.go

refactor: simplify ParseCatFileTreeLine and catBatchParseTreeEntries (#37210 )

2026-04-14 12:03:26 +00:00

tree_entry_nogogit.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

tree_entry_test.go

refactor: simplify ParseCatFileTreeLine and catBatchParseTreeEntries (#37210 )

2026-04-14 12:03:26 +00:00

tree_entry.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

tree_gogit.go

…

tree_nogogit.go

fix: refactor git error handling and make archive streaming handle non-existing commit id (#38007 )

2026-06-06 11:06:08 +00:00

tree_test.go

…

tree.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

utils_test.go

…

utils.go

chore: Move import path from code.gitea.io/gitea to gitea.dev (#37873 )

2026-05-26 15:49:31 -07:00

README.md

Git Module

This module is merged from https://github.com/go-gitea/git which is a Go module to access Git through shell commands. Now it's a part of gitea's main repository for easier pull request.