- Remove non base64-ed version of JWT secret generation. Because all
occurences need the Base64 version.
(cherry picked from commit 6a6b5a31a8e38cb953fcca1c8847ea219234f10c)
(cherry picked from commit 066b8ca6b40a7342352983de35f1ca6683927426)
This implements "repository flags", a way for instance administrators to
assign custom flags to repositories. The idea is that custom templates
can look at these flags, and display banners based on them, Forgejo does
not provide anything built on top of it, just the foundation. The
feature is optional, and disabled by default. To enable it, set
`[repository].ENABLE_FLAGS = true`.
On the UI side, instance administrators will see a new "Manage flags"
tab on repositories, and a list of enabled tags (if any) on the
repository home page. The "Manage flags" page allows them to remove
existing flags, or add any new ones that are listed in
`[repository].SETTABLE_FLAGS`.
The model does not enforce that only the `SETTABLE_FLAGS` are present.
If the setting is changed, old flags may remain present in the database,
and anything that uses them, will still work. The repository flag
management page will allow an instance administrator to remove them, but
not set them, once removed.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit ba735ce2228f8dd7ca105e94b9baa1be058ebe37)
(cherry picked from commit f09f6e029b4fb2714b86cd32dc19255078ecc0ee)
(cherry picked from commit 2f8b0414892f6099f519bda63a9e0fbc8ba6cfc7)
(cherry picked from commit d3186ee5f41fac896c7d2341402fcd39dd250bf1)
Adds a new `/{username}/{repo}/badges` family of routes, which redirect
to various shields.io badges. The goal is to not reimplement badge
generation, and delegate it to shields.io (or a similar service), which
are already used by many. This way, we get all the goodies that come
with it: different styles, colors, logos, you name it.
So these routes are just thin wrappers around shields.io that make it
easier to display the information we want. The URL is configurable via
`app.ini`, and is templatable, allowing to use alternative badge
generator services with slightly different URL patterns.
Additionally, for compatibility with GitHub, there's an
`/{username}/{repo}/actions/workflows/{workflow_file}/badge.svg` route
that works much the same way as on GitHub. Change the hostname in the
URL, and done.
Fixes gitea#5633, gitea#23688, and also fixes #126.
Work sponsored by Codeberg e.V.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit fcd0f61212d8febd4bdfc27e61a4e13cbdd16d49)
(cherry picked from commit 20d14f784490a880c51ca0f0a6a5988a01887635)
(cherry picked from commit 4359741431bb39de4cf24de8b0cfb513f5233f55)
(cherry picked from commit 35cff45eb86177e750cd22e82a201880a5efe045)
(cherry picked from commit 2fc0d0b8a302d24177a00ab48b42ce083b52e506)
Adds `[repository].DOWNLOAD_OR_CLONE_METHODS` (defaulting to
"download-zip,download-targz,download-bundle,vscode-clone"), which lets
an instance administrator override the additional clone methods
displayed on the repository home view.
This is purely display-only, the clone methods not listed here are still
available, unless disabled elsewhere. They're just not displayed.
Fixes #710.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2aadcf4946e48ee43800568fe705d00a062c42bf)
(cherry picked from commit 42ac34fbf9105eed27ee687b305a85515270f0cc)
(cherry picked from commit bd231b02450212aca6be775663c3d24ddf19f990)
(cherry picked from commit 3d3366dbbee37621fc665e557a4a87bf08104375)
(cherry picked from commit 0157fb9b88fd50832c07b06c11c8dba6e059a465)
(cherry picked from commit bee88f6a8309c6f9aeba1522383d77f08e5a4d2d)
The default license choice was not working as expected,
because both the files in options/license were named differently, and
the setting string is not parsed properly.
The documentation will also be corrected.
