Commit graph

4823 commits

Author SHA1 Message Date
Zettat123
77c56e29de
Allow non-admin users to delete review requests (#29057)
Fix #14459

The following users can add/remove review requests of a PR
- the poster of the PR
- the owner or collaborators of the repository
- members with read permission on the pull requests unit

(cherry picked from commit c42083a33950be6ee9f822c6d0de3c3a79d1f51b)

Conflicts:
	models/repo/repo_list_test.go
	tests/integration/api_nodeinfo_test.go
	tests/integration/api_repo_test.go
	shared fixture counts
2024-02-26 22:30:27 +01:00
KN4CK3R
64ef7d3658
Do not double close reader (#29354)
Fixes #29346

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 553d46e6f6a144905266d58315a2b0ff2e976380)
2024-02-26 22:30:26 +01:00
Lunny Xiao
6905540088
Use the database object format name but not read from git repoisitory everytime and fix possible migration wrong objectformat when migrating a sha256 repository (#29294)
Now we can get object format name from git command line or from the
database repository table. Assume the column is right, we don't need to
read from git command line every time.

This also fixed a possible bug that the object format is wrong when
migrating a sha256 repository from external.

<img width="658" alt="image"
src="https://github.com/go-gitea/gitea/assets/81045/6e9a9dcf-13bf-4267-928b-6bf2c2560423">

(cherry picked from commit b79c30435f439af8243ee281310258cdf141e27b)

Conflicts:
	routers/web/repo/blame.go
	services/agit/agit.go
	context
2024-02-26 22:30:26 +01:00
6543
7db422d989
Make optional.Option[T] type serializable (#29282)
make the generic `Option` type de-/serializable for json and yaml

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 53c7d8908e5ef35818b72b8c3d873b509269bc1a)
2024-02-26 22:30:26 +01:00
Lunny Xiao
767e9634d3
Allow options to disable user deletion from the interface on app.ini (#29275)
Extract from #20549

This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to
allow the site administrator to disable users visiting deletion user
interface or allow.
This options are also potentially allowed to define more features in
future PRs.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 3ef6252e06a1f3981f8b7d1717bfc581418b1dc5)

Conflicts:
	custom/conf/app.example.ini
	docs/content/administration/config-cheat-sheet.en-us.md
	modules/setting/admin.go
	context
2024-02-26 22:30:26 +01:00
6543
8ff858b94b
Start to migrate from util.OptionalBool to optional.Option[bool] (#29329)
just create transition helper and migrate two structs

(cherry picked from commit 7fbdb60fc1152acc9a040dc04b1b0f5a3475b081)
2024-02-26 22:30:26 +01:00
Tim-Nicas Oelschläger
4b494d341f
Unify organizations header (#29248)
Unify organizations header

before:

![image](https://github.com/go-gitea/gitea/assets/72873130/74474e0d-33c3-4bbf-9324-d130ea2c62f8)

after:

![image](https://github.com/go-gitea/gitea/assets/72873130/1c65de0d-fa0f-4b17-ab8d-067de8c7113b)

---------

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 532e422027c88a4a3dc0c2968857f8d5f94d861f)

Conflicts:
	routers/web/shared/user/header.go
	templates/org/home.tmpl
	context
2024-02-26 22:30:26 +01:00
Lunny Xiao
44f45d8b72
Ignore the linux anchor point to avoid linux migrate failure (#29295)
Fix #28843

This PR will bypass the pushUpdateTag to database failure when
syncAllTags. An error log will be recorded.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 5ed17d9895bf678374ef5227ca37870c1c170802)
2024-02-26 22:30:26 +01:00
Zettat123
ff5df5fc97
Improve the issue_comment workflow trigger event (#29277)
Fix #29175
Replace #29207

This PR makes some improvements to the `issue_comment` workflow trigger
event.

1. Fix the bug that pull requests cannot trigger `issue_comment`
workflows
2. Previously the `issue_comment` event only supported the `created`
activity type. This PR adds support for the missing `edited` and
`deleted` activity types.
3. Some events (including `issue_comment`, `issues`, etc. ) only trigger
workflows that belong to the workflow file on the default branch. This
PR introduces the `IsDefaultBranchWorkflow` function to check for these
events.

(cherry picked from commit a4fe1cdf38f9a063e44b197ef07e4260f731c919)

Conflicts:
	modules/actions/github.go
	context
2024-02-26 22:30:26 +01:00
KN4CK3R
9debff3b71
Discard unread data of git cat-file (#29297)
Fixes #29101
Related #29298

Discard all read data to prevent misinterpreting existing data. Some
discard calls were missing in error cases.

---------

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit d6811baf88ca6d58b92d4dc12b1f2a292198751f)
2024-02-26 22:30:25 +01:00
KN4CK3R
5f79550a0d
Prevent double use of git cat-file session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297

Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)

commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)

entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)

b := entry.Blob()

// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()

// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```

The problem is the check in `CatFileBatch`:

79217ea63c/modules/git/repo_base_nogogit.go (L81-L87)
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.

(cherry picked from commit f74c869221624092999097af38b6f7fae4701420)
2024-02-26 22:30:25 +01:00
wxiaoguang
2c8f112c1c
Always write proc-receive hook for all git versions (#29287)
(cherry picked from commit 7f45dfb030f30a3ada58e636e3b8bfde391224bd)
2024-02-26 22:30:25 +01:00
Gergely Nagy
0b4a9c4ec2
Disabling Stars should disable the routes too
Similarly to how `[repository].DISABLE_FORKS` works, lets make
`[repository].DISABLE_STARS` disable the routes too, not just hide the
functionality from the UI.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-26 20:50:32 +01:00
Gergely Nagy
ae0635fd61
Correctly support linguist-documentation=false
If a documentation file is marked with a `linguist-documentation=false`
attribute, include it in language stats.

However, make sure that we do *not* include documentation languages as
fallback.

Added a new test case to exercise the formerly buggy behaviour.

Problem discovered while reviewing @KN4CK3R's tests from gitea#29267.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-26 14:18:33 +01:00
Gergely Nagy
ee39c58120
Convert linguist attribute handling to optional.Option
Based on @KN4CK3R's work in gitea#29267. This drops the custom
`LinguistBoolAttrib` type, and uses `optional.Option` instead. I added
the `isTrue()` and `isFalse()` (function-local) helpers to make the code
easier to follow, because these names convey their goal better than
`v.ValueorDefault(false)` or `!v.ValueOrDefault(true)`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-26 12:52:59 +01:00
Gergely Nagy
0ea021c8c9
Allow instance-wide disabling of forking
For small, personal self-hosted instances with no user signups, the fork
button is just a noise. This patch allows disabling them like stars can
be disabled too.

Disabling forks does not only remove the buttons from the web UI, it
also disables the routes that could be used to create forks.

Fixes #2441.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-25 12:00:17 +01:00
Earl Warren
b7ea2ea463 Merge pull request 'Fixes #2452 - Skipping SHA256 tests if unsupported' (#2456) from lhinderberger/forgejo:2452-skip-sha256-if-unsupported into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2456
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-24 16:55:05 +00:00
Lucas Hinderberger
c8ae3498e7 gofmt-ed modules/git/utils_test.go due to linter 2024-02-24 15:53:38 +01:00
Lucas Hinderberger
a4b0c0edc5 Fixes #2452 - Skipping SHA256 tests if unsupported
The test suite was broken e.g. on Debian 12 due to requiring a very
recent version of Git installed on the system. This commit skips SHA256
tests in the git module, if a Git version older than 2.42 or gogit is used.
2024-02-24 00:14:24 +01:00
Gusted
5b3a82d621
[FEAT] Enable ambiguous character detection in configured contexts
- The ambiguous character detection is an important security feature to
combat against sourcebase attacks (https://trojansource.codes/).
- However there are a few problems with the feature as it stands
today (i) it's apparantly an big performance hitter, it's twice as slow
as syntax highlighting (ii) it contains false positives, because it's
reporting valid problems but not valid within the context of a
programming language (ambiguous charachters in code comments being a
prime example) that can lead to security issues (iii) charachters from
certain languages always being marked as ambiguous. It's a lot of effort
to fix the aforementioned issues.
- Therefore, make it configurable in which context the ambiguous
character detection should be run, this avoids running detection in all
contexts such as file views, but still enable it in commits and pull
requests diffs where it matters the most. Ideally this also becomes an
per-repository setting, but the code architecture doesn't allow for a
clean implementation of that.
- Adds unit test.
- Adds integration tests to ensure that the contexts and instance-wide
is respected (and that ambigious charachter detection actually work in
different places).
- Ref: https://codeberg.org/forgejo/forgejo/pulls/2395#issuecomment-1575547
- Ref: https://codeberg.org/forgejo/forgejo/issues/564
2024-02-23 13:12:17 +01:00
Earl Warren
726ce5e3f9 Merge pull request '[BUG] Load AllUnitsEnabled when necessary' (#2420) from gusted/forgejo-add-more into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2420
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-21 13:25:38 +00:00
Michael Kriese
849de07064 feat(xorm): add max idle time setting for db connections (#2418)
Add a new optional `CONN_MAX_IDLETIME`[^1]

This allows to set the `SetConnMaxIdleTime` on `database/sql`.
It's useful to allow to close more idle connections to reduce database connections, especially on postgresql.
For me i would like to use it to set a higher max idle connections but they will all be closed after being idle.
So also the last idle connection will be closed when there is no load on forgejo.
I also use it with max connection lifetime, because currently `database/sql` doesn't detect a postgresql master change[^2] and i'll get `[E] can't update runner status: pq: cannot execute UPDATE in a read-only transaction`[^3] on forgejo until the connection is closed.

[^1]: https://pkg.go.dev/database/sql#DB.SetConnMaxIdleTime
[^2]: https://stackoverflow.com/questions/51858659/how-to-safely-discard-golang-database-sql-pooled-connections-for-example-when-t
[^3]: https://matrix.to/#/!zpNKWqkiEOyljSMQDK:matrix.org/$_AJft_amsGn5hXGOYw75JoBJQnW3aKJEpb-Iw53L_TU?via=schinas.net&via=matrix.org&via=nitro.chat

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2418
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Kriese <michael.kriese@visualon.de>
Co-committed-by: Michael Kriese <michael.kriese@visualon.de>
2024-02-21 12:17:16 +00:00
Gusted
6fbfe441de
[BUG] Load AllUnitsEnabled when necessary
- In order to determine if the "Add more..." tab should be shown, the
template has to know if the repository has all units enabled, this is
done in the repository header which can be shown for quite a lot of
pages (code, issues, projects, actions etc.)
- This was previously set in the `RepoRefByType` function, which would
be called by pages such as code, issues and releases, but it was not
being called for all pages such as actions, packages and wiki. Which
would in turn incorrectly show the "Add more..." button when it
shouldn't.
- Now call it from the template itself, so the value is 'always' loaded
when necessary.
2024-02-21 12:48:26 +01:00
Earl Warren
0533022d63 Merge pull request '[gitea] cherry-pick' (#2397) from earl-warren/forgejo:wip-gitea-cherry-pick into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2397
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-19 23:03:10 +00:00
Gusted
f128b6efc9 Merge pull request '[BUG] Restrict when to make link absolute in markdown' (#2403) from gusted/forgejo-custom-url into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2403
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-02-19 22:16:23 +00:00
wxiaoguang
c7c20ff5ab
Remove DataRaceCheck (#29258)
Since #26254, it started using `{{ctx.Locale.Tr ...}}`

Now the `ctx` seems stable enough, so the check could be removed.

(cherry picked from commit 567a68a0bf78c8d70f08c8ab948fdbb455225aa9)
2024-02-19 22:58:33 +01:00
wxiaoguang
d611fe8d26
Improve TrHTML and add more tests (#29228)
Follow #29165.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 4345cac52971c13debfe5e6f311aef3930fe2eed)
2024-02-19 22:58:33 +01:00
yp05327
d93d963c3f
Implement some action notifier functions (#29173)
Fix #29166

Add support for the following activity types of `pull_request`
- assigned
- unassigned
- review_requested
- review_request_removed
- milestoned
- demilestoned

(cherry picked from commit 1a6e1cbada27db1e3327b0d7d331492c95e24759)
2024-02-19 22:58:32 +01:00
wxiaoguang
81925ebb0c
Refactor more code in templates (#29236)
Follow #29165.

* Introduce JSONTemplate to help to render JSON templates
* Introduce JSEscapeSafe for templates. Now only use `{{ ... |
JSEscape}}` instead of `{{ ... | JSEscape | Safe}}`
* Simplify "UserLocationMapURL" useage

(cherry picked from commit 31bb9f3247388b993c61a10190cfd512408ce57e)
2024-02-19 22:58:32 +01:00
Gusted
65b9a959b8
[BUG] Restrict when to make link absolute in markdown
- In markdown, links are proccessed to be made absolute against the
relevant base in that context. Such that `./src` will be transformed
into `http://example.com/owner/repo/src/branch/main/src`.
- Don't try to make the link absolute if the link has a schema that's
defined in `[markdown].CUSTOM_URL_SCHEMES`, because they can't be made
absolute and doing so could lead to problems (see test case, double
slash was transformed to single slash).
- Adds unit test.
- Resolves https://codeberg.org/Codeberg/Community/issues/1489
2024-02-19 20:56:00 +01:00
wxiaoguang
62d3e5255f
Port "Use general token signing secret"
Port of https://github.com/go-gitea/gitea/pull/29205

Use a clearly defined "signing secret" for token signing.

(cherry picked from commit 8be198cdef0a486f417663b1fd6878458d7e5d92)
2024-02-19 20:49:37 +01:00
Gusted
a2442793d2
[BUG] Fix relative links on orgmode
- For regular non-image nonvideo links, they should be made relative,
this was done against `r.Ctx.Links.Base`, but since 637451a45e, that
should instead be done by `SrcLink()` if there's branch information set
in the context, because branch and treepath information are no longer
set in `r.Ctx.Links.Base`.
- This is consistent with how #2166 _fixed_ relative links.
- Media is not affected, `TestRender_Media` test doesn't fail.
- Adds unit tests.
- Ref https://codeberg.org/Codeberg/Community/issues/1485
2024-02-18 21:09:35 +01:00
Gergely Nagy
b594188623
Restore compatibility with the legacy GitHub callout syntax
Although GitHub removed support for the legacy callout syntax, we don't
have to! Restore this support via another AST transformer.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-17 18:35:45 +01:00
Gergely Nagy
a177a5c4cb
modules/markup: Lift out the GitHub callout transformer
This lifts out the GitHub callout transformer from
`modules/markup/markdown/goldmark.go` to `callout/github.go`.

While there, clean up the transformer code:

- Use a map to look up supported callout types, rather than a regexp.
- Allow the callout type to be in any case, rather than just uppercase.
- Simplified `.Segment.Value()` to `.Text()`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-17 18:04:55 +01:00
Yarden Shoham
0b3193bbbe
Add alert blocks in markdown (#29121)
- Follows https://github.com/go-gitea/gitea/pull/21711
- Closes https://github.com/go-gitea/gitea/issues/28316

Implement GitHub's alert blocks markdown feature

Docs:
-
https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
- https://github.com/orgs/community/discussions/16925

### Before

![image](https://github.com/go-gitea/gitea/assets/20454870/14f7b02a-5de5-4fd0-8437-a055dadb31f2)

### After

![image](https://github.com/go-gitea/gitea/assets/20454870/ed06a869-e545-42f1-bf25-4ba20b1be196)

## ⚠️ BREAKING ⚠️

The old syntax no longer works

How to migrate:

If you used
```md
> **Note** My note
```

Switch to
```md
> [!NOTE]
> My note
```

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-02-17 18:04:55 +01:00
Earl Warren
c021a5b919
templates: HasPrefix support for template.HTML
Refactor locale&string&template related code has .Title be
template.HTML and "Improve HTML title on repositories" needs to check
the prefix with StringUtils.HasPrefix
2024-02-16 15:20:52 +01:00
wxiaoguang
65248945c9
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when
"template.HTML" should be used (no need to escape)

And help PRs like  #29059 , to render the error messages correctly.

(cherry picked from commit f3eb835886031df7a562abc123c3f6011c81eca8)

Conflicts:
	modules/web/middleware/binding.go
	routers/web/feed/convert.go
	tests/integration/branches_test.go
	tests/integration/repo_branch_test.go
	trivial context conflicts
2024-02-16 15:20:52 +01:00
Earl Warren
c8b177713a
[CLEANUP] make golangci-lint@v1.56.1 happy 2024-02-15 16:19:36 +01:00
Chris Copeland
83123b493f
Add merge style fast-forward-only (#28954)
With this option, it is possible to require a linear commit history with
the following benefits over the next best option `Rebase+fast-forward`:
The original commits continue existing, with the original signatures
continuing to stay valid instead of being rewritten, there is no merge
commit, and reverting commits becomes easier.

Closes #24906
2024-02-14 17:19:19 +01:00
Earl Warren
05eaf1cf3e Merge pull request 'Repository settings refactor' (#2221) from algernon/forgejo:repo-units/ui-refactor into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2221
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-02-14 13:29:04 +00:00
Gergely Nagy
e07b0e75ff
Add a direct link from repo header to unit settings
If a repository administrator is viewing a repository, and there are
units that can be enabled, display an "Add more..." link that leads to
the repository unit settings page.

The goal here is to allow instances to configure a small set of repo
units to be enabled by default, but also highlight for repo admins that
they can add more.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-13 22:42:09 +01:00
Gusted
f68f880974
[BUG] Workaround borked Git version
- In Git version v2.43.1, the behavior of `GIT_FLUSH` was accidentially
flipped. This causes Forgejo to hang on the `check-attr` command,
because no output was being flushed.
- Workaround this by detecting if Git v2.43.1 is used and set
`GIT_FLUSH=0` thus getting the correct behavior.
- Ref: https://lore.kernel.org/git/CABn0oJvg3M_kBW-u=j3QhKnO=6QOzk-YFTgonYw_UvFS1NTX4g@mail.gmail.com/
- Resolves #2333.
2024-02-13 18:33:18 +01:00
wxiaoguang
83bb3cf86a
[gitea] Refactor parseSignatureFromCommitLine (#29054)
Replace #28849. Thanks to @yp05327 for the looking into the problem.
Fix #28840

The old behavior of newSignatureFromCommitline is not right. The new
parseSignatureFromCommitLine:

1. never fails
2. only accept one format (if there is any other, it could be easily added)

And add some tests.

(cherry picked from commit a24e1da7e9e38fc5f5c84c083d122c0cc3da4b74)
2024-02-10 10:53:43 +01:00
Lunny Xiao
1fdd8341d6
[gitea] Remove unnecessary parameter (#29092)
The parameter extraConfigs has never been used anywhere. This PR just
removed it. It can be taken back once it's needed.

(cherry picked from commit 8c6ffdac378654f9d2171ebdbc46becf1571f7fe)
2024-02-10 10:53:43 +01:00
dark-angel
00370f17a4
[gitea] fix: Elasticsearch: Request Entity Too Large #28117 (#29062)
Fix for gitea putting everything into one request without batching and
sending it to Elasticsearch for indexing as issued in #28117

This issue occured in large repositories while Gitea tries to
index the code using ElasticSearch.

I've applied necessary changes that takes batch length from below config
(app.ini)
```
[queue.code_indexer]
BATCH_LENGTH=<length_int>
```
and batches all requests to Elasticsearch in chunks as configured in the
above config

(cherry picked from commit 5c0fc9087211f01375f208d679a1e6de0685320c)
2024-02-10 10:53:43 +01:00
Earl Warren
094c84ed6d
Merge branch 'rebase-forgejo-dependency' into wip-forgejo 2024-02-05 18:58:23 +01:00
Earl Warren
d7e1854884
Merge branch 'rebase-forgejo-branding' into wip-forgejo 2024-02-05 18:58:18 +01:00
Earl Warren
c6fe41239a
Merge branch 'rebase-forgejo-moderation' into wip-forgejo 2024-02-05 18:58:11 +01:00
Gusted
2ed825c5be
[GITEA] Fix orgmode link resolver for text descriptions
- It's possible that the description of an `Regularlink` is `Text` and not
another `Regularlink`. Therefor if it's `Text`, convert it to an
`Regularlink` trough the 'old' behavior (pass it trough `org.String` and
trim `file:` prefix).
- Adds unit tests.
- Resolves https://codeberg.org/Codeberg/Community/issues/1430

(cherry picked from commit 385fc6ee6be25859066a716aa15be09991e2d33c)
2024-02-05 16:57:56 +01:00
Gergely Nagy
2ca4862f8b
[GITEA] Allow changing the repo Wiki branch to main
Previously, the repo wiki was hardcoded to use `master` as its branch,
this change makes it possible to use `main` (or something else, governed
by `[repository].DEFAULT_BRANCH`, a setting that already exists and
defaults to `main`).

The way it is done is that a new column is added to the `repository`
table: `wiki_branch`. The migration will make existing repositories
default to `master`, for compatibility's sake, even if they don't have a
Wiki (because it's easier to do that). Newly created repositories will
default to `[repository].DEFAULT_BRANCH` instead.

The Wiki service was updated to use the branch name stored in the
database, and fall back to the default if it is empty.

Old repositories with Wikis using the older `master` branch will have
the option to do a one-time transition to `main`, available via the
repository settings in the "Danger Zone". This option will only be
available for repositories that have the internal wiki enabled, it is
not empty, and the wiki branch is not `[repository].DEFAULT_BRANCH`.

When migrating a repository with a Wiki, Forgejo will use the same
branch name for the wiki as the source repository did. If that's not the
same as the default, the option to normalize it will be available after
the migration's done.

Additionally, the `/api/v1/{owner}/{repo}` endpoint was updated: it will
now include the wiki branch name in `GET` requests, and allow changing
the wiki branch via `PATCH`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit d87c526d2a313fa45093ab49b78bb30322b33298)
2024-02-05 16:57:47 +01:00
Earl Warren
209610075a
[TESTS] add log.Level to test.NewLogChecker
So the caller can check log events at the desired level instead of
being limited to the default level log.INFO

(cherry picked from commit 2fbf5f9555641a1244576df92cb518f8ad76c162)
(cherry picked from commit e2137a3147389114475db787522d5c22ff249d2c)
2024-02-05 16:54:44 +01:00
Gusted
6fb55e9c08
[GITEA] Add slow SQL query warning (squash) Fix setting typo
- Fix typo in the slow query threshold setting, add a deprecation warning.
- Resolves #2203

(cherry picked from commit 02f6608e5fc21a0a00da5fc4c99152d43ee2ea4d)
(cherry picked from commit 4e8f6b2ffdb25e0257933ee0a1bd21e3f4e86740)
2024-02-05 16:54:44 +01:00
Gusted
464ae81a36
[GITEA] Refactor generation of JWT secret
- Remove non base64-ed version of JWT secret generation. Because all
occurences need the Base64 version.

(cherry picked from commit 6a6b5a31a8e38cb953fcca1c8847ea219234f10c)
(cherry picked from commit 066b8ca6b40a7342352983de35f1ca6683927426)
2024-02-05 16:54:44 +01:00
Earl Warren
403bb4bf48
[ACTIONS] on.schedule: the event is always "schedule"
handleSchedules() is called every time an event is received and will
check the content of the main branch to (re)create scheduled events.
There is no reason why intput.Event will be relevant when the schedule
workflow runs.

(cherry picked from commit 9a712bb276f2103cd7bccc4bb07b6cc669537e38)
(cherry picked from commit 41af36da818eb1f4ceb18c0447f2b6e099d4e04c)
(cherry picked from commit bb83604fa2e6f29d995378c3daf5037a468c0858)
(cherry picked from commit 65e4503a7a875db0098d4e25611a0240104d1048)
(cherry picked from commit e562b6f7a0b3da9bfea9b88107eb53bae4a225da)
(cherry picked from commit aca2ae23907ded7b959362d033e039c4caa71478)
(cherry picked from commit bf2b5ea507083363e7449845bb0812a4c832fb82)
2024-02-05 16:54:44 +01:00
Earl Warren
fe8622dae3
Revert "Fix schedule tasks bugs (#28691)"
This reverts commit 97292da960.

(cherry picked from commit 83e5eba0311dc601518fb1a07a7e8538e573a837)
(cherry picked from commit f6ef8f3819b5990858b0997cac72af000a3f3e3a)

Conflicts:
	services/repository/setting.go
2024-02-05 16:54:42 +01:00
Earl Warren
f7fd1c7c86
Revert "Fix an actions schedule bug (#28942)"
This reverts commit adc3598a75.
2024-02-05 16:53:39 +01:00
Gergely Nagy
8eaa8aeaf9
[GITEA] Improved Linguist compatibility
Recognise the `linguist-documentation` and `linguist-detectable`
attributes in `.gitattributes` files, and use them in
`GetLanguageStats()` to make a decision whether to include a particular
file in the stats or not.

This allows one more control over which files in their repositories
contribute toward the language statistics, so that for a project that is
mostly documentation, the language stats can reflect that.

Fixes #1672.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 6d4e02fe5f2e79fceb6cf672f6f822714db6d0fe)
(cherry picked from commit ee1ead81891d7a0d4e62e5ba89ebee9db6359e76)
(cherry picked from commit 2dbec730e875f44a1d8a53e123fef428a14add95)
2024-02-05 16:09:43 +01:00
Earl Warren
e658a6a9cd
[GITEA] API commentAssignment() to verify the id belongs
Instead of repeating the tests that verify the ID of a comment
is related to the repository of the API endpoint, add the middleware
function commentAssignment() to assign ctx.Comment if the ID of the
comment is verified to be related to the repository.

There already are integration tests for cases of potential unrelated
comment IDs that cover some of the modified endpoints which covers the
commentAssignment() function logic.

* TestAPICommentReactions - GetIssueCommentReactions
* TestAPICommentReactions - PostIssueCommentReaction
* TestAPICommentReactions - DeleteIssueCommentReaction
* TestAPIEditComment - EditIssueComment
* TestAPIDeleteComment - DeleteIssueComment
* TestAPIGetCommentAttachment - GetIssueCommentAttachment

The other modified endpoints do not have tests to verify cases of
potential unrelated comment IDs. They no longer need to because they
no longer implement the logic to enforce this. They however all have
integration tests that verify the commentAssignment() they now rely on
does not introduce a regression.

* TestAPIGetComment - GetIssueComment
* TestAPIListCommentAttachments - ListIssueCommentAttachments
* TestAPICreateCommentAttachment - CreateIssueCommentAttachment
* TestAPIEditCommentAttachment - EditIssueCommentAttachment
* TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment

(cherry picked from commit d414376d749041da1be288c02fdaa24fddeafd5c)
(cherry picked from commit 09db07aeaed167edc66cb832b0aa54b31d14f0d8)
(cherry picked from commit f44830c3cba0b9416505a2b0b560cfa096ffeb7c)

Conflicts:
	modules/context/api.go
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 9d1bf7be15420ce4ca6e92a8bd048d483172de3b)
2024-02-05 16:09:43 +01:00
Earl Warren
603a44edf0
[GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments
Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 8b4ba3dce7fc99fa328444ef27383dccca49c237)
(cherry picked from commit 196edea0f972a9a027c4cacb9df36330cf676d2f)

[GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments (squash) do not implicitly create a review

If a comment already exists in a review, the comment is added. If it
is the first comment added to a review, it will implicitly create a
new review instead of adding to the existing one.

The pull_service.CreateCodeComment function is responsibe for this
behavior and it will defer to createCodeComment once the review is
determined, either because it was found or because it was created.

Rename createCodeComment into CreateCodeCommentKnownReviewID to expose
it and change the API endpoint to use it instead. Since the review is
provided by the user and verified to exist already, there is no need
for the logic implemented by CreateCodeComment.

The tests are modified to remove the initial comment from the fixture
because it was creating the false positive. I was verified to fail
without this fix.

(cherry picked from commit 6a555996dca6ba71c65818e14ab0eeafa1af6dc2)
(cherry picked from commit b173a0ccee6cc0dadf40ec55e5d88987314c1cc4)
(cherry picked from commit 838ab9740a6b022676103bcb3a7d168b501006e1)
2024-02-05 16:09:42 +01:00
Gergely Nagy
639b428cf4
[FEAT] API support for repository flags
Expose the repository flags feature over the API, so the flags can be
managed by a site administrator without using the web API.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit bac9f0225d47e159afa90e5bbea9562cbc860dae)
(cherry picked from commit e7f5c1ba141ac7f8c7834b5048d0ffd3ce50900b)
(cherry picked from commit 95d9fe19cf3ed5787855ac2a442d29104498aa36)
(cherry picked from commit 7fc51991e405ea8d44fd6b4b4de13ad65da63ae7)
2024-02-05 16:09:42 +01:00
Gergely Nagy
36f7c162e2
[FEAT] Repository flags
This implements "repository flags", a way for instance administrators to
assign custom flags to repositories. The idea is that custom templates
can look at these flags, and display banners based on them, Forgejo does
not provide anything built on top of it, just the foundation. The
feature is optional, and disabled by default. To enable it, set
`[repository].ENABLE_FLAGS = true`.

On the UI side, instance administrators will see a new "Manage flags"
tab on repositories, and a list of enabled tags (if any) on the
repository home page. The "Manage flags" page allows them to remove
existing flags, or add any new ones that are listed in
`[repository].SETTABLE_FLAGS`.

The model does not enforce that only the `SETTABLE_FLAGS` are present.
If the setting is changed, old flags may remain present in the database,
and anything that uses them, will still work. The repository flag
management page will allow an instance administrator to remove them, but
not set them, once removed.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit ba735ce2228f8dd7ca105e94b9baa1be058ebe37)
(cherry picked from commit f09f6e029b4fb2714b86cd32dc19255078ecc0ee)
(cherry picked from commit 2f8b0414892f6099f519bda63a9e0fbc8ba6cfc7)
(cherry picked from commit d3186ee5f41fac896c7d2341402fcd39dd250bf1)
2024-02-05 16:09:42 +01:00
Gergely Nagy
e019eb33a2
[GITEA] Find README.md for user profiles case insensitively
When trying to find a `README.md` in a `.profile` repo, do so case
insensitively. This change does not make it possible to render readmes
in formats other than Markdown, it just removes the hard-coded
"README.md".

Also adds a few tests to make sure the change works.

Fixes #1494.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit edd219d8e9d69becb9814ab0a8359555e80fcd4f)
(cherry picked from commit 2c0105ef17b9673e6892a66aa689af7c5c87b8a1)
(cherry picked from commit 3975a9f3aaf8ed3ceb5788abc325dbe8e89225d3)
(cherry picked from commit dee4a18423151ac7f22221e6fce12d863921c200)
(cherry picked from commit 60aee6370fb15b12fffc6f29582dd4a235f87d94)
2024-02-05 16:09:42 +01:00
Gergely Nagy
f90b802634
[GITEA] Add support for shields.io-based badges
Adds a new `/{username}/{repo}/badges` family of routes, which redirect
to various shields.io badges. The goal is to not reimplement badge
generation, and delegate it to shields.io (or a similar service), which
are already used by many. This way, we get all the goodies that come
with it: different styles, colors, logos, you name it.

So these routes are just thin wrappers around shields.io that make it
easier to display the information we want. The URL is configurable via
`app.ini`, and is templatable, allowing to use alternative badge
generator services with slightly different URL patterns.

Additionally, for compatibility with GitHub, there's an
`/{username}/{repo}/actions/workflows/{workflow_file}/badge.svg` route
that works much the same way as on GitHub. Change the hostname in the
URL, and done.

Fixes gitea#5633, gitea#23688, and also fixes #126.

Work sponsored by Codeberg e.V.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit fcd0f61212d8febd4bdfc27e61a4e13cbdd16d49)
(cherry picked from commit 20d14f784490a880c51ca0f0a6a5988a01887635)
(cherry picked from commit 4359741431bb39de4cf24de8b0cfb513f5233f55)
(cherry picked from commit 35cff45eb86177e750cd22e82a201880a5efe045)
(cherry picked from commit 2fc0d0b8a302d24177a00ab48b42ce083b52e506)
2024-02-05 16:09:42 +01:00
Gergely Nagy
1d8bca07f3
[GITEA] Configurable clone methods
Adds `[repository].DOWNLOAD_OR_CLONE_METHODS` (defaulting to
"download-zip,download-targz,download-bundle,vscode-clone"), which lets
an instance administrator override the additional clone methods
displayed on the repository home view.

This is purely display-only, the clone methods not listed here are still
available, unless disabled elsewhere. They're just not displayed.

Fixes #710.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2aadcf4946e48ee43800568fe705d00a062c42bf)
(cherry picked from commit 42ac34fbf9105eed27ee687b305a85515270f0cc)
(cherry picked from commit bd231b02450212aca6be775663c3d24ddf19f990)
(cherry picked from commit 3d3366dbbee37621fc665e557a4a87bf08104375)
(cherry picked from commit 0157fb9b88fd50832c07b06c11c8dba6e059a465)
(cherry picked from commit bee88f6a8309c6f9aeba1522383d77f08e5a4d2d)
2024-02-05 16:09:42 +01:00
Earl Warren
41871ba3af
[ACTIONS] on.schedule: create a new payload
do not reuse the payload of the event that triggered the creation of
the scheduled event. Create a new one instead that contains no other
information than the event name in the action field ("schedule").

(cherry picked from commit 0b40ca1ea5e6b704bcb6c0d370a21f633facc7d6)
(cherry picked from commit f86487432b3b5f2fd4e2bb0a2d737674d9a105a6)
(cherry picked from commit 4bd5d2e9d0c7987a9d7cce495509c8790dcdcd3a)
(cherry picked from commit d10830e238f35bcd0100a4de68d68b15402ec05a)
(cherry picked from commit 53f5a3aa911fb63689ef018fe583eeb03f248517)
(cherry picked from commit 9ed1487b73babe44d0b2855cc708184c55671ab0)
(cherry picked from commit 6a399788516523bc52778f9d9df7f283d5b2c6d6)
2024-02-05 16:09:41 +01:00
Gusted
701882cc08
[GITEA] Add footnote testing
- This adds coverage to the most common and the edge cases of what the
footnote implementation should be capable of. This was partly done to
ensure no hidden surprises when changing the implementation, as markdown
rendering is one of the more important features of Forgejo.

(cherry picked from commit 16ecdb41705332843921af8d58c1c9a242add95b)
(cherry picked from commit 19dc5ef5e5808abe8a5f85d3eaca3317865595ad)
(cherry picked from commit d5955efc0a463164c0b3a75b6621974af22ea47f)
(cherry picked from commit 2cdaf1083617acbeec558deeb657a1375cbb3904)
(cherry picked from commit 251b567794d3437aac614370e4fe2fdf7ad8b917)

Conflicts:
	modules/markup/markdown/markdown_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2153
(cherry picked from commit f863f4b0054c3310fc487091c353670c65c96f35)
(cherry picked from commit f39f108934ae964c0efe79a1ccb5080d02e6dc72)
(cherry picked from commit 6d46f9ee4083128c2d43d2d73829d335f007cd34)
2024-02-05 16:09:41 +01:00
Earl Warren
6b5bfffe5d
[GITEA] test markdown CleanValue to prevent regression
It will determine how anchors are created and will break existing
links otherwise.

Adapted from Revert "Make `user-content-* ` consistent with github (#26388)

(cherry picked from commit 1666fba8f577e11ea234c8a671aeaab1290cfbaf)
(cherry picked from commit 48f38280e8b9f34d7c45399f05a670ef3460dac1)
(cherry picked from commit 03adb3a2b46081e183738a86ca3d54bf730de0bd)
(cherry picked from commit a0ad36f0ad5d99896d5319e9aca11d0cf0ce23ee)
(cherry picked from commit 3aac9900640da2eeaac7950d14132361923d1a69)
(cherry picked from commit 137daabc9b437c9bd37b45a80e44880d0ac44656)
(cherry picked from commit b438aed4c1ff57985fcbe3687fc54c54ba680464)
(cherry picked from commit 90b36f2e67acec00870005647b906ea69ae11d27)
2024-02-05 16:09:41 +01:00
Earl Warren
7b79294684
[GITEA] Revert "Make user-content-* consistent with github (#26388)"
Refs: https://codeberg.org/forgejo/forgejo/issues/1943

This reverts commit d41aee1d1e.

(cherry picked from commit d29ec91e91362b0657edee631f12cf1d55ba7a2c)
(cherry picked from commit a0f5a9750e81c5e3992365f61b8cb9ab99413139)
(cherry picked from commit 26bfc3bc14b7f07d11819b11251c716a8cf7eaf1)
(cherry picked from commit 59f57a1bc9d97d76319a6e2d8b7a336a9a480bb4)
(cherry picked from commit ce3b73a033d6f8b617b01f4f9fb33d70abf714aa)
(cherry picked from commit 2c426c28af18b69305bc8d71c389f21432fd8c3d)
(cherry picked from commit 155a08bca71cb90e753b73cbcd522e4f5064d980)
(cherry picked from commit 8934fd895c875135b4eb41dc2a1e2e456faf10da)
2024-02-05 16:09:41 +01:00
Otto Richter
274aee0bb0
[GITEA] correct default license selection
The default license choice was not working as expected,
because both the files in options/license were named differently, and
the setting string is not parsed properly.

The documentation will also be corrected.

See conversation on Matrix:
https://matrix.to/#/%23forgejo-chat%3Amatrix.org/%24ue13GJPr2d7D8fEaLx8yh1mFn3a4TVy_khkajrAYtx0?via=matrix.tu-berlin.de&via=turbo.ooo&via=matrix.org&via=catgirl.cloud

(cherry picked from commit 450a34d08d6d00063e97c4e176cdfe0695367985)
(cherry picked from commit 2770af7044cc8e5e564318a0d733b43ec16bdde5)
(cherry picked from commit 0fadf41985917d629b18c0a822b6317fa618c841)
(cherry picked from commit 9c3aa1dbbd13f2670d76ea00c00fec3b9cbb0339)
(cherry picked from commit f8ecff84222163ba513e81244c37d78c47499922)
(cherry picked from commit 1e289375462e4ba24be5432d035fe5d149789c73)
(cherry picked from commit e566ffbb8de285c40c322744d48c32c17de93852)
(cherry picked from commit cf89ca48b66ba077e7fbcfb7c8a353574db63fac)
(cherry picked from commit e2897d15b45012fbdd77ce6c37527c50d7b12d40)
(cherry picked from commit 8b49f1195de14bf21ed3dd2d0e15369d183971f4)
2024-02-05 16:09:41 +01:00
Gusted
e1a82a15d3
[GITEA] Require Latex code to have a end sequence
- Currently the parser will look for `\[` and `$$` to detect when Latex
code starts, it will look for `\]` and `$$` respectively in order to
determine the end of the code. However if no end is found the parser
assumes the rest of the input is part of the Latex code.
- Adjust the parser's behavior to not allow the case to assume the rest
of the input is part of the Latex code and requires in order to
determine if some input is Latex code that the end sequence is also
specified.
- Example: `\[hello]` would no longer be detected as Latex code with
this patch.
- Added unit tests.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1817

(cherry picked from commit 452aef1bb1a5ccf986f187b6467d9827b01789f3)
(cherry picked from commit 8a857c24b0421145ece67a69d54e78af20689e0d)
(cherry picked from commit acd1456db9e5a16ad0f697b52b789cca4f96fc7c)
(cherry picked from commit 6523b45073838c168df75108b444f7fb2ef9dd2c)
(cherry picked from commit e2e1a8afe7f8a2627d518e7dc18cc7f97ca86e48)
(cherry picked from commit a46ef652ebac4422f6e4d48a676f8386dbfb7d0d)
(cherry picked from commit 54d5a8c073f49332358d181a8dd78464c6d58641)
(cherry picked from commit 4a88dc6416c7c6c552018ca0382373aa63329c9e)
(cherry picked from commit f88b58be3f6964d71094a7d7fe5067d9004a303c)
(cherry picked from commit 316ff9767ffc37a44949b6c504d465fc65ed4a60)
2024-02-05 16:09:41 +01:00
Gusted
92413041bd
[GITEA] Use maintained gziphandler
- https://github.com/NYTimes/gziphandler doesn't seems to be maintained
anymore and Forgejo already includes
https://github.com/klauspost/compress which provides a maintained and
faster gzip handler fork.
- Enables Jitter to prevent BREACH attacks, as this *seems* to be
possible in the context of Forgejo.

