This PR continues the work in #17125 by progressively ensuring that git
commands run within the request context.
This now means that the if there is a git repo already open in the context it will be used instead of reopening it.
Signed-off-by: Andrew Thornton <art27@cantab.net>
This PR contains multiple fixes. The most important of which is:
* Prevent hang in git cat-file if the repository is not a valid repository
Unfortunately it appears that if git cat-file is run in an invalid
repository it will hang until stdin is closed. This will result in
deadlocked /pulls pages and dangling git cat-file calls if a broken
repository is tried to be reviewed or pulls exists for a broken
repository.
Fix #14734
Fix #9271
Fix #16113
Otherwise there are a few small other fixes included which this PR was initially intending to fix:
* Fix panic on partial compares due to missing PullRequestWorkInProgressPrefixes
* Fix links on pulls pages due to regression from #17551 - by making most /issues routes match /pulls too - Fix #17983
* Fix links on feeds pages due to another regression from #17551 but also fix issue with syncing tags - Fix #17943
* Add missing locale entries for oauth group claims
* Prevent NPEs if ColorFormat is called on nil users, repos or teams.
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
This is an extensive PR attempting to fix these issues.
1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future.
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Report the correct number of pushes on the feeds
Since the number of commits in the Action table has been limited to 5
the number of commits reported on the feeds page is now incorrectly also
limited to 5. The correct number is available as the Len and this PR
changes this to report this.
Fix #16804
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update templates/user/dashboard/feeds.tmpl
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
The frontpage uses a rather strange method to obtain the commit's avatar
which I've overlooked earlier. I don't exactly understand how it works
but this change fixes the wrong default avatars by using the function
that was in previous use.
Also introduced a few constants for size an size increase factor.
Fixes: https://github.com/go-gitea/gitea/issues/13844
* Direct avatar rendering
This adds new template helpers for avatar rendering which output image
elements with direct links to avatars which makes them cacheable by the
browsers.
This should be a major performance improvment for pages with many avatars.
* fix avatars of other user's profile pages
* fix top border on user avatar name
* uncircle avatars
* remove old incomplete avatar selector
* use title attribute for name and add it back on blame
* minor refactor
* tweak comments
* fix url path join and adjust test to new result
* dedupe functions
* Escape more things that are passed through str2html
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Bloody editors!
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
* Update routers/user/oauth.go
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Use only first line of commit when creating referenced comment
* Update modules/repofiles/action.go
* Display first line only on feeds too
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
* Support unicode emojis and remove emojify.js
This PR replaces all use of emojify.js and adds unicode emoji support to various areas of gitea.
This works in a few ways:
First it adds emoji parsing support into gitea itself. This allows us to
* Render emojis from valid alias (😄)
* Detect unicode emojis and let us put them in their own class with proper aria-labels and styling
* Easily allow for custom "emoji"
* Support all emoji rendering and features without javascript
* Uses plain unicode and lets the system render in appropriate emoji font
* Doesn't leave us relying on external sources for updates/fixes/features
That same list of emoji is also used to create a json file which replaces the part of emojify.js that populates the emoji search tribute. This file is about 35KB with GZIP turned on and I've set it to load after the page renders to not hinder page load time (and this removes loading emojify.js also)
For custom "emoji" it uses a pretty simple scheme of just looking for /emojis/img/name.png where name is something a user has put in the "allowed reactions" setting we already have. The gitea reaction that was previously hard coded into a forked copy of emojify.js is included and works as a custom reaction under this method.
The emoji data sourced here is from https://github.com/github/gemoji which is the gem library Github uses for their emoji rendering (and a data source for other sites). So we should be able to easily render any emoji and :alias: that Github can, removing any errors from migrated content. They also update it as well, so we can sync when there are new unicode emoji lists released.
I've included a slimmed down and slightly modified forked copy of https://github.com/knq/emoji to make up our own emoji module. The code is pretty straight forward and again allows us to have a lot of flexibility in what happens.
I had seen a few comments about performance in some of the other threads if we render this ourselves, but there doesn't seem to be any issue here. In a test it can parse, convert, and render 1,000 emojis inside of a large markdown table in about 100ms on my laptop (which is many more emojis than will ever be in any normal issue). This also prevents any flickering and other weirdness from using javascript to render some things while using go for others.