See conversation on Matrix:
https://matrix.to/#/%23forgejo-chat%3Amatrix.org/%24ue13GJPr2d7D8fEaLx8yh1mFn3a4TVy_khkajrAYtx0?via=matrix.tu-berlin.de&via=turbo.ooo&via=matrix.org&via=catgirl.cloud
(cherry picked from commit 450a34d08d6d00063e97c4e176cdfe0695367985)
(cherry picked from commit 2770af7044cc8e5e564318a0d733b43ec16bdde5)
(cherry picked from commit 0fadf41985917d629b18c0a822b6317fa618c841)
(cherry picked from commit 9c3aa1dbbd13f2670d76ea00c00fec3b9cbb0339)
(cherry picked from commit f8ecff84222163ba513e81244c37d78c47499922)
(cherry picked from commit 1e289375462e4ba24be5432d035fe5d149789c73)
(cherry picked from commit e566ffbb8de285c40c322744d48c32c17de93852)
(cherry picked from commit cf89ca48b66ba077e7fbcfb7c8a353574db63fac)
(cherry picked from commit e2897d15b45012fbdd77ce6c37527c50d7b12d40)
(cherry picked from commit 8b49f1195de14bf21ed3dd2d0e15369d183971f4)
Sends email with information on the new user (time of creation and time of last sign-in) and a link to manage the new user from the admin panel
closes: https://codeberg.org/forgejo/forgejo/issues/480
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1371
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net>
(cherry picked from commit c721aa828ba6aec5ef95459cfc632a0a1f7463e9)
(cherry picked from commit 6487efcb9da61be1f802f1cd8007330153322770)
Conflicts:
modules/notification/base/notifier.go
modules/notification/base/null.go
modules/notification/notification.go
https://codeberg.org/forgejo/forgejo/pulls/1422
(cherry picked from commit 7ea66ee1c5dd21d9e6a43f961e8adc71ec79b806)
Conflicts:
services/notify/notifier.go
services/notify/notify.go
services/notify/null.go
https://codeberg.org/forgejo/forgejo/pulls/1469
(cherry picked from commit 7d2d9970115c94954dacb45684f9e3c16117ebfe)
(cherry picked from commit 435a54f14039408b315c99063bdce28c7ef6fe2f)
(cherry picked from commit 8ec7b3e4484383445fa2622a28bb4f5c990dd4f2)
[GITEA] notifies admins on new user registration (squash) performance bottleneck
Refs: https://codeberg.org/forgejo/forgejo/issues/1479
(cherry picked from commit 97ac9147ff3643cca0a059688c6b3c53479e28a7)
(cherry picked from commit 19f295c16bd392aa438477fa3c42038d63d1a06a)
(cherry picked from commit 3367dcb2cf5328e2afc89f7d5a008b64ede1c987)
[GITEA] notifies admins on new user registration (squash) cosmetic changes
Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit 9f1670e040b469ed4346aa2689a75088e4e71c8b)
(cherry picked from commit de5bb2a224ab2ae9be891de1ee88a7454a07f7e9)
(cherry picked from commit 8f8e52f31a4da080465521747a2c5c0c51ed65e3)
(cherry picked from commit e0d51303129fe8763d87ed5f859eeae8f0cc6188)
(cherry picked from commit f1288d6d9bfc9150596cb2f7ddb7300cf7ab6952)
(cherry picked from commit 1db4736fd7cd75027f3cdf805e0f86c3a5f69c9d)
(cherry picked from commit e8dcbb6cd68064209cdbe054d5886710cbe2925d)
(cherry picked from commit 09625d647629b85397270e14dfe22258df2bcc43)
[GITEA] notifies admins on new user registration (squash) ctx.Locale
(cherry picked from commit dab7212fad44a252a1acf8da71b254b1a6715121)
(cherry picked from commit 9b7bbae8c4cd5dc4d36726f10870462c8985e543)
(cherry picked from commit f750b71d3db9a24dc2722effb8bbc2dded657cbb)
(cherry picked from commit f79af366796a8ab581bbfa1f5609dc721798ae68)
(cherry picked from commit e76eee334e446a45d841caf19a7c18eab89ca457)
[GITEA] notifies admins on new user registration (squash) fix locale
(cherry picked from commit 54cd100d8da37ccb0a545e2545995066f92180f0)
(cherry picked from commit 053dbd3d50d3c7d1afae8d31c25bda92ceb8f8c0)
[GITEA] notifies admins on new user registration (squash) fix URL
1. Use absolute URL in the admin panel link sent on new registrations
2. Include absolute URL of the newly signed-up user's profile.
New email looks like this:
<details><summary>Please click to expand</summary>
```
--153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset=UTF-8
User Information: @realaravinth ( http://localhost:3000/realaravinth )
----------------------------------------------------------------------
* Created: 2023-12-13 19:36:50 +05:30
Please click here ( http://localhost:3000/admin/users/9 ) to manage the use=
r from the admin panel.