(cherry picked from commit cc2847241d82001babd8d40c87d03169f21c14cd)
(cherry picked from commit 99ba56a8761dd08e08d9499cab2ded1a6b7b970f)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 711638193daa2311e2ead6249a47dcec47b4e335)
(cherry picked from commit 9c12a37fde6fa84414bf332ff4a066facdb92d38)
(cherry picked from commit d13065345431a499f9e0b7a3c2043d7487b8aa5b)
(cherry picked from commit 45a16f8c3c6f7d5e4aab8fdde6a621cf36e4801c)
(cherry picked from commit a497acb31f76d580c8b0567f9461274bd78080f4)
(cherry picked from commit fe87fd828973945192b98310c5c3b2001c6e0f86)
(cherry picked from commit 6ac12e6693cf45cb12109028dabd868957c4b74c)
(cherry picked from commit 981ec37e1e72ab19c20067ff4d2a7e20a60d3305)
(cherry picked from commit 5d6892ec10086f0ba63f26693faa82d0fd4e3f4a)
(cherry picked from commit 9df7968f4fc72de9788d84ca3f349e4c98ee630e)
(cherry picked from commit 7d588d183329cd760053663ea2e1e82e62958409)

Conflicts:
	routers/web/web.go
	https://codeberg.org/forgejo/forgejo/pulls/2075
(cherry picked from commit defb101281f5a6ba410abc763674bafa7b63dffd)
(cherry picked from commit 5830f204a17767fda3e45d16dbf3af8c32e7f387)
(cherry picked from commit 029f4e98636a7776f430684e9d7142d69a444f96)
(cherry picked from commit 816fe558126d0ecce969fdf2a196fa6afdcca792)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 99866d804560b415b6158371eb0efd17d097cfe0)
2024-02-05 16:09:40 +01:00
Gusted
fa37a211fb
[GITEA] Drop sha256-simd in favor of stdlib
- In Go 1.21 the crypto/sha256 [got a massive
improvement](https://go.dev/doc/go1.21#crypto/sha256) by utilizing the
SHA instructions for AMD64 CPUs, which sha256-simd already was doing.
The performance is now on par and I think it's preferable to use the
standard library rather than a package when possible.

```
cpu: AMD Ryzen 5 3600X 6-Core Processor
                │  simd.txt   │               go.txt                │
                │   sec/op    │    sec/op     vs base               │
Hash/8Bytes-12    63.25n ± 1%    73.38n ± 1%  +16.02% (p=0.002 n=6)
Hash/64Bytes-12   98.73n ± 1%   105.30n ± 1%   +6.65% (p=0.002 n=6)
Hash/1K-12        567.2n ± 1%    572.8n ± 1%   +0.99% (p=0.002 n=6)
Hash/8K-12        4.062µ ± 1%    4.062µ ± 1%        ~ (p=0.396 n=6)
Hash/1M-12        512.1µ ± 0%    510.6µ ± 1%        ~ (p=0.485 n=6)
Hash/5M-12        2.556m ± 1%    2.564m ± 0%        ~ (p=0.093 n=6)
Hash/10M-12       5.112m ± 0%    5.127m ± 0%        ~ (p=0.093 n=6)
geomean           13.82µ         14.27µ        +3.28%

                │   simd.txt   │               go.txt                │
                │     B/s      │     B/s       vs base               │
Hash/8Bytes-12    120.6Mi ± 1%   104.0Mi ± 1%  -13.81% (p=0.002 n=6)
Hash/64Bytes-12   618.2Mi ± 1%   579.8Mi ± 1%   -6.22% (p=0.002 n=6)
Hash/1K-12        1.682Gi ± 1%   1.665Gi ± 1%   -0.98% (p=0.002 n=6)
Hash/8K-12        1.878Gi ± 1%   1.878Gi ± 1%        ~ (p=0.310 n=6)
Hash/1M-12        1.907Gi ± 0%   1.913Gi ± 1%        ~ (p=0.485 n=6)
Hash/5M-12        1.911Gi ± 1%   1.904Gi ± 0%        ~ (p=0.093 n=6)
Hash/10M-12       1.910Gi ± 0%   1.905Gi ± 0%        ~ (p=0.093 n=6)
geomean           1.066Gi        1.032Gi        -3.18%
```

(cherry picked from commit abd94ff5b59c86e793fd9bf12187ea6cfd1f3fa1)
(cherry picked from commit 15e81637abf70576a564cf9eecaa9640228afb5b)

Conflicts:
	go.mod
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 325d92917f655c999b81b08832ee623d6b669f0f)

Conflicts:
	modules/context/context_cookie.go
	https://codeberg.org/forgejo/forgejo/pulls/1617
(cherry picked from commit 358819e8959886faa171ac16541097500d0a703e)
(cherry picked from commit 362fd7aae17832fa922fa017794bc564ca43060d)
(cherry picked from commit 4f64ee294ee05c93042b6ec68f0a179ec249dab9)
(cherry picked from commit 4bde77f7b13c5f961c141c01b6da1f9eda5ec387)
(cherry picked from commit 1311e30a811675eb623692349e4e808a85aabef6)
(cherry picked from commit 57b69e334c2973118488b9b5dbdc8a2c88135756)
(cherry picked from commit 52dc892fadecf39e89c3c351edc9efb42522257b)
(cherry picked from commit 77f54f4187869c6eabcc837742fd3f908093a76c)
(cherry picked from commit 0d0392f3a510ce3683bb649dee1e65b45dd91354)

Conflicts:
	go.mod
	https://codeberg.org/forgejo/forgejo/pulls/2034
(cherry picked from commit 92798364e8fe3188a2100b54f3adea943f8309e9)
(cherry picked from commit 43d218127752aa9251c4c3ef71b9c060f109dffc)
(cherry picked from commit 45c88b86a35729fc0b2dc6b72bc33caf9f69265f)
(cherry picked from commit a1cd6f4e3a7956773cbc0aef8abb80d17b62eb49)
(cherry picked from commit 01191dc2adf8c57ae448be37e73158005a8ff74d)
(cherry picked from commit 151e07f37e2854ad633f1352fb0ce3cd06f4b2ae)
2024-02-05 16:09:40 +01:00
Gusted
a5b1c1b0b3
[GITEA] Detect file rename and show in history
- Add a indication to the file history if the file has been renamed,
this indication contains a link to browse the history of the file
further.
- Added unit testing.
- Added integration testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1279

(cherry picked from commit 72c297521b1830360aab4b50e37efcc7e67e0d5d)
(cherry picked from commit 283f9648947f8dd2f315ecca19566ccca2b49c18)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/1550
(cherry picked from commit 7c30af7fdee08efd02041c01abca47394a69bb8b)
(cherry picked from commit f3be6eb269526a9f4ea7861189f07977f2d4a32f)
(cherry picked from commit 78e1755b94c18c043e0c8f8c2849803cc8069feb)
(cherry picked from commit 73799479e0fb68534dac10f809ee246dbc809b62)
(cherry picked from commit 938359b94120b7ea7bcdfbfda265ada691620da1)
(cherry picked from commit b168a9c081f93c10d40319333fc24d68a4f9763c)

[GITEA] Detect file rename and show in history (squash) ctx.Locale

(cherry picked from commit 40447752ff97aa306295685dcf4ddd3b13f48320)
(cherry picked from commit ea23594cdbb12c32dc28638f65bf40e37d344e5f)
(cherry picked from commit cdc473850c85abcbe38c799c2d2446966978f2b2)
(cherry picked from commit 86e6641c29df213d7db1b85867dafebcafeee1dd)
(cherry picked from commit 2757de586b80834513e61033692ac72d25381431)
(cherry picked from commit def4ae32ddb4b0b83f6bb9c197e00fdcd784928e)
(cherry picked from commit 6dada09329e28840f7ad890bed333ae122838fb2)
(cherry picked from commit 5d6d5272513629b126917c30f7bfde421fdcbe27)

Conflicts:
	tests/integration/repo_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2119
(cherry picked from commit d3c1bce7db31b243a7142b71bf4af36506752e6e)
(cherry picked from commit 04bcb22d5c00d1fa8b39e2a3cf2e73f0a8c1204f)
(cherry picked from commit e16241fd992c22203d113a4a11e7f57f9ed2ddb3)
(cherry picked from commit 8e2beb3ed5da1ac8a58608acdf059f607576ff96)
2024-02-05 16:09:40 +01:00
Aravinth Manivannan
2d06901a18
[GITEA] notifies admins on new user registration
Sends email with information on the new user (time of creation and time of last sign-in) and a link to manage the new user from the admin panel

closes: https://codeberg.org/forgejo/forgejo/issues/480

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1371
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net>
(cherry picked from commit c721aa828ba6aec5ef95459cfc632a0a1f7463e9)
(cherry picked from commit 6487efcb9da61be1f802f1cd8007330153322770)

Conflicts:
	modules/notification/base/notifier.go
	modules/notification/base/null.go
	modules/notification/notification.go
	https://codeberg.org/forgejo/forgejo/pulls/1422
(cherry picked from commit 7ea66ee1c5dd21d9e6a43f961e8adc71ec79b806)

Conflicts:
	services/notify/notifier.go
	services/notify/notify.go
	services/notify/null.go
	https://codeberg.org/forgejo/forgejo/pulls/1469
(cherry picked from commit 7d2d9970115c94954dacb45684f9e3c16117ebfe)
(cherry picked from commit 435a54f14039408b315c99063bdce28c7ef6fe2f)
(cherry picked from commit 8ec7b3e4484383445fa2622a28bb4f5c990dd4f2)

[GITEA] notifies admins on new user registration (squash) performance bottleneck

Refs: https://codeberg.org/forgejo/forgejo/issues/1479
(cherry picked from commit 97ac9147ff3643cca0a059688c6b3c53479e28a7)
(cherry picked from commit 19f295c16bd392aa438477fa3c42038d63d1a06a)
(cherry picked from commit 3367dcb2cf5328e2afc89f7d5a008b64ede1c987)

[GITEA] notifies admins on new user registration (squash) cosmetic changes

Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit 9f1670e040b469ed4346aa2689a75088e4e71c8b)
(cherry picked from commit de5bb2a224ab2ae9be891de1ee88a7454a07f7e9)
(cherry picked from commit 8f8e52f31a4da080465521747a2c5c0c51ed65e3)
(cherry picked from commit e0d51303129fe8763d87ed5f859eeae8f0cc6188)
(cherry picked from commit f1288d6d9bfc9150596cb2f7ddb7300cf7ab6952)
(cherry picked from commit 1db4736fd7cd75027f3cdf805e0f86c3a5f69c9d)
(cherry picked from commit e8dcbb6cd68064209cdbe054d5886710cbe2925d)
(cherry picked from commit 09625d647629b85397270e14dfe22258df2bcc43)

[GITEA] notifies admins on new user registration (squash) ctx.Locale

(cherry picked from commit dab7212fad44a252a1acf8da71b254b1a6715121)
(cherry picked from commit 9b7bbae8c4cd5dc4d36726f10870462c8985e543)
(cherry picked from commit f750b71d3db9a24dc2722effb8bbc2dded657cbb)
(cherry picked from commit f79af366796a8ab581bbfa1f5609dc721798ae68)
(cherry picked from commit e76eee334e446a45d841caf19a7c18eab89ca457)

[GITEA] notifies admins on new user registration (squash) fix locale

(cherry picked from commit 54cd100d8da37ccb0a545e2545995066f92180f0)
(cherry picked from commit 053dbd3d50d3c7d1afae8d31c25bda92ceb8f8c0)

[GITEA] notifies admins on new user registration (squash) fix URL

1. Use absolute URL in the admin panel link sent on new registrations
2. Include absolute URL of the newly signed-up user's profile.

New email looks like this:

<details><summary>Please click to expand</summary>

```
--153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8

User Information: @realaravinth ( http://localhost:3000/realaravinth )
----------------------------------------------------------------------

* Created: 2023-12-13 19:36:50 +05:30

Please click here ( http://localhost:3000/admin/users/9 ) to manage the use=
r from the admin panel.
--153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8

<!DOCTYPE html>
<html>
<head>
	<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
	<title>New user realaravinth just signed up</title>

	<style>
		blockquote { padding-left: 1em; margin: 1em 0; border-left: 1px solid gre=
y; color: #777}
		.footer { font-size:small; color:#666;}
	</style>

</head>

<body>
	<ul>
		<h3>User Information: <a href=3D"http://localhost:3000/realaravinth">@rea=
laravinth</a></h3>
		<li>Created: <relative-time format=3D"datetime" weekday=3D"" year=3D"nume=
ric" month=3D"short" day=3D"numeric" hour=3D"numeric" minute=3D"numeric" se=
cond=3D"numeric" datetime=3D"2023-12-13T19:36:50+05:30">2023-12-13 19:36:50=
 +05:30</relative-time></li>
	</ul>
	<p> Please <a href=3D"http://localhost:3000/admin/users/9" rel=3D"nofollow=
">click here</a> to manage the user from the admin panel. </p>
</body>
</html>

--153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770--
```

</details>

fixes: https://codeberg.org/forgejo/forgejo/issues/1927
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1940
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net>
(cherry picked from commit b8d764e36a0cd8e60627805f87b84bb04152e9c1)
(cherry picked from commit d48b84f623e369222e5e15965f22e27d74ff4243)

Conflicts:
	routers/web/auth/auth.go
	https://codeberg.org/forgejo/forgejo/pulls/2034
(cherry picked from commit 02d3c125ccc97638849af33c7df315cbcb368127)
(cherry picked from commit 367374ecc3832bb47d29ff79370103f907d0ca99)

Conflicts:
	models/user/user_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2119
(cherry picked from commit 4124fa5aa41c36b3ab3cc1c65d0e3d5e05ec4086)
(cherry picked from commit 7f12610ff63d4907631d8cddcd7a49ae6f6e1508)

[GITEA] notifies admins on new user registration (squash) DeleteByID

trivial conflict because of
   778ad795fd Refactor deletion (#28610)

(cherry picked from commit 05682614e5ef2462cbb6a1635ca01e296fe03d23)
(cherry picked from commit 64bd374803a76c97619fe1e28bfc74f99ec91677)
(cherry picked from commit 63d086f666a880b48d034b129e535fcfc82acf7d)
(cherry picked from commit 3cd48ef4d53c55a81c97f1b666b8d4ba16a967c4)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 6578ec4ed64c8624bc202cefb18d67870eec1336)

Conflicts:
	routers/web/auth/auth.go
	https://codeberg.org/forgejo/forgejo/pulls/2300
2024-02-05 16:09:28 +01:00
Gusted
664192767c
[GITEA] Add slow SQL query warning
- Databases are one of the most important parts of Forgejo, every
interaction with Forgejo uses the database in one way or another.
Therefore, it is important to maintain the database and recognize when
Forgejo is not doing well with the database. Forgejo already has the
option to log *every* SQL query along with its execution time, but
monitoring becomes impractical for larger instances and takes up
unnecessary storage in the logs.
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of Codeberg, monitoring SQL logs is not very fruitful and most of them are uninteresting. Recently, in the context of persistent deadlock issues (https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that certain queries hold locks on tables like comment and issue for several seconds. This patch helps to identify which queries these are and when they happen.
- Added unit test.

(cherry picked from commit 24bbe7886fb4cb9a38c8dab8c44f4c9cbfa25481)
(cherry picked from commit 6e29145b3c1455498531593d38e6a914941a12cb)
(cherry picked from commit 63731e30712872bd2395eb3cf36d9996e5793645)
(cherry picked from commit 3ce1a097369c132654de70df707b867e47bd1c40)
(cherry picked from commit a64426907de788cc0937a7a2b16af4d2f26f7fe6)
(cherry picked from commit 4b1921569156445c58d9889602733da5934c7b95)
(cherry picked from commit e6356744359fa947c049827d60c2ea0e277e03dc)
(cherry picked from commit 9cf501f1af4cd870221cef6af489618785b71186)
(cherry picked from commit 0d6b934eba1c0e9b27b364791113aae816b6b366)
(cherry picked from commit 4b6c2738795002887844a106f2fed2ef1673eed1)
(cherry picked from commit 89b1315338b0c7a726a36a84e9844013a13560b8)
(cherry picked from commit edd8e66ce991c395bb0af7720631c3cd26caaa51)

[GITEA] Add slow SQL query warning (squash) document the setting

(cherry picked from commit ce38599c5141c7fc6bc054819f5ff1c1b45bda1f)
(cherry picked from commit 794aa67c68c8e24ac7301eb7ef767c6e2499a78d)
(cherry picked from commit a4c2c6b004c21488e90f637ca7920f49108ed75d)
(cherry picked from commit 97912752bc802db79bb26a6591aec885aea30ee4)
(cherry picked from commit 00b5327c9750215a290238516e7b6fb1e6601e14)
(cherry picked from commit 1069c860e78c11225b4d74ff3044df7786562821)
(cherry picked from commit 84241f42c83852918b57c8bd25364697037fe42f)
(cherry picked from commit e4bda0e8457d00c01b83f153ed5a4a8ea4cf85c8)
(cherry picked from commit 7357fb91bff87045b133c3a7ac9fc70eea781bc4)
(cherry picked from commit a8dd7f6da278ae112200b5efa5bf27e3961f5996)
(cherry picked from commit e636e9f4beca7273dd8622baedb2f0c01db30449)
(cherry picked from commit bf04ae86037f5cb5a81d02750aead2742b040367)
(cherry picked from commit 93b19e3568169bd1cf9b8b78c1751c3d2d65a1b6)
(cherry picked from commit 83f91363ad071675c73a1f636271cc043bf69707)
(cherry picked from commit e34a05bc7319072b70d387975342d617b8136655)
(cherry picked from commit 68569aeee9805aaa8e98c6e7fe8058095e290061)
2024-02-05 16:05:50 +01:00
Panagiotis "Ivory" Vasilopoulos
ee26f86bfc
[GITEA] add option for banning dots in usernames
Refs: https://codeberg.org/forgejo/forgejo/pulls/676

Author:    Panagiotis "Ivory" Vasilopoulos <git@n0toose.net>
Date:      Mon Jun 12 13:57:01 2023 +0200

Co-authored-by: Gusted <postmaster@gusted.xyz>
(cherry picked from commit fabdda5c6e84017bf75ab5f9ab6cc0e583b70d09)
(cherry picked from commit d2c7f45621028d37944659db096bc92c031dd8e7)
(cherry picked from commit dfdbaba3d6b7abf1c542b0ea41b7812b729cc217)
(cherry picked from commit a3cda092b8897e4d669cfcf2cb8b16236e3c9b32)
(cherry picked from commit f0fdb5905c3b22bec043530da15d2c52f6bc41c9)
(cherry picked from commit 9697e48c1f8b23d3dd1da246b525b63c3756353d)
(cherry picked from commit 46e31009a86db18a9b5bd8e2f535b198df90c437)
(cherry picked from commit 5bb2c54b6f55499937396339bcacd3b4d8fb6b5e)
(cherry picked from commit 682f9d24e13b83d89bd6b86324960f1b4fc72eeb)
(cherry picked from commit 18634810057ef88fd01b54cec33bd4bd04c53221)
(cherry picked from commit 4f1b7c4ddbc4099aa9b6fda1e0145d37f638e567)
(cherry picked from commit 6afe70bbf1290e604fc476ee27901d1722ac1272)
(cherry picked from commit 5cec1d9c2d2a731fa44f761e6c90f0d20ab3ccc4)

Conflicts:
	templates/admin/config.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1512
(cherry picked from commit de2d172473217e3437238fd9c691edc8d8524e1a)
(cherry picked from commit 37a3172dd9e2646157ec49ca46f94b9b0012b061)
(cherry picked from commit 92dfca0c5a8a8d4fd8a93b5468ba593283fc9452)
(cherry picked from commit a713d59b0cbeaf2fe023be1daa42165cd0df3b1d)
(cherry picked from commit e7bd71a6188ed4abbabf8b64b439e588c1c1f5f7)
(cherry picked from commit 69f3e952c495ecf8af5e7fc8cca6f3ba31fd3da2)
(cherry picked from commit 83fbb7b566f68f84f56d371bcfbba89bba602e2f)
(cherry picked from commit 3196605fa99679d28c51c7faccb8402155d31c49)
(cherry picked from commit e37eb8de9c8e9975fd2f33e0ea92d45da4c3835c)
(cherry picked from commit 8c99f59e48098b0058c5692f17aa66352ad3ad01)
(cherry picked from commit 74aa1ac66f659478b9e6994967a6207d7843b9ae)
(cherry picked from commit 622440b3bd32ce4db6305187c854e1f9a8820305)
(cherry picked from commit 2c1ec90984a82f34b14c0f7db25f1941ec129261)
(cherry picked from commit 24d57152e0ab7ab25d5e526785984a7e412ac4eb)
(cherry picked from commit 071e9013f3a072978fc2d3452c4b34e94edd34b4)
(cherry picked from commit 27fbb726fa395c83a76238fd2989c697eedebb3b)
(cherry picked from commit 29eddd86ead3dc0cfcbf9eb7fc3998bb31162b2d)
(cherry picked from commit 133dc72fabb9d53fe34841186a31b763c8ae655a)
2024-02-05 16:05:50 +01:00
JP
56c8f98e4c
[THEME] Add colorblind theme variants
This PR adds colorblind theme variants of the forgejo themes. I duplicated the forjego light and dark themes and only changed the lines related to diff colors for added and removed rows/words.

I am not a designer, and I am also colorblind, so better suggestions of colors are most welcome. However, this is a good start as I can at least personally see the colors now. I got the colors for the dark theme from the GitHub diff colors, the light ones I couldn't get from GitHub as they use white as a plain background, which Forgejo's theme doesn't, so they were decided on after a bit of random testing.

Resolves #986

(cherry picked from commit dcdb4a372da814eda27065c58d03100f0589f0a7)
2024-02-05 16:05:02 +01:00
Earl Warren
88171e0030
[BRANDING] add Forgejo Git Service and migration UI
[FEAT] add Forgejo Git Service (squash) register a Forgejo factory

If the Forgejo factory for the Forgejo service is not registered,
newDownloader will fallback to a git service and not migrate issues
etc.

Refs: https://codeberg.org/forgejo/forgejo/issues/1678
(cherry picked from commit 51938cd1613c789c7176ca59592689c3bf055f45)

[FEAT] add Forgero Git Service

Signed-off-by: cassiozareck <cassiomilczareck@gmail.com>
(cherry picked from commit a878adfe628cf6dc367a17c3715fcd3499aa02b6)

Adding description and Forgejo SVG

(cherry picked from commit 13738c03804d019f28550e46a4ebc37dbe3a5cfc)

Undo reordering and tmpl redirection

(cherry picked from commit 9ae51c46f42acecac834371857e638098ebf6d27)
(cherry picked from commit 70fffdc61d06dd1d70b6a31496676a23d3d0c2fc)
(cherry picked from commit c0ebfa9da3db3e60d7b403a1bf8b8a19c32c5dc7)
(cherry picked from commit 9922c92787eccaba0021486ba0a3eb28583969e1)
(cherry picked from commit 00c0effbc74aedc7a4167a69c8a410ef324d576b)
(cherry picked from commit e4c9525b137205fa9ffdb4e0d7492bbbda9be6b5)
(cherry picked from commit 09d7b83211652d045975b0e3bb790856267d52a5)
(cherry picked from commit bbcd5975c91f6932f7f2ee07fbd63e84560ba96a)
(cherry picked from commit 55c70a0e18d33d8ac0da9ffb97f6d994ed88a319)
(cherry picked from commit 76596410c0dd0137cd497c9728c3e1d1c98f2430)
(cherry picked from commit 1308043931388bf6de691ad0f766861b77fb08a5)
(cherry picked from commit 919d6aedfed6abc8ec9def19f8deec2ee413252b)

[FEAT] add Forgero Git Service (squash) more tests

Previously only Gitea service was being tested under self-hosted migrations. Since Forgejo is also self-hosted and in fact use the same downloader/migrator we can add to this suite another test that will do the same, migrating the same repository under the same local instance but for the Forgejo service (represented by 9)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1709
Co-authored-by: zareck <cassiomilczareck@gmail.com>
Co-committed-by: zareck <cassiomilczareck@gmail.com>
(cherry picked from commit 40a4b8f1a8637f78cf2f48104f0b336377652df9)
(cherry picked from commit 3198b4a64240b7d4e8b33d8b858a12d046db38c9)
(cherry picked from commit 4edda1f3890eb1b5bb9b1eeec1214dbc11f8e343)
(cherry picked from commit 4d91b77d29fd4b20be12bf21c31447722ff6da40)
(cherry picked from commit afe85c52e3c1c165c171443e3ba79caef1560e0d)
(cherry picked from commit 5ea7df79adfba4a85c7ebbccfb7da15b48eef19c)
(cherry picked from commit a667182542abab8ebb29905fb38afe509682c220)
(cherry picked from commit a9bebb1e71b8a20bb19352357a5b71b9b84c0d21)
(cherry picked from commit 4831a89e460bb982a497b6f22613149840b13a9c)
(cherry picked from commit e02a74651f9813cc72c64e391a2fa6e3c282ce3f)
(cherry picked from commit 05dcef59aa4d05b040fe4ae24d73f9d9660e6ed2)
(cherry picked from commit c8bac187f983150150a2652724bab8f923be44e0)
(cherry picked from commit c87903a0cc75daeee8783d9774158711011d4382)
2024-02-05 16:05:02 +01:00
Earl Warren
fe9659a579
[BRANDING] parse FORGEJO__* in the container environment
(cherry picked from commit b0759917479ee17ccb11773176dbc8a75323c5cb)
(cherry picked from commit da3f76228e24d2276784ad7e1a03a34d094750e0)
(cherry picked from commit 20d196e74f9d7827cd812e3eb714eb87e888b6db)
(cherry picked from commit 0bf8b1824eac416ddb40fd2e0d7605573ba087a3)
(cherry picked from commit 655bb770a7cf65ada5d3e214ec23219e6cb19df0)
(cherry picked from commit d69d5c2c46f00b041beeb67a6238c5193ce9710a)
(cherry picked from commit 00b55e5a5396a49a6798a3ae2588e412637a77c6)
(cherry picked from commit 456121fd8a4c0c30f7854bd04907f2a0a583d27f)
(cherry picked from commit 9716a158e48ad6333f46fc0806a838603606e5ea)
(cherry picked from commit 7d60a6f5116124b72927a52db0dd36af7a9c3621)
(cherry picked from commit d32a6d9437a38ac35320ad7329eece1ab2bd54d1)
(cherry picked from commit ee1de38527ea1fbd52c319cfbbca24deef951fc1)
(cherry picked from commit 54e7799d13fa041be172d4a05d036cee43e390d4)
(cherry picked from commit 4f04da7ab716ccb1f2816842cde62965e89a852a)
(cherry picked from commit 0d39a0a520c80abdc955e93cf2470eeb01d52496)
(cherry picked from commit 7d8ae8279f350763c5ca04b462b288331656f53b)
(cherry picked from commit 76b6770b73026e5192cc118363d8154242a5c7fc)
(cherry picked from commit 9bc0d960640e589fbb0560dea379e9b90543a5a2)

Conflicts:
	contrib/environment-to-ini/environment-to-ini.go
	https://codeberg.org/forgejo/forgejo/pulls/1769
(cherry picked from commit e21bf9b1446ee1eb78f29f037243239acab6a340)
(cherry picked from commit 96e501c5f038eebd04f0e0e466b8b4ccca769310)
(cherry picked from commit 466a66a1f6d22694a6fc9d99378f91ad8cf66d87)
(cherry picked from commit 7814cf700af5f9812ab7294b03faeef00c23ef76)
(cherry picked from commit 4d12344871d882c6dd2cfa5b34383d06ad77e562)
(cherry picked from commit fad4cf84c3b6f4891006154549faedd603267bbd)
(cherry picked from commit 7ad89400ee90b3c45072c175a40d9c77fbc0fb36)
(cherry picked from commit ec911404471fc8092e6b733a7cee41a518a360a5)
(cherry picked from commit 295a7f4487b72914eb0c47ded1c41f620bdd4245)
(cherry picked from commit 66163a5dcfead59b7f0962c7c0ad9dad15dfa300)
(cherry picked from commit 9e06f57269fb7ebe38161adfe6fa584c0e23c46e)
2024-02-05 16:05:02 +01:00
Loïc Dachary
ec3851d5a7
[BRANDING] alias {FORGEJO,GITEA}_{CUSTOM,WORK_DIR}
FORGEJO_* environment variables are set to the corresponding GITEA_*
variable when the cli starts. This approach is intended to minimize
the conflicts on rebase. All occurences of GITEA_* are left untouched
in the codebase and they are only changed to FORGEJO_* if exposed to
the user.

(cherry picked from commit e466f9d10e145a3ed750f0c86cfcafad5f141ea8)
(cherry picked from commit e33e95931b0d91c41433db68ddb19a8724b8ed80)
(cherry picked from commit 2cfc6519b7cbc758f8322fd7f7b84dfc6d14ae73)
(cherry picked from commit af8864373a65441c817dad1c3b696157c4024a7e)
(cherry picked from commit a0550ff3391f0575b72c3d0d1fdf1fcd9b51e4d6)
(cherry picked from commit 24dc0a5191a26fac0aef6b3a53fd58b9185edc88)
(cherry picked from commit e255eea2b48ad39eeb3eae227ca0d4fd4b667d99)
(cherry picked from commit 0c4f5afa7a37e6b805efb452b9d4166f7e2cec61)
(cherry picked from commit 42fce708d05d616ebbdfb2eecf384ad2fdaa1d7a)
(cherry picked from commit e7278c3c22b656e5730ec2ba0c1b4ee2ef6627ce)
(cherry picked from commit 0fb9ed7e0eb5db59ab5b574d3d69b4b161f50b0b)
(cherry picked from commit a98308aa4d6659f46f7f69996167f9c2f3c4e859)
(cherry picked from commit b8695fcbe04792cb75acb62fdf9c6dee237e8365)
(cherry picked from commit 4aee8719f57b40f8645905c10ba8966b29052295)
(cherry picked from commit 1c503c1ba7414fe0b960187bcc370b44c536ec7f)
(cherry picked from commit cf1ed8551e6a8abc56d3ed45b65b0e6ca4e1e891)
(cherry picked from commit c52459b088cd52bf3b11b68cadf95d738fd09269)
(cherry picked from commit 92cac277b28f9b68d3346f5dd463bc41c1952af6)
(cherry picked from commit 2c744f11189ca76de62be908069500d7dbfc2a8f)
(cherry picked from commit 989a98a8c52342fb146938c41c1db9a0818013f4)
(cherry picked from commit 9cf7052bd4c126618833487134cb39dbe6d58297)
(cherry picked from commit a13c9667e04555d38106bf7e63d57b05002b20ee)

Conflicts:
	main.go
	https://codeberg.org/forgejo/forgejo/pulls/1216
(cherry picked from commit a9c3cf060d76ece0664b05f03690bd3a7d8f7089)
(cherry picked from commit eb6d904b23bce2bc02ea96db0459b7b7a8e55cae)
(cherry picked from commit fd4878e4877ced8a65cb348c69220b688556a214)
(cherry picked from commit cc2cab92410e13abdd88c6ae8acfd17ee6e7fb0a)
(cherry picked from commit be523c63dbc7d3dc1f852bb7aee045cf2d9f74fa)
(cherry picked from commit 254d1a2f9a9751cb2e0d9475f2f6c7579120cd32)
(cherry picked from commit 1eecf4200e2c073c13675f769bd1254fdcc4079f)
(cherry picked from commit a01f5c3475991ae2dfceaa17ac3dd7adccce3d5f)
(cherry picked from commit b1ba7ce32131a4868a734fec1aef64bd96150fbd)
(cherry picked from commit eddfd96beb24604179ac80175e717c334cdb6d75)
(cherry picked from commit c9c9b7e49bd298b4e1d1c374a8829e434f140d6e)
(cherry picked from commit ad7e871779b18b8265ddf4c06566cff90f494c89)
(cherry picked from commit 9073ed215bf33535a3764b834e2e16690af72679)
(cherry picked from commit a827fdadd391159cd928e767b08e9d04473ed145)
(cherry picked from commit 39e66246cd75800f26bdde94b421893ad2701183)
(cherry picked from commit 46d1c778a2fd5030d7ad48b27ffcf18f04236e54)
(cherry picked from commit a65bc0b75dfb03fe474ad47003aceb7c751d890c)
(cherry picked from commit 5f901e967161a1768b8d1da1edee23e1eb2f8d79)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1976
(cherry picked from commit a0e017d206ade5de9dacb7794052dde38aab3616)
(cherry picked from commit e6e24b96312ee9090865f685e299b2073bb918f8)
(cherry picked from commit 00667d869b593fe50c1236f902c5656b5f4265c7)
(cherry picked from commit a9c5bc38e9960c06807c6464c02876b21813e79c)
(cherry picked from commit 671ef86e6dcccb168380033c7a8ec09dfa135f0f)
(cherry picked from commit 5063fd6b84fcf4814a3c5c6a8dbdb0ae6b05531e)
(cherry picked from commit 5c043c2aeffce94980ad5efa348776cf57720898)
2024-02-05 16:05:01 +01:00
Earl Warren
e20cd83bc5
[BRANDING] add the forgejo webhook type & update webhook docs URLs
templates/swagger/v1_json.tmpl updated with `make generate-swagger`

(cherry picked from commit 88899c492efeedd138ba088a36b9c0bc733ead7b)
(cherry picked from commit 7171bd9617c32c4911e3bdbc23c02a19e80d2465)
(cherry picked from commit 1a742446c17aef9ca62fe75bfc0a388d40138154)
(cherry picked from commit d7c189d7b2f9fea299a31adf068db969920ae39d)

Conflicts:
	routers/web/web.go
(cherry picked from commit cbdea868e41fb38ca491f8b449c3e525ec82d6b9)
(cherry picked from commit 6cd150483b06e17aee023c0afd01a3f2460b3415)
(cherry picked from commit 47246da8d3f50a02d11b77b3d402618b144aa720)
(cherry picked from commit f2aa0e6b769d432e627798bcf294b04b7d253213)
(cherry picked from commit 5a4fc69a16de8d6199ea24198299297ef7a3587b)
(cherry picked from commit 48e444ca09c22f930514a01846b0c8bc3cef35ab)
(cherry picked from commit 888e53781175d8d977f66d78991bd66563fcddfb)
(cherry picked from commit 5121f493c99f19d8050aa09224ac3532b4100ec7)
(cherry picked from commit 9394e55fdf80bf3d7bf8b2aba561ad44a84e3913)
(cherry picked from commit 3a2ce51768de65892e3ec73596e3862354c9502e)
(cherry picked from commit 719ead3a651f12afbb59c856914b0085e5cee157)
(cherry picked from commit 83e6f82e2aea619a3cd502e133773d33c0e60133)
(cherry picked from commit 494a429b21c6234be38b9e3db0f930fbb8118205)
(cherry picked from commit 4d775db6b41f731e956cc6bb9217ef349b4a3635)
(cherry picked from commit b68f777dc2822ec5c4e30186675cc82daec092a9)
(cherry picked from commit 5b934023fa58820f27c349c26f2a1ce89aee6795)
(cherry picked from commit 3b1ed8b16c73374cd5b6339f5315229dc82488da)
(cherry picked from commit 6bc4a46c9fc6472e1c4bf0bb20dea6867f1b392f)
(cherry picked from commit 8064bb24a3c752a86271f154ad4d0c4763e07295)

Conflicts:
	templates/admin/hook_new.tmpl
	templates/org/settings/hook_new.tmpl
	templates/repo/settings/webhook/base_list.tmpl
	templates/repo/settings/webhook/new.tmpl
	templates/user/settings/hook_new.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1181
(cherry picked from commit 55f5588a9150d8912c0f8342495f858e4e1e2959)
(cherry picked from commit a428bc06b353e7b678acc6a1ec2576608f1a5d9a)
(cherry picked from commit d2186eceb960773d037756c991f50d177fd63954)
(cherry picked from commit b4e126e9afd1c51b214e36a585bb454dac32862f)
(cherry picked from commit e4c7a92c2d7142cac74cf05a2b1fe3f0bd0c7373)
(cherry picked from commit a7165c8146a604b6ec5f8ee4db4c926fef180857)

Conflicts:
	templates/admin/hook_new.tmpl
	templates/repo/settings/webhook/new.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1420

[BRANDING] add the forgejo webhook type & update webhook docs URLs (squash) gitea logo for gitea webhooks

Refs: https://codeberg.org/forgejo/forgejo/issues/1367
(cherry picked from commit 2d8c1b93734acec918729e27c5613a8f9fb41ceb)
(cherry picked from commit 9135a5e1dbcff07e9fff4c1001fcac8c05e0c82b)
(cherry picked from commit 270f4020b0714ac553498fc986457b0c627d85a6)
(cherry picked from commit 33e5e2f0d898639bae05225437aeb4afa2678360)
(cherry picked from commit 7af8bcf4791ade3ca80d449629bb2eadd0ad25ba)

Conflicts:
	tests/integration/links_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1548
(cherry picked from commit ce2a434dcf9ad23337aaa0cc30dc069bbc79744c)
(cherry picked from commit c2fa42b4fda37db8d5d4efc11834546d5de3d6ad)
(cherry picked from commit 3858c8d4db2ceaf79bd5ebed54382cbdd6491a5b)
(cherry picked from commit ebb0ae49208adeb5da4c6b442990db1b1dbe91d0)
(cherry picked from commit 93d354c418e6da1971dd7f1749cb700627f1f6d2)
(cherry picked from commit d5b08a2a4be2a48925dc089f5ec312188c60036c)
(cherry picked from commit e5e5caffaa69c2f2be300cc97ec500a993ac6b3b)
(cherry picked from commit 974d4057000f6989eb4b3440271c78dc05927312)
(cherry picked from commit e654fbccb1ddfd9e494ce4560e5ac1620d85f7c6)
(cherry picked from commit 85515977fb2fb6f6ae13f7b011bfe9f9c6d0425f)

[BRANDING] add the forgejo webhook type & update webhook docs URLs (squash) ctx.Locale

(cherry picked from commit e192647bc0f1d19b144e5ab1b286e11b2466eecd)
(cherry picked from commit 95fb1b724201b4d0dc1ef0ffb2745b2977c73286)
(cherry picked from commit ea7bd8022fc780b83de4a9ef5595cb0067e6e9d8)
(cherry picked from commit bf8465ccd07a0be493d2faf21e1e2c62766513a4)
(cherry picked from commit e1baa0a3007e2cc9a569da7d1e48785744d5cde6)
(cherry picked from commit 01b4f4c51428fad992e95615e3d55be54b4f84f9)
(cherry picked from commit da330b1e51916bb3b55167b5fefe86787a470e1f)
(cherry picked from commit 7b26c27c209c7ee5dbb45b74bd253c1bc713f5b5)
(cherry picked from commit 0c781e6f6d411335b4d22cd6a691b409379eba62)
(cherry picked from commit 0f663a8414e248f67d18896863d34f03abd9738d)
(cherry picked from commit 3297fd4f15ee7885d7b88c79e1ce70832cc60f78)
(cherry picked from commit 2f4ef403cb9e92c0a0785b860747283bd754f826)
2024-02-05 16:02:14 +01:00
Earl Warren
ec8f162b33
[BRANDING] add X-Forgejo-* headers
(cherry picked from commit 0a3388f93f53f53cce79ebcc194d67979cbe61cc)
(cherry picked from commit 7eba0a440a3138443d0b7461560f9f6f1c46b256)
(cherry picked from commit eb9646c7ef0b1a9e73bf22806acbc2caeaee7ff3)
(cherry picked from commit f1972578f5cb72ad9e1ef1ded9aa324b1d669864)

