domi/forgejo-domi
1
0
Fork 0
forked from forgejo/forgejo
Code Pull requests Activity

[GITEA] Add noreply email address as verified for SSH signed Git commits

Browse source 
- When someone really wants to avoid sharing their email, they could
configure git to use the noreply email for git commits. However if they
also wanted to use SSH signing, it would not show up as verified as the
noreply email address was technically not an activated email address for
the user.
- Add unit tests for the `ParseCommitWithSSHSignature` function.
- Resolves https://codeberg.org/Codeberg/Community/issues/946

(cherry picked from commit 1685de7eba)
(cherry picked from commit b1e8858de9)
This commit is contained in:
Gusted 2023-11-11 13:01:24 +01:00 committed by Earl Warren
parent c3aebcf16a
commit 1a6bf24d28
No known key found for this signature in database
GPG key ID: 0579CB2928A78A00
4 changed files with 166 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
models/asymkey/ssh_key_commit_verification.go
View file

@ -39,6 +39,12 @@ func ParseCommitWithSSHSignature(ctx context.Context, c *git.Commit, committer *
log.Error("GetEmailAddresses: %v", err)
}
// Add the noreply email address as verified address.
committerEmailAddresses = append(committerEmailAddresses, &user_model.EmailAddress{
IsActivated: true,
Email: committer.GetPlaceholderEmail(),
})
activated := false
for _, e := range committerEmailAddresses {
if e.IsActivated && strings.EqualFold(e.Email, c.Committer.Email) {