-
-
Notifications
You must be signed in to change notification settings - Fork 5.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Refactor legacy unknwon/com
package, improve golangci lint
#19284
Conversation
26f47e5
to
b9c1142
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Not sure why we're changing from %v", err
-> %s", err.Error()
@@ -162,7 +163,12 @@ func prepareOptions(options []CsrfOptions) CsrfOptions { | |||
|
|||
// Defaults. | |||
if len(opt.Secret) == 0 { | |||
opt.Secret = string(com.RandomCreateBytes(10)) | |||
randBytes, err := util.CryptoRandomBytes(8) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just to note for other reviewers/maintainers that the reduction of this isn't a concern.
Old situation:
The com.RandomCreateBytes
actually doesn't give you the full 8 bits of randomness per byte(so 80 bits in the old case), because it reduces itself to only use the alphanum: https://github.com/unknwon/com/blob/b41c64acd94be7e673c9c8301344d31cce99e06c/string.go#L130 which only gives 6 bits per byte of randomness so it would only receive 48 bits of randomness.
New situation:
With CryptoRandomBytes
the full 64 bits would be random.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And before, IIRC the com.RandomCreateBytes
uses a math PRNG ..... not crypto-safe.
Co-authored-by: Gusted <[email protected]>
modules/templates/vars/vars.go
Outdated
|
||
// Expand replaces all variables like {var} to match, if error occurs, | ||
// the error part doesn't change and is returned as it is. | ||
func Expand(template string, match map[string]string) (string, error) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
doesnt do this the exact same thing the std lib for templates is doing?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Do you mean text/template
? I think there are different, I can not remember if there is a exactly the same function in std library.
TBH, I wasn't going to rewrite the AESGCMEncrypt, etc. I feel that most of us like to do the rewrite, then I can improve this PR with more changes and tests. Will be back soon. |
Updated. Since the And now there is only one I think this PR is big enough and gets enough changes. More refactoring to the |
This comment was marked as off-topic.
This comment was marked as off-topic.
d1d1708
to
73602a2
Compare
Follows: #19284 * The `CopyDir` is only used inside test code * Rewrite `ToSnakeCase` with more test cases * The `RedisCacher` only put strings into cache, here we use internal `toStr` to replace the legacy `ToStr` * The `UniqueQueue` can use string as ID directly, no need to call `ToStr`
After these refactorings, now there are only 2 unmaintained packages:
Do you think we should continue to refactor these 2 packages? If vote yes (up+1), I could do it if I have time. |
* giteaofficial/main: Remove legacy unmaintained packages, refactor to support change default locale (go-gitea#19308) [skip ci] Updated translations via Crowdin Prevent intermittent NPE in queue tests (go-gitea#19301) Upgrade xorm/builder from v0.3.9 to v0.3.10 (go-gitea#19296) An attempt to sync a non-mirror repo must give 400 (Bad Request) (go-gitea#19300) Remove legacy `unknwon/com` package (go-gitea#19298) Improve package registry docs (go-gitea#19273) A pull-mirror repo should be marked as such on creation (go-gitea#19295) Refactor legacy `unknwon/com` package, improve golangci lint (go-gitea#19284) Skip frontend ROOT_URL check on installation page, remove unnecessary global var (go-gitea#19291)
In this PR, the following refactoring are done. The main purpose is to refactor the legacy
unknwon/com
.unknwon/com
, now onlyutil/legacy.go
imports the legacyunknwon/com
, preparing for next round refactoring"1.18"
, instead of a float number1.18
go-import
andgo-source
meta tagscom.Expand
to our stable (and the same fast)vars.Expand
.vars.Expand
can detect errors and show them in logs or to end users.vars.Expand
can still return partially rendered content even if the template is not good (eg: key mistach).com.Expand