Skip to content

Add Allow-/Block-List for Migrate & Mirrors (#13610) #13776

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Dec 2, 2020
Merged

Add Allow-/Block-List for Migrate & Mirrors (#13610) #13776

merged 1 commit into from
Dec 2, 2020

Conversation

6543
Copy link
Member

@6543 6543 commented Dec 1, 2020
edited
Loading

Backport #13610

@6543 6543 added the topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! label Dec 1, 2020
@6543 6543 added this to the 1.13.0 milestone Dec 1, 2020
@GiteaBot GiteaBot added the lgtm/need 1 This PR needs approval from one additional maintainer to be merged. label Dec 1, 2020
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Dec 1, 2020
@6543 6543 changed the title Deny Migration from private/local addresses by default Add Allow-/Block-List for Migrate & Mirrors (#13610) Dec 1, 2020
@6543 6543 added type/feature Completely new functionality. Can only be merged if feature freeze is not active. topic/repo-migration Migrate repos from other platforms to Gitea, or from Gitea to them pr/wip This PR is not ready for review labels Dec 1, 2020
@6543 @lunny
@zeripath @techknowlogick
Add Allow-/Block-List for Migrate & Mirrors (go-gitea#13610)
e88ea03 
* add black list and white list support for migrating repositories

* specify log message

* use blocklist/allowlist

* allways use lowercase to match url

* Apply allow/block

* Settings: use existing "migrations" section

* convert domains lower case

* dont store unused value

* Block private addresses for migration by default

* use proposed-upstream func to detect private IP addr

* add own error for blocked migration, add tests, imprufe api

* fix test

* fix-if-localhost-is-ipv4

* rename error & error message

* rename setting options

* Apply suggestions from code review

Co-authored-by: Lunny Xiao <[email protected]>
Co-authored-by: zeripath <[email protected]>
Co-authored-by: techknowlogick <[email protected]>
@6543 6543 force-pushed the backport_ALLOW_LOCALNETWORKS branch from 85712fc to e88ea03 Compare December 1, 2020 22:06
@6543 6543 removed the pr/wip This PR is not ready for review label Dec 1, 2020
@6543
Copy link
Member Author

6543 commented Dec 1, 2020

@zeripath made a whole backport ... as per discord
@gary-kim ping

@gary-kim
Copy link
Member

gary-kim commented Dec 1, 2020

Thanks for the reping

@6543
Copy link
Member Author

6543 commented Dec 1, 2020

🚀

@techknowlogick techknowlogick merged commit 07629bd into go-gitea:release/v1.13 Dec 2, 2020
@6543 6543 deleted the backport_ALLOW_LOCALNETWORKS branch December 2, 2020 00:30
@go-gitea go-gitea locked and limited conversation to collaborators Jan 18, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers
2 more reviewers

@zeripath zeripath zeripath approved these changes

@gary-kim gary-kim gary-kim approved these changes

Reviewers whose approvals may not affect merge requirements
Assignees
No one assigned
Labels
lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. topic/repo-migration Migrate repos from other platforms to Gitea, or from Gitea to them topic/security Something leaks user information or is otherwise vulnerable. Should be fixed! type/feature Completely new functionality. Can only be merged if feature freeze is not active.
Projects
None yet
Milestone
1.13.0
Development

Successfully merging this pull request may close these issues.
5 participants
@6543 @gary-kim @zeripath @techknowlogick @GiteaBot