Commit graph

1354 commits

Author SHA1 Message Date
Earl Warren
e20cd83bc5
[BRANDING] add the forgejo webhook type & update webhook docs URLs
templates/swagger/v1_json.tmpl updated with `make generate-swagger`

(cherry picked from commit 88899c492efeedd138ba088a36b9c0bc733ead7b)
(cherry picked from commit 7171bd9617c32c4911e3bdbc23c02a19e80d2465)
(cherry picked from commit 1a742446c17aef9ca62fe75bfc0a388d40138154)
(cherry picked from commit d7c189d7b2f9fea299a31adf068db969920ae39d)

Conflicts:
	routers/web/web.go
(cherry picked from commit cbdea868e41fb38ca491f8b449c3e525ec82d6b9)
(cherry picked from commit 6cd150483b06e17aee023c0afd01a3f2460b3415)
(cherry picked from commit 47246da8d3f50a02d11b77b3d402618b144aa720)
(cherry picked from commit f2aa0e6b769d432e627798bcf294b04b7d253213)
(cherry picked from commit 5a4fc69a16de8d6199ea24198299297ef7a3587b)
(cherry picked from commit 48e444ca09c22f930514a01846b0c8bc3cef35ab)
(cherry picked from commit 888e53781175d8d977f66d78991bd66563fcddfb)
(cherry picked from commit 5121f493c99f19d8050aa09224ac3532b4100ec7)
(cherry picked from commit 9394e55fdf80bf3d7bf8b2aba561ad44a84e3913)
(cherry picked from commit 3a2ce51768de65892e3ec73596e3862354c9502e)
(cherry picked from commit 719ead3a651f12afbb59c856914b0085e5cee157)
(cherry picked from commit 83e6f82e2aea619a3cd502e133773d33c0e60133)
(cherry picked from commit 494a429b21c6234be38b9e3db0f930fbb8118205)
(cherry picked from commit 4d775db6b41f731e956cc6bb9217ef349b4a3635)
(cherry picked from commit b68f777dc2822ec5c4e30186675cc82daec092a9)
(cherry picked from commit 5b934023fa58820f27c349c26f2a1ce89aee6795)
(cherry picked from commit 3b1ed8b16c73374cd5b6339f5315229dc82488da)
(cherry picked from commit 6bc4a46c9fc6472e1c4bf0bb20dea6867f1b392f)
(cherry picked from commit 8064bb24a3c752a86271f154ad4d0c4763e07295)

Conflicts:
	templates/admin/hook_new.tmpl
	templates/org/settings/hook_new.tmpl
	templates/repo/settings/webhook/base_list.tmpl
	templates/repo/settings/webhook/new.tmpl
	templates/user/settings/hook_new.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1181
(cherry picked from commit 55f5588a9150d8912c0f8342495f858e4e1e2959)
(cherry picked from commit a428bc06b353e7b678acc6a1ec2576608f1a5d9a)
(cherry picked from commit d2186eceb960773d037756c991f50d177fd63954)
(cherry picked from commit b4e126e9afd1c51b214e36a585bb454dac32862f)
(cherry picked from commit e4c7a92c2d7142cac74cf05a2b1fe3f0bd0c7373)
(cherry picked from commit a7165c8146a604b6ec5f8ee4db4c926fef180857)

Conflicts:
	templates/admin/hook_new.tmpl
	templates/repo/settings/webhook/new.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1420

[BRANDING] add the forgejo webhook type & update webhook docs URLs (squash) gitea logo for gitea webhooks

Refs: https://codeberg.org/forgejo/forgejo/issues/1367
(cherry picked from commit 2d8c1b93734acec918729e27c5613a8f9fb41ceb)
(cherry picked from commit 9135a5e1dbcff07e9fff4c1001fcac8c05e0c82b)
(cherry picked from commit 270f4020b0714ac553498fc986457b0c627d85a6)
(cherry picked from commit 33e5e2f0d898639bae05225437aeb4afa2678360)
(cherry picked from commit 7af8bcf4791ade3ca80d449629bb2eadd0ad25ba)

Conflicts:
	tests/integration/links_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1548
(cherry picked from commit ce2a434dcf9ad23337aaa0cc30dc069bbc79744c)
(cherry picked from commit c2fa42b4fda37db8d5d4efc11834546d5de3d6ad)
(cherry picked from commit 3858c8d4db2ceaf79bd5ebed54382cbdd6491a5b)
(cherry picked from commit ebb0ae49208adeb5da4c6b442990db1b1dbe91d0)
(cherry picked from commit 93d354c418e6da1971dd7f1749cb700627f1f6d2)
(cherry picked from commit d5b08a2a4be2a48925dc089f5ec312188c60036c)
(cherry picked from commit e5e5caffaa69c2f2be300cc97ec500a993ac6b3b)
(cherry picked from commit 974d4057000f6989eb4b3440271c78dc05927312)
(cherry picked from commit e654fbccb1ddfd9e494ce4560e5ac1620d85f7c6)
(cherry picked from commit 85515977fb2fb6f6ae13f7b011bfe9f9c6d0425f)

[BRANDING] add the forgejo webhook type & update webhook docs URLs (squash) ctx.Locale

(cherry picked from commit e192647bc0f1d19b144e5ab1b286e11b2466eecd)
(cherry picked from commit 95fb1b724201b4d0dc1ef0ffb2745b2977c73286)
(cherry picked from commit ea7bd8022fc780b83de4a9ef5595cb0067e6e9d8)
(cherry picked from commit bf8465ccd07a0be493d2faf21e1e2c62766513a4)
(cherry picked from commit e1baa0a3007e2cc9a569da7d1e48785744d5cde6)
(cherry picked from commit 01b4f4c51428fad992e95615e3d55be54b4f84f9)
(cherry picked from commit da330b1e51916bb3b55167b5fefe86787a470e1f)
(cherry picked from commit 7b26c27c209c7ee5dbb45b74bd253c1bc713f5b5)
(cherry picked from commit 0c781e6f6d411335b4d22cd6a691b409379eba62)
(cherry picked from commit 0f663a8414e248f67d18896863d34f03abd9738d)
(cherry picked from commit 3297fd4f15ee7885d7b88c79e1ce70832cc60f78)
(cherry picked from commit 2f4ef403cb9e92c0a0785b860747283bd754f826)
2024-02-05 16:02:14 +01:00
Earl Warren
ec8f162b33
[BRANDING] add X-Forgejo-* headers
(cherry picked from commit 0a3388f93f53f53cce79ebcc194d67979cbe61cc)
(cherry picked from commit 7eba0a440a3138443d0b7461560f9f6f1c46b256)
(cherry picked from commit eb9646c7ef0b1a9e73bf22806acbc2caeaee7ff3)
(cherry picked from commit f1972578f5cb72ad9e1ef1ded9aa324b1d669864)

Conflicts:
(cherry picked from commit 7f96222fb4b4a773193a11d4ba76f449013c30ef)
(cherry picked from commit e3c7c9fe7b5809cdb75f1eb629c82b27986f7e98)
(cherry picked from commit 84fdead90242e68493efb96a7fee1e3b5fd417e9)
(cherry picked from commit 85148e11961b86269b7cda30294a4cdc817787d0)
(cherry picked from commit c0086bd70d39d9a1075fa624cdbfdf5ef26f7a2c)
(cherry picked from commit d1e31ef31817e5e811f6bea7aee5582383d53b12)
(cherry picked from commit 681d3ed5c43d45f802dc13c58c5b821da938374d)
(cherry picked from commit 76a3001f5bc5a064054514c179ba14008952e914)
(cherry picked from commit a55a9567d36f6b60557df3df3a0801c0fccec963)
(cherry picked from commit aa7adc167d4e4ee7879b88fe799f2afca2fd5531)
(cherry picked from commit d5354cb52c26ab0090388d019efe61770e7ec452)
(cherry picked from commit 472c48999699420d15aaa7c61a42db8136221616)
(cherry picked from commit dc816d065b715f2bfdc7fa68fa2d254f3d481b35)
(cherry picked from commit 4795f9ea85eac21c70db1159914a7b7b035b7374)
(cherry picked from commit ddd4ae53433d4adab823aa974c0f1c39d0394414)
(cherry picked from commit 0e95f2a36b1c0f480f94fef85d341792c7a7b759)
(cherry picked from commit 47a41a4e7b3c5d3cf247dafef17a64415069f171)
(cherry picked from commit d4416fcd3ee0f1d74c2b03fbe40c15b83f80b56d)
(cherry picked from commit f279d153b61677e2a766859c7a7688b0327e7c9a)
(cherry picked from commit 959f908ffdc9dd2fb07aefdf7cb85ba34f9071a3)
(cherry picked from commit 82df95310176a083abb9eaa51de9e9754d4f72c6)
(cherry picked from commit 8f8c9fd9e3deca0af0f087fc44fcd271e8440a7b)
(cherry picked from commit d4a0db7706f30a394192c6023072ad5185a7d600)
(cherry picked from commit 44594d623942128072bd86a20b5b90603517005e)
(cherry picked from commit 62b1de579ebfe326340b218cc9a980b705b8e6a2)
(cherry picked from commit 507abee353f120247276fe9165f09976421f926d)
(cherry picked from commit 8c36ac42c7091661b2f3fec70fc88a74043628fc)
(cherry picked from commit 72f74067f4c781e1c4936f0da2653a35a6f1c82b)
(cherry picked from commit 8e5a9e187b50a6eb8523c6dda4ce1a23c08a0b5a)
(cherry picked from commit cff8f43c7e4ab86a468ea49f7b945412d9911151)
(cherry picked from commit 493cc93e6d4b738a5b81d1a0db831bf9f430e9de)
(cherry picked from commit c94352b4d460e631c223b45516e42765357bf67d)
(cherry picked from commit 3f622c51a70200bf67d209d0cec78db2f25b65db)
(cherry picked from commit 84c62ad447a94ebd5d1906e41c29efd3a0816c70)
(cherry picked from commit ba186c8ee40e95cd4f40b6205d673dfe20528825)
(cherry picked from commit 4238ef291dffb68b350aa2f410e934d52cb0a1eb)
(cherry picked from commit 3ef1bd61b9a45271e69c1529875e84b379073318)
(cherry picked from commit f304086bb693d3a0a58871ba8cb1354ba290695c)
(cherry picked from commit 64a2edabcb7bc9e3961ea45f83cf6488e4cd99f2)
(cherry picked from commit 6accea6ba7f2b0f98b6bef5b1483ee39ad68edba)
(cherry picked from commit 2296e93a42939af90dee718bc8ff691009238c47)
(cherry picked from commit 2bf0be3b1bff62923dd04e1a02956ced1eda97af)
(cherry picked from commit fb4652b197ec64280689e6d065492f916f7e26f3)
(cherry picked from commit 7d462cf353ef87007025bbd76aebef429be10562)
(cherry picked from commit f5319660ddecea208163b5bcd37444322e571b51)
2024-02-05 16:02:14 +01:00
TomZ
743d1e34ac
[BRANDING] cosmetic s/Gitea/Forgejo/ in logs, messages, etc.
As the docs of codeberg refer to the strings printed by the Forgejo
ssh servers, this is user-facing and is nice to update to the new
product name.

(cherry picked from commit 103991d73f0f78f31a5f1dae47824c2fe481bcc6)
(cherry picked from commit 2a0d3f85f199d28a4180becdebcb90af0d6f3504)
(cherry picked from commit eb2b4ce388810dc145dd90d3358d4d4373e31b80)
(cherry picked from commit 0998b51716ef5d3c25e139886aa8b7bfde703b20)

[BRANDING] forgejo log message

(cherry picked from commit d51a046ebe774236f8b902c45486dc8cbd041e0e)
(cherry picked from commit d66e1c7b6e2fbfefb976103805b18eb29b6406af)
(cherry picked from commit b5bffe4ce8a8353c9e5529350a7932d4a2d9e53e)
(cherry picked from commit 3fa776d8566c42ce31540024ce5bf5a6cb5cd4e4)
(cherry picked from commit 18d064f47214327dc5b6c55c2d02a3da53358dbc)
(cherry picked from commit c95094e355212d4baf607f3778152ceb455d4f82)
(cherry picked from commit 5784290bc46afffca9b93e0faa3bd88944e54919)
(cherry picked from commit aee336886b2606beaf8c27a2992c21aa2a574966)
(cherry picked from commit ec2f60b516b1ee11b5e7c52ecb02fdf8e5bbcaec)
(cherry picked from commit 7af742a28469d6725248d5519e69217b844ed792)
(cherry picked from commit f279e2a264ae028ab511ba61a71e00739dc5020a)
(cherry picked from commit fd38cfb14eebe34dc72b8358479e53d27fe01180)
(cherry picked from commit 64c82266183943f062016479c2d1868ccdee2cec)
(cherry picked from commit b546fb23042c6d231ce29241d1991c9cb1bf1bba)
(cherry picked from commit ad102021776a8dd407ef19cbfadc42b3ca7fabd5)
(cherry picked from commit c89cab9c2b019a592dffe4b6de29482feca1bb33)
(cherry picked from commit 9579322ec2eec40cb8f113458c1d5669f5d4b818)
(cherry picked from commit 16b44ad18de82b0429a8b0a05ed93445d1524241)
(cherry picked from commit 2571ff703b77cc8527f37f82c36e9260a80ac673)
(cherry picked from commit ad61d9ce9b93503b04deb9ecdb5f214566caf820)
(cherry picked from commit 9b2c45d4d3b1c6401a3d7d0a5544213e1486ab9e)
(cherry picked from commit ed01b79a598a0698324392dab66a2cd3d41c628c)
(cherry picked from commit d040b664279292f9f7304f96db0d172672c1e904)
(cherry picked from commit ffe0bbea48d036c26149d98856add938bb08a475)
(cherry picked from commit 4c1b2c409bb90a0c2876f3a7323cf162a7e58765)
(cherry picked from commit 3d8338ed106cb6260a4dae249ddef71489c47357)
(cherry picked from commit a92f044ea96bbe9c47689455a417e4f1bc3cd648)

[BRANDING] link to forgejo.org/docs instead of docs.gitea.io

(cherry picked from commit 3efafd0e083eb331ce06681351a40c4f46d7c96f)
(cherry picked from commit 148185e34b2be36fa46e8630928ee64a73768883)
(cherry picked from commit 834e264698f710049f20491b91b3c39b853de867)
(cherry picked from commit e72fa6eb1ef8f4355197ced3c619d8ff6d9c1c9f)

[BRANDING] link to forgejo.org/docs instead of docs.gitea.io

Fix the link that was 404.

(cherry picked from commit ae515d7258602a0fe4bb4471f2017e4ccc7dd0e7)
(cherry picked from commit facc2367f0e5fc1e1162cc2478a658f050c07718)
(cherry picked from commit 25784b9f21a37d9161b050503b0d45d87cd8863d)
(cherry picked from commit 2efc6138d92e958ee6a6091e579fa269aea45ce4)
(cherry picked from commit b9d0871631ef70abe88de64ccbabcfc94a49274b)
(cherry picked from commit f0446e51b9c2268f274a1c4b8c25abfcf417975c)
(cherry picked from commit 1638aa67fb384bdcd97386861054447a8d53e832)
(cherry picked from commit 290db6a018d4f82173446799b8726a320c209bb4)
(cherry picked from commit 89b87cf5426b7407ba0e23912fbbd3c521a8bae4)
(cherry picked from commit 656ed949625652a3a0e8d0b1381e76f75688e461)
(cherry picked from commit 036f879f96d606af691326474cefe77441c8c4ed)
(cherry picked from commit 69eea35f813d03f578ca143e45292289b0ad92a8)
(cherry picked from commit b72e3f4a92a04ac065b5b72ca25f7eb0c96ba69d)
(cherry picked from commit af606b8574d67c8c7a3699cf41d6a96fc3852547)
(cherry picked from commit 7e47f8135c08be3f48ccad6b8d8a940bc5713e53)
(cherry picked from commit 0e5218cc5374a0e16a273298f862dd3d6cebe020)
(cherry picked from commit 7c2a20a528a6911412986ff8eb479f3a19d7f226)
(cherry picked from commit 4e94006363227435b53769b92882b51a6109ba52)
(cherry picked from commit e47cdfc43fb693dfd0507bb1fe943da41fd2ebb4)
(cherry picked from commit 1dcb3e1da4ab4d8dbb659e87c4f542245b066409)
(cherry picked from commit 67367c4e0f4b755879350e9311e44deff95c137c)
(cherry picked from commit 252087d1ffcae00dfa7e8edc7face8775412d4cc)
(cherry picked from commit f5977a43e5cb2c869af0cd8c993cd0d3eeccb622)

Conflicts:
	templates/base/head_navbar.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1351
(cherry picked from commit 594938eb1505f6d81d8c0cce84a34c20a18b5c7a)
(cherry picked from commit 0257d038a7416fd208571d8be0a14a9ea6ac4d95)
(cherry picked from commit 72821dd14052505814df556e09a500981256f709)

[BRANDING] s/gitea/forgejo/ in HTML placeholders

Replaced Gitea branding with Forgejo for input placeholders

Closes: #686
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/752

(cherry picked from commit 6160d37ca972566017aee46b2ef42f398f969dca)
(cherry picked from commit df61138c7eaa25068fe0012644fd15b407a4816e)
(cherry picked from commit 1f30566c3f63925ca56eaa21b4fa580b4bb1ffaf)
(cherry picked from commit 539bb825f555585f0a52ea4c8747c5b589254633)
(cherry picked from commit bee0f66c869d2632a1ad3cda731caaba74c3634c)
(cherry picked from commit 60ad005c95a6d53f615a720445eef77e4bc499ef)
(cherry picked from commit 282e26222ef4aea1720b4b121ac29264876069c7)
(cherry picked from commit f9ca551f3dbc0f75250445b4e731396dc34fc041)
(cherry picked from commit b2e04b04c381549557873b1956065dc5a5132a97)
(cherry picked from commit c8f395a03c688bcc1413c6ed6b6f820aab7851d5)
(cherry picked from commit 0d58ce49aeefd43b3316c0238dcd04e019b6be25)
(cherry picked from commit c602ddf91efd95347de433cfad8ac20995d12283)
(cherry picked from commit 029e37271ead5405daa11945bd64104f12c8ba77)
(cherry picked from commit fdaa96b3ccca76cba877f8f5dafcf4cf9d160af8)
(cherry picked from commit 515d99e27d5db12c5495e31e104ccb6b7ad0ce7a)
(cherry picked from commit da73274ba1cb55d1c425b95890a55aecee2bb246)
(cherry picked from commit ce90b696a01619d86ac7dac7b0cd78be8f06e4b1)
(cherry picked from commit b6bf98763be1855b5613dc8db627fd889bff8308)
(cherry picked from commit 5b380d22d78568c2c4f26a3e8aa90a42006969e9)

[BRANDING] How to start a runner: URL to Actions admin documentation

(cherry picked from commit da91799e6f06ac3c91c1cfc763f4ec0b5cc3cf21)
(cherry picked from commit 28231663b634f6d877173ba4956f6c0a5d128b2b)
(cherry picked from commit 533a90345bb0236c8fc088f2ab1b92535f8a4269)
(cherry picked from commit 6a0e4e55dd02beff179b8503259d1cc774e8e81b)
(cherry picked from commit f47cd611c68f9da2df9b0e5e0a8332f6fcc17932)
(cherry picked from commit 001264b7840aaad6aa25e0b06a927300751ef20e)
(cherry picked from commit e4099e9bb9f557e99bb0117eaf6ad88467684527)
(cherry picked from commit 3a1885649ff1dcaf5acdb1bb237c477a92aeb01f)
(cherry picked from commit c42802c710c0fce2eea06a93a7f4373557515616)
(cherry picked from commit a611ce8d6d293573534d4ce1efde81d32129723a)
(cherry picked from commit a3d7d10a80ba6104ee6f260290518936b210c16b)
(cherry picked from commit 52adde671f8dcb309235506a3c39a38db87e9537)
(cherry picked from commit c9a3820fef10ef0b20e52f5f70d7794dde0974b3)
(cherry picked from commit dce40997c956244742325b5b10d13e8ec918082c)
(cherry picked from commit 312a6b92f384fdb09fc26e5da5a4acf0680ff698)

[BRANDING] package templates & links

- Change Gitea to Forgejo where necessary.
- Point all documentation to Forgejo's documentation.
- Resolves #992

(cherry picked from commit d0b78a6edea0abba54ef537781234d8f778e0ad8)
(cherry picked from commit e2382f30ba07586fd3ea4c8a535ab550ecc33408)
(cherry picked from commit c41cf05a334944a66129425c4a9abb973fbb4687)
(cherry picked from commit 797e598ae73441c66f25849bf643e0c11a737c41)
(cherry picked from commit 970031a1c2974cf0c6ce057ad82afdd6380f6882)
(cherry picked from commit 0c1180e2e142852248787185e2c01582413de8c3)

Conflicts:
	templates/package/content/alpine.tmpl
	templates/package/content/cargo.tmpl
	templates/package/content/chef.tmpl
	templates/package/content/composer.tmpl
	templates/package/content/conan.tmpl
	templates/package/content/conda.tmpl
	templates/package/content/container.tmpl
	templates/package/content/cran.tmpl
	templates/package/content/debian.tmpl
	templates/package/content/generic.tmpl
	templates/package/content/go.tmpl
	templates/package/content/helm.tmpl
	templates/package/content/maven.tmpl
	templates/package/content/npm.tmpl
	templates/package/content/nuget.tmpl
	templates/package/content/pub.tmpl
	templates/package/content/pypi.tmpl
	templates/package/content/rpm.tmpl
	templates/package/content/rubygems.tmpl
	templates/package/content/swift.tmpl
	templates/package/content/vagrant.tmpl

	https://codeberg.org/forgejo/forgejo/pulls/1351
(cherry picked from commit 42ac9ff2abe55826047c36e041f1bcd70caf7581)
(cherry picked from commit e390000bcee673c2d15c8777c2d2da316967ce62)
(cherry picked from commit 56a437b29b71976b9b0816d0de2ce8169a84f288)

Conflicts:
	templates/package/content/cargo.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1466

[BRANDING] s/Gitea/Forgejo/ in user visible help & comments

- Modify the README of the docker directory to point to the relevant
docker files and documentation for Forgejo.

