Commit graph

699 commits

Author SHA1 Message Date
0ko
bba1884582 Add integration test for TrSize 2024-03-30 21:10:47 +05:00
wxiaoguang
ea4755be6d
Relax generic package filename restrictions (#30135)
Now, the chars `=:;()[]{}~!@#$%^ &` are possible as well
Fixes #30134

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 1ad48f781eb0681561b083b49dfeff84ba51f2fe)
2024-03-30 07:17:31 +01:00
crazeteam
3aa6f17e1e
Remove repetitive words (#30091)
remove repetitive words

Signed-off-by: crazeteam <lilujing@outlook.com>
(cherry picked from commit ecbc9cee2b69cd9707acb1e23ccbca048484c460)
2024-03-30 07:17:30 +01:00
Lunny Xiao
3ba127c618
[Port] gitea#29999: Fix Add/Remove WIP on pull request title failure
Fix #29997

---

Conflict resolution:
- Use Forgejo's user blocking feature (services/issue/issue.go)
- Trivial (tests/integration/pull_review_test.go)
Ref: https://codeberg.org/forgejo/forgejo/pulls/2872
(cherry picked from commit 475b6e839caa88994318f905f0965c3b418f876a)
2024-03-29 12:21:51 +01:00
Gusted
79b7089360
[FEAT] Configure if protected branch rule should apply to admins
- Currently protected branch rules do not apply to admins, however in
some cases (like in the case of Forgejo project) you might also want to
apply these rules to admins to avoid accidental merges.
- Add new option to configure this on a per-rule basis.
- Adds integration tests.
- Resolves #65
2024-03-29 00:21:49 +01:00
Earl Warren
6bf6a473cf Merge pull request '[BUG] Do not allow deletion of internal references' (#2834) from gusted/forgejo-internal-reference into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2834
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-28 16:53:53 +00:00
Earl Warren
340aa1960e Merge pull request '[Port] gitea#29842: Notify reviewers added via CODEOWNERS' (#2855) from gusted/forgejo-port-29842 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2855
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-28 16:40:17 +00:00
silverwind
1ee494a045
[Port] gitea#29982 Introduce .secondary-nav and handle .page-content spacing universally
Fixes: https://github.com/go-gitea/gitea/issues/29981. Introduce
`.secondary-nav` as a universal way for styling and margin adjustments
inside `.page-content`.

If the first child of `.page-content` is `.secondary-nav`, we add margin
below it, otherwise we add padding to the first child. Notable changes:

- `--color-header-wrapper` is replaced with `--color-secondary-nav-bg`.
- `navbar` class is removed.

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

---

Conflict resolution: Trivial conflict & changed selector to reflect new
classes.
Ref: https://codeberg.org/forgejo/forgejo/issues/2776
(cherry picked from commit 3ccda41a539b8ba7841919ee12dc2877ddc03818)
2024-03-28 16:43:09 +01:00
Jimmy Praet
003881b06d
[Port] gitea#29842: Notify reviewers added via CODEOWNERS
Fixes https://github.com/go-gitea/gitea/issues/28297

This PR also fixed a problem that it needs a database transaction when
removing the WIP title.

---

Resolves #2771
Also partially ports gitea#29783

(cherry picked from commit 17d7ab5ad4ce3d0fbc1251572c22687c237a30b1)
2024-03-28 14:58:39 +01:00
Earl Warren
26f6a3b578 Merge pull request 'Revert "avoid superfluous synchronized pull_request run when opening a PR"' (#2848) from earl-warren/forgejo:wip-revert-bad-race-fix into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2848
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-03-28 10:38:55 +00:00
Earl Warren
327deee2d7 Merge pull request '[PORT] Support repo code search without setting up an indexer (gitea#29998)' (#2813) from snematoda/port-git-grep into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2813
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-28 08:15:47 +00:00
Earl Warren
ceea9c4334
Revert "avoid superfluous synchronized pull_request run when opening a PR"
The fix against the race incorrectly assumes the sha of the commit being
pushed belongs to the base repository. It finds the highest possible
pull request ID from the head repository instead of looking it up in
the base repository.

Figuring out if a PR was created in the future based on the highest
index of the base repository would require collecting all of them
because there is no way to know in advance which repository may be
involved in the race.

Fixing this race can be done either by:

* Introducing a new field in the pull_request table https://codeberg.org/forgejo/forgejo/pulls/2842
  which feels more like a hack than a real solution
* Refactoring the logic
  which would be a significant undertaking

The race has been in the codebase for a very long time and manifests
itself in the CI, when events happen in quick succession. The only
concrete manifestation was however fixed by https://codeberg.org/forgejo/forgejo/issues/2009

Since this race now only exists in theory and not in practice, let's
revert this bugous commit until a proper solution is implemented.

Fixes: https://codeberg.org/forgejo/forgejo/issues/2817

This reverts commit 036f1eddc5.

Conflicts:
	services/pull/pull.go
2024-03-28 07:08:17 +01:00
Shiny Nematoda
488a99fb56 Reverts commits releated to git-grep
This reverts commit
	51fb6f3983
	71a72d8a22f2ba5d08415542371f3529a01571dd
2024-03-28 05:09:41 +00:00
oliverpool
5785ae72c7 [TESTS] prevent overriding testlogger when calling mainApp 2024-03-27 22:54:13 +01:00
oliverpool
c0dd92e9c5 [REFACTOR] webhook move edit endpoints 2024-03-27 22:26:55 +01:00
oliverpool
635230ca5d [TESTS] webhook forms keep submitted data when invalid 2024-03-27 22:26:55 +01:00
Gusted
9d82059840
[BUG] Do not allow deletion of internal references
- Currently it's possible to modify remote references such as
`refs/pull/<idx>/head` and `refs/heads/<branch>`.
- Disallow that the pull request reference is deleted, as this should
not be at the control of the user. Doing so would result in
inconsistencies within Forgejo and lead to internal server errors when
trying access the pull request, this action should be reserved for
Forgejo.
- Do this by utilizing the `update` hook, which process each reference
individually and therefore allow to only skip deleting internal
references and still allow other modifications that is being done in
the same push.
- Ref: https://codeberg.org/Codeberg/Community/issues/1517
2024-03-27 18:27:00 +01:00
oliverpool
8dfbbfef07 [REFACTOR] webhook matrix endpoints 2024-03-27 15:38:38 +01:00
Earl Warren
e41e18f87e Merge pull request '[REFACTOR] webhook.Handler interface' (#2758) from oliverpool/forgejo:webhook_2_interface into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2758
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-27 13:45:04 +00:00
Earl Warren
ac672fc3ff Merge pull request '[ACTIONS] port scheduled actions from Gitea' (#2826) from earl-warren/forgejo:wip-gitea-schedule into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2826
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-27 06:23:56 +00:00
6543
ab5f0b7558
Determine fuzziness of bleve indexer by keyword length (#29706)
also bleve did match on fuzzy search and the other way around. this also fix that bug.

(cherry picked from commit b9c57fb78e8e0d80d786d8e1da433b6c7ebf2f1c)

Conflicts:
	tests/integration/repo_search_test.go
	simple conflict resolution in the tests
2024-03-26 19:04:27 +01:00
silverwind
3ea7437fa6
Fix incorrect tailwind migration (#30007)
Fixes https://github.com/go-gitea/gitea/issues/30005. Regression from
https://github.com/go-gitea/gitea/pull/29945.

There was only once instance of `tw-content-center` before that PR, so I
just ran below command and reverted that one instance.

```sh
perl -p -i -e 's#tw-content-center#tw-items-center#g' web_src/js/**/* templates/**/* models/**/* tests/**/*
```

(cherry picked from commit 04f9ad056882fc3f21b247b16f84437adf0f36d8)