--153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html; charset=UTF-8
<!DOCTYPE html>
<html>
<head>
<meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dutf-8">
<title>New user realaravinth just signed up</title>
<style>
blockquote { padding-left: 1em; margin: 1em 0; border-left: 1px solid gre=
y; color: #777}
.footer { font-size:small; color:#666;}
</style>
</head>
<body>
<ul>
<h3>User Information: <a href=3D"http://localhost:3000/realaravinth">@rea=
laravinth</a></h3>
<li>Created: <relative-time format=3D"datetime" weekday=3D"" year=3D"nume=
ric" month=3D"short" day=3D"numeric" hour=3D"numeric" minute=3D"numeric" se=
cond=3D"numeric" datetime=3D"2023-12-13T19:36:50+05:30">2023-12-13 19:36:50=
+05:30</relative-time></li>
</ul>
<p> Please <a href=3D"http://localhost:3000/admin/users/9" rel=3D"nofollow=
">click here</a> to manage the user from the admin panel. </p>
</body>
</html>
--153937b1864f158f4fd145c4b5d4a513568681dd489021dd466a8ad7b770--
```
</details>
fixes: https://codeberg.org/forgejo/forgejo/issues/1927
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1940
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net>
(cherry picked from commit b8d764e36a0cd8e60627805f87b84bb04152e9c1)
(cherry picked from commit d48b84f623e369222e5e15965f22e27d74ff4243)
Conflicts:
routers/web/auth/auth.go
https://codeberg.org/forgejo/forgejo/pulls/2034
(cherry picked from commit 02d3c125ccc97638849af33c7df315cbcb368127)
(cherry picked from commit 367374ecc3832bb47d29ff79370103f907d0ca99)
Conflicts:
models/user/user_test.go
https://codeberg.org/forgejo/forgejo/pulls/2119
(cherry picked from commit 4124fa5aa41c36b3ab3cc1c65d0e3d5e05ec4086)
(cherry picked from commit 7f12610ff63d4907631d8cddcd7a49ae6f6e1508)
[GITEA] notifies admins on new user registration (squash) DeleteByID
trivial conflict because of
778ad795fd Refactor deletion (#28610)
(cherry picked from commit 05682614e5ef2462cbb6a1635ca01e296fe03d23)
(cherry picked from commit 64bd374803a76c97619fe1e28bfc74f99ec91677)
(cherry picked from commit 63d086f666a880b48d034b129e535fcfc82acf7d)
(cherry picked from commit 3cd48ef4d53c55a81c97f1b666b8d4ba16a967c4)
Conflicts:
options/locale/locale_en-US.ini
https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 6578ec4ed64c8624bc202cefb18d67870eec1336)
Conflicts:
routers/web/auth/auth.go
https://codeberg.org/forgejo/forgejo/pulls/2300
- Databases are one of the most important parts of Forgejo, every
interaction with Forgejo uses the database in one way or another.
Therefore, it is important to maintain the database and recognize when
Forgejo is not doing well with the database. Forgejo already has the
option to log *every* SQL query along with its execution time, but
monitoring becomes impractical for larger instances and takes up
unnecessary storage in the logs.
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of Codeberg, monitoring SQL logs is not very fruitful and most of them are uninteresting. Recently, in the context of persistent deadlock issues (https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that certain queries hold locks on tables like comment and issue for several seconds. This patch helps to identify which queries these are and when they happen.
- Added unit test.
