Gusted 5b3a82d621 [FEAT] Enable ambiguous character detection in configured contexts ... - The ambiguous character detection is an important security feature to combat against sourcebase attacks (https://trojansource.codes/). - However there are a few problems with the feature as it stands today (i) it's apparantly an big performance hitter, it's twice as slow as syntax highlighting (ii) it contains false positives, because it's reporting valid problems but not valid within the context of a programming language (ambiguous charachters in code comments being a prime example) that can lead to security issues (iii) charachters from certain languages always being marked as ambiguous. It's a lot of effort to fix the aforementioned issues. - Therefore, make it configurable in which context the ambiguous character detection should be run, this avoids running detection in all contexts such as file views, but still enable it in commits and pull requests diffs where it matters the most. Ideally this also becomes an per-repository setting, but the code architecture doesn't allow for a clean implementation of that. - Adds unit test. - Adds integration tests to ensure that the contexts and instance-wide is respected (and that ambigious charachter detection actually work in different places). - Ref: https://codeberg.org/forgejo/forgejo/pulls/2395#issuecomment-1575547 - Ref: https://codeberg.org/forgejo/forgejo/issues/564		2024-02-23 13:12:17 +01:00
..
actions	Implement some action notifier functions (#29173)	2024-02-19 22:58:32 +01:00
activitypub
analyze
assetfs
auth	Refactor locale&string&template related code (#29165)	2024-02-16 15:20:52 +01:00
avatar	[GITEA] Drop sha256-simd in favor of stdlib	2024-02-05 16:09:40 +01:00
base	Port "Use general token signing secret"	2024-02-19 20:49:37 +01:00
cache
charset	[FEAT] Enable ambiguous character detection in configured contexts	2024-02-23 13:12:17 +01:00
container
context	[BUG] Load AllUnitsEnabled when necessary	2024-02-21 12:48:26 +01:00
contexttest
csv	Refactor locale&string&template related code (#29165)	2024-02-16 15:20:52 +01:00
emoji
eventsource
generate	Port "Use general token signing secret"	2024-02-19 20:49:37 +01:00
git	[CLEANUP] make golangci-lint@v1.56.1 happy	2024-02-15 16:19:36 +01:00
gitgraph
gitrepo
graceful
hcaptcha
highlight
hostmatcher
html
httpcache
httplib
indexer	[gitea] fix: Elasticsearch: Request Entity Too Large #28117 (#29062)	2024-02-10 10:53:43 +01:00
issue/template
json
label
lfs	[GITEA] Drop sha256-simd in favor of stdlib	2024-02-05 16:09:40 +01:00
log
markup	[BUG] Restrict when to make link absolute in markdown	2024-02-19 20:56:00 +01:00
mcaptcha
metrics
migration	Refactor locale&string&template related code (#29165)	2024-02-16 15:20:52 +01:00
nosql
optional
options
packages
paginator
pprof
private
process
proxy
proxyprotocol
public
queue
recaptcha
references
regexplru
repository	[CLEANUP] make golangci-lint@v1.56.1 happy	2024-02-15 16:19:36 +01:00
secret	[GITEA] Drop sha256-simd in favor of stdlib	2024-02-05 16:09:40 +01:00
session
setting	[FEAT] Enable ambiguous character detection in configured contexts	2024-02-23 13:12:17 +01:00
sitemap
ssh
storage
structs	Add merge style fast-forward-only (#28954)	2024-02-14 17:19:19 +01:00
svg
sync
system
templates	Refactor more code in templates (#29236)	2024-02-19 22:58:32 +01:00
test	[TESTS] add log.Level to test.NewLogChecker	2024-02-05 16:54:44 +01:00
testlogger
timeutil	Refactor locale&string&template related code (#29165)	2024-02-16 15:20:52 +01:00
translation	Improve TrHTML and add more tests (#29228)	2024-02-19 22:58:33 +01:00
turnstile
typesniffer
updatechecker
upload
uri
user
util	Port "Use general token signing secret"	2024-02-19 20:49:37 +01:00
validation	[GITEA] add option for banning dots in usernames	2024-02-05 16:05:50 +01:00
web	Refactor locale&string&template related code (#29165)	2024-02-16 15:20:52 +01:00
webhook	[ACTIONS] on.schedule: the event is always "schedule"	2024-02-05 16:54:44 +01:00