Support nuspec manifest download for nuget packages #28921
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
GiteaBot
added
the
lgtm/need 2
pull-request-size
bot
added
the
size/L
github-actions
bot
added
the
modifies/api
Closed
delvh
changed the title
|
I think it would be better if we would store the nuspec file as additional file in the package version instead of generating it. The original file could/will have additional data we don't need for the package registry and don't store in the metadata. So we can't re-generate the full nuspec file afterwards. |
|
sure, but that's out of my go skills. sorry. this implementation satisfies our needs for renovate bot. |
|
new idea: read nuspec from package and add to cache. so later request can leverage the cache. cache can also be filled when package is uploaded. WDYT? |
|
we can also store it aside the package and serve directly if available. fallback to extract from package and put to cache in both cases. |
viceice
force-pushed
the
feat/nuget-api-nuspec
branch
from
2eba909
to
a447a1c
Compare
|
@KN4CK3R Can you please check this version? |
|
Converting to draft, doctor is not working as expected. |
It's easier than what you have currently actually: diff --git a/modules/packages/nuget/metadata.go b/modules/packages/nuget/metadata.go
index 6769c514cc..1e98ddffde 100644
--- a/modules/packages/nuget/metadata.go
+++ b/modules/packages/nuget/metadata.go
@@ -48,10 +48,11 @@ const maxNuspecFileSize = 3 * 1024 * 1024
// Package represents a Nuget package
type Package struct {
- PackageType PackageType
- ID string
- Version string
- Metadata *Metadata
+ PackageType PackageType
+ ID string
+ Version string
+ Metadata *Metadata
+ NuspecContent *bytes.Buffer
}
// Metadata represents the metadata of a Nuget package
@@ -138,8 +139,9 @@ func ParsePackageMetaData(r io.ReaderAt, size int64) (*Package, error) {
// ParseNuspecMetaData parses a Nuspec file to retrieve the metadata of a Nuget package
func ParseNuspecMetaData(archive *zip.Reader, r io.Reader) (*Package, error) {
+ var nuspecBuf bytes.Buffer
var p nuspecPackage
- if err := xml.NewDecoder(r).Decode(&p); err != nil {
+ if err := xml.NewDecoder(io.TeeReader(r, &nuspecBuf)).Decode(&p); err != nil {
return nil, err
}
@@ -212,10 +214,11 @@ func ParseNuspecMetaData(archive *zip.Reader, r io.Reader) (*Package, error) {
}
}
return &Package{
- PackageType: packageType,
- ID: p.Metadata.ID,
- Version: toNormalizedVersion(v),
- Metadata: m,
+ PackageType: packageType,
+ ID: p.Metadata.ID,
+ Version: toNormalizedVersion(v),
+ Metadata: m,
+ NuspecContent: &nuspecBuf,
}, nil
}
diff --git a/routers/api/packages/nuget/nuget.go b/routers/api/packages/nuget/nuget.go
index c28bc6c9d9..34dcda4e2d 100644
--- a/routers/api/packages/nuget/nuget.go
+++ b/routers/api/packages/nuget/nuget.go
@@ -431,7 +431,7 @@ func UploadPackage(ctx *context.Context) {
return
}
- _, _, err := packages_service.CreatePackageAndAddFile(
+ pv, _, err := packages_service.CreatePackageAndAddFile(
ctx,
&packages_service.PackageCreationInfo{
PackageInfo: packages_service.PackageInfo{
@@ -465,6 +465,35 @@ func UploadPackage(ctx *context.Context) {
return
}
+ nuspecBuf, err := packages_module.CreateHashedBufferFromReaderWithSize(np.NuspecContent, np.NuspecContent.Len())
+ if err != nil {
+ apiError(ctx, http.StatusInternalServerError, err)
+ return
+ }
+ defer nuspecBuf.Close()
+
+ _, err = packages_service.AddFileToPackageVersionInternal(
+ ctx,
+ pv,
+ &packages_service.PackageFileCreationInfo{
+ PackageFileInfo: packages_service.PackageFileInfo{
+ Filename: strings.ToLower(fmt.Sprintf("%s.nuspec", np.ID)),
+ },
+ Creator: ctx.Doer,
+ Data: nuspecBuf,
+ IsLead: false,
+ },
+ )
+ if err != nil {
+ switch err {
+ case packages_service.ErrQuotaTotalCount, packages_service.ErrQuotaTypeSize, packages_service.ErrQuotaTotalSize:
+ apiError(ctx, http.StatusForbidden, err)
+ default:
+ apiError(ctx, http.StatusInternalServerError, err)