(cherry picked from commit 24bbe7886fb4cb9a38c8dab8c44f4c9cbfa25481)
(cherry picked from commit 6e29145b3c1455498531593d38e6a914941a12cb)
(cherry picked from commit 63731e30712872bd2395eb3cf36d9996e5793645)
(cherry picked from commit 3ce1a097369c132654de70df707b867e47bd1c40)
(cherry picked from commit a64426907de788cc0937a7a2b16af4d2f26f7fe6)
(cherry picked from commit 4b1921569156445c58d9889602733da5934c7b95)
(cherry picked from commit e6356744359fa947c049827d60c2ea0e277e03dc)
(cherry picked from commit 9cf501f1af4cd870221cef6af489618785b71186)
(cherry picked from commit 0d6b934eba1c0e9b27b364791113aae816b6b366)
(cherry picked from commit 4b6c2738795002887844a106f2fed2ef1673eed1)
(cherry picked from commit 89b1315338b0c7a726a36a84e9844013a13560b8)
(cherry picked from commit edd8e66ce991c395bb0af7720631c3cd26caaa51)
[GITEA] Add slow SQL query warning (squash) document the setting
(cherry picked from commit ce38599c5141c7fc6bc054819f5ff1c1b45bda1f)
(cherry picked from commit 794aa67c68c8e24ac7301eb7ef767c6e2499a78d)
(cherry picked from commit a4c2c6b004c21488e90f637ca7920f49108ed75d)
(cherry picked from commit 97912752bc802db79bb26a6591aec885aea30ee4)
(cherry picked from commit 00b5327c9750215a290238516e7b6fb1e6601e14)
(cherry picked from commit 1069c860e78c11225b4d74ff3044df7786562821)
(cherry picked from commit 84241f42c83852918b57c8bd25364697037fe42f)
(cherry picked from commit e4bda0e8457d00c01b83f153ed5a4a8ea4cf85c8)
(cherry picked from commit 7357fb91bff87045b133c3a7ac9fc70eea781bc4)
(cherry picked from commit a8dd7f6da278ae112200b5efa5bf27e3961f5996)
(cherry picked from commit e636e9f4beca7273dd8622baedb2f0c01db30449)
(cherry picked from commit bf04ae86037f5cb5a81d02750aead2742b040367)
(cherry picked from commit 93b19e3568169bd1cf9b8b78c1751c3d2d65a1b6)
(cherry picked from commit 83f91363ad071675c73a1f636271cc043bf69707)
(cherry picked from commit e34a05bc7319072b70d387975342d617b8136655)
(cherry picked from commit 68569aeee9805aaa8e98c6e7fe8058095e290061)
(cherry picked from commit 88d1b53eeaa0d5ad0ed54c191236db928aadedf0)
(cherry picked from commit f63f71afad2aa8272772dba919485c5e858d2fae)
(cherry picked from commit 1f774145fc731e2d93cf8a6708dbf4c15722fa5e)
(cherry picked from commit 53e637693bcbb9fe9daca9a296c9d2c700fc915b)
(cherry picked from commit 4974cbf10a8b51d51591fa6f6281f4cd7a415c91)
(cherry picked from commit 554bca7fae7fa6f0235ab631598115875711d80e)
(cherry picked from commit 61b8cf83b988a2d8547b81cfb7aaeefaf2e17fba)
(cherry picked from commit d8bcc6f68c6dc972e8c99eb7b46a4f096f85cd61)
(cherry picked from commit ee04c340724cccada2c71db45ec510d19e92e099)
(cherry picked from commit 713153a6d63205984f2a85ee07f08269df3b0a85)
(cherry picked from commit 4e18c4f8bb35b02494d75311986fadb87328d477)
(cherry picked from commit 32be9db12df3dea9c12bf803a5226b6ae8cd7b32)
(cherry picked from commit fd50e9b9b4d7cd804e57418056126ed2df9bec6a)
(cherry picked from commit 11717b864bf4d820305511cf22ec50f61604a770)
(cherry picked from commit b70f3e0fa5db9cd90c961138c1ab748aa5c6a4d8)
(cherry picked from commit 2d802b2963d18b28a85a82e01f7a7f18ab8c3192)
(cherry picked from commit f61e2f71e2d629cc4e480f9e61c9b383675da0ef)
(cherry picked from commit 31723651c96d3f20811540aad94878815795da15)
(cherry picked from commit 38f6f703a0dfb04a9d436c8c806f1be513c7ea3a)
(cherry picked from commit 75f6716905755cbe3d7e49d965ab81a47f625bb7)
(cherry picked from commit fed2b2daf5d44348a0096572e91708ac3db5e9c8)
(cherry picked from commit a9bafa50213a3a385ba3901b2730fb84149855cc)
(cherry picked from commit 8ce897b3fe918c5702d5c86d97f1703a1f266697)
(cherry picked from commit c806addcd07c6afb20d9aca833cfa9a33ac680a7)
