-
-
Notifications
You must be signed in to change notification settings - Fork 5.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Respect original content when creating secrets #24745
Conversation
There is a standard. https://html.spec.whatwg.org/multipage/forms.html#the-textarea-element
|
And this: https://www.w3.org/TR/REC-html40/interact/forms.html#h-17.13.3.2
|
Fix go-gitea#24721. Follow what GitHub does: - Don't trim spaces for secrets. - Newline should be `\n` instead of `\r\n`. Did some tests with: ```yaml name: secrets on: push jobs: show_secrets: runs-on: ubuntu-latest steps: - name: Dump secrets context run: echo '${{ toJSON(secrets) }}' | base64 ``` `AAAAAA`: ```text AAAAAA AAAAAA ``` `BBBBBB`: ```text BBBBBB BBBBBB ``` On GitHub: <img width="675" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/0ec60652-c2a3-47bb-9f9d-7e81665355a8"> On Gitea (before): <img width="673" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/cce818bf-5edc-4656-86e1-2c81c304cdb2"> On Gitea (after): <img width="673" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/0b3b15af-4d48-4bab-a334-4738a1b0eb4a">
Backport #24745 by @wolfogre Fix #24721. Follow what GitHub does: - Don't trim spaces for secrets. - Newline should be `\n` instead of `\r\n`. Did some tests with: ```yaml name: secrets on: push jobs: show_secrets: runs-on: ubuntu-latest steps: - name: Dump secrets context run: echo '${{ toJSON(secrets) }}' | base64 ``` `AAAAAA`: ```text AAAAAA AAAAAA ``` `BBBBBB`: ```text BBBBBB BBBBBB ``` On GitHub: <img width="675" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/0ec60652-c2a3-47bb-9f9d-7e81665355a8"> On Gitea (before): <img width="673" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/cce818bf-5edc-4656-86e1-2c81c304cdb2"> On Gitea (after): <img width="673" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/0b3b15af-4d48-4bab-a334-4738a1b0eb4a"> Co-authored-by: Jason Song <[email protected]>
Hmm… I don't know why this PR was merged, and why it is necessary in the first place. So, for me, the logical choice would be to restore the previous behavior to avoid user complaints.
I'm in favor of option 2. |
Oh, by the way, this PR was certainly not a bug but expected behavior. So, if at all it's an enhancement, although I'd still doubt that (see above).
on the original secrets PR. |
I generall prefer to trim all input fields as well, it's such a common user error that I think it warrants it. In case a user really wants untrimmed values, a option could be added to the user settings to disable the trimming. |
* giteaofficial/main: Enable two vue eslint rules (go-gitea#24780) Add two eslint plugins (go-gitea#24776) Mark `models/fixtures` as generated (go-gitea#24775) Fix TestMinioStorageIterator skip message (go-gitea#24765) Fix missed table name on iterate lfs meta objects (go-gitea#24768) Revert "Fix missed table name on iterate lfs meta objects" (go-gitea#24764) Make the color of zero-contribution-squares in the activity heatmap more subtle (go-gitea#24758) Fix missed table name on iterate lfs meta objects Skip TestMinioStorageIterator on CI (go-gitea#24762) Support no label/assignee filter and batch clearing labels/assignees (go-gitea#24707) Support for status check pattern (go-gitea#24633) Updates to doc (go-gitea#24757) Ignore build for docs only (go-gitea#24761) Fix team members API endpoint pagination (go-gitea#24754) Make mailer SMTP check have timed context (go-gitea#24751) Add @garymoon to MAINTAINERS (go-gitea#24752) Skip TestRepoCommitsStatusParallel on CI (go-gitea#24741) Respect original content when creating secrets (go-gitea#24745)
…itea#24746) Backport go-gitea#24745 by @wolfogre Fix go-gitea#24721. Follow what GitHub does: - Don't trim spaces for secrets. - Newline should be `\n` instead of `\r\n`. Did some tests with: ```yaml name: secrets on: push jobs: show_secrets: runs-on: ubuntu-latest steps: - name: Dump secrets context run: echo '${{ toJSON(secrets) }}' | base64 ``` `AAAAAA`: ```text AAAAAA AAAAAA ``` `BBBBBB`: ```text BBBBBB BBBBBB ``` On GitHub: <img width="675" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/0ec60652-c2a3-47bb-9f9d-7e81665355a8"> On Gitea (before): <img width="673" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/cce818bf-5edc-4656-86e1-2c81c304cdb2"> On Gitea (after): <img width="673" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/0b3b15af-4d48-4bab-a334-4738a1b0eb4a"> Co-authored-by: Jason Song <[email protected]> (cherry picked from commit e4f200e)
Fix #24721.
Follow what GitHub does:
\n
instead of\r\n
.Did some tests with:
AAAAAA
:BBBBBB
:On GitHub:
On Gitea (before):
On Gitea (after):