gitea: /repos/issue/search API is broken

I’m trying to get list of all open PR within the system via API. When I’m trying to execute /repos/issue/search API request (even without search parameters, even without authentication – just curl -X GET "https://try.gitea.io/api/v1/repos/issues/search") I’m retrieving the following error: Find: too many SQL variables

  • Gitea version: 1.12.0+dev-3-g9269b7f62
  • full request:curl -X GET "https://try.gitea.io/api/v1/repos/issues/search?state=open&type=pulls" -H "accept: application/json" -H "authorization: Basic ZGF2c0BqYXZhbml4LmNvbTpkYXZ5ZG92dnY="

P.S. I have local system of 1.11.2 version and don’t have such issue.

About this issue

  • Original URL
  • State: closed
  • Created 4 years ago
  • Reactions: 2
  • Comments: 17 (15 by maintainers)

Most upvoted comments

Does it still happen?

image

+4
a1012112796 on May 27, 2020

The problem is this:

	for page := 1; ; page++ {
		opts.Page = page
		repos, count, err := models.SearchRepositoryByName(opts)
		if err != nil {
			ctx.Error(http.StatusInternalServerError, "SearchRepositoryByName", err)
			return
		}

		if len(repos) == 0 {
			break
		}
		log.Trace("Processing next %d repos of %d", len(repos), count)
		for _, repo := range repos {
			switch isClosed {
			case util.OptionalBoolTrue:
				issueCount += repo.NumClosedIssues
			case util.OptionalBoolFalse:
				issueCount += repo.NumOpenIssues
			case util.OptionalBoolNone:
				issueCount += repo.NumIssues
			}
			repoIDs = append(repoIDs, repo.ID)
		}
	}

This extracts all of the repo IDs that the search options could have found - I.e. Every repo that the user has access to… (Even worse than that it actually extracts all the repos out of the db.)

then:

	if len(keyword) > 0 && len(repoIDs) > 0 {
		issueIDs, err = issue_indexer.SearchIssuesByKeyword(repoIDs, keyword)
	}

plugs them all back in to a single SQL query.

On a big site like try there are likely easily >900 repos that a user could see - SQLite limits the number of variables to 999.

We shouldn’t be doing it this way

+3
zeripath on May 28, 2020

Or should I say: genau

+2
zeripath on May 28, 2020
Read more comments on GitHub
← gitea: repo/header:53:150: executing "repo/header" at <EscapePound>: invalid value; expected string
gitea: Respository's home page not updated after first push →