Skip to content

Comments

Rework Create release functions#36621

Draft
lunny wants to merge 20 commits intogo-gitea:mainfrom
lunny:lunny/rework_create_release
Draft

Rework Create release functions#36621
lunny wants to merge 20 commits intogo-gitea:mainfrom
lunny:lunny/rework_create_release

Conversation

@lunny
Copy link
Member

@lunny lunny commented Feb 14, 2026

  • Add a tag name invalidate name error check when creating tag from the UI
  • Rework CreateRelease, CreateNewTag and UpdateRelease
  • Fix the bug it will never work when creating a release from a UI-created-tag.

@lunny lunny added type/bug type/refactoring Existing code has been cleaned up. There should be no new functionality. labels Feb 14, 2026
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Feb 14, 2026
@github-actions github-actions bot added modifies/api This PR adds API routes or modifies them modifies/go Pull requests that update Go code labels Feb 14, 2026
@wxiaoguang
Copy link
Contributor

"// Trim '--' prefix to prevent command line argument vulnerability."

How it can be right? Where is the vulnerability? If you think there is a vulnerability, why don't you fix the branch names?

@lunny
Copy link
Member Author

lunny commented Feb 14, 2026

"// Trim '--' prefix to prevent command line argument vulnerability."

How it can be right? Where is the vulnerability? If you think there is a vulnerability, why don't you fix the branch names?

Removed at 9e37d1b which introduced at 0a78d99#diff-ff6356f0c6f4aae97d82e1c488527eb91065a8a7e474add4e74cdc5bd167f7caR70-R71

@lunny lunny marked this pull request as ready for review February 17, 2026 19:47
@lunny
Copy link
Member Author

lunny commented Feb 17, 2026

This is ready to review now.

Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Reworks release/tag creation flows to support UI-created tags, adds invalid tag name checks, and threads request context through release service calls.

Changes:

  • Introduced createGitTag and refactored CreateRelease, CreateNewTag, and UpdateRelease to use context.Context and handle existing tags.
  • Updated web/API/test call sites to pass context into CreateRelease.
  • Improved branch creation error handling by adding invalid tag name feedback.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 6 comments.

Show a summary per file
File Description
tests/integration/mirror_pull_test.go Updates integration test to pass context into CreateRelease.
services/release/release_test.go Updates tests for new CreateRelease signature and adds basic createGitTag coverage.
services/release/release.go Major refactor: new createGitTag, context-aware CreateRelease, updated CreateNewTag + UpdateRelease logic.
routers/web/repo/release.go Updates UI release creation to call new CreateRelease(ctx, ...) and removes pre-check for target branch existence.
routers/web/repo/branch.go Refactors error handling and adds handling for invalid tag names.
routers/api/v1/repo/release.go Updates API endpoint to call new CreateRelease(ctx, ...).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

lunny and others added 7 commits February 17, 2026 19:35
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Copy link
Contributor

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.


💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment on lines +110 to +112
if rel.Repo == nil || rel.Publisher == nil {
return errors.New("repo or publisher is not loaded")
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is definitely a programming error, why you tolerate it to happen?

switch {
case err == nil:
return nil
case strings.Contains(err.Error(), "is not a valid tag name"):
Copy link
Contributor

@wxiaoguang wxiaoguang Feb 22, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

image image

case release_service.IsErrProtectedTagName(err):
ctx.RenderWithErr(ctx.Tr("repo.release.tag_name_protected"), tplReleaseNew, &form)
case git.IsErrNotExist(err):
ctx.RenderWithErr(ctx.Tr("repo.release.tag_target_not_exist", form.Target), tplReleaseNew, &form)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You should use new JSON-based "form-fetch-action", instead of the fragile RenderWithErr. In most cases, RenderWithErr is wrong and the template is not able to recover to the correct state.

return false, ErrProtectedTagName{
TagName: rel.TagName,
if rel.PublisherID <= 0 {
u, err := user_model.GetUserByEmail(ctx, commit.Author.Email)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why you trust the commit's email and use it for Gitea's user?

Does it mean that I can use your email to create a commit then create a release, and then the publisher is recognized as you?

@wxiaoguang wxiaoguang marked this pull request as draft February 22, 2026 15:53
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Signed-off-by: Lunny Xiao <xiaolunwen@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. modifies/api This PR adds API routes or modifies them modifies/go Pull requests that update Go code type/bug type/refactoring Existing code has been cleaned up. There should be no new functionality.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants