For security reasons, scoping access to a redis server via ACL rules is
a good practice. Some parts of the codebase handles prefix like cache[^1]
and session[^2], but the queue module doesn't.
This patch adds this missing functionality to the queue module.
Note about relevant test:
I tried to keep the PR as small as possible (and reasonable), and not
change how the test runs. Updated the existing test to use the same
redis address and basically duplicated the test with the extra flag. It
does NOT test if the keys are correct, it ensures only it works as
expected. To make assertions about the keys, the whole test has to be
updated as the general wrapper doesn't allow the main test to check
anything provider (redis) specific property. That's not something I
wanted to take on now.
[^1]: e4c3c039be/modules/cache/cache_redis.go (L139-L150)
[^2]: e4c3c039be/modules/session/redis.go (L122-L129)
Signed-off-by: Victoria Nadasdi <victoria@efertone.me>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3836
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Victoria Nadasdi <victoria@efertone.me>
Co-committed-by: Victoria Nadasdi <victoria@efertone.me>
Previously, if no branch was explicitly specified for a workflow, it
defaulted to the default branch of the repo. This worked fine for
workflows that were triggered on push, but it prevented showing badges
for workflows that only run on tags, or on schedule - since they do not
run on a specific branch.
Thus, relax the conditions, and if no branch is specified, just return
the latest run of the given workflow. If one is specified, *then*
restrict it to said branch.
Fixes #3487.
Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
Current package registry for RubyGems does not work with Bundler, because it implements neither the [compact index](https://guides.rubygems.org/rubygems-org-compact-index-api/) or the [dependency API](https://guides.rubygems.org/rubygems-org-api/). As a result, bundler complains about finding non-existing dependencies when installing anything with dependency: `revealed dependencies not in the API or the lockfile`.
This patch provides a minimal implementation for the compact index API to solve this issue. Specifically, we implemented a version that does not cache the results / do incremental updates; which is consistent with the current implementation.
Testing:
* Modified existing integration tests.
* Manually Verified bundler is able to parse the served versions / info file.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3811
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Haoyuan (Bill) Xing <me@hoppinglife.com>
Co-committed-by: Haoyuan (Bill) Xing <me@hoppinglife.com>
This commit changes the code that deletes a runner so it updates the UUID before deleting the record. The new UUID is set to 8 0xff bytes followed by a little endian version of the record's numeric ID. Such UUIDs cannot be created from tokens when registering runners, as the first 16 bytes of the token are in the `[0-9a-f]` range. This should prevent deleted runners from colliding with new records if the tokens share the same first 16 characters.
It is a possible solution to issue #3828
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3830
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Emmanuel BENOÎT <tseeker@nocternity.net>
Co-committed-by: Emmanuel BENOÎT <tseeker@nocternity.net>
Fix #3638
This is a manual Forgejo-specific version of the Gitea PR https://github.com/go-gitea/gitea/pull/30862. The weekly Forgejo PR #3772 could not cherry-pick this commit due to conflicts (eg subsequent CodeSpell changes).
Only occurs with Webkit in Safari over eg `http://192..`. (not localhost).
See https://webkit.org/blog/10855/async-clipboard-api/
---
**Before**
![Before.jpg](/attachments/c570d030-fcce-48ea-ac96-06b624541c7b)
**After**
![After.jpg](/attachments/1a9132ab-f7f3-43a5-b3ea-37b6f2b671c4)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3805
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: David Davies-Payne <d2p@me.com>
Co-committed-by: David Davies-Payne <d2p@me.com>
This fixes that titles of project columns can overflow and push the
action menu out of the card, so that interaction is no longer possible.
Fixes #3717
One part of https://codeberg.org/forgejo/forgejo/pulls/3316, though it may have a little more files touched because I re-created the changes.
> Removed HTML `<title>` part in `<head>` that was present inconsistently in these emails. It doesn't appear to be used by other websites. After all, these are emails, not webpages.
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3810
Reviewed-by: Otto <otto@codeberg.org>
This was [implemented](022820103d) almost 10 years ago in Gogs.
It was using `readonly` attribute instead of `disabled` on checkbox which was doing nothing. According to [MDN](https://developer.mozilla.org/en-US/docs/Web/HTML/Attributes/readonly), `readonly` attribute is not applicable to checkbox inputs. This bug was reported by mrwusel in Matrix room.
Fork page that has similar UI feature did not have this bug.
- replace `readonly` with `disabled`
- do not put info about the restriction directly into the checkbox title
### Before
![image](/attachments/6adaf1a3-6e28-416a-ac85-aa6e570e438d)
### After
![image](/attachments/3590b02b-3c83-4864-bae8-ff1a6a56b2b0)
### In other case
![image](/attachments/7f49d84d-5b3a-43a1-b09c-fb6089c1fb5e)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3786
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Enable
[`declaration-block-no-redundant-longhand-properties`](https://stylelint.io/user-guide/rules/declaration-block-no-redundant-longhand-properties/)
and autofix issues. The exclusions are because I find these two
shorthands to be harder to read.
(cherry picked from commit 46b7004f050bd2fdaf9800794cf2c1e9eeb08d51)
Signed-off-by: Beowulf <beowulf@beocode.eu>