(cherry picked from commit aca6371215c1bf95b6c0b19b9fadb797544adc48)
(cherry picked from commit 0ba96b1bc4c4df84ce3dca9875ad4a9ac8f1f759)
(cherry picked from commit 5c8e6b53f164dd16b527c603a3089735ff16df89)

Conflicts:
	docker/README.md
	https://codeberg.org/forgejo/forgejo/pulls/1351
(cherry picked from commit b3121c8004f675b31482cdbd564f9a830be48acd)
(cherry picked from commit 607f8704163bd24bfc7ff1d6a812b5e887746797)
(cherry picked from commit 191d96afe4198d3b6498aa21eaeb7686a59865bc)

[BRANDING] healthcheck/check.go

(cherry picked from commit d703a236cebadc0186b7b2431b3b42a54b3d1f09)
(cherry picked from commit d84ce3ff2098e9ba3c7241605ea25951dcb57ca6)
(cherry picked from commit 2dbb8446069c79017dcc4a9921dffcb73594d02c)
(cherry picked from commit 14d3ae7e3ae67dff3443db17e4373e5947ed6c6c)

[BRANDING] s/Gitea/Forgejo/g in CLI output

(cherry picked from commit 7543c126bbb78d5d29c253a88b56ccd2dd394928)
(cherry picked from commit b66f422fc3b9018aa948a869045cb3684e80f5f2)
(cherry picked from commit a81e4e46f3b0e619cea959de5ffde2e811d6008e)

[BRANDING] Gitea->Forgejo in mailer code

(cherry picked from commit b91afea4ff5e092452b5848900fc426b1c7289d5)
(cherry picked from commit 5d7428167c8ee5f25fb719f32a561472ef1aee68)
(cherry picked from commit ed8101ba6cc87526554a69f58a49507a79eadb35)

[BRANDING] use 'Forgejo' for Discord, Packagist, and Slack webhooks

Refs: https://codeberg.org/forgejo/forgejo/issues/1387

(cherry picked from commit 7dc3a05f5b9013a0696f071ebea4d2403c1c36a8)
(cherry picked from commit 133f2fc6cc2e977a5f7660ca4c214c92ac036421)

[BRANDING] cmd/manager.go

(cherry picked from commit d1dba2c79db63a6fc23e6bbab2b8dcbdaf43b679)

[BRANDING] pyproject.toml

(cherry picked from commit 7e8c868db2d5331778a87b5a1b493a81bf6863a4)
(cherry picked from commit 2395995c8b61c0674278db4321aa7d79e4c0eb91)
(cherry picked from commit dd6fbbf332f7833175634ef6d48eb5ad384aabb9)

Conflicts:
	templates/package/content/cargo.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1548
(cherry picked from commit 6f9a5d5cabc9bf7b57dc199a332261b8fe53e52d)
(cherry picked from commit d0635c4a07bb080e509f5578a995c7378b995691)
(cherry picked from commit 5f9a8c5744d254099c7ce98f14e1b58ec0a40708)
(cherry picked from commit 10b96c45673ef1d8d9f5364721b6e876a10e6f3b)
(cherry picked from commit 717d52e92863aa44536ed7ad524608aa5f398469)
(cherry picked from commit 5debdb103eb44d40fa9dd7056b48accc3cc185aa)
(cherry picked from commit ded1c1700e3795abf1d95d4d732703b9148f68fd)
(cherry picked from commit 52aa23cf7a3a7960c60ed7b504ea58c147a6c399)
(cherry picked from commit 882c942b061ef6f8e65668c70349522b57893090)
(cherry picked from commit 73fc2d2ea86877f9821a0230aa28114b624251fc)

Conflicts:
	cmd/actions.go
	cmd/doctor.go
	cmd/keys.go
	https://codeberg.org/forgejo/forgejo/pulls/1976
(cherry picked from commit 6180ef24dc0edad0b7471c463715179f29d741b9)
(cherry picked from commit 8970fa2bf872ee544ed9e0c1241fde8755e6acf1)

Conflicts:
	templates/package/content/debian.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/2074

Fix a typo in docker/README.md

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2e5df79dfb45719ff55c4c1f33bb1e753c32533f)
(cherry picked from commit 2bf6ce5b8167da5f5245337de93bf01f8522bd49)
(cherry picked from commit 8ec779277d6fbdbcc0a5f369fa73d47d3f80996f)
(cherry picked from commit 6048fc66e8ed9820ecb84e025efe9affbf124d85)
(cherry picked from commit 162538c722202d13f443b45249f05f3d9abd76f5)
(cherry picked from commit 646bb9965088a028a4469796fa6d62e4499e2b0d)
2024-02-05 16:02:14 +01:00
Gusted
9bb188176e
[MODERATION] Block issue creation when blocked by repo owner (squash)
- Block the creation of a issue if the user is blocked by the repository owner.
- Fix integration tests (This should ideally in the future all be
self-created fixtures instead of relying on the existing ones as a small
condition can make the tests be inaccurate).

(cherry picked from commit 88d3ee333aa91814bbe0b11d9fc1e62ffecae1b9)
(cherry picked from commit 146c82d232a5a4a81bbbebcae568b5c3b6117804)
(cherry picked from commit d9dc25d0382acf819900eae5f652d682c3594ef5)
(cherry picked from commit cd1eadd9234205bce443e61c52415de342493b13)
(cherry picked from commit 40a8584bbb4768d2527ad1558034ebd2ea1f5077)
2024-02-05 15:56:58 +01:00
Gusted
2da33aae2d
[MODERATION] User blocking
- Add the ability to block a user via their profile page.
- This will unstar their repositories and visa versa.
- Blocked users cannot create issues or pull requests on your the doer's repositories (mind that this is not the case for organizations).
- Blocked users cannot comment on the doer's opened issues or pull requests.
- Blocked users cannot add reactions to doer's comments.
- Blocked users cannot cause a notification trough mentioning the doer.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/540
(cherry picked from commit 687d852480388897db4d7b0cb397cf7135ab97b1)
(cherry picked from commit 0c32a4fde531018f74e01d9db6520895fcfa10cc)
(cherry picked from commit 1791130e3cb8470b9b39742e0004d5e4c7d1e64d)
(cherry picked from commit 37858b7e8fb6ba6c6ea0ac2562285b3b144efa19)
(cherry picked from commit a3e2bfd7e9eab82cc2c17061f6bb4e386a108c46)
(cherry picked from commit 7009b9fe87696b6182fab65ae82bf5a25cd39971)

Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014
        routers/web/user/profile.go
        templates/user/profile.tmpl
(cherry picked from commit b2aec3479177e725cfc7cbbb9d94753226928d1c)
(cherry picked from commit e2f1b73752f6bd3f830297d8f4ac438837471226)

[MODERATION] organization blocking a user (#802)

- Resolves #476
- Follow up for: #540
- Ensure that the doer and blocked person cannot follow each other.
- Ensure that the block person cannot watch doer's repositories.
- Add unblock button to the blocked user list.
- Add blocked since information to the blocked user list.
- Add extra testing to moderation code.
- Blocked user will unwatch doer's owned repository upon blocking.
- Add flash messages to let the user know the block/unblock action was successful.
- Add "You haven't blocked any users" message.
- Add organization blocking a user.

Co-authored-by: Gusted <postmaster@gusted.xyz>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/802
(cherry picked from commit 0505a1042197bd9136b58bc70ec7400a23471585)
(cherry picked from commit 37b4e6ef9b85e97d651cf350c9f3ea272ee8d76a)
(cherry picked from commit c17c121f2cf1f00e2a8d6fd6847705df47d0771e)

[MODERATION] organization blocking a user (#802) (squash)

Changes to adapt to:

  6bbccdd177 Improve AJAX link and modal confirm dialog (#25210)

Refs: https://codeberg.org/forgejo/forgejo/pulls/882/files#issuecomment-945962
Refs: https://codeberg.org/forgejo/forgejo/pulls/882#issue-330561
(cherry picked from commit 523635f83cb2a1a4386769b79326088c5c4bbec7)
(cherry picked from commit 4743eaa6a0be0ef47de5b17c211dfe8bad1b7af9)
(cherry picked from commit eff5b43d2e843d5d537756d4fa58a8a010b6b527)

Conflicts: https://codeberg.org/forgejo/forgejo/pulls/1014
        routers/web/user/profile.go
(cherry picked from commit 9d359be5ed11237088ccf6328571939af814984e)
(cherry picked from commit b1f3069a22a03734cffbfcd503ce004ba47561b7)

[MODERATION] add user blocking API

- Follow up for: #540, #802
- Add API routes for user blocking from user and organization
perspective.
- The new routes have integration testing.
- The new model functions have unit tests.
- Actually quite boring to write and to read this pull request.

(cherry picked from commit f3afaf15c7e34038363c9ce8e1ef957ec1e22b06)
(cherry picked from commit 6d754db3e5faff93a58fab2867737f81f40f6599)
(cherry picked from commit 2a89ddc0acffa9aea0f02b721934ef9e2b496a88)
(cherry picked from commit 4a147bff7e963ab9dffcfaefa5c2c01c59b4c732)

Conflicts:
        routers/api/v1/api.go
        templates/swagger/v1_json.tmpl
(cherry picked from commit bb8c33918569f65f25b014f0d7fe6ac20f9036fc)
(cherry picked from commit 5a11569a011b7d0a14391e2b5c07d0af825d7b0e)
(cherry picked from commit 2373c801ee6b84c368b498b16e6ad18650b38f42)

[MODERATION] restore redirect on unblock

 ctx.RedirectToFirst(ctx.FormString("redirect_to"), ctx.ContextUser.HomeLink())

was replaced by

 ctx.JSONOK()

in 128d77a3a Following up fixes for "Fix inconsistent user profile layout across tabs" (#25739)

thus changing the behavior (nicely spotted by the tests). This
restores it.

(cherry picked from commit 597c243707c3c86e7256faf1e6ba727224554de3)
(cherry picked from commit cfa539e590127b4b953b010fba3dea21c82a1714)

[MODERATION] Add test case (squash)

- Add an test case, to test an property of the function.

(cherry picked from commit 70dadb1916bfef8ba8cbc4e9b042cc8740f45e28)

[MODERATION] Block adding collaborators

- Ensure that the doer and blocked user cannot add each other as
collaborators to repositories.
- The Web UI gets an detailed message of the specific situation, the API
gets an generic Forbidden code.
- Unit tests has been added.
- Integration testing for Web and API has been added.
- This commit doesn't introduce removing each other as collaborators on
the block action, due to the complexity of database calls that needs to
be figured out. That deserves its own commit and test code.

(cherry picked from commit 747be949a1b3cd06f6586512f1af4630e55d7ad4)

[MODERATION] move locale_en-US.ini strings to avoid conflicts

Conflicts:
        web_src/css/org.css
        web_src/css/user.css
        https://codeberg.org/forgejo/forgejo/pulls/1180

(cherry picked from commit e53f955c888ebaafc863a6e463da87f70f5605da)

Conflicts:
        services/issue/comments.go
        https://codeberg.org/forgejo/forgejo/pulls/1212
(cherry picked from commit b4a454b576eee0c7738b2f7df1acaf5bf7810d12)

Conflicts:
        models/forgejo_migrations/migrate.go
        options/locale/locale_en-US.ini
        services/pull/pull.go
        https://codeberg.org/forgejo/forgejo/pulls/1264

[MODERATION] Remove blocked user collaborations with doer

- When the doer blocks an user, who is also an collaborator on an
repository that the doer owns, remove that collaboration.
- Added unit tests.
- Refactor the unit test to be more organized.

(cherry picked from commit ec8701617830152680d69d50d64cb43cc2054a89)
(cherry picked from commit 313e6174d832501c57724ae7a6285194b7b81aab)

[MODERATION] QoL improvements (squash)

- Ensure that organisations cannot be blocked. It currently has no
effect, as all blocked operations cannot be executed from an
organisation standpoint.
- Refactored the API route to make use of the `UserAssignmentAPI`
middleware.
- Make more use of `t.Run` so that the test code is more clear about
which block of code belongs to which test case.
- Added more integration testing (to ensure the organisations cannot be
blocked and some authorization/permission checks).

(cherry picked from commit e9d638d0756ee20b6bf1eb999c988533a5066a68)

[MODERATION] s/{{avatar/{{ctx.AvatarUtils.Avatar/

(cherry picked from commit ce8b30be1327ab98df2ba061dd7e2a278b278c5b)
(cherry picked from commit f911dc402508b04cd5d5fb2f3332c2d640e4556e)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/1354
(cherry picked from commit c1b37b7fdaf06ee60da341dff76d703990c08082)
(cherry picked from commit 856a2e09036adf56d987c6eee364c431bc37fb2e)

[MODERATION] Show graceful error on comment creation

- When someone is blocked by the repository owner or issue poster and
try to comment on that issue, they get shown a graceful error.
- Adds integration test.

(cherry picked from commit 490646302e1e3dc3c59c9d75938b4647b6873ce7)
(cherry picked from commit d3d88667cbb928a6ff80658eba8ef0c6c508c9e0)
(cherry picked from commit 6818de13a921753e082b7c3d64c23917cc884e4b)

[MODERATION] Show graceful error on comment creation (squash) typo

(cherry picked from commit 1588d4834a37a744f092f2aeea6c9ef4795d7356)
(cherry picked from commit d510ea52d091503e841d66f2f604348add8b4535)
(cherry picked from commit 8249e93a14f628bb0e89fe3be678e4966539944e)

[MODERATION] Refactor integration testing (squash)

- Motivation for this PR is that I'd noticed that a lot of repeated
calls are happening between the test functions and that certain tests
weren't using helper functions like `GetCSRF`, therefor this refactor of
the integration tests to keep it: clean, small and hopefully more
maintainable and understandable.
- There are now three integration tests: `TestBlockUser`,
`TestBlockUserFromOrganization` and `TestBlockActions` (and has been
moved in that order in the source code).
- `TestBlockUser` is for doing blocking related actions as an user and
`TestBlockUserFromOrganization` as an organisation, even though they
execute the same kind of tests they do not share any database calls or
logic and therefor it currently doesn't make sense to merge them
together (hopefully such oppurtinutiy might be presented in the future).
- `TestBlockActions` now contain all tests for actions that should be
blocked after blocking has happened, most tests now share the same doer
and blocked users and a extra fixture has been added to make this
possible for the comment test.
- Less code, more comments and more re-use between tests.

(cherry picked from commit ffb393213d2f1269aad3c019d039cf60d0fe4b10)
(cherry picked from commit 85505e0f815fede589c272d301c95204f9596985)
(cherry picked from commit 0f3cf17761f6caedb17550f69de96990c2090af1)

[MODERATION] Fix network error (squash)

- Fix network error toast messages on user actions such as follow and
unfollow. This happened because the javascript code now expects an JSON
to be returned, but this wasn't the case due to
cfa539e590127b4953b010fba3dea21c82a1714.
- The integration testing has been adjusted to instead test for the
returned flash cookie.

(cherry picked from commit 112bc25e548d317a4ee00f9efa9068794a733e3b)
(cherry picked from commit 1194fe4899eb39dcb9a2410032ad0cc67a62b92b)
(cherry picked from commit 9abb95a8441e227874fe156095349a3173cc5a81)

[MODERATION] Modernize frontend (squash)

- Unify blocked users list.
- Use the new flex list classes for blocked users list to avoid using
the CSS helper classes and thereby be consistent in the design.
- Fix the modal by using the new modal class.
- Remove the icon in the modal as looks too big in the new design.
- Fix avatar not displaying as it was passing the context where the user
should've been passed.
- Don't use italics for 'Blocked since' text.
- Use namelink template to display the user's name and homelink.

(cherry picked from commit ec935a16a319b14e819ead828d1d9875280d9259)
(cherry picked from commit 67f37c83461aa393c53a799918e9708cb9b89b30)

Conflicts:
	models/user/follow.go
	models/user/user_test.go
	routers/api/v1/user/follower.go
	routers/web/shared/user/header.go
	routers/web/user/profile.go
	templates/swagger/v1_json.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1468
(cherry picked from commit 6a9626839c6342cd2767ea12757ee2f78eaf443b)

Conflicts:
	tests/integration/api_nodeinfo_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1508#issuecomment-1242385
(cherry picked from commit 7378b251b481ed1e60e816caf8f649e8397ee5fc)

Conflicts:
	models/fixtures/watch.yml
	models/issues/reaction.go
	models/issues/reaction_test.go
	routers/api/v1/repo/issue_reaction.go
	routers/web/repo/issue.go
	services/issue/issue.go
	https://codeberg.org/forgejo/forgejo/pulls/1547
(cherry picked from commit c2028930c101223820de0bbafc318e9394c347b8)
(cherry picked from commit d3f9134aeeef784586e8412e8dbba0a8fceb0cd4)
(cherry picked from commit 7afe154c5c40bcc65accdf51c9224b2f7627a684)
(cherry picked from commit 99ac7353eb1e834a77fe42aa89208791cc2364ff)
(cherry picked from commit a9cde00c5c25ea8c427967cb7ab57abb618e44cb)

Conflicts:
	services/user/delete.go
	https://codeberg.org/forgejo/forgejo/pulls/1736
(cherry picked from commit 008c0cc63d1a3b8eb694bffbf77a7b25c56afd57)

[DEADCODE] add exceptions

(cherry picked from commit 12ddd2b10e3309f6430b0af42855c6af832832ee)

[MODERATION] Remove deadcode (squash)

- Remove deadcode that's no longer used by Forgejo.

