Add FAQ and improve gin's documentations (add docs for http 405, method not allowed)#378
Add FAQ and improve gin's documentations (add docs for http 405, method not allowed)#378appleboy merged 14 commits intogin-gonic:masterfrom
Conversation
- Updated dependencies in package.json: - Upgraded @astrojs/sitemap to version 3.6.0 - Upgraded @astrojs/starlight to version 0.36.2 - Added @astrojs/check and starlight-versions - Upgraded astro to version 5.15.3 - Added typescript as a dependency - Modified content.config.ts to include a commented-out version collection loader. - Improved security-headers.md by fixing formatting and adding an example using gin helmet for enhanced security headers. - Added a new FAQ document on handling unsupported HTTP methods in Gin, detailing how to configure the router to return a 405 Method Not Allowed response.
…ileSystem, and collection format for arrays
…static files, file uploads, JWT authentication, request logging, graceful shutdown, and performance optimization
- bump @astrojs/check from 0.9.5 to 0.9.6 - bump @astrojs/starlight from 0.36.2 to 0.37.0 - bump astro from 5.15.3 to 5.16.3 - bump sharp from 0.32.5 to 0.34.5
This reverts commit fccab54.
appleboy
left a comment
There was a problem hiding this comment.
Please do not modify unrelated files. Only make modifications to the documents.
package.json
Outdated
| "sharp": "^0.32.5" | ||
| "astro": "^5.16.3", | ||
| "sharp": "^0.34.5", | ||
| "starlight-versions": "^0.5.6", |
There was a problem hiding this comment.
Don't change the package.json and lock.json. Please revert it.
src/content.config.ts
Outdated
| export const collections = { | ||
| docs: defineCollection({ loader: docsLoader(), schema: docsSchema() }), | ||
| // versions: defineCollection({ loader: docsVersionsLoader() }), | ||
| }; |
|
@wathika-eng any feedback? |
- Updated @astrojs/sitemap to version 3.3.0 - Updated @astrojs/starlight to version 0.32.5 - Downgraded astro to version 5.15.9 - Downgraded sharp to version 0.32.5 - Added overrides for mdast-util-to-hast to version 13.2.1 - Removed commented-out versions collection in content.config.ts
There was a problem hiding this comment.
Pull request overview
This pull request significantly enhances the Gin framework documentation by adding comprehensive FAQ content, new feature examples for v1.11+, and improving the documentation infrastructure through dependency updates and configuration improvements.
Key changes:
- Added extensive FAQ section covering common questions about development setup, CORS, authentication, testing, and troubleshooting
- Documented new Gin v1.11+ features including collection formats, default form values, cookie handling, and HTML template loading from embedded filesystems
- Updated Astro/Starlight dependencies and improved configuration structure for better maintainability
Reviewed changes
Copilot reviewed 12 out of 15 changed files in this pull request and generated 5 comments.
Show a summary per file
| File | Description |
|---|---|
| src/content/docs/en/docs/index.md | Updated minimum required Go version to 1.24 |
| src/content/docs/en/docs/faq/method-not-allowed.md | Added new FAQ explaining how to enable HTTP 405 Method Not Allowed responses |
| src/content/docs/en/docs/faq/index.md | Added comprehensive FAQ covering general questions, performance, and troubleshooting |
| src/content/docs/en/docs/examples/security-headers.md | Added optional gin-helmet middleware example for security headers |
| src/content/docs/en/docs/examples/pure-json.md | Added example for aborting with PureJSON response (v1.11+) |
| src/content/docs/en/docs/examples/html-rendering.md | Added LoadHTMLFS example for embedded templates (v1.11+) |
| src/content/docs/en/docs/examples/cookie.md | Added SetCookieData example using http.Cookie (v1.11+) |
| src/content/docs/en/docs/examples/collection-format-for-arrays.md | New documentation for array collection formats in form binding (v1.11+) |
| src/content/docs/en/docs/examples/bind-default-values.md | New documentation for default values in form field binding (v1.11+) |
| astro.config.mjs | Reformatted configuration with improved structure and consistent quote style |
| package.json | Added mdast-util-to-hast override for compatibility |
| package-lock.json | Updated dependencies including Astro, Starlight, esbuild, and various build tools |
| README.md | Enhanced local development setup instructions with Node.js version checking |
| .gitignore | Replaced with comprehensive template covering Astro, Node, React, and Go |
| src/content.config.ts | Fixed trailing semicolon formatting |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| ```json | ||
| $ curl -X POST localhost:8000/ping | ||
|
|
||
| HTTP/1.1 405 Method Not Allowed | ||
| Allow: GET | ||
| Content-Type: text/plain | ||
| Date: Sat, 01 Nov 2025 14:49:36 GMT | ||
| Content-Length: 22 | ||
|
|
||
| 405 method not allowed | ||
| ``` |
There was a problem hiding this comment.
The code block is labeled as "json" but contains a shell command (curl) and HTTP response headers. This should be labeled as "bash" or "sh" for the command, or "http" for the response format to ensure proper syntax highlighting.
| Content-Length: 31 | ||
| ``` | ||
|
|
||
| Optionally use [gin helmet](https://github.com/danielkov/gin-helmet) `go get github.com/danielkov/gin-helmet/ginhelmet` |
There was a problem hiding this comment.
The code comment formatting includes backticks around the package name which is inconsistent with Go comment conventions. Consider using the standard Go comment format without backticks, or applying this consistently throughout all examples.
| c.SaveUploadedFile(file, "./uploads/"+file.Filename) | ||
|
|
||
| c.String(200, "File %s uploaded successfully", file.Filename) | ||
| }) | ||
|
|
||
| // Multiple files upload | ||
| r.POST("/upload-multiple", func(c *gin.Context) { | ||
| form, _ := c.MultipartForm() | ||
| files := form.File["files"] | ||
|
|
||
| for _, file := range files { | ||
| c.SaveUploadedFile(file, "./uploads/"+file.Filename) |
There was a problem hiding this comment.
The file upload examples use file.Filename directly when building the destination path for c.SaveUploadedFile, which allows an attacker to perform path traversal by submitting filenames like ../../../../etc/passwd and potentially overwrite arbitrary files writable by the process.
Because file.Filename comes from the client and SaveUploadedFile does not sanitize the path, this can be exploited in real deployments that copy this example code.
To mitigate this, derive a safe server-side filename (e.g., using a generated ID and/or filepath.Base) and ensure uploads are constrained to a dedicated directory without allowing .. or path separators from user input.
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
|
@wathika-eng Great. Thank you. |
This pull request introduces several improvements and updates to the Gin website documentation and its build configuration. The main themes are: updating dependencies and configuration for Astro/Starlight, improving internationalization support, and adding or enhancing documentation for new Gin features (especially those introduced in v1.11+).
Key changes include:
Astro/Starlight configuration and dependency updates
package.jsonto the latest versions, and added new dependencies such as@astrojs/check,starlight-versions, andtypescriptfor improved site building and versioning support.astro.config.mjsto import and partially configurestarlight-versions, and improved plugin structure for easier extensibility. [1] [2]ko-KR,zh-CN,zh-TW) and changed thesocialconfiguration from an object to an array of objects for better compatibility with new Starlight versions. [1] [2]Documentation improvements for new Gin features (v1.11+)
http.Cookie(v1.11+).http.FileSystemusingLoadHTMLFS.gin-helmetmiddleware for security headers.General documentation and setup improvements
These updates improve the developer experience for both contributors and users of the Gin documentation, ensure compatibility with the latest tools, and provide up-to-date examples for new Gin features.