Conflicts:
	templates/repo/diff/conversation.tmpl
	templates/repo/header.tmpl
	templates/repo/issue/filter_list.tmpl
	templates/repo/issue/view_content/conversation.tmpl
	templates/repo/wiki/view.tmpl
	web_src/js/components/DashboardRepoList.vue
	re-ran the command after discarding the Gitea changes to
	ensure all Forgejo files are also covered
2024-03-26 19:04:27 +01:00
silverwind
2befd9a3cf
Replace 10 more gt- classes with tw- (#29945)
Likely the biggest change of the tailwind refactors. Only thing of note
is that `tw-flex-1` resolves to `flex: 1 1 0%` while our `gt-f1` was
`flex: 1 1 0`, I don't think it will make any difference. Commands I've
ran:

```sh
perl -p -i -e 's#gt-vm#tw-align-middle#g' web_src/js/**/* templates/**/* models/**/*
perl -p -i -e 's#gt-fw#tw-flex-wrap#g' web_src/js/**/* templates/**/* models/**/*
perl -p -i -e 's#gt-f1#tw-flex-1#g' web_src/js/**/* templates/**/* models/**/*
perl -p -i -e 's#gt-fc#tw-flex-col#g' web_src/js/**/* templates/**/* models/**/*
perl -p -i -e 's#gt-sb#tw-justify-between#g' web_src/js/**/* templates/**/* models/**/*
perl -p -i -e 's#gt-je#tw-justify-end#g' web_src/js/**/* templates/**/* models/**/*
perl -p -i -e 's#gt-jc#tw-justify-center#g' web_src/js/**/* templates/**/* models/**/*
perl -p -i -e 's#gt-ac#tw-content-center#g' web_src/js/**/* templates/**/* models/**/* tests/**/*
perl -p -i -e 's#gt-df#tw-flex#g' web_src/js/**/* templates/**/* models/**/* tests/**/*
perl -p -i -e 's#gt-dib#tw-inline-block#g' web_src/js/**/* templates/**/* models/**/* tests/**/*

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit f88ad5424f381bf2a45fd863b551c5a72891bb68)

Conflicts:
	templates/repo/diff/conversation.tmpl
	templates/repo/header.tmpl
	templates/repo/issue/filter_actions.tmpl
	templates/repo/issue/filter_list.tmpl
	templates/repo/issue/view_content/conversation.tmpl
	templates/repo/release/list.tmpl
	templates/repo/wiki/view.tmpl
	web_src/js/components/DashboardRepoList.vue
	discard the proposed changes and prefer Forgejo. A followup
	commit will apply the same commands.
2024-03-26 19:04:27 +01:00
Lunny Xiao
d92c2048b3
Performance improvements for pull request list page (#29900)
This PR will avoid load pullrequest.Issue twice in pull request list
page. It will reduce x times database queries for those WIP pull
requests.

Partially fix #29585

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 62f8174aa2fae1481c7e17a6afcb731a5b178cd0)

Conflicts:
	models/activities/notification_list.go
	moved to models/activities/notification.go
2024-03-26 19:04:26 +01:00
Earl Warren
4061cb32f7
Remove unnecessary ".Link" usages (#29909) (part 2)
5143ebb507 Add rel="nofollow" to issue filter links

has a test that fails because it assumes the link starts with the link
where it now starts with a ?
2024-03-26 19:04:26 +01:00
wxiaoguang
c758c5612e
Remove unnecessary ".Link" usages (#29909)
In HTML, `?key=val` already means "use the current link with new query parameters"

(cherry picked from commit 4c476fa41dc29dc24afda0925023ae3d0b9707cd)

Conflicts:
	templates/repo/issue/filter_list.tmpl
	templates/shared/issuelist.tmpl
	trivial context conflict because the lines in Forgejo have rel=nofollow
2024-03-26 19:04:26 +01:00
Jason Song
18e95af24f
Restore deleted branches when syncing (#29898)
Regression of #29493. If a branch has been deleted, repushing it won't
restore it.

Lunny may have noticed that, but I didn't delve into the comment then
overlooked it:
https://github.com/go-gitea/gitea/pull/29493#discussion_r1509046867

The additional comments added are to explain the issue I found during
testing, which are unrelated to the fixes.

(cherry picked from commit f371f84fa3456c2a71470632b6458d81e4892a54)
2024-03-26 19:04:25 +01:00
yp05327
e8e8d14b53
Fix invalid link of the commit status when ref is tag (#29752)
Fix #29731
Caused by #24634
Also remove fixme.

ps: we can not fix the existed runs, as wrong refs are all recorded in
DB, and we can not know whether they are branch or tag:

![image](https://github.com/go-gitea/gitea/assets/18380374/cb7cf266-f73f-419a-be1a-4689fdd1952a)

(cherry picked from commit 98217b034076157547cf688cc10f47cd3275c872)

Conflicts:
	tests/integration/actions_trigger_test.go
	there is a need for more imports because the exist tests
	are done differently, using CreateDeclarativeRepo
2024-03-26 19:04:25 +01:00
Earl Warren
a117dfd2b1
[ACTIONS] port scheduled actions from Gitea
Refs: https://codeberg.org/forgejo/forgejo/issues/2798
2024-03-26 16:51:56 +01:00
Gusted
0f79122053
[BUG] Detect protected branch on branch rename
- If a branch cannot be renamed due to a protected branch rule, show
this error in the UI instead of throwing an internal server error.
- Add integration test (also simplify the existing one).
- Resolves #2751
2024-03-26 15:58:52 +01:00
Earl Warren
9397bfd276 Merge pull request 'Offer to remove WIP: prefix in sidebar' (#2660) from 0ko/forgejo:convert-to-normal into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2660
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-25 10:30:11 +00:00
oliverpool
702152bfde [REFACTOR] webhook.Handler interface 2024-03-24 10:35:06 +01:00
Earl Warren
5a18b74632 Merge pull request '[TESTS] fail when log.Error is called' (#2657) from oliverpool/forgejo:fail_test_on_log_error into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2657
2024-03-24 07:28:31 +00:00
oliverpool
7b576d0a5d activitypub: warn instead of error 2024-03-24 07:12:31 +01:00
oliverpool
2536c2db89 fix webhook fixtures 2024-03-24 07:11:19 +01:00
oliverpool
e43c6cd9df fail test when log.Error is called
except for some specific messages (to make the test pass for now)
2024-03-24 07:11:18 +01:00
Earl Warren
0bfd4ca532 Merge pull request 'Allow users to hide all "Add more units..." hints' (#2533) from algernon/forgejo:less-is-more into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2533
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-24 05:42:37 +00:00
oliverpool
33a3ee1955 [TESTS] webhook forms creation and edition 2024-03-23 23:02:06 +01:00
Gergely Nagy
87cd08539e
Update the TestRenderAlertBlocks integration test
The alert/callout blocks rendering has been changed in the previous few
commits, this adapts the test case that verifies them to the updated
output.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-23 15:38:43 +01:00
Gergely Nagy
6c330a85ec
Add tests for the "Open with" repository clone menu
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-23 11:58:54 +01:00
Gergely Nagy
3123725ff3
Revert "[GITEA] Configurable clone methods"
This reverts commit 1d8bca07f3.
2024-03-23 11:58:54 +01:00
0ko
60a9df1908
Add test for pull summary 2024-03-22 07:11:52 +01:00
0ko
8e1b6a4090 Add test for add/remove WIP link display 2024-03-21 19:33:02 +05:00
Gergely Nagy
36147f580c
Allow users to hide all "Add more units..." hints
Repositories displaying an "Add more..." tab on the header is a neat way
to let people discover they can enable more units. However, displaying
it all the time for repository owners, even when they deliberately do
not want to enable more units gets noisy very fast.

As such, this patch introduces a new setting which lets people disable
this hint under the appearance settings.

Fixes #2378.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-21 08:15:51 +01:00
Gergely Nagy
8433f3aa09
Fix repo badges when the label or text contains dashes
shields.io uses dashes to separate parts of the badge it needs to
return. If our label or text parts contain dashes, we need to encode
those for shields.io to recognise what we want it to do, and to have the
correct text on the badge, too.

Fortunately, this is as simple as replacing all dashes with double
dashes in both the label and the text parts. We do not need to do the
same for the color, because that part is not user controlled.

This fixes the badges for cases when a workflow name includes dashes, or
when a release's tag name does.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-20 22:41:20 +01:00
Earl Warren
84f33ead4e Merge pull request '[BUG] Reflect Cargo index state in settings' (#2698) from gusted/forgejo-cargo-index into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2698
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-20 11:38:26 +00:00
Earl Warren
468b879fe8 Merge pull request '[PORT] add skip ci support for pull request title (#29774)' (#2701) from earl-warren/forgejo:wip-gitea-skip-ci into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2701
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-03-20 11:34:49 +00:00
Gusted
461f925554
[BUG] Reflect Cargo index state in settings
- Currently in the Cargo section of the packages setting menu two
buttons are always shown, "Initalize index" and "Rebuild index", however
only of these should be shown depending on the state of the index, if
there's no index the "Initalize index" button should be shown and if
there's an index the "Rebuild index" button should be shown. This patch
does exactly that.
- Resolves #2628
2024-03-20 09:17:49 +01:00
norohind
d74f74a025
Fix PR creation via api between branches of same repo with head field namespaced (#26986)
Fix #20175

Current implementation of API does not allow creating pull requests
between branches of the same
repo when you specify *namespace* (owner of the repo) in `head` field in
http request body.

---

Although GitHub implementation of API allows performing such action and
since Gitea targeting
compatibility with GitHub API I see it as an appropriate change.

I'm proposing a fix to the described problem and test case which covers
this logic.

My use-case just in case:
https://github.com/go-gitea/gitea/issues/20175#issuecomment-1711283022

(cherry picked from commit ed02d1fab85c9b8206c0af84dcfc3792e61609cf)
2024-03-20 08:46:30 +01:00
Yarden Shoham
24305e4d09
Remove the time-since class (#29826)
It serves no purpose.

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 3f1e4896b6d71dc061e23fa2dcac4c1b7d412540)
2024-03-20 08:46:30 +01:00
yp05327
2da0628f18
Fix incorrect menu/link on webhook edit page (#29709)
Fix #29699

---------

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 2da13675c0cfdc531044553636c3b74f2fda3eb4)
2024-03-20 08:46:29 +01:00
Zettat123
2559c80bec
Add a warning for disallowed email domains (#29658)
Resolve #29660

Follow #29522 and #29609

Add a warning for disallowed email domains when admins manually add/edit
users.

Thanks @yp05327 for the
[comment](https://github.com/go-gitea/gitea/pull/29605#issuecomment-1980105119)

![image](https://github.com/go-gitea/gitea/assets/15528715/6737b221-a3a2-4180-9ef8-b846c10f96e0)

(cherry picked from commit 4129e0e79bbf30e4297efd33feb2602c40322d10)
2024-03-20 08:46:28 +01:00
Earl Warren
19d7ff9c9e
[TESTS] testPullCreate do not assume the default branch is master 2024-03-20 06:52:37 +01:00
Denys Konovalov
d3d0c4cbe7
add skip ci support for pull request title (#29774)
Extends #28075 to support [skip ci] inside PR titles.

Close #29265

(cherry picked from commit 7a90e5954f8515329f20ff0e391130e1ee7b8864)

Conflicts:
	services/actions/notifier_helper.go
	tests/integration/actions_trigger_test.go
	conflicts easily resolved because of
	[TESTS] Convert more tests to CreateDeclarativeRepo
	[ACTIONS] skip superflous pull request synchronized event (#2314)
2024-03-20 06:07:50 +01:00
oliverpool
ce6db31efe Merge pull request '[Port] Sync branches to DB immediately when handle git hook calling gitea#29493' (#2684) from oliverpool/forgejo:sync_branch into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2684
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-19 08:37:30 +00:00
Earl Warren
c16866d4a5 Merge pull request 'English fixes and improvements' (#2631) from 0ko/forgejo:english20240311 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2631
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-19 08:09:27 +00:00
Ada
41676a8634 Fix #2512 /api/forgejo/v1/version auth check (#2582)
Add the same auth check and middlewares as the /v1/ API.
It require to export some variable from /v1 API, i am not sure if is the correct way to do

Co-authored-by: oliverpool <git@olivier.pfad.fr>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2582
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Ada <ada@gnous.eu>
Co-committed-by: Ada <ada@gnous.eu>
2024-03-19 07:16:19 +00:00
Jason Song
286d09203f Sync branches to DB immediately when handle git hook calling (gitea#29493)
Unlike other async processing in the queue, we should sync branches to
the DB immediately when handling git hook calling. If it fails, users
can see the error message in the output of the git command.