(cherry picked from commit 0faeab4fa9b0aa59f86760b24ecbc07815026c82)

[MODERATION] Add repo transfers to blocked functionality (squash)

- When someone gets blocked, remove all pending repository transfers
from the blocked user to the doer.
- Do not allow to start transferring repositories to the doer as blocked user.
- Added unit testing.
- Added integration testing.

(cherry picked from commit 8a3caac33013482ddbee2fa51510c6918ba54466)
(cherry picked from commit a92b4cfeb63b90eb2d90d0feb51cec62e0502d84)
(cherry picked from commit acaaaf07d999974dbe5f9c5e792621c597bfb542)
(cherry picked from commit 735818863c1793aa6f6983afedc4bd3b36026ca5)
(cherry picked from commit f50fa43b32160d0d88eca1dbdca09b5f575fb62b)
(cherry picked from commit e16683643388fb3c60ea478f1419a6af4f4aa283)
(cherry picked from commit 82a0e4a3814a66ce44be6a031bdf08484586c61b)
(cherry picked from commit ff233c19c4a5edcc2b99a6f41a2d19dbe8c08b3b)
(cherry picked from commit 8ad87d215f2b6adb978de77e53ba2bf7ea571430)

[MODERATION] Fix unblock action (squash)

- Pass the whole context instead of only giving pieces.
- This fixes CSRF not correctly being inserted into the unblock buttons.

(cherry picked from commit 2aa51922ba6a0ea2f8644277baa74fc8f34ab95a)
(cherry picked from commit 7ee8db0f018340bc97f125415503e3e5db5f5082)
(cherry picked from commit e4f8b999bcd3b68b3ef7f54f5b17c3ada0308121)
(cherry picked from commit 05aea60b1302bbd3ea574a9c6c34e1005a5d73bf)
(cherry picked from commit dc0d61b012cfaf2385f71e97cda5f220b58b9fa4)
(cherry picked from commit f53fa583de671ff60a0a1d0f3ab8c260e1ba4e1f)
(cherry picked from commit c65b89a58d11b32009c710c2f5e75f0cd3539395)
(cherry picked from commit 69e50b9969db3ab71cefaed520757876a9629a5c)
(cherry picked from commit ec127440b86cb5fcf51799d8bd76a9fd6b9cebcc)

[MODERATION] cope with shared fixtures

* There is one more issue in the fixtures and this breaks some tests
* The users in the shared fixtures were renamed for clarity and that
  breaks some tests

(cherry picked from commit 707a4edbdf67d0eb168d7bb430cf85dd8cd63c52)

Conflicts:
	modules/indexer/issues/indexer_test.go
	https://codeberg.org/forgejo/forgejo/pulls/1508
(cherry picked from commit 82cc044366c749df80ffad44eed2988b8e64211e)
(cherry picked from commit 2776aec7e85850f1d7f01a090a72491550fb9d29)
(cherry picked from commit 1fbde36dc784b5b2cc6193f02ff0d436b0f2a629)
(cherry picked from commit 1293db3c4e5df218501f5add9f9d41101ffcb8aa)
(cherry picked from commit 6476802175bac3ef78dd8f24ff6bebc16f398a78)
(cherry picked from commit 5740f2fc830356acb7929a02fe304008b94a0ca5)
(cherry picked from commit afc12d7b6e9b773fa89718aa79cd95c0e0ce4406)

[MODERATION] Fix transfer confirmation (squash)

- Fix problem caused by the clearer confirmation for dangerous actions commit.

(cherry picked from commit 3488f4a9cb1f7f73103ae0017d644f13ca3ab798)
(cherry picked from commit ed7de91f6ace23a1459bc6552edf719d62c7c941)
(cherry picked from commit 2d97929b9b7b8d979eb12bf0994d3f169d41f7fd)
(cherry picked from commit 50d035a7b058b9c4486c38cd4be0b02a4e1bf4d9)
(cherry picked from commit 0a0c07d78a1dee3489b97ab359bb957e3f7fb94b)
(cherry picked from commit 85e55c4dbc2f513f3d5254dac20915e8c3c22886)
(cherry picked from commit d8282122ad6e8b497de35d1ed89e3093a2cd5ee2)
(cherry picked from commit 3f0b3b6cc582c3d672d371dd9fe1203a56cb88c0)

[MODERATION] Purge issues on user deletion (squash)

(cherry picked from commit 4f529d9596ffbfc4e754c28830ba028f6344dc5b)
(cherry picked from commit f0e3acadd321fcb99e8ea3e3ce1c69df25c4ca4d)
(cherry picked from commit 682c4effe69dc0d4ed304fa7ce6259d9ce573629)
(cherry picked from commit e43c2d84fd4b6fd31e2370cec1034262d12e5c34)
(cherry picked from commit 9c8e53ccc78053026e4f667889959c23c8d95934)
(cherry picked from commit a9eb7ac783b2c16ee3702a88203bf857cb4147fc)

[MODERATION] Purge issues on user deletion (squash) revert shared fixtures workarounds

(cherry picked from commit 7224653a40e32186892e89bfedd49edecf5b8f81)
(cherry picked from commit aa6e8672f9473a9100e7575051dec9eda37709a0)
(cherry picked from commit 58c7947e95648f50237ddcd46b6bd025b224a70f)
(cherry picked from commit f1aacb1851b232082febcd7870a40a56de3855a6)
(cherry picked from commit 0bf174af87f7de9a8d869304f709e2bf41f3dde9)
(cherry picked from commit f9706f4335df3b7688ed60853d917efa72fb464a)

[MODERATION] Prepare moderation for context locale changes (squash)

- Resolves https://codeberg.org/forgejo/forgejo/issues/1711

(cherry picked from commit 2e289baea943dcece88f02d110b03d344308a261)
(cherry picked from commit 97b16bc19ae680db62608d6020b00fe5ac451c60)

[MODERATION] User blocking (squash) do not use shared fixture

It conflicts with a fixtured added in the commit
Fix comment permissions (#28213) (#28216)

(cherry picked from commit ab40799dcab24e9f495d765268b791931da81684)
(cherry picked from commit 996c92cafdb5b33a6d2d05d94038e950d97eb7de)
(cherry picked from commit 259912e3a69071c5ad57871464d0b79f69a8e72c)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/1921
(cherry picked from commit 1e82abc032c18015b92c93a7617a5dd06d50bd2d)
(cherry picked from commit a176fee1607d571b25b345184f1c50d403029610)
(cherry picked from commit 0480b76dfeda968849e900da9454a3efd82590fa)
(cherry picked from commit 4bc06b7b3841c74e3d790b1ef635c2b382ca7123)
(cherry picked from commit 073094cf722a927a623408d66537c758d7d64e4c)
(cherry picked from commit ac6201c647a4d3a2cfb2b0303b851a8fe7a29444)
(cherry picked from commit 7e0812674da3fbd1e96bdda820962edad6826fbd)
(cherry picked from commit 068c741e5696957710b3d1c2e18c00be2ffaa278)

Conflicts:
	models/repo_transfer.go
	models/repo_transfer_test.go
	routers/web/user/profile.go
	https://codeberg.org/forgejo/forgejo/pulls/2298
2024-02-05 15:56:45 +01:00
Gusted
006291bd9c
[MODERATION] Purge issues on user deletion
- Forgejo has the option to delete users, in which all data except
issues and comments are removed, this makes sense in some cases where
users need to be removed cleanly but without removing their existing bug
reports or comments to an discussion. In the case of spammers, admins
have the option to enable purging, where comments are removed.
- Add issues to the list of things to be removed if purge is checked.
- No unit testing, as this gigantic function doesn't have one to begin
with.
- Add integration test.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1268

(cherry picked from commit 3ed381c75826ffc6834fd54943f71579c060c16d)
(cherry picked from commit 44d00650ce77bd4395892a62a64a90829578c81d)
(cherry picked from commit 7f4da82779fa1d761b5fe045d3e0b4b2627638c0)
(cherry picked from commit d629314def8e3e6d0f78184aa584fa57ece18bb1)

Conflicts:
	models/fixtures/issue.yml
	https://codeberg.org/forgejo/forgejo/pulls/1508
(cherry picked from commit 794dcc218f2c0c53028aaf617407d46bddda57f3)
(cherry picked from commit c433f2ecb60669e5c8748912b30c0433d5fe507a)
(cherry picked from commit bb23683f4b10a504da677843bc2ae2b73ec299c4)
(cherry picked from commit 634c5604d430b1b531467783bc70bb4efbee023d)
(cherry picked from commit 219073f5c5558e7712039a83754f68b092689963)
(cherry picked from commit 32893dbab139e2d238db8c3d7878321c6bdd0cd3)
(cherry picked from commit 0ef40cfb5a23d9f654e093ade2668d82ce8d333a)
(cherry picked from commit e535409cab3c276fd8db6b402f85934ef5127491)
(cherry picked from commit 29059f611b5617d275737996b9e4076a3b0b667e)
(cherry picked from commit cd480c5b8b99feed11a3797ab36a697cd0dcc91b)
(cherry picked from commit 340e6573924dbd8d69843c69243e6b027c66f166)
(cherry picked from commit 3a7a5564d02bde767cb14cbc30e3ca816808f7d6)
(cherry picked from commit 1dbcaca726f3cbd777a4965b7414d6b60050ba54)
(cherry picked from commit c491c439e28f04fdd0f002ec1403b19933afc7c3)
(cherry picked from commit c8fe2140cc15dcffa9bb7c966493707ac23cdb74)
(cherry picked from commit c72564e3ee1bd9972d4f7d7a7e1dc34bb8d81299)
(cherry picked from commit 2084f3fa113bca751be0689f53dfeb7d059ffb8f)
(cherry picked from commit 918e65327da011303ba7dfb3ff6970b8c83f5319)
2024-02-05 15:39:02 +01:00
Gusted
6fc17ad37b
[PRIVACY] Add a DNS method to fetch new updates
- Use TXT records in order to determine the latest available version.
- This addresses a valid privacy issue, as with HTTP requests the server
can keep track(estimated) of how many instances are using Forgejo, with
DNS that's basically not possible as the server will never receive any
data, as the only ones receiving data are DNS resolvers.

(cherry picked from commit 0baefb546ab96bc3c06d90feffdb14873c2c2a3a)
(cherry picked from commit e8ee41880b775532e6a68bd2052ed96d369dee78)
(cherry picked from commit 7eca4f3bf1faa3f063c9668d1bb354b842361007)
(cherry picked from commit 6dde3992dc504f105f2285c34fa6445fa24da0b1)
(cherry picked from commit fb3a37fbfc73d35e3ba8d793b6051aeddcbb0634)
(cherry picked from commit 8304af1e9d94b89ee700b0d454d74d0dc5cfac64)
(cherry picked from commit 0543a7d12a4bac012db8b9e683e879e6f265a9dc)
(cherry picked from commit c3a22933b7ca8201c96267d360281848fb2a1c7e)
(cherry picked from commit e24370769413aebe96ba6cfb230da3c2c33e39f4)
(cherry picked from commit 7eb6d1bcf7a0bdae0cbbf06136854d0b29c54899)
(cherry picked from commit 1d7b9535cd73bffda5defd143c25e514cc55dee8)
(cherry picked from commit 05920dce67808ae346c4e9cd9a41c9942e857bc6)
(cherry picked from commit f173f27d7c3bf36c54b7e715a61b2308d1b0d277)
(cherry picked from commit 90e1c9340e72f08e67293647cf5f19b3e3571909)
(cherry picked from commit de68610ea70b81146f6412e42d72b97aad0428ae)
(cherry picked from commit 8d5757ea0459cffeb885462b7a9d1e1c630e1f16)
(cherry picked from commit c7a7fff316c1a88ba9b0984114a25cecfac56bce)
(cherry picked from commit 39ac8b8fc164090eacd5870bf78ea863d2add5fa)
(cherry picked from commit 98892033012ccc4f4bef30e10932fa22bf12ebcd)

[PRIVACY]: Adjust update checker description

- Resolves #323
- Adjust the description of the update check function on the
installation page to describe the privacy method instead of the HTTP
method by checking gitea.io

(cherry picked from commit 61eae5b105e374169fe23fbb150ce080f8f340ec)
(cherry picked from commit 091def20a1180af718209f2bd520cb249b1943ae)
(cherry picked from commit d5d11bf45a77cad6be2194620c4d865231cfbe67)
(cherry picked from commit 71863d470739c743335931f1563e5b63cf3194eb)
(cherry picked from commit 11ece4aab1ba7a154e985a6732c6839d8a688315)
(cherry picked from commit afdd7e714f9e735811dc909a854cfac964e474e7)
(cherry picked from commit 39170e2f1d64d79bb05940b72d7db602bcff1bce)
(cherry picked from commit 4b3a52aab82e8b9f59f247983a4aa7de65c6c747)
(cherry picked from commit 9d763c5fc8cd0ff7898855e1ef088edb264388d5)
(cherry picked from commit 638db15482f6907fa21e27aaccf6795226ae60c0)
(cherry picked from commit a52bfdd8e76466aa293855a35c6ac9e18a228e90)
(cherry picked from commit dc93d00e85dfdd9c090294f5504b8d885a602c60)
(cherry picked from commit 0bc4b3508c8d2e49b57d47b4c5b36a9365580a1b)
(cherry picked from commit 3f760d85a45520d3340bf27efe667fc689b6b8ce)
(cherry picked from commit ecc2716785036b5538c8022d1c4dd6156796acef)
(cherry picked from commit 6334d5677eb3e1848ab16630a22ae59ab716a732)

Conflicts:
	modules/updatechecker/update_checker.go
	UpdateRemoteVersion now has a context argument. However, in
	the updated code from Gitea the context comes from the HTTP
	request and does not actually provide any useful context.
	Replace that with context.Background()
(cherry picked from commit ca2200767edb9c30b655b942824957577b1f6fe7)
(cherry picked from commit f46feca224d388e92875a76c8d2428c2681ad0c5)
(cherry picked from commit a800a66ca89c03a8e08f26f633bea8634cffe629)
(cherry picked from commit 21f017454e90db7c1ce47627785e4781396300b9)
(cherry picked from commit 762d18e09a5cc04f7c2ff374e1202324244999df)
(cherry picked from commit 6d28e120c131b2547a87691a6195205cedfac052)
(cherry picked from commit 4fcd7e7cbf55d7b69568a931fc86b3aef8346adc)
(cherry picked from commit 95162851128ef1d03435bd5e011748dc3d0f26f8)
(cherry picked from commit 0dd752a2624693fb1c9c4dd0efa8e343ae1ad3c7)
(cherry picked from commit b1f1af7fe03878c333966b2f4c6581ab0e6c2593)
(cherry picked from commit 71937deaa575015fb5e9073a014b4fba74ed92a8)
(cherry picked from commit 93e41a782334b7b53198da89e1c8a92bb9e6b6be)
(cherry picked from commit f497ed30cfaafb2c801ad6bfccc7788a128c4435)
(cherry picked from commit bff3346f7df2cf28b1f1fdd637a87bbe6940326c)
(cherry picked from commit 906ae19c0f61d808decf4fab0abc2086abf9d4e2)
2024-02-05 15:38:36 +01:00
Gusted
c53f802778
[PRIVACY] Disable update_checker cron tasks
- This is being disabled as it will weekly connect to a domain.
- This only affects existing installations, as new installations will
have a explicit value being written into app.ini due to https://github.com/go-gitea/gitea/pull/21655

(cherry picked from commit cd0b8b6852563118ab8530c01a48bc612efcf58a)
(cherry picked from commit 58d43867cab15a4b93fab6f4b467756e8030fb2d)
(cherry picked from commit f290b91e504933be83d5b9540a195173280ab38d)
(cherry picked from commit 5bd6d7555478713c91a3c00980060041ed34ba22)
(cherry picked from commit e5d0abb59244809f5181dfbadfbee47531246a18)
(cherry picked from commit 4b381ce77e699ce9f0f8af8ac3488bd8e3562b15)
(cherry picked from commit b6a9b1390d9ee3aa70d50b1fae1346aff69cab08)
(cherry picked from commit 367436287118b0fc4030ee6527d6c366db919594)
(cherry picked from commit af0f606fc1f42be49dcbedd04055f0f9a0b7d3df)
(cherry picked from commit 49560da6fb01cd6ee1a69840f48ed9269330c37a)
(cherry picked from commit ca06e27c5b7b8b20e34935885c4ab0ca905b9157)
(cherry picked from commit 163df86df5abdda11b6d337af32e0f0f3837119b)
(cherry picked from commit 0391c6ae42eb364a6db1156af93304aa73c69b2d)
(cherry picked from commit f282f2d42fd850c29b489d02133698e14b21f411)
(cherry picked from commit 68d31cf2478626730324eaa56ad4264580b7030c)
(cherry picked from commit cfd4a479e95597f315d9d75e2b7d22c8f6941ce2)
(cherry picked from commit add969bdf624df9eed3047d60a1bae979e9bfd80)
(cherry picked from commit c0f3f1f1e733b6df0f028a1393549adf7f8936f4)
(cherry picked from commit f11dca9090a77dbd58ff980e97cff07a5b2d27b5)
(cherry picked from commit 283810387ff26fbbf1ac795d56350a7bfb87b874)
(cherry picked from commit 08af1f0ea882bbe3fada3e61988baa9f0d290d1a)
(cherry picked from commit 1c1a6da319f9218cc05693e0b8461f3defe1d891)
(cherry picked from commit c1444bae65daa29497209a0bcc0758b1af9828a0)
(cherry picked from commit 6361df634bd8fda81793e35820f0a42c56e5e55a)
(cherry picked from commit cc8bb3f94605858c3ff9412644d90d80150c3f23)
(cherry picked from commit c7ae4411fd041dde1c73a5fdc64679317b6daef7)
(cherry picked from commit f73f4eef02c41430cc6a7375fc3b73aab8b75de7)
(cherry picked from commit 2122896e8529db6b6158bb9029492f8f5e12efb7)
(cherry picked from commit d469c99671cf6a5a8087b1ad106a04b43f4edc85)
(cherry picked from commit 41dbbd731edf52c1c78d34cba1dfd7e03029e5f7)
(cherry picked from commit e8e742b4376ab2437097a94a5f541576f9da3c81)
(cherry picked from commit 0fa9f87b5fbb81b9205650da918bab02c7f86916)
(cherry picked from commit a92c724a563e0260425cfe8569dec893740b8c71)
(cherry picked from commit 6a18d153e1f60bdac04a568eaa2d74cb2c1d5cb1)
(cherry picked from commit 0dd35a13fdcf34f88b9cc554646402b1bb40da57)
(cherry picked from commit 5ae0cbe0ae98c7e12666f185aa5da21160ab83e8)
(cherry picked from commit 13bd3cf37bed863491f1284572fa0bfa470b8ec0)
(cherry picked from commit a163efa6cf5746a2ac3cfec78ff8c5d70158e3f2)
(cherry picked from commit 422a6e8329abf9a961222a50ce136af84f4f2975)
(cherry picked from commit 125fb33e1baad8bf88d71db5bffaa898c38565e9)
(cherry picked from commit fd39d15a921c726f593a55ba0c4eae6f8f78a4a0)
(cherry picked from commit b58147451372d354a499f6b38d2662ff6c74c132)
(cherry picked from commit 987d19852364fe258b4eaddd9df51245a082522e)
(cherry picked from commit f06eed025fb73ca1ebe7eb65cbd5ab5c3276d981)
(cherry picked from commit 6f9f4156448e7b9eb9d7c7776eb20b0ab5de692c)
(cherry picked from commit eb2c878debf07ad46e272ff8e2adfa414657f4c3)
(cherry picked from commit 70daffa9fe3a4007d199ea346f0d14f37917ac5b)
(cherry picked from commit 3a6ae6fa49d238bed04c1fd1342b054dab7b6f58)
(cherry picked from commit 682a564b04a62aeea15e08a833ae2b158d1bfe67)
2024-02-05 15:38:36 +01:00
Gusted
c6a53c3172
[SECURITY] Rework long-term authentication
- This is a 'front-port' of the already existing patch on v1.21 and
v1.20, but applied on top of what Gitea has done to rework the LTA
mechanism. Forgejo will stick with the reworked mechanism by the Forgejo
Security team for the time being. The removal of legacy code (AES-GCM) has been
left out.
- The current architecture is inherently insecure, because you can
construct the 'secret' cookie value with values that are available in
the database. Thus provides zero protection when a database is
dumped/leaked.
- This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies).
- Integration testing is added to ensure the new mechanism works.
- Removes a setting, because it's not used anymore.

