From 47f6ff013eb2b3856da307835a037e245030d771 Mon Sep 17 00:00:00 2001
From: Muhammad Tamir <muhammad218477@smk.belajar.id>
Date: Thu, 19 Jun 2025 21:07:17 +0700
Subject: [PATCH] Warn About Public Git Hosting

---
 app/src/main/java/org/yuemi/App.java          |  1 +
 .../subcommands/GitRemoteSubcommand.java      | 27 ++++++++++++++-----
 app/src/main/resources/config.yml             |  2 ++
 3 files changed, 24 insertions(+), 6 deletions(-)
 create mode 100644 app/src/main/resources/config.yml

diff --git a/app/src/main/java/org/yuemi/App.java b/app/src/main/java/org/yuemi/App.java
index 9a32815..1f90a6d 100644
--- a/app/src/main/java/org/yuemi/App.java
+++ b/app/src/main/java/org/yuemi/App.java
@@ -6,6 +6,7 @@ import org.yuemi.commands.CommandRegistrar;
 public class App extends JavaPlugin {
     @Override
     public void onEnable() {
+        saveDefaultConfig();
         getLogger().info("Yuemi Git Plugin enabled.");
         new CommandRegistrar(this).registerAll();
     }
diff --git a/app/src/main/java/org/yuemi/commands/subcommands/GitRemoteSubcommand.java b/app/src/main/java/org/yuemi/commands/subcommands/GitRemoteSubcommand.java
index a00ca50..a4f4dc5 100644
--- a/app/src/main/java/org/yuemi/commands/subcommands/GitRemoteSubcommand.java
+++ b/app/src/main/java/org/yuemi/commands/subcommands/GitRemoteSubcommand.java
@@ -39,21 +39,36 @@ public class GitRemoteSubcommand implements SubcommandExecutor {
             try {
                 GitManager git = new GitManager(repoFolder);
 
+                boolean allowUnsafe = plugin.getConfig().getBoolean("disable-unsafe-warning", false);
+
+                if ((mode.equals("add") || mode.equals("set")) && url != null) {
+                    if (!allowUnsafe && (url.contains("github.com") || url.contains("gitlab.com"))) {
+                        sender.sendMessage("§cRemote URL rejected: Public Git hosts like GitHub or GitLab are disallowed.");
+                        sender.sendMessage("§7To allow them, set §fdisable-unsafe-warning: true §7in config.yml");
+                        return;
+                    }
+                }
+
                 switch (mode) {
-                    case "add":
+                    case "add" -> {
                         if (url == null) throw new IllegalArgumentException("Missing --url");
                         git.addRemote(url);
                         sender.sendMessage("§aAdded remote origin: " + url);
-                        break;
-                    case "set":
+                    }
+                    case "set" -> {
                         if (url == null) throw new IllegalArgumentException("Missing --url");
                         git.setRemoteUrl(url);
                         sender.sendMessage("§aUpdated remote origin URL to: " + url);
-                        break;
-                    case "remove":
+                    }
+                    case "remove" -> {
                         git.removeRemote();
                         sender.sendMessage("§aRemoved remote origin.");
-                        break;
+                    }
+                }
+
+                if ((mode.equals("add") || mode.equals("set")) && url != null && !allowUnsafe) {
+                    sender.sendMessage("§eWarning: Using public git hosts is discouraged.");
+                    sender.sendMessage("§7Please use a self-hosted alternative like §fGitea§7, §fGogs§7, or §fForgejo§7.");
                 }
 
             } catch (Exception e) {
diff --git a/app/src/main/resources/config.yml b/app/src/main/resources/config.yml
new file mode 100644
index 0000000..ad85727
--- /dev/null
+++ b/app/src/main/resources/config.yml
@@ -0,0 +1,2 @@
+# WARNING: Disabling this allows users to push to public Git hosts (GitHub, GitLab, etc.)
+disable-unsafe-warning: false
\ No newline at end of file