Conflicts:
(cherry picked from commit 7f96222fb4b4a773193a11d4ba76f449013c30ef)
(cherry picked from commit e3c7c9fe7b5809cdb75f1eb629c82b27986f7e98)
(cherry picked from commit 84fdead90242e68493efb96a7fee1e3b5fd417e9)
(cherry picked from commit 85148e11961b86269b7cda30294a4cdc817787d0)
(cherry picked from commit c0086bd70d39d9a1075fa624cdbfdf5ef26f7a2c)
(cherry picked from commit d1e31ef31817e5e811f6bea7aee5582383d53b12)
(cherry picked from commit 681d3ed5c43d45f802dc13c58c5b821da938374d)
(cherry picked from commit 76a3001f5bc5a064054514c179ba14008952e914)
(cherry picked from commit a55a9567d36f6b60557df3df3a0801c0fccec963)
(cherry picked from commit aa7adc167d4e4ee7879b88fe799f2afca2fd5531)
(cherry picked from commit d5354cb52c26ab0090388d019efe61770e7ec452)
(cherry picked from commit 472c48999699420d15aaa7c61a42db8136221616)
(cherry picked from commit dc816d065b715f2bfdc7fa68fa2d254f3d481b35)
(cherry picked from commit 4795f9ea85eac21c70db1159914a7b7b035b7374)
(cherry picked from commit ddd4ae53433d4adab823aa974c0f1c39d0394414)
(cherry picked from commit 0e95f2a36b1c0f480f94fef85d341792c7a7b759)
(cherry picked from commit 47a41a4e7b3c5d3cf247dafef17a64415069f171)
(cherry picked from commit d4416fcd3ee0f1d74c2b03fbe40c15b83f80b56d)
(cherry picked from commit f279d153b61677e2a766859c7a7688b0327e7c9a)
(cherry picked from commit 959f908ffdc9dd2fb07aefdf7cb85ba34f9071a3)
(cherry picked from commit 82df95310176a083abb9eaa51de9e9754d4f72c6)
(cherry picked from commit 8f8c9fd9e3deca0af0f087fc44fcd271e8440a7b)
(cherry picked from commit d4a0db7706f30a394192c6023072ad5185a7d600)
(cherry picked from commit 44594d623942128072bd86a20b5b90603517005e)
(cherry picked from commit 62b1de579ebfe326340b218cc9a980b705b8e6a2)
(cherry picked from commit 507abee353f120247276fe9165f09976421f926d)
(cherry picked from commit 8c36ac42c7091661b2f3fec70fc88a74043628fc)
(cherry picked from commit 72f74067f4c781e1c4936f0da2653a35a6f1c82b)
(cherry picked from commit 8e5a9e187b50a6eb8523c6dda4ce1a23c08a0b5a)
(cherry picked from commit cff8f43c7e4ab86a468ea49f7b945412d9911151)
(cherry picked from commit 493cc93e6d4b738a5b81d1a0db831bf9f430e9de)
(cherry picked from commit c94352b4d460e631c223b45516e42765357bf67d)
(cherry picked from commit 3f622c51a70200bf67d209d0cec78db2f25b65db)
(cherry picked from commit 84c62ad447a94ebd5d1906e41c29efd3a0816c70)
(cherry picked from commit ba186c8ee40e95cd4f40b6205d673dfe20528825)
(cherry picked from commit 4238ef291dffb68b350aa2f410e934d52cb0a1eb)
(cherry picked from commit 3ef1bd61b9a45271e69c1529875e84b379073318)
(cherry picked from commit f304086bb693d3a0a58871ba8cb1354ba290695c)
(cherry picked from commit 64a2edabcb7bc9e3961ea45f83cf6488e4cd99f2)
(cherry picked from commit 6accea6ba7f2b0f98b6bef5b1483ee39ad68edba)
(cherry picked from commit 2296e93a42939af90dee718bc8ff691009238c47)
(cherry picked from commit 2bf0be3b1bff62923dd04e1a02956ced1eda97af)
(cherry picked from commit fb4652b197ec64280689e6d065492f916f7e26f3)
(cherry picked from commit 7d462cf353ef87007025bbd76aebef429be10562)
(cherry picked from commit f5319660ddecea208163b5bcd37444322e571b51)
2024-02-05 16:02:14 +01:00
Caesar Schinas
42e81f8451
[BRANDING] Rebrand default meta tags
(cherry picked from commit b1a792b63547df1471a125c2384a9623ffae409e)
(cherry picked from commit ba71acccdb8eb4d1c87b50708fe3b03a3324dd9c)
(cherry picked from commit ef58efb8e0c48a782e01aac8d754e70b7611a2c8)
(cherry picked from commit 6a1b08241ebb862bdd39c708852e3e23c4d96c9d)
(cherry picked from commit 132c7a3a07d5a11b9b165295ef12111ce74aea70)
(cherry picked from commit a1f07975d67ceccedc808ddaf657f8e7e0da74b1)
(cherry picked from commit f3793598b24d00ca3ae80dbde4ef9909b298ca03)
(cherry picked from commit 60f38116afc60b055c6b40be8a1e94f646252bf6)
(cherry picked from commit 88884cf2833429749b9a6ec6110b4c4727304903)
(cherry picked from commit 520de41aefa6c1f5c939b2345878697094962812)
(cherry picked from commit cfd5e5b95ab081d10d4f5d6022d09db4877f51fc)
(cherry picked from commit 5cf1738f0a08d99aba2016100f3f0083b51efcf4)
(cherry picked from commit b95f9b3142089d90df93708638b2ae6c857dbc87)
(cherry picked from commit 0118fba9703a1e3f9da6c7b5c479b8b919a5f5e2)
(cherry picked from commit ef213ec79d8d0ae006bfda0b9e49d2da2be47ca3)
(cherry picked from commit f6794f694b9fb262c66f8d3958dd5145c7ef0dbb)
(cherry picked from commit 639110c03bc2d2f91fb6a5c619f1138a0522f836)
(cherry picked from commit 2be6eca1e1c8488bdc9e6ce164dbd9f3d79771ce)
(cherry picked from commit eb929d0d566b3dff8454e62ff9f2384a896fb549)
(cherry picked from commit c49dd4ed7f771e8fa1573add6cbadc193a473ead)
(cherry picked from commit 8ea074c4ddaa737c4faa83c1b4746dbd7cb84440)
(cherry picked from commit 3145df43d60593700b60409a8d5ac12e4fbbc197)
(cherry picked from commit d0df3e306a4f0a4f773c7cbc1409922fe69973aa)
(cherry picked from commit 8f4850705eb4e016ebebc738f629bcc9ce87ca61)
(cherry picked from commit 5a24d4319cf7ac2e56b9e43e4181b066d76d6d8d)
(cherry picked from commit 756c04c6c46a55852089711f7859f533b85fd042)
(cherry picked from commit ea627e79e36d0bc7514b28e6b7d5847b5bdf5922)
(cherry picked from commit c52b141902ef0be06c100f4a1285f28419e6f497)
(cherry picked from commit 49ab0c55597dc12a50be39a2bd35cb870ba8e361)
(cherry picked from commit f14f26c940abd341ae6bd8e20e93bd736e907b52)
(cherry picked from commit 4caebbb6becb26732f4d72d3e73a71ea821edf8f)
(cherry picked from commit 7c3d0bca9e8868529e4496b6b17fbe1c0736c425)
(cherry picked from commit 171a207006f82d5dfed4abb9c957a837a8aa53ba)
(cherry picked from commit 2a4a7d05fbcc67f603f81c5a4adab016dccf7460)
(cherry picked from commit 94b1b902053922ec73213f9c20f1a37a292959b8)
(cherry picked from commit cd3565dbed2c86ef9c2d5e6b92931481b17e62c9)
(cherry picked from commit 5d02758b22717ec93b9bf36af6d09bc66925e6a8)
(cherry picked from commit 5901edd1114dc7a0a1f4d943bd3ba645ab4d0d22)
(cherry picked from commit 8a3abe6dafafd5a8a05b3b37551082ce2a948b90)
(cherry picked from commit eaa1a3e6ca6a4c178944e6d25a0819478c60d96d)
(cherry picked from commit 7191d0abc48c464cafba209a1a5c3b762a4918d8)
(cherry picked from commit 579b985d791182c20754293151b8829d95837ae9)
(cherry picked from commit 16d7dbed870b69cf2e09c19fb16ad9cea0cce76a)
(cherry picked from commit c1fa9edc159596e470daf28571e356295695396d)
(cherry picked from commit cdcf37ff1b726b9f3e240935c19dc30160b47eba)
(cherry picked from commit b0c78efb8656006239c22f330a63341ac99eb783)
(cherry picked from commit dca8fb6cf7f8066bc30ab4df8eb277f3b6d7ef53)
(cherry picked from commit 4d08cf9f2e48b1c5dfe88f3c596c7d305f2e2194)
(cherry picked from commit 73be848222608347293e2b9487ae959c2adb077c)
2024-02-05 16:02:14 +01:00
Caesar Schinas
b5976d4243
[BRANDING] Add Forgejo light, dark, and auto themes
(cherry picked from commit faab0c670e22588bc643d71b650560c2ccca2c8e)
(cherry picked from commit b6d59493c7fa0bfa62095abb99c5c5a29bcf1659)
(cherry picked from commit 837da0c1f41b40853eb4aebc40af16433cf7a9c2)
(cherry picked from commit 71ad245e1d6f7f5b002c1c5e9831e872d157f906)
(cherry picked from commit 85a7032f1b1c0d80e3d3960e9d902e9e66e687a5)

Conflicts:
	web_src/css/themes/theme-forgejo-auto.less
	web_src/css/themes/theme-forgejo-dark.less
	web_src/css/themes/theme-forgejo-light.less
	web_src/less/_home.less
        see https://codeberg.org/forgejo/forgejo/pulls/552
(cherry picked from commit 0c2c131bb06024fca7d5c8ef6a2696d5f6aa4a1b)

[BRANDING] Add Forgejo light, dark, and auto themes: fix import

Closes: https://codeberg.org/forgejo/forgejo/issues/562
(cherry picked from commit 2b0dc1f80ff18d1c94df74c77a80e3651e7cb2ed)
(cherry picked from commit 494ad6a3b7cd3328c835e6c7c76a55a77d47a60d)
(cherry picked from commit 6940fc22c4917e86b25cf3c6c2ead9057ae726d4)
(cherry picked from commit bd6f00656c457339ef3d08612911594358a15f14)
(cherry picked from commit ebb506a1247751b1182348b281089dc00a65c741)
(cherry picked from commit 43d72d37811c8b9d00b1d046341401643f66b289)
(cherry picked from commit 1a87adca018545f6d2db0dad9e5d7cb59f6a97b8)
(cherry picked from commit 0704c410b4e8a0b610e82f6ebe9209fb485ee722)
(cherry picked from commit 9039b47c160e7fce2bd75167a0358eb7e7458e2d)
(cherry picked from commit e32bb7892481a80156163dbf5063da0c8ead27d4)
(cherry picked from commit 053ad84f91f994f96f4d9d037ff37e25b468c424)
(cherry picked from commit a35f1b6da7a061a3d0717548d8f4e0972e7bb0ec)
(cherry picked from commit 8cb94c01d5bcd453938924ce6c6a6804ce9ec255)

[BRANDING] fix invisible label in branch protection settings

(cherry picked from commit 23e5d457219a68f49938395b5532231ce4ac0022)
(cherry picked from commit f02e4582e51a6a2eba93ddd599b7ea3679388e55)

[BRANDING] Fix commit label for Forgejo Dark theme (#843)

- Define the `--color-label-text` variable with a light color, which is currently used for commit's SHA

Co-authored-by: Gusted <postmaster@gusted.xyz>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/843
(cherry picked from commit 74c186a3806e37fcca8087ad79ba7c1f8e0d559e)
(cherry picked from commit 7e185c5ca5298fad12fcc78b504d96163e71ad71)

[BRANDING] Add Forgejo light, dark, and auto themes (squash) variables

Adapt to b6bcb79987 Improve notification
icon and navbar

Refs: https://codeberg.org/forgejo/forgejo/issues/893

[BRANDING] Add Forgejo light variables

Updates the Forgejo light theme with the changes in b6bcb7998

These are the same changes as made in 2574dbcff to the dark theme

Refs: forgejo/forgejo#893
(cherry picked from commit 9e99fe4f9ec79aebbf34490e12b0acf3097dd5c7)
(cherry picked from commit acbb98bd912fc3a28d464eaef1d756f54fd87e8e)
(cherry picked from commit c80245ed87d09067d880d6f91c3edaa35e4346de)

[BRANDING] fix code highlight color in Forgejo themes

(cherry picked from commit ffc49a4e992162a480d5056e1211fc7496e4aa06)
(cherry picked from commit c5f45a941e3dd8882164a88b2653407fedf6dea0)
(cherry picked from commit eee5427c9d581b8e2cd254d4a15508200622aef0)
(cherry picked from commit 89be50ca27a7ad33f109bbc3549220b37875206a)
(cherry picked from commit 74e4776ef504870d9831818ee141b12afd5f46ab)
(cherry picked from commit 6c4e07a6a718c375ee2d3975ea7bb01d382d1d90)

[BRANDING] more accessible text selection color in Forgejo themes

(cherry picked from commit 7407605ffdedef8fa320477a3bd7efa06df263e2)
(cherry picked from commit 5aab3872cc5bd267bc16bfbcedef66fd03616488)
(cherry picked from commit 1ec77d8bd00bc6914d0926d98d503debe41cc6fd)
(cherry picked from commit 964c89fce7bb5b4be06d4cd1cac247426061ec2e)
(cherry picked from commit 8a8023a4414e27d28f4503e2d2fb12afc4b7aac6)
(cherry picked from commit 1c9ffeadf5ce419d576afc89faff9fdd6c1b5478)

[BRANDING] Fix navigation hover color (squash)

- For items in the navigation bar, use different background colours for hover.
- Regression since https://github.com/go-gitea/gitea/pull/25343

(cherry picked from commit 8f3f4b219c449011a810c6a9f946fe216d841778)
(cherry picked from commit edfb0eef06e798009389b12b2c0a417c4c845887)
(cherry picked from commit a6367fa48a2d10465b5d00aa6fb3db886f3c238f)
(cherry picked from commit d5697abe4257390a687102d0964fee15f9214b73)
(cherry picked from commit eaf537091997650d9370457b7eb53205a552d267)
(cherry picked from commit 58f11e7310dfec6fc6f195aa36e465c846a431c5)
(cherry picked from commit 732e1b35d58e1ac5307b80819bd788ac8dc9b71f)
(cherry picked from commit 0d794ae1c91fa926d1ddac5eb7b1bc27a9271793)
(cherry picked from commit ccc8aed308253aaf7aa81f49d3a8025cf759cfce)

Conflicts:
	modules/setting/ui.go
	https://codeberg.org/forgejo/forgejo/pulls/1582
(cherry picked from commit 209059fbaf6d034b1bb34ae7add0be0269de7042)
(cherry picked from commit 80ba2df4a733d84fe0c9ad60d3638e465ccfedac)
(cherry picked from commit 17b325da23b1896b6acd95c0b149a9ec20813cc1)
(cherry picked from commit 3518b87c8de21590700060e5222feccc7c54cb58)
(cherry picked from commit 4042143f968cd86a9fd9d84565013fd9f8bd160f)
(cherry picked from commit 07f976f9d78a817371c3f72244428e49a167be8b)
(cherry picked from commit 1bbc6b93e966b13f077e58b3447605eea60cb67e)
(cherry picked from commit 8aa0bba307c45994b69a4790f977e3cdaeb32d70)
(cherry picked from commit 94c4a14ac30fe92c13e672538ccfb56d409d2f2f)

Update Forgejo theme (squash)

- Incorporate changes from 79a4c80f8d into the Forgejo themes.
- Fix that there's no focus or active coloring on primary and secondary
buttons for Forgejo themes caused by
023e937141 that moved variablse from
base.css (shared) to the themes.
- Extend hack to make red buttons darker on dark Forgejo theme to
include active styling and remove the unnecessary `!important`.

(cherry picked from commit 2e32da4419e2cbb6cc7d2cab65b03e14fdb75db6)
(cherry picked from commit a4eca09543e52342210596a58fcd68d4177a08d5)
(cherry picked from commit e6e452811d8104d6a824aa0e220d80b61dd3c74d)
(cherry picked from commit e9a5addf3daf56c1fec8daf0551463d9ac337534)
(cherry picked from commit a1b8b5fa0d05c95ccb0a0b54ac6fb13bafaa3d12)

[BRANDING] Update forgejo theme

- Inlcude a103b79f60 and
1b2cd4c4e1 and
376c0e25f7 and 023e937141
into the Forgejo theme.
- Fix tooltips not being visual, due to missing background color.
- Fix labels not having a background color.
- Fix modals not having a dimmed background.
- Fix no syntax highlighting on Forgejo light due to missing imports.
- Incorporate feedback from
https://codeberg.org/forgejo/forgejo/issues/1117 to make the labels
stand out less.

(cherry picked from commit bc21dc21e1a375160e97eb1d2023d095d9067ef5)
(cherry picked from commit 82323c09cc9439e723618e38104d6b705f94aad9)
(cherry picked from commit 2da09af28dc91996bd261e008f30bd2b9d0d5a85)
(cherry picked from commit 978aeb7cde02738ea245d4d12d21d6376bce58cf)
(cherry picked from commit 984c264e19dc9497db67139019bf749591bd8447)
(cherry picked from commit 6aa7c8db38627394ad71589e4671554a30d96d39)
(cherry picked from commit 4379269a46b8fcd9885dd2ddba574375b46519dd)

Conflicts:
	modules/setting/ui.go
	https://codeberg.org/forgejo/forgejo/pulls/2116
(cherry picked from commit 9414391ec1e37978615e27d304a12957c9adffb4)
(cherry picked from commit 02c9b776e851f5893a6fdbc6e29402be793d8582)
(cherry picked from commit 7324b417ce5f7199901b4beb0d715d9b190e7b43)
(cherry picked from commit b20aa3ed1742ac1c883bb2d4d155c99140c956e5)
2024-02-05 16:02:13 +01:00
Caesar Schinas
95c371d1bb
[BRANDING] Rebrand default config settings for new installs (#140)
Replaces `Gitea` with `Forgejo` in the default config settings for new installs.

This will not affect existing installs.

Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/140
Co-authored-by: Caesar Schinas <caesar@noreply.codeberg.org>
Co-committed-by: Caesar Schinas <caesar@noreply.codeberg.org>
(cherry picked from commit ca1319aa16128516e50dabdc8e8cadc23eb71d2f)
(cherry picked from commit 52a4d238a0b5bbea28b28e55e35f28c51ecbb2de)
(cherry picked from commit f63536538cfe4b010ebb5a6323f4b5e5b6ec7232)

Conflicts:
	web_src/js/features/install.js
(cherry picked from commit 861cc434e129f3fbd932ee36067c560e754dab9a)
(cherry picked from commit 0e6ea60c802d6cfd95dea4aad5df96bb6e4bc7a5)
(cherry picked from commit 0cbc0ec15d9d952b0ecfb68a36bf58cbae0c43dd)
(cherry picked from commit 3cc19b0ae214ae163f23efa52ab0aa53eb7c935b)
(cherry picked from commit 50fcb885fe2f87a27e6ff778cdd0c7cd97bbe9e9)
(cherry picked from commit f6039d4df481fc58b8db3e863158665d24cac847)
(cherry picked from commit 5ae5c6ba2deefe829f768900f5e1bbcbe9389e15)
(cherry picked from commit f0b565e0ed7fe52f0264e92c49736b487b9bff8a)
(cherry picked from commit adbd4d2015e8e2c4789849c84cfa4032acd40b7f)
(cherry picked from commit d26c540ffdbfb7ec83412635576ab39653d1b531)
(cherry picked from commit 6df6781b42ea126d029ba9e85485dbcb9bf6601d)
(cherry picked from commit b6fb56e1c407195bedfe09f91ecb6537024d5189)
(cherry picked from commit bb4f98a0ca7515aa6c44529df0573195f779a643)
(cherry picked from commit 6779229f2732f6791aba3bd1ba51a338a88ca1f3)
(cherry picked from commit c216c85aee552aa15e9d6316002ee9e170de64d7)
(cherry picked from commit dff780bced1dc78ddd7fa4952766969ee528c538)
(cherry picked from commit 4e036aa3b6d1bc5f2041c3b30ec289cb082fe824)
(cherry picked from commit 8b3bc3e8a64edaba64cb759ea31248eea7307937)
(cherry picked from commit 1e4d8523321efaf6c5febdd77ba5150effe5c1ac)
(cherry picked from commit 07a15d18447bb03bb04001f1f65305670d1467ef)
(cherry picked from commit fb44b3e10d685dd180f37678a3e2a64ee641f2b2)
(cherry picked from commit b212d833190ce59230b3fc288c1aac5106cf33a0)
(cherry picked from commit 5754971be5c37e97f3165878af3760117e40af01)
(cherry picked from commit 0c43b4e82cab028fae1b709c549251d63a3ffc04)

Conflicts:
	routers/install/install.go
	https://codeberg.org/forgejo/forgejo/pulls/1351
(cherry picked from commit 2e22a7208a0f149afc3794425c7b5b2b0181a939)
(cherry picked from commit 676b0a8a48f99d751b677b9eca5b57238b5003a5)
(cherry picked from commit bc4a8bf9bcb75e92b7802c477b1bb14a047344a6)
(cherry picked from commit 5e09a4e174cc6d62b08fa718d0309275effadbd8)
(cherry picked from commit 712c52a32a3b6ce9aafaefaf9e63729522d1e0c5)
(cherry picked from commit ba3d93cc4a5dca5d0daef647fab557e0136925e2)
(cherry picked from commit a5a0396abc512834ca7b0b247277e4d753a87659)
(cherry picked from commit 09b205f30b17b8f22688f39b5f98d06b44745a4b)
(cherry picked from commit 52b7729e86aade4faa9577abb53401a4040131f0)
(cherry picked from commit bfe78735e84312bccb8adb402041830da93ba646)
(cherry picked from commit 915c4f7a7b1e20ba4299a8631c873c7aed288992)
(cherry picked from commit 3b1af856bbc604511bdd42eda65dbf0808a12abc)
(cherry picked from commit ffe2c0a3535fa510ba416d12324d00406678075e)
(cherry picked from commit fd5cc72128272572a84b011f67a05999e60e931a)
(cherry picked from commit 95d3555e47cdca47e603692e669ebbdc024dc6d3)
(cherry picked from commit b9b853f4b0a9a0587a1b2fce7c63bb315aba0af2)
(cherry picked from commit 967453eb6f5776d65883797dd9ad24b57eecbbd3)
(cherry picked from commit 3298f502dda8570884494e557df5800ba0f2150f)
(cherry picked from commit 3481d1f816fe87db000cde4ef1e6d952c520efcf)
(cherry picked from commit 7508c24a0c6d44f98ff1ccb96285309e640b16bb)
(cherry picked from commit 54e97f7c35bbb1800defdfdf99934f22505c0c4d)
(cherry picked from commit 492876992f59c597882c69fef6880d7981e33046)
2024-02-05 16:02:13 +01:00
Caesar Schinas
e5b68d2614
[BRANDING] Add forgejo emoji
(cherry picked from commit ade55ad308ea0ac6bb36903e3a69b02d18228adb)
(cherry picked from commit 107f7266183584b51299351961b73ab2b185f24b)
(cherry picked from commit f29cf9cfc107692cd79a4ba4062a66f90813bc4e)
(cherry picked from commit 0761a41eee30a32c822834ca2b989ad6343ed1e0)
(cherry picked from commit 2b1fd9565f615dde8bdd07d86ff3a5ca3815af67)
(cherry picked from commit 6a7c82f13b17df1fa647130d086fbcdbeb086571)
(cherry picked from commit 4a56d404942562e3f5a45abd45518bc8679109b6)
(cherry picked from commit b48e3e896d0d3942362b5a1c18f847ffd64609cb)
(cherry picked from commit bde83340cbcce8370d524da9c909731c78544c49)
(cherry picked from commit 74e0603d6be22d8d74d38f9c99c8bcf26dd83482)
(cherry picked from commit 84bd1ddc082aa55a7d7c03eeac55478f0e15e019)
(cherry picked from commit 62d9acde2a0692f46257dc3db329e0196b74837a)
(cherry picked from commit 5b84a909135a4d71c778a2d0719a20ff01abef64)
(cherry picked from commit 5362f7d053f4e8bd6a91d93ddbcb6d291a250efe)
(cherry picked from commit 65ad7d1bd9875b6dd00f3ef31bc1d5ef2b9e84f5)
(cherry picked from commit 6e42d545a97ef7d470b57f6ae43ae15fa1581a37)
(cherry picked from commit 24d3bb33e2031a44c535602a7a083194acacbff1)
(cherry picked from commit 704935cadd997dcc1dea5e51a089ed25ec1ccab1)
(cherry picked from commit 5d9fc59e17c9be563432376c3b7d1851300ccdac)
(cherry picked from commit 4c95df3f86f9e778a9d1267cdca22c4ce15ffb94)
(cherry picked from commit 1ac704762ac78ba2a86a787f02de45779d765673)
(cherry picked from commit 0da9fb13189b0bff21a734c0f635ec196731a91f)
(cherry picked from commit bc2de51eeffea7fb4c5b53e7a72cab315af8215a)
(cherry picked from commit ea897a20b91e89be48570ca923dcbea1b4baf81e)
(cherry picked from commit 66f3f9c6effd19ca6762437e7756bd3ac564a6f3)
(cherry picked from commit edc5c3c3043867ea01b93f50ca83014592ef89b6)
(cherry picked from commit 11dd4f31a49b5448d4207c928df6be647adf5ce0)
(cherry picked from commit bf0fb77afb91dfff7ba81a59bbf5506a6b0a6462)
(cherry picked from commit 3a823b1001817b906c31453ff86d43ebe6bf9719)
(cherry picked from commit e1f6cb4ed607f17da4bedf36fe60af9d4a492089)
(cherry picked from commit 0b3f45972ff338a00ca084b1c3371714fc1b7011)
(cherry picked from commit a9579c967946436338e44d323db2303f108dbf69)
(cherry picked from commit 0dea1aadf25e120ee1f19ffa6f15caa285ad3c7b)
(cherry picked from commit aeed23b96ee384054068633cb3bae71893d9382c)
(cherry picked from commit 72712f467df8de65955f15457c5845b80c2925e1)
(cherry picked from commit b49b832899b24efc73bbe7f1d7ed3626e5b55434)
(cherry picked from commit a985bb8b902ddcc98d24e6f3078b1e1fee61a1c7)
(cherry picked from commit dac4d692182eb96701c46451f6d5a22966494583)
(cherry picked from commit 4962eb361dea6528b6d36d29e1c27d8e76351ec9)
(cherry picked from commit 61835639c8134b017ee8cf1816315c1536eeedcc)
(cherry picked from commit f4e44e3b602bda4c11150bea1e0e56f75f751398)
(cherry picked from commit 65c5f553c1cd9890de0eae416820dae84ad412a6)

Conflicts:
	modules/setting/ui.go
	https://codeberg.org/forgejo/forgejo/pulls/1976
(cherry picked from commit ef2f0c1c4a00e23579829ee874f80af2a9423c39)
(cherry picked from commit 4c208ef65e9dd65c772d981f165305f2ebd436b2)
(cherry picked from commit 3386a9d6ee8ea4e42faa3d9f1879de66f7f44d39)

Conflicts:
	modules/setting/ui.go
	https://codeberg.org/forgejo/forgejo/pulls/2116
(cherry picked from commit 8f93b38c6636e85151d79647050e8731f0cb07a9)
(cherry picked from commit af49467e83c073de9d8613facfc833d0912945ef)
(cherry picked from commit edef259a3863128359e826e73901bae149e30c28)
(cherry picked from commit a46b5bbf389e42cba0b49446302959ddd92922da)
2024-02-05 16:02:13 +01:00
Gusted
2da33aae2d
[MODERATION] User blocking
- Add the ability to block a user via their profile page.
- This will unstar their repositories and visa versa.
- Blocked users cannot create issues or pull requests on your the doer's repositories (mind that this is not the case for organizations).
- Blocked users cannot comment on the doer's opened issues or pull requests.
- Blocked users cannot add reactions to doer's comments.
- Blocked users cannot cause a notification trough mentioning the doer.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/540
(cherry picked from commit 687d852480388897db4d7b0cb397cf7135ab97b1)
(cherry picked from commit 0c32a4fde531018f74e01d9db6520895fcfa10cc)
(cherry picked from commit 1791130e3cb8470b9b39742e0004d5e4c7d1e64d)
(cherry picked from commit 37858b7e8fb6ba6c6ea0ac2562285b3b144efa19)
(cherry picked from commit a3e2bfd7e9eab82cc2c17061f6bb4e386a108c46)
(cherry picked from commit 7009b9fe87696b6182fab65ae82bf5a25cd39971)

Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014
        routers/web/user/profile.go
        templates/user/profile.tmpl
(cherry picked from commit b2aec3479177e725cfc7cbbb9d94753226928d1c)
(cherry picked from commit e2f1b73752f6bd3f830297d8f4ac438837471226)

[MODERATION] organization blocking a user (#802)

- Resolves #476
- Follow up for: #540
- Ensure that the doer and blocked person cannot follow each other.
- Ensure that the block person cannot watch doer's repositories.
- Add unblock button to the blocked user list.
- Add blocked since information to the blocked user list.
- Add extra testing to moderation code.
- Blocked user will unwatch doer's owned repository upon blocking.
- Add flash messages to let the user know the block/unblock action was successful.
- Add "You haven't blocked any users" message.
- Add organization blocking a user.

Co-authored-by: Gusted <postmaster@gusted.xyz>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/802
(cherry picked from commit 0505a1042197bd9136b58bc70ec7400a23471585)
(cherry picked from commit 37b4e6ef9b85e97d651cf350c9f3ea272ee8d76a)
(cherry picked from commit c17c121f2cf1f00e2a8d6fd6847705df47d0771e)

[MODERATION] organization blocking a user (#802) (squash)

Changes to adapt to:

  6bbccdd177 Improve AJAX link and modal confirm dialog (#25210)

Refs: https://codeberg.org/forgejo/forgejo/pulls/882/files#issuecomment-945962
Refs: https://codeberg.org/forgejo/forgejo/pulls/882#issue-330561
(cherry picked from commit 523635f83cb2a1a4386769b79326088c5c4bbec7)
(cherry picked from commit 4743eaa6a0be0ef47de5b17c211dfe8bad1b7af9)
(cherry picked from commit eff5b43d2e843d5d537756d4fa58a8a010b6b527)

Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014
        routers/web/user/profile.go
(cherry picked from commit 9d359be5ed11237088ccf6328571939af814984e)
(cherry picked from commit b1f3069a22a03734cffbfcd503ce004ba47561b7)

[MODERATION] add user blocking API

- Follow up for: #540, #802
- Add API routes for user blocking from user and organization
perspective.
- The new routes have integration testing.
- The new model functions have unit tests.
- Actually quite boring to write and to read this pull request.

(cherry picked from commit f3afaf15c7e34038363c9ce8e1ef957ec1e22b06)
(cherry picked from commit 6d754db3e5faff93a58fab2867737f81f40f6599)
(cherry picked from commit 2a89ddc0acffa9aea0f02b721934ef9e2b496a88)
(cherry picked from commit 4a147bff7e963ab9dffcfaefa5c2c01c59b4c732)

Conflicts:
        routers/api/v1/api.go
        templates/swagger/v1_json.tmpl
(cherry picked from commit bb8c33918569f65f25b014f0d7fe6ac20f9036fc)
(cherry picked from commit 5a11569a011b7d0a14391e2b5c07d0af825d7b0e)
(cherry picked from commit 2373c801ee6b84c368b498b16e6ad18650b38f42)

[MODERATION] restore redirect on unblock

 ctx.RedirectToFirst(ctx.FormString("redirect_to"), ctx.ContextUser.HomeLink())

was replaced by

 ctx.JSONOK()

in 128d77a3a Following up fixes for "Fix inconsistent user profile layout across tabs" (#25739)

thus changing the behavior (nicely spotted by the tests). This
restores it.

(cherry picked from commit 597c243707c3c86e7256faf1e6ba727224554de3)
(cherry picked from commit cfa539e590127b4b953b010fba3dea21c82a1714)

[MODERATION] Add test case (squash)

- Add an test case, to test an property of the function.

(cherry picked from commit 70dadb1916bfef8ba8cbc4e9b042cc8740f45e28)

[MODERATION] Block adding collaborators

- Ensure that the doer and blocked user cannot add each other as
collaborators to repositories.
- The Web UI gets an detailed message of the specific situation, the API
gets an generic Forbidden code.
- Unit tests has been added.
- Integration testing for Web and API has been added.
- This commit doesn't introduce removing each other as collaborators on
the block action, due to the complexity of database calls that needs to
be figured out. That deserves its own commit and test code.

(cherry picked from commit 747be949a1b3cd06f6586512f1af4630e55d7ad4)

[MODERATION] move locale_en-US.ini strings to avoid conflicts

Conflicts:
        web_src/css/org.css
        web_src/css/user.css
        https://codeberg.org/forgejo/forgejo/pulls/1180

(cherry picked from commit e53f955c888ebaafc863a6e463da87f70f5605da)

Conflicts:
        services/issue/comments.go
        https://codeberg.org/forgejo/forgejo/pulls/1212
(cherry picked from commit b4a454b576eee0c7738b2f7df1acaf5bf7810d12)

Conflicts:
        models/forgejo_migrations/migrate.go
        options/locale/locale_en-US.ini
        services/pull/pull.go
        https://codeberg.org/forgejo/forgejo/pulls/1264

[MODERATION] Remove blocked user collaborations with doer

- When the doer blocks an user, who is also an collaborator on an
repository that the doer owns, remove that collaboration.
- Added unit tests.
- Refactor the unit test to be more organized.

(cherry picked from commit ec8701617830152680d69d50d64cb43cc2054a89)
(cherry picked from commit 313e6174d832501c57724ae7a6285194b7b81aab)

[MODERATION] QoL improvements (squash)

- Ensure that organisations cannot be blocked. It currently has no
effect, as all blocked operations cannot be executed from an
organisation standpoint.
- Refactored the API route to make use of the `UserAssignmentAPI`
middleware.
- Make more use of `t.Run` so that the test code is more clear about
which block of code belongs to which test case.
- Added more integration testing (to ensure the organisations cannot be
blocked and some authorization/permission checks).

(cherry picked from commit e9d638d0756ee20b6bf1eb999c988533a5066a68)

[MODERATION] s/{{avatar/{{ctx.AvatarUtils.Avatar/

(cherry picked from commit ce8b30be1327ab98df2ba061dd7e2a278b278c5b)
(cherry picked from commit f911dc402508b04cd5d5fb2f3332c2d640e4556e)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/1354
(cherry picked from commit c1b37b7fdaf06ee60da341dff76d703990c08082)
(cherry picked from commit 856a2e09036adf56d987c6eee364c431bc37fb2e)

[MODERATION] Show graceful error on comment creation

- When someone is blocked by the repository owner or issue poster and
try to comment on that issue, they get shown a graceful error.
- Adds integration test.

(cherry picked from commit 490646302e1e3dc3c59c9d75938b4647b6873ce7)
(cherry picked from commit d3d88667cbb928a6ff80658eba8ef0c6c508c9e0)
(cherry picked from commit 6818de13a921753e082b7c3d64c23917cc884e4b)

[MODERATION] Show graceful error on comment creation (squash) typo

(cherry picked from commit 1588d4834a37a744f092f2aeea6c9ef4795d7356)
(cherry picked from commit d510ea52d091503e841d66f2f604348add8b4535)
(cherry picked from commit 8249e93a14f628bb0e89fe3be678e4966539944e)

[MODERATION] Refactor integration testing (squash)

- Motivation for this PR is that I'd noticed that a lot of repeated
calls are happening between the test functions and that certain tests
weren't using helper functions like `GetCSRF`, therefor this refactor of
the integration tests to keep it: clean, small and hopefully more
maintainable and understandable.
- There are now three integration tests: `TestBlockUser`,
`TestBlockUserFromOrganization` and `TestBlockActions` (and has been
moved in that order in the source code).
- `TestBlockUser` is for doing blocking related actions as an user and
`TestBlockUserFromOrganization` as an organisation, even though they
execute the same kind of tests they do not share any database calls or
logic and therefor it currently doesn't make sense to merge them
together (hopefully such oppurtinutiy might be presented in the future).
- `TestBlockActions` now contain all tests for actions that should be
blocked after blocking has happened, most tests now share the same doer
and blocked users and a extra fixture has been added to make this
possible for the comment test.
- Less code, more comments and more re-use between tests.

(cherry picked from commit ffb393213d2f1269aad3c019d039cf60d0fe4b10)
(cherry picked from commit 85505e0f815fede589c272d301c95204f9596985)
(cherry picked from commit 0f3cf17761f6caedb17550f69de96990c2090af1)

[MODERATION] Fix network error (squash)

- Fix network error toast messages on user actions such as follow and
unfollow. This happened because the javascript code now expects an JSON
to be returned, but this wasn't the case due to
cfa539e590127b4953b010fba3dea21c82a1714.
- The integration testing has been adjusted to instead test for the
returned flash cookie.

(cherry picked from commit 112bc25e548d317a4ee00f9efa9068794a733e3b)
(cherry picked from commit 1194fe4899eb39dcb9a2410032ad0cc67a62b92b)
(cherry picked from commit 9abb95a8441e227874fe156095349a3173cc5a81)

[MODERATION] Modernize frontend (squash)

- Unify blocked users list.
- Use the new flex list classes for blocked users list to avoid using
the CSS helper classes and thereby be consistent in the design.
- Fix the modal by using the new modal class.
- Remove the icon in the modal as looks too big in the new design.
- Fix avatar not displaying as it was passing the context where the user
should've been passed.
- Don't use italics for 'Blocked since' text.
- Use namelink template to display the user's name and homelink.

(cherry picked from commit ec935a16a319b14e819ead828d1d9875280d9259)
(cherry picked from commit 67f37c83461aa393c53a799918e9708cb9b89b30)

Conflicts:
	models/user/follow.go
	models/user/user_test.go
	routers/api/v1/user/follower.go
	routers/web/shared/user/header.go
	routers/web/user/profile.go
	templates/swagger/v1_json.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1468
(cherry picked from commit 6a9626839c6342cd2767ea12757ee2f78eaf443b)

Conflicts:
	tests/integration/api_nodeinfo_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1508#issuecomment-1242385
(cherry picked from commit 7378b251b481ed1e60e816caf8f649e8397ee5fc)

Conflicts:
	models/fixtures/watch.yml
	models/issues/reaction.go
	models/issues/reaction_test.go
	routers/api/v1/repo/issue_reaction.go
	routers/web/repo/issue.go
	services/issue/issue.go
	https://codeberg.org/forgejo/forgejo/pulls/1547
(cherry picked from commit c2028930c101223820de0bbafc318e9394c347b8)
(cherry picked from commit d3f9134aeeef784586e8412e8dbba0a8fceb0cd4)
(cherry picked from commit 7afe154c5c40bcc65accdf51c9224b2f7627a684)
(cherry picked from commit 99ac7353eb1e834a77fe42aa89208791cc2364ff)
(cherry picked from commit a9cde00c5c25ea8c427967cb7ab57abb618e44cb)

Conflicts:
	services/user/delete.go
	https://codeberg.org/forgejo/forgejo/pulls/1736
(cherry picked from commit 008c0cc63d1a3b8eb694bffbf77a7b25c56afd57)

[DEADCODE] add exceptions

(cherry picked from commit 12ddd2b10e3309f6430b0af42855c6af832832ee)

[MODERATION] Remove deadcode (squash)

- Remove deadcode that's no longer used by Forgejo.

(cherry picked from commit 0faeab4fa9b0aa59f86760b24ecbc07815026c82)

[MODERATION] Add repo transfers to blocked functionality (squash)

- When someone gets blocked, remove all pending repository transfers
from the blocked user to the doer.
- Do not allow to start transferring repositories to the doer as blocked user.
- Added unit testing.
- Added integration testing.

(cherry picked from commit 8a3caac33013482ddbee2fa51510c6918ba54466)
(cherry picked from commit a92b4cfeb63b90eb2d90d0feb51cec62e0502d84)
(cherry picked from commit acaaaf07d999974dbe5f9c5e792621c597bfb542)
(cherry picked from commit 735818863c1793aa6f6983afedc4bd3b36026ca5)
(cherry picked from commit f50fa43b32160d0d88eca1dbdca09b5f575fb62b)
(cherry picked from commit e16683643388fb3c60ea478f1419a6af4f4aa283)
(cherry picked from commit 82a0e4a3814a66ce44be6a031bdf08484586c61b)
(cherry picked from commit ff233c19c4a5edcc2b99a6f41a2d19dbe8c08b3b)
(cherry picked from commit 8ad87d215f2b6adb978de77e53ba2bf7ea571430)

[MODERATION] Fix unblock action (squash)

- Pass the whole context instead of only giving pieces.
- This fixes CSRF not correctly being inserted into the unblock buttons.

(cherry picked from commit 2aa51922ba6a0ea2f8644277baa74fc8f34ab95a)
(cherry picked from commit 7ee8db0f018340bc97f125415503e3e5db5f5082)
(cherry picked from commit e4f8b999bcd3b68b3ef7f54f5b17c3ada0308121)
(cherry picked from commit 05aea60b1302bbd3ea574a9c6c34e1005a5d73bf)
(cherry picked from commit dc0d61b012cfaf2385f71e97cda5f220b58b9fa4)
(cherry picked from commit f53fa583de671ff60a0a1d0f3ab8c260e1ba4e1f)
(cherry picked from commit c65b89a58d11b32009c710c2f5e75f0cd3539395)
(cherry picked from commit 69e50b9969db3ab71cefaed520757876a9629a5c)
(cherry picked from commit ec127440b86cb5fcf51799d8bd76a9fd6b9cebcc)

[MODERATION] cope with shared fixtures

* There is one more issue in the fixtures and this breaks some tests
* The users in the shared fixtures were renamed for clarity and that
  breaks some tests

(cherry picked from commit 707a4edbdf67d0eb168d7bb430cf85dd8cd63c52)

Conflicts:
	modules/indexer/issues/indexer_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1508
(cherry picked from commit 82cc044366c749df80ffad44eed2988b8e64211e)
(cherry picked from commit 2776aec7e85850f1d7f01a090a72491550fb9d29)
(cherry picked from commit 1fbde36dc784b5b2cc6193f02ff0d436b0f2a629)
(cherry picked from commit 1293db3c4e5df218501f5add9f9d41101ffcb8aa)
(cherry picked from commit 6476802175bac3ef78dd8f24ff6bebc16f398a78)
(cherry picked from commit 5740f2fc830356acb7929a02fe304008b94a0ca5)
(cherry picked from commit afc12d7b6e9b773fa89718aa79cd95c0e0ce4406)

[MODERATION] Fix transfer confirmation (squash)

- Fix problem caused by the clearer confirmation for dangerous actions commit.