(cherry picked from commit e3d6622a63da9c33eed1e3d102cf28a92ff653d6)
(cherry picked from commit fef1a6dac5e25579e42d40209c4cfc06879948b9)
(cherry picked from commit b0c5165145fa52f2f7bbec1f50b308bdf1d20ef3)
(cherry picked from commit 7ad51b9f8d0647eecacd258f6ee26155da3872e1)
(cherry picked from commit 64f053f3834e764112cde26bb0d16c5e88d6b2af)
(cherry picked from commit f5e78e4c204ce50b800645d614218b6b6096eecb)

Conflicts:
	services/auth/auth_token_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2069
(cherry picked from commit f69fc23d4bbadf388c7857040ee0774b824e418e)
(cherry picked from commit d955ab3ab02cbb7f1245a8cddec426d64d3ac500)
(cherry picked from commit 9220088f902a25c4690bcabf5a40a8d02e784182)
(cherry picked from commit c73ac636962c41c71814c273510146f0533264ab)
(cherry picked from commit 747a176048ea93085b406429db0e25bb21912eda)

Conflicts:
	models/user/user.go
	routers/web/user/setting/account.go
	https://codeberg.org/forgejo/forgejo/pulls/2295
2024-02-05 15:06:15 +01:00
Earl Warren
c7a389f2b2
[FEAT] allow setting the update date on issues and comments
This field adds the possibility to set the update date when modifying
an issue through the API.

A 'NoAutoDate' in-memory field is added in the Issue struct.
If the update_at field is set, NoAutoDate is set to true and the
Issue's UpdatedUnix field is filled.

That information is passed down to the functions that actually updates
the database, which have been modified to not auto update dates if
requested.

A guard is added to the 'EditIssue' API call, to checks that the
udpate_at date is between the issue's creation date and the current
date (to avoid 'malicious' changes). It also limits the new feature
to project's owners and admins.

(cherry picked from commit c524d33402c76bc4cccea2806f289e08a009baae)

Add a SetIssueUpdateDate() function in services/issue.go

That function is used by some API calls to set the NoAutoDate and
UpdatedUnix fields of an Issue if an updated_at date is provided.

(cherry picked from commit f061caa6555e0c9e922ee1e73dd2e4337360e9fe)

Add an updated_at field to the API calls related to Issue's Labels.

The update date is applied to the issue's comment created to inform
about the modification of the issue's labels.

(cherry picked from commit ea36cf80f58f0ab20c565a8f5d063b90fd741f97)

Add an updated_at field to the API call for issue's attachment creation

The update date is applied to the issue's comment created to inform
about the modification of the issue's content, and is set as the
asset creation date.

(cherry picked from commit 96150971ca31b97e97e84d5f5eb95a177cc44e2e)

Checking Issue changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPIEditIssueWithAutoDate
- TestAPIEditIssueWithNoAutoDate

- TestAPIAddIssueLabelsWithAutoDate
- TestAPIAddIssueLabelsWithNoAutoDate

- TestAPICreateIssueAttachmentWithAutoDate
- TestAPICreateIssueAttachmentWithNoAutoDate

(cherry picked from commit 4926a5d7a28581003545256632213bf4136b193d)

Add an updated_at field to the API call for issue's comment creation

The update date is used as the comment creation date, and is applied to
the issue as the update creation date.

(cherry picked from commit 76c8faecdc6cba48ca4fe07d1a916d1f1a4b37b4)

Add an updated_at field to the API call for issue's comment edition

The update date is used as the comment update date, and is applied to
the issue as an update date.

(cherry picked from commit cf787ad7fdb8e6273fdc35d7b5cc164b400207e9)

Add an updated_at field to the API call for comment's attachment creation

The update date is applied to the comment, and is set as the asset
creation date.

(cherry picked from commit 1e4ff424d39db7a4256cd9abf9c58b8d3e1b5c14)

Checking Comment changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPICreateCommentWithAutoDate
- TestAPICreateCommentWithNoAutoDate

- TestAPIEditCommentWithAutoDate
- TestAPIEditCommentWithNoAutoDate

- TestAPICreateCommentAttachmentWithAutoDate
- TestAPICreateCommentAttachmentWithNoAutoDate

(cherry picked from commit da932152f1deb3039a399516a51c8b6757059c91)

Pettier code to set the update time of comments

Now uses sess.AllCols().NoAutoToime().SetExpr("updated_unix", ...)

XORM is smart enough to compose one single SQL UPDATE which all
columns + updated_unix.

(cherry picked from commit 1f6a42808dd739c0c2e49e6b7ae2967f120f43c2)

Issue edition: Keep the max of the milestone and issue update dates.

When editing an issue via the API, an updated_at date can be provided.
If the EditIssue call changes the issue's milestone, the milestone's
update date is to be changed accordingly, but only with a greater
value.

This ensures that a milestone's update date is the max of all issue's
update dates.

(cherry picked from commit 8f22ea182e6b49e933dc6534040160dd739ff18a)

Rewrite the 'AutoDate' tests using subtests

Also add a test to check the permissions to set a date, and a test
to check update dates on milestones.

The tests related to 'AutoDate' are:
- TestAPIEditIssueAutoDate
- TestAPIAddIssueLabelsAutoDate
- TestAPIEditIssueMilestoneAutoDate
- TestAPICreateIssueAttachmentAutoDate
- TestAPICreateCommentAutoDate
- TestAPIEditCommentWithDate
- TestAPICreateCommentAttachmentAutoDate

(cherry picked from commit 961fd13c551b3e50040acb7c914a00ead92de63f)
(cherry picked from commit d52f4eea44692ee773010cb66a69a603663947d5)
(cherry picked from commit 3540ea2a43155ca8cf5ab1a4a246babfb829db16)

Conflicts:
	services/issue/issue.go
	https://codeberg.org/forgejo/forgejo/pulls/1415
(cherry picked from commit 56720ade008c09122d825959171aa5346d645987)

Conflicts:
	routers/api/v1/repo/issue_label.go
	https://codeberg.org/forgejo/forgejo/pulls/1462
(cherry picked from commit 47c78927d6c7e7a50298fa67efad1e73723a0981)
(cherry picked from commit 2030f3b965cde401976821083c3250b404954ecc)
(cherry picked from commit f02aeb76981cd688ceaf6613f142a8a725be1437)

Conflicts:
	routers/api/v1/repo/issue_attachment.go
	routers/api/v1/repo/issue_comment_attachment.go
	https://codeberg.org/forgejo/forgejo/pulls/1575
(cherry picked from commit d072525b35e44faf7ff87143c0e52b8ba8a625c8)
(cherry picked from commit 8424d0ab3df75ac3ffa30f42d398e22995ada5e7)
(cherry picked from commit 5cc62caec788b54afd9da5b9193ce06ee8ec562b)
(cherry picked from commit d6300d5dcd01c7ddc65d8b0f326f9c19cb53b58e)

[FEAT] allow setting the update date on issues and comments (squash) apply the 'update_at' value to the cross-ref comments (#1676)

[this is a follow-up to PR #764]

When a comment of issue A referencing issue B is added with a forced 'updated_at' date, that date has to be applied to the comment created in issue B.

-----

Comment:

While trying my 'RoundUp migration script', I found that this case was forgotten in PR #764 - my apologies...

I'll try to write a functional test, base on models/issues/issue_xref_test.go

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1676
Co-authored-by: fluzz <fluzz@freedroid.org>
Co-committed-by: fluzz <fluzz@freedroid.org>
(cherry picked from commit ac4f727f63a2dd746dd84a31ebf7f70d5b5d7c52)
(cherry picked from commit 5110476ee9010ba8cdca0e0f37f765f8800e9fe1)
(cherry picked from commit 77ba6be1dab4f6f3678d79a394da56e6447ebbe1)
(cherry picked from commit 9c8337b5c442cfd72d97597c2089e776f42828b7)
(cherry picked from commit 1d689eb686f0f7df09c7861b3faf9d8683cb933b)
(cherry picked from commit 511c519c875a4c4e65c02ef0c4e3b941f4da4371)
(cherry picked from commit 2f0b4a8f610837d34844bb79cda1360ab23b6b1c)
(cherry picked from commit fdd4da111c449322901a0acf6d0857eac4716581)

[FEAT] allow setting the update date on issues and comments (squash) do not use token= query param

See https://codeberg.org/forgejo/forgejo/commit/33439b733a

(cherry picked from commit c5139a75b9e4af612a628171bd4f63a24860c272)
(cherry picked from commit c7b572c35d3e9e22017fd74045bcdc1109bd06df)
(cherry picked from commit aec7503ff6dd177980f3d9f367122ffc2fec8986)
(cherry picked from commit 87c65f2a490faeccb85088fa0981dd50f7199eb8)
(cherry picked from commit bd47ee33c20e53ae616a7e53d63c3b51809585fb)
(cherry picked from commit f3dbd90a747c14fb1b5b4271db6c10abbf86d586)
2024-02-05 14:44:33 +01:00
Earl Warren
563b7f8345
[UPGRADE] run sanity checks before the database is upgraded
https://codeberg.org/forgejo/forgejo/pulls/1543
(cherry picked from commit fbb71f464b9566ed83a3e8b713e433712ea71ece)
(cherry picked from commit 650f849c84809002a7cd31008e53aff1202a0590)
(cherry picked from commit 25e0d33dfefcf723dd9f260809a968fb022e8bad)
(cherry picked from commit 222b70e504df3e49711d25c3ef196bc73658a6cb)
(cherry picked from commit 4be04627a75422de0de74940fb14271c377c2929)
(cherry picked from commit 64fcb25de359de5c3956e6f7ce3241423889c068)
(cherry picked from commit 740943d6b0df5793d827f5097fbfd152582e0c73)
(cherry picked from commit 3c096abf11abc94492f412315638bdf64c2ec1b9)
(cherry picked from commit da04dcb099ff4193818aebd98016c48e16faa444)
(cherry picked from commit b881d83f1c0ecc281aa00f0c4b327d141a247d31)
(cherry picked from commit 7e7492b996dff5d54888831a3e2a43b838c02259)
(cherry picked from commit 869edd3b0a501f128d41472f56378dc696b7e67e)
(cherry picked from commit d96fbda2741b975594b13560cc25759f665e6d28)
(cherry picked from commit 09c00cbd00258c12d5606f471890e62c914c765e)
(cherry picked from commit 10a1bf8122740f68fbb1062bc2f4b5d04086c72a)
(cherry picked from commit 2eb223c0f6fb11310aeabf1e85a0e45b061d8f7c)
(cherry picked from commit 1eaba14638af185453c78e092a9a5088b8c76d79)
2024-02-05 14:44:33 +01:00
Earl Warren
f6ba73de4c
[UPGRADE] add sanity checks for [storage*]
Refs: https://forgejo.org/2023-08-release-v1-20-3-0/
(cherry picked from commit a266dd0ce3fca1296c6713ff1266f0065f0cd72b)
(cherry picked from commit b9eb5eccd83e73ab6fb392557b7036063244f357)
(cherry picked from commit 7fc2028ede6e3a576c3714b27940de9f871c33bd)
(cherry picked from commit 0c988e612028eab277f03c16c0597da08c2c293a)
(cherry picked from commit 7ba05e8c2b51c4c08ab3885f9014f7bdaf3d0f6b)
(cherry picked from commit 2ed5068abe0cb57a257167d669faee207762b1d0)
(cherry picked from commit 353913a26dd749f017cf8b76cf9218f68e8ca408)
(cherry picked from commit 4e63a01a8bf9d0c8a1a6a6d7a3b18c64369bbaf1)
(cherry picked from commit 99f612aed30852b23fe325bd5b6095aee9bd558e)
(cherry picked from commit b4fe189caea9c656edd9c0c20e0d667911e4921c)
(cherry picked from commit bd35e3b7bc2d64e649915c5103067be1c7ffbe44)
(cherry picked from commit f59d9f7088af9963041eedc46fcce2ec8c9c4722)
(cherry picked from commit 0b2a93e044b1d9319345ed2b6104a479eae376ef)
(cherry picked from commit 8c5d8bfea0d65ebab33e2cb7dd04298d0f263fdd)
(cherry picked from commit 2817ce027cbcd630d83484c98b9539a3a94a5266)
(cherry picked from commit 162056cbcfd79710e4d81b1b36f650be291df832)
(cherry picked from commit 07152a0ba640f71fa669ef84c473eb773a15ede9)
(cherry picked from commit 72e37779159a1820bb2d02b4647967fed3c8abc2)
(cherry picked from commit 3b1ebd95b94327b8056eed51e9c6dbb4c412af09)
(cherry picked from commit 14fc4f3fac637fb026a64b6110026533caa11dfc)
(cherry picked from commit 9052c86e8ce97895eec8642bdb1c987790924b03)
(cherry picked from commit 16f1cc21ea518c5390061534c8cfcc8f9f0c2587)
(cherry picked from commit 0fef12f5d85870fa364d6046ac04dcdfc8cb69df)
(cherry picked from commit d187381f73a0859198aade34057c63aef38d764d)
(cherry picked from commit 9dda7151116af3a0d52b0778eff0f837d6bd1cf5)
2024-02-05 14:44:33 +01:00
Earl Warren
160ae5ee23
[UPGRADE] run sanity checks before the database is upgraded
(cherry picked from commit 69741e4e66932a9ac092089e7ba27399c55dcd1a)
(cherry picked from commit 2a3c7b09cbdfd62cca2619aaf37b6913a373d142)
(cherry picked from commit a1554c1168d897e8db4024d716a837c012bf74e9)
(cherry picked from commit edae2c6d2dda7f44e40ae88fba60a15f61b72232)
(cherry picked from commit 49737cf009a6a0fc119cf8a1a1593493c77c841a)
(cherry picked from commit ec53704c34a3e9491b4f210250d5e053f4b221e5)
(cherry picked from commit 7a1c5c0f323cb5e9235d8fa6e59a0a1b172d3abb)
(cherry picked from commit e658c20c0f21b42f741c0149e0e79ea0bb3b949c)
(cherry picked from commit baf575468f39c5dd0c2ff3498ef9f706d12d114e)
(cherry picked from commit 40cb14eff427c801243e374f7c60fef994bcb792)
(cherry picked from commit 25ab4d07136d023236de00e9143957c856b4d196)
(cherry picked from commit 5a29005215a5e9419ed3096c1bc0aae172f45089)
(cherry picked from commit fef1260e990719af49644970aaa2a7219438b681)
(cherry picked from commit eadbbb1afe6f36cfaf4cc3fc346b510893f21011)
(cherry picked from commit db22d61eb47b56cc7cf0f44934f8f550df029e76)
(cherry picked from commit 9d3b0be39a008e2e1a4f474b0ab74627e003430d)
(cherry picked from commit b3fa3c1292228ef4833b6ea1f120102471478256)
(cherry picked from commit c8300d4fe24fccaefc18e95ec8c6d689f1cb4d7a)
(cherry picked from commit 8ba6a4c9dbd9cbb2758b02016f1858d1e85633ce)
(cherry picked from commit 8b8df652c1eb7806e590751942b4689e374e1128)
(cherry picked from commit fc8fa050c688451c9c2079b1f0f71ed11a6d7e4d)
(cherry picked from commit bcf3faf69843421517bf3ddf032fe92cbf0a766d)
(cherry picked from commit 514a631aa650987ef3400ad31eb32af676a97164)
(cherry picked from commit 529c7a09f73bdb27ac14e0cdb6312eac2bc1109c)
(cherry picked from commit 0d093d76e2d27523f42606d78c1302057c328913)
2024-02-05 14:44:33 +01:00
Earl Warren
1951c51c8e
Revert "Unify password changing and invalidate auth tokens (#27625)"
This reverts commit 688d4a1f71.
2024-02-05 14:43:35 +01:00
Lunny Xiao
9bb1adf8ea
Move some repository transfer functions to service layer (#28855) 2024-02-05 06:17:23 +00:00
Sergey Bugaev
2da233ad8b
Propagate install_if and provider_priority to APKINDEX (#28899)
Resolves https://github.com/go-gitea/gitea/issues/28704

Example of an entry in the generated `APKINDEX` file:

```
C:Q1xCO3H9LTTEbhKt9G1alSC87I56c=
P:hello
V:2.12-r1
A:x86_64
T:The GNU Hello program produces a familiar, friendly greeting
U:https://www.gnu.org/software/hello/
L:GPL-3.0-or-later
S:15403
I:36864
o:hello
m:
t:1705934118
D:so:libc.musl-x86_64.so.1
p:cmd:hello=2.12-r1
i:foobar=1.0 !baz
k:42
```

the `i:` and `k:` entries are new.

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-05 05:52:56 +00:00
Bram Hagens
50f55f11c4
Show whether a PR is WIP inside popups (#28975)
Fixes https://codeberg.org/forgejo/forgejo/issues/2257

Draft status of a PR is currently not exposed by the API. This PR adds a
'draft' field to pull requests in the API, which is used to correctly
set the PR color/icon in a ContextPopup.

---

Before:

![image](https://github.com/go-gitea/gitea/assets/5541521/72cbd30e-1175-4338-aa97-ac99c46c5118)

After:

![image](https://github.com/go-gitea/gitea/assets/5541521/111c9eba-460e-4d57-bcca-23a151c3a4f1)
2024-02-04 22:37:45 +00:00
KN4CK3R
688d4a1f71
Unify password changing and invalidate auth tokens (#27625)
- Unify the password changing code
- Invalidate existing auth tokens when changing passwords
2024-02-04 14:05:26 +00:00
KN4CK3R
f8b471ace1
Unify user update methods (#28733)
Fixes #28660
Fixes an admin api bug related to `user.LoginSource`
Fixed `/user/emails` response not identical to GitHub api

This PR unifies the user update methods. The goal is to keep the logic
only at one place (having audit logs in mind). For example, do the
password checks only in one method not everywhere a password is updated.

After that PR is merged, the user creation should be next.
2024-02-04 13:29:09 +00:00
Gwyneth Morgan
360b3fd17c
Include username in email headers (#28981)
Emails from Gitea comments do not contain the username of the commenter
anywhere, only their display name, so it is not possible to verify who
made a comment from the email itself:

	From: "Alice" <email@gitea>
	X-Gitea-Sender: Alice
	X-Gitea-Recipient: Bob
	X-GitHub-Sender: Alice
	X-GitHub-Recipient: Bob

	This comment looks like it's from @alice.

The X-Gitea/X-GitHub headers also use display names, which is not very
reliable for filtering, and inconsistent with GitHub's behavior:

	X-GitHub-Sender: lunny
	X-GitHub-Recipient: gwymor

This change includes both the display name and username in the From
header, and switches the other headers from display name to username:

	From: "Alice (@fakealice)" <email@gitea>
	X-Gitea-Sender: fakealice
	X-Gitea-Recipient: bob
	X-GitHub-Sender: fakealice
	X-GitHub-Recipient: bob

	This comment looks like it's from @alice.
2024-02-03 00:41:27 +00:00
silverwind
a6cea59514
Update tool dependencies (#29030) 2024-02-02 19:11:39 -05:00
ChristopherHX
a9bc590d5d
Add artifacts v4 jwt to job message and accept it (#28885)
This change allows act_runner / actions_runner to use jwt tokens for
`ACTIONS_RUNTIME_TOKEN` that are compatible with
actions/upload-artifact@v4.

