--- 9.0.3	2024-12-12 08:06:13.000000000 +0100
+++ aneksajo	2024-12-16 08:23:15.000000000 +0100
@@ -12,6 +12,7 @@
 	"runtime"
 	"strings"
 
+	"code.gitea.io/gitea/modules/annex"
 	"code.gitea.io/gitea/modules/graceful"
 	"code.gitea.io/gitea/modules/log"
 	"code.gitea.io/gitea/modules/markup"
@@ -86,8 +87,22 @@
 		commands = strings.Fields(command)
 		args     = commands[1:]
 	)
-
-	if p.IsInputFile {
+	isAnnexed, _ := annex.IsAnnexed(ctx.Blob)
+	// if a renderer wants to read a file, and we have annexed content, we can
+	// provide the annex key file location directly to the renderer. git-annex
+	// takes care of having that location be read-only, so no critical
+	// protection layer is needed. Moreover, the file readily exists, and
+	// expensive temporary files can be avoided, also allowing an operator
+	// to raise MAX_DISPLAY_FILE_SIZE without much negative impact.
+	if p.IsInputFile && isAnnexed {
+		// look for annexed content, will be empty, if there is none
+		annexContentLocation, _ := annex.ContentLocation(ctx.Blob)
+		// we call the renderer, even if there is no annex content present.
+		// showing the pointer file content is not much use, and a topical
+		// renderer might be able to produce something useful from the
+		// filename alone (present in ENV)
+		args = append(args, annexContentLocation)
+	} else if p.IsInputFile {
 		// write to temp file
 		f, err := os.CreateTemp("", "gitea_input")
 		if err != nil {
@@ -130,6 +145,12 @@
 		os.Environ(),
 		"GITEA_PREFIX_SRC="+ctx.Links.SrcLink(),
 		"GITEA_PREFIX_RAW="+ctx.Links.RawLink(),
+		// also communicate the relative path of the to-be-rendered item.
+		// this enables the renderer to make use of the original file name
+		// and path, e.g., to make rendering or dtype-detection decisions
+		// that go beyond the originally matched extension. Even if the
+		// content is directly streamed to STDIN
+		"GITEA_RELATIVE_PATH="+ctx.RelativePath,
 	)
 	if !p.IsInputFile {
 		cmd.Stdin = input