(cherry picked from commit e70d51bd26b49de93b2fe012a4f03efbe6c97607)
(cherry picked from commit 57e597bf7e1e3bb3b7bcbcea66a4ea170a231f85)
(cherry picked from commit 643a2b0e81570e935779f6c509ebe4633fad74b9)
(cherry picked from commit f10faffb4febeef114d5be4e6abe57bd3cd72894)
(cherry picked from commit b440c5767eebdf406200e9a47446827778514425)
[TESTS] verify facts for the admin storage documentation (squash)
(cherry picked from commit d83d8ce57b8b39b4da849f5403198ecf706117ba)
(cherry picked from commit d8855ef27cd1b219184e95ce055bc6d84350ee26)
(cherry picked from commit 11230466ec0c1c4db1296cdd2ead74fc91a34491)
(cherry picked from commit b2cdd9d971b694fe32bab11f9ccdb41a38d7c6fe)
(cherry picked from commit a0a5e785241ac2c3a7493aa62637351021d48a39)
(cherry picked from commit 846413110fb936c386ba7fa80ff67e4394231464)
(cherry picked from commit 72b92d5a7854f5afbd949e0c6e53f3a4f5b72055)
(cherry picked from commit 7e039a9427d7a181ded17d653f49aa26679479e4)
(cherry picked from commit 227d42a1b69a1e542576ddc094d038de210183bb)
(cherry picked from commit 6488950a9b00b746c936fec41e6a9c59c4c02740)
(cherry picked from commit 0285c997749457cb6f67c5f3ca68e62721b53023)
(cherry picked from commit 0527bb20db0b22a1640f7d058399bc42ab8f9b98)
(cherry picked from commit b4d3fd43e314197f059830fe36d532888ef14c62)
(cherry picked from commit b45db6430024313f9530c1443d54630213f3b34b)
(cherry picked from commit 722ab376118847dca33ed5a47b6a41edda132b63)
(cherry picked from commit ff45632b42b1e5e741858a8f3bdb89a6d79cbe3e)
(cherry picked from commit 5144ae2aa7e1d903ecf6047902d9608cb6ae5500)
(cherry picked from commit f51438cd6888b9964c60369fecf64b727fe95ce1)
(cherry picked from commit 5ec304e5a178fb8c067b957233f54d8014df432f)
(cherry picked from commit 440b8c1af1d18f364f290fa385274d821b04c131)
(cherry picked from commit e5bbc626c1228a810bc8d6830cc5a3ee00d1baab)
(cherry picked from commit a996fe0fe4593d2f0432cbd8500f91cbbb011bb2)
(cherry picked from commit b7fe7cf401f4bddd6455efc651f7ac054f3fe1cf)
(cherry picked from commit cf339eed4f4851b18448dbdd83df32d00bc6f45b)
(cherry picked from commit 4f3a16168bbeced519a60c32e10e2895d9367238)
(cherry picked from commit 6f5bbc53fcebd614f5ee8627c7d6e3c637ffa694)
(cherry picked from commit aca42b422e76668387769c15868ef77b073bb7db)
(cherry picked from commit 5a7f7580e525694d1f27e12329c8532bd29273f8)
(cherry picked from commit 06c383c807ad49e1e35b429a10c6a11c65aeebe5)
(cherry picked from commit fe831dcb53b81b6cc632be751bfcbfb9bc00efd3)
(cherry picked from commit cd12cd0dbce47c6117ea579ae5019c182155b3a9)
(cherry picked from commit cc79163703ce31706c86b88c38fb8a20ed745e20)
(cherry picked from commit 0102a5715ea6a03b560cc2f0b6cbe2b2576c255e)
(cherry picked from commit 403f7520b3056eace36eae505afbab6a05f597b7)
(cherry picked from commit a3b61510a246f61c174ddc3c288e556522a6aab9)
(cherry picked from commit f83f0f9feb76a8b62ca4d74dc2785c713fbec282)
(cherry picked from commit fd1c3a6d09a057070844cd955d0920518e60f408)
(cherry picked from commit f7cdc3d6f1ad1ff01bb1814207fcb41210db80e8)
(cherry picked from commit 060121b644e0515a6b673cdd514d52e6fa1e6ec3)
(cherry picked from commit 62c847ff0235196e73e860d0d1658f0734985270)
(cherry picked from commit 4d051b51c2813828b978ef84b6b72c0ba051741b)
(cherry picked from commit 86e6981a936b1937065605892083b2488424bf5e)
(cherry picked from commit c1fc9e441b1467033911f3848f82a89aaacf98a9)
(cherry picked from commit 8bb2f0871a507d881acf74acf8fb90fd5ebff567)
(cherry picked from commit 0cd9fe52511ee06f1b8849325d196f60d8ccd151)
(cherry picked from commit b0b44778b4d3e51852d0669dfe6d9a6c334b90e4)
(cherry picked from commit 7c2f4f749f1c8986875eebf95254a3db151e5248)
Follow-up to d58c542579 for Forgejo.