(cherry picked from commit 3488f4a9cb1f7f73103ae0017d644f13ca3ab798)
(cherry picked from commit ed7de91f6ace23a1459bc6552edf719d62c7c941)
(cherry picked from commit 2d97929b9b7b8d979eb12bf0994d3f169d41f7fd)
(cherry picked from commit 50d035a7b058b9c4486c38cd4be0b02a4e1bf4d9)
(cherry picked from commit 0a0c07d78a1dee3489b97ab359bb957e3f7fb94b)
(cherry picked from commit 85e55c4dbc2f513f3d5254dac20915e8c3c22886)
(cherry picked from commit d8282122ad6e8b497de35d1ed89e3093a2cd5ee2)
(cherry picked from commit 3f0b3b6cc582c3d672d371dd9fe1203a56cb88c0)

[MODERATION] Purge issues on user deletion (squash)

(cherry picked from commit 4f529d9596ffbfc4e754c28830ba028f6344dc5b)
(cherry picked from commit f0e3acadd321fcb99e8ea3e3ce1c69df25c4ca4d)
(cherry picked from commit 682c4effe69dc0d4ed304fa7ce6259d9ce573629)
(cherry picked from commit e43c2d84fd4b6fd31e2370cec1034262d12e5c34)
(cherry picked from commit 9c8e53ccc78053026e4f667889959c23c8d95934)
(cherry picked from commit a9eb7ac783b2c16ee3702a88203bf857cb4147fc)

[MODERATION] Purge issues on user deletion (squash) revert shared fixtures workarounds

(cherry picked from commit 7224653a40e32186892e89bfedd49edecf5b8f81)
(cherry picked from commit aa6e8672f9473a9100e7575051dec9eda37709a0)
(cherry picked from commit 58c7947e95648f50237ddcd46b6bd025b224a70f)
(cherry picked from commit f1aacb1851b232082febcd7870a40a56de3855a6)
(cherry picked from commit 0bf174af87f7de9a8d869304f709e2bf41f3dde9)
(cherry picked from commit f9706f4335df3b7688ed60853d917efa72fb464a)

[MODERATION] Prepare moderation for context locale changes (squash)

- Resolves https://codeberg.org/forgejo/forgejo/issues/1711

(cherry picked from commit 2e289baea943dcece88f02d110b03d344308a261)
(cherry picked from commit 97b16bc19ae680db62608d6020b00fe5ac451c60)

[MODERATION] User blocking (squash) do not use shared fixture

It conflicts with a fixtured added in the commit
Fix comment permissions (#28213) (#28216)

(cherry picked from commit ab40799dcab24e9f495d765268b791931da81684)
(cherry picked from commit 996c92cafdb5b33a6d2d05d94038e950d97eb7de)
(cherry picked from commit 259912e3a69071c5ad57871464d0b79f69a8e72c)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/1921
(cherry picked from commit 1e82abc032c18015b92c93a7617a5dd06d50bd2d)
(cherry picked from commit a176fee1607d571b25b345184f1c50d403029610)
(cherry picked from commit 0480b76dfeda968849e900da9454a3efd82590fa)
(cherry picked from commit 4bc06b7b3841c74e3d790b1ef635c2b382ca7123)
(cherry picked from commit 073094cf722a927a623408d66537c758d7d64e4c)
(cherry picked from commit ac6201c647a4d3a2cfb2b0303b851a8fe7a29444)
(cherry picked from commit 7e0812674da3fbd1e96bdda820962edad6826fbd)
(cherry picked from commit 068c741e5696957710b3d1c2e18c00be2ffaa278)

Conflicts:
	models/repo_transfer.go
	models/repo_transfer_test.go
	routers/web/user/profile.go
	https://codeberg.org/forgejo/forgejo/pulls/2298
2024-02-05 15:56:45 +01:00
Gusted
6fc17ad37b
[PRIVACY] Add a DNS method to fetch new updates
- Use TXT records in order to determine the latest available version.
- This addresses a valid privacy issue, as with HTTP requests the server
can keep track(estimated) of how many instances are using Forgejo, with
DNS that's basically not possible as the server will never receive any
data, as the only ones receiving data are DNS resolvers.

(cherry picked from commit 0baefb546ab96bc3c06d90feffdb14873c2c2a3a)
(cherry picked from commit e8ee41880b775532e6a68bd2052ed96d369dee78)
(cherry picked from commit 7eca4f3bf1faa3f063c9668d1bb354b842361007)
(cherry picked from commit 6dde3992dc504f105f2285c34fa6445fa24da0b1)
(cherry picked from commit fb3a37fbfc73d35e3ba8d793b6051aeddcbb0634)
(cherry picked from commit 8304af1e9d94b89ee700b0d454d74d0dc5cfac64)
(cherry picked from commit 0543a7d12a4bac012db8b9e683e879e6f265a9dc)
(cherry picked from commit c3a22933b7ca8201c96267d360281848fb2a1c7e)
(cherry picked from commit e24370769413aebe96ba6cfb230da3c2c33e39f4)
(cherry picked from commit 7eb6d1bcf7a0bdae0cbbf06136854d0b29c54899)
(cherry picked from commit 1d7b9535cd73bffda5defd143c25e514cc55dee8)
(cherry picked from commit 05920dce67808ae346c4e9cd9a41c9942e857bc6)
(cherry picked from commit f173f27d7c3bf36c54b7e715a61b2308d1b0d277)
(cherry picked from commit 90e1c9340e72f08e67293647cf5f19b3e3571909)
(cherry picked from commit de68610ea70b81146f6412e42d72b97aad0428ae)
(cherry picked from commit 8d5757ea0459cffeb885462b7a9d1e1c630e1f16)
(cherry picked from commit c7a7fff316c1a88ba9b0984114a25cecfac56bce)
(cherry picked from commit 39ac8b8fc164090eacd5870bf78ea863d2add5fa)
(cherry picked from commit 98892033012ccc4f4bef30e10932fa22bf12ebcd)

[PRIVACY]: Adjust update checker description

- Resolves #323
- Adjust the description of the update check function on the
installation page to describe the privacy method instead of the HTTP
method by checking gitea.io

(cherry picked from commit 61eae5b105e374169fe23fbb150ce080f8f340ec)
(cherry picked from commit 091def20a1180af718209f2bd520cb249b1943ae)
(cherry picked from commit d5d11bf45a77cad6be2194620c4d865231cfbe67)
(cherry picked from commit 71863d470739c743335931f1563e5b63cf3194eb)
(cherry picked from commit 11ece4aab1ba7a154e985a6732c6839d8a688315)
(cherry picked from commit afdd7e714f9e735811dc909a854cfac964e474e7)
(cherry picked from commit 39170e2f1d64d79bb05940b72d7db602bcff1bce)
(cherry picked from commit 4b3a52aab82e8b9f59f247983a4aa7de65c6c747)
(cherry picked from commit 9d763c5fc8cd0ff7898855e1ef088edb264388d5)
(cherry picked from commit 638db15482f6907fa21e27aaccf6795226ae60c0)
(cherry picked from commit a52bfdd8e76466aa293855a35c6ac9e18a228e90)
(cherry picked from commit dc93d00e85dfdd9c090294f5504b8d885a602c60)
(cherry picked from commit 0bc4b3508c8d2e49b57d47b4c5b36a9365580a1b)
(cherry picked from commit 3f760d85a45520d3340bf27efe667fc689b6b8ce)
(cherry picked from commit ecc2716785036b5538c8022d1c4dd6156796acef)
(cherry picked from commit 6334d5677eb3e1848ab16630a22ae59ab716a732)

Conflicts:
	modules/updatechecker/update_checker.go
	UpdateRemoteVersion now has a context argument. However, in
	the updated code from Gitea the context comes from the HTTP
	request and does not actually provide any useful context.
	Replace that with context.Background()
(cherry picked from commit ca2200767edb9c30b655b942824957577b1f6fe7)
(cherry picked from commit f46feca224d388e92875a76c8d2428c2681ad0c5)
(cherry picked from commit a800a66ca89c03a8e08f26f633bea8634cffe629)
(cherry picked from commit 21f017454e90db7c1ce47627785e4781396300b9)
(cherry picked from commit 762d18e09a5cc04f7c2ff374e1202324244999df)
(cherry picked from commit 6d28e120c131b2547a87691a6195205cedfac052)
(cherry picked from commit 4fcd7e7cbf55d7b69568a931fc86b3aef8346adc)
(cherry picked from commit 95162851128ef1d03435bd5e011748dc3d0f26f8)
(cherry picked from commit 0dd752a2624693fb1c9c4dd0efa8e343ae1ad3c7)
(cherry picked from commit b1f1af7fe03878c333966b2f4c6581ab0e6c2593)
(cherry picked from commit 71937deaa575015fb5e9073a014b4fba74ed92a8)
(cherry picked from commit 93e41a782334b7b53198da89e1c8a92bb9e6b6be)
(cherry picked from commit f497ed30cfaafb2c801ad6bfccc7788a128c4435)
(cherry picked from commit bff3346f7df2cf28b1f1fdd637a87bbe6940326c)
(cherry picked from commit 906ae19c0f61d808decf4fab0abc2086abf9d4e2)
2024-02-05 15:38:36 +01:00
Earl Warren
34d21f6bc2
[I18N] add [common] as first line
To keep weblate happy as it would otherwise be duplicating the content
to all sections.

See https://github.com/WeblateOrg/weblate/issues/10831 for more information.

(cherry picked from commit 5ffc10a00e1ceb24755894e981d3d26d654b4b7e)
(cherry picked from commit 96d10e793b72e39656cc0df02272c7dd7632964c)
2024-02-05 15:10:55 +01:00
Michael Kriese
97cc955101
[GITEA] feat(nuget): basic manifest download
Refs: https://codeberg.org/forgejo/forgejo/pulls/2222

(cherry picked from commit 5f837efc15f3d1e0d7fbed7fc569251143266584)

fix: write xml header

(cherry picked from commit a715984a42be9da81c48106d5eae244098ac1108)

fix: optional elements and xml schema

(cherry picked from commit 6ea6895a3616246e7282aa20d8f010fa931b60ea)

fix: pass all other requests to file search

(cherry picked from commit 9bfc74833a3b657453b4519573598432a87e3e3c)

test: add integration test

(cherry picked from commit b798f4ce86daa78e694c5c142e6f5f44938e6cb6)

fix: use xmlResponse

(cherry picked from commit 7f76df0b246c64fac0eeb115642c8cb6eb676f36)
(cherry picked from commit e18d574ca40905aec52fbbe8247ba83fd01874dd)
2024-02-05 15:08:04 +01:00
Gusted
8735fcdb7d
[GITEA] Vendor rupture dependency
- The [rupture](https://github.com/ethantkoenig/rupture) dependency was
essentially outdated in the sense it was using old version of
dependencies.
- The usage by Forgejo was rather a small portion, so that portion is
now vendored (with its tests).
- Removes old dependencies from go.sum (less dependencies is better for
reviewing what the heck we're importing). Just to note that they were
likely not being used by Go's build process (according to
https://go.dev/ref/mod#minimal-version-selection), so it's really a
matter of formal cleaning up dependencies we don't use and therefor
don't want to download and be in our go.sum.

(cherry picked from commit aa72a5f009b5027b2324106343f91b466ba46293)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2148
(cherry picked from commit fbe8d65f0b1836b2e771991b4d5d12f1bfa938ed)
(cherry picked from commit e18debcb6a9476f60d364e847265b4ac7fb76c8e)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2245
(cherry picked from commit 8c43c2ada82102a0df44fd874c4f5fe3a36ef758)
2024-02-05 15:08:04 +01:00
Gusted
c6a53c3172
[SECURITY] Rework long-term authentication
- This is a 'front-port' of the already existing patch on v1.21 and
v1.20, but applied on top of what Gitea has done to rework the LTA
mechanism. Forgejo will stick with the reworked mechanism by the Forgejo
Security team for the time being. The removal of legacy code (AES-GCM) has been
left out.
- The current architecture is inherently insecure, because you can
construct the 'secret' cookie value with values that are available in
the database. Thus provides zero protection when a database is
dumped/leaked.
- This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies).
- Integration testing is added to ensure the new mechanism works.
- Removes a setting, because it's not used anymore.

(cherry picked from commit e3d6622a63da9c33eed1e3d102cf28a92ff653d6)
(cherry picked from commit fef1a6dac5e25579e42d40209c4cfc06879948b9)
(cherry picked from commit b0c5165145fa52f2f7bbec1f50b308bdf1d20ef3)
(cherry picked from commit 7ad51b9f8d0647eecacd258f6ee26155da3872e1)
(cherry picked from commit 64f053f3834e764112cde26bb0d16c5e88d6b2af)
(cherry picked from commit f5e78e4c204ce50b800645d614218b6b6096eecb)

Conflicts:
	services/auth/auth_token_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2069
(cherry picked from commit f69fc23d4bbadf388c7857040ee0774b824e418e)
(cherry picked from commit d955ab3ab02cbb7f1245a8cddec426d64d3ac500)
(cherry picked from commit 9220088f902a25c4690bcabf5a40a8d02e784182)
(cherry picked from commit c73ac636962c41c71814c273510146f0533264ab)
(cherry picked from commit 747a176048ea93085b406429db0e25bb21912eda)

Conflicts:
	models/user/user.go
	routers/web/user/setting/account.go
	https://codeberg.org/forgejo/forgejo/pulls/2295
2024-02-05 15:06:15 +01:00
Gusted
089f51a63c
[DEADCODE] Add deadcode linter
- Add the experimental
[deacode](https://pkg.go.dev/golang.org/x/tools/internal/cmd/deadcode)
linter to Forgejo.
- To deal with false positives that can happen due to build tags or with code
that's currently only referenced by test code, the output of the tool is
compared against a known-good output.
- This commit doesn't make any attempt to remove any deadcode.

(cherry picked from commit ac462279e9361070326d512fc209b6f148f27865)
(cherry picked from commit b5ea6e85acecb8c02d18d51ec489bb1d329a33ce)
(cherry picked from commit 5915f3643c1939ab09dcac8f9fcb74bd4231a16d)

[CLEANUP] Remove deadcode

- This is deadcode since https://codeberg.org/forgejo/forgejo/pulls/1802
removed the usage of it.

(cherry picked from commit d840b9923e1a7aad7306c6b4d02df771ed0f40f4)
(cherry picked from commit 9442bab6266807141a14a647d3bc383233fc56e9)
(cherry picked from commit 0de9d18863c6af44941c7021548cdb07173ba3c0)
(cherry picked from commit 26abf783746ef29e66eea966160e2f9c139add26)
(cherry picked from commit 05d3a143c3785f3cc5e7f561aa2ad2ba556b55cc)
(cherry picked from commit 4b3d38d5e15b0fd02839d5687b634e7999e12666)
(cherry picked from commit a726e7198613b330a58c8c6dfc8866c360fbe555)
(cherry picked from commit cb62ae5b9885bcd5c2b6cb60f0e9cce6a991cc3c)
(cherry picked from commit 8195ba06d52fc1a05e9907149bb441b66887870e)
(cherry picked from commit 4570fb591aac0359a36800c8cadcd71613bdc7df)
(cherry picked from commit 1f4d33de2b68c776a305fe38fe6be5ae510ce983)
2024-02-05 14:45:09 +01:00
Earl Warren
c7a389f2b2
[FEAT] allow setting the update date on issues and comments
This field adds the possibility to set the update date when modifying
an issue through the API.

A 'NoAutoDate' in-memory field is added in the Issue struct.
If the update_at field is set, NoAutoDate is set to true and the
Issue's UpdatedUnix field is filled.

That information is passed down to the functions that actually updates
the database, which have been modified to not auto update dates if
requested.

A guard is added to the 'EditIssue' API call, to checks that the
udpate_at date is between the issue's creation date and the current
date (to avoid 'malicious' changes). It also limits the new feature
to project's owners and admins.

(cherry picked from commit c524d33402c76bc4cccea2806f289e08a009baae)

Add a SetIssueUpdateDate() function in services/issue.go

That function is used by some API calls to set the NoAutoDate and
UpdatedUnix fields of an Issue if an updated_at date is provided.

(cherry picked from commit f061caa6555e0c9e922ee1e73dd2e4337360e9fe)

Add an updated_at field to the API calls related to Issue's Labels.

The update date is applied to the issue's comment created to inform
about the modification of the issue's labels.

(cherry picked from commit ea36cf80f58f0ab20c565a8f5d063b90fd741f97)

Add an updated_at field to the API call for issue's attachment creation

The update date is applied to the issue's comment created to inform
about the modification of the issue's content, and is set as the
asset creation date.

(cherry picked from commit 96150971ca31b97e97e84d5f5eb95a177cc44e2e)

Checking Issue changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPIEditIssueWithAutoDate
- TestAPIEditIssueWithNoAutoDate

- TestAPIAddIssueLabelsWithAutoDate
- TestAPIAddIssueLabelsWithNoAutoDate

- TestAPICreateIssueAttachmentWithAutoDate
- TestAPICreateIssueAttachmentWithNoAutoDate

(cherry picked from commit 4926a5d7a28581003545256632213bf4136b193d)

Add an updated_at field to the API call for issue's comment creation

The update date is used as the comment creation date, and is applied to
the issue as the update creation date.

(cherry picked from commit 76c8faecdc6cba48ca4fe07d1a916d1f1a4b37b4)

Add an updated_at field to the API call for issue's comment edition

The update date is used as the comment update date, and is applied to
the issue as an update date.

(cherry picked from commit cf787ad7fdb8e6273fdc35d7b5cc164b400207e9)

Add an updated_at field to the API call for comment's attachment creation

The update date is applied to the comment, and is set as the asset
creation date.

(cherry picked from commit 1e4ff424d39db7a4256cd9abf9c58b8d3e1b5c14)

Checking Comment changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPICreateCommentWithAutoDate
- TestAPICreateCommentWithNoAutoDate

- TestAPIEditCommentWithAutoDate
- TestAPIEditCommentWithNoAutoDate

- TestAPICreateCommentAttachmentWithAutoDate
- TestAPICreateCommentAttachmentWithNoAutoDate

(cherry picked from commit da932152f1deb3039a399516a51c8b6757059c91)

Pettier code to set the update time of comments

Now uses sess.AllCols().NoAutoToime().SetExpr("updated_unix", ...)

XORM is smart enough to compose one single SQL UPDATE which all
columns + updated_unix.

(cherry picked from commit 1f6a42808dd739c0c2e49e6b7ae2967f120f43c2)

Issue edition: Keep the max of the milestone and issue update dates.

When editing an issue via the API, an updated_at date can be provided.
If the EditIssue call changes the issue's milestone, the milestone's
update date is to be changed accordingly, but only with a greater
value.

This ensures that a milestone's update date is the max of all issue's
update dates.

(cherry picked from commit 8f22ea182e6b49e933dc6534040160dd739ff18a)

Rewrite the 'AutoDate' tests using subtests

Also add a test to check the permissions to set a date, and a test
to check update dates on milestones.

The tests related to 'AutoDate' are:
- TestAPIEditIssueAutoDate
- TestAPIAddIssueLabelsAutoDate
- TestAPIEditIssueMilestoneAutoDate
- TestAPICreateIssueAttachmentAutoDate
- TestAPICreateCommentAutoDate
- TestAPIEditCommentWithDate
- TestAPICreateCommentAttachmentAutoDate

(cherry picked from commit 961fd13c551b3e50040acb7c914a00ead92de63f)
(cherry picked from commit d52f4eea44692ee773010cb66a69a603663947d5)
(cherry picked from commit 3540ea2a43155ca8cf5ab1a4a246babfb829db16)

Conflicts:
	services/issue/issue.go
	https://codeberg.org/forgejo/forgejo/pulls/1415
(cherry picked from commit 56720ade008c09122d825959171aa5346d645987)

Conflicts:
	routers/api/v1/repo/issue_label.go
	https://codeberg.org/forgejo/forgejo/pulls/1462
(cherry picked from commit 47c78927d6c7e7a50298fa67efad1e73723a0981)
(cherry picked from commit 2030f3b965cde401976821083c3250b404954ecc)
(cherry picked from commit f02aeb76981cd688ceaf6613f142a8a725be1437)

Conflicts:
	routers/api/v1/repo/issue_attachment.go
	routers/api/v1/repo/issue_comment_attachment.go
	https://codeberg.org/forgejo/forgejo/pulls/1575
(cherry picked from commit d072525b35e44faf7ff87143c0e52b8ba8a625c8)
(cherry picked from commit 8424d0ab3df75ac3ffa30f42d398e22995ada5e7)
(cherry picked from commit 5cc62caec788b54afd9da5b9193ce06ee8ec562b)
(cherry picked from commit d6300d5dcd01c7ddc65d8b0f326f9c19cb53b58e)

[FEAT] allow setting the update date on issues and comments (squash) apply the 'update_at' value to the cross-ref comments (#1676)

[this is a follow-up to PR #764]

When a comment of issue A referencing issue B is added with a forced 'updated_at' date, that date has to be applied to the comment created in issue B.

-----

Comment:

While trying my 'RoundUp migration script', I found that this case was forgotten in PR #764 - my apologies...

I'll try to write a functional test, base on models/issues/issue_xref_test.go

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1676
Co-authored-by: fluzz <fluzz@freedroid.org>
Co-committed-by: fluzz <fluzz@freedroid.org>
(cherry picked from commit ac4f727f63a2dd746dd84a31ebf7f70d5b5d7c52)
(cherry picked from commit 5110476ee9010ba8cdca0e0f37f765f8800e9fe1)
(cherry picked from commit 77ba6be1dab4f6f3678d79a394da56e6447ebbe1)
(cherry picked from commit 9c8337b5c442cfd72d97597c2089e776f42828b7)
(cherry picked from commit 1d689eb686f0f7df09c7861b3faf9d8683cb933b)
(cherry picked from commit 511c519c875a4c4e65c02ef0c4e3b941f4da4371)
(cherry picked from commit 2f0b4a8f610837d34844bb79cda1360ab23b6b1c)
(cherry picked from commit fdd4da111c449322901a0acf6d0857eac4716581)

[FEAT] allow setting the update date on issues and comments (squash) do not use token= query param

See https://codeberg.org/forgejo/forgejo/commit/33439b733a

(cherry picked from commit c5139a75b9e4af612a628171bd4f63a24860c272)
(cherry picked from commit c7b572c35d3e9e22017fd74045bcdc1109bd06df)
(cherry picked from commit aec7503ff6dd177980f3d9f367122ffc2fec8986)
(cherry picked from commit 87c65f2a490faeccb85088fa0981dd50f7199eb8)
(cherry picked from commit bd47ee33c20e53ae616a7e53d63c3b51809585fb)
(cherry picked from commit f3dbd90a747c14fb1b5b4271db6c10abbf86d586)
2024-02-05 14:44:33 +01:00
Earl Warren
20f022de72
[GITEA] add GetFile to config provider
(cherry picked from commit 88d1b53eeaa0d5ad0ed54c191236db928aadedf0)
(cherry picked from commit f63f71afad2aa8272772dba919485c5e858d2fae)
(cherry picked from commit 1f774145fc731e2d93cf8a6708dbf4c15722fa5e)
(cherry picked from commit 53e637693bcbb9fe9daca9a296c9d2c700fc915b)
(cherry picked from commit 4974cbf10a8b51d51591fa6f6281f4cd7a415c91)
(cherry picked from commit 554bca7fae7fa6f0235ab631598115875711d80e)
(cherry picked from commit 61b8cf83b988a2d8547b81cfb7aaeefaf2e17fba)
(cherry picked from commit d8bcc6f68c6dc972e8c99eb7b46a4f096f85cd61)
(cherry picked from commit ee04c340724cccada2c71db45ec510d19e92e099)
(cherry picked from commit 713153a6d63205984f2a85ee07f08269df3b0a85)
(cherry picked from commit 4e18c4f8bb35b02494d75311986fadb87328d477)
(cherry picked from commit 32be9db12df3dea9c12bf803a5226b6ae8cd7b32)
(cherry picked from commit fd50e9b9b4d7cd804e57418056126ed2df9bec6a)
(cherry picked from commit 11717b864bf4d820305511cf22ec50f61604a770)
(cherry picked from commit b70f3e0fa5db9cd90c961138c1ab748aa5c6a4d8)
(cherry picked from commit 2d802b2963d18b28a85a82e01f7a7f18ab8c3192)
(cherry picked from commit f61e2f71e2d629cc4e480f9e61c9b383675da0ef)
(cherry picked from commit 31723651c96d3f20811540aad94878815795da15)
(cherry picked from commit 38f6f703a0dfb04a9d436c8c806f1be513c7ea3a)
(cherry picked from commit 75f6716905755cbe3d7e49d965ab81a47f625bb7)
(cherry picked from commit fed2b2daf5d44348a0096572e91708ac3db5e9c8)
(cherry picked from commit a9bafa50213a3a385ba3901b2730fb84149855cc)
(cherry picked from commit 8ce897b3fe918c5702d5c86d97f1703a1f266697)
(cherry picked from commit c806addcd07c6afb20d9aca833cfa9a33ac680a7)
(cherry picked from commit e70d51bd26b49de93b2fe012a4f03efbe6c97607)
2024-02-05 14:44:33 +01:00
Earl Warren
726f3b1d84
[TESTS] verify facts for the admin storage documentation
(cherry picked from commit 57e597bf7e1e3bb3b7bcbcea66a4ea170a231f85)
(cherry picked from commit 643a2b0e81570e935779f6c509ebe4633fad74b9)
(cherry picked from commit f10faffb4febeef114d5be4e6abe57bd3cd72894)
(cherry picked from commit b440c5767eebdf406200e9a47446827778514425)

[TESTS] verify facts for the admin storage documentation (squash)

(cherry picked from commit d83d8ce57b8b39b4da849f5403198ecf706117ba)
(cherry picked from commit d8855ef27cd1b219184e95ce055bc6d84350ee26)
(cherry picked from commit 11230466ec0c1c4db1296cdd2ead74fc91a34491)
(cherry picked from commit b2cdd9d971b694fe32bab11f9ccdb41a38d7c6fe)
(cherry picked from commit a0a5e785241ac2c3a7493aa62637351021d48a39)
(cherry picked from commit 846413110fb936c386ba7fa80ff67e4394231464)
(cherry picked from commit 72b92d5a7854f5afbd949e0c6e53f3a4f5b72055)
(cherry picked from commit 7e039a9427d7a181ded17d653f49aa26679479e4)
(cherry picked from commit 227d42a1b69a1e542576ddc094d038de210183bb)
(cherry picked from commit 6488950a9b00b746c936fec41e6a9c59c4c02740)
(cherry picked from commit 0285c997749457cb6f67c5f3ca68e62721b53023)
(cherry picked from commit 0527bb20db0b22a1640f7d058399bc42ab8f9b98)
(cherry picked from commit b4d3fd43e314197f059830fe36d532888ef14c62)
(cherry picked from commit b45db6430024313f9530c1443d54630213f3b34b)
(cherry picked from commit 722ab376118847dca33ed5a47b6a41edda132b63)
(cherry picked from commit ff45632b42b1e5e741858a8f3bdb89a6d79cbe3e)
(cherry picked from commit 5144ae2aa7e1d903ecf6047902d9608cb6ae5500)
(cherry picked from commit f51438cd6888b9964c60369fecf64b727fe95ce1)
(cherry picked from commit 5ec304e5a178fb8c067b957233f54d8014df432f)
(cherry picked from commit 440b8c1af1d18f364f290fa385274d821b04c131)
(cherry picked from commit e5bbc626c1228a810bc8d6830cc5a3ee00d1baab)
(cherry picked from commit a996fe0fe4593d2f0432cbd8500f91cbbb011bb2)
2024-02-05 14:44:33 +01:00
Earl Warren
081a155cc1
[SEMVER] store SemVer in ForgejoSemVer after a database upgrade
(cherry picked from commit b7fe7cf401f4bddd6455efc651f7ac054f3fe1cf)
(cherry picked from commit cf339eed4f4851b18448dbdd83df32d00bc6f45b)
(cherry picked from commit 4f3a16168bbeced519a60c32e10e2895d9367238)
(cherry picked from commit 6f5bbc53fcebd614f5ee8627c7d6e3c637ffa694)
(cherry picked from commit aca42b422e76668387769c15868ef77b073bb7db)
(cherry picked from commit 5a7f7580e525694d1f27e12329c8532bd29273f8)
(cherry picked from commit 06c383c807ad49e1e35b429a10c6a11c65aeebe5)
(cherry picked from commit fe831dcb53b81b6cc632be751bfcbfb9bc00efd3)
(cherry picked from commit cd12cd0dbce47c6117ea579ae5019c182155b3a9)
(cherry picked from commit cc79163703ce31706c86b88c38fb8a20ed745e20)
(cherry picked from commit 0102a5715ea6a03b560cc2f0b6cbe2b2576c255e)
(cherry picked from commit 403f7520b3056eace36eae505afbab6a05f597b7)
(cherry picked from commit a3b61510a246f61c174ddc3c288e556522a6aab9)
(cherry picked from commit f83f0f9feb76a8b62ca4d74dc2785c713fbec282)
(cherry picked from commit fd1c3a6d09a057070844cd955d0920518e60f408)
(cherry picked from commit f7cdc3d6f1ad1ff01bb1814207fcb41210db80e8)
(cherry picked from commit 060121b644e0515a6b673cdd514d52e6fa1e6ec3)
(cherry picked from commit 62c847ff0235196e73e860d0d1658f0734985270)
(cherry picked from commit 4d051b51c2813828b978ef84b6b72c0ba051741b)
(cherry picked from commit 86e6981a936b1937065605892083b2488424bf5e)
(cherry picked from commit c1fc9e441b1467033911f3848f82a89aaacf98a9)
(cherry picked from commit 8bb2f0871a507d881acf74acf8fb90fd5ebff567)
(cherry picked from commit 0cd9fe52511ee06f1b8849325d196f60d8ccd151)
(cherry picked from commit b0b44778b4d3e51852d0669dfe6d9a6c334b90e4)
(cherry picked from commit 7c2f4f749f1c8986875eebf95254a3db151e5248)
2024-02-05 14:44:33 +01:00
Panagiotis "Ivory" Vasilopoulos
4df238bda0
[FEAT] Use OpenStreetMap in USER_LOCATION_MAP_URL by default
Follow-up to d58c542579 for Forgejo.

By default, Gitea does not select any map service that can be used
to introduce a 'Show this place on a map' button in the location
field of a user profile. Before I tried upstreaming this change to
Gitea, this was the case in Forgejo. This patch essentially recovers
this functionality, which is nice for public-facing instances and
communities.

Links to original PRs:
- https://codeberg.org/forgejo/forgejo/pulls/1076
- https://github.com/go-gitea/gitea/pull/26214

(cherry picked from commit bb187d5f617f8efceb41810d6ff9adcaa60450bb)
(cherry picked from commit ce02ef9078a8731921caa4f7b0c1b0ac3b59a784)
(cherry picked from commit 6b75c40e2575e23810880ee8e368dc1781e2b4e4)
(cherry picked from commit 6bc8e9f5737f5721ddcd1ef5926a778a7f66a4a3)
(cherry picked from commit 063f8afdf7c2cca014c60dcc3d78d270fd236f8f)
(cherry picked from commit c5cc736b72e1ba980519e9258686f41e4eb78b42)
(cherry picked from commit 7b1bb4bedc6196fb6e8516d9a34092b16d7fab05)
(cherry picked from commit 2a022dceb4b391e2fc25b077193ae22a71380eee)
(cherry picked from commit a946c142d2448cb92daaea11851cf7f00921f062)
(cherry picked from commit 8a4ea0c7ab8960f41a67442fa2f485fe0a901a96)
(cherry picked from commit 37bfb05b34e61194afe407acac5778258315b756)
(cherry picked from commit 12fbbb1754a1a836f6923431e47a5de95aec6b2e)
(cherry picked from commit abe9de2cd91d7c5f176ceddff20ce194439703c4)
(cherry picked from commit 84db57871785d84c2a32edc22f769821b3bec961)
(cherry picked from commit 1beab7af463727ede3b2cc577696f8223fca78d1)
(cherry picked from commit 8779d505f2ab738e24503f74dd7bb6dfc8187996)
(cherry picked from commit 21a788f2eb549a494d52ab23a47533d9a7534ee6)
(cherry picked from commit a7cc6d168772e13bcf0808da14ff1ddf9baa64b2)
(cherry picked from commit 25f840379f19e0b90e69078e6c09a3c36fdf13ac)
(cherry picked from commit 0db65f11224f030877e5279b85af4b9e3e975ca7)
(cherry picked from commit 0e08cbc854cc1561101f1efe68de1d0860f7c905)
(cherry picked from commit 57de51db8d965a6c5a90477f58d2600fa3e7feda)
(cherry picked from commit 5ab3dcabb1461f4453f58718c6802baeffff06c9)
(cherry picked from commit 7b5ad0c13b44a705320965414bb4b366cb5a2a10)
(cherry picked from commit adf449a11595e0f16e6aceaeb0e7bfa277a6c333)
(cherry picked from commit 77aa18227e9f5d675ddae6b9f058f664b0d30795)
2024-02-05 14:44:33 +01:00
Loïc Dachary
de51b21624
[SECURITY] default to pbkdf2 with 320,000 iterations
(cherry picked from commit 3ea0b287d74b8fc0dad08b2a539105e1aa1c1e67)
(cherry picked from commit db8392a8ac093d4d3760e8bb40c56d8e194d44fb)
(cherry picked from commit bd2a5fa2923c320e01faeaa1fdc1ad823c337027)
(cherry picked from commit 2436acb3d986bad08aa134e450420fc4a08f5d62)
(cherry picked from commit 62f50e1c521c30729781e5cd58882e743bb8b851)
(cherry picked from commit dba18925217254d22f76306c0fe1c046c419268e)
(cherry picked from commit 4b58e3b6d41f9e42fd34469184a3c7d4c5205c86)
(cherry picked from commit 12470568569fec0644319d3d263a82bc7acdc0c3)
(cherry picked from commit afbaea700972ddd4cb788d0b6d5e78de5558756a)
(cherry picked from commit dcd4813d96f8d4e429914f4c8f951bd25b23afca)
(cherry picked from commit b51dc963d1625bd7b9869302ec1ae70bbafb4442)
(cherry picked from commit 611e895efd28026fdc4661893172356e76f6c3d0)
(cherry picked from commit fd492a03f5335c138e143e784657f7012484bd8c)
(cherry picked from commit 2c99991f44a15466339bb82b29d455c66795721b)
(cherry picked from commit 7426c1edb4b904424cded473c94c9739fde83ed0)
(cherry picked from commit 373244f8b2d449e8811e488e3a3732ba9bc79eaa)
(cherry picked from commit 4f6efecdb9d932459dd9f4d7ee393a121a7bbb96)
(cherry picked from commit 61d500808e443ce770b06fa1b87728a7785bd387)
(cherry picked from commit 65f8384b6361c39d48df95227b047a20977482be)
(cherry picked from commit 12ed28e734f79203ad6bf94774008715da6efd21)
(cherry picked from commit ec6cdc9e1a9544f4f2b0ad7256ed2a8b15cf5335)
(cherry picked from commit 08653ba05119906e066455a3e3913e66c179dbf3)
(cherry picked from commit d5847c87cbcf0fd15953fb7aeadd1cece989b6c9)
(cherry picked from commit 640a96e19be0c7faedf5aedfd90c15df8dc8f376)
(cherry picked from commit 46177814a9ee8596b58055b57bea5441a893de7f)
(cherry picked from commit b0098f5a80356757107cc4dd58bf24e2acba6b26)
(cherry picked from commit ce5ddeeca9fa39180a2f9630c82007f8e9410867)
(cherry picked from commit 5736fa1025681244b8eefef9a14b0715fa37d9a1)
(cherry picked from commit c43ca210fcbc2589158df8c2c3036dedb00eaa52)
(cherry picked from commit 7f92906bf3c72649dd2668263761ded71cf5ee91)
(cherry picked from commit f726525d2dba5e481f758624e62eeaa3d38be564)
(cherry picked from commit db86c93b0b7d2c1a7c17fcb6047b3d75873f9bbe)
(cherry picked from commit 6751bd93c3faf4be0f29b52b4c41626a244a2a54)
(cherry picked from commit 74bb523ac96062f93f20c174dcc9b1dc7ad94b13)
(cherry picked from commit 94f9045a81ef58ecb6671d1e8f2ad31a7758ea9a)
(cherry picked from commit 5297eac42d905d10060de688963f111cbefe49d4)
(cherry picked from commit 57e3c57c519f41a595845be3f2505610ae8ad690)
(cherry picked from commit c5cacfee51e2e7846234c9dd9c053b6cdfaf3947)
(cherry picked from commit dfa31ee0048dcf5c3b8d6fec6184f665a019f014)
(cherry picked from commit d7d10a76b41079cab423f00a96426a8de19fb876)
(cherry picked from commit 62bd4edd4622ea778d8994d05c535de677819544)
(cherry picked from commit 798c211f86f4ce713ab3fc18411fd72a57a219ef)
(cherry picked from commit 1f645aeceafdf6f4f74864b14d939c4bcdf096be)
(cherry picked from commit 8a8b62e10e9678fe33e32fa75f4b8c78e6aef68f)
(cherry picked from commit d3ff4e1fdfdaa272941d86735c91107f03280294)
(cherry picked from commit 81412571f8daeb4797556ba846ef7d7280844ef2)
(cherry picked from commit e9faa1f4e02c567721d2c28426580a839b96de5e)
(cherry picked from commit bce1ab85f7cef1696a4560f079bc346e813814b2)
2024-02-05 14:44:32 +01:00
Earl Warren
0dbcf3a3e8
[CI] Forgejo Actions based CI for PR & branches
(cherry picked from commit f9d75d4705ece5c119f2fd5e2bfbaf630d0bf739)
(cherry picked from commit 64f76f4ab269daa6a584305164732c68be0161c5)
(cherry picked from commit 5d024541551f1be98444923f0fa327a855104725)

[CI] Forgejo Actions workflows

(cherry picked from commit 3ff59b5379ebf761f32875f9d869a1d18f79741c)
(cherry picked from commit 8af826a6f7c70d03079ec68f10230041695017cd)
(cherry picked from commit d7c09d9cc80037a28d488da142ae2a2a99f59ac9)

[CI] use the docker label instead of ubuntu-latest

(cherry picked from commit b6a6470db6c8bae9963e204f9c8c408f309e81e3)

[CI] all tests need compliance before proceeding

(cherry picked from commit b35c496f2c3034164b9bb3a3550f35026adf9372)
(cherry picked from commit 36a4148a8ec654ae9fa5a6925a3b8606b96aebcc)
(cherry picked from commit 7ffcffa653808a284f422fdc31f6ea07874b585d)
(cherry picked from commit 8a246d296e502c181c6ee779d1773c9e78ca7acf)
(cherry picked from commit dd0b6e1826ba7699f967de2c00c1332909a53473)

[CI] Forgejo Actions based release process (squash) MySQL optimization

Refs: https://codeberg.org/forgejo/forgejo/issues/976
(cherry picked from commit b4b8c489e6e9fe36349eced5d4249467b25df2a7)
(cherry picked from commit 1e861db4afdc32549784381a96b16dac508ec1c0)
(cherry picked from commit a6c0e00330ded851c2f524039259f0b723d793e4)
(cherry picked from commit f97b336465fd6be15079e756c9ee3a580f0aa339)
(cherry picked from commit 6d65d5f0d6f798556a8f9e547896be03a5ee2f87)
(cherry picked from commit 79bfbadbed3bf84b96f2c027d119a4aa5c60d5e2)
(cherry picked from commit e86c40a34a97fc568c724ee5f8ee5b2bf46ebf19)
(cherry picked from commit da0c454adbcf1b5dbb95d9d74afaa371e32351a0)
(cherry picked from commit b49d892cda968b22ad6c29caade042690d96f2e2)

[CI] enable minio tests

(cherry picked from commit 4d8f4380311b872061bd20f561424662ecd8d817)
(cherry picked from commit c4eeb0a61ef579c21b0382edd61c62adebe93b28)

[CI] Forgejo Actions based CI for PR & branches (squash) cleanup

(cherry picked from commit 80eb20e84267552c971096693558734f0ec7afdd)
(cherry picked from commit d2ff589858961e4f25bc1d903cdf57df1db4c316)
(cherry picked from commit f6eedecb67fce992605bb1fcdd93c866ec47a9d4)
(cherry picked from commit cf458091e245e1c70944e940a214d5127f304303)
(cherry picked from commit ddd322cb2de165126080b222c1b09b2a91fea182)
(cherry picked from commit f0f5729b6467bea053d532c4c64c54a0fe737c98)

Conflicts:
	.github/workflows/pull-db-tests.yml
	https://codeberg.org/forgejo/forgejo/pulls/1573
(cherry picked from commit bb347aedd4e5030eea46ce22176a0444619df6b8)
(cherry picked from commit 0f5ebe8c3e78cef6f310ee9097a8413df904c08a)
(cherry picked from commit 9101cb4715ed88c6a3f0ad14443758d9bc9c61ed)
(cherry picked from commit ab118fe4efd96e9bb7134065643f094a379bb192)

[CI] Forgejo Actions based CI for PR & branches (squash) use node:20-bookworm

No longer use the custom test-env image, it is unecessary technical
debt.