It can avoid potential inconsistency issues, and help #29494.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-03-18 17:38:01 +01:00
0ko
4c1af0d9a6 [I18N] Fix capitalization in English and reword a few strings
fixes #2551
2024-03-17 21:04:11 +05:00
oliverpool
98f1fe7944 Makefile: check git diff exit-code (#2651)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2651
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-14 10:38:58 +00:00
Gusted
fbdda5d5b0 Merge pull request '[PORT] Test /user/settings/security auth sources' (#2641) from oliverpool/forgejo:security_test into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2641
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-13 21:57:14 +00:00
Earl Warren
226fa396df Merge pull request 'Accessibility: Taborder in repo explore' (#2636) from fnetx/explore-taborder into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2636
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-13 02:31:47 +00:00
oliverpool
d49c116ce5 [PORT] Test /user/settings/security auth sources 2024-03-12 15:41:10 +01:00
Otto Richter
16a63a16b3 Playwright e2e test for taborder
This should be a failing test for Firefox (but working in Chrome?) for
the taborder in the explore page.

Tabbing through the page should ensure that certain elements are focused
at least once.
2024-03-12 02:23:29 +01:00
oliverpool
63973e2c70
add repo_settings_hook_test 2024-03-11 23:37:00 +07:00
wxiaoguang
abb0294996
Partially enable MSSQL case-sensitive collation support (#29238)
Follow #28662

(cherry picked from commit 29a8c8de779924694fadad80b31cc855dd62c0f2)
2024-03-11 23:36:59 +07:00
Zettat123
e7afba21ce
Skip email domain check when admins edit user emails (#29609)
Follow #29522

Administrators should be able to set a user's email address even if the
email address is not in `EMAIL_DOMAIN_ALLOWLIST`

(cherry picked from commit 136dd99e86eea9c8bfe61b972a12b395655171e8)
2024-03-11 23:36:58 +07:00
Zettat123
b6057a34db
Skip email domain check when admin users adds user manually (#29522)
Fix #27457

Administrators should be able to manually create any user even if the
user's email address is not in `EMAIL_DOMAIN_ALLOWLIST`.

(cherry picked from commit 4fd9c56ed09b31e2f6164a5f534a31c6624d0478)
2024-03-11 23:36:58 +07:00
Gusted
4dbf2d7c11 Merge pull request 'Better number for UserCards pagination' (#2584) from 0ko/forgejo:its39 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2584
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-03-11 15:53:59 +00:00
0ko
b2bc233517 Test pagination of repo stars, watchers and forks
based on code suggested in https://codeberg.org/forgejo/forgejo/pulls/2584#issuecomment-1647897 and https://codeberg.org/forgejo/forgejo/pulls/2584#issuecomment-1655289

Co-authored-by: Gusted <gusted@noreply.codeberg.org>
2024-03-10 17:15:59 +05:00
0ko
8f8b608fd7 Add test to UI of archive/unarchive related actions 2024-03-09 13:29:23 +00:00
oliverpool
ecfcbcb19f [BUG] prevent removing session cookie when redirect_uri query contains :// 2024-03-07 10:52:30 +01:00
Gusted
b9e27b64e6 Merge pull request '[BUG] Disable CODEOWNERS for forked repositories' (#2537) from gusted/forgejo-codeowner-forked into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2537
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-06 18:18:58 +00:00
Gusted
e793e28f94
[BUG] Remember topic only in repo search
- Ports b4360d504c
2024-03-06 13:22:39 +01:00
Earl Warren
a39f69ac28
Revert "[BUG] Remember topic only in repo search"
This reverts commit b4360d504c.
2024-03-06 12:10:46 +08:00
KN4CK3R
47a913d40d
Add support for API blob upload of release attachments (#29507)
Fixes #29502

Our endpoint is not Github compatible.

https://docs.github.com/en/rest/releases/assets?apiVersion=2022-11-28#upload-a-release-asset

---------

Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 70c126e6184872a6ac63cae2f327fc745b25d1d7)
2024-03-06 12:10:46 +08:00
ChristopherHX
66632c4958
Actions Artifacts v4 backend (#28965)
Fixes #28853

Needs both https://gitea.com/gitea/act_runner/pulls/473 and
https://gitea.com/gitea/act_runner/pulls/471 on the runner side and
patched `actions/upload-artifact@v4` / `actions/download-artifact@v4`,
like `christopherhx/gitea-upload-artifact@v4` and
`christopherhx/gitea-download-artifact@v4`, to not return errors due to
GHES not beeing supported yet.

(cherry picked from commit a53d268aca87a281aadc2246541f8749eddcebed)
2024-03-06 12:10:45 +08:00
wxiaoguang
459ee98136
Only use supported sort order for "explore/users" page (#29430)
Thanks to inferenceus : some sort orders on the "explore/users" page
could list users by their lastlogintime/updatetime.

It leaks user's activity unintentionally. This PR makes that page only
use "supported" sort orders.

Removing the "sort orders" could also be a good solution, while IMO at
the moment keeping the "create time" and "name" orders is also fine, in
case some users would like to find a target user in the search result,
the "sort order" might help.

![image](https://github.com/go-gitea/gitea/assets/2114189/ce5c39c1-1e86-484a-80c3-33cac6419af8)

(cherry picked from commit eedb8f41297c343d6073a7bab46e4df6ee297a90)
2024-03-06 12:10:43 +08:00
Lunny Xiao
894d9b2836
Move context from modules to services (#29440)
Since `modules/context` has to depend on `models` and many other
packages, it should be moved from `modules/context` to
`services/context` according to design principles. There is no logic
code change on this PR, only move packages.

- Move `code.gitea.io/gitea/modules/context` to
`code.gitea.io/gitea/services/context`
- Move `code.gitea.io/gitea/modules/contexttest` to
`code.gitea.io/gitea/services/contexttest` because of depending on
context
- Move `code.gitea.io/gitea/modules/upload` to
`code.gitea.io/gitea/services/context/upload` because of depending on
context

(cherry picked from commit 29f149bd9f517225a3c9f1ca3fb0a7b5325af696)

Conflicts:
	routers/api/packages/alpine/alpine.go
	routers/api/v1/repo/issue_reaction.go
	routers/install/install.go
	routers/web/admin/config.go
	routers/web/passkey.go
	routers/web/repo/search.go
	routers/web/repo/setting/default_branch.go
	routers/web/user/home.go
	routers/web/user/profile.go
	tests/integration/editor_test.go
	tests/integration/integration_test.go
	tests/integration/mirror_push_test.go
	trivial context conflicts
	also modified all other occurrences in Forgejo specific files
2024-03-06 12:10:43 +08:00
Earl Warren
21b1381e36 Merge pull request 'Move migration functions to services layer - port of gitea#29497' (#2546) from algernon/forgejo:gitea/port/29497 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2546
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-04 10:01:26 +00:00
Gergely Nagy
f9894f4c51
A release title should always be a link
This partially reverts c41b2c73ef: for the
sake of consistency, the title of a release should always be a link,
whether it's a tag-only release or not.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-04 08:29:11 +01:00
Gergely Nagy
19ff532d42
Test that tags without a release display properly
Update the `TestTagViewWithoutRelease` test case with another assert:
one that checks that the release title is properly displayed.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-03-04 08:29:11 +01:00
Lunny Xiao
ff8cb299d1
Move migration functions to services layer (#29497) 2024-03-04 07:10:53 +01:00
Earl Warren
ad547edf3b
[TESTS] enable AddFixtures in unit tests
Use setting.AppWorkPath instead of filepath.Dir(setting.AppPath). It
is the common denominator between:

* models/unittest/testdb.go:MainTest
* tests/test_utils.go:InitTest

which makes it usable in unit tests as well as integration tests.
2024-03-03 11:11:26 +08:00
Gusted
c63b52c126
[FEAT] Show follow symlink button
- When a user goes opens a symlink file in Forgejo, the file would be
rendered with the path of the symlink as content.
- Add a button that is shown when the user opens a *valid* symlink file,
which means that the symlink must have an valid path to an existent
file and after 999 follows isn't a symlink anymore.
- Return the relative path from the `FollowLink` functions, because Git
really doesn't want to tell where an file is located based on the blob ID.
- Adds integration tests.
2024-03-02 17:58:09 +01:00
Gusted
abe3351187 Merge pull request '[BUG] Allow to select commit email for file updload/delete' (#2383) from 0ko/forgejo:fix-commit-del into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2383
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-02 12:00:45 +00:00
Gusted
2658d4361e
[BUG] Disable CODEOWNERS for forked repositories
- Disable the CODEOWNERS feature for forked repositories, as it would
otherwise inadvertently request reviewers when for example a pull
request is opened against a forked repository to propose changes to an
existant pull request in the original repository.
- Adds integration test.
- Resolves #2525
2024-03-01 23:19:18 +01:00
Gusted
86b46085c7
[BUG] Sort file list case insensitively
- Make the sorting done on the entries list case insensitive.
- Adds integration test.
- Resolves #317
2024-02-29 21:14:06 +01:00
Gusted
d0e5af7079 Merge pull request '[UI] Actions: Link to Workflow in View' (#1866) from n0toose/forgejo:forgejo-add-workflow-link into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1866
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-28 17:28:16 +00:00
Earl Warren
7af1349c1d Merge pull request '[BUG] Correct changed files for codeowners' (#2507) from gusted/forgejo-codeowner-diff into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2507
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-02-28 12:15:49 +00:00
Gusted
64a0d61aff [BUG] Implement commit mail selection for other Git operations
- Implement the commit mail selection feature for the other supported
Git operations that can be done trough the web UI.
- Adds integration tests (goodluck reviewing this).
- Ref: #1788

Co-authored-by: 0ko <0ko@noreply.codeberg.org>
2024-02-27 22:41:58 +00:00
Gusted
fb2795b5bb
[BUG] Correct changed files for codeowners
- The CODEOWNER feature relies on the changed files to determine which
reviewers should be added according to the `CODEOWNER` file.
- The current approach was to 'diff' between the base and head branch,
which seems logical but fail in practice when the pull request is out of
date with the base branch. Therefore it should instead diff between the
head branch and the merge base of the head and base branch, so only the
actual affected files by the pull requests are used, the same approach
is used by the diff of an unmerged pull request.
- Add integration testing (for the feature as well).
- Resolves #2458
2024-02-27 23:16:00 +01:00
Earl Warren
2855727c85 Merge pull request 'Disabling Stars should disable the routes too' (#2471) from algernon/forgejo:stars/disable-routes into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2471
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-27 21:24:25 +00:00
Gergely Nagy
aef0b024b7 Fix the Fork button in repo headers
In #2445, I lifted out the fork button into its own template, but did
not update it properly. This resulted in the fork button's counter not
displaying, and pointing to the wrong place too.

This patch updates the template to account for it moving to a separate
file, and also adds test cases to verify the button is display as it
should be.

Fixes #2494.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-27 18:36:37 +00:00
0ko
2e76e4fb33 [I18N] Improve English strings & consistency 2024-02-27 17:42:59 +00:00
Gergely Nagy
c9b410fb35
Highlight the correct small menu item when viewing a tag
When viewing a tag that isn't associated with a release, highlight the
"N Tags" sub-menu item, rather than the "M releases" one.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-27 13:32:55 +01:00
Gergely Nagy
fc635f1014
Restore the ability to view tags without a release
The `repo.SingleRelease` handler was broken by gitea#29149, as the
switch to `getReleaseInfos` stopped returning tags without an associated
release. This resulted in the web UI showing a 404 when trying to view a
tag without a release.

This restores the functionality by explicitly including tags in the
search, and also adds tests to exercise the fix.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-27 13:32:55 +01:00
Earl Warren
3fa4962a88 Merge pull request '[gitea] cherry-pick' (#2478) from earl-warren/forgejo:wip-gitea-cherry-pick into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2478
2024-02-27 10:39:41 +00:00
Earl Warren
d9ae3717b5 Merge pull request '[BUG] Remember topic only in repo search' (#2489) from gusted/forgejo-topic-explore into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2489
