Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hide private repositories in packages #19584

Merged
merged 11 commits into from
May 7, 2022
Merged

Hide private repositories in packages #19584

merged 11 commits into from
May 7, 2022

Conversation

KN4CK3R
Copy link
Member

@KN4CK3R KN4CK3R commented May 2, 2022

This PR hides private repositories linked to packages.

@KN4CK3R KN4CK3R added topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. labels May 2, 2022
@KN4CK3R KN4CK3R added this to the 1.17.0 milestone May 2, 2022
@Gusted
Copy link
Contributor

Gusted commented May 2, 2022

So private repositories can still publish packages the repo name/URL won't be shown?

@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label May 2, 2022
@KN4CK3R
Copy link
Member Author

KN4CK3R commented May 2, 2022

If the owner of the package is public but the linked repository is private, the repository name is not displayed for users without access to that repository.

@Gusted
Copy link
Contributor

Gusted commented May 2, 2022

Do we need to have changes for the API side?

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels May 2, 2022
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels May 2, 2022
@KN4CK3R
Copy link
Member Author

KN4CK3R commented May 2, 2022

Do we need to have changes for the API side?

Thank you for the idea. I thought ToRepository would handle it but that's not the case. Setting pd.Repository = nil before converting it but that feels like a workaround.

@Gusted
Copy link
Contributor

Gusted commented May 2, 2022

Ehh.. Feels like we might want to have some tests for that, but could be done in another PR.

@KN4CK3R

This comment was marked as outdated.

Sign in to view
@KN4CK3R
Copy link
Member Author

KN4CK3R commented May 2, 2022

ToPullReview already uses a context so it may be fine. Will update the PR shortly.

@wxiaoguang wxiaoguang added the pr/wip This PR is not ready for review label May 2, 2022
techknowlogick
techknowlogick previously requested changes May 2, 2022
View reviewed changes
Copy link
Member

@techknowlogick techknowlogick left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

blocking so it isn't accidentally merged. feel free to dismiss when no longer WIP

@KN4CK3R KN4CK3R requested review from wxiaoguang and 6543 May 2, 2022 18:01
@wxiaoguang wxiaoguang removed the pr/wip This PR is not ready for review label May 3, 2022
@codecov-commenter

This comment was marked as off-topic.

Sign in to view
6543
6543 reviewed May 7, 2022
View reviewed changes
modules/convert/package.go Outdated Show resolved Hide resolved
6543
6543 reviewed May 7, 2022
View reviewed changes
modules/convert/package.go Outdated Show resolved Hide resolved
@6543
Copy link
Member

6543 commented May 7, 2022

🤖 wake up

@6543 6543 merged commit 8adba93 into go-gitea:main May 7, 2022
zjjhot added a commit to zjjhot/gitea that referenced this pull request May 8, 2022
@zjjhot
Merge remote-tracking branch 'giteaofficial/main'
96e8813 
* giteaofficial/main:
  Delete related PullAutoMerge and ReviewState on User/Repo Deletion (go-gitea#19649)
  Allow custom default merge message with .gitea/default_merge_message/<merge_style>_TEMPLATE.md (go-gitea#18177)
  Allow to mark files in a PR as viewed (go-gitea#19007)
  Auto merge pull requests when all checks succeeded via API (go-gitea#9307)
  Hide private repositories in packages (go-gitea#19584)
  Only show accessible teams in dashboard dropdown list (go-gitea#19642)
  prevent double click new issue/pull/comment button (go-gitea#16157)
  Improve reviewing PR UX (go-gitea#19612)
  [skip ci] Updated translations via Crowdin
  Add Changelog v1.16.7 (go-gitea#19575) (go-gitea#19644)
  Set safe dir for git operations in .drone.yml CI (go-gitea#19641)
  Add missing `sorting` column in `project_issue` table (go-gitea#19635)
@KN4CK3R KN4CK3R deleted the fix-package-repository-access branch May 9, 2022 20:53
AbdulrhmnGhanem pushed a commit to kitspace/gitea that referenced this pull request Aug 24, 2022
@KN4CK3R @AbdulrhmnGhanem
Hide private repositories in packages (go-gitea#19584)
94086ff
@go-gitea go-gitea locked and limited conversation to collaborators May 3, 2023
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@6543 6543 6543 approved these changes

@wxiaoguang wxiaoguang wxiaoguang approved these changes

@Gusted Gusted Gusted approved these changes

@techknowlogick techknowlogick Awaiting requested review from techknowlogick

Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. skip-changelog This PR is irrelevant for the (next) changelog, for example bug fixes for unreleased features. topic/packages topic/security Something leaks user information or is otherwise vulnerable. Should be fixed!
Projects
None yet
Milestone
1.17.0
Development

Successfully merging this pull request may close these issues.
7 participants
@KN4CK3R @Gusted @codecov-commenter @6543 @techknowlogick @wxiaoguang @GiteaBot