Also upgrade to bitnami/minio:2023.8.31 to align with what Gitea tests

(cherry picked from commit d9b77fd2735a52043b4f8f1baaaa2e15073db621)
(cherry picked from commit ef8f099f9ea03d216324ceff348fe643240341dc)
(cherry picked from commit 6d3c675d203ba838de1f0540977f5e7e9f62f055)
(cherry picked from commit fc00ff45f2e810cc2a84bf57cdb2765830e5b07f)
(cherry picked from commit b7f02b9846b8c7087a4827a9c87f48eafd2ba1a2)
(cherry picked from commit d23d86e56728f4a263a0567c14e2dc20407baaff)
(cherry picked from commit e68e65460c40d343a3ada858c0c48d03a6a14bbb)
(cherry picked from commit 96f93a1fdb9f2c6ecbd05ac24c5375f3e0d631df)
(cherry picked from commit 2ff3080018633212075935ec6644654184009a2e)
(cherry picked from commit 8ea00bcff471b877e442f7b78bb46880c9e396f0)
(cherry picked from commit 85be961970b0d374d9816348a8a1b51289f7c787)
(cherry picked from commit 387b279fc33d79be1f0f0b35b32f5c17b0d64c9c)
(cherry picked from commit 219be7aa85fbf2bd5cb9daead3544b27f6200d83)
(cherry picked from commit 929b75ee39cd6d1a462bbd0c20597c357949c953)
(cherry picked from commit dd42a30d6a9e6cad26c9c916d733a0270d94a87e)
2024-02-05 13:33:59 +01:00
Loïc Dachary
be2de105f5
[CI] Search .forgejo/workflows first
(cherry picked from commit 8b11cab677503be78b1deb17ed9dd5fb1c823a7d)
(cherry picked from commit be5927069674a17a4c09e7f0aa530bc4630851a9)
(cherry picked from commit e068f8b191585e2910d8a45ea78bfa1b78015bed)
(cherry picked from commit 7855bb0c60b5ec2a972ae04e4515ee5adb19a5e7)
(cherry picked from commit 45c4c8f44383dced75ab83f7c817b52e78968fab)
(cherry picked from commit 89520d67ffe0062e1accd39763e1e7dd5058d83a)
(cherry picked from commit 15eeb417a4b8bb948f888c73e20135c1e0fd1f63)
(cherry picked from commit 6db53a26432f02ae50da948483e2010bd962f9ce)
(cherry picked from commit 2f689b321fa275b6412f0b8686edc7aba97c3565)
(cherry picked from commit 04dc478314c3b4927cca78c354ca46ee217f035a)
(cherry picked from commit a554624f40f51c1c75d754d6cca14f7626bb599e)
(cherry picked from commit abca05f0d1c29680bba897cc0de7037053915ced)
(cherry picked from commit dc13e7eb22f2bde817f3845c646574d8f39c1b18)
(cherry picked from commit a161c5740eb5e76c13354ba2388fa34ae925fd8b)
(cherry picked from commit 06d33e2773f01b576ba050afe2b88718a7999434)
(cherry picked from commit f536275161cc4bf5d2f163bd68a4c4498c9fff3d)
(cherry picked from commit 84ac6f314a1840d45bdecb2ccd4482fb925fd2c2)
(cherry picked from commit 1e8126edfc3a6c78cda35f053bd0ac40ba9874ef)
(cherry picked from commit 0287ac3416563e0af05c3aeabc338b791c74ddb2)
(cherry picked from commit 3e5fca2aaea299013691f102b10417ac33988df0)
(cherry picked from commit 03b220bfeb86caa82eec2a67caf9a08460cf76c0)
(cherry picked from commit 1d033f4aaf2b7db1ae98e91d96ef3b8a0b07539e)
(cherry picked from commit 2ee9e3e9a395357885f16fa8a22a24cda79f637f)
(cherry picked from commit d28c2849931e7de2ae1660513774047bf6868e1a)
(cherry picked from commit 239df83859f88f7833f5796ee1f0811732c6e9a2)
(cherry picked from commit 96ae0c2e5d4fafbead44db52297e21242da0a6d0)
(cherry picked from commit 49aef71b322395674a5360bac7b93561e773ea35)
(cherry picked from commit 38b56d108d3f27faa0dc191518e6dbcb775fd7bf)
(cherry picked from commit 30f8d9ec3adecf4025fc3547e9a745d700f68d83)
(cherry picked from commit d5318618509f5d8bdef999445357553ab1c4cb5c)
(cherry picked from commit a75707deaa52cd3fedfda766460bcc8f2d7dea92)
(cherry picked from commit b1c73918b2ddaa4a59d9e7405b3b5bea5ccd496a)
(cherry picked from commit 53919170919bfcd3dca00ecbeb0778eadb0af075)
(cherry picked from commit a427f8dae539e9b38b8ca0e86ebb09cc2940e5a7)
(cherry picked from commit 6ba6f62c7e696b6975fbd797b1c596ff28c64e91)
2024-02-05 13:33:59 +01:00
Earl Warren
c480d7fe6d
[CI] disable meilisearch/elasticsearch test, no server yet in CI
(cherry picked from commit a1381d9146fba42cb97d72d38525fa3e721bfb03)
(cherry picked from commit 74714e02461fb47fcc0901211668e4529fac68d0)
(cherry picked from commit 7749dbfe6684498a47e3037088e7bef3542b6ce5)
(cherry picked from commit 437924971136eaed795f77edd3d3dfffa5f68103)
(cherry picked from commit a69f55bebf82a0b68bc0f66bc029eaea836cddb7)
(cherry picked from commit 24dd5fbfdbc27c887dbc24661c1005fb2e14e3c6)
(cherry picked from commit dda856d6b83936fd1c96c84544b086cbd8f63115)
(cherry picked from commit bc14f4fa97fffe82d1c666e961e313f88433cb9e)
(cherry picked from commit 78fef4f1379d8854901151d4bc62135c73db868e)
(cherry picked from commit 69e013cc515e2a50006d8d02f575ff6490d272ff)
(cherry picked from commit f173c6a2734b2dccf1424d27cd8e10fc296e44a4)
(cherry picked from commit 92f9d02547017770deafd1f715c32ae4479b8ded)
(cherry picked from commit c99d51e665370ceb71b96b3fb65184090c7e4442)
(cherry picked from commit aa0650fd2b42738a5e564c229c3eb63b8ca77f9b)
(cherry picked from commit 0a8ef91302368751df22a1967857283222bc097f)
(cherry picked from commit 7b54fe01c2ded0bbbcae6b89d9e330ca4f6ab744)
(cherry picked from commit 0e154f366f14d106d14f500f605380c29b5a3f21)
(cherry picked from commit 02d88ee16d23b9ebb04bf1af843fc5d2074783ce)
(cherry picked from commit 411924e0172a7b10de7513f2e7f60ab5341b13e4)
(cherry picked from commit f4e9ca6db59f2c5c638a0560d4ea99833d61520b)
(cherry picked from commit cd80126a23573dd5aea1e9674ee0bfa34c63ec5a)
(cherry picked from commit da626702f9743fc6e1dd77d21aff5fc3afe75912)
(cherry picked from commit 4b81d0bd046fef267bb10d2ca0cbd342c87fd4e2)
(cherry picked from commit 53ac2606694fa060879a0f4c82f6164c6f42a4d0)
(cherry picked from commit 984081f08d108acc47d312307b1c3beee3058202)
(cherry picked from commit 1c39bae3ec9b485f9969e29ed7ae8fe37b32da69)
2024-02-05 13:33:58 +01:00
Earl Warren
d26fce3995
[CI] disable redis test, no redis server yet in CI
(cherry picked from commit e1bbfa36197ebab97954e8195f7d36adf7c85d56)
(cherry picked from commit 91245ca9179a46047a351247dacecdace557111d)
(cherry picked from commit 705d0558be2c90d06e9e5b883044fd0b275b1113)
(cherry picked from commit 9247594970c9db109e3e6ca3fd87485450df921c)
(cherry picked from commit 9db1158a487e00e588810459fe402cc2ccea43f7)
(cherry picked from commit 3b36b77d87a90fbea03fc16638657e19328ccedc)
(cherry picked from commit 162fa1d8ae3753dd8ee51698555e495f2c63d925)
(cherry picked from commit d03d0afbb565c8bc8b723e10c8c70b69e7af7b80)
(cherry picked from commit 7b8f92f7871b838bc2eefa34e7dc48bcd141d1d5)
(cherry picked from commit 035abca9691d33e319062325dae402da66683c43)
(cherry picked from commit a8fbf6bb56046665cb2cde0ffcc753f56b2f0f2d)
(cherry picked from commit 3be681d037b07880236cae1aa70245e5eb4d1497)
(cherry picked from commit 7e5d471c832ee3fea378ecc97835b038bd55a8e1)
(cherry picked from commit 323801d935fec2c6d460192b62fa12b5204da76e)
(cherry picked from commit 3fdfe4bfea623111f1f97e50b71b98a63c8b38e7)
(cherry picked from commit 58a07421a4508ca298c1c3a45d33d49737ee98d8)
(cherry picked from commit dbb71a4c8502b640857d3500dda12ab4b5d74b29)
(cherry picked from commit d442113520d21149e155d1e62bbeb6a35a6aec08)
(cherry picked from commit d3329f01f8c7145c422b159509f544ec83604a51)
(cherry picked from commit 069a1d68b856898e2913d1d4456deb7f1e976a6c)
(cherry picked from commit 14919e609a4dd9ae9ca19880ffc459def8bea273)
(cherry picked from commit 49b76be1068d1f83169956bb141116481a7e6a3c)
(cherry picked from commit 0fe9f257d2bd277f5cd620fe04e4b80b5abcd585)
(cherry picked from commit b583bebeab3d0b182df6b5d087522a4fb89ba3e9)
(cherry picked from commit 5c616e43a64451d607b6ee24400708d2704fd4db)
(cherry picked from commit 854bcea9051dc615cfd6d3e8cb03986e9058fd65)
(cherry picked from commit c2acb181c57e6ffef37df1a3a3b1b63c326cdd43)
(cherry picked from commit 1cb07e71d14118871ae40a82adabcde851a3e172)
(cherry picked from commit 5d3f09e6351614a8db979995299ac1b94ebf08ee)
(cherry picked from commit f8bf1c8d42be0eb40f4d4fdc72e7e4cefa842e52)
(cherry picked from commit a471ed4576607a4e13cac980016c9e2a702d9fd5)
(cherry picked from commit 95c755f4e34bb753a0f94f87f02a17256d7d1619)
(cherry picked from commit 1d8bc5215f6918e11d8beb1f7e252b04d9c15bb6)
(cherry picked from commit 45c1e7b8d0920db98556ecfdf0d1111c2ffcb66e)
(cherry picked from commit 2eb4d93af7b5679228dc38578a746242250e5d92)
(cherry picked from commit 98dbce5e147432194d6f177133dcaabe04309712)
(cherry picked from commit fbe2fb5861c90fcc292f357f45f804ee87594b6e)
2024-02-05 13:33:58 +01:00
Earl Warren
e90db3f5cc
[CLI] implement forgejo-cli
(cherry picked from commit 2555e315f7561302484b15576d34c5da0d4cdb12)
(cherry picked from commit 51b9c9092e21a451695ee0154e7d49753574f525)

[CLI] implement forgejo-cli (squash) support initDB

(cherry picked from commit 5c31ae602a45f1d9a90b86bece5393bc9faddf25)
(cherry picked from commit bbf76489a73bad83d68ca7c8e7a75cf8e27b2198)

Conflicts:
	because of d0dbe52e76
	upgrade to https://pkg.go.dev/github.com/urfave/cli/v2
(cherry picked from commit b6c1bcc008fcff0e297d570a0069bf41bc74e53d)

[CLI] implement forgejo-cli actions

(cherry picked from commit 08be2b226e46d9f41e08f66e936b317bcfb4a257)
(cherry picked from commit b6cfa88c6e2ae00e30c832ce4cf93c9e3f2cd6e4)
(cherry picked from commit 59704200de59b65a4f37c39569a3b43e1ee38862)

[CLI] implement forgejo-cli actions generate-secret

(cherry picked from commit 6f7905c8ecf17d5f74ac9a71a453d6768c212b6d)
(cherry picked from commit e085d6d2737e6238a4ff00f19f40cf839ac16b34)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb20268a394030495c3caab3e3d4bd8b7)

[CLI] implement forgejo-cli actions register

(cherry picked from commit 2f95143000e4ccc94ef14332777b58fe778edbd6)
(cherry picked from commit 42f2f8731e876564b6627a43a248f262f50c04cd)

[CLI] implement forgejo-cli actions register (squash) no private

Do not go through the private API, directly modify the database

(cherry picked from commit 1ba7c0d39d0ecd190b7d9c517bd26af6c84341aa)

[CLI] implement forgejo-cli actions

(cherry picked from commit 6f7905c8ecf17d5f74ac9a71a453d6768c212b6d)
(cherry picked from commit e085d6d2737e6238a4ff00f19f40cf839ac16b34)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb20268a394030495c3caab3e3d4bd8b7)
(cherry picked from commit 4c121ef022597e66d902c17e0f46839c26924b18)

Conflicts:
	cmd/forgejo/actions.go
	tests/integration/cmd_forgejo_actions_test.go
(cherry picked from commit 36997a48e38286579850abe4b55e75a235b56537)

[CLI] implement forgejo-cli actions (squash) restore --version

Refs: https://codeberg.org/forgejo/forgejo/issues/1134
(cherry picked from commit 9739eb52d8f94d32f61068d7209958e8d2582818)

[CI] implement forgejo-cli (squash) the actions subcommand needs config

(cherry picked from commit def638475122a26082ab3835842c84cd03839154)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1209
(cherry picked from commit a1758a391043123903607338cb11490161ac946d)
(cherry picked from commit 935fa650c77b151752a58f621d846b166b97cd79)
(cherry picked from commit cd21026bc94922043dce8e2a5baba68111d1e569)
(cherry picked from commit 1700b8973a58f0fc3469492d8a39b931019d2461)
(cherry picked from commit 1def42a37945cfe88947803f9afe9468fb8798fe)
(cherry picked from commit 839d97521d59a012b06e6c2b9b0655c56b41b6cd)
(cherry picked from commit fd8c13be6b45f9aa939be482c0a4e5a60c89344c)
(cherry picked from commit 588e5d552f044d91218a07fa46e84259d4892c5d)
(cherry picked from commit 151a726620f662ff9af37316dfda38a6bd6744bb)

[v1.22] [CLI] implement forgejo-cli

https://codeberg.org/forgejo/forgejo/pulls/1541
(cherry picked from commit 46708de7b9a3efac74aced8361327a39f45b6892)
(cherry picked from commit a8e5c1369ee3ee197579a30aeba519b4384360aa)
(cherry picked from commit c8a32aaf24fd851927432f140fcc59a274824d33)

Conflicts:
	models/actions/main_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1656
(cherry picked from commit 79f4553063c4f4ee70c98f95d9e62facd9d33c67)
(cherry picked from commit 0379da0cf5b14e7915f2f38502bd00036723071d)
(cherry picked from commit 331d58c085d6533ebcc528c1ac69d4f99e8e9acd)
(cherry picked from commit 89705502c477ec833bd7ce46c3cedc53fbd454bc)
(cherry picked from commit 4723d5febf4a5748b2ca038bc95235995ebb8c11)
(cherry picked from commit e71b26013039d5d029ec4c38befd25e6a447b3f1)
(cherry picked from commit 6a376a5b48b0b5187f492ddd73c72896cc8ae0a8)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1969
(cherry picked from commit 6ba97cf4b5bae19426fef9d65a20bc5527e41a90)
(cherry picked from commit e0a6ebfeca1ff20d53fe8d0baf4a737d6e10fce1)
(cherry picked from commit 5702aeab2d25fa1f79fb1d11ec359a5460dc0f91)
(cherry picked from commit f919c4d6c11423ac2d3ab624d9a6390661c07aa7)
(cherry picked from commit a26799a88aa2f320b498372717019fa601545931)
(cherry picked from commit b6ab4733959176aacfb25183e9f2f5e57195e35d)
(cherry picked from commit cf054a0461ea204f81774b4da52dae186970d1a8)
2024-02-05 13:33:58 +01:00
Earl Warren
4e5bf59579
[CI] DEFAULT_ACTIONS_URL = https://code.forgejo.org
[CI] Revert "Restrict `[actions].DEFAULT_ACTIONS_URL` to only `github` or `self` (#25581)"

This reverts commit 67bd9d4f1e.

(cherry picked from commit 0547e94023a545fafe82e280dd809e7efd6d86e2)
(cherry picked from commit d21ad654ad0abc243913532326e916899b0e387c)
(cherry picked from commit b905e9d8386c58206234a417769cc17b3be34b62)
(cherry picked from commit 251a5bf235b1723bc2bc324f9e8c03a8668bb5ae)
(cherry picked from commit b370e4769423bec92b0f265f3e3b2b683640024d)
(cherry picked from commit 2cc28d078507027749c14a5448e949ab54b79c66)
(cherry picked from commit ed870a39e98fbb69c435a3a3ef0434fe6163ebe7)
(cherry picked from commit 7bb0c4654ecbbd2feee2c74034c1e2cdca0d6828)
(cherry picked from commit bab1f552c385e3c7d0faa33d28fb8087780ea834)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413

[CI] DEFAULT_ACTIONS_URL = https://codeberg.org

(cherry picked from commit 52b364ddbd9ac82b9e6f9c1767db2d6b36165011)
(cherry picked from commit 99887cd5673f6da49664b590ad60c83fdbe25a4a)
(cherry picked from commit cd5788782aa5c2ee8baecd57ca1e7882f0854453)
(cherry picked from commit 71c698a704d307c568f247710550d48f27cca4ce)
(cherry picked from commit 71386241dd741a4fa0b67d59a07d84ac31e0b870)
(cherry picked from commit b7ab05aeac12c44acd117d5a4e8d7b4da2ba4aa7)
(cherry picked from commit e78b9ca59c0af867f94d9c9bfae48f8cc9381224)
(cherry picked from commit edb3adf4606af94ed0ab0bd844ef626a39a99297)
(cherry picked from commit 3e400881975340be9148c4549a744395a6dac665)

[BRANDING] DEFAULT_ACTIONS_URL = https://code.forgejo.org

(cherry picked from commit d0e4512c902dec669da36a055a2ea54adb107e0f)
(cherry picked from commit 8ba6e047095e9ecb107d77361664fa83b03ddaa2)
(cherry picked from commit 63490810449b4189ed8538a22182fde1bc89c057)
(cherry picked from commit e06bd444951d1fd94a71ce3d591a8f397f456363)
(cherry picked from commit d58219d8e13f0b4007108d78f8f6f96a1d842c2c)
(cherry picked from commit 052f2c2aa45ae1aa1d59aaf713db4f771f62773b)
(cherry picked from commit 29dc39538631f65eaaf5dcc4eeb747fbc68d7498)
(cherry picked from commit 9eef3f59f3a1347ccc7d6d3704c9f5b40a3b6555)
(cherry picked from commit d650391fedd5b2cac313e29d51cc8689d885a594)
(cherry picked from commit c2e6e8c55d955f1e2b781c983f05319dddcc4386)
(cherry picked from commit e28a47741dc668421989b6b2310365a6611b23b7)

[CI] DEFAULT_ACTIONS_URL support for self & github (squash)

Refs: https://codeberg.org/forgejo/forgejo/issues/1062
(cherry picked from commit 74cc25376ecd1dbab57abffe286ae1f918057cfd)
(cherry picked from commit 405430708ffbebcfd2cefdcdfd24a540985b817c)
(cherry picked from commit 0274a6dee7f383bcd6b65b995b991b5ab0ee635a)
(cherry picked from commit be5cda0fd03b265367c551aefed83456be257075)
(cherry picked from commit d27474849fc4dd4ec958c04b7be06eced8b74d6e)
(cherry picked from commit 4a5e9e2d81f89b5c9e6782d1c24880d62f802d7f)
(cherry picked from commit 65b31906b27c7a6ecaecf74af748e046c51aa7a8)
(cherry picked from commit 13cf0b0963bb110db7229dc5cd4d202e7dec11fb)

Conflicts:
	custom/conf/app.example.ini
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1413
(cherry picked from commit 49529badce0a43a07a786b22e2a8705a6a1dbe63)

Conflicts:
	custom/conf/app.example.ini
	docs/content/administration/config-cheat-sheet.en-us.md
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1460
(cherry picked from commit 00327b9b1f8512ddb93a07b57fcaee53b701478b)
(cherry picked from commit 3b322e43d5695d540a52259abdde74505241dda9)
(cherry picked from commit 492cc5205908263a2733ba06a6562237406d4c11)

Conflicts:
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1573
(cherry picked from commit 9027b655df24bf47f49cc25d3547b6e49f66dde5)
(cherry picked from commit 47643830286025dbff1538e9a6ffc23b05ea3e4b)
(cherry picked from commit fbb00fd1cf9ecf30292aa3053f41076d7bb9027e)
(cherry picked from commit 417cd6c801bb14b38f672fea3371486c12636ebf)
(cherry picked from commit 6b70773ad817f6f3958e958a58c3d918e7d7f00e)
(cherry picked from commit 9ba069327d0c5179bdae7e22ca580f3c460e9ac1)

Conflicts:
	modules/setting/actions.go
	https://codeberg.org/forgejo/forgejo/pulls/1827
(cherry picked from commit 727edf19ee48648d1464f3bb38f85d82900870fa)
(cherry picked from commit 689326ce2093701e57371759eda23ed9b7781286)
(cherry picked from commit 745d60aec426e40a8ac98199e5f342113b39b871)
(cherry picked from commit cb4ae4582c24552167e692871e697cc02384c054)
(cherry picked from commit 48d5ffe1c0345f612e96acb2459c80431fa94993)

Conflicts:
	custom/conf/app.example.ini
	https://codeberg.org/forgejo/forgejo/pulls/2068
(cherry picked from commit bbd4725bfdd82aa801ec0541c7dbdef9b39dcb1d)
(cherry picked from commit 04eda91d10889febaee3f1b824defb2c0c9fb493)
(cherry picked from commit d3621e46349645ad5e194ba6a21d4f607c403c8c)
(cherry picked from commit 08da63cc4daacabf53ed18f4e521375b49bea8fe)
(cherry picked from commit dc6d291b7127e92ae05bb51c6ae018734fbc3fc7)
2024-02-05 13:33:58 +01:00
Sergey Bugaev
2da233ad8b
Propagate install_if and provider_priority to APKINDEX (#28899)
Resolves https://github.com/go-gitea/gitea/issues/28704

Example of an entry in the generated `APKINDEX` file:

```
C:Q1xCO3H9LTTEbhKt9G1alSC87I56c=
P:hello
V:2.12-r1
A:x86_64
T:The GNU Hello program produces a familiar, friendly greeting
U:https://www.gnu.org/software/hello/
L:GPL-3.0-or-later
S:15403
I:36864
o:hello
m:
t:1705934118
D:so:libc.musl-x86_64.so.1
p:cmd:hello=2.12-r1
i:foobar=1.0 !baz
k:42
```

the `i:` and `k:` entries are new.

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-05 05:52:56 +00:00
Bram Hagens
50f55f11c4
Show whether a PR is WIP inside popups (#28975)
Fixes https://codeberg.org/forgejo/forgejo/issues/2257

Draft status of a PR is currently not exposed by the API. This PR adds a
'draft' field to pull requests in the API, which is used to correctly
set the PR color/icon in a ContextPopup.

---

Before:

![image](https://github.com/go-gitea/gitea/assets/5541521/72cbd30e-1175-4338-aa97-ac99c46c5118)

After:

![image](https://github.com/go-gitea/gitea/assets/5541521/111c9eba-460e-4d57-bcca-23a151c3a4f1)
2024-02-04 22:37:45 +00:00
KN4CK3R
f8b471ace1
Unify user update methods (#28733)
Fixes #28660
Fixes an admin api bug related to `user.LoginSource`
Fixed `/user/emails` response not identical to GitHub api

This PR unifies the user update methods. The goal is to keep the logic
only at one place (having audit logs in mind). For example, do the
password checks only in one method not everywhere a password is updated.

After that PR is merged, the user creation should be next.
2024-02-04 13:29:09 +00:00
silverwind
a6cea59514
Update tool dependencies (#29030) 2024-02-02 19:11:39 -05:00
yp05327
3aed8ae034
Fix default avatar image size in PR diff page (#28971)
Fix #28941

ps: didn't test. The repo is too big to migrate.
2024-02-02 10:01:11 +00:00
Zettat123
adc3598a75
Fix an actions schedule bug (#28942)
In #28691, schedule plans will be deleted when a repo's actions unit is
disabled. But when the unit is enabled, the schedule plans won't be
created again.

This PR fixes the bug. The schedule plans will be created again when the
actions unit is re-enabled
2024-01-31 14:55:12 +00:00
cchangwen
28fe3db1fb
Also match weakly validated ETags (#28957)
https://stackoverflow.com/questions/51973120/where-does-the-w-in-an-etag-appear-from

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag#

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-29 16:18:40 +00:00
Lunny Xiao
34633d85f1
Fix bug for generated repository object format (#28969)
A repository generated from a template repository should have the same
git ObjectFormat.
2024-01-28 20:18:15 +00:00
wackbyte
d9b3849454
Fix inconsistent naming of OAuth 2.0 ENABLE setting (#28951)
Renames it to `ENABLED` to be consistent with other settings and
deprecates it.

I believe this change is necessary because other setting groups such as
`attachment`, `cors`, `mailer`, etc. have an `ENABLED` setting, but
`oauth2` is the only one with an `ENABLE` setting, which could cause
confusion for users.

This is no longer a breaking change because `ENABLE` has been set as
deprecated and as an alias to `ENABLED`.
2024-01-28 12:36:44 +00:00
Lunny Xiao
5f82ead13c
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.

## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:

Firstly, there are temporary repositories which do not change:

```go
git.OpenRepository(ctx, diskPath)
```

Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:

```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```

Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.

## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-27 21:09:51 +01:00
silverwind
60e4a98ab0
Preserve BOM in web editor (#28935)
The `ToUTF8*` functions were stripping BOM, while BOM is actually valid
in UTF8, so the stripping must be optional depending on use case. This
does:

- Add a options struct to all `ToUTF8*` functions, that by default will
strip BOM to preserve existing behaviour
- Remove `ToUTF8` function, it was dead code
- Rename `ToUTF8WithErr` to `ToUTF8`
- Preserve BOM in Monaco Editor
- Remove a unnecessary newline in the textarea value. Browsers did
ignore it, it seems but it's better not to rely on this behaviour.

Fixes: https://github.com/go-gitea/gitea/issues/28743
Related: https://github.com/go-gitea/gitea/issues/6716 which seems to
have once introduced a mechanism that strips and re-adds the BOM, but
from what I can tell, this mechanism was removed at some point after
that PR.
2024-01-27 18:02:51 +00:00
KN4CK3R
01acd1eea3
Strip / from relative links (#28932)
Fixes #28915

Restores the old behaviour:

https://github.com/go-gitea/gitea/pull/26745/files#diff-d78a9d361b1fddc12218e4dd42f42d39d6be1fda184041e06bb6fb30f0d94c59L96
2024-01-27 11:36:01 +08:00
Lunny Xiao
534917d576
Don't remove all mirror repository's releases when mirroring (#28817)
Fix #22066

# Purpose

This PR fix the releases will be deleted when mirror repository sync the
tags.

# The problem

In the previous implementation of #19125. All releases record in
databases of one mirror repository will be deleted before sync.
Ref:
https://github.com/go-gitea/gitea/pull/19125/files#diff-2aa04998a791c30e5a02b49a97c07fcd93d50e8b31640ce2ddb1afeebf605d02R481

# The Pros

This PR introduced a new method which will load all releases from
databases and all tags on git data into memory. And detect which tags
needs to be inserted, which tags need to be updated or deleted. Only
tags releases(IsTag=true) which are not included in git data will be
deleted, only tags which sha1 changed will be updated. So it will not
delete any real releases include drafts.

# The Cons

The drawback is the memory usage will be higher than before if there are
many tags on this repository. This PR defined a special release struct
to reduce columns loaded from database to memory.
2024-01-26 06:18:19 +00:00
KN4CK3R
ba24e0ba61
Use new RPM constants (#28931)
https://github.com/sassoftware/go-rpmutils/pull/24 got merged.
2024-01-25 21:40:24 +00:00
John Olheiser
76bbad4e74
Check for sha256 support to use --object-format flag (#28928)
This should fix https://github.com/go-gitea/gitea/issues/28927

Technically older versions of Git would support this flag as well, but
per https://github.com/go-gitea/gitea/pull/28466 that's the version
where using it (object-format=sha256) left "experimental" state.

`sha1` is (currently) the default, so older clients should be unaffected
in either case.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2024-01-25 13:04:50 -05:00
KN4CK3R
c46316f7ae
Respect branch info for relative links (#28909)
Fix #28904

Co-authored-by: Giteabot <teabot@gitea.io>
2024-01-25 09:54:44 +01:00
JakobDev
4567a3a1ad
Allow to sync tags from admin dashboard (#28045)
Inspired by #28043

This PR adds a option to the Admin Dashboard to sync all tags to the
database.


![grafik](https://github.com/go-gitea/gitea/assets/15185051/26ac51ef-82a4-4fd9-a6a6-5aefec612ff6)
2024-01-24 03:02:04 +00:00
wxiaoguang
82acf22d9c
Update go dependencies and fix go-git (#28893)
More details are in the comment of repo_base_gogit.go

And ref: https://github.com/go-git/go-git/issues/1006
2024-01-23 05:40:00 +00:00
Lunny Xiao
c4cdebacfe
Fix sort bug on repository issues list (#28897)
Fix #28896
2024-01-23 09:17:42 +08:00
KN4CK3R
caad931385
Prevent anonymous container access if RequireSignInView is enabled (#28877)
Fixes #28875

If `RequireSignInView` is enabled, the ghost user has no access rights.
2024-01-21 16:31:29 +00:00
sdvcrx
80d48621cd
Fix incorrect PostgreSQL connection string for Unix sockets (#28865)
Fix #28864
2024-01-20 16:04:47 +00:00
Lunny Xiao
62f995203a
Move doctor package from modules to services (#28856) 2024-01-20 10:07:31 +08:00
Adam Majer
d68a613ba8
Add support for sha256 repositories (#23894)
Currently only SHA1 repositories are supported by Gitea. This adds
support for alternate SHA256 with the additional aim of easier support
for additional hash types in the future.

Fixes: #13794
Limited by: https://github.com/go-git/go-git/issues/899
Depend on: #28138

<img width="776" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/5448c9a7-608e-4341-a149-5dd0069c9447">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2024-01-19 17:05:02 +01:00
KN4CK3R
461d8b53c2
Fix some RPM registry flaws (#28782)
Related #26984
(https://github.com/go-gitea/gitea/pull/26984#issuecomment-1889588912)

Fix admin cleanup message.
Fix models `Get` not respecting default values.
Rebuild RPM repository files after cleanup.
Do not add RPM group to package version name.
Force stable sorting of Alpine/Debian/RPM repository data.
Fix missing deferred `Close`.
Add tests for multiple RPM groups.
Removed non-cached `ReplaceAllStringRegex`.

If there are multiple groups available, it's stated in the package
installation screen:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/8f132760-882c-4ab8-9678-77e47dfc4415)
2024-01-19 11:37:10 +00:00
Brecht Van Lommel
1167d523c4
Fix archive creating LFS hooks and breaking pull requests (#28848)
When LFS hooks are present in gitea-repositories, operations like git
push for creating a pull request fail. These repositories are not meant
to include LFS files or git push them, that is handled separately. And
so they should not have LFS hooks.

Installing git-lfs on some systems (like Debian Linux) will
automatically set up /etc/gitconfig to create LFS hooks in repositories.
For most git commands in Gitea this is not a problem, either because
they run on a temporary clone or the git command does not create LFS
hooks.

But one case where this happens is git archive for creating repository
archives. To fix that, add a GIT_CONFIG_NOSYSTEM=1 to disable using the
system configuration for that command.

According to a comment, GIT_CONFIG_NOSYSTEM is not used for all git
commands because the system configuration can be intentionally set up
for Gitea to use.

Resolves #19810, #21148
2024-01-19 05:49:18 +00:00
yp05327
b60a7c3358
Return responseText instead of string in some functions (#28836)
Follow
https://github.com/go-gitea/gitea/pull/28796#issuecomment-1891727591
2024-01-19 10:45:23 +08:00
Lunny Xiao
c8ba17c73f
Remove duplicated checkinit on git module (#28824)
`checkInit` has been invoked in `InitSimple`. So it's unnecessary to
invoke it twice in `InitFull`.
2024-01-17 09:56:00 +00:00
Viktor Kuzmin
49eb168677
Retarget depending pulls when the parent branch is deleted (#28686)
Sometimes you need to work on a feature which depends on another (unmerged) feature.
In this case, you may create a PR based on that feature instead of the main branch.
Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted.
Automatic target branch change make life a lot easier in such cases.
Github and Bitbucket behave in such way.

Example:
$PR_1$: main <- feature1
$PR_2$: feature1 <- feature2

Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen.
This is both annoying and loses the review history when you open a new PR.

With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted.

This behavior is enabled by default but can be disabled.
For security reasons, this target branch change will not be executed when merging PRs targeting another repo. 

Fixes #27062
Fixes #18408

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-17 01:44:56 +01:00
Lunny Xiao
930e38d010
Use refname:strip-2 instead of refname:short when syncing tags (#28797)
Fix #28694 

Generally, `refname:short` should be equal to `refname:lstrip=2` except
`core.warnAmbiguousRefs is used to select the strict abbreviation mode.`

ref:
https://git-scm.com/docs/git-for-each-ref#Documentation/git-for-each-ref.txt-refname
2024-01-16 08:13:07 +01:00
wxiaoguang
b0e6c25535
Caller should check the ResponseExtra.HasError() first to see whether the request fails (#28796)
`resp != nil` doesn't mean the request really succeeded. Add a comment
for requestJSONResp to clarify the behavior.
2024-01-15 11:15:31 +00:00
KN4CK3R
637451a45e
Rework markup link rendering (#26745)
Fixes #26548

This PR refactors the rendering of markup links. The old code uses
`strings.Replace` to change some urls while the new code uses more
context to decide which link should be generated.

The added tests should ensure the same output for the old and new
behaviour (besides the bug).

We may need to refactor the rendering a bit more to make it clear how
the different helper methods render the input string. There are lots of
options (resolve links / images / mentions / git hashes / emojis / ...)
but you don't really know what helper uses which options. For example,
we currently support images in the user description which should not be
allowed I think:

<details>
  <summary>Profile</summary> 

https://try.gitea.io/KN4CK3R

![grafik](https://github.com/go-gitea/gitea/assets/1666336/109ae422-496d-4200-b52e-b3a528f553e5)

</details>

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-15 08:49:24 +00:00
yp05327
c7e4629c02
Fix nil pointer panic when exec some gitea cli command (#28791)
panic:

![image](https://github.com/go-gitea/gitea/assets/18380374/7fcde2ad-1d42-4b60-b120-3b60a8926e8e)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/49d9f0ca-e590-4a35-8ca2-1317d1b7c939)
2024-01-15 07:43:53 +00:00
Jimmy Praet
5d3fdd1212
Add branch protection setting for ignoring stale approvals (#28498)
Fixes #27114.

* In Gitea 1.12 (#9532), a "dismiss stale approvals" branch protection
setting was introduced, for ignoring stale reviews when verifying the
approval count of a pull request.
* In Gitea 1.14 (#12674), the "dismiss review" feature was added.
* This caused confusion with users (#25858), as "dismiss" now means 2
different things.
* In Gitea 1.20 (#25882), the behavior of the "dismiss stale approvals"
branch protection was modified to actually dismiss the stale review.

For some users this new behavior of dismissing the stale reviews is not
desirable.

So this PR reintroduces the old behavior as a new "ignore stale
approvals" branch protection setting.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-15 07:20:01 +00:00
Lunny Xiao
70c4aad8e1
Move more functions to db.Find (#28419)
Following #28220

This PR move more functions to use `db.Find`.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-15 02:19:25 +00:00
Yarden Shoham
5a7bacb005
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly defined (#28783)
So we don't warn on default behavior

- Fixes https://github.com/go-gitea/gitea/issues/28758
- Follows https://github.com/go-gitea/gitea/pull/28390

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2024-01-14 21:20:18 +01:00
Lunny Xiao
97292da960
Fix schedule tasks bugs (#28691)
Fix #28157 

This PR fix the possible bugs about actions schedule.

## The Changes

- Move `UpdateRepositoryUnit` and `SetRepoDefaultBranch` from models to
service layer
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when actions unit has been disabled
or global disabled.
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when default branch changed.
2024-01-12 21:50:38 +00:00
Exploding Dragon
ba4d0b8ffb
Support for grouping RPMs using paths (#26984)
The current rpm repository places all packages in the same repository,
and different systems (el7,f34) may hit packages that do not belong to
this distribution ( #25304 ) , which now supports grouping of rpm.

![图片](https://github.com/go-gitea/gitea/assets/33776693/d1e1d99f-7799-4b2b-a19b-cb2a5c692914)

Fixes #25304 .
Fixes #27056 .

Refactor: [#25866](https://github.com/go-gitea/gitea/pull/25866)
2024-01-12 03:16:05 +00:00
delvh
abfdaef5bd
Show description as tooltip instead of title for labels (#28754)
Follow GitHubs behavior of showing the label description as a tooltip
instead of the browser native title.

## Before

![grafik](https://github.com/go-gitea/gitea/assets/51889757/70448327-467b-4bee-b799-40a442a5ce16)


## After

![grafik](https://github.com/go-gitea/gitea/assets/51889757/abe7d700-148b-4cef-a487-6b0f8f20b212)
2024-01-12 00:21:52 +08:00
Mihir Joshi
669bbbaf24
Integration Test for Commit Search containing Square Brackets (#28751)
Integration test for #28744 

Change keywords commit search flag from `-F` to `--fixed-strings` for
readability
2024-01-11 11:04:45 +08:00
Mihir Joshi
839cd26b1a
Add -F to commit search to treat keywords as strings (#28744)
Fixes #28269

The [default
behavior](https://git-scm.com/docs/git-log#Documentation/git-log.txt---basic-regexp)
of --grep in git log is to interpret the keyword as a regular
expression. This causes the search to fail in the cases where the search
keyword contains a `[`, since `[` is a special character used in grep.

If we want our keywords to be interpreted as 'strings', we should use
[-F
flag](https://git-scm.com/docs/git-log#Documentation/git-log.txt---basic-regexp).
2024-01-10 11:28:20 +00:00
wxiaoguang
2df7563f31
Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662)
Mainly for MySQL/MSSQL.

It is important for Gitea to use case-sensitive database charset
collation. If the database is using a case-insensitive collation, Gitea
will show startup error/warning messages, and show the errors/warnings
on the admin panel's Self-Check page.

Make `gitea doctor convert` work for MySQL to convert the collations of
database & tables & columns.

* Fix #28131

## ⚠️ BREAKING ⚠️

It is not quite breaking, but it's highly recommended to convert the
database&table&column to a consistent and case-sensitive collation.
2024-01-10 11:03:23 +00:00
wxiaoguang
79da4bbc56
Suggest to use Type=simple for systemd service (#28717)
Although the systemd notify support was added, it seems that there are
some problems (#28553, for the "non-installed" instance)
2024-01-07 15:18:04 +00:00
wxiaoguang
e75e9a0e7e
Fix panic when parsing empty pgsql host (#28708)
Regression of #27723
Fix #28705
2024-01-06 17:30:03 +08:00
Kyle D
54acf7b0d4
Normalize oauth email username (#28561) 2024-01-03 18:48:20 -06:00
Brecht Van Lommel
12c0487e01
Make cross-reference issue links work in markdown documents again (#28682)
In #26365 issue references were disabled entirely for documents,
intending to match GitHub behavior. However cross-references do appear
to work in documents on GitHub.

This is useful for example to write release notes in a markdown document
and reference issues. While the simpler syntax may create links when not
intended, hopefully the cross-reference syntax is unique enough to avoid
it.
2024-01-03 14:01:12 +08:00
wxiaoguang
91aa263225
Make template DateTime show proper tooltip (#28677)
There was a question about "how to improve the datetime display for
SSH/PGP/WebAuthn"
https://github.com/go-gitea/gitea/pull/28262#issuecomment-1831141611

The root problem is that `DateTime` misses the "data-tooltip-content"
attribute, which should be used to make the tooltip popup smoothly.

Now the UI is consistent and the end users could see the detailed
hour/minute/second easily by hovering the element.


![image](https://github.com/go-gitea/gitea/assets/2114189/2211336f-d59d-4f64-a83b-099f8ef6d29b)


![image](https://github.com/go-gitea/gitea/assets/2114189/f02a9c86-476d-48d6-aece-85a800235fbd)
2024-01-02 20:09:18 +01:00
Yarden Shoham
cdc33b29a0
Add global setting how timestamps should be rendered (#28657)
- Resolves https://github.com/go-gitea/gitea/issues/22493
- Related to https://github.com/go-gitea/gitea/issues/4520

Some admins prefer all timestamps to display the full date instead of
relative time. They can do that now by setting

```ini
[ui]
PREFERRED_TIMESTAMP_TENSE = absolute
```

This setting is set to `mixed` by default, allowing dates to render as
"5 hours ago". Here are some screenshots of the UI with this setting set
to `absolute`:

![image](https://github.com/go-gitea/gitea/assets/20454870/f496457f-6afa-44be-a1e7-249ee5fe0706)

![image](https://github.com/go-gitea/gitea/assets/20454870/c03b14f5-063d-4e13-9780-76ab002d76a9)

![image](https://github.com/go-gitea/gitea/assets/20454870/f4b34e28-1546-4374-9199-c43348844edd)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-02 09:25:30 +08:00
wxiaoguang
e5d8c4b8d4
Avoid cycle-redirecting user/login page (#28636)
Fix #28231, and remove some unused code. The `db.HasEngine` doesn't seem
useful because the db engine is always initialized before web route.
2023-12-30 08:48:34 +00:00
wxiaoguang
e743570f65
Refactor timeutil package (#28623)
1. make names more readable
2. remove unused FormatLong/FormatShort
3. use `FormatDate` instead of `Format "2006-01-02"`
2023-12-28 10:09:57 +00:00
wxiaoguang
f3999888c0
Refactor some legacy code and remove unused code (#28622)
1. use slices.Contains, remove Int64sContains
2. use HashEmail, remove base.EncodeMD5
3. remove BasicAuthEncode, IsLetter
2023-12-28 09:38:59 +00:00
KN4CK3R
4cd666d7dc
Do not set Accept header twice (#28598)
Revert #28550

Don't add the `Accept` header twice.
2023-12-28 03:59:00 +00:00
wxiaoguang
b41925cee3
Refactor CORS handler (#28587)
The CORS code has been unmaintained for long time, and the behavior is
not correct.

This PR tries to improve it. The key point is written as comment in
code. And add more tests.

Fix #28515
Fix #27642
Fix #17098
2023-12-25 20:13:18 +08:00
Lunny Xiao
177cea7c70
Make offline mode as default to no connect external avatar service by default (#28548)
To keep user's privacy, make offline mode as true by default.

Users can still change it from installation ui and app.ini
2023-12-21 07:42:16 +00:00
wxiaoguang
e4a24d6727
Fix the issue ref rendering for wiki (#28556)
Fix #28526, regression of 
* #26365

(although the author of #26365 has recent activities, but there is no
response for the regression, so I proposed this quick fix and keep the
fix simple to make it easier to backport to 1.21)
2023-12-20 14:11:59 +00:00
Lunny Xiao
577421691b
Add missing head of lfs client batch (#28550)
ref https://github.com/git-lfs/git-lfs/blob/main/docs/api/batch.md#git-lfs-batch-api
2023-12-20 12:54:34 +01:00
Lunny Xiao
e7cb8da2a8
Always enable caches (#28527)
Nowadays, cache will be used on almost everywhere of Gitea and it cannot
be disabled, otherwise some features will become unaviable.

Then I think we can just remove the option for cache enable. That means
cache cannot be disabled.
But of course, we can still use cache configuration to set how should
Gitea use the cache.
2023-12-19 09:29:05 +00:00
Lunny Xiao
4eb2a29910
Improve ObjectFormat interface (#28496)
The 4 functions are duplicated, especially as interface methods. I think
we just need to keep `MustID` the only one and remove other 3.

