2020-12-17 17:00:47 +03:00
// Copyright 2015 The Gogs Authors. All rights reserved.
// Copyright 2018 The Gitea Authors. All rights reserved.
2022-11-27 21:20:29 +03:00
// SPDX-License-Identifier: MIT
2020-12-17 17:00:47 +03:00
2021-08-24 19:47:09 +03:00
//go:build gogit
2020-12-17 17:00:47 +03:00
package git
import (
2021-12-08 22:08:16 +03:00
"context"
2020-12-17 17:00:47 +03:00
"strings"
"github.com/go-git/go-git/v5/plumbing"
2022-03-29 20:12:33 +03:00
"github.com/go-git/go-git/v5/plumbing/storer"
2020-12-17 17:00:47 +03:00
)
2021-06-21 01:39:12 +03:00
// IsObjectExist returns true if given reference exists in the repository.
func ( repo * Repository ) IsObjectExist ( name string ) bool {
if name == "" {
return false
}
_ , err := repo . gogitRepo . ResolveRevision ( plumbing . Revision ( name ) )
return err == nil
}
// IsReferenceExist returns true if given reference exists in the repository.
func ( repo * Repository ) IsReferenceExist ( name string ) bool {
if name == "" {
return false
}
reference , err := repo . gogitRepo . Reference ( plumbing . ReferenceName ( name ) , true )
if err != nil {
return false
}
return reference . Type ( ) != plumbing . InvalidReference
}
2020-12-17 17:00:47 +03:00
// IsBranchExist returns true if given branch exists in current repository.
func ( repo * Repository ) IsBranchExist ( name string ) bool {
if name == "" {
return false
}
reference , err := repo . gogitRepo . Reference ( plumbing . ReferenceName ( BranchPrefix + name ) , true )
if err != nil {
return false
}
return reference . Type ( ) != plumbing . InvalidReference
}
Refactor git command package to improve security and maintainability (#22678)
This PR follows #21535 (and replace #22592)
## Review without space diff
https://github.com/go-gitea/gitea/pull/22678/files?diff=split&w=1
## Purpose of this PR
1. Make git module command completely safe (risky user inputs won't be
passed as argument option anymore)
2. Avoid low-level mistakes like
https://github.com/go-gitea/gitea/pull/22098#discussion_r1045234918
3. Remove deprecated and dirty `CmdArgCheck` function, hide the `CmdArg`
type
4. Simplify code when using git command
## The main idea of this PR
* Move the `git.CmdArg` to the `internal` package, then no other package
except `git` could use it. Then developers could never do
`AddArguments(git.CmdArg(userInput))` any more.
* Introduce `git.ToTrustedCmdArgs`, it's for user-provided and already
trusted arguments. It's only used in a few cases, for example: use git
arguments from config file, help unit test with some arguments.
* Introduce `AddOptionValues` and `AddOptionFormat`, they make code more
clear and simple:
* Before: `AddArguments("-m").AddDynamicArguments(message)`
* After: `AddOptionValues("-m", message)`
* -
* Before: `AddArguments(git.CmdArg(fmt.Sprintf("--author='%s <%s>'",
sig.Name, sig.Email)))`
* After: `AddOptionFormat("--author='%s <%s>'", sig.Name, sig.Email)`
## FAQ
### Why these changes were not done in #21535 ?
#21535 is mainly a search&replace, it did its best to not change too
much logic.
Making the framework better needs a lot of changes, so this separate PR
is needed as the second step.
### The naming of `AddOptionXxx`
According to git's manual, the `--xxx` part is called `option`.
### How can it guarantee that `internal.CmdArg` won't be not misused?
Go's specification guarantees that. Trying to access other package's
internal package causes compilation error.
And, `golangci-lint` also denies the git/internal package. Only the
`git/command.go` can use it carefully.
### There is still a `ToTrustedCmdArgs`, will it still allow developers
to make mistakes and pass untrusted arguments?
Generally speaking, no. Because when using `ToTrustedCmdArgs`, the code
will be very complex (see the changes for examples). Then developers and
reviewers can know that something might be unreasonable.
### Why there was a `CmdArgCheck` and why it's removed?
At the moment of #21535, to reduce unnecessary changes, `CmdArgCheck`
was introduced as a hacky patch. Now, almost all code could be written
as `cmd := NewCommand(); cmd.AddXxx(...)`, then there is no need for
`CmdArgCheck` anymore.