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-26 22:40:34 +00:00
Zettat123
77c56e29de
Allow non-admin users to delete review requests (#29057)
Fix #14459

The following users can add/remove review requests of a PR
- the poster of the PR
- the owner or collaborators of the repository
- members with read permission on the pull requests unit

(cherry picked from commit c42083a33950be6ee9f822c6d0de3c3a79d1f51b)

Conflicts:
	models/repo/repo_list_test.go
	tests/integration/api_nodeinfo_test.go
	tests/integration/api_repo_test.go
	shared fixture counts
2024-02-26 22:30:27 +01:00
KN4CK3R
5f79550a0d
Prevent double use of git cat-file session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297

Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)

commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)

entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)

b := entry.Blob()

// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()

// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```

The problem is the check in `CatFileBatch`:

79217ea63c/modules/git/repo_base_nogogit.go (L81-L87)
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.

(cherry picked from commit f74c869221624092999097af38b6f7fae4701420)
2024-02-26 22:30:25 +01:00
6543
f796548225
Workaround to clean up old reviews on creating a new one (#28554)
close  #28542

blocks  #28544

---
*Sponsored by Kithara Software GmbH*

(cherry picked from commit 217d71c48a10265e08b95cc961656b921f61f9ff)

Conflicts:
	tests/integration/api_pull_review_test.go
	context
2024-02-26 21:42:14 +01:00
Gergely Nagy
0b4a9c4ec2
Disabling Stars should disable the routes too
Similarly to how `[repository].DISABLE_FORKS` works, lets make
`[repository].DISABLE_STARS` disable the routes too, not just hide the
functionality from the UI.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-26 20:50:32 +01:00
Gusted
b4360d504c
[BUG] Remember topic only in repo search
- If the user is searching repositories with an specific topic, adding
any other filter option, such as showing unrelevant repositories or
using another sort Forgejo should remember that 'topic only' was set.
- Adds integration test.
- Resolves #2461
2024-02-26 16:25:01 +01:00
Earl Warren
775956cc68 Merge pull request '[BUG] Don't overwrite protected branch accidentally' (#2473) from gusted/forgejo-error-duplicate into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2473
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-26 14:55:09 +00:00
Earl Warren
f91702dd74 Merge pull request 'Split up repo.Action in routers/web into smaller functions.' (#2476) from algernon/forgejo:refactor/routes/web/repo-action into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2476
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-26 14:54:35 +00:00
Gergely Nagy
ae0635fd61
Correctly support linguist-documentation=false
If a documentation file is marked with a `linguist-documentation=false`
attribute, include it in language stats.

However, make sure that we do *not* include documentation languages as
fallback.

Added a new test case to exercise the formerly buggy behaviour.

Problem discovered while reviewing @KN4CK3R's tests from gitea#29267.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-26 14:18:33 +01:00
Gergely Nagy
7e6fe41389
Add tests for the star/unstar & watch/unwatch UI
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-26 09:14:11 +01:00
qwerty287
feb189554e
Add API to get PR by base/head (#29242)
Closes https://github.com/go-gitea/gitea/issues/16289

Add a new API `/repos/{owner}/{repo}/pulls/{base}/{head}` to get a PR by
its base and head branch.
2024-02-26 03:41:42 +01:00
Gusted
1bab4358ac
[BUG] Don't overwrite protected branch accidentally
- If a user tries to create another protected branching rule that
specifies a set of branches already used by another rule, do not allow
it.
- Update the translation accordingly.
- Adds integration test.
- Resolves #2455
2024-02-25 20:09:18 +01:00
Earl Warren
f991f107da Merge pull request 'Improve display of 404/500 error pages' (#2466) from 0ko/forgejo:errorcodes into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2466
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-25 15:53:09 +00:00
Earl Warren
649ca2b230 Merge pull request 'Allow instance-wide disabling of forking' (#2445) from algernon/forgejo:f/disable-forks into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2445
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-25 15:13:15 +00:00
Earl Warren
bc2a105cbb Merge pull request '[FEAT] Check if commit is already present in target branch' (#2450) from gusted/forgejo-agit-contain-commit into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2450
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-25 15:05:33 +00:00
Earl Warren
ef1d579c41 Merge pull request '[UI] Agit: Add AGit label to AGit-created PRs' (#2444) from n0toose/agit-indicator into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2444
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-25 14:48:09 +00:00
0ko
a748ba70a8 10-year old images are gone 2024-02-25 18:13:59 +05:00
Gergely Nagy
0ea021c8c9
Allow instance-wide disabling of forking
For small, personal self-hosted instances with no user signups, the fork
button is just a noise. This patch allows disabling them like stars can
be disabled too.

Disabling forks does not only remove the buttons from the web UI, it
also disables the routes that could be used to create forks.

Fixes #2441.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-25 12:00:17 +01:00
Earl Warren
3471adb14a Merge pull request '[FEAT] Enable ambiguous character detection in configured contexts' (#2427) from gusted/forgejo-ambigious-characters into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2427
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-02-24 12:25:31 +00:00
Earl Warren
bc8d61d12e Merge pull request '[FEAT] Restrict file size of blame operation' (#2395) from gusted/forgejo-blame-restrict into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2395
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-23 23:17:02 +00:00
Gusted
f0ed6de89d
[FEAT] Check if commit is already present in target branch
- Check if someone is (accidentally) trying to create a pull request via
AGit with changes already in the target branch and fail if that is the
case.
- Added integration test.
2024-02-23 21:42:15 +01:00
Panagiotis "Ivory" Vasilopoulos
bf7fb89178 [UI] Agit: Add AGit label to AGit-created PRs
Adds a label to Pull Requests that were created using AGit-Flow,
in order to prevent situations where a contributor uses AGit-Flow
to push new changes - only to realize that they did not use AGit-Flow
in the first place, and that they just opened a new PR accidentally
(that was me).

Also intended to raise general awareness about the feature. Some
additional work, such as adding a tooltip, still needs to be
done.

A small typo fix for a comment and (exclusively) formatting fixes
in the copyright header are also included.

Refs: https://codeberg.org/forgejo/forgejo/issues/2433
2024-02-23 21:09:08 +01:00
Gusted
5b3a82d621
[FEAT] Enable ambiguous character detection in configured contexts
- The ambiguous character detection is an important security feature to
combat against sourcebase attacks (https://trojansource.codes/).
- However there are a few problems with the feature as it stands
today (i) it's apparantly an big performance hitter, it's twice as slow
as syntax highlighting (ii) it contains false positives, because it's
reporting valid problems but not valid within the context of a
programming language (ambiguous charachters in code comments being a
prime example) that can lead to security issues (iii) charachters from
certain languages always being marked as ambiguous. It's a lot of effort
to fix the aforementioned issues.
- Therefore, make it configurable in which context the ambiguous
character detection should be run, this avoids running detection in all
contexts such as file views, but still enable it in commits and pull
requests diffs where it matters the most. Ideally this also becomes an
per-repository setting, but the code architecture doesn't allow for a
clean implementation of that.
- Adds unit test.
- Adds integration tests to ensure that the contexts and instance-wide
is respected (and that ambigious charachter detection actually work in
different places).
- Ref: https://codeberg.org/forgejo/forgejo/pulls/2395#issuecomment-1575547
- Ref: https://codeberg.org/forgejo/forgejo/issues/564
2024-02-23 13:12:17 +01:00
Gergely Nagy
98943fdb43
tests: Add a basic test for artifact deletion
Adds a very bare-bones test for artifact deletion. It does not exercise
the functionality itself, just the presence of the functionality.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-23 09:24:43 +01:00
Earl Warren
c47e6ceb82 Merge pull request '[FEAT] repo search using git grep' (#1594) from snematoda/forgejo:forgejo into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1594
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-22 22:21:44 +00:00
Panagiotis "Ivory" Vasilopoulos
62f3ff6074 [UI] Actions: I will always run make fmt before pushing
I will always run make fmt before pushing
I will always run make fmt before pushing
I will always run make fmt before pushing
2024-02-22 22:31:26 +01:00
Panagiotis "Ivory" Vasilopoulos
2a0a5c6ec0 [UI] Actions: Oops, forgot to lint the tests. 2024-02-22 22:26:11 +01:00
Panagiotis "Ivory" Vasilopoulos
785f336c12 [UI] Actions: Improve frontend testing 2024-02-22 22:12:44 +01:00
Gusted
ca798e4cc2
[SECURITY] Test XSS in dismissed review
It's possible for reviews to not be assiocated with users, when they
were migrated from another forge instance. In the migration code,
there's no sanitization check for author names, so they could contain
HTML tags and thus needs to be properely escaped.
2024-02-22 15:33:20 +01:00
Gusted
565e331238
[SECURITY] Test XSS in wiki last commit information
On the wiki and revisions page, information is shown about the last
commit that modified that wiki page. This includes the time it was last
edited and by whom. Verify it is sanitized.
2024-02-22 15:03:15 +01:00
Panagiotis "Ivory" Vasilopoulos
1668904513 [UI] Actions: Link to Workflow in View 2024-02-22 13:18:06 +01:00
Malte Jürgens
5c67c34ce8
Add e2e debug server
This adds the ability to run `make test-e2e-debugserver` to start a
forgejo server pupulated with the test data from `models/fixtures`. This
is particularly useful for debugging the e2e tests with a external tool,
such as the Playwright extension for VSCode [1].

[1] https://open-vsx.org/extension/ms-playwright/playwright
2024-02-21 20:47:57 +01:00
Shiny Nematoda
51fb6f3983 [FEAT] add fallback repo search using git grep 2024-02-20 13:00:34 +00:00
Gusted
cfd6420a0e Merge pull request '[REFACTOR] Refactor the AGit code' (#2386) from gusted/fix-agit into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2386
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-19 15:59:10 +00:00
Gusted
d8a267d3ab
[FEAT] Restrict file size of blame operation
- Currently there exists a restriction to not render and show files that
are larger than what's configured in `[UI].MAX_DISPLAY_FILE_SIZE`.
- Apply the same restriction to the blame operation as well, as the
blame operation can be seen as displaying a file.
- Add integration test.
- Ref: #2394
2024-02-19 16:39:39 +01:00
Earl Warren
6c9c0aca76 Merge pull request '[gitea] cherry-pick' (#2375) from earl-warren/forgejo:wip-gitea-cherry-pick into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2375
Reviewed-by: Otto <otto@codeberg.org>
2024-02-19 14:42:41 +00:00
Gusted
c58ad87513
[REFACTOR] Refactor the AGit code
TLDR: Less code, better maintainability and more comments.

- Add code comments to explain what the code does, it's quite a big
function so it definitely deserved some of that.
- Simplify some logic.
- Load the `pusher` in a single place.
- Update the error messages to be more correct, not capitlized, include
more debug info and remove 'Error:' As it's no need to indicate that,
errors are concenated with `:` seperators.
- Improve the message that a change was rejected, because a force push
was detected and the `force-push` option wasn't set.
- Avoid a second time loading `gitRepo.GetObjectFormat` and handle the
error gracefully for the other occurence.
- Adds integration test for force push detection.
2024-02-19 13:18:50 +01:00
Earl Warren
5240e27266 Merge pull request 'GitHub-style alert blocks in Markdown (gitea#29121)' (#2348) from algernon/forgejo:f/markdown/alert-blocks-port into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2348