+ }
+ return
+ }
+
ctx.Status(http.StatusCreated)
}Nothing else is needed (+ tests). I have a branch currently with some NuGet changes for #30265. If you don't mind I could add this there too and add you as co-author. It doesn't add the nuspec file to existing packages with a migration but that may not be a big problem. I thought about a button in the package settings which would reinitialize (meta) data from the stored package (similar to what your doctor command would do) but that would be different PR. |
|
I've done the complex part, because I don't want to store the full manifest in the database a second time. most other nuget API implementations are storing the nuspec aside the nupkg. feel free to do your own implementation instead of this. |
|
It's not stored in the database but as file, same as your code. I'm surprised the tests are passing because the hashed buffer is read twice (first nuspec parsing and when storing the file). The second read should already be at the end. |
🙈 I should have read your diff more closely
I've a seek to begin somewhere 🙃 |
Searched and did not find it. But it's here in line 633 |
viceice
force-pushed
the
feat/nuget-api-nuspec
branch
from
a447a1c
to
e486d77
Compare
|
Updated PR with your suggestions and added a doctor integration test |
viceice
force-pushed
the
feat/nuget-api-nuspec
branch
2 times, most recently
from
3618990
to
5a54d47
Compare
viceice
commented
Apr 5, 2024
GiteaBot
added
lgtm/need 1
|
Will send some additions for the tests tomorrow. Then we can merge it.
|
pull-request-size
bot
added
size/L
KN4CK3R
approved these changes
Apr 17, 2024
GiteaBot
added
lgtm/done
lunny
added
the
reviewed/wait-merge
wxiaoguang
removed
the
reviewed/wait-merge
|
CI fails |
zjjhot
added a commit
to zjjhot/gitea
that referenced
this pull request
Apr 18, 2024
* giteaofficial/main: Add an api test for updating user (go-gitea#30539) [skip ci] Updated translations via Crowdin Expose fuzzy search for issues/pulls (go-gitea#29701) Allow everyone to read or write a wiki by a repo unit setting (go-gitea#30495) Support nuspec manifest download for nuget packages (go-gitea#28921) Fix branch_protection api shows users/teams who has no readAccess (go-gitea#30291) Correct locale string rendering (go-gitea#30522) Run `go generate` and `go vet` on all packages (go-gitea#30529) Fix and tweak pull request commit list (go-gitea#30528) Refactor web routes (go-gitea#30519) Fix install page checkboxes and dropdown width (go-gitea#30526) # Conflicts: # routers/web/user/home.go # templates/user/dashboard/issues.tmpl
|
@KN4CK3R does this PR add support for reading Or is |
|
It's only displayed on the package page but I think you talk about auto-linking a package to repository? Then no, that's not part of this PR. |
Thanks. I am looking for a way to read the |
|
If you want to access the nuspec file from an external service, then yes, you can download that file from |
|
Thanks! Works with 1.22.0-RC.1 for newly uploaded packages or also new versions of a package. |
TKaxv-7S
added a commit
to TKaxv-7S/gitea
that referenced
this pull request
May 29, 2024
This release stands as a monumental milestone in our development journey with a record-breaking incorporation of [1528](https://github.com/go-gitea/gitea/pulls?q=is%3Apr+milestone%3A1.22.0+is%3Amerged) pull requests. It marks the most extensive update in Gitea's history, showcasing a plethora of new features and infrastructure improvements. Noteworthy advancements in this release include the introduction of `HTMX` and `Tailwind`, signaling a strategic shift as we gradually phase out `jquery` and `Fomantic UI`. These changes reflect our commitment to embracing modern technologies and enhancing the user experience. Key highlights of this release encompass significant changes categorized under `BREAKING`, `FEATURES`, `ENHANCEMENTS`, and `PERFORMANCE`, each contributing to a more robust and