Update gitea to include insecure flag on baseurl

2026-01-27 10:19:03 +00:00 · 2022-11-04 18:32:14 -07:00
parent b06dadf3ff
commit 0003fa65bb
2 changed files with 8 additions and 2 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,9 +3,9 @@ All notable changes to this project will be documented in this file.

 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)

-## [1.8.9] - unreleased
+## [1.9.0] - unreleased
 ### Added
- GHORG_INSECURE_GITEA_CLIENT to allow cloning from Gitea instances using http; thanks @zerrol
+- GHORG_INSECURE_GITEA_CLIENT to be explicit when cloning from Gitea instances using http; thanks @zerrol
 ### Changed
 ### Deprecated
 ### Removed
--- a/scm/gitea.go
+++ b/scm/gitea.go
@@ -102,6 +102,12 @@ func (_ Gitea) NewClient() (Client, error) {
 		baseURL = "https://gitea.com"
 	}

+	isHTTP := strings.HasPrefix(baseURL, "http://")
+
+	if isHTTP && (os.Getenv("GHORG_INSECURE_GITEA_CLIENT") != "true") {
+		colorlog.PrintErrorAndExit("You are attempting clone from an insecure Gitea instance. You must set the (--insecure-gitea-client) flag to proceed.")
+	}
+
 	c, err := gitea.NewClient(baseURL, gitea.SetToken(token))
 	if err != nil {
 		return nil, err