By default, Gitea does not select any map service that can be used
to introduce a 'Show this place on a map' button in the location
field of a user profile. Before I tried upstreaming this change to
Gitea, this was the case in Forgejo. This patch essentially recovers
this functionality, which is nice for public-facing instances and
communities.
Links to original PRs:
- https://codeberg.org/forgejo/forgejo/pulls/1076
- https://github.com/go-gitea/gitea/pull/26214
(cherry picked from commit bb187d5f617f8efceb41810d6ff9adcaa60450bb)
(cherry picked from commit ce02ef9078a8731921caa4f7b0c1b0ac3b59a784)
(cherry picked from commit 6b75c40e2575e23810880ee8e368dc1781e2b4e4)
(cherry picked from commit 6bc8e9f5737f5721ddcd1ef5926a778a7f66a4a3)
(cherry picked from commit 063f8afdf7c2cca014c60dcc3d78d270fd236f8f)
(cherry picked from commit c5cc736b72e1ba980519e9258686f41e4eb78b42)
(cherry picked from commit 7b1bb4bedc6196fb6e8516d9a34092b16d7fab05)
(cherry picked from commit 2a022dceb4b391e2fc25b077193ae22a71380eee)
(cherry picked from commit a946c142d2448cb92daaea11851cf7f00921f062)
(cherry picked from commit 8a4ea0c7ab8960f41a67442fa2f485fe0a901a96)
(cherry picked from commit 37bfb05b34e61194afe407acac5778258315b756)
(cherry picked from commit 12fbbb1754a1a836f6923431e47a5de95aec6b2e)
(cherry picked from commit abe9de2cd91d7c5f176ceddff20ce194439703c4)
(cherry picked from commit 84db57871785d84c2a32edc22f769821b3bec961)
(cherry picked from commit 1beab7af463727ede3b2cc577696f8223fca78d1)
(cherry picked from commit 8779d505f2ab738e24503f74dd7bb6dfc8187996)
(cherry picked from commit 21a788f2eb549a494d52ab23a47533d9a7534ee6)
(cherry picked from commit a7cc6d168772e13bcf0808da14ff1ddf9baa64b2)
(cherry picked from commit 25f840379f19e0b90e69078e6c09a3c36fdf13ac)
(cherry picked from commit 0db65f11224f030877e5279b85af4b9e3e975ca7)
(cherry picked from commit 0e08cbc854cc1561101f1efe68de1d0860f7c905)
(cherry picked from commit 57de51db8d965a6c5a90477f58d2600fa3e7feda)
(cherry picked from commit 5ab3dcabb1461f4453f58718c6802baeffff06c9)
(cherry picked from commit 7b5ad0c13b44a705320965414bb4b366cb5a2a10)
(cherry picked from commit adf449a11595e0f16e6aceaeb0e7bfa277a6c333)
(cherry picked from commit 77aa18227e9f5d675ddae6b9f058f664b0d30795)
Renames it to `ENABLED` to be consistent with other settings and
deprecates it.
I believe this change is necessary because other setting groups such as
`attachment`, `cors`, `mailer`, etc. have an `ENABLED` setting, but
`oauth2` is the only one with an `ENABLE` setting, which could cause
confusion for users.
This is no longer a breaking change because `ENABLE` has been set as
deprecated and as an alias to `ENABLED`.
Sometimes you need to work on a feature which depends on another (unmerged) feature.
In this case, you may create a PR based on that feature instead of the main branch.
Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted.
Automatic target branch change make life a lot easier in such cases.
Github and Bitbucket behave in such way.
Example:
$PR_1$: main <- feature1
$PR_2$: feature1 <- feature2
Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen.
This is both annoying and loses the review history when you open a new PR.