The official Artifact actions are now validating and extracting the jwt
claim scp to get the runid and jobid, the old artifact backend also
needs to accept the same token jwt.

---
Related to #28853

I'm not familar with the auth system, maybe you know how to improve this

I have tested
- the jwt token is a valid token for artifact uploading
- the jwt token can be parsed by actions/upload-artifact@v4 and passes
their scp claim validation

Next steps would be a new artifacts@v4 backend.

~~I'm linking the act_runner change soonish.~~
act_runner change to make the change effective and use jwt tokens
<https://gitea.com/gitea/act_runner/pulls/471>
2024-02-02 14:25:59 +00:00
yp05327
b9f8d75e27
Avoid sending update/delete release notice when it is draft (#29008)
Fix #27157
2024-02-02 04:18:12 +00:00
Zettat123
adc3598a75
Fix an actions schedule bug (#28942)
In #28691, schedule plans will be deleted when a repo's actions unit is
disabled. But when the unit is enabled, the schedule plans won't be
created again.

This PR fixes the bug. The schedule plans will be created again when the
actions unit is re-enabled
2024-01-31 14:55:12 +00:00
Lunny Xiao
5f82ead13c
Simplify how git repositories are opened (#28937)
## Purpose
This is a refactor toward building an abstraction over managing git
repositories.
Afterwards, it does not matter anymore if they are stored on the local
disk or somewhere remote.

## What this PR changes
We used `git.OpenRepository` everywhere previously.
Now, we should split them into two distinct functions:

Firstly, there are temporary repositories which do not change:

```go
git.OpenRepository(ctx, diskPath)
```

Gitea managed repositories having a record in the database in the
`repository` table are moved into the new package `gitrepo`:

```go
gitrepo.OpenRepository(ctx, repo_model.Repo)
```

Why is `repo_model.Repository` the second parameter instead of file
path?
Because then we can easily adapt our repository storage strategy.
The repositories can be stored locally, however, they could just as well
be stored on a remote server.

## Further changes in other PRs
- A Git Command wrapper on package `gitrepo` could be created. i.e.
`NewCommand(ctx, repo_model.Repository, commands...)`. `git.RunOpts{Dir:
repo.RepoPath()}`, the directory should be empty before invoking this
method and it can be filled in the function only. #28940
- Remove the `RepoPath()`/`WikiPath()` functions to reduce the
possibility of mistakes.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-27 21:09:51 +01:00
KN4CK3R
fc1bae00a4
Fix SSPI user creation (#28948)
Fixes #28945

Setting the avatar is wrong and creating a random password is equal to
leave it empty.
2024-01-27 09:27:34 +00:00
Zettat123
071b7b2a03
Implement MigrateRepository for the actions notifier (#28920)
Fixes #28699

This PR implements the `MigrateRepository` method for `actionsNotifier`
to detect the schedules from the workflow files in the migrated
repository.
2024-01-25 20:06:29 +08:00
JakobDev
4567a3a1ad
Allow to sync tags from admin dashboard (#28045)
Inspired by #28043

This PR adds a option to the Admin Dashboard to sync all tags to the
database.


![grafik](https://github.com/go-gitea/gitea/assets/15185051/26ac51ef-82a4-4fd9-a6a6-5aefec612ff6)
2024-01-24 03:02:04 +00:00
JakobDev
1af45689f9
Only migrate the first 255 chars of a Github issue title (#28902)
Fixes #28846
2024-01-24 02:09:08 +00:00
KN4CK3R
8e9b6817bc
Fix DeleteCollaboration transaction behaviour (#28886)
The method can't be called with an outer transaction because if the user
is not a collaborator the outer transaction will be rolled back even if
the inner transaction uses the no-error path.

`has == 0` leads to `return nil` which cancels the transaction. A
standalone call of this method does nothing but if used with an outer
transaction, that will be canceled.
2024-01-22 07:19:56 +00:00
Lunny Xiao
23efd9d278
Fix schedule not trigger bug because matching full ref name with short ref name (#28874)
Fix #28533

Caused by #28691
2024-01-22 02:13:24 +00:00
Lunny Xiao
0e6fd0d1c1
Fix branch list bug which displayed default branch twice (#28878)
Fix #28876
2024-01-21 22:08:31 +08:00
Lunny Xiao
62f995203a
Move doctor package from modules to services (#28856) 2024-01-20 10:07:31 +08:00
Adam Majer
d68a613ba8
Add support for sha256 repositories (#23894)
Currently only SHA1 repositories are supported by Gitea. This adds
support for alternate SHA256 with the additional aim of easier support
for additional hash types in the future.

Fixes: #13794
Limited by: https://github.com/go-git/go-git/issues/899
Depend on: #28138

<img width="776" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/5448c9a7-608e-4341-a149-5dd0069c9447">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2024-01-19 17:05:02 +01:00
KN4CK3R
461d8b53c2
Fix some RPM registry flaws (#28782)
Related #26984
(https://github.com/go-gitea/gitea/pull/26984#issuecomment-1889588912)

Fix admin cleanup message.
Fix models `Get` not respecting default values.
Rebuild RPM repository files after cleanup.
Do not add RPM group to package version name.
Force stable sorting of Alpine/Debian/RPM repository data.
Fix missing deferred `Close`.
Add tests for multiple RPM groups.
Removed non-cached `ReplaceAllStringRegex`.

If there are multiple groups available, it's stated in the package
installation screen:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/8f132760-882c-4ab8-9678-77e47dfc4415)
2024-01-19 11:37:10 +00:00
Viktor Kuzmin
49eb168677
Retarget depending pulls when the parent branch is deleted (#28686)
Sometimes you need to work on a feature which depends on another (unmerged) feature.
In this case, you may create a PR based on that feature instead of the main branch.
Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted.
Automatic target branch change make life a lot easier in such cases.
Github and Bitbucket behave in such way.

Example:
$PR_1$: main <- feature1
$PR_2$: feature1 <- feature2

Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen.
This is both annoying and loses the review history when you open a new PR.

With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted.

This behavior is enabled by default but can be disabled.
For security reasons, this target branch change will not be executed when merging PRs targeting another repo. 

Fixes #27062
Fixes #18408

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-17 01:44:56 +01:00
Mihir Joshi
b8270240bf
Fix reverting a merge commit failing (#28794)
Fixes #22236

---
Error occurring currently while trying to revert commit using read-tree
-m approach:
> 2022/12/26 16:04:43 ...rvices/pull/patch.go:240:AttemptThreeWayMerge()
[E] [63a9c61a] Unable to run read-tree -m! Error: exit status 128 -
fatal: this operation must be run in a work tree
> 	 - fatal: this operation must be run in a work tree

We need to clone a non-bare repository for `git read-tree -m` to work.

bb371aee6e
adds support to create a non-bare cloned temporary upload repository.

After cloning a non-bare temporary upload repository, we [set default
index](https://github.com/go-gitea/gitea/blob/main/services/repository/files/cherry_pick.go#L37)
(`git read-tree HEAD`).
This operation ends up resetting the git index file (see investigation
details below), due to which, we need to call `git update-index
--refresh` afterward.


Here's the diff of the index file before and after we execute
SetDefaultIndex: https://www.diffchecker.com/hyOP3eJy/

Notice the **ctime**, **mtime** are set to 0 after SetDefaultIndex.

You can reproduce the same behavior using these steps:
```bash
$ git clone https://try.gitea.io/me-heer/test.git -s -b main
$ cd test
$ git read-tree HEAD
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
error: Entry '1' not uptodate. Cannot merge.
```

After which, we can fix like this:
```
$ git update-index --refresh
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
```
2024-01-16 15:06:51 +00:00
Lunny Xiao
c08d263a19
Remove trust model selection from repository creation on web page because it can be changed in settings later (#28814)
As more and more options can be set for creating the repository, I don't
think we should put all of them into the creation web page which will
make things look complicated and confusing.

And I think we need some rules about how to decide which should/should
not be put in creating a repository page. One rule I can imagine is if
this option can be changed later and it's not a MUST on the creation,
then it can be removed on the page. So I found trust model is the first
one.

This PR removed the trust model selections on creating a repository web
page and kept others as before.
This is also a preparation for #23894 which will add a choice about SHA1
or SHA256 that cannot be changed once the repository created.
2024-01-16 20:54:48 +08:00
KN4CK3R
637451a45e
Rework markup link rendering (#26745)
Fixes #26548

This PR refactors the rendering of markup links. The old code uses
`strings.Replace` to change some urls while the new code uses more
context to decide which link should be generated.

The added tests should ensure the same output for the old and new
behaviour (besides the bug).

We may need to refactor the rendering a bit more to make it clear how
the different helper methods render the input string. There are lots of
options (resolve links / images / mentions / git hashes / emojis / ...)
but you don't really know what helper uses which options. For example,
we currently support images in the user description which should not be
allowed I think:

<details>
  <summary>Profile</summary> 

https://try.gitea.io/KN4CK3R

![grafik](https://github.com/go-gitea/gitea/assets/1666336/109ae422-496d-4200-b52e-b3a528f553e5)

</details>

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-15 08:49:24 +00:00
Jimmy Praet
5d3fdd1212
Add branch protection setting for ignoring stale approvals (#28498)
Fixes #27114.

* In Gitea 1.12 (#9532), a "dismiss stale approvals" branch protection
setting was introduced, for ignoring stale reviews when verifying the
approval count of a pull request.
* In Gitea 1.14 (#12674), the "dismiss review" feature was added.
* This caused confusion with users (#25858), as "dismiss" now means 2
different things.
* In Gitea 1.20 (#25882), the behavior of the "dismiss stale approvals"
branch protection was modified to actually dismiss the stale review.

For some users this new behavior of dismissing the stale reviews is not
desirable.

So this PR reintroduces the old behavior as a new "ignore stale
approvals" branch protection setting.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-15 07:20:01 +00:00
yp05327
ce0225c1b8
Forbid removing the last admin user (#28337)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-15 06:51:43 +00:00
Lunny Xiao
70c4aad8e1
Move more functions to db.Find (#28419)
Following #28220

This PR move more functions to use `db.Find`.

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-15 02:19:25 +00:00
Lunny Xiao
97292da960
Fix schedule tasks bugs (#28691)
Fix #28157 

This PR fix the possible bugs about actions schedule.

## The Changes

- Move `UpdateRepositoryUnit` and `SetRepoDefaultBranch` from models to
service layer
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when actions unit has been disabled
or global disabled.
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when default branch changed.
2024-01-12 21:50:38 +00:00
Exploding Dragon
ba4d0b8ffb
Support for grouping RPMs using paths (#26984)
The current rpm repository places all packages in the same repository,
and different systems (el7,f34) may hit packages that do not belong to
this distribution ( #25304 ) , which now supports grouping of rpm.

![图片](https://github.com/go-gitea/gitea/assets/33776693/d1e1d99f-7799-4b2b-a19b-cb2a5c692914)

Fixes #25304 .
Fixes #27056 .

Refactor: [#25866](https://github.com/go-gitea/gitea/pull/25866)
2024-01-12 03:16:05 +00:00
KN4CK3R
595a9291b6
Fix convert.ToTeams on empty input (#28426)
Fixes #28420

Don't return `nil` if the input was empty.
2024-01-11 22:12:08 +00:00
Earl Warren
aa4d78431f
Concatenate error in checkIfPRContentChanged (#28731)
- If there's a error with the Git command in `checkIfPRContentChanged`
the stderr wasn't concatendated to the error, which results in still not
knowing why an error happend.
- Adds concatenation for stderr to the returned error.
- Ref: https://codeberg.org/forgejo/forgejo/issues/2077

Co-authored-by: Gusted <postmaster@gusted.xyz>
2024-01-09 10:32:14 +08:00
Nanguan Lin
b6e0957b9c
Fix alpine package files are not rebuilt (#28638)
I noticed the `BuildAllRepositoryFiles` function under the Alpine folder
is unused and I thought it was a bug.
But I'm not sure about this. Was it on purpose?
2023-12-31 12:08:46 +08:00
Denys Konovalov
f10d716ff4
fix empty ref for cron workflow runs (#28640)
Fix #27678 
Please see
https://github.com/go-gitea/gitea/issues/27678#issuecomment-1871445853
for details.
2023-12-29 06:18:57 +00:00
wxiaoguang
e743570f65
Refactor timeutil package (#28623)
1. make names more readable
2. remove unused FormatLong/FormatShort
3. use `FormatDate` instead of `Format "2006-01-02"`
2023-12-28 10:09:57 +00:00
Lunny Xiao
921df1cbad
Remove unnecessary syncbranchToDB with tests (#28624)
#28361 introduced `syncBranchToDB` in `CreateNewBranchFromCommit`. This
PR will revert the change because it's unnecessary. Every push will
already be checked by `syncBranchToDB`.
This PR also created a test to ensure it's right.
2023-12-28 15:28:57 +08:00
wxiaoguang
d68b9237bf
Use known issue IID to generate new PR index number when migrating from GitLab (#28616)
Fix #13884
2023-12-26 17:57:25 +00:00
delvh
778ad795fd
Refactor deletion (#28610)
Introduce the new generic deletion methods
- `func DeleteByID[T any](ctx context.Context, id int64) (int64, error)`
- `func DeleteByIDs[T any](ctx context.Context, ids ...int64) error`
- `func Delete[T any](ctx context.Context, opts FindOptions) (int64,
error)`

So, we no longer need any specific deletion method and can just use
the generic ones instead.

Replacement of #28450

Closes #28450

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-12-25 21:25:29 +01:00
Nanguan Lin
6a725b6f9c
Remove deadcode under models/issues (#28536)
Using the Go Official tool `golang.org/x/tools/cmd/deadcode@latest`
mentioned by [go blog](https://go.dev/blog/deadcode).
Just use `deadcode .` in the project root folder and it gives a list of
unused functions. Though it has some false alarms.
This PR removes dead code detected in `models/issues`.
2023-12-19 20:12:02 +01:00
Lunny Xiao
e7cb8da2a8
Always enable caches (#28527)
Nowadays, cache will be used on almost everywhere of Gitea and it cannot
be disabled, otherwise some features will become unaviable.

Then I think we can just remove the option for cache enable. That means
cache cannot be disabled.
But of course, we can still use cache configuration to set how should
Gitea use the cache.
2023-12-19 09:29:05 +00:00
Lunny Xiao
4eb2a29910
Improve ObjectFormat interface (#28496)
The 4 functions are duplicated, especially as interface methods. I think
we just need to keep `MustID` the only one and remove other 3.

```
MustID(b []byte) ObjectID
MustIDFromString(s string) ObjectID
NewID(b []byte) (ObjectID, error)
NewIDFromString(s string) (ObjectID, error)
```

Introduced the new interfrace method `ComputeHash` which will replace
the interface `HasherInterface`. Now we don't need to keep two
interfaces.

Reintroduced `git.NewIDFromString` and `git.MustIDFromString`. The new
function will detect the hash length to decide which objectformat of it.
If it's 40, then it's SHA1. If it's 64, then it's SHA256. This will be
right if the commitID is a full one. So the parameter should be always a
full commit id.

@AdamMajer Please review.
2023-12-19 07:20:47 +00:00
wxiaoguang
11f0519ad8
Update go dependencies (#28518)
Update golang.org/x/crypto for CVE-2023-48795 and update other packages.
`go-git` is not updated because it needs time to figure out why some
tests fail.
2023-12-19 09:18:42 +08:00
Yevhen Pavlov
cd2ff6e83d
Bump google/go-github to v57 (#28514) 2023-12-18 15:42:04 -06:00
wxiaoguang
20929edc99
Add option to disable ambiguous unicode characters detection (#28454)
* Close #24483
* Close #28123
* Close #23682
* Close #23149

(maybe more)
2023-12-17 14:38:54 +00:00
Lunny Xiao
408a484224
Adjust object format interface (#28469)
- Remove `ObjectFormatID`
- Remove function `ObjectFormatFromID`.
- Use `Sha1ObjectFormat` directly but not a pointer because it's an
empty struct.
- Store `ObjectFormatName` in `repository` struct
2023-12-17 11:56:08 +00:00
Adam Majer
cbf923e87b
Abstract hash function usage (#28138)
Refactor Hash interfaces and centralize hash function. This will allow
easier introduction of different hash function later on.

This forms the "no-op" part of the SHA256 enablement patch.
2023-12-13 21:02:00 +00:00
KN4CK3R
ff5106d700
Fix possible nil pointer access (#28428)
There could be a nil pointer exception if the file is not found because
that specific error is suppressed but not handled.
2023-12-12 13:51:33 +00:00
Jack Hay
4e879fed90
Deprecate query string auth tokens (#28390)
## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example: 
  ```
  HTTP/1.1 200 OK
  ...
  Warning: token and access_token API authentication is deprecated
  ...
  ```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`

## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed

## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-12-12 03:48:53 +00:00
Lunny Xiao
537fa69962
Second part of refactor db.Find (#28194)
Continue of #27798 and move more functions to `db.Find` and `db.Count`.
2023-12-11 16:56:48 +08:00
Earl Warren
fab73e4a3a
Actually recover from a panic in cron task (#28409)
- Currently there's code to recover gracefully from panics that happen
within the execution of cron tasks. However this recover code wasn't
being run, because `RunWithShutdownContext` also contains code to
recover from any panic and then gracefully shutdown Forgejo. Because
`RunWithShutdownContext` registers that code as last, that would get run
first which in this case is not behavior that we want.
- Move the recover code to inside the function, so that is run first
before `RunWithShutdownContext`'s recover code (which is now a noop).

Fixes: https://codeberg.org/forgejo/forgejo/issues/1910

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-12-10 20:15:06 +00:00
Lunny Xiao
aeb383025f
Also sync DB branches on push if necessary (#28361)
Fix #28056 

This PR will check whether the repo has zero branch when pushing a
branch. If that, it means this repository hasn't been synced.

The reason caused that is after user upgrade from v1.20 -> v1.21, he
just push branches without visit the repository user interface. Because
all repositories routers will check whether a branches sync is necessary
but push has not such check.

For every repository, it has two states, synced or not synced. If there
is zero branch for a repository, then it will be assumed as non-sync
state. Otherwise, it's synced state. So if we think it's synced, we just
need to update branch/insert new branch. Otherwise do a full sync. So
that, for every push, there will be almost no extra load added. It's
high performance than yours.

For the implementation, we in fact will try to update the branch first,
if updated success with affect records > 0, then all are done. Because
that means the branch has been in the database. If no record is
affected, that means the branch does not exist in database. So there are
two possibilities. One is this is a new branch, then we just need to
insert the record. Another is the branches haven't been synced, then we
need to sync all the branches into database.
2023-12-09 13:30:56 +00:00
Lunny Xiao
dd30d9d5c0
Remove GetByBean method because sometimes it's danger when query condition parameter is zero and also introduce new generic methods (#28220)
The function `GetByBean` has an obvious defect that when the fields are
empty values, it will be ignored. Then users will get a wrong result
which is possibly used to make a security problem.

To avoid the possibility, this PR removed function `GetByBean` and all
references.
And some new generic functions have been introduced to be used.