efficient Gitea platform. * BREAKING * Improve reverse proxy documents and clarify the AppURL guessing behavior (go-gitea#31003) (go-gitea#31020) * Remember log in for a month by default (go-gitea#30150) * Breaking summary for template refactoring (go-gitea#29395) * All custom templates need to follow these changes * Recommend/convert to use case-sensitive collation for MySQL/MSSQL (go-gitea#28662) * Make offline mode as default to not connect external avatar service by default (go-gitea#28548) * Include public repos in the doer's dashboard for issue search (go-gitea#28304) * Use restricted sanitizer for repository description (go-gitea#28141) * Support storage base path as prefix (go-gitea#27827) * Enhanced auth token / remember me (go-gitea#27606) * Rename the default themes to `gitea-light`, `gitea-dark`, `gitea-auto` (go-gitea#27419) * If you didn't see the new themes, please remove the `[ui].THEMES` config option from `app.ini` * Require MySQL 8.0, PostgreSQL 12, MSSQL 2012 (go-gitea#27337) * FEATURES * Allow everyone to read or write a wiki by a repo unit setting (go-gitea#30495) * Use raw Wiki links for non-renderable Wiki files (go-gitea#30273) * Render embedded code preview by permalink in markdown (go-gitea#30234) (go-gitea#30249) * Support repo code search without setting up an indexer (go-gitea#29998) * Support pasting URLs over markdown text (go-gitea#29566) * Allow to change primary email before account activation (go-gitea#29412) * Customizable "Open with" applications for repository clone (go-gitea#29320) * Allow options to disable user deletion from the interface on app.ini (go-gitea#29275) * Extend issue template YAML engine (go-gitea#29274) * Add support for `linguist-detectable` and `linguist-documentation` (go-gitea#29267) * Implement code frequency graph (go-gitea#29191) * Show commit status for releases (go-gitea#29149) * Add user blocking (go-gitea#29028) * Actions Artifacts v4 backend (go-gitea#28965) * Add merge style `fast-forward-only` (go-gitea#28954) * Retarget depending pulls when the parent branch is deleted (go-gitea#28686) * Add global setting on how timestamps should be rendered (go-gitea#28657) * Implement actions badge SVGs (go-gitea#28102) * Add skip ci functionality (go-gitea#28075) * Show latest commit for file (go-gitea#28067) * Allow to sync tags from the admin dashboard (go-gitea#28045) * Add Profile Readme for Organisations (go-gitea#27955) * Implement contributors graph (go-gitea#27882) * Artifact deletion in actions ui (go-gitea#27172) * Add API routes to get runner registration token (go-gitea#27144) * Add support for forking single branch (go-gitea#25821) * Add support for sha256 repositories (go-gitea#23894) * Add admin API route for managing user's badges (go-gitea#23106) * ENHANCEMENTS * Make gitea webhooks openproject compatible (go-gitea#28435) (go-gitea#31081) * Support using label names when changing issue labels (go-gitea#30943) (go-gitea#30958) * Fix various problems around project board view (go-gitea#30696) (go-gitea#30902) * Improve context popup rendering (go-gitea#30824) (go-gitea#30829) * Allow to save empty comment (go-gitea#30706) * Prevent allow/reject reviews on merged/closed PRs (go-gitea#30686) * Initial support for colorblindness-friendly themes (go-gitea#30625) * Some NuGet package enhancements (go-gitea#30280) (go-gitea#30324) * Markup color and font size fixes (go-gitea#30282) (go-gitea#30310) * Show 12 lines in markup code preview (go-gitea#30255) (go-gitea#30257) * Add `[other].SHOW_FOOTER_POWERED_BY` setting to hide `Powered by` (go-gitea#30253) * Pulse page improvements (go-gitea#30149) * Render code tags in commit messages (go-gitea#30146) * Prevent re-review and dismiss review actions on closed and merged PRs (go-gitea#30065) * Cancel previous runs of the same PR automatically (go-gitea#29961) * Drag-and-drop improvements for projects and issue pins (go-gitea#29875) * Add default