With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted.
This behavior is enabled by default but can be disabled.
For security reasons, this target branch change will not be executed when merging PRs targeting another repo.
Fixes #27062
Fixes #18408
---------
Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
Mainly for MySQL/MSSQL.
It is important for Gitea to use case-sensitive database charset
collation. If the database is using a case-insensitive collation, Gitea
will show startup error/warning messages, and show the errors/warnings
on the admin panel's Self-Check page.
Make `gitea doctor convert` work for MySQL to convert the collations of
database & tables & columns.
* Fix #28131
## ⚠️ BREAKING ⚠️
It is not quite breaking, but it's highly recommended to convert the
database&table&column to a consistent and case-sensitive collation.
The CORS code has been unmaintained for long time, and the behavior is
not correct.
This PR tries to improve it. The key point is written as comment in
code. And add more tests.
Fix #28515
Fix #27642
Fix #17098
Nowadays, cache will be used on almost everywhere of Gitea and it cannot
be disabled, otherwise some features will become unaviable.
Then I think we can just remove the option for cache enable. That means
cache cannot be disabled.
But of course, we can still use cache configuration to set how should
Gitea use the cache.
## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example:
```
HTTP/1.1 200 OK
...
Warning: token and access_token API authentication is deprecated
...
```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`
## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed
## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)
---------
Co-authored-by: delvh <dev.lh@web.de>
This patchset changes the connection string builder to use net.URL and
the host/port parser to use the stdlib function for splitting host from
port. It also adds a footnote about a potentially required portnumber
for postgres UNIX sockets.
Fixes: #24552
This PR adds a prefix path for all minio storage and override base path
will override the path.
The previous behavior is undefined officially, so it will be marked as
breaking.
Closes #27455
> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
>
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.
The PR removes the now obsolete setting `COOKIE_USERNAME`.
Fix #27541
The INI package has a quirk: by default, the keys are inherited.
When maintaining the keys, the newly added sub key should not be
affected by the parent key.
Part of https://github.com/go-gitea/gitea/issues/27097:
- `gitea` theme is renamed to `gitea-light`
- `arc-green` theme is renamed to `gitea-dark`
- `auto` theme is renamed to `gitea-auto`
I put both themes in separate CSS files, removing all colors from the
base CSS. Existing users will be migrated to the new theme names. The
dark theme recolor will follow in a separate PR.
## ⚠️ BREAKING ⚠️
1. If there are existing custom themes with the names `gitea-light` or
`gitea-dark`, rename them before this upgrade and update the `theme`
column in the `user` table for each affected user.
2. The theme in `<html>` has moved from `class="theme-name"` to
`data-theme="name"`, existing customizations that depend on should be
updated.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
This pull request is a minor code cleanup.
From the Go specification (https://go.dev/ref/spec#For_range):
> "1. For a nil slice, the number of iterations is 0."
> "3. If the map is nil, the number of iterations is 0."
`len` returns 0 if the slice or map is nil
(https://pkg.go.dev/builtin#len). Therefore, checking `len(v) > 0`
before a loop is unnecessary.
---
At the time of writing this pull request, there wasn't a lint rule that
catches these issues. The closest I could find is
https://staticcheck.dev/docs/checks/#S103
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
This PR reduces the complexity of the system setting system.
It only needs one line to introduce a new option, and the option can be
used anywhere out-of-box.
It is still high-performant (and more performant) because the config
values are cached in the config system.
With this PR we added the possibility to configure the Actions timeouts
values for killing tasks/jobs.
Particularly this enhancement is closely related to the `act_runner`
configuration reported below:
```
# The timeout for a job to be finished.
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
timeout: 3h
```
---
Setting the corresponding key in the INI configuration file, it is
possible to let jobs run for more than 3 hours.
Signed-off-by: Francesco Antognazza <francesco.antognazza@gmail.com>
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.
And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.
![image](https://github.com/go-gitea/gitea/assets/2114189/7bc9a859-dcc1-467d-bc7c-1dd6a10389e3)
This feature was removed by #22219 to avoid possible CSRF attack.
This PR takes reverseproxy auth for API back but with default disabled.
To prevent possbile CSRF attack, the responsibility will be the
reverseproxy but not Gitea itself.
For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`,
they should know what they are doing.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:
- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.