The recommand usage like below.

```go
// if query an object according id
obj, err := db.GetByID[Object](ctx, id)
// query with other conditions
obj, err := db.Get[Object](ctx, builder.Eq{"a": a, "b":b})
```
2023-12-07 15:27:36 +08:00
Nanguan Lin
49b98e45bc
Fix migration panic due to an empty review comment diff (#28334)
Fix #28328 
```
func (p *PullRequestComment) GetDiffHunk() string {
	if p == nil || p.DiffHunk == nil {
		return ""
	}
	return *p.DiffHunk
}
```
This function in the package `go-github` may return an empty diff. When
it's empty, the following code will panic because it access `ss[1]`

ec1feedbf5/services/migrations/gitea_uploader.go (L861-L867)

ec1feedbf5/modules/git/diff.go (L97-L101)
2023-12-05 08:29:43 +00:00
KN4CK3R
dfa77ac020
Fix RPM/Debian signature key creation (#28352)
Fixes #28324

The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.
2023-12-05 00:48:01 +00:00
Brecht Van Lommel
bffbf08f26
Fix missing issue search index update when changing status (#28325)
Changing an issue status, assignee, labels or milestone without also
adding a comment would not update the index, resulting in wrong search
results.
2023-12-03 12:22:44 +01:00
Earl Warren
1bfcdeef4c
Make pushUpdate error verbose (#28263)
- Push commits updates are run in a queue and updates can come from less
traceable places such as Git over SSH, therefor add more information
about on which repository the pushUpdate failed.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1723

(cherry picked from commit 37ab9460394800678d2208fed718e719d7a5d96f)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-30 00:46:51 +00:00
Earl Warren
64cd6e8df5
Fix required error for token name (#28267)
- Say to the binding middleware which locale should be used for the
required error.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1683

(cherry picked from commit 5a2d7966127b5639332038e9925d858ab54fc360)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-29 03:47:05 +00:00
Lunny Xiao
882e502327
Fix comment permissions (#28213)
This PR will fix some missed checks for private repositories' data on
web routes and API routes.
2023-11-25 17:21:21 +00:00
Lunny Xiao
df1e7d0067
Use db.Find instead of writing methods for every object (#28084)
For those simple objects, it's unnecessary to write the find and count
methods again and again.
2023-11-24 03:49:41 +00:00
Denys Konovalov
816e46ee7c
add skip ci functionality (#28075)
Adds the possibility to skip workflow execution if the commit message
contains a string like [skip ci] or similar.

The default strings are the same as on GitHub, users can also set custom
ones in app.ini

Reference:
https://docs.github.com/en/actions/managing-workflow-runs/skipping-workflow-runs

Close #28020
2023-11-18 13:37:08 +02:00
KN4CK3R
58f5fa6536
Fix Matrix and MSTeams nil dereference (#28089)
Fixes #28088 
Fixes #28094

Added missing tests.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-11-17 12:17:33 +01:00
Lunny Xiao
f65977df3a
Revert "packages: Calculate package size quota using package creator ID instead of owner ID (#28007)" (#28049)
This reverts commit #28007 60522fc96f.
2023-11-14 16:03:56 +01:00
Danila Fominykh
60522fc96f
packages: Calculate package size quota using package creator ID instead of owner ID (#28007)
Changed behavior to calculate package quota limit using package `creator
ID` instead of `owner ID`.

Currently, users are allowed to create an unlimited number of
organizations, each of which has its own package limit quota, resulting
in the ability for users to have unlimited package space in different
organization scopes. This fix will calculate package quota based on
`package version creator ID` instead of `package version owner ID`
(which might be organization), so that users are not allowed to take
more space than configured package settings.

Also, there is a side case in which users can publish packages to a
specific package version, initially published by different user, taking
that user package size quota. Version in fix should be better because
the total amount of space is limited to the quota for users sharing the
same organization scope.
2023-11-14 00:38:50 +01:00
KN4CK3R
3081e7e153
Fix missing mail reply address (#27997)
Fixes https://codeberg.org/forgejo/forgejo/issues/1458

Some mails such as issue creation mails are missing the reply-to-comment
address. This PR fixes that and specifies which comment types should get
a reply-possibility.
2023-11-13 03:20:34 +00:00
KN4CK3R
4f4fea734c
Unify two factor check (#27915)
Fixes #27819

We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
2023-11-06 08:22:39 +00:00
Earl Warren
59f9ef9fee
Remove action runners on user deletion (#27902)
- On user deletion, delete action runners that the user has created.
- Add a database consistency check to remove action runners that have
nonexistent belonging owner.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1720

(cherry picked from commit 009ca7223dab054f7f760b7ccae69e745eebfabb)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-11-05 13:48:32 +01:00
Zettat123
ae396ac7c0
Fix DownloadFunc when migrating releases (#27887)
We should not use `asset.ID` in DownloadFunc because DownloadFunc is a
closure.

1bf5527eac/services/migrations/gitea_downloader.go (L284-L295)

A similar bug when migrating from GitHub has been fixed in #14703. This
PR fixes the bug when migrating from Gitea and GitLab.
2023-11-03 15:56:53 +08:00
Lunny Xiao
1bf5527eac
Refactor Find Sources and fix bug when view a user who belongs to an unactive auth source (#27798)
The steps to reproduce it.

First, create a new oauth2 source.
Then, a user login with this oauth2 source.
Disable the oauth2 source.
Visit users -> settings -> security, 500 will be displayed.
This is because this page only load active Oauth2 sources but not all
Oauth2 sources.
2023-11-03 01:41:00 +00:00
wxiaoguang
a4b242ae7a
Clean up template locale usage (#27856)
After many refactoring PRs for the "locale" and "template context
function", now the ".locale" is not needed for web templates any more.

This PR does a clean up for:

1. Remove `ctx.Data["locale"]` for web context.
2. Use `ctx.Locale` in `500.tmpl`, for consistency.
3. Add a test check for `500 page` locale usage.
4. Remove the `Str2html` and `DotEscape` from mail template context
data, they are copy&paste errors introduced by #19169 and #16200 . These
functions are template functions (provided by the common renderer), but
not template data variables.
5. Make email `SendAsync` function mockable (I was planning to add more
tests but it would make this PR much too complex, so the tests could be
done in another PR)
2023-10-31 22:11:48 +08:00
Lunny Xiao
16d15ce087
Fix package webhook (#27839)
Fix #23742

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-10-31 04:43:38 +00:00
KN4CK3R
b36e2ca419
List all Debian package versions in Packages (#27786)
Closes #27783

This PR lists all and not only the latest package versions in the
`Packages` index.
2023-10-29 14:14:47 +00:00
Sebastian Brückner
02dae3f84b
Fix merge base commit for fast-forwarded GitLab PRs (#27825)
Due to a bug in the GitLab API, the diff_refs field is populated in the
response when fetching an individual merge request, but not when
fetching a list of them. That field is used to populate the merge base
commit SHA.
While there is detection for the merge base even when not populated by
the downloader, that detection is not flawless. Specifically, when a
GitLab merge request has a single commit, and gets merged with the
squash strategy, the base branch will be fast-forwarded instead of a
separate squash or merge commit being created. The merge base detection
attempts to find the last commit on the base branch that is also on the
PR branch, but in the fast-forward case that is the PR's only commit.
Assuming the head commit is also the merge base results in the import of
a PR with 0 commits and no diff.

This PR uses the individual merge request endpoint to fetch merge
request data with the diff_refs field. With its data, the base merge
commit can be properly set, which—by not relying on the detection
mentioned above—correctly imports PRs that were "merged" by
fast-forwarding the base branch.

ref: https://gitlab.com/gitlab-org/gitlab/-/issues/29620
2023-10-29 21:29:33 +08:00
Sebastian Brückner
8faa38568b
Use GitLab's squash_commit_sha when available (#27824)
Before this PR, the PR migration code populates Gitea's MergedCommitID
field by using GitLab's merge_commit_sha field. However, that field is
only populated when the PR was merged using a merge strategy. When a
squash strategy is used, squash_commit_sha is populated instead.

Given that Gitea does not keep track of merge and squash commits
separately, this PR simply populates Gitea's MergedCommitID by using
whichever field is present in the GitLab API response.
2023-10-29 00:54:58 +00:00
KN4CK3R
ab3f6c1bac
Close all hashed buffers (#27787)
Add missing `.Close()` calls. The current code does not delete the
temporary files if the data grows over 32mb.
2023-10-25 21:24:24 +02:00
merlleu
796ff26e0e
Do not force creation of _cargo-index repo on publish (#27266)
Hello there,
Cargo Index over HTTP is now prefered over git for package updates: we
should not force users who do not need the GIT repo to have the repo
created/updated on each publish (it can still be created in the packages
settings).

The current behavior when publishing is to check if the repo exist and
create it on the fly if not, then update it's content.
Cargo HTTP Index does not rely on the repo itself so this will be
useless for everyone not using the git protocol for cargo registry.

This PR only disable the creation on the fly of the repo when publishing
a crate.

This is linked to #26844 (error 500 when trying to publish a crate if
user is missing write access to the repo) because it's now optional.

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-10-24 03:26:38 +00:00
silverwind
ce83609ff6
Upgrade to golangci-lint@v1.55.0 (#27756)
https://github.com/golangci/golangci-lint/releases/tag/v1.55.0
2023-10-24 02:54:59 +00:00
wxiaoguang
f3956fcb28
Fix incorrect ctx usage in defer function (#27740) 2023-10-22 14:12:27 +00:00
6543
e83f2cbbac
Add doctor dbconsistency fix to delete repos with no owner (#27290)
to address #27273
replace #24873
2023-10-19 15:20:52 +02:00
JakobDev
3dc0c962bf
Delete repos of org when purge delete user (#27273)
Fixes https://codeberg.org/forgejo/forgejo/issues/1514

I had to remove `RenameOrganization` to avoid circular import.

We should really add some foreign keys to the database.
2023-10-19 13:16:11 +00:00
Lunny Xiao
9852c92e9a
Remove unnecessary parameter (#27671) 2023-10-18 15:03:10 +00:00
KN4CK3R
83186eca80
Always delete existing scheduled action tasks (#27662)
Fixes #27650
2023-10-18 10:34:39 +00:00
Jason Song
4e98224a45
Support allowed hosts for webhook to work with proxy (#27655)
When `webhook.PROXY_URL` has been set, the old code will check if the
proxy host is in `ALLOWED_HOST_LIST` or reject requests through the
proxy. It requires users to add the proxy host to `ALLOWED_HOST_LIST`.
However, it actually allows all requests to any port on the host, when
the proxy host is probably an internal address.

But things may be even worse. `ALLOWED_HOST_LIST` doesn't really work
when requests are sent to the allowed proxy, and the proxy could forward
them to any hosts.

This PR fixes it by:

- If the proxy has been set, always allow connectioins to the host and
port.
- Check `ALLOWED_HOST_LIST` before forwarding.
2023-10-18 09:44:36 +00:00
Lunny Xiao
eeb1e0242b
Fix poster is not loaded in get default merge message (#27657) 2023-10-17 15:07:23 +00:00
Jason Song
1be49fdda6
Improve retrying index issues (#27554)
Fix #27540
2023-10-15 18:56:57 +00:00
Lunny Xiao
cddf245c12
Replace more db.DefaultContext (#27628)
Target #27065
2023-10-15 17:46:06 +02:00
JakobDev
76a85a4ce9
Final round of db.DefaultContext refactor (#27587)
Last part of #27065
2023-10-14 08:37:24 +00:00
KN4CK3R
c6c829fe3f
Enhanced auth token / remember me (#27606)
Closes #27455

> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
> 
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.

The PR removes the now obsolete setting `COOKIE_USERNAME`.
2023-10-14 00:56:41 +00:00
wxiaoguang
1d155a43ad
Fix data-race bug when accessing task.LastRun (#27584) 2023-10-11 14:51:20 +00:00
Nanguan Lin
dc04044716
Replace assert.Fail with assert.FailNow (#27578)
assert.Fail() will continue to execute the code while assert.FailNow()
not. I thought those uses of assert.Fail() should exit immediately.
PS: perhaps it's a good idea to use
[require](https://pkg.go.dev/github.com/stretchr/testify/require)
somewhere because the assert package's default behavior does not exit
when an error occurs, which makes it difficult to find the root error
reason.
2023-10-11 11:02:24 +00:00
Earl Warren
1050d7a78f
show manual cron run's last time (#27544)
- Currently in the cron tasks, the 'Previous Time' only displays the
previous time of when the cron library executes the function, but not
any of the manual executions of the task.
- Store the last run's time in memory in the Task struct and use that,
when that time is later than time that the cron library has executed
this task.
- This ensures that if an instance admin manually starts a task, there's
feedback that this task is/has been run, because the task might be run
that quick, that the status icon already has been changed to an
checkmark,
- Tasks that are executed at startup now reflect this as well, as the
time of the execution of that task on startup is now being shown as
'Previous Time'.
- Added integration tests for the API part, which is easier to test
because querying the HTML table of cron tasks is non-trivial.
- Resolves https://codeberg.org/forgejo/forgejo/issues/949

(cherry picked from commit fd34fdac1408ece6b7d9fe6a76501ed9a45d06fa)

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: silverwind <me@silverwind.io>
2023-10-11 07:28:16 +00:00
JakobDev
ebe803e514
Penultimate round of db.DefaultContext refactor (#27414)
Part of #27065

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-10-11 04:24:07 +00:00
Lunny Xiao
5c9fbcca00
Fix attachment download bug (#27486) 2023-10-10 15:33:56 +00:00
yp05327
5a7ab86b98
Avoid run change title process when the title is same (#27467)
If user only changed the target branch or just did nothing and clicked
the `Save` button, you will see the change log as following:

![image](https://github.com/go-gitea/gitea/assets/18380374/d30927dd-9227-4653-8fac-b890ef0b3f88)

This makes no sense, so we should check whether the title is surely
changed before run the `ChangeTitle`.
2023-10-06 18:00:53 +00:00
Eng Zer Jun
13d5d2e711
Remove redundant len check around loop (#27464)
This pull request is a minor code cleanup.

From the Go specification (https://go.dev/ref/spec#For_range):

> "1. For a nil slice, the number of iterations is 0."
> "3. If the map is nil, the number of iterations is 0."

`len` returns 0 if the slice or map is nil
(https://pkg.go.dev/builtin#len). Therefore, checking `len(v) > 0`
before a loop is unnecessary.

---

At the time of writing this pull request, there wasn't a lint rule that
catches these issues. The closest I could find is
https://staticcheck.dev/docs/checks/#S103

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2023-10-06 14:49:37 +08:00
JakobDev
cc5df26680
Even more db.DefaultContext refactor (#27352)
Part of #27065

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-10-03 10:30:41 +00:00
Francesco Antognazza
bc21723717
Make Actions tasks/jobs timeouts configurable by the user (#27400)
With this PR we added the possibility to configure the Actions timeouts
values for killing tasks/jobs.
Particularly this enhancement is closely related to the `act_runner`
configuration reported below:
```
# The timeout for a job to be finished.
# Please note that the Gitea instance also has a timeout (3h by default) for the job.
# So the job could be stopped by the Gitea instance if it's timeout is shorter than this.
timeout: 3h
```

---

Setting the corresponding key in the INI configuration file, it is
possible to let jobs run for more than 3 hours.

Signed-off-by: Francesco Antognazza <francesco.antognazza@gmail.com>
2023-10-02 23:09:26 +02:00
delvh
e709bc199f
Differentiate between push and pull mirror sync in progress (#27390)
Previously, if you had both a push and a pull mirror, the message did
not clarify if you've accidentally synchronized the wrong one.
Additionally fixed two typos that were encountered while debugging.

## Screenshots

![grafik](https://github.com/go-gitea/gitea/assets/51889757/164d5d20-728d-4365-9cb5-c37e95857cdf)

![grafik](https://github.com/go-gitea/gitea/assets/51889757/90bfffd2-abd4-4847-b8e2-db4231700a6d)
2023-10-02 14:52:18 +00:00
Earl Warren
cb68e01e22
simplify issue deletion query (#27312)
- There's no need for `In` to be used, as it's a single parameter that's
being passed.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1521

(cherry picked from commit 4a4955f43ae7fc50cfe3b48409a0a10c82625a19)

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-10-02 02:30:10 +00:00
CaiCandong
87aa552531
Fix unexpected context canceled when migrating repository (#27368)
Fix #27363

Regression of #27089
2023-10-01 12:04:35 +00:00
CaiCandong
7ad31567cd
Fix ldap admin privileges update bug (#27051)
When the user does not set a username lookup condition, LDAP will get an
empty string `""` for the user, hence the following code
```
if isExist, err := user_model.IsUserExist(db.DefaultContext, 0, sr.Username)
```
The user presence determination will always be nonexistent, so updates
to user information will never be performed.


Fix #27049
2023-10-01 11:32:12 +00:00
Lunny Xiao
6e87a44034
Allow get release download files and lfs files with oauth2 token format (#26430)
Fix #26165
Fix #25257
2023-10-01 10:41:52 +00:00
JakobDev
cf0df023be
More db.DefaultContext refactor (#27265)
Part of #27065

This PR touches functions used in templates. As templates are not static
typed, errors are harder to find, but I hope I catch it all. I think
some tests from other persons do not hurt.
2023-09-29 12:12:54 +00:00
Dmitry Sharshakov
5e02e3b7ee
Add support for forking single branch (#25821)
Fixes #25117

Add UI for choosing branch to fork

Change default branch on single-branch forks


![image](https://github.com/go-gitea/gitea/assets/19504461/28505f69-a9a2-43a8-8b19-a0cdac3ddc5a)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-29 09:48:39 +08:00
JakobDev
1c039b4e1e
Fix Bug in Issue Config when only contact links are set (#26521)
Blank Issues should be enabled if they are not explicit disabled through
the `blank_issues_enabled` field of the Issue Config. The Implementation
has currently a Bug: If you create a Issue Config file with only
`contact_links` and without a `blank_issues_enabled` field,
`blank_issues_enabled` is set to false by default.

The fix is only one line, but I decided to also improve the tests to
make sure there are no other problems with the Implementation.

This is a bugfix, so it should be backported to 1.20.
2023-09-28 20:16:40 +08:00
Lunny Xiao
673cf6af76
make writing main test easier (#27270)
This PR removed `unittest.MainTest` the second parameter
`TestOptions.GiteaRoot`. Now it detects the root directory by current
working directory.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-28 01:38:53 +00:00
JakobDev
7047df36d4
Another round of db.DefaultContext refactor (#27103)
Part of #27065

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-09-25 13:17:37 +00:00
Nabapadma-sarker
8e23524b18
Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203)
Fixes #27202
2023-09-24 19:02:47 +00:00
Daniel Kilimnik
0ee7cbf725
Fix push mirror, wrong timestamp format (#27153)
I noticed, that the push mirrors endpoint, is the only endpoint which
returns the times in long format rather than as time.Time().

I think the behavior should be consistent across the project.

----

## ⚠️ BREAKING ⚠️

This PR changes the time format used in API responses for all
push_mirror endpoints which return a push mirror.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-23 12:15:05 +00:00
JakobDev
28f9b313ba
Updates to the API for archived repos (#27149) 2023-09-21 23:43:29 +00:00
John Olheiser
7520cd678c
Fix release URL in webhooks (#27182) 2023-09-21 17:55:09 -05:00
delvh
707c69f399
Fix successful return value for SyncAndGetUserSpecificDiff (#27152)
A function should not return an error when it is successful.
Otherwise, things like https://discord.com/channels/322538954119184384/322538954119184384/1153705341620600833 happen…
2023-09-20 22:28:17 +02:00
wxiaoguang
2814f2fea1
Fix incorrect test code for error handling (#27139)
If `assert.NoError` fails, it should return. Otherwise the code could
still execute even if the error occurs.
2023-09-20 08:51:36 +08:00
silverwind
1b1c55f73f
Increase auth provider icon size on login page (#27122)
Before, 20px:
<img width="474" alt="Screenshot 2023-09-19 at 00 10 05"
src="https://github.com/go-gitea/gitea/assets/115237/4bed4edb-219d-4844-9d3c-0d747033b09f">

After, 28px:
<img width="576" alt="Screenshot 2023-09-19 at 00 20 40"
src="https://github.com/go-gitea/gitea/assets/115237/f482ac09-38ae-4c84-80d9-0bd39b7f9772">


Dropdown in account settings is unchanged at 20px:
<img width="157" alt="Screenshot 2023-09-19 at 00 09 11"
src="https://github.com/go-gitea/gitea/assets/115237/9c998cdf-eeed-4118-9262-664faaa56092">

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-19 21:47:13 +00:00
Earl Warren
f7c64976d5
services/wiki: Close() after error handling (#27129)
Refs: https://codeberg.org/forgejo/forgejo/pulls/1385

Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com>
(cherry picked from commit 589e7d346f51de4a0e2c461b220c8cad34133b2f)

Co-authored-by: Lars Lehtonen <lars.lehtonen@gmail.com>
2023-09-19 16:45:44 +02:00
wxiaoguang
8531ca0837
Make SSPI auth mockable (#27036)
Before, the SSPI auth is only complied for Windows, it's difficult to
test and it breaks a lot.

