fix: resolve lint issues in handlers and middleware
All checks were successful
Check / check (pull_request) Successful in 11m26s
All checks were successful
Check / check (pull_request) Successful in 11m26s
This commit is contained in:
clawbot
@@ -20,6 +20,16 @@ var (
|
||||
// Only the "git" user is allowed, as that is the standard for SSH deploy keys.
|
||||
var scpLikeRepoRe = regexp.MustCompile(`^git@[a-zA-Z0-9._-]+:.+$`)
|
||||
|
||||
// allowedRepoSchemes lists the URL schemes accepted for repository URLs.
|
||||
//
|
||||
//nolint:gochecknoglobals // package-level constant map parsed once
|
||||
var allowedRepoSchemes = map[string]bool{
|
||||
"https": true,
|
||||
"http": true,
|
||||
"ssh": true,
|
||||
"git": true,
|
||||
}
|
||||
|
||||
// validateRepoURL checks that the given repository URL is valid and uses an allowed scheme.
|
||||
func validateRepoURL(repoURL string) error {
|
||||
if strings.TrimSpace(repoURL) == "" {
|
||||
@@ -41,17 +51,17 @@ func validateRepoURL(repoURL string) error {
|
||||
return errRepoURLScheme
|
||||
}
|
||||
|
||||
// Parse as standard URL
|
||||
return validateParsedRepoURL(repoURL)
|
||||
}
|
||||
|
||||
// validateParsedRepoURL validates a standard URL-format repository URL.
|
||||
func validateParsedRepoURL(repoURL string) error {
|
||||
parsed, err := url.Parse(repoURL)
|
||||
if err != nil {
|
||||
return errRepoURLInvalid
|
||||
}
|
||||
|
||||
// Must have a recognized scheme
|
||||
switch strings.ToLower(parsed.Scheme) {
|
||||
case "https", "http", "ssh", "git":
|
||||
// OK
|
||||
default:
|
||||
if !allowedRepoSchemes[strings.ToLower(parsed.Scheme)] {
|
||||
return errRepoURLInvalid
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user