Commit graph

11270 commits

Author SHA1 Message Date
KN4CK3R
40aca73347
Fix migration context data (#14910)
* Unified context data.

* Changed method name.
2021-03-07 20:21:09 +01:00
zeripath
9b261f52f0
Add SameSite setting for cookies (#14900)
Add SameSite setting for cookies and rationalise the cookie setting code. Switches SameSite to Lax by default. 

There is a possible future extension of differentiating which cookies could be set at Strict by default but that is for a future PR.

Fix #5583

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-07 08:12:43 +00:00
zeripath
beed5476e2
Prevent panic when empty MilestoneID in repo/issue/list (#14911)
This PR adds a simple check to only test the MilestoneID if it is not empty.

Fix #14906

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-07 10:25:54 +08:00
GiteaBot
4ba8572361 [skip ci] Updated licenses and gitignores 2021-03-07 00:12:31 +00:00
zeripath
a68db9076a
Fix race in LFS ContentStore.Put(...) (#14895)
Continuing on from #14888

The previous implementation has race whereby an incomplete upload or
hash mismatch upload can end up in the ContentStore. This PR moves the
validation into the reader so that if there is a hash error or size
mismatch the reader will return with an error instead of an io.EOF
causing the storage to abort the storage.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-06 20:21:56 +00:00
Lunny Xiao
5ccf8b6430
Fix issue search with db indexer because of mysql 5.7 sqlmode (#14907)
* Fix sqlmode bug

* distinct is necessary
2021-03-06 23:11:12 +08:00
Lunny Xiao
f4efa10f77
Hide resync all ssh principals when using internal ssh server (#14904)
Co-authored-by: 6543 <6543@obermui.de>
2021-03-06 15:32:08 +08:00
zeripath
20f13bfdfc
Fix a couple of issues with a feeds (#14897)
@CirnoT spotted a couple of issues with feeds on discord.

This PR fixes both of these.
2021-03-06 05:09:49 +01:00
GiteaBot
fd4b309c6f [skip ci] Updated translations via Crowdin 2021-03-06 00:12:35 +00:00
John Olheiser
f1da46622e
Signed-off-by: jolheiser <john.olheiser@gmail.com> (#14898) 2021-03-05 21:00:15 +00:00
Lunny Xiao
9db590f2ee
Fix bug when combine label comments (#14894)
* Fix bug when combine label comments

* Added some code comments

* More comments
2021-03-05 16:17:32 +01:00
zeripath
144cfe5720
Fix race in local storage (#14888)
LocalStorage should only put completed files in position

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-05 14:19:17 +01:00
Lunny Xiao
7525450232
When transfering repository and database transaction failed, rollback the renames (#14864)
Fix #14821

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-05 03:28:52 +01:00
Norwin
0a8a3ab0f5
Show private heatmap on profile to self & admins (#14881)
followup to #14080
2021-03-04 23:59:13 +01:00
6543
11229ca539
IsUserAllowedToUpdate ignore igonre if user is nil (#14885) 2021-03-04 19:27:54 +01:00
6543
8ac1367718
[Docs] Fix how lfs data path is set (#14855)
* fix docs: lfs data path

* DEPRECATED note

* 已废弃

* better english sentence

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-03-04 18:01:44 +01:00
6543
1d18b76e0e
Add changelog for v1.13.3 (#14877) (#14883)
* Add changelog for v1.13.3 (#14877)

Add changelog for v1.13.3

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>

* Update Docs

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
2021-03-04 10:00:23 -05:00
a1012112796
a5279b74b6
Make manual merge autodetection optional and add manual merge as merge method (#12543)
* Make auto check manual merge as a chooseable mod and add manual merge way on ui

as title, Before this pr, we use same way with GH to check manually merge.
It good, but in some special cases, misjudgments can occur. and it's hard
to fix this bug. So I add option to allow repo manager block "auto check manual merge"
function, Then it will have same style like gitlab(allow empty pr). and to compensate for
not being able to detect THE PR merge automatically, I added a manual approach.