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-18 11:21:36 +00:00
Yarden Shoham
2685be9f95
Fix labels referencing the wrong ID in the user profile settings (#29199)
2 instances of `for` with a wrong value and 1 `for` that had a reference
to a `name` instead of `id`.

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
(cherry picked from commit 1d275c1748a75a01c270f5c306c5248808016aba)
2024-02-17 23:24:32 +01:00
Gergely Nagy
cc47808b84
tests: Markdown alert block test cases
This adds a few test cases to exercise the alert block feature of the
markdown renderer, both the legacy GitHub style, and the modern one.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-17 18:35:45 +01:00
Gusted
f779aa79f2
[BUG] Fix pull request reopen conditions
- Move the conditions code around, such that the existence of the head
and base is first checked (so a clear error can be given, instead of a
possible server error). This makes it easier to read this code. As the
logic is now grouped together.
- Adds integration testing that simulates the deletion of the base and
head branch and ensures the pull request cannot be opened. The 'normal'
testcase also 'informally' ensures that the previous incorrect condition
is not there, because the branch `base-branch` doesn't exist on the head
repository.
- Resolves #2321
2024-02-17 15:38:16 +01:00
Gusted
7bf93e5d1a Merge pull request 'A new test to exercise linguist-language=' (#2368) from algernon/tests/linguist/view-guess into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2368
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-02-17 13:46:43 +00:00
Gusted
0c0b87ec1a Merge pull request 'Add rel="nofollow" to issue filter links' (#2367) from algernon/forgejo:b/issues/nofollow into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2367
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-17 10:56:47 +00:00
Gergely Nagy
ae95db12a1
A new test to exercise linguist-language=
Rename `repo_lang_stats_test.go` to `linguist_test.go`, and add a new
tests that exercises parts of the web UI to ensure that language
overrides in `.gitattributes` work when viewing a file source, and in
the blame view too.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-17 11:24:16 +01:00
Gergely Nagy
5143ebb507
Add rel="nofollow" to issue filter links
The issue filter links should not be crawled by search engines, because
they they only filter results, and contain nothing new, yet, they put a
considerable load on the server.

To stop - well behaving - search engines from following these links, add
a `rel="nofollow"` property to them. The same property is already
present on the archive download links, and plenty of other places.

Fixes #2361.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-17 10:42:47 +01:00
wxiaoguang
65248945c9
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when
"template.HTML" should be used (no need to escape)

And help PRs like  #29059 , to render the error messages correctly.

(cherry picked from commit f3eb835886031df7a562abc123c3f6011c81eca8)

Conflicts:
	modules/web/middleware/binding.go
	routers/web/feed/convert.go
	tests/integration/branches_test.go
	tests/integration/repo_branch_test.go
	trivial context conflicts
2024-02-16 15:20:52 +01:00
oliverpool
0fc61c8836 [BUG] split code conversations in diff tab (#2306)
Follow-up of #2282 and #2296 (which tried to address #2278)

One of the issue with the previous PR is that when a conversation on the Files tab was marked as "resolved", it would fetch all the comments for that line (even the outdated ones, which should not be shown on this page - except when explicitly activated).

To properly fix this, I have changed `FetchCodeCommentsByLine` to `FetchCodeConversation`. Its role is to fetch all comments related to a given (review, path, line) and reverted my changes in the template (which were based on a misunderstanding).

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2306
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
2024-02-16 12:16:11 +00:00
Earl Warren
41cc9784f9 Merge pull request 'agit: Automatically fill in the description' (#2344) from algernon/f/agit/description-autofill into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2344
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-02-14 20:46:00 +00:00
Gergely Nagy
259ad5d614
agit: Automatically fill in the description
If no `-o description=` is provided, fill it in automatically from the
first commit, just like title. Also allow filling in either, and
specifying them independently.

This means that `git push origin HEAD:refs/for/main/my-local-branch`
will fill in the PR title, *and* the description, without having to
specify additional parameters.

The description is the first commit's message without the first two
lines (the title and a newline, as customary).

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-14 21:17:55 +01:00
Chris Copeland
83123b493f
Add merge style fast-forward-only (#28954)
With this option, it is possible to require a linear commit history with
the following benefits over the next best option `Rebase+fast-forward`:
The original commits continue existing, with the original signatures
continuing to stay valid instead of being rewritten, there is no merge
commit, and reverting commits becomes easier.

Closes #24906
2024-02-14 17:19:19 +01:00
Earl Warren
05eaf1cf3e Merge pull request 'Repository settings refactor' (#2221) from algernon/forgejo:repo-units/ui-refactor into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2221
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-02-14 13:29:04 +00:00
Gergely Nagy
44424bfe60
Add tests for the previous two commits
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-13 22:42:09 +01:00
Earl Warren
98e7753ade Merge pull request '[FEAT]: Allow forking without a repo ID' (#2310) from algernon/forgejo:f/repo/fork-route into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2310
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-02-12 13:36:49 +00:00
Alexandre Oliveira
29007c09bd Fix Alpine Registry packages with noarch not being found (#2285)
Fixes #2173
~~Still requires a bit of work to do, I'm not 100% happy with this solution.~~

The idea is to copy the noarch package to the architectures available in the package repository.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2285
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Alexandre Oliveira <me+codeberg@aoalmeida.com>
Co-committed-by: Alexandre Oliveira <me+codeberg@aoalmeida.com>
2024-02-11 18:02:56 +00:00
Earl Warren
7b4dba3aa0 [ACTIONS] skip superflous pull request synchronized event (#2314)
Skip a HookEventPullRequestSync event if it has the same CommitSHA as an existing HookEventPullRequest event in the ActionRun table. A HookEventPullRequestSync event must only create an ActionRun if the CommitSHA is different from what it was when the PR was open.

This guards against a race that can happen when the following is done in parallel:

* A commit C is pushed to a repo on branch B
* A pull request with head on branch B

it is then possible that the pull request is created first, successfully. The commit that was just pushed is not known yet but the PR only references the repository and the B branch so it is fine.

A HookEventPullRequest event is sent to the notification queue but not processed immediately.

The commit C is pushed and processed successfully. Since the PR already exists and has a head that matches the branch, the head of the PR is updated with the commit C and a HookEventPullRequestSync event is sent to the notification queue.

The HookEventPullRequest event is processed and since the head of the PR was updated to be commit C, an ActionRun with CommitSHA C is created.

The HookEventPullRequestSync event is then processed and also has a CommitSHA equal to C.

Refs: https://codeberg.org/forgejo/forgejo/issues/2009
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2314
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
2024-02-11 13:06:54 +00:00
Gergely Nagy
5f2d8be38e
[FEAT]: New route to view lates run of specific workflows
This adds a new route at `/actions/workflows/{workflow}/runs/latest`,
which will redirect to the latest run of the given workflow. It can be
further restricted by specifying an optional `?branch={branch}` query
parameter. If no branch is specified, the route defaults to using the
repo's default branch.

This route is meant to go hand in hand with the Badge route that returns
the result of the same workflow as a badge. This route can be used to
link to the run that produced that result.

Fixes #2303.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-10 09:15:58 +01:00
Gergely Nagy
f8da672307
[FEAT]: Allow forking without a repo ID
Forking a repository via the web UI currently requires visiting a
`/repo/fork/{{repoid}}` URL. This makes it cumbersome to create a link
that starts a fork, because the repository ID is only available via the
API. While it *is* possible to create a link, doing so requires extra
steps.

To make it easier to have a "Fork me!"-style links, introduce the
`/{username}/{repo}/fork` route, which will start the forking process
based on the repository in context instead.

The old `/repo/fork/{repoid}` route (with a `GET` request) will remain
there for the sake of backwards compatibility, but will redirect to the
new URL instead. It's `POST` handler is removed.

Tests that used the old route are updated to use the new one, and new
tests are introduced to exercise the redirect.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-10 09:14:14 +01:00
Earl Warren
7cbf05fafb
Merge remote-tracking branch 'forgejo/forgejo-dependency' into wip-forgejo
Conflicts:
	.forgejo/workflows/testing.yml
	trivial conflict
2024-02-09 19:00:54 +01:00
Gergely Nagy
1624ebc836
[TESTS] issue & PR templates in .forgejo are recognized
This adds a few tests for the previous change, to verify that issue
template configs, issue templates and pr templates are all recognized in
`.forgejo` directories.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-06 10:22:32 +01:00
Gergely Nagy
be8d16438a
Fix /api/v1/{owner}/{repo}/issue_templates
When issue templates were moved into services in
def4956122, the code was also refactored
and simplified. Unfortunately, that simplification broke the
`/api/v1/{owner}/{repo}/issue_templates` route, because it was
previously using a helper function that ignored invalid templates, and
after the refactor, the function it called *always* returned non-nil as
the second return value. This, in turn, results in the aforementioned
end point always returning an internal server error.

This change restores the previous behaviour of ignoring invalid files
returned by `issue.GetTemplatesFromDefaultBranch`, and adds a few test
cases to exercise the endpoint.

Other users of `GetTemplatesFromDefaultBranch` already ignore the second
return value, or handle it correctly, so no changes are necessary there.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-02-05 20:58:41 +01:00
Earl Warren
094c84ed6d
Merge branch 'rebase-forgejo-dependency' into wip-forgejo 2024-02-05 18:58:23 +01:00
Earl Warren
d7e1854884
Merge branch 'rebase-forgejo-branding' into wip-forgejo 2024-02-05 18:58:18 +01:00
Earl Warren
036f1eddc5
[GITEA] avoid superfluous synchronized pull_request run when opening a PR (#2236)
* Split TestPullRequest out of AddTestPullRequestTask
* Before scheduling the task, AddTestPullRequestTask stores the max
  index of the repository
* When the task runs, it does not take into account pull requests that
  have an index higher than the recorded max index

When AddTestPullRequestTask is called with isSync == true, it is the
direct consequence of a new commit being pushed. Forgejo knows nothing
of this new commit yet. If a PR is created later and its head
references the new commit, it will have an index that is higher and
must not be taken into account. It would be acting and triggering a
notification for a PR based on an event that happened before it
existed.

Refs: https://codeberg.org/forgejo/forgejo/issues/2009
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2236
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
(cherry picked from commit b3be895a30b32bfae4acfa32db54406e1dd1dc21)
2024-02-05 16:57:58 +01:00
Gergely Nagy
c335d076aa
[GITEA] admin: "Self Check" should only show for some db types
The "Self Check" menu essentially runs the collation check that is also
performed at startup, and displays the results. This is only a thing for