```
MustID(b []byte) ObjectID
MustIDFromString(s string) ObjectID
NewID(b []byte) (ObjectID, error)
NewIDFromString(s string) (ObjectID, error)
```

Introduced the new interfrace method `ComputeHash` which will replace
the interface `HasherInterface`. Now we don't need to keep two
interfaces.

Reintroduced `git.NewIDFromString` and `git.MustIDFromString`. The new
function will detect the hash length to decide which objectformat of it.
If it's 40, then it's SHA1. If it's 64, then it's SHA256. This will be
right if the commitID is a full one. So the parameter should be always a
full commit id.

@AdamMajer Please review.
2023-12-19 07:20:47 +00:00
Bo-Yi Wu
14ffdf6173
chore(api): support ignore password if login source type is LDAP for creating user API (#28491)
- Modify the `Password` field in `CreateUserOption` struct to remove the
`Required` tag
- Update the `v1_json.tmpl` template to include the `email` field and
remove the `password` field

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2023-12-19 02:32:45 +00:00
wxiaoguang
11f0519ad8
Update go dependencies (#28518)
Update golang.org/x/crypto for CVE-2023-48795 and update other packages.
`go-git` is not updated because it needs time to figure out why some
tests fail.
2023-12-19 09:18:42 +08:00
Earl Warren
e02095c5b6
Add orphaned topic consistency check (#28507)
- If a topic has zero repository count, it means that none of the
repositories are using that topic, that would make them 'useless' to
keep. One caveat is that if that topic is going to be used in the
future, it will be added again to the database, but simply with a new
ID.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1964

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-12-18 15:32:08 +00:00
wxiaoguang
20929edc99
Add option to disable ambiguous unicode characters detection (#28454)
* Close #24483
* Close #28123
* Close #23682
* Close #23149

(maybe more)
2023-12-17 14:38:54 +00:00
Lunny Xiao
408a484224
Adjust object format interface (#28469)
- Remove `ObjectFormatID`
- Remove function `ObjectFormatFromID`.
- Use `Sha1ObjectFormat` directly but not a pointer because it's an
empty struct.
- Store `ObjectFormatName` in `repository` struct
2023-12-17 11:56:08 +00:00
Earl Warren
9a15267871
Initalize stroage for orphaned repository doctor (#28487)
- When a repository is orphaned and has objects stored in any of the
storages such as repository avatar or attachments the delete function
would error, because the storage module wasn't initalized.
- Add code to initialize the storage module.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1954

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-12-16 12:17:39 +00:00
wxiaoguang
9947af639c
Only use SHA256 feature when git >= 2.42 (#28466)
And fix some comments
2023-12-14 16:51:05 +08:00
Adam Majer
cbf923e87b
Abstract hash function usage (#28138)
Refactor Hash interfaces and centralize hash function. This will allow
easier introduction of different hash function later on.

This forms the "no-op" part of the SHA256 enablement patch.
2023-12-13 21:02:00 +00:00
Jack Hay
4e879fed90
Deprecate query string auth tokens (#28390)
## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example: 
  ```
  HTTP/1.1 200 OK
  ...
  Warning: token and access_token API authentication is deprecated
  ...
  ```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`

## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed

## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-12-12 03:48:53 +00:00
wxiaoguang
f2a309e6c8
Improve doctor cli behavior (#28422)
1. Do not sort the "checks" slice again and again when "Register", it
just wastes CPU when the Gitea instance runs
2. If a check doesn't exist, tell the end user
3. Add some tests
2023-12-11 15:55:10 +00:00
Lunny Xiao
537fa69962
Second part of refactor db.Find (#28194)
Continue of #27798 and move more functions to `db.Find` and `db.Count`.
2023-12-11 16:56:48 +08:00
Adam Majer
d9c19899cd
Make gogit Repository.GetBranchNames consistent (#28348) 2023-12-07 12:08:17 -05:00
Lunny Xiao
dd30d9d5c0
Remove GetByBean method because sometimes it's danger when query condition parameter is zero and also introduce new generic methods (#28220)
The function `GetByBean` has an obvious defect that when the fields are
empty values, it will be ignored. Then users will get a wrong result
which is possibly used to make a security problem.

To avoid the possibility, this PR removed function `GetByBean` and all
references.
And some new generic functions have been introduced to be used.

The recommand usage like below.

```go
// if query an object according id
obj, err := db.GetByID[Object](ctx, id)
// query with other conditions
obj, err := db.Get[Object](ctx, builder.Eq{"a": a, "b":b})
```
2023-12-07 15:27:36 +08:00
Jason Song
beb71f5ef6
Include public repos in doer's dashboard for issue search (#28304)
It will fix #28268 .

<img width="1313" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/cb1e07d5-7a12-4691-a054-8278ba255bfc">

<img width="1318" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/4fd60820-97f1-4c2c-a233-d3671a5039e9">

## ⚠️ BREAKING ⚠️

But need to give up some features:

<img width="1312" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/281c0d51-0e7d-473f-bbed-216e2f645610">

However, such abandonment may fix #28055 .

## Backgroud

When the user switches the dashboard context to an org, it means they
want to search issues in the repos that belong to the org. However, when
they switch to themselves, it means all repos they can access because
they may have created an issue in a public repo that they don't own.

<img width="286" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/182dcd5b-1c20-4725-93af-96e8dfae5b97">

It's a confusing design. Think about this: What does "In your
repositories" mean when the user switches to an org? Repos belong to the
user or the org?

Whatever, it has been broken by #26012 and its following PRs. After the
PR, it searches for issues in repos that the dashboard context user owns
or has been explicitly granted access to, so it causes #28268.

## How to fix it

It's not really difficult to fix it. Just extend the repo scope to
search issues when the dashboard context user is the doer. Since the
user may create issues or be mentioned in any public repo, we can just
set `AllPublic` to true, which is already supported by indexers. The DB
condition will also support it in this PR.

But the real difficulty is how to count the search results grouped by
repos. It's something like "search issues with this keyword and those
filters, and return the total number and the top results. **Then, group
all of them by repo and return the counts of each group.**"

<img width="314" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/5206eb20-f8f5-49b9-b45a-1be2fcf679f4">

Before #26012, it was being done in the DB, but it caused the results to
be incomplete (see the description of #26012).

And to keep this, #26012 implement it in an inefficient way, just count
the issues by repo one by one, so it cannot work when `AllPublic` is
true because it's almost impossible to do this for all public repos.


1bfcdeef4c/modules/indexer/issues/indexer.go (L318-L338)

## Give up unnecessary features

We may can resovle `TODO: use "group by" of the indexer engines to
implement it`, I'm sure it can be done with Elasticsearch, but IIRC,
Bleve and Meilisearch don't support "group by".

And the real question is, does it worth it? Why should we need to know
the counts grouped by repos?

Let me show you my search dashboard on gitea.com.

<img width="1304" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/2bca2d46-6c71-4de1-94cb-0c9af27c62ff">

I never think the long repo list helps anything.

And if we agree to abandon it, things will be much easier. That is this
PR.

## TODO

I know it's important to filter by repos when searching issues. However,
it shouldn't be the way we have it now. It could be implemented like
this.

<img width="1316" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/99ee5f21-cbb5-4dfe-914d-cb796cb79fbe">

The indexers support it well now, but it requires some frontend work,
which I'm not good at. So, I think someone could help do that in another
PR and merge this one to fix the bug first.

Or please block this PR and help to complete it.

Finally, "Switch dashboard context" is also a design that needs
improvement. In my opinion, it can be accomplished by adding filtering
conditions instead of "switching".
2023-12-07 13:26:18 +08:00
wxiaoguang
1e512b800c
Use filepath instead of path to create SQLite3 database file (#28374) 2023-12-06 16:57:52 +00:00
capvor
c1b86ecdab
Fix incorrect default value of [attachment].MAX_SIZE (#28373) 2023-12-06 10:59:56 -05:00
Earl Warren
876a0cb3d6
Render PyPi long description as document (#28272)
Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-12-05 15:02:01 +00:00
darrinsmart
38a93a0665
Convert git commit summary to valid UTF8. (#28356)
The summary string ends up in the database, and (at least) MySQL &
PostgreSQL require valid UTF8 strings.

Fixes #28178

Co-authored-by: Darrin Smart <darrin@filmlight.ltd.uk>
2023-12-05 14:34:24 +08:00
KN4CK3R
14354e4f8e
Read previous info from git blame (#28306)
Fixes #28280

Reads the `previous` info from the `git blame` output instead of
calculating it afterwards.
2023-12-01 01:26:52 +00:00
Brecht Van Lommel
a7de14e493
Meilisearch: require all query terms to be matched (#28293)
Previously only the first term had to be matched. That default
Meilisearch behavior makes sense for e.g. some kind of autocomplete to
find and select a single result. But for filtering issues it means you
can't narrow down results by adding more terms.

This is also more consistent with other indexers and GitHub.

---

Reference:
https://www.meilisearch.com/docs/reference/api/search#matching-strategy
2023-11-29 23:00:59 +08:00
wxiaoguang
b348424c64
Ignore "non-existing" errors when getDirectorySize calculates the size (#28276)
The git command may operate the git directory (add/remove) files in any
time.

So when the code iterates the directory, some files may disappear during
the "walk". All "IsNotExist" errors should be ignored.

Fix #26765
2023-11-29 13:08:58 +08:00
Earl Warren
cb8298b717
Ignore temporary files for directory size (#28265)
Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-28 21:53:21 +00:00
pitpalme
eacce14546
Fix delete-orphaned-repos (#28200)
gitea doctor failed at checking and fixing 'delete-orphaned-repos',
because table name 'user' needs quoting to be correctly recognized by at
least PostgreSQL.

fixes #28199
2023-11-24 14:46:19 +00:00
wxiaoguang
2ac2796a4c
Refactor graceful manager to use shared code (#28073)
Make "windows" and "unix" share as much code as possible. No logic
change.
2023-11-24 14:21:46 +00:00
Earl Warren
1075ff74b5
Use restricted sanitizer for repository description (#28141)
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit 631c87cc2347f0036a75dcd21e24429bbca28207)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-23 16:34:25 +00:00
wxiaoguang
7c0ab8b974
Make CORS work for oauth2 handlers (#28184)
Fix #25473

Although there was `m.Post("/login/oauth/access_token", CorsHandler()...`,
it never really worked, because it still lacks the "OPTIONS" handler.
2023-11-23 21:19:26 +08:00
yp05327
a6a674e26a
Add guide page to actions when there's no workflows (#28145)
Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/599d40c1-9b8d-4189-9286-c9c36fb780dd)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/848a73d1-aaec-478f-93a7-adcc7ee18907)
2023-11-21 08:27:33 +00:00
Denys Konovalov
816e46ee7c
add skip ci functionality (#28075)
Adds the possibility to skip workflow execution if the commit message
contains a string like [skip ci] or similar.

The default strings are the same as on GitHub, users can also set custom
ones in app.ini

Reference:
https://docs.github.com/en/actions/managing-workflow-runs/skipping-workflow-runs

Close #28020
2023-11-18 13:37:08 +02:00
Nanguan Lin
f63b116697
Change default size of attachments and repo files (#28100)
https://github.com/go-gitea/gitea/pull/27946 forgets to change them in
code. Sorry about that.
2023-11-17 11:42:00 +00:00
wxiaoguang
17d246cdcc
Fix incorrect pgsql conn builder behavior (#28085)
Fix #28083 and fix the tests
2023-11-17 02:30:57 +00:00
wxiaoguang
79394b340d
Improve graceful manager code/comment (#28063)
The graceful manager has some bugs (#27643, #28062). This is a
preparation for further fixes.
2023-11-15 22:02:46 +08:00
Yarden Shoham
1c0566f66d
Render email addresses as such if followed by punctuation (#27987)
Added the following characters to the regular expression for the email:

- ,
- ;
- ?
- !

Also added a test case.

- Fixes #27616 

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/c57eac26-f281-43ef-a51d-9c9a81b63efa)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/fc7d5c08-4350-4af0-a7f0-d1444d2d75af)

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2023-11-11 05:08:19 +01:00
KN4CK3R
481e738e7f
Remove title from elements on Org mode (#27968)
The Org mode rendering has some problems:
1.  `[[https://example.com][pre https://example.com/example.mp4 post]]`
 renders as
`<p><a href="https://example.com" title="pre <video
src="https://example.com/example.mp4"
title="https://example.com/example.mp4">https://example.com/example.mp4</video>
post">pre <video src="https://example.com/example.mp4"
title="https://example.com/example.mp4">https://example.com/example.mp4</video>
post</a></p>`
As you can see, the `title` attribute contains the inner html in
unescaped form. I removed the `title` attribute because it is of little
value.
3. The `title` attribute on `img` and `video` is of little value.
4. The inner elements of `video` are different depending on the `if`.
2023-11-10 01:45:13 +00:00
6543
16ba16dbe9
Allow to set explore page default sort (#27951)
as title


---
*Sponsored by Kithara Software GmbH*
2023-11-09 10:11:45 +00:00
Lunny Xiao
69d98f83f9
Fix format error (#27963) 2023-11-08 21:50:20 +08:00
KN4CK3R
4f4fea734c
Unify two factor check (#27915)
Fixes #27819

We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
2023-11-06 08:22:39 +00:00
Earl Warren
59f9ef9fee
Remove action runners on user deletion (#27902)
- On user deletion, delete action runners that the user has created.
- Add a database consistency check to remove action runners that have
nonexistent belonging owner.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1720

(cherry picked from commit 009ca7223dab054f7f760b7ccae69e745eebfabb)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-05 13:48:32 +01:00
Earl Warren
da0c4b8d10
Remove SSH workaround (#27893)
Revert the workaround of #26409 and fix #26411, update github.com/gliderlabs/ssh to include 02f9d57300
2023-11-03 15:21:05 +00:00
Moritz Poldrack
9b6e77c489
refactor postgres connection string building (#27723)
This patchset changes the connection string builder to use net.URL and
the host/port parser to use the stdlib function for splitting host from
port. It also adds a footnote about a potentially required portnumber
for postgres UNIX sockets.

Fixes: #24552
2023-11-01 18:00:20 +00:00
Lunny Xiao
d519a39302
Support storage base path as prefix (#27827)
This PR adds a prefix path for all minio storage and override base path
will override the path.
The previous behavior is undefined officially, so it will be marked as
breaking.
2023-11-01 19:17:18 +08:00
wxiaoguang
a4b242ae7a
Clean up template locale usage (#27856)
After many refactoring PRs for the "locale" and "template context
function", now the ".locale" is not needed for web templates any more.

This PR does a clean up for:

1. Remove `ctx.Data["locale"]` for web context.
2. Use `ctx.Locale` in `500.tmpl`, for consistency.
3. Add a test check for `500 page` locale usage.
4. Remove the `Str2html` and `DotEscape` from mail template context
data, they are copy&paste errors introduced by #19169 and #16200 . These
functions are template functions (provided by the common renderer), but
not template data variables.
5. Make email `SendAsync` function mockable (I was planning to add more
tests but it would make this PR much too complex, so the tests could be
done in another PR)
2023-10-31 22:11:48 +08:00
Lunny Xiao
16d15ce087
Fix package webhook (#27839)
Fix #23742

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-10-31 04:43:38 +00:00
KN4CK3R
ab3f6c1bac
Close all hashed buffers (#27787)
Add missing `.Close()` calls. The current code does not delete the
temporary files if the data grows over 32mb.
2023-10-25 21:24:24 +02:00
Nanguan Lin
1eae2aadae
Fix issue not showing on default board and add test (#27720)
See https://github.com/go-gitea/gitea/pull/27718#issuecomment-1773743014
. Add a test to ensure its behavior.
Why this test uses `ProjectBoardID=0`? Because in `SearchOptions`,
`ProjectBoardID=0` means what it is. But in `IssueOptions`,
`ProjectBoardID=0` means there is no condition, and
`ProjectBoardID=db.NoConditionID` means the board ID = 0.
It's really confusing. Probably it's better to separate the db search
engine and the other issue search code. It's really two different
systems. As far as I can see, `IssueOptions` is not necessary for most
of the code, which has very simple issue search conditions.
2023-10-25 11:51:49 +00:00
silverwind
ce83609ff6
Upgrade to golangci-lint@v1.55.0 (#27756)
https://github.com/golangci/golangci-lint/releases/tag/v1.55.0
2023-10-24 02:54:59 +00:00
Earl Warren
6352114a77
Fix label render containing invalid HTML (#27752)
- The label HTML contained a quote that wasn't being closed.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1651

(cherry picked from commit e2bc2c9a1fff482c49dbeb3a51e4e1c698bf506c)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-10-23 23:02:00 +00:00
6543
b2f828db5e
refactor: make db iterate context aware (#27710)
the iteration will run until finished atm.

this changes it by checking if if the context got canceled before each
run of a loop sequence is executed

[View this pull with now
whitespace](https://github.com/go-gitea/gitea/pull/27710/files?diff=unified&w=1)
2023-10-21 10:05:29 +08:00
Nanguan Lin
eb1478791f
Clean some functions about project issue (#27705)
1. remove unused function `MoveIssueAcrossProjectBoards`
2. extract the project board condition into a function
3. use db.NoCondition instead of -1. (BTW, the usage of db.NoCondition
is too confusing. Is there any way to avoid that?)
4. remove the unnecessary comment since the ctx refactor is completed.
5. Change `b.ID != 0` to `b.ID > 0`. It's more intuitive but I think
they're the same since board ID can't be negative.
2023-10-20 14:01:25 +02:00
6543
e83f2cbbac
Add doctor dbconsistency fix to delete repos with no owner (#27290)
to address #27273
replace #24873
2023-10-19 15:20:52 +02:00
Jason Song
4e98224a45
Support allowed hosts for webhook to work with proxy (#27655)
When `webhook.PROXY_URL` has been set, the old code will check if the
proxy host is in `ALLOWED_HOST_LIST` or reject requests through the
proxy. It requires users to add the proxy host to `ALLOWED_HOST_LIST`.
However, it actually allows all requests to any port on the host, when
the proxy host is probably an internal address.

But things may be even worse. `ALLOWED_HOST_LIST` doesn't really work
when requests are sent to the allowed proxy, and the proxy could forward
them to any hosts.

This PR fixes it by:

- If the proxy has been set, always allow connectioins to the host and
port.
- Check `ALLOWED_HOST_LIST` before forwarding.
2023-10-18 09:44:36 +00:00
Jason Song
1be49fdda6
Improve retrying index issues (#27554)
Fix #27540
2023-10-15 18:56:57 +00:00
Lunny Xiao
cddf245c12
Replace more db.DefaultContext (#27628)
Target #27065
2023-10-15 17:46:06 +02:00
JakobDev
76a85a4ce9
Final round of db.DefaultContext refactor (#27587)
Last part of #27065
2023-10-14 08:37:24 +00:00
KN4CK3R
c6c829fe3f
Enhanced auth token / remember me (#27606)
Closes #27455

> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
> 
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.

The PR removes the now obsolete setting `COOKIE_USERNAME`.
2023-10-14 00:56:41 +00:00
Nanguan Lin
dc04044716
Replace assert.Fail with assert.FailNow (#27578)
assert.Fail() will continue to execute the code while assert.FailNow()
not. I thought those uses of assert.Fail() should exit immediately.
PS: perhaps it's a good idea to use
[require](https://pkg.go.dev/github.com/stretchr/testify/require)
somewhere because the assert package's default behavior does not exit
when an error occurs, which makes it difficult to find the root error
reason.
2023-10-11 11:02:24 +00:00
JakobDev
ebe803e514
Penultimate round of db.DefaultContext refactor (#27414)
Part of #27065

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-10-11 04:24:07 +00:00
Jason Song
2c7b6c378e
Increase queue length (#27555) 2023-10-10 18:47:49 +08:00
wxiaoguang
e2e0280108
Fix environment-to-ini inherited key bug (#27543)
Fix  #27541

The INI package has a quirk: by default, the keys are inherited.
When maintaining the keys, the newly added sub key should not be
affected by the parent key.
2023-10-10 01:10:37 +08:00
silverwind
5bf367f904
Restore warning commit status (#27504)
Partial revert of https://github.com/go-gitea/gitea/pull/25839. This
commit status is used by a number of external integrations, so I think
we should not remove it (See
https://github.com/go-gitea/gitea/pull/25839#issuecomment-1729002077).
This is a rare case where an existing migration needed to be alterted to
avoid data loss.

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-10-08 22:16:06 +00:00
M Hickford
a825cc0f34
Pre-register OAuth application for tea (#27509)
It remains to implement OAuth login in tea
https://gitea.com/gitea/tea/issues/598

Fixes #27510
2023-10-08 03:51:08 +00:00
silverwind
3b139fa3a3
Improve feed icons and feed merge text color (#27498)
1. Improve various feed icons
2. Fix merge message color


<img width="763" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/3f5bcb23-6d90-4c63-85f2-46bd7e1c96d6">
<img width="769" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/466c37b4-e2f4-42bb-922d-b86596cdc6d0">


Fixes: https://github.com/go-gitea/gitea/issues/27495
Continues: https://github.com/go-gitea/gitea/pull/27356
2023-10-07 23:26:27 +00:00
silverwind
023e937141
Rename the default themes to gitea-light, gitea-dark, gitea-auto (#27419)
Part of https://github.com/go-gitea/gitea/issues/27097:

- `gitea` theme is renamed to `gitea-light`
- `arc-green` theme is renamed to `gitea-dark`
- `auto` theme is renamed to `gitea-auto`

I put both themes in separate CSS files, removing all colors from the
base CSS. Existing users will be migrated to the new theme names. The
dark theme recolor will follow in a separate PR.

## ⚠️ BREAKING ⚠️

1. If there are existing custom themes with the names `gitea-light` or
`gitea-dark`, rename them before this upgrade and update the `theme`
column in the `user` table for each affected user.
2. The theme in `<html>` has moved from `class="theme-name"` to
`data-theme="name"`, existing customizations that depend on should be
updated.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-10-06 09:46:36 +02:00
Eng Zer Jun
13d5d2e711
Remove redundant len check around loop (#27464)
This pull request is a minor code cleanup.

From the Go specification (https://go.dev/ref/spec#For_range):

> "1. For a nil slice, the number of iterations is 0."
> "3. If the map is nil, the number of iterations is 0."

`len` returns 0 if the slice or map is nil
(https://pkg.go.dev/builtin#len). Therefore, checking `len(v) > 0`
before a loop is unnecessary.

---

At the time of writing this pull request, there wasn't a lint rule that
catches these issues. The closest I could find is
https://staticcheck.dev/docs/checks/#S103

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2023-10-06 14:49:37 +08:00
wxiaoguang
9f8d59858a
Refactor system setting (#27000)
This PR reduces the complexity of the system setting system.

It only needs one line to introduce a new option, and the option can be
used anywhere out-of-box.

It is still high-performant (and more performant) because the config
values are cached in the config system.
2023-10-05 09:08:19 +08:00
JakobDev
cc5df26680
Even more db.DefaultContext refactor (#27352)
Part of #27065

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-10-03 10:30:41 +00:00
Kirill Sorokin
2b06c106ef
Add support for HEAD ref in /src/branch and /src/commit routes (#27384)
Add support for HEAD in paths:
```
/src/branch/HEAD/README.md
/src/commit/HEAD/README.md
```

Closes #26920
2023-10-03 15:37:06 +08:00
Francesco Antognazza
bc21723717
Make Actions tasks/jobs timeouts configurable by the user (#27400)
With this PR we added the possibility to configure the Actions timeouts
values for killing tasks/jobs.
Particularly this enhancement is closely related to the `act_runner`
configuration reported below:
```
# The timeout for a job to be finished.
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
timeout: 3h
```

---

Setting the corresponding key in the INI configuration file, it is
possible to let jobs run for more than 3 hours.

Signed-off-by: Francesco Antognazza <francesco.antognazza@gmail.com>
2023-10-02 23:09:26 +02:00
wxiaoguang
dfa4e5857f
Fix git 2.11 error when checking IsEmpty (again) (#27399)
Follow  #27393

Sorry that I made a mistake in #27393. The `errbuf` is not empty when
the err is `exit status 129`.
2023-10-02 15:59:39 +00:00
wxiaoguang
caef9f9503
Fix git 2.11 error when checking IsEmpty (#27393)
Fix #27389
2023-10-02 22:05:21 +08:00
JakobDev
cf0df023be
More db.DefaultContext refactor (#27265)
Part of #27065

This PR touches functions used in templates. As templates are not static
typed, errors are harder to find, but I hope I catch it all. I think
some tests from other persons do not hurt.
2023-09-29 12:12:54 +00:00
Zettat123
3fcad582c9
Improvements of releases list and tags list (#25859)
Follow #23465 and #25624

This PR introduces the following improvements:
- We do not need to call `GetTags` to get tags because tags have been
loaded by `RepoAssignment`

ef90fdbd1d/modules/context/repo.go (L663-L668)
- Similarly, the number of tags and releases also have been loaded by
`RepoAssignment`, so the related code has been removed from the
handlers. The query condition of `GetReleaseCountByRepoID` in
`RepoAssignment` has been changed to include draft releases.

ef90fdbd1d/modules/context/repo.go (L538-L551)
- `releasesOrTags` function has been removed. The code for rendering
releases list and tags list moved to `Releases` and `TagList`
respectively.
2023-09-28 13:21:47 +00:00
6543
15fa0383fb
doctor: delete action entries without existing user (#27292)
just extend doctor with a usefully check :)

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
2023-09-28 03:03:08 +00:00
Earl Warren
98f02203f9
fix orphan check for deleted branch (#27310)
- Modify the deleted branch orphan check to check for the new table
instead.
- Regression from 6e19484f4d
- Resolves https://codeberg.org/forgejo/forgejo/issues/1522

(cherry picked from commit c1d888686fe445e4edecb9d835c5b3893b574b75)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-09-28 02:07:33 +00:00
Lunny Xiao
673cf6af76
make writing main test easier (#27270)
This PR removed `unittest.MainTest` the second parameter
`TestOptions.GiteaRoot`. Now it detects the root directory by current
working directory.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-28 01:38:53 +00:00
wxiaoguang
d0012c8806
Document the queue item's marshaling behavior (#27271)
Close #26843
2023-09-26 13:58:57 +08:00
JakobDev
7047df36d4
Another round of db.DefaultContext refactor (#27103)
Part of #27065

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-09-25 13:17:37 +00:00
Nabapadma-sarker
8e23524b18
Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203)
Fixes #27202
2023-09-24 19:02:47 +00:00
KN4CK3R
bcb78e70ca
Quote table release in sql queries (#27205)
Fixes #27174

`release` is a reserved keyword in MySql. I can't reproduce the issue on
my setup and we have a test for that code but it seems there can be
setups where it fails.


a101dbaa79/tests/integration/repo_activity_test.go (L45-L46)
2023-09-23 12:57:39 +00:00
Daniel Kilimnik
0ee7cbf725
Fix push mirror, wrong timestamp format (#27153)
I noticed, that the push mirrors endpoint, is the only endpoint which
returns the times in long format rather than as time.Time().

I think the behavior should be consistent across the project.

----

## ⚠️ BREAKING ⚠️

This PR changes the time format used in API responses for all
push_mirror endpoints which return a push mirror.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-23 12:15:05 +00:00
wxiaoguang
c0ed26f987
Remove some dead code (#27196)
Some code is not in use any more, remove them.
2023-09-22 23:30:31 +08:00
JakobDev
28f9b313ba
Updates to the API for archived repos (#27149) 2023-09-21 23:43:29 +00:00
Nanguan Lin
2f8e1604f8
Fix review request number and add more tests (#27104)
fix #27019 
## testfixture yml
1. add issue20(a pr issue) in repo 23, org 17
2. add user15 to team 9
3. add four reviews about issue20
## test case
add two tests that are described with code comments
the code before pr #26784 failed the first test
<img width="479" alt="image"
src="https://github.com/go-gitea/gitea/assets/70063547/1d9b5787-11b4-4c4d-931f-6a9869547f35">
current code failed the second test(as mentioned in #27019)
<img width="484" alt="image"
src="https://github.com/go-gitea/gitea/assets/70063547/05608055-7587-43d1-bae1-92c688270819">
Any advice is appreciated.

---------

Co-authored-by: CaiCandong <50507092+CaiCandong@users.noreply.github.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-21 13:59:50 +02:00
Chongyi Zheng
9631958a82
Refactor lfs requests (#26783)
- Refactor lfs request code
- The original code uses `performRequest` function to create the
request, uses a callback to modify the request, and then send the
request.
- Now it's replaced with `createRequest` that only creates request and
`performRequest` that only sends the request.
- Reuse `createRequest` and `performRequest` in `http_client.go` and
`transferadapter.go`

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-18 08:40:50 +00:00
KN4CK3R
ed64f1c2b8
Support .git-blame-ignore-revs file (#26395)
Closes #26329

This PR adds the ability to ignore revisions specified in the
`.git-blame-ignore-revs` file in the root of the repository.


![grafik](https://github.com/go-gitea/gitea/assets/1666336/9e91be0c-6e9c-431c-bbe9-5f80154251c8)

The banner is displayed in this case. I intentionally did not add a UI
way to bypass the ignore file (same behaviour as Github) but you can add
`?bypass-blame-ignore=true` to the url manually.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-16 17:42:34 +00:00
KN4CK3R
c766140dad
Add RemoteAddress to mirrors (#26952)
This PR adds a new field `RemoteAddress` to both mirror types which
contains the sanitized remote address for easier (database) access to
that information. Will be used in the audit PR if merged.
2023-09-16 16:03:02 +00:00
JakobDev
f91dbbba98
Next round of db.DefaultContext refactor (#27089)
Part of #27065
2023-09-16 14:39:12 +00:00
Nanguan Lin
7cdbe65a2c
Add tests for db indexer in indexer_test.go (#27087)
As described in the title.
Some points: 
1. Why need those tests?
Because `buildIssueOverview` is not well tested, there are several
continuous bugs in the issue overview webpage.
2. Why in indexer_test.go?
It's hard to put those tests in `./modules/indexer/issue/db/db_test.go`
because those tests need 'real' data in db mocked by fixtures instead of
random data in `./modules/indexer/issue/internal/tests`. When using
'real' data(`unittest.PrepareTestDatabase`), `InitIssueIndexer` and the
package `init()` function of `indexer` are required to init indexer.
3. Why only db?
The other three indexer engines are well tested by random data and it's
okay to also test them with 'real' data in db mocked by fixtures. Any
follow-up PR is welcome.
4. Those tests are really basic, any more complicated tests are welcome.
5. I think it's also necessary to add tests in `TestAPISearchIssues`
in`api_test_issue.go` and `TestIssues` in `home_test.go`
2023-09-16 11:15:21 +08:00
Lunny Xiao
e5ec57cd60
Actions are no longer experimental, so enable them by default (#27054)
This PR makes the actions enabled by default, so people will find it
easier to enable actions in repository setting.
2023-09-15 06:43:39 +00:00
JakobDev
c548dde205
More refactoring of db.DefaultContext (#27083)
Next step of #27065
2023-09-15 06:13:19 +00:00
JakobDev
76659b1114
Reduce usage of db.DefaultContext (#27073)
Part of #27065

This reduces the usage of `db.DefaultContext`. I think I've got enough
files for the first PR. When this is merged, I will continue working on
this.

Considering how many files this PR affect, I hope it won't take to long
to merge, so I don't end up in the merge conflict hell.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-14 17:09:32 +00:00
Nanguan Lin
0de09d3afc
Remove the useless function GetUserIssueStats and move relevant tests to indexer_test.go (#27067)
Since the issue indexer has been refactored, the issue overview webpage
is built by the `buildIssueOverview` function and underlying
`indexer.Search` function and `GetIssueStats` instead of
`GetUserIssueStats`. So the function is no longer used.
I moved the relevant tests to `indexer_test.go` and since the search
option changed from `IssueOptions` to `SearchOptions`, most of the tests
are useless now.
We need more tests about the db indexer because those tests are highly
connected with the issue overview webpage and now this page has several
bugs.
Any advice about those test cases is appreciated.

---------

Co-authored-by: CaiCandong <50507092+CaiCandong@users.noreply.github.com>
2023-09-14 12:35:53 -04:00
Nanguan Lin
da50be7360
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052)
Currently 'userxx' and 'orgxx' are both used as username in test files
when the user type is org, which is confusing. This PR replaces all
'userxx' with 'orgxx' when the user type is org(`user.type==1`).
Some non-trivial changes
1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 
2. Change `end` in `issue reference` because 'org3' is one char shorter
than 'user3'

![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954)
3. Change the search result number of `user/repo2` because
`user3/repo21` can't be searched now

![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd)
4. Change the first org name getting from API because the result is
ordered by alphabet asc and now `org 17` is before `org25`
![JW8U7NIO(J$H
_YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548)
![)KFD411O4I8RB5ZOH7E0
Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5)

Other modifications are just find all and replace all.
Unit tests with SQLite are all passed.

---------

Co-authored-by: caicandong <1290147055@qq.com>
2023-09-14 02:59:53 +00:00
Earl Warren
79afd280e1
fix media description render for orgmode (#26895)
- In org mode you can specify an description for media via the following
syntax `[[description][media link]]`. The description is then used as
title or alt.
- This patch fixes the rendering of the description by seperating the
description and non-description cases and using `org.String()`.
- Added unit tests.
- Inspired by
6eb20dbda9/org/html_writer.go (L406-L427)
- Resolves https://codeberg.org/Codeberg/Community/issues/848

(cherry picked from commit 8b8aab83113b34bade61964e2097ed497abc39e9)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-09-13 05:44:59 +00:00
Nanguan Lin
cda97a7253
Update status and code index after changing the default branch (#27018)
Fix #26723 
Add `ChangeDefaultBranch` to the `notifier` interface and implement it
in `indexerNotifier`. So when changing the default branch,
`indexerNotifier` sends a message to the `indexer queue` to update the
index.

---------

Co-authored-by: techknowlogick <matti@mdranta.net>
2023-09-13 04:43:31 +00:00
wxiaoguang
8ecdc93f8b
Fix object storage path handling (#27024)
Object storage path rules:

* No single `/` or `.`, use empty string for root path
* Need to use trailing `/` for a list prefix to distinguish a "dir/"
2023-09-13 01:18:52 +00:00
Earl Warren
7818121d50
S3: log human readable error on connection failure (#26856)
Should BucketExists (HeadBucket) fail because of an error related to
the connection rather than the existence of the bucket, no information
is available and the admin is left guessing.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html

> This action is useful to determine if a bucket exists and you have
> permission to access it. The action returns a 200 OK if the bucket
> exists and you have permission to access it.
>
> If the bucket does not exist or you do not have permission to access
> it, the HEAD request returns a generic 400 Bad Request, 403
> Forbidden or 404 Not Found code. A message body is not included, so
> you cannot determine the exception beyond these error codes.

GetBucketVersioning is used instead and exclusively dedicated to
asserting if using the connection does not return a BadRequest.
If it does the NewMinioStorage logs an error and returns. Otherwise
it keeps going knowing that BucketExists is not going to fail for
reasons unrelated to the existence of the bucket and the permissions
to access it.

(cherry picked from commit d1df4b3bc62e5e61893a923f1c4b58f084eb03af)

Refs: https://codeberg.org/forgejo/forgejo/issues/1338
2023-09-12 10:19:39 +08:00
Lunny Xiao
ebff0513db
Fix context cache bug & enable context cache for dashabord commits' authors (#26991)
Unfortunately, when a system setting hasn't been stored in the database,
it cannot be cached.
Meanwhile, this PR also uses context cache for push email avatar display
which should avoid to read user table via email address again and again.

According to my local test, this should reduce dashboard elapsed time
from 150ms -> 80ms .
2023-09-11 10:14:01 +00:00
wxiaoguang
998cea5888
Use secure cookie for HTTPS sites (#26999)
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.

![image](https://github.com/go-gitea/gitea/assets/2114189/7bc9a859-dcc1-467d-bc7c-1dd6a10389e3)
2023-09-11 17:03:51 +08:00
wxiaoguang
e7745c94f8
Fix INI parsing for value with trailing slash (#26995)
Fix #26977 (a temp fix)
2023-09-10 16:15:51 +00:00
wxiaoguang
4807f7be22
Clarify the git command Stdin hanging problem (#26967) 2023-09-08 13:20:38 +00:00
zareck
4e240f2304
Expanding documentation in queue.go (#26889)
A set of terminology, along with a broader description, can help more
people engage with the Gitea queue system, providing insights and
ensuring its correct use.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-08 05:22:43 +00:00
Lunny Xiao
4f32abaf94
move repository deletion to service layer (#26948)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-08 04:51:15 +00:00
CaiCandong
a78c2eae24
Replace util.SliceXxx with slices.Xxx (#26958) 2023-09-07 09:37:47 +00:00
Lunny Xiao
e97e883ad5
Add reverseproxy auth for API back with default disabled (#26703)
This feature was removed by #22219 to avoid possible CSRF attack.

This PR takes reverseproxy auth for API back but with default disabled.

To prevent possbile CSRF attack, the responsibility will be the
reverseproxy but not Gitea itself.

For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`,
they should know what they are doing.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-07 08:31:46 +00:00
Lunny Xiao
b9df9fa2e2
Move createrepository from module to service layer (#26927)
Repository creation depends on many models, so moving it to service
layer is better.
2023-09-06 12:08:51 +00:00
FuXiaoHei
460a2b0edf
Artifacts retention and auto clean up (#26131)
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
yp05327
0850be6750
Fix the display of org level badges (#26504)
Follow #24654 #22705 #24232

In some pages we still have missing badges, for example:

![image](https://github.com/go-gitea/gitea/assets/18380374/f57fae6d-95ad-4996-8881-160c9cd27768)

![image](https://github.com/go-gitea/gitea/assets/18380374/11e86d43-b715-4d14-bdf0-51bf8b5c7b01)

![image](https://github.com/go-gitea/gitea/assets/18380374/61c514e7-d8f6-4c93-a61f-60604619e3a7)
2023-09-06 14:38:14 +08:00
Lunny Xiao
540bf9fa6d
Move notification interface to services layer (#26915)
Extract from #22266
2023-09-05 18:37:47 +00:00
Lunny Xiao
f064d716c3
Move feed notification service layer (#26908)
Extract from #22266
2023-09-05 13:00:52 +00:00
Lunny Xiao
6c73c0da53
Move ui notification to service layer (#26907)
Extract from #22266
2023-09-05 11:15:42 +00:00
Lunny Xiao
aa678b8098
Move indexer notification to service layer (#26906)
Extract from #22266
2023-09-05 10:07:57 +00:00
Lunny Xiao
a66d883a18
Move mail notification logic to service layer (#26905)
Extract from #22266
2023-09-05 17:26:59 +08:00
wxiaoguang
fc039167d2
Use Go 1.21 and update dependencies (#26878)
To make sure Gitea's next release's lifecycle could have active Golang
support.

And min/max are builtin now.
2023-09-03 10:34:57 +00:00
wxiaoguang
c802c46a9b
Refactor og:description to limit the max length (#26876)
1. The `og:description` should be "a one to two sentence description of
your object"
* It shouldn't output all the user inputted content -- it would be
pretty huge.
    * Maybe it only needs at most 300 bytes.
2. Do not render commit message as HTML
2023-09-03 01:43:29 +00:00
Earl Warren
4ab8e56c91
restrict certificate type for builtin SSH server (#26789)
- While doing some sanity checks over OpenSSH's code for how they handle
certificates authentication. I stumbled on an condition that checks the
certificate type is really an user certificate on the server-side
authentication. This checks seems to be a formality and just for the
sake of good domain seperation, because an user and host certificate
don't differ in their generation, verification or flags that can be
included.
- Add this check to the builtin SSH server to stay close to the
unwritten SSH specification.
- This is an breaking change for setups where the builtin SSH server is
being used and for some reason host certificates were being used for
authentication.
- 
(cherry picked from commit de35b141b79a3d6efe2127ed2c73fd481515e481)

Refs: https://codeberg.org/forgejo/forgejo/pulls/1172

## ⚠️ BREAKING ⚠️

Like OpenSSH, the built-in SSH server will now only accept SSH user
certificates, not server certificates.

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-01 13:45:22 +00:00
wxiaoguang
f01bed2443
Avoid double-unescaping of form value (#26853)
1. The old `prepareQueryArg` did double-unescaping of form value.
2. By the way, remove the unnecessary `ctx.Flash = ...` in
`MockContext`.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-01 12:01:36 +00:00
wxiaoguang
e8aae43f56
Move web/api context related testing function into a separate package (#26859)
Just like `models/unittest`, the testing helper functions should be in a
separate package: `contexttest`

And complete the TODO:

> // TODO: move this function to other packages, because it depends on
"models" package
2023-09-01 11:26:07 +00:00
silverwind
3d109861dd
Render code blocks in repo description (#26830)
Backtick syntax now works in repo description too. Also, I replaced the
CSS for this was a new single class, making it more flexible and not
dependent on a parent. Also, very slightly reduced font size from 16.8px
to 16px.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-31 05:01:01 +00:00
techknowlogick
45976a1bde
Check blocklist for emails when adding them to account (#26812) 2023-08-30 10:46:49 -05:00
KN4CK3R
5315153059
Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
Chongyi Zheng
ad43486cd3
Fix some slice append usages (#26778)
Co-authored-by: delvh <dev.lh@web.de>
2023-08-29 15:47:26 +00:00
Eng Zer Jun
ad3cbbc3b1
Remove redundant nil check in WalkGitLog (#26773)
From the Go specification:

> "1. For a nil slice, the number of iterations is 0."
https://go.dev/ref/spec#For_range

Therefore, an additional nil check for before the loop is unnecessary.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2023-08-29 11:03:43 +00:00
yp05327
60ca3d04a4
Add fix incorrect can_create_org_repo for org owner team (#26683)
Related to: #8312 #26491

In migration v109, we only added a new column `CanCreateOrgRepo` in Team
table, but not initial the value of it.
This may cause bug like #26491.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-29 01:11:23 +00:00
Chongyi Zheng
ac2f8c9ac6
Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
Bo-Yi Wu
8cd46024fd
refactor(API): refactor secret creation and update functionality (#26751)
According to the GitHub API Spec:
https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret

Merge the Create and Update secret into a single API.

- Remove the `CreateSecretOption` struct and replace it with
`CreateOrUpdateSecretOption` in `modules/structs/secret.go`
- Update the `CreateOrUpdateOrgSecret` function in
`routers/api/v1/org/action.go` to use `CreateOrUpdateSecretOption`
instead of `UpdateSecretOption`
- Remove the `CreateOrgSecret` function in
`routers/api/v1/org/action.go` and replace it with
`CreateOrUpdateOrgSecret`
- Update the Swagger documentation in
`routers/api/v1/swagger/options.go` and `templates/swagger/v1_json.tmpl`
to reflect the changes in the struct names and function names

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2023-08-28 13:08:19 +08:00
Lunny Xiao
6945918d34
Fix bug for ctx usage (#26762)
Regression from #26158

Fix #26684
2023-08-28 04:06:47 +00:00
mainboarder
c533991519
Expanded minimum RSA Keylength to 3072 (#26604)
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-28 00:53:16 +00:00
Lunny Xiao
476b9d1589
Use docs.gitea.com instead of docs.gitea.io (#26739) 2023-08-27 11:59:12 +00:00
Chongyi Zheng
43652746f2
Move modules/mirror to services (#26737)
To solve the cyclic imports in a better way

Closes #20261
2023-08-27 10:24:45 +08:00
wxiaoguang
412e5c0946
Make web context initialize correctly for different cases (#26726)
The web context (modules/context.Context) is quite complex, it's
difficult for the callers to initialize correctly.

This PR introduces a `NewWebContext` function, to make sure the web
context have the same behavior for different cases.
2023-08-25 19:07:42 +08:00
Earl Warren
a9ce570298
add Upload URL to release API (#26663)
- Resolves https://codeberg.org/forgejo/forgejo/issues/580
- Return a `upload_field` to any release API response, which points to
the API URL for uploading new assets.
- Adds unit test.
- Adds integration testing to verify URL is returned correctly and that
upload endpoint actually works

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-08-24 10:36:10 +00:00
Laurent Cahour
b21b63c61a
Add merge files files to GetCommitFileStatus (#20515)
Hi,

We'd like to add merge files files to GetCommitFileStatus fucntions so
API returns the list of all the files associated to a merged pull
request commit, like GitHub API does.
The list of affectedFiles for an API commit is fetched from toCommit()
function in routers/api/v1/repo/commits.go, and API was returning no
file in case of a pull request with no conflict, or just files
associated to the confict resolution, but NOT the full list of merged
files.

This would lead to situations where a CI polling a repo for changes
could miss some file changes due to API returning an empty / partial
list in case of such merged pull requests. (Hope this makes sense :) )

NOTE: I'd like to add a unittest in
integrations/api_repo_git_commits_test.go but failed to understand how
to add my own test bare repo so I can make a test on a merged pull
request commit to check for affectedFiles.
Is there a merged pull request in there that I could use maybe?
Could someone please direct me to the relevant ressources with
informations on how to do that please?

Thanks for your time,
Laurent.

---------

Co-authored-by: Thomas Desveaux <desveaux.thomas@gmail.com>
2023-08-24 10:03:49 +00:00
Lunny Xiao
0d55f64e6c
chore(actions): support cron schedule task (#26655)
Replace #22751 

1. only support the default branch in the repository setting.
2. autoload schedule data from the schedule table after starting the
service.
3. support specific syntax like `@yearly`, `@monthly`, `@weekly`,
`@daily`, `@hourly`

## How to use

See the [GitHub Actions
document](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule)
for getting more detailed information.