Not included here are image fall back URLS. I don't really think they are necessary for anything new being written in 2020. However, managing the emoji ourselves would allow us to add these as a feature later on if it seems necessary.
Fixes: https://github.com/go-gitea/gitea/issues/9182
Fixes: https://github.com/go-gitea/gitea/issues/8974
Fixes: https://github.com/go-gitea/gitea/issues/8953
Fixes: https://github.com/go-gitea/gitea/issues/6628
Fixes: https://github.com/go-gitea/gitea/issues/5130
* add new shared function emojiHTML
* don't increase emoji size in issue title
* Update templates/repo/issue/view_content/add_reaction.tmpl
Co-Authored-By: 6543 <6543@obermui.de>
* Support for emoji rendering in various templates
* Render code and review comments as they should be
* Better way to handle mail subjects
* insert unicode from tribute selection
* Add template helper for plain text when needed
* Use existing replace function I forgot about
* Don't include emoji greater than Unicode Version 12
Only include emoji and aliases in JSON
* Update build/generate-emoji.go
* Tweak regex slightly to really match everything including random invisible characters. Run tests for every emoji we have
* final updates
* code review
* code review
* hard code gitea custom emoji to match previous behavior
* Update .eslintrc
Co-Authored-By: silverwind <me@silverwind.io>
* disable preempt
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Add ActionCommentPull action
Adds ActionCommentPull action to distinguish between a comment on an
issue and on a pull request
* Update modules/notification/action/action.go
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Update dashboard context for PR reviews
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update options/locale/locale_en-US.ini
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Only append head action if it has content or is approval/rejection
Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update options/locale/locale_en-US.ini
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
Adds a new key DEFAULT_SHOW_FULL_NAME (default false) to the [ui] section.
If enabled the full name will be shown (unless it's empty, then
the default username will be used)
* Make Ghost not link to 404 page
* Make correct localization label show
* Create and use GetLastEventLabelFake for when a Ghost user has made the action, thus not linking to a user profile
* Add corresponding _fake entries to locale_en-US
* Make Ghost avatar not link to 404 page
* Make Ghost on milestone_issues not link to 404 page
For each action that is displayed in either the public activity overview
of a user, or in the dashboard overview, the link to the username is now
extended with a title attribute to show the FullName as hover text
Signed-off-by: Guido Diepen <site-github@guidodiepen.nl>
* Viewport meta tag
* responsive: dashboard
* responsive: issues page
* responsive: Explore page
* responsive: navbar, and some navbar css refactoring
* responsive: button for collapsing navbar in mobile view
* Mark the hamburger button as active when pressed
* better homepage for responsive views
* Bring back jump class in navbar
The class was necessary, because this way the
dropdown doesn't assume the contents of the
selected item.
* make repository homes responsive
* Make file view page responsive
* Make forms look good on responsive views
* make commits and commit diff view responsive
* issues and PRs
* responsive wiki
* Don't place auto-init far off the page
* Minor changes to amend broken stuff
minor improvements
- make login/sign up in navbar stackable
- make navbar in explore and sign in not stackable
Change selected class in TestPullCompare
Fix typo that happened when rebasing
fix dashboard on org view
improve profile UI
Use clearing on file diff to fix broken UI caused by floating elements
remove unresolved merge conflict, and | Sanitize
Fix repo home not loading
* implemented missing 'delete' push webhooks
moreover created ActionDeleteBranch and ActionDeleteTag
* add CommitRepoAction tests for tag/branch creation/deletion
* fixed error where push webhook not called if is new branch or tag
removed unnecessary code
* moved prepare unit test environment into separate method to be used across unit tests
* add missing if clause in pushUpdate
Signed-off-by: David Schneiderbauer <dschneiderbauer@gmail.com>
We can look at the PushCommits object to see how many commits were
included in a commit, and add some template logic to only show the
comparison link when there are at least 2 commits in a push. We also
correct the link to display the number of commits.
This commit improves templates readability, since all of them use consistent
indent with all template command blocks indented too.
1. Indents both HTML containers such as <div>, <p> and Go HTML template blocks
such as {{if}} {{with}}
2. Cleans all trailing white-space
3. Adds trailing last line-break to each file