Now, make the SSPI auth mockable and testable.
2023-09-17 23:32:56 +00:00
Lunny Xiao
47b878858a
Search branches (#27055)
Resolve #25233 

<img width="1315" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/3ba59b58-471a-4e1b-985c-87edac2268c0">

<img width="1297" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/b6caa12f-323b-4f70-9c44-ef91cb71a26c">
2023-09-17 08:24:40 +00:00
KN4CK3R
c766140dad
Add RemoteAddress to mirrors (#26952)
This PR adds a new field `RemoteAddress` to both mirror types which
contains the sanitized remote address for easier (database) access to
that information. Will be used in the audit PR if merged.
2023-09-16 16:03:02 +00:00
JakobDev
f91dbbba98
Next round of db.DefaultContext refactor (#27089)
Part of #27065
2023-09-16 14:39:12 +00:00
JakobDev
c548dde205
More refactoring of db.DefaultContext (#27083)
Next step of #27065
2023-09-15 06:13:19 +00:00
JakobDev
76659b1114
Reduce usage of db.DefaultContext (#27073)
Part of #27065

This reduces the usage of `db.DefaultContext`. I think I've got enough
files for the first PR. When this is merged, I will continue working on
this.

Considering how many files this PR affect, I hope it won't take to long
to merge, so I don't end up in the merge conflict hell.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-14 17:09:32 +00:00
Nanguan Lin
da50be7360
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052)
Currently 'userxx' and 'orgxx' are both used as username in test files
when the user type is org, which is confusing. This PR replaces all
'userxx' with 'orgxx' when the user type is org(`user.type==1`).
Some non-trivial changes
1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 
2. Change `end` in `issue reference` because 'org3' is one char shorter
than 'user3'

![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954)
3. Change the search result number of `user/repo2` because
`user3/repo21` can't be searched now

![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd)
4. Change the first org name getting from API because the result is
ordered by alphabet asc and now `org 17` is before `org25`
![JW8U7NIO(J$H
_YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548)
![)KFD411O4I8RB5ZOH7E0
Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5)

Other modifications are just find all and replace all.
Unit tests with SQLite are all passed.

---------

Co-authored-by: caicandong <1290147055@qq.com>
2023-09-14 02:59:53 +00:00
sebastian-sauer
e116ad4500
Load reviewer before sending notification (#27063)
The
[template](https://github.com/go-gitea/gitea/blob/main/templates/mail/issue/default.tmpl#L51)
uses the Reviewer.Name property - this was not loaded.

Fixes #27035
2023-09-13 19:48:36 +00:00
Nanguan Lin
cda97a7253
Update status and code index after changing the default branch (#27018)
Fix #26723 
Add `ChangeDefaultBranch` to the `notifier` interface and implement it
in `indexerNotifier`. So when changing the default branch,
`indexerNotifier` sends a message to the `indexer queue` to update the
index.

---------

Co-authored-by: techknowlogick <matti@mdranta.net>
2023-09-13 04:43:31 +00:00
KN4CK3R
591f586bf1
Extract auth middleware from service (#27028)
Related #27027

Extract the router logic from `services/auth/middleware.go` into
`routers/web` <-> `routers/common` <-> `routers/api`.
2023-09-12 08:15:16 +02:00
Lunny Xiao
e3ed67859a
Move some functions to service layer (#26969) 2023-09-08 21:09:23 +00:00
Lunny Xiao
9c0a3532a4
Add a new column schedule_id for action_run to track (#26975)
Fix #26971 

And the UI now will display it's scheduled but not triggered by a push.

<img width="954" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/d211845c-457e-4c3e-af1f-a0d654d3f365">
2023-09-08 23:01:19 +08:00
Lunny Xiao
4f32abaf94
move repository deletion to service layer (#26948)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-08 04:51:15 +00:00
Jack Hay
1a9953348c
Team invite url fix when registration disabled (#26950)
This is a follow-on to https://github.com/go-gitea/gitea/pull/26550 and
fixes the case where the team invite links to the registration page if
it is disabled in settings.
2023-09-07 14:50:45 +00:00
Lunny Xiao
d1dca38a2a
Fix schedule actions still running even if workflow disalbed (#26939)
Fix #26782
2023-09-07 10:25:46 +08:00
Lunny Xiao
b9df9fa2e2
Move createrepository from module to service layer (#26927)
Repository creation depends on many models, so moving it to service
layer is better.
2023-09-06 12:08:51 +00:00
FuXiaoHei
460a2b0edf
Artifacts retention and auto clean up (#26131)
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
yp05327
0850be6750
Fix the display of org level badges (#26504)
Follow #24654 #22705 #24232

In some pages we still have missing badges, for example:

![image](https://github.com/go-gitea/gitea/assets/18380374/f57fae6d-95ad-4996-8881-160c9cd27768)

![image](https://github.com/go-gitea/gitea/assets/18380374/11e86d43-b715-4d14-bdf0-51bf8b5c7b01)

![image](https://github.com/go-gitea/gitea/assets/18380374/61c514e7-d8f6-4c93-a61f-60604619e3a7)
2023-09-06 14:38:14 +08:00
Lunny Xiao
540bf9fa6d
Move notification interface to services layer (#26915)
Extract from #22266
2023-09-05 18:37:47 +00:00
Sven Seeberg
5f7fa27a44
Improve LDAP group config documentation, fixes #21159 (#21227)
Improve the wording of the LDAP group attributes documentation and
expand the examples.
2023-09-05 13:18:53 -04:00
KN4CK3R
0eebeeec90
Remove Named interface (#26913)
`Named` is implemented by every `Method` and future implementations
should implement the method too.
2023-09-05 15:58:30 +00:00
KN4CK3R
a99b96cbcd
Refactor secrets modification logic (#26873)
- Share code between web and api
- Add some tests
2023-09-05 15:21:02 +00:00
Lunny Xiao
f064d716c3
Move feed notification service layer (#26908)
Extract from #22266
2023-09-05 13:00:52 +00:00
Lunny Xiao
6c73c0da53
Move ui notification to service layer (#26907)
Extract from #22266
2023-09-05 11:15:42 +00:00
Lunny Xiao
aa678b8098
Move indexer notification to service layer (#26906)
Extract from #22266
2023-09-05 10:07:57 +00:00
Lunny Xiao
a66d883a18
Move mail notification logic to service layer (#26905)
Extract from #22266
2023-09-05 17:26:59 +08:00
wxiaoguang
fc039167d2
Use Go 1.21 and update dependencies (#26878)
To make sure Gitea's next release's lifecycle could have active Golang
support.

And min/max are builtin now.
2023-09-03 10:34:57 +00:00
wxiaoguang
e8aae43f56
Move web/api context related testing function into a separate package (#26859)
Just like `models/unittest`, the testing helper functions should be in a
separate package: `contexttest`

And complete the TODO:

> // TODO: move this function to other packages, because it depends on
"models" package
2023-09-01 11:26:07 +00:00
Jack Hay
c0ab7070e5
Update team invitation email link (#26550)
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: Jonathan Tran <jonnytran@gmail.com>
2023-08-31 16:26:13 +00:00
Zettat123
98f2bf23bc
Sync tags when adopting repos (#26816)
Fixes #26138

Sync the tags into database when adopting repos

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-08-31 01:42:42 +00:00
techknowlogick
45976a1bde
Check blocklist for emails when adding them to account (#26812) 2023-08-30 10:46:49 -05:00
KN4CK3R
5315153059
Use Set[Type] instead of map[Type]bool/struct{}. (#26804) 2023-08-30 06:55:25 +00:00
Chongyi Zheng
ad43486cd3
Fix some slice append usages (#26778)
Co-authored-by: delvh <dev.lh@web.de>
2023-08-29 15:47:26 +00:00
Chongyi Zheng
ac2f8c9ac6
Reduce some allocations in type conversion (#26772) 2023-08-29 00:43:16 +08:00
merlleu
a587d25261
Add auth-required to config.json for Cargo http registry (#26729)
Cargo registry-auth feature requires config.json to have a property
auth-required set to true in order to send token to all registry
requests.
This is ok for git index because you can manually edit the config.json
file to add the auth-required, but when using sparse
(setting index url to
"sparse+https://git.example.com/api/packages/{owner}/cargo/"), the
config.json is dynamically rendered, and does not reflect changes to the
config.json file in the repo.

I see two approaches:
- Serve the real config.json file when fetching the config.json on the
cargo service.
- Automatically detect if the registry requires authorization. (This is
what I implemented in this PR).

What the PR does:
- When a cargo index repository is created, on the config.json, set
auth-required to wether or not the repository is private.
- When the cargo/config.json endpoint is called, set auth-required to
wether or not the request was authorized using an API token.
2023-08-28 07:05:39 +00:00
Lunny Xiao
6945918d34
Fix bug for ctx usage (#26762)
Regression from #26158

Fix #26684
2023-08-28 04:06:47 +00:00
Chongyi Zheng
43652746f2
Move modules/mirror to services (#26737)
To solve the cyclic imports in a better way

Closes #20261
2023-08-27 10:24:45 +08:00
wxiaoguang
412e5c0946
Make web context initialize correctly for different cases (#26726)
The web context (modules/context.Context) is quite complex, it's
difficult for the callers to initialize correctly.

This PR introduces a `NewWebContext` function, to make sure the web
context have the same behavior for different cases.
2023-08-25 19:07:42 +08:00
Earl Warren
a9ce570298
add Upload URL to release API (#26663)
- Resolves https://codeberg.org/forgejo/forgejo/issues/580
- Return a `upload_field` to any release API response, which points to
the API URL for uploading new assets.
- Adds unit test.
- Adds integration testing to verify URL is returned correctly and that
upload endpoint actually works

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-08-24 10:36:10 +00:00
Lunny Xiao
0d55f64e6c
chore(actions): support cron schedule task (#26655)
Replace #22751 

1. only support the default branch in the repository setting.
2. autoload schedule data from the schedule table after starting the
service.
3. support specific syntax like `@yearly`, `@monthly`, `@weekly`,
`@daily`, `@hourly`

## How to use

See the [GitHub Actions
document](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule)
for getting more detailed information.

```yaml
on:
  schedule:
    - cron: '30 5 * * 1,3'
    - cron: '30 5 * * 2,4'

jobs:
  test_schedule:
    runs-on: ubuntu-latest
    steps:
      - name: Not on Monday or Wednesday
        if: github.event.schedule != '30 5 * * 1,3'
        run: echo "This step will be skipped on Monday and Wednesday"
      - name: Every time
        run: echo "This step will always run"
```

Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com>

---------


Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-08-24 03:06:51 +00:00
谈笑风生间
5104c887d3
Modify the content format of the Feishu webhook (#25106)
close https://github.com/go-gitea/gitea/issues/24368

## what my pull request does

Since the official documentation states that custom bots do not support
hyperlink functionality, simply adding it without making some formatting
changes would result in an unappealing output. Therefore, I have
modified the formatting of the output. Currently, it is only used for
Feishu.

--- 


[docs](https://open.feishu.cn/document/uAjLw4CM/ukTMukTMukTM/im-v1/message/create_json#%E8%B6%85%E9%93%BE%E6%8E%A5%E4%BD%BF%E7%94%A8%E8%AF%B4%E6%98%8E)

<img width="641" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/360e1c81-ab64-4ef6-851e-aa450d6e85a4">

- Issue

<img width="423" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/519f6fae-81ab-4ec8-89b8-f6a73ff93783">


- Issue Comment


<img width="548" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/749c0d1c-3657-431e-b787-8bf4c23cce83">


- Assign

<img width="431" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/066f99e5-eabb-455d-91fb-a8359cc26dc7">

<img width="457" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/c6c10f99-db83-46ef-a775-4c91979fa68f">

- Merge

<img width="408" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/e627bf43-5954-45aa-acf6-261ee046802f">

- PullRequest

<img width="425" alt="image"
src="https://github.com/go-gitea/gitea/assets/75628309/72cfa714-d3fa-4fb9-abdd-e8508d756056">
2023-08-24 09:00:11 +08:00
Bo-Yi Wu
23addde28e
feat: implement organization secret creation API (#26566)
- Add a new `CreateSecretOption` struct for creating secrets
- Implement a `CreateOrgSecret` function to create a secret in an
organization
- Add a new route in `api.go` to handle the creation of organization
secrets
- Update the Swagger template to include the new `CreateOrgSecret` API
endpoint

---------

Signed-off-by: appleboy <appleboy.tw@gmail.com>
2023-08-22 11:20:34 +08:00
Yarden Shoham
16dee4f1b2
Add branch_filter to hooks API endpoints (#26599)
We now include the branch filler in the response.

- Closes #26591 

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/73933940-c1a7-4573-abae-f340b63028b2)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/3b3c4a85-0f7c-48c7-8617-def7a66c671d)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-21 11:43:52 +00:00
yp05327
f6e7798405
Add link to job details and tooltip to commit status in repo list in dashboard (#26326)
Tooltip:

![image](https://github.com/go-gitea/gitea/assets/18380374/237cb545-7844-424b-b995-1008eaaaedec)

Link to the target job:

![image](https://github.com/go-gitea/gitea/assets/18380374/0c11a97f-6517-47f2-8773-f381488c084e)
2023-08-21 15:26:10 +08:00
Jason Song
47fddaadc8
Support rebuilding issue indexer manually (#26546)
Provide a way to rebuild issue indexer manually.

So if the indexer get outdated because of some bugs like #26539, we can
rebuild it.

<img width="1104" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/ac242e29-6f04-47ca-b3d0-801a796448d3">

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-17 14:05:17 +00:00
wxiaoguang
c6b92c84fe
Sync repo's IsEmpty status correctly (#26517)
Close #26509
2023-08-17 04:43:39 +00:00
wxiaoguang
c91a7e8dbb
Use object-fit: contain for oauth2 custom icons (#26493) 2023-08-14 16:21:04 +00:00
a1012112796
19872063a3
add disable workflow feature (#26413)
As title, that's simmilar with github.


![image](https://github.com/go-gitea/gitea/assets/25342410/9e8b2444-63e0-4e87-80da-730c1e4d09d6)



![image](https://github.com/go-gitea/gitea/assets/25342410/6c3a3345-3ba7-48c9-9acd-3e621632491b)

---------

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-08-14 15:14:30 +00:00
wxiaoguang
ed1be4ca68
Handle base64 decoding correctly to avoid panic (#26483)
Fix the panic if the "base64 secret" is too long.
2023-08-14 10:30:16 +00:00
puni9869
cafce3b4b5
Allow to archive labels (#26478)
## Archived labels 

This adds the structure to allow for archived labels.
Archived labels are, just like closed milestones or projects, a medium to hide information without deleting it.
It is especially useful if there are outdated labels that should no longer be used without deleting the label entirely.

## Changes

1. UI and API have been equipped with the support to mark a label as archived
2. The time when a label has been archived will be stored in the DB

## Outsourced for the future

There's no special handling for archived labels at the moment.
This will be done in the future.

## Screenshots

![image](https://github.com/go-gitea/gitea/assets/80308335/208f95cd-42e4-4ed7-9a1f-cd2050a645d4)

![image](https://github.com/go-gitea/gitea/assets/80308335/746428e0-40bb-45b3-b992-85602feb371d)

Part of https://github.com/go-gitea/gitea/issues/25237

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-14 11:56:14 +02:00
Earl Warren
50fc22eecf
Add ThreadID parameter for Telegram webhooks (#25996)
Telegram has recently implemented threads (channels) for group chats.

Co-authored-by: neveraskedtoexist <matikot415@gmail.com>
2023-08-13 14:00:06 +00:00
wxiaoguang
82ea557dd3
Fix stderr usages (#26477) 2023-08-13 20:49:30 +08:00
Lunny Xiao
36eb3c433a
Add transaction when creating pull request created dirty data (#26259)
Fix #26129
Replace #26258 

This PR will introduce a transaction on creating pull request so that if
some step failed, it will rollback totally. And there will be no dirty
pull request exist.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-10 02:39:21 +00:00
Yarden Shoham
220f236ff5
Add pull request review request webhook event (#26401)
Add webhook events for pull request review requests

- Fixes #26371
- Added support for the "Pull request review requested" and "Pull
request review request removed" webhook events.
- Updated the `getPullRequestPayloadInfo` function in `general.go` to
handle these new webhook events.

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/bd942971-fb1d-40f3-8961-46638e3588fa)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/216e9c7d-0a4d-49f9-8492-2d14c88bbf4e)

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-09 10:30:34 +02:00
wxiaoguang
c2e0143bfe
Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392)
Fix #26389

And complete an old TODO: `ctx.Params does un-escaping,..., which is
incorrect.`
2023-08-09 14:57:45 +08:00
KN4CK3R
0c6ae61229
Allow package cleanup from admin page (#25307)
Until now expired package data gets deleted daily by a cronjob. The
admin page shows the size of all packages and the size of unreferenced
data. The users (#25035, #20631) expect the deletion of this data if
they run the cronjob from the admin page but the job only deletes data
older than 24h.

This PR adds a new button which deletes all expired data.

![grafik](https://github.com/go-gitea/gitea/assets/1666336/b3e35d73-9496-4fa7-a20c-e5d30b1f6850)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-08-08 00:46:10 +00:00
wxiaoguang
e4b1ea6f15
Bypass MariaDB performance bug of the "IN" sub-query, fix incorrect IssueIndex (#26279)
Close #26277
Fix #26285
2023-08-07 12:23:59 +02:00
delvh
8736b134bd
Display human-readable text instead of cryptic filemodes (#26352)
Now, you don't need to be a git expert anymore to know what these
numbers mean.

## Before

![grafik](https://github.com/go-gitea/gitea/assets/51889757/9a964bf6-10fd-40a6-aeb2-ac8f437f8c32)

## After

![grafik](https://github.com/go-gitea/gitea/assets/51889757/84573cb9-55b6-4dde-9866-95f71b657554)

or when the mode actually changed:

![grafik](https://github.com/go-gitea/gitea/assets/51889757/0f327538-ebdc-40e7-8c99-f9e21b67f638)
2023-08-06 21:52:34 +02:00
KN4CK3R
2d3924d0e7
Prevent newline errors with Debian packages (#26332)
Fixes #26313
2023-08-05 10:59:52 +02:00
Zettat123
9a8af92577
Fix the bug when getting files changed for pull_request_target event (#26320)
Follow #25229

Copy from
https://github.com/go-gitea/gitea/pull/26290#issuecomment-1663135186

The bug is that we cannot get changed files for the
`pull_request_target` event. This event runs in the context of the base
branch, so we won't get any changes if we call
`GetFilesChangedSinceCommit` with `PullRequest.Base.Ref`.
2023-08-05 14:26:06 +08:00
caicandong
6151e69d95
Delete issue_service.CreateComment (#26298)
I noticed that `issue_service.CreateComment` adds transaction operations
on `issues_model.CreateComment`, we can merge the two functions and we
can avoid calling each other's methods in the `services` layer.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-04 13:34:34 +00:00
Kerwin Bryant
865d2221c0
Add Retry button when creating a mirror-repo fails (#26228)
fixed #26156 
* Added a retry button in the frontend (only displayed when the status
is abnormal)
* After clicking Retry, the backend adds the task back to the task queue


![7UJDNM671RI})EA8~~XPL39](https://github.com/go-gitea/gitea/assets/3371163/e088fd63-5dcc-4bc6-8849-7db3086511b7)

![T83F1WL9)VGHR@MB956$VT9](https://github.com/go-gitea/gitea/assets/3371163/744425bb-dde1-4315-be2e-5c99ac3a44d4)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-04 10:21:32 +08:00
Earl Warren
7bde2bf809
add unit test for user renaming (#26261)
- The user renaming function has zero test coverage.
- This patch brings that up to speed to test for various scenarios and
ensure that in a normal workflow the correct things has changed to their
respective new value. Most scenarios are to ensure certain things DO NOT
happen.

