From 0003fa65bbac01bd96c2afe5fcbafccb128722e3 Mon Sep 17 00:00:00 2001
From: Jay Gabriels <jgabriels30@gmail.com>
Date: Fri, 4 Nov 2022 18:32:14 -0700
Subject: [PATCH] Update gitea to include insecure flag on baseurl

---
 CHANGELOG.md | 4 ++--
 scm/gitea.go | 6 ++++++
 2 files changed, 8 insertions(+), 2 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index f51ef51..3768c69 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -3,9 +3,9 @@ All notable changes to this project will be documented in this file.
 
 The format is based on [Keep a Changelog](http://keepachangelog.com/en/1.0.0/)
 
-## [1.8.9] - unreleased
+## [1.9.0] - unreleased
 ### Added
-- GHORG_INSECURE_GITEA_CLIENT to allow cloning from Gitea instances using http; thanks @zerrol
+- GHORG_INSECURE_GITEA_CLIENT to be explicit when cloning from Gitea instances using http; thanks @zerrol
 ### Changed
 ### Deprecated
 ### Removed
diff --git a/scm/gitea.go b/scm/gitea.go
index c446258..152f6ad 100644
--- a/scm/gitea.go
+++ b/scm/gitea.go
@@ -102,6 +102,12 @@ func (_ Gitea) NewClient() (Client, error) {
 		baseURL = "https://gitea.com"
 	}
 
+	isHTTP := strings.HasPrefix(baseURL, "http://")
+
+	if isHTTP && (os.Getenv("GHORG_INSECURE_GITEA_CLIENT") != "true") {
+		colorlog.PrintErrorAndExit("You are attempting clone from an insecure Gitea instance. You must set the (--insecure-gitea-client) flag to proceed.")
+	}
+
 	c, err := gitea.NewClient(baseURL, gitea.SetToken(token))
 	if err != nil {
 		return nil, err