193e04c43b
Backport #26664 by @CaiCandong
> ### Description
> If a new branch is pushed, and the repository has a rule that would
require signed commits for the new branch, the commit is rejected with a
500 error regardless of whether it's signed.
>
> When pushing a new branch, the "old" commit is the empty ID
(0000000000000000000000000000000000000000). verifyCommits has no
provision for this and passes an invalid commit range to git rev-list.
Prior to 1.19 this wasn't an issue because only pre-existing individual
branches could be protected.
>
> I was able to reproduce with
[try.gitea.io/CraigTest/test](https://try.gitea.io/CraigTest/test),
which is set up with a blanket rule to require commits on all branches.
Fix #25565
Very thanks to @Craig-Holmquist-NTI for reporting the bug and suggesting
an valid solution!
Co-authored-by: CaiCandong <50507092+CaiCandong@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit
|
||
---|---|---|
.. | ||
tests/repos | ||
actions.go | ||
default_branch.go | ||
hook_post_receive.go | ||
hook_pre_receive.go | ||
hook_proc_receive.go | ||
hook_verification.go | ||
hook_verification_test.go | ||
internal.go | ||
internal_repo.go | ||
key.go | ||
mail.go | ||
main_test.go | ||
manager.go | ||
manager_process.go | ||
manager_unix.go | ||
manager_windows.go | ||
restore_repo.go | ||
serv.go | ||
ssh_log.go |