```yaml
on:
  schedule:
    - cron: '30 5 * * 1,3'
    - cron: '30 5 * * 2,4'

jobs:
  test_schedule:
    runs-on: ubuntu-latest
    steps:
      - name: Not on Monday or Wednesday
        if: github.event.schedule != '30 5 * * 1,3'
        run: echo "This step will be skipped on Monday and Wednesday"
      - name: Every time
        run: echo "This step will always run"
```

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>

---------


Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-08-24 03:06:51 +00:00
Bo-Yi Wu
b62c8e7765
feat(API): update and delete secret for managing organization secrets (#26660)
- Add `UpdateSecret` function to modify org or user repo secret
- Add `DeleteSecret` function to delete secret from an organization
- Add `UpdateSecretOption` struct for updating secret options
- Add `UpdateOrgSecret` function to update a secret in an organization
- Add `DeleteOrgSecret` function to delete a secret in an organization

GitHub API

1. Update Org Secret:
https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#create-or-update-an-organization-secret
2. Delete Org Secret:
https://docs.github.com/en/rest/actions/secrets?apiVersion=2022-11-28#delete-an-organization-secret

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2023-08-24 02:07:00 +00:00
Jason Song
5db21ce7e1
Fix counting and filtering on the dashboard page for issues (#26657)
This PR has multiple parts, and I didn't split them because
it's not easy to test them separately since they are all about the
dashboard page for issues.

1. Support counting issues via indexer to fix #26361
2. Fix repo selection so it also fixes #26653
3. Keep keywords in filter links.

The first two are regressions of #26012.

After:

https://github.com/go-gitea/gitea/assets/9418365/71dfea7e-d9e2-42b6-851a-cc081435c946

Thanks to @CaiCandong  for helping with some tests.
2023-08-23 02:29:17 +00:00
Bo-Yi Wu
23addde28e
feat: implement organization secret creation API (#26566)
- Add a new `CreateSecretOption` struct for creating secrets
- Implement a `CreateOrgSecret` function to create a secret in an
organization
- Add a new route in `api.go` to handle the creation of organization
secrets
- Update the Swagger template to include the new `CreateOrgSecret` API
endpoint

---------

Signed-off-by: appleboy <appleboy.tw@gmail.com>
2023-08-22 11:20:34 +08:00
techknowlogick
b3f7137174
Update minimum password length requirements (#25946) 2023-08-21 19:27:50 +00:00
delvh
3d80308b36
Use correct minio error (#26634)
Previously, `err` was defined above, checked for `err == nil` and used
nowhere else.
Hence, the result of `convertMinioErr` would always be `nil`.
This leads to a NPE further down the line.
That is not intentional, it should convert the error of the most recent
operation, not one of its predecessors.

Found through
https://discord.com/channels/322538954119184384/322538954119184384/1143185780206993550.
2023-08-21 16:20:11 +00:00
wxiaoguang
0731abc444
Remove avatarHTML from template helpers (#26598)
The HTML code is more readable and more correct (it needs `"ui avatar"`
class)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-21 15:00:14 +00:00
Yarden Shoham
16dee4f1b2
Add branch_filter to hooks API endpoints (#26599)
We now include the branch filler in the response.

- Closes #26591 

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/73933940-c1a7-4573-abae-f340b63028b2)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/3b3c4a85-0f7c-48c7-8617-def7a66c671d)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-21 11:43:52 +00:00
yp05327
f6e7798405
Add link to job details and tooltip to commit status in repo list in dashboard (#26326)
Tooltip:

![image](https://github.com/go-gitea/gitea/assets/18380374/237cb545-7844-424b-b995-1008eaaaedec)

Link to the target job:

![image](https://github.com/go-gitea/gitea/assets/18380374/0c11a97f-6517-47f2-8773-f381488c084e)
2023-08-21 15:26:10 +08:00
silverwind
3db3f5daae
Update tool dependencies (#26607)
- Updated all tool dependencies to latest versions
- Add Makefile to `swagger` files because it specifies `go-swagger`
version
- Fix lint
2023-08-20 22:59:19 +00:00
TimberBro
84d05516dc
Fix NPM packages name validation (#26595)
- Added new tests to cover corner cases
- Replace existing regex with new one
Closes #26551 

---
As @silverwind suggested, I started from
[validate-npm-package-name](https://github.com/npm/validate-npm-package-name),
but found this solution too complicated.
Then I tried to fix existing regex myself, but thought, that exclude all
restricted symbols is harder, than set only allowed symbols.
Then I search a bit more and found
[package-name-regex](https://github.com/dword-design/package-name-regex)
and regex from it works for all new test cases.

Let me know, if more information or help with this PR is needed.
2023-08-20 15:06:42 +00:00
Jason Song
47fddaadc8
Support rebuilding issue indexer manually (#26546)
Provide a way to rebuild issue indexer manually.

So if the indexer get outdated because of some bugs like #26539, we can
rebuild it.

<img width="1104" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/ac242e29-6f04-47ca-b3d0-801a796448d3">

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-17 14:05:17 +00:00
wxiaoguang
c6b92c84fe
Sync repo's IsEmpty status correctly (#26517)
Close #26509
2023-08-17 04:43:39 +00:00
Jason Song
3b129aaa80
Explain SearchOptions and fix ToSearchOptions (#26542)
Follow #26012 #26490.

A detailed description has been added to the comment.
2023-08-16 15:40:13 +00:00
Jason Song
7e75e58ae4
Add missing triggers to update issue indexer (#26539)
Fix #26536

Follow #26012

Whatever the comment type is, always update the issue indexer. So the
issue indexer will be updated when there is a change in Status,
Assignee, Label, and so on.

I added the logic for `NotifyUpdateComment`, but missed it for
`NotifyCreateIssueComment` and `NotifyDeleteComment`.
2023-08-16 17:36:05 +08:00
CaiCandong
0e74fc4a84
Fix project filter bugs (#26490)
related: #26012

### Bugs
1. missing project filter on the issue page.

1e76a824bc/modules/indexer/issues/dboptions.go (L11-L15)
3. incorrect SQL condition: some issue does not belong to a project but
exists on the project_issue table.

f5dbac9d36/models/issues/issue_search.go (L233)

### Before:

![before](https://github.com/go-gitea/gitea/assets/50507092/1dcde39e-3e2f-4151-b2c6-4d67bf493c2f)

### After:

![after](https://github.com/go-gitea/gitea/assets/50507092/badfb81f-056d-4a2f-9838-1cba9c15768d)

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-15 14:50:12 +00:00
yp05327
7f8028e5a1
Fix display problems of members and teams unit (#26363)
Fix:
- display member count and team count in the menu bar

![image](https://github.com/go-gitea/gitea/assets/18380374/7f03ced4-67e2-41ce-b19f-a992823726bb)
- Also display member unit in the menu bar if there are no hidden
members in public org

![image](https://github.com/go-gitea/gitea/assets/18380374/31422ad6-7190-438d-8e99-8a4af9cce908)
- hidden member board when there's no seeable members.
In this org, we only have hidden members: 

![image](https://github.com/go-gitea/gitea/assets/18380374/d749420b-554a-4483-8cd2-221df61b5ca7)
We will hidden the member board when doer is not the member of this org

![image](https://github.com/go-gitea/gitea/assets/18380374/93bb782e-7d4d-4ad3-a096-133afbc51f8a)
Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/eafc0b3e-6218-42ab-a892-39645d08a5eb)
If you click the number in the members board, you will access the
members page, which is not expected.

![image](https://github.com/go-gitea/gitea/assets/18380374/73d6dadc-0ef2-4ca9-8485-c5f4211bffb2)

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-15 16:00:35 +02:00
Bo-Yi Wu
79d74d208f
Add API route to list org secrets (#26485)
- Add a new function `CountOrgSecrets` in the file
`models/secret/secret.go`
- Add a new file `modules/structs/secret.go`
- Add a new function `ListActionsSecrets` in the file
`routers/api/v1/api.go`
- Add a new file `routers/api/v1/org/action.go`
- Add a new function `listActionsSecrets` in the file
`routers/api/v1/org/action.go`

go-sdk: https://gitea.com/gitea/go-sdk/pulls/629

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-15 14:32:43 +02:00
wxiaoguang
ced34bab1a
Detect ogg mime-type as audio or video (#26494)
"ogg" is just a "container" format for audio and video.

Golang's `DetectContentType` only reports "application/ogg" for
potential ogg files.

Actually it could do more "guess" to see whether it is a audio file or a
video file.
2023-08-15 10:31:25 +08:00
wxiaoguang
ed1be4ca68
Handle base64 decoding correctly to avoid panic (#26483)
Fix the panic if the "base64 secret" is too long.
2023-08-14 10:30:16 +00:00
puni9869
cafce3b4b5
Allow to archive labels (#26478)
## Archived labels 

This adds the structure to allow for archived labels.
Archived labels are, just like closed milestones or projects, a medium to hide information without deleting it.
It is especially useful if there are outdated labels that should no longer be used without deleting the label entirely.

## Changes

1. UI and API have been equipped with the support to mark a label as archived
2. The time when a label has been archived will be stored in the DB

## Outsourced for the future

There's no special handling for archived labels at the moment.
This will be done in the future.

## Screenshots

![image](https://github.com/go-gitea/gitea/assets/80308335/208f95cd-42e4-4ed7-9a1f-cd2050a645d4)

![image](https://github.com/go-gitea/gitea/assets/80308335/746428e0-40bb-45b3-b992-85602feb371d)

Part of https://github.com/go-gitea/gitea/issues/25237

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-14 11:56:14 +02:00
Lunny Xiao
389fb754a2
Fix storage path logic especially for relative paths (#26441)
This PR rewrites the function `getStorage` and make it more clear.

Include tests from #26435, thanks @earl-warren

---------

Co-authored-by: Earl Warren <contact@earl-warren.org>
2023-08-13 22:09:25 +02:00
wxiaoguang
7018659a1d
Close stdout correctly for "git blame" (#26470)
Close stdout correctly for "git blame", otherwise the failed "git blame"
would case the request hanging forever.

And "os.Stderr" should never (seldom) be used as git command's stderr
2023-08-13 02:11:20 +00:00
wxiaoguang
bcccf4c0d6
Remove last newline from config file (#26468)
When users put the secrets into a file (GITEA__sec__KEY__FILE), the
newline sometimes is different to avoid (eg: echo/vim/...)

So the last newline could be removed when reading, it makes the users
easier to maintain the secret files.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-12 15:28:35 +00:00
Lunny Xiao
a321a4c2fc
Adjust minio new sequence, now it will check whether bucket exist first and then create one if it doesn't exist (#26420)
For some reason, the permission of the client_id and secret may cannot
create bucket, so now we will check whether bucket does exist first and
then try to create a bucket if it doesn't exist.

Try to fix #25984

Co-authored-by: silverwind <me@silverwind.io>
2023-08-12 08:03:54 +00:00
Jack Hay
c5888eb985
Set commit id when ref used explicitly (#26447)
In the `RepoRefForAPI()` context function `CommitID` is not set if `ref`
is used. It is set correctly for other if/else branches where `Commit`
is set. It doesn't appear that any routes that use `RepoRefForAPI()`
also use `CommitID` but that may be the case in the future.

## Changes
- Sets `ctx.Repo.CommitID` when `ref` is explicitly used for api routes
that use `RepoRefForAPI()`
2023-08-12 07:33:12 +00:00
nekrondev
3c91b09c19
minio: add missing region on client initialization (#26412)
The MinIO client isn't redirecting to the correct AWS endpoint if a
non-default data center is used.

In my use case I created an AWS bucket at `eu-central-1` region. Because
of the missing region initialization of the client the default
`us-east-1` API endpoint is used returning a `301 Moved Permanently`
response that's not handled properly by MinIO client. This in return
aborts using S3 storage on AWS as the `BucketExists()` call will fail
with the http moved error.

MinIO client trace shows the issue:

```text
---------START-HTTP---------
HEAD / HTTP/1.1
Host: xxxxxxxxxxx-prod-gitea-data.s3.dualstack.us-east-1.amazonaws.com
User-Agent: MinIO (windows; amd64) minio-go/v7.0.61
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20230809/accesspoint.eu-central-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20230809T141143Z

HTTP/1.1 301 Moved Permanently
Connection: close
Content-Type: application/xml
Date: Wed, 09 Aug 2023 14:11:43 GMT
Server: AmazonS3
X-Amz-Bucket-Region: eu-central-1
X-Amz-Id-2: UK7wfeYi0HcTcytNvQ3wTAZ5ZP1mOSMnvRZ9Fz4xXzeNsS47NB/KfFx2unFxo3L7XckHpMNPPVo=
X-Amz-Request-Id: S1V2MJV8SZ11GEVN
---------END-HTTP---------
```

Co-authored-by: Heiko Besemann <heiko.besemann@qbeyond.de>
2023-08-10 11:21:09 +00:00
wxiaoguang
a370efc13f
Use template context function for avatar rendering (#26385)
Introduce `AvatarUtils`, no need to pass `$.Context` to every
sub-template, and simplify the template helper functions.
2023-08-10 11:19:39 +08:00
wxiaoguang
a85a862804
Fix admin queue page title (#26409)
Fix #26408

```
# locale_en-US.ini
[admin]
monitor.queues = Queues
```

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-08-10 02:05:37 +00:00
Denys Konovalov
63ab92d797
Pre-register OAuth2 applications for git credential helpers (#26291)
This PR is an extended implementation of #25189 and builds upon the
proposal by @hickford in #25653, utilizing some ideas proposed
internally by @wxiaoguang.

Mainly, this PR consists of a mechanism to pre-register OAuth2
applications on startup, which can be enabled or disabled by modifying
the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2
applications registered this way are being marked as "locked" and
neither be deleted nor edited over UI to prevent confusing/unexpected
behavior. Instead, they're being removed if no longer enabled in config.


![grafik](https://github.com/go-gitea/gitea/assets/47871822/81a78b1c-4b68-40a7-9e99-c272ebb8f62e)

The implemented mechanism can also be used to pre-register other OAuth2
applications in the future, if wanted.

Co-authored-by: hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

---------

Co-authored-by: M Hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-09 14:24:07 +02:00
CaiCandong
d41aee1d1e
Make user-content-* consistent with github (#26388)
Fix #26367
Related #19745

Thanks @lazyky for providing  test cases
2023-08-09 09:30:31 +00:00
wxiaoguang
c2e0143bfe
Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392)
Fix #26389

And complete an old TODO: `ctx.Params does un-escaping,..., which is
incorrect.`
2023-08-09 14:57:45 +08:00
wxiaoguang
4fc4f6e634
Refactor "editorconfig" (#26391)
There are 2 kinds of ".Editorconfig" in code, one is `JSON string` for
the web edtior, another is `*editorconfig.Editorconfig` for the file
rendering (used by `TabSizeClass`)

This PR distinguish them with different names.

And by the way, change the default tab size from 8 to 4, I think few
people would like to use 8-size tabs nowadays.
2023-08-08 10:44:19 +00:00
wxiaoguang
71d253f42e
Remove unnecessary template helper DisableGravatar (#26386)
And one "AllowedUserVisibilityModes" was missing, add it.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-08 08:29:14 +00:00
wxiaoguang
78b2a1cc36
Remove unnecessary template helper repoAvatar (#26387)
And simplify the "repo/icon" code
2023-08-08 15:29:35 +08:00
wxiaoguang
6913053223
Start using template context function (#26254)
Before:

* `{{.locale.Tr ...}}`
* `{{$.locale.Tr ...}}`
* `{{$.root.locale.Tr ...}}`
* `{{template "sub" .}}`
* `{{template "sub" (dict "locale" $.locale)}}`
* `{{template "sub" (dict "root" $)}}`
* .....

With context function: only need to `{{ctx.Locale.Tr ...}}`

The "ctx" could be considered as a super-global variable for all
templates including sub-templates.


To avoid potential risks (any bug in the template context function
package), this PR only starts using "ctx" in "head.tmpl" and
"footer.tmpl" and it has a "DataRaceCheck". If there is anything wrong,
the code can be fixed or reverted easily.
2023-08-08 01:22:47 +00:00
cassiozareck
ab0eb1c47b
Rename code_langauge.go to code_language.go (#26377) 2023-08-07 15:00:53 -04:00
Earl Warren
87f70979cf
Do not highlight #number in documents (#26365)
- Currently the post processing will transform all issue indexes (such as `#6`) into a clickable link.
- This makes sense in an situation like issues or PRs,
where referencing to other issues is quite common
and only referencing their issue index is an handy and efficient way to do it.
- Currently this is also run for documents
(which is the user profile and viewing rendered files),
but in those situations it's less common to reference issues by their index and instead could mean something else.
- This patch disables this post processing for issue index for documents. Matches Github's behavior.
- Added unit tests.
- Resolves https://codeberg.org/Codeberg/Community/issues/1120

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-08-07 15:11:25 +02:00
wxiaoguang
d92b4cd093
Fix incorrect CLI exit code and duplicate error message (#26346)
Follow the CLI refactoring, and add tests.
2023-08-05 23:36:45 +08:00
KN4CK3R
2d3924d0e7
Prevent newline errors with Debian packages (#26332)
Fixes #26313
2023-08-05 10:59:52 +02:00
Zettat123
9a8af92577
Fix the bug when getting files changed for pull_request_target event (#26320)
Follow #25229

Copy from
https://github.com/go-gitea/gitea/pull/26290#issuecomment-1663135186

The bug is that we cannot get changed files for the
`pull_request_target` event. This event runs in the context of the base
branch, so we won't get any changes if we call
`GetFilesChangedSinceCommit` with `PullRequest.Base.Ref`.
2023-08-05 14:26:06 +08:00
wxiaoguang
5db4c8db93
Refactor backend SVG package and add tests (#26335)
Introduce a well-tested `svg.Normalize` function.
Make `RenderHTML` faster and more stable.
2023-08-05 04:34:59 +00:00
wxiaoguang
2de0752be7
Make git batch operations use parent context timeout instead of default timeout (#26325)
Fix #26064

Some git commands should use parent context, otherwise it would exit too
early (by the default timeout, 10m), and the "cmd.Wait" waits till the
pipes are closed.
2023-08-04 14:50:41 +02:00
Lunny Xiao
96f151392f
Fix the wrong derive path (#26271)
This PR will fix #26264, caused by #23911.

The package configuration derive is totally wrong when storage type is
local in that PR.

This PR fixed the inherit logic when storage type is local with some
unit tests.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-04 03:41:16 +00:00
Zettat123
8a2f019d69
Support getting changed files when commit ID is EmptySHA (#26290)
Fixes #26270.

Co-Author: @wxiaoguang 

Thanks @lunny for providing this solution

As
https://github.com/go-gitea/gitea/issues/26270#issuecomment-1661695151
said, at present we cannot get the names of changed files correctly when
the `OldCommitID` is `EmptySHA`. In this PR, the `GetCommitFilesChanged`
method is added and will be used to get the changed files by commit ID.

References:
- https://stackoverflow.com/a/424142

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-04 02:53:15 +00:00
wxiaoguang
54c28fddd8
Clarify the logger's MODE config option (#26267)
1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-01 18:28:23 +00:00
Panagiotis "Ivory" Vasilopoulos
d58c542579
Add 'Show on a map' button to Location in profile, fix layout (#26214)
Not too important, but I think that it'd be a pretty neat touch.

Also fixes some layout bugs introduced by a previous PR.

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-31 08:44:45 +00:00
Jason Song
1e76a824bc
Refactor and enhance issue indexer to support both searching, filtering and paging (#26012)
Fix #24662.

Replace #24822 and #25708 (although it has been merged)


## Background

In the past, Gitea supported issue searching with a keyword and
conditions in a less efficient way. It worked by searching for issues
with the keyword and obtaining limited IDs (as it is heavy to get all)
on the indexer (bleve/elasticsearch/meilisearch), and then querying with
conditions on the database to find a subset of the found IDs. This is
why the results could be incomplete.

To solve this issue, we need to store all fields that could be used as
conditions in the indexer and support both keyword and additional
conditions when searching with the indexer.

## Major changes

- Redefine `IndexerData` to include all fields that could be used as
filter conditions.
- Refactor `Search(ctx context.Context, kw string, repoIDs []int64,
limit, start int, state string)` to `Search(ctx context.Context, options
*SearchOptions)`, so it supports more conditions now.
- Change the data type stored in `issueIndexerQueue`. Use
`IndexerMetadata` instead of `IndexerData` in case the data has been
updated while it is in the queue. This also reduces the storage size of
the queue.
- Enhance searching with Bleve/Elasticsearch/Meilisearch, make them
fully support `SearchOptions`. Also, update the data versions.
- Keep most logic of database indexer, but remove
`issues.SearchIssueIDsByKeyword` in `models` to avoid confusion where is
the entry point to search issues.
- Start a Meilisearch instance to test it in unit tests.
- Add unit tests with almost full coverage to test
Bleve/Elasticsearch/Meilisearch indexer.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-31 06:28:53 +00:00
KN4CK3R
d08ab7be9c
Fix typo in metadata (#26207)
https://github.com/go-gitea/gitea/pull/26194#discussion_r1277094525

There is no need to backport because these names are just used internal.
2023-07-30 23:54:22 +00:00
Lunny Xiao
ce27de4d48
Fix allowed user types setting problem (#26200)
Fix #25951
2023-07-28 12:15:39 -04:00
Earl Warren
494ee56de2
improve unit test for caching (#26185)
- Configure `setting.CacheService.TTL` which will force the code to go
trough the caching mechanism.
- Remove the TODO and uncomment the test code.

(cherry picked from commit a201f2f1896c1a086f3e37f86b1306d44c07f2e4)

Refs: https://codeberg.org/forgejo/forgejo/pulls/974

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-07-27 22:24:40 +02:00
Earl Warren
eaea530d6b
Render plaintext task list items for markdown files (#26186)
- The library that's being used for org-mode, [doesn't render the status
of list items](https://github.com/niklasfasching/go-org/issues/63).
- Add a modified version of the proposed CSS snippet to still display
the status for the list items. The alternative was parsing HTML and
transforming it, which is too complicated for this small task.
- Resolves https://codeberg.org/Codeberg/Community/issues/1099

(cherry picked from commit 9753c7e4b8490b8f1e3d19cb06187503b88afb88)

Refs: https://codeberg.org/forgejo/forgejo/pulls/1071

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-07-27 14:15:31 +00:00
delvh
bd6ef71854
Show branches and tags that contain a commit (#25180)
Now, you can see for a commit which existing branches and tags contain it.
You first have to click on the `load branches and tags` button, they are not preloaded by default.
All branches and tags are ordered descending by creation date.
You can even see without much hassle if the given commit is already part of the default branch.

Closes #25152 

## Screenshots

### Initial

![image](https://github.com/go-gitea/gitea/assets/51889757/84db2c0b-aaef-4f69-ab92-0b812793d2ad)

### Loaded

![image](https://github.com/go-gitea/gitea/assets/51889757/a9b84e66-8e44-4c55-b017-c37f4a45f41b)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-27 12:47:41 +02:00
wxiaoguang
8baa42c8d7
Calculate MAX_WORKERS default value by CPU number (#26177)
To avoid consuming user's 100% CPU, limit the default value of
MAX_WORKERS

Fix #26063 (the CPU 100% problem mentioned in it)
2023-07-27 16:40:35 +08:00
caicandong
f2cc4daf60
Doc update swagger doc for POST /orgs/{org}/teams (#26155)
close #26111
2023-07-26 10:22:56 +00:00
caicandong
13359581df
refactor improve NoBetterThan (#26126)
- The `NoBetterThan` function can only handle comparisons between
"pending," "success," "error," and "failure." For any other comparison,
we directly return false. This prevents logic errors like the one in
#26121.
- The callers of the `NoBetterThan` function should also avoid making
incomparable calls.

---------

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
2023-07-26 08:52:07 +00:00
wxiaoguang
dcd3a63128
Move web JSON functions to web context and simplify code (#26132)
The JSONRedirect/JSONOK/JSONError functions were put into "Base" context
incorrectly, it would cause abuse.

Actually, they are for "web context" only, so, move them to the correct
place.

And by the way, use them to simplify old code: +75 -196
2023-07-26 06:04:01 +00:00
Lunny Xiao
5dc37ef97a
Display deprecated warning in admin panel pages as well as in the log file (#26094)
This PR includes #26007 's changes but have a UI to prompt administrator
about the deprecated settings as well as the log or console warning.
Then users will have enough time to notice the problem and don't have
surprise like before.

<img width="1293" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/c33355f0-1ea7-4fb3-ad43-cd23cd15391d">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-26 03:53:37 +00:00
wxiaoguang
3e4a4f9c67
Fix incorrect router logger (#26137)
A low-level mistake:

* `log.Info` is global `Info` function, which calls "default" logger
* `logger.Info` is the for router's logger
2023-07-25 22:21:09 +00:00
JakobDev
6598d0291c
Allow Organisations to have a E-Mail (#25082)
Resolves #25057

This adds a E-Mail field to Organisations. The E-Mail is just shown on
the Profile when it is visited by a logged in User. The E-mail is not
used for something else.

**Screenshots:**

![grafik](https://github.com/go-gitea/gitea/assets/15185051/a8d622b3-7278-4c08-984b-9c5ebfdb5471)

![grafik](https://github.com/go-gitea/gitea/assets/15185051/6dcb1dd7-d04b-49eb-bc96-6582cfe9757b)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Denys Konovalov <privat@denyskon.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-25 08:26:27 +00:00
Jason Song
862f748b2b
Fix loading LFS_JWT_SECRET from wrong section (#26109)
Regression of #25408.

`LFS_JWT_SECRET_URI` and `LFS_JWT_SECRET` are under the `server`
section, not `lfs`.

So each time gitea restarts, it resets `LFS_JWT_SECRET`.

<img width="1378" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/527ec9b9-eea2-4334-a274-6d1471456edd">
2023-07-25 05:06:31 +00:00
wxiaoguang
d0bdfbc545
Avoid writing config file if not installed (#26107)
Just like others (oauth2 secret, internal token, etc), do not generate
if no install lock
2023-07-25 04:03:41 +00:00
KN4CK3R
6aa30af724
Fix handling of Debian files with trailing slash (#26087)
Fixes #26022

- Fix handling of files with trailing slash
- Fix handling of duplicate package file errors
- Added test for both
2023-07-24 16:19:44 +02:00
idk
cdd3d4b8d8
Allow the use of alternative net.Listener implementations by downstreams (#25855)
This is a simple PR which moves the `GetListener` function to a
`DefaultGetListener` function, and changes `GetListener` to be a
variable which by default points to the `DefaultGetListener` function.
This allows people who may exist quasi-downstream of Gitea to create
alternate "GetListener" functions, with identical signatures, which
return different implementations of the `net.Listener` interface. This
approach is expressly intended to be non-invasive and have the least
possible impact on the gitea codebase. A previous version of this idea
was rejected before: https://github.com/go-gitea/gitea/issues/15544 but
because of issues like: https://github.com/go-gitea/gitea/issues/22335 I
**really** think that recommending people configure proxies by hand is
exactly the wrong way to do things(This is why there is a Tor Browser.).
This tiny change lets me put proper hidden service configuration into
single `i2p.go` file which lives in `modules/graceful/` and which never
has to be checked in to your codebase or affect your dependencies or
bloat your project in any way, it can live on a branch in my fork and
I'll fast-forward every release and never the twain shall meet.

The main use-case for this is to listen on Peer-to-Peer networks and
Hidden Services directly without error-prone and cumbersome
port-forwarding configuration. For instance, I might implement an
"I2PGetListener" as follows:

```Go
// adapted from i2p.go which is unchecked-in in my modules/graceful/ directory
import "github.com/eyedeekay/onramp"

var garlic = &onramp.Garlic{}

func I2PGetListener(network, address string) (net.Listener, error) {
	// Add a deferral to say that we've tried to grab a listener
	defer GetManager().InformCleanup()
	switch network {
	case "tcp", "tcp4", "tcp6", "i2p", "i2pt":
		return garlic.Listen()
	case "unix", "unixpacket":
// I2P isn't really a replacement for the stuff you use Unix sockets for and it's also not an anonymity risk, so treat them normally
		unixAddr, err := net.ResolveUnixAddr(network, address)
		if err != nil {
			return nil, err
		}
		return GetListenerUnix(network, unixAddr)
	default:
		return nil, net.UnknownNetworkError(network)
	}
}
```

I could then substitute that GetListener function and be 50% of the way
to having a fully-functioning gitea-over-hidden-services instance
without any additional configuration(The other 50% doesn't require any
code-changes on gitea's part).

There are 2 advantages here, one being convenience, first this turns
hidden services into a zero-configuration option for self-hosting gitea,
and second safety, these Go libraries are passing around
hidden-service-only versions of the net.Addr struct, they're using
hidden-service-only versions of the sockets, which are both expressly
designed to never require access to any information outside the hidden
service network, manipulating the application so it reveals information
about the host becomes much more difficult, and some attacks become
nearly impossible. It also opens up TLS-over-Hidden Services support
which is niche right now, of course, but in a future where gitea
instances federate if hidden services want to be part of the federation
they're probably going to need TLS certificates. They don't need to be
painful to set up.

This doesn't fix an open issue, but it might affect:
- https://github.com/go-gitea/gitea/issues/22335 - my `i2p.go` file
actually has a mod that fixes this but it requires adding a handful of
new dependencies to gitea and isn't compatible with the normal way you
guys recommend using a proxy so I don't think it's ready to send to you
as a PR, but if I can find a non-invasive way to fix it I will.
 - https://github.com/go-gitea/gitea/issues/18240

I hereby agree to the Code of Conduct published here:
8b89563bf1/CODE_OF_CONDUCT.md
I have read and understood the recommendations published here:
8b89563bf1/CONTRIBUTING.md

Thank you for your consideration.

---------

Co-authored-by: eyedeekay <idk@mulder>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-24 07:18:17 +00:00
wxiaoguang
674df05b16
Use stderr as fallback if the log file can't be opened (#26074)
If the log file can't be opened, what should it do? panic/exit? ignore
logs? fallback to stderr?

It seems that "fallback to stderr" is slightly better than others ....
2023-07-24 04:57:21 +00:00
Lunny Xiao
b167f35113
Add context parameter to some database functions (#26055)
To avoid deadlock problem, almost database related functions should be
have ctx as the first parameter.
This PR do a refactor for some of these functions.
2023-07-22 22:14:27 +08:00
wxiaoguang
52fb936773
Serve pre-defined files in "public", add "security.txt", add CORS header for ".well-known" (#25974)
Replace #25892

Close  #21942
Close  #25464

Major changes:

1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files

```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-21 12:14:20 +00:00
HesterG
2f0e79e639
Use frontend fetch for branch dropdown component (#25719)
- Send request to get branch/tag list, use loading icon when waiting for
response.
- Only fetch when the first time branch/tag list shows.
- For backend, removed assignment to `ctx.Data["Branches"]` and
`ctx.Data["Tags"]` from `context/repo.go` and passed these data wherever
needed.
- Changed some `v-if` to `v-show` and used native `svg` as mentioned in
https://github.com/go-gitea/gitea/pull/25719#issuecomment-1631712757 to
improve perfomance when there are a lot of branches.
- Places Used the dropdown component:

     Repo Home Page
    
<img width="1429" alt="Screen Shot 2023-07-06 at 12 17 51"
src="https://github.com/go-gitea/gitea/assets/17645053/6accc7b6-8d37-4e88-ae1a-bd2b3b927ea0">

    Commits Page

<img width="1431" alt="Screen Shot 2023-07-06 at 12 18 34"
src="https://github.com/go-gitea/gitea/assets/17645053/2d0bf306-d1e2-45a8-a784-bc424879f537">

    Specific commit -> operations -> cherry-pick
    
<img width="758" alt="Screen Shot 2023-07-06 at 12 23 28"
src="https://github.com/go-gitea/gitea/assets/17645053/1e557948-3881-4e45-a625-8ef36d45ae2d">

    Release Page
    
<img width="1433" alt="Screen Shot 2023-07-06 at 12 25 05"
src="https://github.com/go-gitea/gitea/assets/17645053/3ec82af1-15a4-4162-a50b-04a9502161bb">

- Demo


https://github.com/go-gitea/gitea/assets/17645053/d45d266b-3eb0-465a-82f9-57f78dc5f9f3

- Note:

UI of dropdown menu could be improved in another PR as it should apply
to more dropdown menus.

Fix #14180

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-21 11:20:04 +00:00
caicandong
840830b655
Remove commit status running and warning to align GitHub (#25839)
Fix #25776. Close #25826.

In the discussion of #25776, @wolfogre's suggestion was to remove the
commit status of `running` and `warning` to keep it consistent with
github.

references:
-
https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#about-commit-statuses


## ⚠️ BREAKING ⚠️

So the commit status of Gitea will be consistent with GitHub, only
`pending`, `success`, `error` and `failure`, while `warning` and
`running` are not supported anymore.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-07-21 16:24:36 +08:00
Lunny Xiao
037c9895a7
Support copy protected branch from template repository (#25889)
Fix #14303
2023-07-21 12:32:47 +08:00
wxiaoguang
9b25bfa8f4
Remove redundant "RouteMethods" method (#26024)
The `RouteMethods` is mainly an alias for `Methods` with different
argument order.

Remove it to keep the "route.go" code clear
2023-07-21 00:43:49 +02:00
puni9869
d12ba978a7
Adding remaining enum for migration repo model type. (#26021) 2023-07-20 12:28:38 -05:00
harryzcy
ec227d6682
Remove nfnt/resize and oliamb/cutter (#25999)
The package `github.com/nfnt/resize` is deprecated and archived by the
author. `github.com/oliamb/cutter` is not maintained since 2018. We
could use `golang.org/x/image/draw` instead.
2023-07-20 19:52:42 +08:00
wxiaoguang
28ecac8024
Fix env config parsing for "GITEA____APP_NAME" (#26001)
Regression of #24832 

Fix the bug and add a test for it

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-20 09:16:29 +00:00
jeremiepozzigithub
d7a8d09da0
Add file status for API "Get a single commit from a repository" (#16205) (#25831)
#16205 To obtain a closer behavior to the api from github, the status
(added, modified, removed) of a file should be available in addition to
the filename.
See github doc :

https://docs.github.com/fr/rest/commits/commits?apiVersion=2022-11-28#get-a-commit
2023-07-20 16:35:47 +08:00
harryzcy
0f9f6567bb
Bump github.com/golang-jwt/jwt to v5 (#25975)
Bumping `github.com/golang-jwt/jwt` from v4 to v5.

`github.com/golang-jwt/jwt` v5 is bringing some breaking changes:

- standard `Valid()` method on claims is removed. It's replaced by
`ClaimsValidator` interface implementing `Validator()` method instead,
which is called after standard validation. Gitea doesn't seem to be
using this logic.
- `jwt.Token` has a field `Valid`, so it's checked in `ParseToken`
function in `services/auth/source/oauth2/token.go`

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 09:57:10 +00:00
wxiaoguang
50e14699d3
Update path related documents (#25417)
Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.


![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 11:22:57 +02:00
wxiaoguang
236c645bf1
Refactor "Content" for file uploading (#25851)
Before: the concept "Content string" is used everywhere. It has some
problems:

1. Sometimes it means "base64 encoded content", sometimes it means "raw
binary content"
2. It doesn't work with large files, eg: uploading a 1G LFS file would
make Gitea process OOM

This PR does the refactoring: use "ContentReader" / "ContentBase64"
instead of "Content"

This PR is not breaking because the key in API JSON is still "content":
`` ContentBase64 string `json:"content"` ``
2023-07-18 18:14:47 +00:00
wxiaoguang
faa28b5a44
Move public asset files to the proper directory (#25907)
Move `public/*` to `public/assets/*`

Some old PRs (like #15219) introduced inconsistent directory system.

For example: why the local directory "public" is accessed by
`http://site/assets`? How to serve the ".well-known" files properly in
the public directory?

For convention rules, the "public" directory is widely used for the
website's root directory. It shouldn't be an exception for Gitea.

So, this PR makes the things consistent:

* `http://site/assets/foo` means `{CustomPath}/public/assets/foo`.
* `{CustomPath}/public/.well-known` and `{CustomPath}/public/robots.txt`
can be used in the future.

This PR is also a prerequisite for a clear solution for:
* #21942
* #25892 
* discourse.gitea.io: [.well-known path serving custom files behind
proxy?](https://discourse.gitea.io/t/well-known-path-serving-custom-files-behind-proxy/5445/1)

This PR is breaking for users who have custom "public" files (CSS/JS).
After getting approvals, I will update the documents.