MariaDB/MySQL and MSSQL. As such, the menu item should only be available
for these database types.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 0ca118fdc3c39c0e7adf9285e074e5878a0ca1c1)
2024-02-05 16:57:56 +01:00
oliverpool
76c2f5bf92
[GITEA] add test showing bug on resolving invalidated review comment
(cherry picked from commit 5fb3b927f1f80bd4bd1ccb2b1b74a0f20b35886a)
2024-02-05 16:57:56 +01:00
Gergely Nagy
fde08f91fd
[GITEA] tests: A workaround for the MySQL collation tests
Because Forgejo run mysqld with `--innodb-flush-method=nosync` to speed
up the test suite, there are situations where a larger, database-wide
operation does not always fully manifest until later, not even when it
is wrapped in a transaction, nor when we use `FLUSH TABLES` and similar
methods.

In the case of the MySQL collation test, this *sometimes* results in the
database still responding with the old collation to a reader, even after
an `ALTER DATABASE ... COLLATE ...`.

In order to be able to still use the aforementioned flag and enjoy its
benefits, add a five second sleep between `db.ConvertDatabaseTable()`
and `db.CheckCollations()` in the `TestDatabaseCollation()` set of
tests.

This is not a fix - I don't think there is one possible -, but a
workaround. If it breaks again, the correct fix will be to remove the
flag from `mysqld` (it's not a supported flag to begin with).

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit af18ed2ba9b1d6e228854b76cc4ffff790b8804b)
2024-02-05 16:57:55 +01:00
Gergely Nagy
2ca4862f8b
[GITEA] Allow changing the repo Wiki branch to main
Previously, the repo wiki was hardcoded to use `master` as its branch,
this change makes it possible to use `main` (or something else, governed
by `[repository].DEFAULT_BRANCH`, a setting that already exists and
defaults to `main`).

The way it is done is that a new column is added to the `repository`
table: `wiki_branch`. The migration will make existing repositories
default to `master`, for compatibility's sake, even if they don't have a
Wiki (because it's easier to do that). Newly created repositories will
default to `[repository].DEFAULT_BRANCH` instead.

The Wiki service was updated to use the branch name stored in the
database, and fall back to the default if it is empty.

Old repositories with Wikis using the older `master` branch will have
the option to do a one-time transition to `main`, available via the
repository settings in the "Danger Zone". This option will only be
available for repositories that have the internal wiki enabled, it is
not empty, and the wiki branch is not `[repository].DEFAULT_BRANCH`.

When migrating a repository with a Wiki, Forgejo will use the same
branch name for the wiki as the source repository did. If that's not the
same as the default, the option to normalize it will be available after
the migration's done.

Additionally, the `/api/v1/{owner}/{repo}` endpoint was updated: it will
now include the wiki branch name in `GET` requests, and allow changing
the wiki branch via `PATCH`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit d87c526d2a313fa45093ab49b78bb30322b33298)
2024-02-05 16:57:47 +01:00
Gusted
361617eea0
[GITEA] Use correct translations for pull request
- When a commit references a pull request, the detail strings should
reflect that. Add a new translation string for the pull request.
- Added integration tests.
- Resolves #2256

(cherry picked from commit 0d054cd4d998957bd499bfebe4002290526c5b92)
2024-02-05 16:54:44 +01:00
Gergely Nagy
fdda432d1e
[TESTS] Convert more tests to CreateDeclarativeRepo
These tests originate from Gitea, so may cause conflicts in the longer
run. But they use the same pattern, so transitioning them to the helper
is hopefully a benefit that offsets the risk.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2d475af49484bd428018e479fa35643f61a30426)
(cherry picked from commit a99c17729c635398d3722da9da7d9cbe2b47c533)
2024-02-05 16:54:44 +01:00
Gergely Nagy
48d752c630
[TESTS] Lift out CreateDeclarativeRepo()
There are a number of tests which require creating a repository on the
fly, and they each do it their own way. To reduce code duplication, lift
out this common pattern into a helper called `CreateDeclarativeRepo()`,
which lets us create a repository, set up enabled and disabled repo
units, and even add, delete, or update files.

Also convert a number of users of this pattern to the new helper - those
users that I introduced, and are in code introduced by Forgejo in the
first place.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 342b7bae3c85ebf36a625ba36d0a8c1ad822f794)
(cherry picked from commit 2ece8764e9929ed8d9ace7f7ba56d1c914369913)
2024-02-05 16:54:44 +01:00
Earl Warren
fe8622dae3
Revert "Fix schedule tasks bugs (#28691)"
This reverts commit 97292da960.

(cherry picked from commit 83e5eba0311dc601518fb1a07a7e8538e573a837)
(cherry picked from commit f6ef8f3819b5990858b0997cac72af000a3f3e3a)

Conflicts:
	services/repository/setting.go
2024-02-05 16:54:42 +01:00
Gergely Nagy
d4396acf82
[GITEA] Don't consider orphan branches as recently pushed
When displaying the recently pushed branches banner, don't display
branches that have no common history with the default branch. These
branches are usually not meant to be merged, so the banner is just noise
in this case.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2196

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e1fba517f4c28c3027feaea73561045264f1f591)
(cherry picked from commit 2d3c81d4f2676c58e026e5a06cfc8d84ad0d48fa)
(cherry picked from commit 624a61b3b8660d53fc66f8ab3a1b0bff7a9fcb6c)
2024-02-05 16:09:43 +01:00
Gergely Nagy
69688628f5
[GITEA] Fix misleading comparisons when comparing branches
When comparing branches, only offer those branches to use as a base
where the repository allows pull requests. Those that do not allow pull
request would result in a 404, so offering them as an option would be
misleading.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2194

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 022d0e0d71a92c31302176c5c8ba1e7169bbbf3e)
(cherry picked from commit 957990b36a25d0e51d9b75432a577dd63fb6dad2)
(cherry picked from commit 6d2df728257922cc716fed8a172ed69adc8d46d3)
2024-02-05 16:09:43 +01:00
Gergely Nagy
bc7e448d49
[GITEA] Rework when recently pushed branches are displayed
With this change, the "You pushed on branch xyz" banner will be
displayed when either the viewed repository or its base repo (if the
current one's a fork) has pull requests enabled. Previously it only
displayed if the viewed repo had PRs enabled.

Furthermore, if the viewed repository is an original repository that the
viewing user has a fork of, if the forked repository has recently pushed
branches, then the banner will appear for the original repository too.
In this case, the notification will include branches from the viewing
user's fork, and branches they pushed to the base repo, too.

Refs: https://codeberg.org/forgejo/forgejo/pulls/2195

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit a29f10661d59f6c33c5cfbee723f03f981aa6b72)
(cherry picked from commit 70c5e2021d7c385b9285622f0b2d878d3807d33c)
(cherry picked from commit 48b25be67a94f739601fbfea951ade6cdfe30691)
2024-02-05 16:09:43 +01:00
Gusted
bbe5a881cc
[GITEA] Fix API inconsistencies
- Document the correct content types for Git archives. Add code that
actually sets the correct application type for `.zip` and `.tar.gz`.
- When an action (POST/PUT/DELETE method) was successful, an 204 status
code should be returned instead of status code 200.
- Add and adjust integration testing.
- Resolves #2180
- Resolves #2181

(cherry picked from commit 6c8c4512b530e966557a5584efbbb757638b3429)
(cherry picked from commit 3f74bcb14df99ee75a170813979beb5ce04c8027)
(cherry picked from commit 6ed9057fd76b2d5d0dfdb3c663367ae861ab8093)
2024-02-05 16:09:43 +01:00
Earl Warren
0b503e5e86
[GITEA] DELETE /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments/{comment}
* reuse deleteIssueComment by adding the commentType parameter
* ensure tests start with a PR with no random reviews from fixtures

Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 5b90ab77f67e4c0ac17d8b1101453d7790fa45d2)
(cherry picked from commit 28ecd6f5a67891788ad4d989311050df55deb008)
(cherry picked from commit 24870cf133153f0fdefb76df58fe074ae6aef7c0)
2024-02-05 16:09:43 +01:00
Gergely Nagy
8eaa8aeaf9
[GITEA] Improved Linguist compatibility
Recognise the `linguist-documentation` and `linguist-detectable`
attributes in `.gitattributes` files, and use them in
`GetLanguageStats()` to make a decision whether to include a particular
file in the stats or not.

This allows one more control over which files in their repositories
contribute toward the language statistics, so that for a project that is
mostly documentation, the language stats can reflect that.

Fixes #1672.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 6d4e02fe5f2e79fceb6cf672f6f822714db6d0fe)
(cherry picked from commit ee1ead81891d7a0d4e62e5ba89ebee9db6359e76)
(cherry picked from commit 2dbec730e875f44a1d8a53e123fef428a14add95)
2024-02-05 16:09:43 +01:00
Earl Warren
bd1cea3f82
[GITEA] GET /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments/{comment}
Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 69fcf26dee0e6886460b533575f29e5b818bbc17)
(cherry picked from commit 1296f4d115e1441657cfdac53807743a8b7ca6ba)
(cherry picked from commit 119d10d9e277e7f738eba8087ce6cf4905e183e8)
(cherry picked from commit eb5b55b1b7438a40da2462401a95dfdff493b20d)
2024-02-05 16:09:43 +01:00
Gergely Nagy
3bdfb7a7aa
[GITEA] Fix the topic search paging
When searching for repository topics, either via the API, or via
Explore, paging did not work correctly, because it only applied when the
`page` parameter was non-zero. Paging should have applied when the page
size is greater than zero, which is what this patch does.

As a result, both the API, and the Explore endpoint will return paged
results (30 by default). As such, when managing topics on the frontend,
the offered completions will also be limited to a pageful of results,
based on what the user has already typed.

This drastically reduces the amount of traffic, and also the number of
the topics to choose from, and thus, the rendering time too.

The topics will be returned by popularity, with most used topics first.
A single page will contain `[api].DEFAULT_PAGING_NUM` (30 by default)
items that match the query. That's plenty to choose from.

Fixes #132.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 64d4ff41dbab7b3b84571b595158c3b451f53af7)
(cherry picked from commit 06b808fa2c0ddd52ca4569157892a0c7fc154b1f)
(cherry picked from commit 9205c9266a7d2b058100d03f5f3272f670f35866)
(cherry picked from commit 47863d4f724e7d2465acd6fca91e98157c60a29b)
2024-02-05 16:09:43 +01:00
Gergely Nagy
2924fcf814
[GITEA] services: Gracefully handle missing branches
services: in loadOneBranch, return if CountDivergingCommits fail

If we can't count the number of diverging commits for one reason or
another (such as the branch being in the database, but missing from
disk), rather than logging an error and continuing into a crash (because
`divergence` will be nil), return an error instead.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 8266105f24eb76b1dfb4c79d9bfde2ef9a98417a)

services: Gracefully handle missing branches

When loading branches, if loading one fails, log an error, and ignore
the branch, rather than returning and causing an internal server error.

Ideally, we would only ignore the error if it was caused by a missing
branch, and do it silently, like the respective API endpoint does.
However, veryfing that at this place is not very practical, so for the
time being, ignore any and all branch loading errors.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e552a8fd629b11503569f605c824c1c0b01eeab2)

tests: Add a testcase for missing branches

This tests the scenario reported in Codeberg/Community#1408: a branch
that is recorded in the database, but missing on disk was causing
internal server errors. With recent changes, that is no longer the case,
the error is logged and then ignored.

This test case tests this behaviour, that the repo's branches page on
the web UI functions even if the git branch is missing.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e20eb7b3853e25ab29d4ca63b015517b44e4954f)

tests: More testing in TestDatabaseMissingABranch

In the `TestDatabaseMissingABranch` testcase, make sure that the
branches are in sync between the db and git before deleting a branch via
git, then compare the branch count from the web UI, making sure that it
