mirror of
https://codeberg.org/forgejo/forgejo.git
synced 2024-10-31 22:38:58 +00:00
193e04c43b
Backport #26664 by @CaiCandong
> ### Description
> If a new branch is pushed, and the repository has a rule that would
require signed commits for the new branch, the commit is rejected with a
500 error regardless of whether it's signed.
>
> When pushing a new branch, the "old" commit is the empty ID
(0000000000000000000000000000000000000000). verifyCommits has no
provision for this and passes an invalid commit range to git rev-list.
Prior to 1.19 this wasn't an issue because only pre-existing individual
branches could be protected.
>
> I was able to reproduce with
[try.gitea.io/CraigTest/test](https://try.gitea.io/CraigTest/test),
which is set up with a blanket rule to require commits on all branches.
Fix #25565
Very thanks to @Craig-Holmquist-NTI for reporting the bug and suggesting
an valid solution!
Co-authored-by: CaiCandong <50507092+CaiCandong@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| tests/repos | ||
| actions.go | ||
| default_branch.go | ||
| hook_post_receive.go | ||
| hook_pre_receive.go | ||
| hook_proc_receive.go | ||
| hook_verification.go | ||
| hook_verification_test.go | ||
| internal.go | ||
| internal_repo.go | ||
| key.go | ||
| mail.go | ||
| main_test.go | ||
| manager.go | ||
| manager_process.go | ||
| manager_unix.go | ||
| manager_windows.go | ||
| restore_repo.go | ||
| serv.go | ||
| ssh_log.go | ||