Refactor legacy unknwon/com package, improve golangci lint
#19284
Conversation
wxiaoguang
force-pushed
the
lunny/vars_expand
branch
from
26f47e5
to
b9c1142
Compare
| @@ -162,7 +163,12 @@ func prepareOptions(options []CsrfOptions) CsrfOptions { | |||
|
|
|||
| // Defaults. | |||
| if len(opt.Secret) == 0 { | |||
| opt.Secret = string(com.RandomCreateBytes(10)) | |||
| randBytes, err := util.CryptoRandomBytes(8) | |||
There was a problem hiding this comment.
Just to note for other reviewers/maintainers that the reduction of this isn't a concern.
Old situation:
The com.RandomCreateBytes actually doesn't give you the full 8 bits of randomness per byte(so 80 bits in the old case), because it reduces itself to only use the alphanum: https://github.com/unknwon/com/blob/b41c64acd94be7e673c9c8301344d31cce99e06c/string.go#L130 which only gives 6 bits per byte of randomness so it would only receive 48 bits of randomness.
New situation:
With CryptoRandomBytes the full 64 bits would be random.
There was a problem hiding this comment.
And before, IIRC the com.RandomCreateBytes uses a math PRNG ..... not crypto-safe.
GiteaBot
added
lgtm/need 2
Co-authored-by: Gusted <williamzijl7@hotmail.com>
modules/templates/vars/vars.go
Outdated
|
|
||
| // Expand replaces all variables like {var} to match, if error occurs, | ||
| // the error part doesn't change and is returned as it is. | ||
| func Expand(template string, match map[string]string) (string, error) { |
There was a problem hiding this comment.
doesnt do this the exact same thing the std lib for templates is doing?
There was a problem hiding this comment.
Do you mean text/template? I think there are different, I can not remember if there is a exactly the same function in std library.
|
TBH, I wasn't going to rewrite the AESGCMEncrypt, etc. I feel that most of us like to do the rewrite, then I can improve this PR with more changes and tests. Will be back soon. |
|
Updated. Since the And now there is only one I think this PR is big enough and gets enough changes. More refactoring to the |
This comment was marked as off-topic.
This comment was marked as off-topic.
wxiaoguang
force-pushed
the
lunny/vars_expand
branch
from
d1d1708
to
73602a2
Compare
lunny
added
the
type/refactoring
GiteaBot
added
lgtm/need 1
GiteaBot
added
lgtm/done
Follows: #19284 * The `CopyDir` is only used inside test code * Rewrite `ToSnakeCase` with more test cases * The `RedisCacher` only put strings into cache, here we use internal `toStr` to replace the legacy `ToStr` * The `UniqueQueue` can use string as ID directly, no need to call `ToStr`
|
After these refactorings, now there are only 2 unmaintained packages:
Do you think we should continue to refactor these 2 packages? If vote yes (up+1), I could do it if I have time. |
* giteaofficial/main: Remove legacy unmaintained packages, refactor to support change default locale (go-gitea#19308) [skip ci] Updated translations via Crowdin Prevent intermittent NPE in queue tests (go-gitea#19301) Upgrade xorm/builder from v0.3.9 to v0.3.10 (go-gitea#19296) An attempt to sync a non-mirror repo must give 400 (Bad Request) (go-gitea#19300) Remove legacy `unknwon/com` package (go-gitea#19298) Improve package registry docs (go-gitea#19273) A pull-mirror repo should be marked as such on creation (go-gitea#19295) Refactor legacy `unknwon/com` package, improve golangci lint (go-gitea#19284) Skip frontend ROOT_URL check on installation page, remove unnecessary global var (go-gitea#19291)
In this PR, the following refactoring are done. The main purpose is to refactor the legacy
unknwon/com.unknwon/com, now onlyutil/legacy.goimports the legacyunknwon/com, preparing for next round refactoring"1.18", instead of a float number1.18go-importandgo-sourcemeta tagscom.Expandto our stable (and the same fast)vars.Expand.vars.Expandcan detect errors and show them in logs or to end users.vars.Expandcan still return partially rendered content even if the template is not good (eg: key mistach).com.Expand