### Why many codes for `signArg == ""` is deleted?
Because in the old code, `signArg` could never be empty string, it's
either `-S[key-id]` or `--no-gpg-sign`. So the `signArg == ""` is just
dead code.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 05:30:43 +03:00
// GetBranches returns branches from the repository, skipping "skip" initial branches and
// returning at most "limit" branches, or all branches if "limit" is 0.
2021-12-08 22:08:16 +03:00
func ( repo * Repository ) GetBranchNames ( skip , limit int ) ( [ ] string , int , error ) {
2020-12-17 17:00:47 +03:00
var branchNames [ ] string
branches , err := repo . gogitRepo . Branches ( )
if err != nil {
2021-02-03 22:06:13 +03:00
return nil , 0 , err
2020-12-17 17:00:47 +03:00
}
2021-02-03 22:06:13 +03:00
i := 0
count := 0
2020-12-17 17:00:47 +03:00
_ = branches . ForEach ( func ( branch * plumbing . Reference ) error {
2021-02-03 22:06:13 +03:00
count ++
if i < skip {
i ++
return nil
} else if limit != 0 && count > skip + limit {
return nil
}
2020-12-17 17:00:47 +03:00
branchNames = append ( branchNames , strings . TrimPrefix ( branch . Name ( ) . String ( ) , BranchPrefix ) )
return nil
} )
// TODO: Sort?
2021-02-03 22:06:13 +03:00
return branchNames , count , nil
2020-12-17 17:00:47 +03:00
}
2021-12-08 22:08:16 +03:00
// WalkReferences walks all the references from the repository
2022-03-29 20:12:33 +03:00
// refType should be empty, ObjectTag or ObjectBranch. All other values are equivalent to empty.
func WalkReferences ( ctx context . Context , repoPath string , walkfn func ( sha1 , refname string ) error ) ( int , error ) {
2022-01-20 02:26:57 +03:00
repo := RepositoryFromContext ( ctx , repoPath )
if repo == nil {
var err error
2022-03-29 22:13:41 +03:00
repo , err = OpenRepository ( ctx , repoPath )
2022-01-20 02:26:57 +03:00
if err != nil {
return 0 , err
}
defer repo . Close ( )
2021-12-08 22:08:16 +03:00
}
i := 0
iter , err := repo . gogitRepo . References ( )
if err != nil {
return i , err
}
defer iter . Close ( )
err = iter . ForEach ( func ( ref * plumbing . Reference ) error {
2022-03-29 20:12:33 +03:00
err := walkfn ( ref . Hash ( ) . String ( ) , string ( ref . Name ( ) ) )
2021-12-08 22:08:16 +03:00
i ++
return err
} )
return i , err
}
2022-03-29 20:12:33 +03:00
// WalkReferences walks all the references from the repository
func ( repo * Repository ) WalkReferences ( arg ObjectType , skip , limit int , walkfn func ( sha1 , refname string ) error ) ( int , error ) {
i := 0
var iter storer . ReferenceIter
var err error
switch arg {
case ObjectTag :
iter , err = repo . gogitRepo . Tags ( )
case ObjectBranch :
iter , err = repo . gogitRepo . Branches ( )
default :
iter , err = repo . gogitRepo . References ( )
}
if err != nil {
return i , err
}
defer iter . Close ( )
err = iter . ForEach ( func ( ref * plumbing . Reference ) error {
if i < skip {
i ++
return nil
}
err := walkfn ( ref . Hash ( ) . String ( ) , string ( ref . Name ( ) ) )
i ++
if err != nil {
return err
}
if limit != 0 && i >= skip + limit {
return storer . ErrStop
}
return nil
} )
return i , err
}
2022-05-07 20:05:52 +03:00
// GetRefsBySha returns all references filtered with prefix that belong to a sha commit hash
func ( repo * Repository ) GetRefsBySha ( sha , prefix string ) ( [ ] string , error ) {
var revList [ ] string
iter , err := repo . gogitRepo . References ( )
if err != nil {
return nil , err
}
err = iter . ForEach ( func ( ref * plumbing . Reference ) error {
if ref . Hash ( ) . String ( ) == sha && strings . HasPrefix ( string ( ref . Name ( ) ) , prefix ) {
revList = append ( revList , string ( ref . Name ( ) ) )
}
return nil
} )
return revList , err
}