returns an out-of-sync value first, and the correct one after another
sync.

This is currently tested by scraping the UI, and relies on the fact that
the branch counter is out of date before syncing. If that issue gets
resolved, we'll have to adjust the test to verify the sync another way.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 8c2ccfcecec6182dd80d463f58223acbf16b039b)
(cherry picked from commit 439fadf5635c47c2a1be9cc83614b60f76ac05d0)
(cherry picked from commit 44dd80552ca63c6d22f4a139a0297486f1a2e655)
(cherry picked from commit 37b91fe6f2f05feee0f8db8f44c3eaf1ff060af9)
2024-02-05 16:09:42 +01:00
Gusted
2cfcd266b4
[GITEA] Fix panic in canSoftDeleteContentHistory
- It's possible that `canSoftDeleteContentHistory` is called without
`ctx.Doer` being set, such as an anonymous user requesting the
`/content-history/detail` endpoint.
- Add a simple condition to always set to `canSoftDelete` to false if an
anonymous user is requesting this, this avoids a panic in the code that
assumes `ctx.Doer` is set.
- Added integration testing.

(cherry picked from commit 0b5db0dcc608e9a9e79ead094a20a7775c4f9559)
(cherry picked from commit 30d168bcc867387f3c94582a4668cce62f77c171)
(cherry picked from commit 19be82b7ef11fe6e0656434dcc69c9ff2f24c702)
(cherry picked from commit 334b703b17a3fbb02e5ad20aea7241a909eb1f13)
2024-02-05 16:09:42 +01:00
Earl Warren
603a44edf0
[GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments
Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 8b4ba3dce7fc99fa328444ef27383dccca49c237)
(cherry picked from commit 196edea0f972a9a027c4cacb9df36330cf676d2f)

[GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments (squash) do not implicitly create a review

If a comment already exists in a review, the comment is added. If it
is the first comment added to a review, it will implicitly create a
new review instead of adding to the existing one.

The pull_service.CreateCodeComment function is responsibe for this
behavior and it will defer to createCodeComment once the review is
determined, either because it was found or because it was created.

Rename createCodeComment into CreateCodeCommentKnownReviewID to expose
it and change the API endpoint to use it instead. Since the review is
provided by the user and verified to exist already, there is no need
for the logic implemented by CreateCodeComment.

The tests are modified to remove the initial comment from the fixture
because it was creating the false positive. I was verified to fail
without this fix.

(cherry picked from commit 6a555996dca6ba71c65818e14ab0eeafa1af6dc2)
(cherry picked from commit b173a0ccee6cc0dadf40ec55e5d88987314c1cc4)
(cherry picked from commit 838ab9740a6b022676103bcb3a7d168b501006e1)
2024-02-05 16:09:42 +01:00
Gergely Nagy
639b428cf4
[FEAT] API support for repository flags
Expose the repository flags feature over the API, so the flags can be
managed by a site administrator without using the web API.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit bac9f0225d47e159afa90e5bbea9562cbc860dae)
(cherry picked from commit e7f5c1ba141ac7f8c7834b5048d0ffd3ce50900b)
(cherry picked from commit 95d9fe19cf3ed5787855ac2a442d29104498aa36)
(cherry picked from commit 7fc51991e405ea8d44fd6b4b4de13ad65da63ae7)
2024-02-05 16:09:42 +01:00
Gergely Nagy
36f7c162e2
[FEAT] Repository flags
This implements "repository flags", a way for instance administrators to
assign custom flags to repositories. The idea is that custom templates
can look at these flags, and display banners based on them, Forgejo does
not provide anything built on top of it, just the foundation. The
feature is optional, and disabled by default. To enable it, set
`[repository].ENABLE_FLAGS = true`.

On the UI side, instance administrators will see a new "Manage flags"
tab on repositories, and a list of enabled tags (if any) on the
repository home page. The "Manage flags" page allows them to remove
existing flags, or add any new ones that are listed in
`[repository].SETTABLE_FLAGS`.

The model does not enforce that only the `SETTABLE_FLAGS` are present.
If the setting is changed, old flags may remain present in the database,
and anything that uses them, will still work. The repository flag
management page will allow an instance administrator to remove them, but
not set them, once removed.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit ba735ce2228f8dd7ca105e94b9baa1be058ebe37)
(cherry picked from commit f09f6e029b4fb2714b86cd32dc19255078ecc0ee)
(cherry picked from commit 2f8b0414892f6099f519bda63a9e0fbc8ba6cfc7)
(cherry picked from commit d3186ee5f41fac896c7d2341402fcd39dd250bf1)
2024-02-05 16:09:42 +01:00
Gergely Nagy
9809f96a4a
[GITEA] Disable the RSS feed in file view for non-branches
Files can have an RSS feed, but those only make sense when taken in the
context of a branch. There is no history to make a feed of on a tag or a
commit: they're static. Forgejo does not provide a feed for them for
this reason.

However, the file view on the web UI was offering a link to these
non-existent feeds. With this patch, it does that no longer, and only
provides a link when viewing the file in the context of a branch.

Fixes #2102.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 4b48d21ea7459539dfb1ca5cadd6f9cb99e65fc7)
(cherry picked from commit 70cb2667603bcdb9a8c9bb20c482877ab3f6de39)
(cherry picked from commit 69b45c3feaf92454853ef9b02c9d75092780dabf)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 639a2c07411e6c606dfb81f695fddbad73dca3da)
2024-02-05 16:09:42 +01:00
Gergely Nagy
e019eb33a2
[GITEA] Find README.md for user profiles case insensitively
When trying to find a `README.md` in a `.profile` repo, do so case
insensitively. This change does not make it possible to render readmes
in formats other than Markdown, it just removes the hard-coded
"README.md".

Also adds a few tests to make sure the change works.

Fixes #1494.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit edd219d8e9d69becb9814ab0a8359555e80fcd4f)
(cherry picked from commit 2c0105ef17b9673e6892a66aa689af7c5c87b8a1)
(cherry picked from commit 3975a9f3aaf8ed3ceb5788abc325dbe8e89225d3)
(cherry picked from commit dee4a18423151ac7f22221e6fce12d863921c200)
(cherry picked from commit 60aee6370fb15b12fffc6f29582dd4a235f87d94)
2024-02-05 16:09:42 +01:00
Gusted
159dc74ceb
[GITEA] Check for Commit in opengraph
- It's possible that `PageIsDiff` is set but not `Commit` resulting in a
NPE in the template. This can happen when the requested commit doesn't exist.
- Regression of c802c46a9b &
5743d7cb5b
- Added 'hacky' integration test.

(cherry picked from commit 8db2d5e4a76f05b34e4f889e7a00ecd6578d3639)
(cherry picked from commit 8c737a802bcae54195f1bb15bb0b8aca824ef395)
(cherry picked from commit 6b7c7d18dcdcfa135ff2657fbac8ce157eaf0dfa)
(cherry picked from commit a2be4fab27b98b2932486f2b03635b044742f964)
(cherry picked from commit a1125268aca2796d08e02b7a36bfb36172917b38)
2024-02-05 16:09:42 +01:00
Gergely Nagy
f90b802634
[GITEA] Add support for shields.io-based badges
Adds a new `/{username}/{repo}/badges` family of routes, which redirect
to various shields.io badges. The goal is to not reimplement badge
generation, and delegate it to shields.io (or a similar service), which
are already used by many. This way, we get all the goodies that come
with it: different styles, colors, logos, you name it.

So these routes are just thin wrappers around shields.io that make it
easier to display the information we want. The URL is configurable via
`app.ini`, and is templatable, allowing to use alternative badge
generator services with slightly different URL patterns.

Additionally, for compatibility with GitHub, there's an
`/{username}/{repo}/actions/workflows/{workflow_file}/badge.svg` route
that works much the same way as on GitHub. Change the hostname in the
URL, and done.

Fixes gitea#5633, gitea#23688, and also fixes #126.

Work sponsored by Codeberg e.V.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit fcd0f61212d8febd4bdfc27e61a4e13cbdd16d49)
(cherry picked from commit 20d14f784490a880c51ca0f0a6a5988a01887635)
(cherry picked from commit 4359741431bb39de4cf24de8b0cfb513f5233f55)
(cherry picked from commit 35cff45eb86177e750cd22e82a201880a5efe045)
(cherry picked from commit 2fc0d0b8a302d24177a00ab48b42ce083b52e506)
2024-02-05 16:09:42 +01:00
Gergely Nagy
92f41d11dd
[GITEA] repo: Don't redirect the repo to external units
When displaying the repo home view, do not redirect to unit types that
can't be defaults (which, at the moment, are the external wiki and issue
tracker unit types).

If we'd redirect to those, that would mean that a repository with the
Code unit disabled, and an external issue tracker would immediately
redirect to the external issue tracker, making it harder to reach other,
non-external units of the repo.

Fixes #1965.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 44078e546022e25f5c805ef047fbc3b7c6075ec0)
(cherry picked from commit 1868dec2e4c2ba8e6807336e6dabd83e6138bcac)
(cherry picked from commit c3a8e9887092c8c089462a1cdb22a404aa11beb6)
(cherry picked from commit 9266b1916f1577075b0bf2ff14c7412cbd7cae43)
(cherry picked from commit 8fa5ff65af91c33df692a52457fe65e71c4bc3c1)
2024-02-05 16:09:42 +01:00
Gusted
abfc169fc8
[GITEA] Remove redundant syncBranchToDB
- The transaction in combination with Git push was causing deadlocks if
you had the `push_update` queue set to `immediate`. This was the root
cause of slow integration tests in CI.
- Remove the sync branch code as this is already being done in the Git
post-receive hook.
- Add tests to proof the branch models are in sync even with this code
removed.

(cherry picked from commit 90110e1f44a40837a6ef5b3979a6ed96bfd614be)
(cherry picked from commit a064065cb9a6e39597e38c37a405d066cfabf7f7)
(cherry picked from commit 7713e558eb6419a3a7d3f2d1beaa8062899490c8)

Conflicts:
	services/repository/branch.go
	https://codeberg.org/forgejo/forgejo/pulls/2068
(cherry picked from commit 3bb73e0813b46fd8b518a46d7499ee1c525bc434)
(cherry picked from commit c557540926826e82a118a085c3b510e072157cfe)
(cherry picked from commit 986be6171a3a34ebab60e757dafeee2e254765a1)
(cherry picked from commit 7a343877f1051773e21e9af7bfff26ad03d43f08)
(cherry picked from commit 51425500f2c44d5ef4deb7a4fe7909645e0fb569)
2024-02-05 16:09:42 +01:00
Gergely Nagy
1d8bca07f3
[GITEA] Configurable clone methods
Adds `[repository].DOWNLOAD_OR_CLONE_METHODS` (defaulting to
"download-zip,download-targz,download-bundle,vscode-clone"), which lets
an instance administrator override the additional clone methods
displayed on the repository home view.

This is purely display-only, the clone methods not listed here are still
available, unless disabled elsewhere. They're just not displayed.

Fixes #710.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2aadcf4946e48ee43800568fe705d00a062c42bf)
(cherry picked from commit 42ac34fbf9105eed27ee687b305a85515270f0cc)
(cherry picked from commit bd231b02450212aca6be775663c3d24ddf19f990)
(cherry picked from commit 3d3366dbbee37621fc665e557a4a87bf08104375)
(cherry picked from commit 0157fb9b88fd50832c07b06c11c8dba6e059a465)
(cherry picked from commit bee88f6a8309c6f9aeba1522383d77f08e5a4d2d)
2024-02-05 16:09:42 +01:00
Antonin Delpeuch
f3b298133e
[GITEA] pulls: "Edit File" button in "Files Changed" tab
Closes #1894.
Gitea issue: https://github.com/go-gitea/gitea/issues/23848

(cherry picked from commit 79c75164ca70937261b1d9a68420ebfdbdcfa4d4)
(cherry picked from commit 58c76aad8f624d7701e3fa6c12264328962cdf58)
(cherry picked from commit 5bdb3c6c53527da23ba76a8289ca6a81c6fcecdf)
(cherry picked from commit 94e954ce2248f14082f0c3071cc076c118c4a791)
(cherry picked from commit 1388e7c7bef7a34018b993c24b34e053849eb93a)
(cherry picked from commit 6a234abff532bfc8806e0cccf8c2d1d8c3e90c24)
2024-02-05 16:09:42 +01:00
Gergely Nagy
5eeccecafc
[GITEA] Optionally allow anyone to edit Wikis
This is largely based on gitea#6312 by @ashimokawa, with updates and
fixes by myself, and incorporates the review feedback given in that pull
request, and more.

What this patch does is add a new "default_permissions" column to the
`repo_units` table (defaulting to read permission), adjusts the
permission checking code to take this into consideration, and then
exposes a setting that lets a repo administrator enable any user on a
Forgejo instance to edit the repo's wiki (effectively giving the wiki
unit of the repo "write" permissions by default).

By default, wikis will remain restricted to collaborators, but with the
new setting exposed, they can be turned into globally editable wikis.

Fixes Codeberg/Community#28.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 4b744399229f255eb124c22e3969715046043209)