Signed-off-by: a1012112796 <1012112796@qq.com>

* make swager

* api support

* ping ci

* fix TestPullCreate_EmptyChangesWithCommits

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Apply review suggestions and add test

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* fix build

* test error message

* make fmt

* Fix indentation issues identified by @silverwind

Co-authored-by: silverwind <me@silverwind.io>

* Fix tests and make manually merged disabled error on API the same

Signed-off-by: Andrew Thornton <art27@cantab.net>

* a small nit

* fix wrong commit id error

* fix bug

* simple test

* fix test

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-03 22:41:23 -05:00
zeripath
523efa433b
Move Bleve and Elastic code indexers to use a common cat-file --batch (#14781)
* Extract out the common cat-file batch calls

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Move bleve and elastic indexers to use a common cat-file --batch when indexing

Signed-off-by: Andrew Thornton <art27@cantab.net>

* move catfilebatch to batch_reader and rename to batch_reader.go

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-03 21:57:01 -05:00
zeripath
0044e80491
Add CORS config on to /login/oauth/access_token endpoint (#14850)
Fix #7204

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-04 03:25:30 +02:00
zeripath
59d1cc49f1
Fix paging of file commit logs (#14831)
Unfortunately `git log revision ... --skip=x -- path` skips the number of commits
not the number of commits relating to the path.

This PR changes the function to have a reader that reads and skips the
necessary number of commits by hand instead.

Fix #8716

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-04 02:48:19 +02:00
zeripath
0bdeb2b302
Add missing repo.projects unit into swagger (#14876)
Fix #14875

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-03 23:44:30 +01:00
GiteaBot
b2986ab8b2 [skip ci] Updated translations via Crowdin 2021-03-03 00:12:35 +00:00
Norwin
a050de8db3
Handle urls with trailing slash (#14852) 2021-03-02 17:23:36 +01:00
zeripath
def964e57f
Make searching issues by keyword case insensitive on DB (#14848)
Most DBs apart from SQLite will use a default Collation that is not case insensitive.
This means that SearchIssuesByKeyword becomes case sensitive for db indexing - in
contrast to the bleve and elastic indexers.

This PR simply uses UPPER(...) to do the LIKE - and although it may be more efficient
to change collations this would be a non-trivial task.

Fix #13663

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-02 14:07:01 +01:00
GiteaBot
f878c8231f [skip ci] Updated translations via Crowdin 2021-03-02 00:12:37 +00:00
zeripath
f0e15250b9
Migrate to use jsoniter instead of encoding/json (#14841)
* Migrate to use jsoniter

* fix tests

* update gitea.com/go-chi/binding

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-01 22:08:10 +01:00
zeripath
59fd641d1f
When Deleting Repository only explicitly close PRs whose base is not this repository (#14823)
When Deleting Repository only explicitly close PRs whose base is not this repository

Fix #14775

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-01 18:39:44 +01:00
Paweł Bogusławski
85e6e07346
Organization removal confirmation using name not password (#14738)
* Organization removal confirmation using name not password

Gitea is asking for user password to confirm organization
removal so this operation cannot be done in systems with
SSO authentication (where no user passwords are used).

This mod changes the way gitea confirms organization
removal - user must enter organization name (not user
password) to confirm operation (similar to repository
removal confirmation).

Author-Change-Id: IB#1107219

* Translation removed

Translation removed from PR - will be restored using Crowdin
after pull got merged.

