github-starred/gitea
2
0
Fork 0
mirror of https://github.com/go-gitea/gitea.git synced 2026-03-12 02:24:21 -05:00
Code Issues 2.6k Packages Projects Releases 100 Wiki Activity

Invalid HTML templates should fail to compile #13158

New Issue
Open
opened 2025-11-02 10:33:07 -06:00 by GiteaMirror · 1 comment
GiteaMirror commented 2025-11-02 10:33:07 -06:00
Owner
Copy Link

Originally created by @jtran on GitHub (Jun 14, 2024).

Feature Description

For a long time, I've wished that HTML templates would fail to compile when referencing a variable that doesn't exist or in other obviously wrong scenarios. Because of the way Gitea uses maps and template helpers now, this is currently not the case.

Could we switch to Templ? https://github.com/a-h/templ

I floated the idea in Gitea's Discord, and some people seemed interested.

I heard that maintainer sentiment is generally positive, but that was in 2023 and there were a few concerns:

  • What are all the differences? We'd like to know so that we can understand the amount of effort in migrating. Perhaps a migration guide could be helpful.
  • Difficulty of making the change while other frontend changes are being made. Perhaps it means coordination with other initiatives.
  • Security of the library, contrasted with the current more battle-tested one. templ has a security guide section. Perhaps an audit of the source needs to be done.
  • How would this work with template customization [link]? Would customization still work? Would users need to recompile when they change their custom templates? Gitea routinely makes breaking changes to custom templates; would this improve that situation?

I understand that this is a big undertaking. I'm opening the issue to have a place to put the conversation for anyone else thinking about a similar thing.

I apologize in advance if there's already another plan in place that I don't know about.

Screenshots

No response

Originally created by @jtran on GitHub (Jun 14, 2024). ### Feature Description For a long time, I've wished that HTML templates would fail to compile when referencing a variable that doesn't exist or in other obviously wrong scenarios. Because of the way Gitea uses maps and template helpers now, this is currently not the case. Could we switch to Templ? https://github.com/a-h/templ I floated the idea in [Gitea's Discord](https://discord.com/channels/322538954119184384/322910365237248000/1183782454415339631), and some people seemed interested. I heard that maintainer sentiment is generally positive, but that was in 2023 and there were a few concerns: - What are all the differences? We'd like to know so that we can understand the amount of effort in migrating. Perhaps a migration guide could be helpful. - Difficulty of making the change while other frontend changes are being made. Perhaps it means coordination with other initiatives. - Security of the library, contrasted with the current more battle-tested one. templ has a [security guide section](https://templ.guide/security/injection-attacks). Perhaps an audit of the source needs to be done. - How would this work with template customization [[link]](https://discord.com/channels/322538954119184384/322910365237248000/1184149256672649286)? Would customization still work? Would users need to recompile when they change their custom templates? Gitea routinely makes breaking changes to custom templates; would this improve that situation? I understand that this is a big undertaking. I'm opening the issue to have a place to put the conversation for anyone else thinking about a similar thing. I apologize in advance if there's already another plan in place that I don't know about. ### Screenshots _No response_
GiteaMirror added the type/proposal label 2025-11-02 10:33:07 -06:00
GiteaMirror commented 2025-11-02 10:33:08 -06:00
Author
Owner
Copy Link

@lunny commented on GitHub (Jun 15, 2024):

Maybe not in compile, we can have a template test tool or sub-command to test whether the template will fail. I think this is an easier way to resolve the current problem. i.e. We can have a ./gitea doctor check-templates to check the templates. And changing the template system could be a long-term plan which can be discussed more.

@lunny commented on GitHub (Jun 15, 2024): Maybe not in compile, we can have a template test tool or sub-command to test whether the template will fail. I think this is an easier way to resolve the current problem. i.e. We can have a `./gitea doctor check-templates` to check the templates. And changing the template system could be a long-term plan which can be discussed more.
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
$20
$250
$50
$500
backport/done
💎 Bounty
docs-update-needed
good first issue
hacktoberfest
issue/bounty
issue/confirmed
issue/critical
issue/duplicate
issue/needs-feedback
issue/not-a-bug
issue/regression
issue/stale
issue/workaround
lgtm/need 2
modifies/api
modifies/translation
outdated/backport/v1.18
outdated/theme/markdown
outdated/theme/timetracker
performance/bigrepo
performance/cpu
performance/memory
performance/speed
pr/breaking
proposal/accepted
proposal/rejected
pr/wip
pull-request
Mirrored from GitHub Pull Request
 reviewed/wontfix
💰 Rewarded
skip-changelog
status/blocked
topic/accessibility
topic/api
topic/authentication
topic/build
topic/code-linting
topic/commit-signing
topic/content-rendering
topic/deployment
topic/distribution
topic/federation
topic/gitea-actions
topic/issues
topic/lfs
topic/mobile
topic/moderation
topic/packages
topic/pr
topic/projects
topic/repo
topic/repo-migration
topic/security
topic/theme
topic/ui
topic/ui-interaction
topic/ux
topic/webhooks
topic/wiki
type/bug
type/deprecation
type/docs
type/enhancement
type/feature
type/miscellaneous
type/proposal
type/question
type/refactoring
type/summary
type/testing
type/upstream
No Label type/proposal
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
GiteaMirror ninjasurge
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: github-starred/gitea#13158
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?