----

## ⚠️ BREAKING ⚠️

If you have files in your "custom/public/" folder, please move them to
"custom/public/assets/".

---------

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-18 18:06:43 +02:00
KN4CK3R
8af96f585f
Disallow dangerous url schemes (#25960)
Regression: https://github.com/go-gitea/gitea/pull/24805
Closes: #25945

- Disallow `javascript`, `vbscript` and `data` (data uri images still
work) url schemes even if all other schemes are allowed
- Fixed older `cbthunderlink` tests

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-18 15:18:37 +00:00
wxiaoguang
cc73e84fa3
Avoid creating directories when loading config (#25944)
The "creating dir/file during load config" is a longstanding and complex
problem.

This PR only does a quick patch, it still needs more refactorings in the
future.

Fix #25938
2023-07-18 07:32:36 -05:00
wxiaoguang
ff9a7afe99
Skip unuseful error message in dev mode when watching local filesystem (#25919)
Before, in dev mode, there might be some error logs like:

```
2023/07/17 13:54:51 ...s/assetfs/layered.go:221:WatchLocalChanges() [E] Unable to watch directory .: lstat /data/work/gitea/custom/templates: no such file or directory

```

Because there is no "custom/templates" directory.

After: ignore such error, no such error message anymore.
2023-07-17 09:47:55 +00:00
KN4CK3R
81a8120bc3
Add shutting down notice (#25920)
Got the same problem as #25915 when updating an instance. The
`log.Fatal` should have been marked as breaking in #23911.

This PR adds a notice that the system is shutting down because of the
deprecated setting.
2023-07-17 10:58:47 +02:00
wxiaoguang
9672085d94
Fix "Flash" message usage (#25895)
Resolve https://github.com/go-gitea/gitea/pull/25820/files#r1264309059
2023-07-15 11:52:03 +03:00
KN4CK3R
bd82d8974e
Add support for different Maven POM encoding (#25873)
Fixes #25853

- Maven POM files aren't always UTF-8 encoded.
- Reject the upload of unparsable POM files
2023-07-14 09:39:15 +00:00
harryzcy
c5e187c389
Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
Jason Song
aee14b9c0b
Remove git.FileBlame (#25841)
The `FileBlame` function looks strange, it has `revision` as argument
but doesn't use it.

Since the function never be used, I think we could just remove it.

If anyone thinks it should be kept, please help fix `revision`.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-12 19:07:29 +02:00
wxiaoguang
fa0b5b14c2
Make "install page" respect environment config (#25648)
Replace #25580

Fix #19453

The problem was: when users set "GITEA__XXX__YYY" , the "install page"
doesn't respect it.

So, to make the result consistent and avoid surprising end users, now
the "install page" also writes the environment variables to the config
file.

And, to make things clear, there are enough messages on the UI to tell
users what will happen.

There are some necessary/related changes to `environment-to-ini.go`:

* The "--clear" flag is removed and it was incorrectly written there.
The "clear" operation should be done if INSTALL_LOCK=true
* The "--prefix" flag is removed because it's never used, never
documented and it only causes inconsistent behavior.


![image](https://github.com/go-gitea/gitea/assets/2114189/12778ee4-3fb5-4664-a73a-41ebbd77cd5b)
2023-07-09 22:43:37 +00:00
KN4CK3R
321383db22
Revert package access change from #23879 (#25707)
Fixes (?) #25538
Fixes https://codeberg.org/forgejo/forgejo/issues/972

Regression #23879

#23879 introduced a change which prevents read access to packages if a
user is not a member of an organization.

That PR also contained a change which disallows package access if the
team unit is configured with "no access" for packages. I don't think
this change makes sense (at the moment). It may be relevant for private
orgs. But for public or limited orgs that's useless because an
unauthorized user would have more access rights than the team member.
This PR restores the old behaviour "If a user has read access for an
owner, they can read packages".

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-09 13:00:07 +00:00
wxiaoguang
819aed35bf
Make route middleware/handler mockable (#25766)
To mock a handler:

```go
web.RouteMock(web.MockAfterMiddlewares, func(ctx *context.Context) {
	// ...
})
defer web.RouteMockReset()
```


It helps:

* Test the middleware's behavior (assert the ctx.Data, etc)
* Mock the middleware's behavior (prepare some context data for handler)
* Mock the handler's response for some test cases, especially for some
integration tests and e2e tests.
2023-07-09 12:25:53 +00:00
silverwind
887a683af9
Update tool dependencies, lock govulncheck and actionlint (#25655)
- Update all tool dependencies
- Lock `govulncheck` and `actionlint` to their latest tags

---------

Co-authored-by: 6543 <m.huber@kithara.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-09 11:58:06 +00:00
Zettat123
a42a838843
Fix ref for workflows triggered by pull_request_target (#25743)
Follow #25229

At present, when the trigger event is `pull_request_target`, the `ref`
and `sha` of `ActionRun` are set according to the base branch of the
pull request. This makes it impossible for us to find the head branch of
the `ActionRun` directly. In this PR, the `ref` and `sha` will always be
set to the head branch and they will be changed to the base branch when
generating the task context.
2023-07-07 19:22:03 +00:00
techknowlogick
cb01b8691d
Add open/closed field support for issue index (#25708)
A couple of notes:
* Future changes should refactor arguments into a struct
* This filtering only is supported by meilisearch right now
* Issue index number is bumped which will cause a re-index
2023-07-07 17:10:13 +00:00
Zettat123
7586b5815a
Fix activity type match in matchPullRequestEvent (#25746)
Fix #25736 
Caused by #24048

Right now we only check the activity type for `pull_request` event when
`types` is specified or there are no `types` and filter. If a workflow
only specifies filters but no `types` like this:
```
on:
  pull_request:
    branches: [main]
```
the workflow will be triggered even if the activity type is not one of
`[opened, reopened, sync]`. We need to check the activity type in this
case.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-07 16:30:07 +00:00
6543
8995046110
Less naked returns (#25713)
just a step towards  #25655

and some related refactoring
2023-07-07 05:31:56 +00:00
puni9869
2af30f715e
Fix inconsistent user profile layout across tabs (#25625)
Fix ::User Profile Page  Project Tab Have Inconsistent Layout and Style
Added the big_avator for consistency in the all header_items tabs.
Fixes: #24871
> ### Description
> in the user profile page the `Packages` and `Projects` tab have small
icons for user but other tabs have bigger profile picture with user
info:
> 
> ### Screenshots
> ### **For Packages And Projects:**
>
![image](https://user-images.githubusercontent.com/25511175/240148601-2420d77b-ba25-4718-9ccb-c5d0d95e3079.png)
> 
> ### **For Other Tabs:**
>
![image](https://user-images.githubusercontent.com/25511175/240148461-ce9636b3-fe11-4c46-a230-30d83eee5947.png)
> 

## Before

![image](https://github.com/go-gitea/gitea/assets/80308335/975ad038-07ca-4b10-b75d-ccf259be7b9d)


 ## After changes
Project View 
<img width="1394" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/95d181d7-8e61-496d-9899-7b825c91ad56">


Packages View
<img width="1378" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/7f5fd60f-6b18-4fa8-8c56-7b0d45d1a610">


## Org view for projects page
<img width="1385" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/6400dc89-a5ae-4f0a-831b-5b6efa020d89">

## Org view for packages page
<img width="1387" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/4e1e9ffe-1e4b-4334-8657-de11b5fd31d0">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-07-06 18:59:24 +00:00
wxiaoguang
f0bde0e4f9
Simplify the LFS GC logger usage (#25717)
Remove unnecessary `if opts.Logger != nil` checks.

* For "CLI doctor" mode, output to the console's "logger.Info".
* For "Web Task" mode, output to the default "logger.Debug", to avoid
flooding the server's log in a busy production instance.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-06 16:52:41 +00:00
Lunny Xiao
45ac90eb54
Sync branches when mirroring (#25722)
Caused by #22743

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-07-06 13:18:37 +02:00
silverwind
88f835192d
Replace interface{} with any (#25686)
Result of running `perl -p -i -e 's#interface\{\}#any#g' **/*` and `make fmt`.

Basically the same [as golang did](2580d0e08d).
2023-07-04 18:36:08 +00:00
Lunny Xiao
f35ea2b09a
Add elapsed time on debug for slow git commands (#25642)
To record which command is slow, this PR adds a debug log for slow git
operations.

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: delvh <dev.lh@web.de>
2023-07-04 16:22:37 +00:00
Earl Warren
43c9a84ae5
Add unit test for HashAvatar (#25662)
- Add 100% unit test for this function.

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-07-04 12:43:38 +00:00
Jason Song
9958642502
Fix issues indexer document mapping (#25619)
Fix regression of #5363 (so long ago).

The old code definded a document mapping for `issueIndexerDocType`, and
assigned it to `BleveIndexerData` as its type. (`BleveIndexerData` has
been renamed to `IndexerData` in #25174, but nothing more.) But the old
code never used `BleveIndexerData`, it wrote the index with an anonymous
struct type. Nonetheless, bleve would use the default auto-mapping for
struct it didn't know, so the indexer still worked. This means the
custom document mapping was always dead code.

The custom document mapping is not useless, it can reduce index storage,
this PR brings it back and disable default mapping to prevent it from
happening again. Since `IndexerData`(`BleveIndexerData`) has JSON tags,
and bleve uses them first, so we should use `repo_id` as the field name
instead of `RepoID`.

I did a test to compare the storage size before and after this, with
about 3k real comments that were migrated from some public repos.

Before:

```text
[ 160]  .
├── [  42]  index_meta.json
├── [  13]  rupture_meta.json
└── [ 128]  store
    ├── [6.9M]  00000000005d.zap
    └── [256K]  root.bolt
```

After:

```text
[ 160]  .
├── [  42]  index_meta.json
├── [  13]  rupture_meta.json
└── [ 128]  store
    ├── [3.5M]  000000000065.zap
    └── [256K]  root.bolt
```

It saves about half the storage space.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-04 09:05:28 +00:00
KN4CK3R
c890454769
Add direct serving of package content (#25543)
Fixes #24723

Direct serving of content aka HTTP redirect is not mentioned in any of
the package registry specs but lots of official registries do that so it
should be supported by the usual clients.
2023-07-03 15:33:28 +02:00
techknowlogick
469d89b95a
Set SSH_AUTHORIZED_KEYS_BACKUP to false (#25412)
This prevents the disk from overflowing with auth keys file

Fixes #17117

## ⚠️ BREAKING

This changes the default option for creating a backup of the authorized
key file when an update is made to default to false.
2023-07-01 04:07:48 +00:00
Lunny Xiao
65acd1e9ef
Fix branch commit message too long problem (#25588)
When branch's commit CommitMessage is too long, the column maybe too
short.(TEXT 16K for mysql).
This PR will fix it to only store the summary because these message will
only show on branch list or possible future search?
2023-06-30 17:03:05 +08:00
Jason Song
67bd9d4f1e
Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581)
Resolve #24789

## ⚠️ BREAKING ⚠️

Before this, `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like
`https://gitea.com` or `http://your-git-server,https://gitea.com`, and
the default value was `https://gitea.com`.

But now, `DEFAULT_ACTIONS_URL` supports only
`github`(`https://github.com`) or `self`(the root url of current Gitea
instance), and the default value is `github`.

If it has configured with a URL, an error log will be displayed and it
will fallback to `github`.

Actually, what we really want to do is always make it
`https://github.com`, however, this may not be acceptable for some
instances of internal use, so there's extra support for `self`, but no
more, even `https://gitea.com`.

Please note that `uses: https://xxx/yyy/zzz` always works and it does
exactly what it is supposed to do.

Although it's breaking, I belive it should be backported to `v1.20` due
to some security issues.

Follow-up on the runner side:

- https://gitea.com/gitea/act_runner/pulls/262
- https://gitea.com/gitea/act/pulls/70
2023-06-30 07:26:36 +00:00
JakobDev
254a82842a
Add API for changing Avatars (#25369)
This adds an API for uploading and Deleting Avatars for of Users, Repos
and Organisations. I'm not sure, if this should also be added to the
Admin API.

Resolves #25344

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-29 23:22:55 +00:00
isla w
e882398c5a
Update emoji set to Unicode 15 (#25595)
Update emoji set to Unicode 15 which was added upstream here:
cb5c514d47

<img width="854" alt="Screenshot 2023-06-29 at 11 02 56 AM"
src="https://github.com/go-gitea/gitea/assets/1669571/7bfb663d-0804-4d23-a62d-f585a6783ca6">

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-29 16:29:48 +00:00
Lunny Xiao
6e19484f4d
Sync branches into databases (#22743)
Related #14180
Related #25233 
Related #22639
Close #19786
Related #12763 

This PR will change all the branches retrieve method from reading git
data to read database to reduce git read operations.

- [x] Sync git branches information into database when push git data
- [x] Create a new table `Branch`, merge some columns of `DeletedBranch`
into `Branch` table and drop the table `DeletedBranch`.
- [x] Read `Branch` table when visit `code` -> `branch` page
- [x] Read `Branch` table when list branch names in `code` page dropdown
- [x] Read `Branch` table when list git ref compare page
- [x] Provide a button in admin page to manually sync all branches.
- [x] Sync branches if repository is not empty but database branches are
empty when visiting pages with branches list
- [x] Use `commit_time desc` as the default FindBranch order by to keep
consistent as before and deleted branches will be always at the end.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-06-29 10:03:20 +00:00
Vitaliy Filippov
f0b773e0ce
Support downloading raw task logs (#24451)
Hi!
This pull request adds support for downloading raw task logs for Gitea
Actions, similar to Github Actions
It looks like the following:

![image](https://user-images.githubusercontent.com/945339/235376746-405d5019-710b-468b-8113-9e82eab8e752.png)
2023-06-29 10:58:56 +08:00
a1012112796
4aba8a6a5f
Split lfs size from repository size (#22900)
releated to #21820

- Split `Size` in repository table as two new colunms, one is `GitSize`
for git size, the other is `LFSSize` for lfs data. still store full size
in `Size` colunm.
- Show full size on ui, but show each of them by a `title`;  example:

![image](https://user-images.githubusercontent.com/25342410/218636251-e200f085-d7e7-4a25-9ff1-b586a63e07a9.png)

- Return full size in api response.

---------

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: DmitryFrolovTri <23313323+DmitryFrolovTri@users.noreply.github.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-28 22:41:02 +00:00
wxiaoguang
b4d0036fc3
Do not prepare oauth2 config if it is not enabled, do not write config in some sub-commands (#25567)
Ref:

* https://github.com/go-gitea/gitea/issues/25377#issuecomment-1609757289

And some sub-commands like "generate" / "docs", they do not need to use
the ini config
2023-06-28 23:30:06 +02:00
Jason Song
6daf21c9b7
Fix content holes in Actions task logs file (#25560)
Fix #25451.

Bugfixes:
- When stopping the zombie or endless tasks, set `LogInStorage` to true
after transferring the file to storage. It was missing, it could write
to a nonexistent file in DBFS because `LogInStorage` was false.
- Always update `ActionTask.Updated` when there's a new state reported
by the runner, even if there's no change. This is to avoid the task
being judged as a zombie task.

Enhancement:
- Support `Stat()` for DBFS file.
- `WriteLogs` refuses to write if it could result in content holes.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-28 19:07:29 +02:00
wxiaoguang
65d3e1161b
Fix sub-command log level (#25537)
More fix for #24981

* #24981


Close #22361

* #22361

There were many patches for Gitea's sub-commands to satisfy the facts:

* Some sub-commands shouldn't output any log, otherwise the git protocol
would be broken
* Sometimes the users want to see "verbose" or "quiet" outputs

That's a longstanding problem, and very fragile. This PR is only a quick
patch for the problem.

In the future, the sub-command system should be refactored to a clear
solution.

----

Other changes:

* Use `ReplaceAllWriters` to replace
`RemoveAllWriters().AddWriters(writer)`, then it's an atomic operation.
* Remove unnecessary `syncLevelInternal` calls, because
`AddWriters/addWritersInternal` already calls it.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-28 08:02:06 +02:00
Lunny Xiao
d44a415bf0
Add Adopt repository event and handler (#25497)
Fix #14304

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-06-26 06:59:15 +00:00
Zettat123
48e5a74f21
Support pull_request_target event (#25229)
Fix #25088

This PR adds the support for
[`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target)
workflow trigger. `pull_request_target` is similar to `pull_request`,
but the workflow triggered by the `pull_request_target` event runs in
the context of the base branch of the pull request rather than the head
branch. Since the workflow from the base is considered trusted, it can
access the secrets and doesn't need approvals to run.
2023-06-26 14:33:18 +08:00
wxiaoguang
cc1d61f1f5
Use InitWorkPathAndCfgProvider for environment-to-ini to avoid unnecessary checks (#25480)
Fix #25481

The `InitWorkPathAndCommonConfig` calls `LoadCommonSettings` which does
many checks like "current user is root or not".

Some commands like "environment-to-ini" shouldn't do such check, because
it might be run with "root" user at the moment (eg: the docker's setup
script)

ps: in the future, the docker's setup script should be improved to avoid
Gitea's command running with "root"
2023-06-24 09:13:35 +00:00
Jason Song
3c7f5ed7b5
Fix Init of db indexer (#25470)
Fix regression of #25174.

The `Init` of the db indexer should return true to indicate that the
index was opened/existed, or the indexer will try to populate the index
(not really populate, just fill the queue, `Index` method of the db
indexer is a dummy).
2023-06-23 14:39:52 +00:00
Jason Song
375fd15fbf
Refactor indexer (#25174)
Refactor `modules/indexer` to make it more maintainable. And it can be
easier to support more features. I'm trying to solve some of issue
searching, this is a precursor to making functional changes.

Current supported engines and the index versions:

| engines | issues | code |
| - | - | - |
| db | Just a wrapper for database queries, doesn't need version | - |
| bleve | The version of index is **2** | The version of index is **6**
|
| elasticsearch | The old index has no version, will be treated as
version **0** in this PR | The version of index is **1** |
| meilisearch | The old index has no version, will be treated as version
**0** in this PR | - |


## Changes

### Split

Splited it into mutiple packages

```text
indexer
├── internal
│   ├── bleve
│   ├── db
│   ├── elasticsearch
│   └── meilisearch
├── code
│   ├── bleve
│   ├── elasticsearch
│   └── internal
└── issues
    ├── bleve
    ├── db
    ├── elasticsearch
    ├── internal
    └── meilisearch
```

- `indexer/interanal`: Internal shared package for indexer.
- `indexer/interanal/[engine]`: Internal shared package for each engine
(bleve/db/elasticsearch/meilisearch).
- `indexer/code`: Implementations for code indexer.
- `indexer/code/internal`: Internal shared package for code indexer.
- `indexer/code/[engine]`: Implementation via each engine for code
indexer.
- `indexer/issues`: Implementations for issues indexer.

### Deduplication

- Combine `Init/Ping/Close` for code indexer and issues indexer.
- ~Combine `issues.indexerHolder` and `code.wrappedIndexer` to
`internal.IndexHolder`.~ Remove it, use dummy indexer instead when the
indexer is not ready.
- Duplicate two copies of creating ES clients.
- Duplicate two copies of `indexerID()`.


### Enhancement

- [x] Support index version for elasticsearch issues indexer, the old
index without version will be treated as version 0.
- [x] Fix spell of `elastic_search/ElasticSearch`, it should be
`Elasticsearch`.
- [x] Improve versioning of ES index. We don't need `Aliases`:
- Gitea does't need aliases for "Zero Downtime" because it never delete
old indexes.
- The old code of issues indexer uses the orignal name to create issue
index, so it's tricky to convert it to an alias.
- [x] Support index version for meilisearch issues indexer, the old
index without version will be treated as version 0.
- [x] Do "ping" only when `Ping` has been called, don't ping
periodically and cache the status.
- [x] Support the context parameter whenever possible.
- [x] Fix outdated example config.
- [x] Give up the requeue logic of issues indexer: When indexing fails,
call Ping to check if it was caused by the engine being unavailable, and
only requeue the task if the engine is unavailable.
- It is fragile and tricky, could cause data losing (It did happen when
I was doing some tests for this PR). And it works for ES only.
- Just always requeue the failed task, if it caused by bad data, it's a
bug of Gitea which should be fixed.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-23 12:37:56 +00:00
6543
b0215c40cd
Store and use seconds for timeline time comments (#25392)
this will allow us to fully localize it later

PS: we can not migrate back as the old value was a one-way conversion


prepare for  #25213

---
*Sponsored by Kithara Software GmbH*
2023-06-23 12:12:39 +00:00
techknowlogick
c0fc53e226
Import additional secrets via file uri (#25408) 2023-06-23 00:16:12 +00:00
silverwind
d2142ba3c3
Update octicons and use octicon-file-directory-symlink (#25453)
Make use of the [new
octicon](https://github.com/primer/octicons/issues/945) that indicates a
symlink to a directory:

<img width="189" alt="Screenshot 2023-06-22 at 22 50 57"
src="https://github.com/go-gitea/gitea/assets/115237/a70690ea-ebfc-48fe-af23-cdc33bcb2098">
2023-06-22 22:05:52 +00:00
Jason Song
174213530d
Fix Permission in API returned repository struct (#25388)
The old code generates `structs.Repository.Permissions` with only
`access.Permission.AccessMode`, however, it should check the units too,
or the value could be incorrect. For example,
`structs.Repository.Permissions.Push` could be false even the doer has
write access to code unit.

Should fix
https://github.com/renovatebot/renovate/issues/14059#issuecomment-1047961128
(Not reported by it, I just found it when I was looking into this bug)

---

Review tips:

The major changes are
- `modules/structs/repo.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-870406f6857117f8b03611c43fca0ab9ed6d6e76a2d0069a7c1f17e8fa9092f7
- `services/convert/repository.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-7736f6d2ae894c9edb7729a80ab89aa183b888a26a811a0c1fdebd18726a7101

And other changes are passive.
2023-06-22 13:08:08 +00:00
John Olheiser
8afc1b1cb5
Move some regexp out of functions (#25430)
/cc @KN4CK3R
https://github.com/go-gitea/gitea/pull/25294#discussion_r1237425343

I also searched the codebase and found a few more.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-06-21 19:57:18 +00:00
wxiaoguang
ce46834b93
Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413)
In modern days, there is no reason to make users set "charset" anymore.

Close #25378

## ⚠️ BREAKING

The key `[database].CHARSET` was removed completely as every newer
(>10years) MySQL database supports `utf8mb4` already.
There is a (deliberately) undocumented new fallback option if anyone
still needs to use it, but we don't recommend using it as it simply
causes problems.
2023-06-21 10:49:25 +00:00
Jason Song
59d2189875
Fix missing commit message body when the message has leading newlines (#25418)
Commit with `echo "\nmessage after a blank line\nsecond line of the
message" | git commit --cleanup=verbatim -F -` and push.

<img width="1139" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/f9a2c28c-e307-4c78-9e31-3d3ace7b9274">
2023-06-21 09:14:34 +00:00
wxiaoguang
2cdf260f42
Refactor path & config system (#25330)
# The problem

There were many "path tricks":

* By default, Gitea uses its program directory as its work path
* Gitea tries to use the "work path" to guess its "custom path" and
"custom conf (app.ini)"
* Users might want to use other directories as work path
* The non-default work path should be passed to Gitea by GITEA_WORK_DIR
or "--work-path"
* But some Gitea processes are started without these values
    * The "serv" process started by OpenSSH server
    * The CLI sub-commands started by site admin
* The paths are guessed by SetCustomPathAndConf again and again
* The default values of "work path / custom path / custom conf" can be
changed when compiling

# The solution

* Use `InitWorkPathAndCommonConfig` to handle these path tricks, and use
test code to cover its behaviors.
* When Gitea's web server runs, write the WORK_PATH to "app.ini", this
value must be the most correct one, because if this value is not right,
users would find that the web UI doesn't work and then they should be
able to fix it.
* Then all other sub-commands can use the WORK_PATH in app.ini to
initialize their paths.
* By the way, when Gitea starts for git protocol, it shouldn't output
any log, otherwise the git protocol gets broken and client blocks
forever.

The "work path" priority is: WORK_PATH in app.ini > cmd arg --work-path
> env var GITEA_WORK_DIR > builtin default

The "app.ini" searching order is: cmd arg --config > cmd arg "work path
/ custom path" > env var "work path / custom path" > builtin default


## ⚠️ BREAKING

If your instance's "work path / custom path / custom conf" doesn't meet
the requirements (eg: work path must be absolute), Gitea will report a
fatal error and exit. You need to set these values according to the
error log.



----

Close #24818
Close #24222
Close #21606
Close #21498
Close #25107
Close #24981
Maybe close #24503

Replace #23301
Replace #22754

And maybe more
2023-06-21 13:50:26 +08:00
wxiaoguang
df5cf5ddbd
Avoid polluting config file when "save" (#25395)
That's a longstanding INI package problem: the "MustXxx" calls change
the option values, and the following "Save" will save a lot of garbage
options into the user's config file.

Ideally we should refactor the INI package to a clear solution, but it's
a huge work.

A clear workaround is what this PR does: when "Save", load a clear INI
instance and save it.

Partially fix #25377, the "install" page needs more fine tunes.
2023-06-21 10:31:40 +08:00
Kyle D
8220e50b56
Substitute variables in path names of template repos too (#25294)
### Summary

Extend the template variable substitution to replace file paths. This
can be helpful for setting up log files & directories that should match
the repository name.

### PR Changes

 - Move files matching glob pattern when setting up repos from template
- For security, added ~escaping~ sanitization for cross-platform support
and to prevent directory traversal (thanks @silverwind for the
reference)
 - Added unit testing for escaping function 
- Fixed the integration tests for repo template generation by passing
the repo_template_id
- Updated the integration testfiles to add some variable substitution &
assert the outputs

I had to fix the existing repo template integration test and extend it
to add a check for variable substitutions.

Example:

![image](https://github.com/go-gitea/gitea/assets/12700993/621feb09-0ef3-460e-afa8-da74cd84fa4e)
2023-06-20 21:14:47 +00:00
wxiaoguang
a1c5057fe8
Batch delete issue and improve tippy opts (#25253)
1. Add "batch delete" button for selected issues, close #22273
2. Address the review in
https://github.com/go-gitea/gitea/pull/25219#discussion_r1229266083
2023-06-19 15:46:50 +08:00
wxiaoguang
a5d0246fff
Avoid polluting the config (#25345)
Caught by #25330

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-18 16:10:44 +00:00
wxiaoguang
4e2f1ee58d
Refactor web package and context package (#25298)
1. The "web" package shouldn't depends on "modules/context" package,
instead, let each "web context" register themselves to the "web"
package.
2. The old Init/Free doesn't make sense, so simplify it
* The ctx in "Init(ctx)" is never used, and shouldn't be used that way
* The "Free" is never called and shouldn't be called because the SSPI
instance is shared

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-18 09:59:09 +02:00
wxiaoguang
b71cb7acdc
Use fetch to send requests to create issues/comments (#25258)
Follow #23290

Network error won't make content lost. And this is a much better
approach than "loading-button".

The UI is not perfect and there are still some TODOs, they can be done
in following PRs, not a must in this PR's scope.

<details>


![image](https://github.com/go-gitea/gitea/assets/2114189/c94ba958-aa46-4747-8ddf-6584deeed25c)

</details>
2023-06-16 06:32:43 +00:00
Lunny Xiao
cc3910d8c3
Fix index generation parallelly failure (#25235)
Fix #22109

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-15 02:14:43 +02:00
HesterG
a43ea22479
Change form actions to fetch for submit review box (#25219)
Co-author: @wxiaoguang 

Close #25096 

The way to fix it in this PR is to change form submit to fetch using
formData, and add flags to avoid post repeatedly.
Should be able to apply to more forms that have the same issue after
this PR.

In the demo below, 'approve' is clicked several times, and then
'comment' is clicked several time after 'request changes' clicked.

After:


https://github.com/go-gitea/gitea/assets/17645053/beabeb1d-fe66-4b76-b048-4f022b4e83a0


Update: screenshots from /devtest

>
![image](https://user-images.githubusercontent.com/2114189/245680011-ee4231e0-a53d-4c2a-a9c2-71ccd98005cc.png)
> 
>
![image](https://user-images.githubusercontent.com/2114189/245680057-9215d348-63d8-406d-8828-17e171163aaa.png)
> 
>
![image](https://user-images.githubusercontent.com/2114189/245680148-89d7b3d1-d7b6-442f-b69e-eadaee112482.png)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 16:01:37 +08:00
Lunny Xiao
d6dd6d641b
Fix all possible setting error related storages and added some tests (#23911)
Follow up #22405

Fix #20703 

This PR rewrites storage configuration read sequences with some breaks
and tests. It becomes more strict than before and also fixed some
inherit problems.

- Move storage's MinioConfig struct into setting, so after the
configuration loading, the values will be stored into the struct but not
still on some section.
- All storages configurations should be stored on one section,
configuration items cannot be overrided by multiple sections. The
prioioty of configuration is `[attachment]` > `[storage.attachments]` |
`[storage.customized]` > `[storage]` > `default`
- For extra override configuration items, currently are `SERVE_DIRECT`,
`MINIO_BASE_PATH`, `MINIO_BUCKET`, which could be configured in another
section. The prioioty of the override configuration is `[attachment]` >
`[storage.attachments]` > `default`.
- Add more tests for storages configurations.
- Update the storage documentations.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 11:42:38 +08:00
silverwind
a51b115b0a
Use inline SVG for built-in OAuth providers (#25171)
The plan is that all built-in auth providers use inline SVG for more
flexibility in styling and to get the GitHub icon to follow
`currentcolor`. This only removes the `public/img/auth` directory and
adds the missing svgs to our svg build.

It should map the built-in providers to these SVGs and render them. If
the user has set a Icon URL, it should render that as an `img` tag
instead.

```
gitea-azure-ad
gitea-bitbucket
gitea-discord
gitea-dropbox
gitea-facebook
gitea-gitea
gitea-gitlab
gitea-google
gitea-mastodon
gitea-microsoftonline
gitea-nextcloud
gitea-twitter
gitea-yandex
octicon-mark-github
```

GitHub logo is now white again on dark theme:

<img width="431" alt="Screenshot 2023-06-12 at 21 45 34"
src="https://github.com/go-gitea/gitea/assets/115237/27a43504-d60a-4132-a502-336b25883e4d">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-13 10:51:02 +00:00
yp05327
22a39bb961
Fix profile render when the README.md size is larger than 1024 bytes (#25131)
Fixes https://github.com/go-gitea/gitea/issues/25094

`GetBlobContent` will only get the first 1024 bytes, if the README.md
size is larger than 1024 bytes,
We can not render the rest of them.
After this fix, we should provide the limited size to read when call
`GetBlobContent`.

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/22a42936-4cf8-40b4-a5c7-e384082beb0d)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-13 09:02:25 +00:00
Jonathan Tran
f62cd2f473
Fix task list checkbox toggle to work with YAML front matter (#25184)
Fixes #25160.

`data-source-position` of checkboxes in a task list was incorrect
whenever there was YAML front matter. This would result in issue content
or PR descriptions getting corrupted with random `x` or space characters
when a user checked or unchecked a task.
2023-06-13 14:44:47 +08:00
Lunny Xiao
419804fd4d
Fix compatible for webhook ref type (#25195)
Fix #25185 
Caused by #24634
2023-06-13 06:05:28 +00:00
Lauris BH
9aaaf980f0
Fix open redirect check for more cases (#25143)
If redirect_to parameter has set value starting with `\\example.com`
redirect will be created with header `Location: /\\example.com` that
will redirect to example.com domain.
2023-06-08 14:08:14 +00:00
Denys Konovalov
eac1bddb8d
fix swagger documentation for multiple files API endpoint (#25110)
Fixes some issues with the swagger documentation for the new multiple
files API endpoint (#24887) which were overlooked when submitting the
original PR:

1. add some missing parameter descriptions
2. set correct `required` option for required parameters
3. change endpoint description to match it full functionality (every
kind of file modification is supported, not just creating and updating)
2023-06-07 23:49:58 +08:00
Wim
62ac3251fa
Remove stars when repo goes private (#19904)
Fixes #18600
2023-06-05 13:25:43 +00:00
Lunny Xiao
3d1fda737b
Use git command instead of the ini package to remove the origin remote (#25066) 2023-06-05 18:05:31 +08:00
Denys Konovalov
ca35dec18b
Add ability to set multiple redirect URIs in OAuth application UI (#25072)
OAuth applications can already have multiple redirect URIs if
created/edited over API.

This change allows for setting multiple redirect URIs through the UI as
a comma-separated list (e. g.
`https://example.org/redirect,https://redirect.example.org`)

<details>
<summary>Screenshots</summary>

![Bildschirmfoto vom 2023-06-04
17-14-40](https://github.com/go-gitea/gitea/assets/47871822/2206dc32-e7e4-4953-9ecb-e098890b3f54)
![Bildschirmfoto vom 2023-06-04
17-14-50](https://github.com/go-gitea/gitea/assets/47871822/cd97c73c-9310-44ee-a83a-b927a1ef94da)

</details>

Closes #25068
2023-06-05 15:00:12 +08:00
Jack Hay
18de83b2a3
Redesign Scoped Access Tokens (#24767)
## Changes
- Adds the following high level access scopes, each with `read` and
`write` levels:
    - `activitypub`
    - `admin` (hidden if user is not a site admin)
    - `misc`
    - `notification`
    - `organization`
    - `package`
    - `issue`
    - `repository`
    - `user`
- Adds new middleware function `tokenRequiresScopes()` in addition to
`reqToken()`
  -  `tokenRequiresScopes()` is used for each high-level api section
- _if_ a scoped token is present, checks that the required scope is
included based on the section and HTTP method
  - `reqToken()` is used for individual routes
- checks that required authentication is present (but does not check
scope levels as this will already have been handled by
`tokenRequiresScopes()`
- Adds migration to convert old scoped access tokens to the new set of
scopes
- Updates the user interface for scope selection

### User interface example
<img width="903" alt="Screen Shot 2023-05-31 at 1 56 55 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/654766ec-2143-4f59-9037-3b51600e32f3">
<img width="917" alt="Screen Shot 2023-05-31 at 1 56 43 PM"
src="https://github.com/go-gitea/gitea/assets/23248839/1ad64081-012c-4a73-b393-66b30352654c">

## tokenRequiresScopes  Design Decision
- `tokenRequiresScopes()` was added to more reliably cover api routes.
For an incoming request, this function uses the given scope category
(say `AccessTokenScopeCategoryOrganization`) and the HTTP method (say
`DELETE`) and verifies that any scoped tokens in use include
`delete:organization`.
- `reqToken()` is used to enforce auth for individual routes that
require it. If a scoped token is not present for a request,
`tokenRequiresScopes()` will not return an error

## TODO
- [x] Alphabetize scope categories
- [x] Change 'public repos only' to a radio button (private vs public).
Also expand this to organizations
- [X] Disable token creation if no scopes selected. Alternatively, show
warning
- [x] `reqToken()` is missing from many `POST/DELETE` routes in the api.
`tokenRequiresScopes()` only checks that a given token has the correct
scope, `reqToken()` must be used to check that a token (or some other
auth) is present.
   -  _This should be addressed in this PR_
- [x] The migration should be reviewed very carefully in order to
minimize access changes to existing user tokens.
   - _This should be addressed in this PR_
- [x] Link to api to swagger documentation, clarify what
read/write/delete levels correspond to
- [x] Review cases where more than one scope is needed as this directly
deviates from the api definition.
   - _This should be addressed in this PR_
   - For example: 
   ```go
	m.Group("/users/{username}/orgs", func() {
		m.Get("", reqToken(), org.ListUserOrgs)
		m.Get("/{org}/permissions", reqToken(), org.GetUserOrgsPermissions)
}, tokenRequiresScopes(auth_model.AccessTokenScopeCategoryUser,
auth_model.AccessTokenScopeCategoryOrganization),
context_service.UserAssignmentAPI())
   ```

## Future improvements
- [ ] Add required scopes to swagger documentation
- [ ] Redesign `reqToken()` to be opt-out rather than opt-in
- [ ] Subdivide scopes like `repository`
- [ ] Once a token is created, if it has no scopes, we should display
text instead of an empty bullet point
- [ ] If the 'public repos only' option is selected, should read
categories be selected by default

Closes #24501
Closes #24799

Co-authored-by: Jonathan Tran <jon@allspice.io>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-06-04 20:57:16 +02:00
wxiaoguang
520eb57d76
Use a separate admin page to show global stats, remove actions stat (#25062)
Before, Gitea shows the database table stats on the `admin dashboard`
page.

It has some problems:

* `count(*)` is quite heavy. If tables have many records, this blocks
loading the admin page blocks for a long time
* Some users had even reported issues that they can't visit their admin
page because this page causes blocking or `50x error (reverse proxy
timeout)`
* The `actions` stat is not useful. The table is simply too large. Does
it really matter if it contains 1,000,000 rows or 9,999,999 rows?
* The translation `admin.dashboard.statistic_info` is difficult to
maintain.

So, this PR uses a separate page to show the stats and removes the
`actions` stat.


![image](https://github.com/go-gitea/gitea/assets/2114189/babf7c61-b93b-4a62-bfaa-22983636427e)

## ⚠️ BREAKING

The `actions` Prometheus metrics collector has been removed for the
reasons mentioned beforehand.
Please do not rely on its output anymore.
2023-06-03 22:03:41 +08:00
wxiaoguang
de4a21fcb4
Refactor INI package (first step) (#25024)
The INI package has many bugs and quirks, and in fact it is
unmaintained.

This PR is the first step for the INI package refactoring: 

* Use Gitea's "config_provider" to provide INI access
* Deprecate the INI package by golangci.yml rule
2023-06-02 17:27:30 +08:00
谈笑风生间
a5acec329e
Rename NotifyPullReviewRequest to NotifyPullRequestReviewRequest (#24988)
after #24481

To keep consistent, maybe pull_request_review_request is better.

## what my pull request does

Rename NotifyPullReviewRequest to NotifyPullRequestReviewRequest.

<img width="1087" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/2cf91f02-74f2-42fe-a998-0a039b821d8d">
2023-05-31 15:54:46 +08:00
silverwind
50bd7d0b24
Remove the service worker (#25010)
It's been disabled by default since 1.17
(https://github.com/go-gitea/gitea/pull/18914), and it never really
delivered any benefit except being another cache layer that has its own
unsolved invalidation issues. HTTP cache works, we don't need two cache
layers at the browser for assets.

## ⚠️ BREAKING

You can remove the config `[ui].USE_SERVICE_WORKER` from your `app.ini`
now.
2023-05-31 02:07:04 +00:00
Lunny Xiao
faae819f5d
revert the removed method to fix tmpl break on graph page (#25005)
Fix #24996 
Caused by #24634
2023-05-30 21:36:58 +08:00
wxiaoguang
ca5f302876
Fix admin config page error, use tests to cover the admin config and 500 error page (#24965)
The admin config page has been broken for many many times, a little
refactoring would make this page panic.

So, add a test for it, and add another test to cover the 500 error page.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-29 15:00:21 +00:00
Denys Konovalov
275d4b7e3f
API endpoint for changing/creating/deleting multiple files (#24887)
This PR creates an API endpoint for creating/updating/deleting multiple
files in one API call similar to the solution provided by
[GitLab](https://docs.gitlab.com/ee/api/commits.html#create-a-commit-with-multiple-files-and-actions).

To archive this, the CreateOrUpdateRepoFile and DeleteRepoFIle functions
in files service are unified into one function supporting multiple files
and actions.

Resolves #14619
2023-05-29 17:41:35 +08:00
wxiaoguang
84c8ab9fd1
Help to recover from corrupted levelqueue (#24912)
gitea.com experienced the corrupted LevelQueue bug again.

I think the problem is clear now: if the keys in LevelDB went
out-of-sync, the LevelQueue itself doesn't have the ability to recover,
eg:

* LevelQueue.Len() reports 100
* LevelQueue.LPop() reports ErrNotFound = errors.New("no key found")

So it needs to dive into the LevelDB to remove all keys to recover the
corrupted LevelQueue.

More comments are in TestCorruptedLevelQueue.
2023-05-29 10:52:32 +08:00
silverwind
c7612d178c
Remove meta tags theme-color and default-theme (#24960)
As discussed in
https://github.com/go-gitea/gitea/pull/24953#issuecomment-1565630156.

## ⚠️ BREAKING ⚠️

1. The `ui.THEME_COLOR_META_TAG` setting has been removed. If you still
need to set the `theme-color` meta tag, add it via
`$GITEA_CUSTOM/templates/custom/header.tmpl` instead.

2. The non-standard `default-theme` meta-tag added in
https://github.com/go-gitea/gitea/pull/13809 has been removed. Third
party code that needs to obtain the currently loaded theme should use
the `theme-<name>` class on the `<html>` node instead, which reflect the
currently active theme.
2023-05-28 22:33:17 +00:00
wxiaoguang
2f149c5c9d
Use [git.config] for reflog cleaning up (#24958)
Follow
https://github.com/go-gitea/gitea/pull/24860#discussion_r1200589651

Use `[git.config]` for reflog cleaning up, the new options are more
flexible.

*
https://git-scm.com/docs/git-config#Documentation/git-config.txt-corelogAllRefUpdates
*
https://git-scm.com/docs/git-config#Documentation/git-config.txt-gcreflogExpire

## ⚠️ BREAKING

The section `[git.reflog]` is now obsolete and its keys have been moved
to the following replacements:
- `[git.reflog].ENABLED` → `[git.config].core.logAllRefUpdates`
- `[git.reflog].EXPIRATION` → `[git.config].gc.reflogExpire`
2023-05-28 01:07:14 +00:00