board to new projects, remove uncategorized pseudo-board (go-gitea#29874) * Prevent layout shift in `<overflow-menu>` items (go-gitea#29831) * Add skip ci support for pull request title (go-gitea#29774) * Add more stats tables (go-gitea#29730) * Update API to return 'source_id' for users (go-gitea#29718) * Determine fuzziness of bleve indexer by keyword length (go-gitea#29706) * Expose fuzzy search for issues/pulls (go-gitea#29701) * Put an edit file button on pull request files to allow a quick operation (go-gitea#29697) * Fix action runner offline label padding (go-gitea#29691) * Update allowed attachment types (go-gitea#29688) * Completely style the webkit autofill (go-gitea#29683) * Highlight archived labels (go-gitea#29680) * Add a warning for disallowed email domains (go-gitea#29658) * Set user's 24h preference from their current OS locale (go-gitea#29651) * Add setting to disable user features when user login type is not plain (go-gitea#29615) * Improve natural sort (go-gitea#29611) * Make wiki default branch name changeable (go-gitea#29603) * Unify search boxes (go-gitea#29530) * Add support for API blob upload of release attachments (go-gitea#29507) * Detect broken git hooks (go-gitea#29494) * Sync branches to DB immediately when handling git hook calling (go-gitea#29493) * Allow options to disable user GPG key configuration from the interface on app.ini (go-gitea#29486) * Allow options to disable user SSH key configuration from the interface on app.ini (go-gitea#29447) * Use relative links for commits, mentions, and issues in markdown (go-gitea#29427) * Add `<overflow-menu>`, rename webcomponents (go-gitea#29400) * Include resource state events in Gitlab downloads (go-gitea#29382) * Properly migrate target branch change GitLab comment (go-gitea#29340) * Recolor dark theme to blue shade (go-gitea#29283) * Partially enable MSSQL case-sensitive collation support (go-gitea#29238) * Auto-update the system status in the admin dashboard (go-gitea#29163) * Integrate alpine `noarch` packages into other architectures index (go-gitea#29137) * Document how the TOC election process works (go-gitea#29135) * Tweak repo header (go-gitea#29134) * Make blockquote border size less aggressive (go-gitea#29124) * Downscale pasted PNG images based on metadata (go-gitea#29123) * Show `View at this point in history` for every commit (go-gitea#29122) * Add support for action artifact serve direct (go-gitea#29120) * Change webhook-type in create-view (go-gitea#29114) * Drop "@" from the email sender to avoid spam filters (go-gitea#29109) * Allow non-admin users to delete review requests (go-gitea#29057) * Improve user search display name (go-gitea#29002) * Include username in email headers (go-gitea#28981) * Show whether a PR is WIP inside popups (go-gitea#28975) * Also match weakly validated ETags (go-gitea#28957) * Support nuspec manifest download for Nuget packages (go-gitea#28921) * Fix hardcoded GitHub icon used as migrated release avatar (go-gitea#28910) * Propagate install_if and provider_priority to APKINDEX (go-gitea#28899) * Add artifacts v4 JWT to job message and accept it (go-gitea#28885) * Enable/disable owner and repo projects independently (go-gitea#28805) * Add non-JS fallback for reaction tooltips (go-gitea#28785) * Add the ability to see open and closed issues at the same time (go-gitea#28757) * Move sign-in labels to be above inputs (go-gitea#28753) * Display the latest sync time for pull mirrors on the repo page (go-gitea#28712) * Show in Web UI if the file is vendored and generated (go-gitea#28620) * Add orphaned topic consistency check (go-gitea#28507) * Add branch protection setting for ignoring stale approvals (go-gitea#28498) * Add option to set language in admin user view (go-gitea#28449) * Fix incorrect run order of action jobs (go-gitea#28367) * Add missing exclusive in advanced label options (go-gitea#28322) * Added instance-level variables (go-gitea#28115) * Add edit option for README.md (go-gitea#28071) * Fix link to `Code` tab on wiki commits (go-gitea#28041) * Allow to set explore page default sort (go-gitea#27951) * Improve PR diff view on mobile (go-gitea#27883) * Properly migrate automatic merge GitLab comments (go-gitea#27873) * Display issue task list on project cards (go-gitea#27865) * Add Index to pull_auto_merge.doer_id (go-gitea#27811) * Fix display member unit in the menu bar if there are no hidden members in public org (go-gitea#27795) * List all Debian package versions in `Packages` (go-gitea#27786) * Allow pull requests Manually Merged option to be used by non-admins (go-gitea#27780) * Only show diff file tree when more than one file changed (go-gitea#27775) * Show placeholder email in privacy popup (go-gitea#27770) * Revamp repo header (go-gitea#27760) * Add `must-change-password` command line parameter (go-gitea#27626) * Unify password changing and invalidate auth tokens (go-gitea#27625) * Add border to file tree 'sub-items' and add padding to 'item-file' (go-gitea#27593) * Add slow SQL query warning (go-gitea#27545) * Pre-register OAuth application for tea (go-gitea#27509) * Differentiate between `push` and `pull` `mirror sync in progress` (go-gitea#27390) * Link to file from its history (go-gitea#27354) * Add a shortcut to user's profile page to admin user details (go-gitea#27299) * Doctor: delete action entries without existing user (go-gitea#27292) * Show total TrackedTime on issue/pull/milestone lists (go-gitea#26672) * Don't show the new pull request button when the page is not compare pull (go-gitea#26431) * Add `Hide/Show all checks` button to commit status check (go-gitea#26284) * Improvements of releases list and tags list (go-gitea#25859) * PERFORMANCE * Fix package list performance (go-gitea#30520) (go-gitea#30616) * Add commit status summary table to reduce query from commit status table (go-gitea#30223) * Refactor markup/csv: don't read all to memory (go-gitea#29760) * Lazy load object format with command line and don't do it in OpenRepository (go-gitea#29712) * Add cache for branch divergence on branch list page (go-gitea#29577) * Do some performance optimization for issues list and view issue/pull (go-gitea#29515) * Cache repository default branch commit status to reduce query on commit status table (go-gitea#29444) * Use `crypto/sha256` (go-gitea#29386) * Some performance optimization on the dashboard and issues page (go-gitea#29010) * Add combined index for issue_user.uid and issue_id (go-gitea#28080) # -----BEGIN PGP SIGNATURE----- # # iQIzBAABCAAdFiEEumb2f9c/cFjXEtMIw7fJG2Mvc4oFAmZUPBEACgkQw7fJG2Mv # c4polxAAjJgg1UISxasNGbX/V4G2P9eeXam9lQ5DYAGS6d+RYdTcYdGSbOZujIGG # cVqoZjYCJm7b3KuL1Jjrf7sIAjPB3E9gO8aJ3r+6PGjRpMwCACPUlCo8QWRPDhcU # /eWleWFs59ZMxHnHT3oLH0TGwbdY4tc35/iKElUIc6sX8WBal0SsYScfBJrRTtS/ # DxBaovmkiG0RUWHK3mK0zHrRW9nJecz/4XFWIHgBjKzvCHlzSYrOjUPvytERlWtO # o7i+1Wsret1JLWoW53L3ZQIXCwBBLYjsan9oq7YgSD0Usl9En3o0+S06+TVNiWMp # MNbOQt2SQsIJPPP83pql+rPbKqAp1dibWXLF70mJrBVpdw/b0VHK2K8fIa5Eiilk # EOR9D8uoOgjvxWVjNI9Gg+lzbT0KoQI90Iexwcloq22MDFPJC3EqirDpwBdkZFJA # 5/6iGvPILD1SVkAzjdMD6Ukc8zWwPVLENwcTCVxr8H2q6/Jbo+29WIlCM+/0a0t3 # 1kN77Yx1So9VFUOqPjHsoO72Wc/Zved1ZDqg9UgqP6L2dH2ns0mh92QM+Pplqi2T # NsJQih4NeZsfDQ7rm0oMcvFqV21a62zZYDi/KqFePRAs5D9K4PU2EmR7jcvf4uax # ZRyHsqDh00/OSYE/CefriyIMshWmTVCDbT/I3/SCXZX1scrKa3k= # =UO/N # -----END PGP SIGNATURE----- # gpg: Signature made Mon, May 27, 2024 3:53:53 PM # gpg: using RSA key BA66F67FD73F7058D712D308C3B7C91B632F738A # gpg: Can't check signature: No public key # Conflicts: # .github/workflows/release-nightly.yml
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Support downloading nuget nuspec manifest1. This is useful for renovate because it uses this api to find the corresponding repository
Footnotes
https://learn.microsoft.com/en-us/nuget/api/package-base-address-resource#download-package-manifest-nuspec ↩