(cherry picked from commit 337cf62c1094273ab61fbaab8e7fb41eb6e2e979)
(cherry picked from commit b6786fdb3246a3a455b59149943807c1f13a028a)
(cherry picked from commit a5d2829a1027afd593fd855a8e2d7d7cd38234b8)

[GITEA] Optionally allow anyone to edit Wikis (squash) AddTokenAuth

(cherry picked from commit fed50cf72eaaa00ef1f4730f9b12a64a10b66113)
(cherry picked from commit 42c55e494e1018a210e54d405c15eec24a0b37c7)
(cherry picked from commit e3463bda47ffee4ab57efadfe5094f9401541cfd)
2024-02-05 16:09:42 +01:00
Gusted
33b1dec846
[GITEA] Fix NPE in UsernameSubRoute
- When the user is not found in `reloadparam`, early return when the
user is not found to avoid calling `IsUserVisibleToViewer` which in turn
avoids causing a NPE.
- This fixes the case that a 500 error and 404 error is shown on the
same page.
- Add integration test for non-existant user RSS.
- Regression by c6366089df

(cherry picked from commit f0e06962786ef8c417b0c6f07940c1909d3b91ba)
(cherry picked from commit 75d806690875a4fc38eb1e3c904096be34657011)
(cherry picked from commit 4d0a1e0637450865c7bbac69e42d92d63b95149c)
(cherry picked from commit 5f40a485da1b2c5f129f32e2ddc2065e3ba9ccd0)
(cherry picked from commit c4cb7812e39add6f7ff3d6f3f2d4e02c66435f0e)
(cherry picked from commit d31ce2f03d69cc784e53e921968c714986a7a4ef)
(cherry picked from commit cfebef4f82643d4be4dd89d277d9ebc9ca98a26e)
2024-02-05 16:09:41 +01:00
Gergely Nagy
d4fc0d2c5a
[GITEA] Allow changing the email address before activation
During registration, one may be required to give their email address, to
be verified and activated later. However, if one makes a mistake, a
typo, they may end up with an account that cannot be activated due to
having a wrong email address.

They can still log in, but not change the email address, thus, no way to
activate it without help from an administrator.

To remedy this issue, lets allow changing the email address for logged
in, but not activated users.

This fixes gitea#17785.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit aaaece28e4c6a8980cef932e224e84933d7c9262)
(cherry picked from commit 639dafabec0a5c1f943b44ca02f72c5ba2fc5e10)
(cherry picked from commit d699c12cebea7dbbda950ae257a46d53c39f22ea)

[GITEA] Allow changing the email address before activation (squash) cache is always active

This needs to be revisited because the MailResendLimit is not enforced
and turns out to not be tested.

See e7cb8da2a8 * Always enable caches (#28527)

(cherry picked from commit 43ded8ee30ab5c7a40a456600cdaa8a0fbdccec2)

Rate limit pre-activation email change separately

Changing the email address before any email address is activated should
be subject to a different rate limit than the normal activation email
resending. If there's only one rate limit for both, then if a newly
signed up quickly discovers they gave a wrong email address, they'd have
to wait three minutes to change it.

With the two separate limits, they don't - but they'll have to wait
three minutes before they can change the email address again.

The downside of this setup is that a malicious actor can alternate
between resending and changing the email address (to something like
`user+$idx@domain`, delivered to the same inbox) to effectively halving
the rate limit. I do not think there's a better solution, and this feels
like such a small attack surface that I'd deem it acceptable.

The way the code works after this change is that `ActivatePost` will now
check the `MailChangeLimit_user` key rather than `MailResendLimit_user`,
and if we're within the limit, it will set `MailChangedJustNow_user`. The
`Activate` method - which sends the activation email, whether it is a
normal resend, or one following an email change - will check
`MailChangedJustNow_user`, and if it is set, it will check the rate
limit against `MailChangedLimit_user`, otherwise against
`MailResendLimit_user`, and then will delete the
`MailChangedJustNow_user` key from the cache.

Fixes #2040.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e35d2af2e56f4ecb3a4f6d1109d02c8aa1a6d182)
(cherry picked from commit 03989418a70d3445e0edada7fbe5a4151d7836b1)
(cherry picked from commit f50e0dfe5e90d6a31c5b59e687580e8b2725c22b)
(cherry picked from commit cad9184a3653e6c80de2e006a0d699b816980987)
(cherry picked from commit e2da5d7fe13a685606913a131687a94f9f5fcfeb)
(cherry picked from commit 3a80534d4db523efe56b368489f81dc1cb2c99f7)
2024-02-05 16:09:41 +01:00
Earl Warren
06aae9ae72
[GITEA] GetScheduledMergeByPullID may involve a system user
Refs: https://codeberg.org/forgejo/forgejo/issues/1897
(cherry picked from commit ddc3c2255840d347afd13c272d2695c68196d6ef)
(cherry picked from commit a7fe969b93ffe00aa66942d04e66ddb4221cb5ad)
(cherry picked from commit 62bda95774ae0840652daf29f557b61650745ac1)
(cherry picked from commit 8149a822c797eb6c9ea648757261c0aba8f8d548)
(cherry picked from commit 9ed4e685ebd1a0c32d5550fd96f4f912fbd02c18)
(cherry picked from commit 4f072b4f80d86e41004a107b56d74476e39d0536)
(cherry picked from commit ca5924037b7d161e332709d01534d03e1c2bcf45)
(cherry picked from commit 88e2b47e29285a761dc08a31288af3dd146ac63b)
(cherry picked from commit 784f860cfa2d763e39551a84067a161db9ca3ddb)
2024-02-05 16:09:41 +01:00
Gergely Nagy
fa0759962b
[GITEA] allow viewing the latest Action Run on the web
Similar to how some other parts of the web UI support a `/latest` path
to directly go to the latest of a certain thing, let the Actions web UI
do the same: `/{owner}/{repo}/actions/runs/latest` will redirect to the
latest run, if there's one available.

Fixes gitea#27991.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit f67ccef1dd3146b0b942a94e2482b37595180e91)

Code cleanup in the actions.ViewLatest route handler

Based on feedback received after the feature was merged, use
`ctx.NotFound` and `ctx.ServerError`, and drop the use of the
unnecessary `ctx.Written()`.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 74e42da5630f9148faaf6b03bf1ac5724fa86b25)
(cherry picked from commit f7535a1cef96ce0589f37907f88b024cd095d0ac)
(cherry picked from commit 1a90cd37c31a1b9c770d6d79a4663ed8d67845c0)
(cherry picked from commit d86d71340afd372e5b5083d5563c2f5b48d975e6)
(cherry picked from commit 9e5cce1afccebcd6146e5e0d364bfdbb840b5276)
(cherry picked from commit 2013fb3fab5e23d0088434d835411f26a3fd9905)
(cherry picked from commit 88b9d21d1194abd133c3b4cbaa19792da433cb43)
(cherry picked from commit 72c020298eebcb0c90e23e7ff35e37be867afc44)
(cherry picked from commit 6525f730dfdd7cb412762d9e30348801335d17ee)
2024-02-05 16:09:41 +01:00
Gergely Nagy
ff00749191
[GITEA] new doctor check: fix-push-mirrors-without-git-remote (#1853)
This adds a new `doctor` check: `fix-push-mirrors-without-git-remote`. The new check looks for push mirrors that do not have their remotes configured in git. If automatic fixing is enabled, it will remove these push mirrors from the database.

The check is not run by default, and thus, must be invoked manually. It should be usable in a half-migrated state, too, and as such, fixes #1800.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1853
Co-authored-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Co-committed-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 9038e07ef35978336612588d68c1315179a45c73)
(cherry picked from commit b15bafcbc7d9033b0cc7b0fd888915b117e08d42)
(cherry picked from commit 93ba05a2dd9fdec46f337542cd5f22c8960ac55f)
(cherry picked from commit e418ea80822361e387b460c583592bbd83d4a39e)
(cherry picked from commit 321790a91ec8553d1b3668f606ebec762865dd17)
(cherry picked from commit f4e19d332392cb455b3b4e32e271f3e42302bbc8)
(cherry picked from commit 4d9923dee851a4046050761d3dd352f2f343f4fc)
(cherry picked from commit 049df69eda1ceb47f6e74c9a67e9ce5041e65c3b)

Conflicts:
	services/doctor/push_mirror_consistency.go
	https://codeberg.org/forgejo/forgejo/pulls/2214
(cherry picked from commit c79cba8d556320be0da7ca8324b39cd8930465bf)
(cherry picked from commit f3a3969c02cade7261a5f25c9e342800ccdf9111)
2024-02-05 16:09:41 +01:00
Gusted
75ce1e2ac1
[GITEA] Allow user to select email for file operations in Web UI
- Add a dropdown to the web interface for changing files to select which
Email should be used for the commit. It only shows (and verifies) that a
activated mail can be used, while this isn't necessary, it's better to
have this already in place.
- Added integration testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/281

(cherry picked from commit 564e701f407c0e110f3c7a4102bf7ed7902b815f)
(cherry picked from commit de8f2e03cc7d274049dd6a849b3d226968782644)
(cherry picked from commit 0182cff12ed4b68bd49ebc2b9951d9a29f7a36ca)
(cherry picked from commit 9c74254d4606febd702315c670db4fb6b14040a1)
(cherry picked from commit 2f0b68f821ae53dd12b496cc660353d5bf7cd143)
(cherry picked from commit 079b995d49ba7a625035fe9ec53741f6b0112007)
(cherry picked from commit 6952ea6ee3de8157d056c4381de7529de6eaef7b)
(cherry picked from commit 6c7d5a5d140152be80ec38a979a2a7b704ce653a)
(cherry picked from commit 49c39f0ed5a011b26f2e33f35811bb31fab3cf64)
(cherry picked from commit a8f9727388192c6c22b2f8cbbae15a96203ec3b6)
2024-02-05 16:09:41 +01:00
Loïc Dachary
21c4d844f3
[GITEA] test GET /{owner}/{repo}/comments/{id}/attachments
Refs: https://forgejo.org/2023-11-release-v1-20-5-1/#api-and-web-endpoint-vulnerable-to-manually-crafted-identifiers

(cherry picked from commit 888dda12cf9bc95f9ef85ba5a518cf40152e07ea)
(cherry picked from commit aceeca55da0c2e94f3e495c4a60148411a27c4ac)
(cherry picked from commit ab7e649668dfcabfb03e2a87c3c4641f8d2fa6ff)
(cherry picked from commit 7fb8598c7df683d701ca04d01d9ff52db1e39298)
(cherry picked from commit fb4961e2a5d6b249b0761cbabb80d68106764835)
(cherry picked from commit 9fe856a29a1e233d8cd15edcfd03847ca9b4c7d8)
(cherry picked from commit 6db21c013dd4003937532587471c2411622dd384)
(cherry picked from commit 72c84eb19c0ee6f7eaf13162991b79249e0d6ed7)
(cherry picked from commit 07ebc9761dc2633dbb3fea0b85abd047dcbec9e8)
(cherry picked from commit 0c8f4840022fcf521dc2264b8a2e8f9a9833b212)
(cherry picked from commit 25df7d89bc7d726b6d18d135f8cef281702b6267)
(cherry picked from commit 0f436a0d229164ce59cb563cf0d5a0607eaae3ed)
(cherry picked from commit 6109f8b6c10c7eb9bf1de7658867473ed5bb5069)
2024-02-05 16:09:41 +01:00
Loïc Dachary
3f71a0ef02
[GITEA] test POST /{username}/{reponame}/{type:issues|pulls}/move_pin
Refs: https://forgejo.org/2023-11-release-v1-20-5-1/#api-and-web-endpoint-vulnerable-to-manually-crafted-identifiers

(cherry picked from commit 52f50792606a22cbf1e144e1bd480984abf6f53f)
(cherry picked from commit 65b942fa1ee50f9098bebc8948d7924a5a4668fa)
(cherry picked from commit e140c5c983e3413dcfab45f5e522dfdc3feda26e)
(cherry picked from commit 4d108fa1cf07d2ecc7a482010e75f36140657dd4)
(cherry picked from commit 9430badc5c8245b287c6ec2ba9432324c2e95417)
(cherry picked from commit 1e67f4665d6be336c09446c8698830459aad3975)
(cherry picked from commit 992e0d3218bca7f4b0f1471e3d7d64b69c33bad8)
(cherry picked from commit 0e25ca17f39aac88fc20147e54d40ee76bc70cdd)
(cherry picked from commit 3c7d9769faf4287bfe9d7366fea3bfbce48d911c)

Conflicts:
	tests/integration/issue_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2119
(cherry picked from commit f6bdf76a1d45f1f100323d8e1a3749b24cf6d2d4)
(cherry picked from commit a5e527f87262722542097b69de72d96ca68cd2e6)
(cherry picked from commit be3f9a28a12c22c35fd6f95260902704a2e5b7bd)
(cherry picked from commit 836a95eab896aab6b3d9e5831186edce0f4cc7ce)
2024-02-05 16:09:41 +01:00
Loïc Dachary
efbe483057
[GITEA] test POST /{username}/{reponame}/{tags,release}/delete
Refs: https://forgejo.org/2023-11-release-v1-20-5-1/#api-and-web-endpoint-vulnerable-to-manually-crafted-identifiers

(cherry picked from commit 78dcbb62fe87abe044034d880c9e8c22b44c2c98)
(cherry picked from commit 6707c08c1791926060a7735529f1945650030257)
(cherry picked from commit 68da5a9cd82415caedac15a07e38206f7bd6fbde)
(cherry picked from commit c27fb08cb00f130870d6059a0ebb67b505a3c252)
(cherry picked from commit f15a2c558a74aaf954550c71974593bf012004db)
(cherry picked from commit 8eb3ae693922fdb65a185ee63703b866d10fa60a)
(cherry picked from commit d54d5952f25828e84f7024aae6e62d1a18b788ae)
(cherry picked from commit ce22d57485ed718612cd0e40979cc591a5e18126)
(cherry picked from commit bfc110ba3303b4d2664638712435cc8d47906da0)
(cherry picked from commit 1fb3d555d972ad72d257c7d00e71148c88926e5d)
(cherry picked from commit 859c2275db185df4b38be6d50a8b4886622ecfde)
(cherry picked from commit b21cf2567ae7395ba6815309dc192911b396d91c)
(cherry picked from commit 8b9d75974f61caebc37739f970e1b030daea0ebf)
2024-02-05 16:09:41 +01:00