Fixes: 95ddcdd8bd8097a952894556d42641d5ec269288
Related: https://github.com/go-gitea/gitea/pull/14738
Author-Change-Id: IB#1107219
2021-03-01 16:33:05 +02:00
a1012112796
6cf97df9fd
remove duplicate define of CheckAttribute() (#14837)
Signed-off-by: a1012112796 <1012112796@qq.com>
2021-03-01 14:14:17 +02:00
techknowlogick
faf775c552
drone workspace path 2021-02-28 23:57:58 -05:00
techknowlogick
1e95b389c0
drone workspace base 2021-02-28 23:25:09 -05:00
techknowlogick
d801a158c5
use gomod support w/ xgo (#14836) 2021-03-01 11:43:55 +08:00
6543
a4148c0f12
Repository transfer has to be confirmed, if user can not create repo for new owner (#14792)
* make repo as "pending transfer" if on transfer start doer has no right to create repo in new destination

* if new pending transfer ocured, create UI & Mail notifications
2021-03-01 01:47:30 +01:00
GiteaBot
e0900310c4 [skip ci] Updated translations via Crowdin 2021-03-01 00:12:52 +00:00
techknowlogick
47f6a4ec3f
go1.16 (#14783) 2021-02-28 18:08:33 -05:00
zeripath
030646eea4
Set HCaptchaSiteKey on Link Account pages (#14834)
When using HCaptcha on link account pages the site key needs to be passed
in. This PR ensures that HCaptchaSiteKey is set in the data.

Fix #14766

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-28 17:04:15 -05:00
a1012112796
83cf1a894e
Create tag on ui (#13467)
Support create single tag directly

support create tag with message from create release ui

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2021-02-28 19:57:45 +00:00
Jimmy Praet
3e652860bb
All organization members should be assignable as reviewer (#14262)
For public repos, all organization members should be assignable as reviewer

Co-authored-by: zeripath <art27@cantab.net>
2021-02-28 18:24:00 +00:00
a1012112796
5de76965a1
add preview support for wiki editor when disable simpleMDE (#14757)
Signed-off-by: a1012112796 <1012112796@qq.com>
2021-02-28 16:48:29 +00:00
6543
dc081959db
Fix issue/pul sidebar (#14826) 2021-02-28 15:05:55 +01:00
zeripath
cf29cb30d3
Prevent use of double sub-path and incorrect asset path in manifest (#14827)
MakeAbsoluteAssetURL should just url join the static url prefix on to appurl
if it is not an absolute path - this is because StaticURLPrefix is an absolute
prefix not a relative prefix to the app sub url.

Fix #14422

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-02-28 12:29:22 +00:00
a1012112796
2e8ce1eaed
Remove pt-pt from doc config file (#14830)
Because it not has any content now. It's not necessary to
show this link on the footer.

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-02-28 11:46:21 +01:00
6543
b4b4d765f3
Fix missleading sentence (#14829) 2021-02-28 07:54:12 +00:00
GiteaBot
4e7e3bd4bf [skip ci] Updated licenses and gitignores 2021-02-28 00:43:14 +00:00
zeripath
3d8b5ad5f3
Fix a couple of CommentAsPatch issues. (#14804)
* CutDiffAroundLine makes the incorrect assumption that `---` and `+++` always represent part of the header of a diff.

This PR adds a flag to its parsing to prevent this problem and adds a streaming parsing technique to CutDiffAroundLine using an io.pipe instead of just sending data to an unbounded buffer.

Fix #14711

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle unquoted comment patch files

When making comment patches unfortunately the patch does not always quote the filename
This makes the diff --git header ambiguous again.

This PR finally adds handling for ambiguity in to parse patch

Fix #14812

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add in testing for no error

There is no way currently for CutDiffAroundLine in this test to cause an
error however, it should still be tested.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-02-27 19:46:14 +01:00
KN4CK3R
904a26c57c
Add Image Diff options in Pull Request Diff view (#14450)
Implemented GitHub style image diff
2021-02-27 18:25:00 +01:00
GiteaBot
42118c6bc8 [skip ci] Updated translations via Crowdin 2021-02-27 00:19:24 +00:00
zeripath
50208e903a
Disable broken OAuth2 providers at startup (#14802)
Instead of causing a log.Fatal, we should handle broken OAuth2
providers by disabling them.

Fix #8930

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-02-25 22:20:58 -05:00
GiteaBot
97e5a1d7b3 [skip ci] Updated translations via Crowdin 2021-02-26 00:19:27 +00:00