(cherry picked from commit 5b9d34ed115c9ef24012b8027959ea0afdcb4e2d)

Refs: https://codeberg.org/forgejo/forgejo/pulls/1156

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-08-03 09:38:51 +08:00
Earl Warren
02d5f422ea
add some Wiki unit tests (#26260)
- Just to get 100% coverage on services/wiki/wiki_path.go, nothing
special. This is just an formality.

(cherry picked from commit 6b3528920fbf18c41d6aeb95498af48443282370)

Refs: https://codeberg.org/forgejo/forgejo/pulls/1156

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-08-03 09:37:48 +08:00
caicandong
983167cf49
Fix pull request check list is limited (#26179)
In the original implementation, we can only get the first 30 records of
the commit status (the default paging size), if the commit status is
more than 30, it will lead to the bug #25990. I made the following two
changes.
- On the page, use the ` db.ListOptions{ListAll: true}` parameter
instead of `db.ListOptions{}`
- The `GetLatestCommitStatus` function makes a determination as to
whether or not a pager is being used.

fixed #25990
2023-07-31 02:21:09 +00:00
JakobDev
ea385f5d39
Fix API leaking Usermail if not logged in (#25097)
The API should only return the real Mail of a User, if the caller is
logged in. The check do to this don't work. This PR fixes this. This not
really a security issue, but can lead to Spam.

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-07-31 01:18:38 +00:00
sebastian-sauer
55532061c8
Add commits dropdown in PR files view and allow commit by commit review (#25528)
This PR adds a new dropdown to select a commit or a commit range
(shift-click like github) of a Pull Request.
After selection of a commit only the changes of this commit will be shown.
When selecting a range of commits the diff of this range is shown.

This allows to review a PR commit by commit or by viewing only commit ranges.
The "Show changes since your last review" mechanism github uses is implemented, too.
When reviewing a single commit or a commit range the "Viewed" functionality is disabled.

## Screenshots

### The commit dropdown

![image](https://github.com/go-gitea/gitea/assets/51889757/0db3ae62-1272-436c-be64-4730c5d611e3)

### Selecting a commit range

![image](https://github.com/go-gitea/gitea/assets/51889757/ad81eedb-8437-42b0-8073-2d940c25fe8f)

### Show changes of a single commit only

![image](https://github.com/go-gitea/gitea/assets/51889757/6b1a113b-73ef-4ecc-adf6-bc2340bb8f97)

### Show changes of a commit range

![image](https://github.com/go-gitea/gitea/assets/51889757/6401b358-cd66-4c09-8baa-6cf6177f23a7)


Fixes https://github.com/go-gitea/gitea/issues/20989
Fixes https://github.com/go-gitea/gitea/issues/19263

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-07-28 21:18:12 +02:00
puni9869
4971a10543
Warn instead of reporting an error when a webhook cannot be found (#26039)
Attemp fix: #25744
Fixing the log level when we delete any repo then we get error hook not
found by id. That should be warn level to reduce the noise in the logs.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-28 17:46:48 +00:00
delvh
bd6ef71854
Show branches and tags that contain a commit (#25180)
Now, you can see for a commit which existing branches and tags contain it.
You first have to click on the `load branches and tags` button, they are not preloaded by default.
All branches and tags are ordered descending by creation date.
You can even see without much hassle if the given commit is already part of the default branch.

Closes #25152 

## Screenshots

### Initial

![image](https://github.com/go-gitea/gitea/assets/51889757/84db2c0b-aaef-4f69-ab92-0b812793d2ad)

### Loaded

![image](https://github.com/go-gitea/gitea/assets/51889757/a9b84e66-8e44-4c55-b017-c37f4a45f41b)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-27 12:47:41 +02:00
caicandong
13359581df
refactor improve NoBetterThan (#26126)
- The `NoBetterThan` function can only handle comparisons between
"pending," "success," "error," and "failure." For any other comparison,
we directly return false. This prevents logic errors like the one in
#26121.
- The callers of the `NoBetterThan` function should also avoid making
incomparable calls.

---------

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
2023-07-26 08:52:07 +00:00
Zettat123
f3ed0ef692
Fix bugs in LFS meta garbage collection (#26122)
This PR

- Fix #26093. Replace `time.Time` with `timeutil.TimeStamp`
- Fix #26135. Add missing `xorm:"extends"` to `CountLFSMetaObject` for
LFS meta object query
- Add a unit test for LFS meta object garbage collection
2023-07-26 07:02:53 +00:00
JakobDev
6598d0291c
Allow Organisations to have a E-Mail (#25082)
Resolves #25057

This adds a E-Mail field to Organisations. The E-Mail is just shown on
the Profile when it is visited by a logged in User. The E-mail is not
used for something else.

**Screenshots:**

![grafik](https://github.com/go-gitea/gitea/assets/15185051/a8d622b3-7278-4c08-984b-9c5ebfdb5471)

![grafik](https://github.com/go-gitea/gitea/assets/15185051/6dcb1dd7-d04b-49eb-bc96-6582cfe9757b)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Denys Konovalov <privat@denyskon.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-25 08:26:27 +00:00
Bo-Yi Wu
44781f9f5c
Implement auto-cancellation of concurrent jobs if the event is push (#25716)
- cancel running jobs if the event is push
- Add a new function `CancelRunningJobs` to cancel all running jobs of a
run
- Update `FindRunOptions` struct to include `Ref` field and update its
condition in `toConds` function
- Implement auto cancellation of running jobs in the same workflow in
`notify` function

related task: https://github.com/go-gitea/gitea/pull/22751/

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Signed-off-by: appleboy <appleboy.tw@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-07-25 11:15:55 +08:00
Chongyi Zheng
f2138d6968
Replace gogs/cron with go-co-op/gocron (#25977)
Replace `github.com/gogs/cron` with `github.com/go-co-op/gocron` as the
former package is not maintained for many years.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-24 04:13:41 +00:00
Lunny Xiao
b167f35113
Add context parameter to some database functions (#26055)
To avoid deadlock problem, almost database related functions should be
have ctx as the first parameter.
This PR do a refactor for some of these functions.
2023-07-22 22:14:27 +08:00
Peter Verraedt
48cd82b759
Fix version in rpm repodata/primary.xml.gz (#26009)
The version listed in rpm repodata should only contain the rpm version
(1.0.0) and not the combination of version and release (1.0.0-2). We
correct this behaviour in primary.xml.gz, filelists.xml.gz and
others.xml.gz.

Signed-off-by: Peter Verraedt <peter@verraedt.be>
2023-07-21 19:41:38 +00:00
caicandong
840830b655
Remove commit status running and warning to align GitHub (#25839)
Fix #25776. Close #25826.

In the discussion of #25776, @wolfogre's suggestion was to remove the
commit status of `running` and `warning` to keep it consistent with
github.

references:
-
https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#about-commit-statuses


## ⚠️ BREAKING ⚠️

So the commit status of Gitea will be consistent with GitHub, only
`pending`, `success`, `error` and `failure`, while `warning` and
`running` are not supported anymore.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-07-21 16:24:36 +08:00
Lunny Xiao
037c9895a7
Support copy protected branch from template repository (#25889)
Fix #14303
2023-07-21 12:32:47 +08:00
jeremiepozzigithub
d7a8d09da0
Add file status for API "Get a single commit from a repository" (#16205) (#25831)
#16205 To obtain a closer behavior to the api from github, the status
(added, modified, removed) of a file should be available in addition to
the filename.
See github doc :

https://docs.github.com/fr/rest/commits/commits?apiVersion=2022-11-28#get-a-commit
2023-07-20 16:35:47 +08:00
Lunny Xiao
01c04607c7
Fix bug when pushing to a pull request which enabled dismiss approval automatically (#25882)
Fix #25858 

The option `dissmiss stale approvals` was listed on protected branch but
never implemented. This PR fixes that.

<img width="1006" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/60bfa968-4db7-4c24-b8be-2e5978f91bb9">


<img width="1021" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/8dabc14d-2dfe-40c2-94ed-24fcbf6e0e8f">
2023-07-20 15:18:52 +08:00
harryzcy
0f9f6567bb
Bump github.com/golang-jwt/jwt to v5 (#25975)
Bumping `github.com/golang-jwt/jwt` from v4 to v5.

`github.com/golang-jwt/jwt` v5 is bringing some breaking changes:

- standard `Valid()` method on claims is removed. It's replaced by
`ClaimsValidator` interface implementing `Validator()` method instead,
which is called after standard validation. Gitea doesn't seem to be
using this logic.
- `jwt.Token` has a field `Valid`, so it's checked in `ParseToken`
function in `services/auth/source/oauth2/token.go`

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 09:57:10 +00:00
wxiaoguang
236c645bf1
Refactor "Content" for file uploading (#25851)
Before: the concept "Content string" is used everywhere. It has some
problems:

1. Sometimes it means "base64 encoded content", sometimes it means "raw
binary content"
2. It doesn't work with large files, eg: uploading a 1G LFS file would
make Gitea process OOM

This PR does the refactoring: use "ContentReader" / "ContentBase64"
instead of "Content"

This PR is not breaking because the key in API JSON is still "content":
`` ContentBase64 string `json:"content"` ``
2023-07-18 18:14:47 +00:00
wxiaoguang
265a28802a
Fix SSPI auth panic (#25955)
Try to fix #25952

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-18 17:32:49 +00:00
hiifong
4628aa5251
fix incorrect repo url when changed the case of ownername (#25733)
When only the case of the username changes and the new username is
consistent with the lowercase username of the old user name, update the
owner name of the repo, and keep the original logic consistent with
other conditions.

example: your username is `gitea`, lowercase username is `gitea`,repo
url is `.../gitea/{repo}`, you changed username to `Gitea` or `GiTea` or
other, but the lowercase username is still `gitea`, the repo url is
still `.../gitea/{repo}`.

this pr fixed it,keep username and repo url consistent.

Before:

![image](https://github.com/go-gitea/gitea/assets/89133723/84177296-f0ff-4176-84f1-1f9ec3f5b86f)

![image](https://github.com/go-gitea/gitea/assets/89133723/8f8f4a12-ecdd-4dec-af89-85c009b0ccfe)


After: 

![image](https://github.com/go-gitea/gitea/assets/89133723/0564edb6-9467-405a-8cd4-d6f70e6f614b)

![image](https://github.com/go-gitea/gitea/assets/89133723/554ecd6e-e5a1-43bc-a46d-99e988c2ff58)
2023-07-14 13:42:10 +08:00
wxiaoguang
22eeede885
Do not "guess" the file encoding/BOM when using API to upload files (#25828)
Related issue: #18368

It doesn't seem right to "guess" the file encoding/BOM when using API to
upload files.

The API should save the uploaded content as-is.
2023-07-12 09:58:27 +00:00
caicandong
491cc06ffe
Fix the error message when the token is incorrect (#25701)
we refactored `userIDFromToken` for the token parsing part into a new
function `parseToken`. `parseToken` returns the string `token` from
request, and a boolean `ok` representing whether the token exists or
not. So we can distinguish between token non-existence and token
inconsistency in the `verfity` function, thus solving the problem of no
proper error message when the token is inconsistent.
close #24439  
related #22119

---------

Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-11 10:04:28 +08:00
Lunny Xiao
0fd1672ae4
For API attachments, use API URL (#25639)
Fix #25257

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-10 09:31:19 +00:00
wxiaoguang
d9872797f8
Avoid amending the Rebase and Fast-forward merge if there is no message template (#25779)
Related #22669. Close #25177

After the fix:


![image](https://github.com/go-gitea/gitea/assets/2114189/0e900927-ea72-4f8f-bde6-5ed927cb02f4)

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-10 10:12:50 +02:00
silverwind
887a683af9
Update tool dependencies, lock govulncheck and actionlint (#25655)
- Update all tool dependencies
- Lock `govulncheck` and `actionlint` to their latest tags

---------

Co-authored-by: 6543 <m.huber@kithara.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-09 11:58:06 +00:00
Zettat123
a42a838843
Fix ref for workflows triggered by pull_request_target (#25743)
Follow #25229

At present, when the trigger event is `pull_request_target`, the `ref`
and `sha` of `ActionRun` are set according to the base branch of the
pull request. This makes it impossible for us to find the head branch of
the `ActionRun` directly. In this PR, the `ref` and `sha` will always be
set to the head branch and they will be changed to the base branch when
generating the task context.
2023-07-07 19:22:03 +00:00
6543
8995046110
Less naked returns (#25713)
just a step towards  #25655

and some related refactoring
2023-07-07 05:31:56 +00:00
wxiaoguang
f0bde0e4f9
Simplify the LFS GC logger usage (#25717)
Remove unnecessary `if opts.Logger != nil` checks.

* For "CLI doctor" mode, output to the console's "logger.Info".
* For "Web Task" mode, output to the default "logger.Debug", to avoid
flooding the server's log in a busy production instance.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-06 16:52:41 +00:00
Lunny Xiao
45ac90eb54
Sync branches when mirroring (#25722)
Caused by #22743

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-07-06 13:18:37 +02:00
silverwind
88f835192d
Replace interface{} with any (#25686)
Result of running `perl -p -i -e 's#interface\{\}#any#g' **/*` and `make fmt`.

Basically the same [as golang did](2580d0e08d).
2023-07-04 18:36:08 +00:00
Lunny Xiao
0403bd989f
Log the real reason when authentication fails (but don't show the user) (#25414) 2023-07-03 18:39:38 -04:00
KN4CK3R
c890454769
Add direct serving of package content (#25543)
Fixes #24723

Direct serving of content aka HTTP redirect is not mentioned in any of
the package registry specs but lots of official registries do that so it
should be supported by the usual clients.
2023-07-03 15:33:28 +02:00
hiifong
36f1fa7792
Support displaying diff stats in PR tab bar (#25387)
Fix #25326

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-07-03 01:00:28 +00:00
Lunny Xiao
65acd1e9ef
Fix branch commit message too long problem (#25588)
When branch's commit CommitMessage is too long, the column maybe too
short.(TEXT 16K for mysql).
This PR will fix it to only store the summary because these message will
only show on branch list or possible future search?
2023-06-30 17:03:05 +08:00
Lunny Xiao
6e19484f4d
Sync branches into databases (#22743)
Related #14180
Related #25233 
Related #22639
Close #19786
Related #12763 

This PR will change all the branches retrieve method from reading git
data to read database to reduce git read operations.

- [x] Sync git branches information into database when push git data
- [x] Create a new table `Branch`, merge some columns of `DeletedBranch`
into `Branch` table and drop the table `DeletedBranch`.
- [x] Read `Branch` table when visit `code` -> `branch` page
- [x] Read `Branch` table when list branch names in `code` page dropdown
- [x] Read `Branch` table when list git ref compare page
- [x] Provide a button in admin page to manually sync all branches.
- [x] Sync branches if repository is not empty but database branches are
empty when visiting pages with branches list
- [x] Use `commit_time desc` as the default FindBranch order by to keep
consistent as before and deleted branches will be always at the end.

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2023-06-29 10:03:20 +00:00
Jason Song
6daf21c9b7
Fix content holes in Actions task logs file (#25560)
Fix #25451.

Bugfixes:
- When stopping the zombie or endless tasks, set `LogInStorage` to true
after transferring the file to storage. It was missing, it could write
to a nonexistent file in DBFS because `LogInStorage` was false.
- Always update `ActionTask.Updated` when there's a new state reported
by the runner, even if there's no change. This is to avoid the task
being judged as a zombie task.

Enhancement:
- Support `Stat()` for DBFS file.
- `WriteLogs` refuses to write if it could result in content holes.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-28 19:07:29 +02:00
Lunny Xiao
d44a415bf0
Add Adopt repository event and handler (#25497)
Fix #14304

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-06-26 06:59:15 +00:00
Zettat123
48e5a74f21
Support pull_request_target event (#25229)
Fix #25088

This PR adds the support for
[`pull_request_target`](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#pull_request_target)
workflow trigger. `pull_request_target` is similar to `pull_request`,
but the workflow triggered by the `pull_request_target` event runs in
the context of the base branch of the pull request rather than the head
branch. Since the workflow from the base is considered trusted, it can
access the secrets and doesn't need approvals to run.
2023-06-26 14:33:18 +08:00
6543
b0215c40cd
Store and use seconds for timeline time comments (#25392)
this will allow us to fully localize it later

PS: we can not migrate back as the old value was a one-way conversion


prepare for  #25213

---
*Sponsored by Kithara Software GmbH*
2023-06-23 12:12:39 +00:00
Jason Song
174213530d
Fix Permission in API returned repository struct (#25388)
The old code generates `structs.Repository.Permissions` with only
`access.Permission.AccessMode`, however, it should check the units too,
or the value could be incorrect. For example,
`structs.Repository.Permissions.Push` could be false even the doer has
write access to code unit.

Should fix
https://github.com/renovatebot/renovate/issues/14059#issuecomment-1047961128
(Not reported by it, I just found it when I was looking into this bug)

---

Review tips:

The major changes are
- `modules/structs/repo.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-870406f6857117f8b03611c43fca0ab9ed6d6e76a2d0069a7c1f17e8fa9092f7
- `services/convert/repository.go`
https://github.com/go-gitea/gitea/pull/25388/files#diff-7736f6d2ae894c9edb7729a80ab89aa183b888a26a811a0c1fdebd18726a7101

And other changes are passive.
2023-06-22 13:08:08 +00:00
Zettat123
a55ff0dd99
Change default email domain for LDAP users (#25425)
Fixes #21169

Change `localhost` to `localhost.local`
2023-06-22 08:16:12 +00:00
John Olheiser
8afc1b1cb5
Move some regexp out of functions (#25430)
/cc @KN4CK3R
https://github.com/go-gitea/gitea/pull/25294#discussion_r1237425343

I also searched the codebase and found a few more.

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-06-21 19:57:18 +00:00
sebastian-sauer
25455bc670
Show outdated comments in files changed tab (#24936)
If enabled show a clickable label in the comment. A click on the label
opens the Conversation tab with the comment focussed - there you're able
to view the old diff (or original diff the comment was created on).

**Screenshots**


![image](https://github.com/go-gitea/gitea/assets/1135157/63ab9571-a9ee-4900-9f02-94ab0095f9e7)

![image](https://github.com/go-gitea/gitea/assets/1135157/78f7c225-8d76-46f5-acfd-9b8aab988a6c)



When resolved and outdated:

![image](https://github.com/go-gitea/gitea/assets/1135157/6ece9ebd-c792-4aa5-9c35-628694e9d093)

Option to enable/disable this (stored in user settings - default is
disabled):

![image](https://github.com/go-gitea/gitea/assets/1135157/ed99dfe4-76dc-4c12-bd96-e7e62da50ab5)

![image](https://github.com/go-gitea/gitea/assets/1135157/e837a052-e92e-4a28-906d-9db5bacf93a6)



fixes #24913

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-21 16:08:12 +00:00
wxiaoguang
ce46834b93
Remove "CHARSET" config option for MySQL, always use "utf8mb4" (#25413)
In modern days, there is no reason to make users set "charset" anymore.

Close #25378

## ⚠️ BREAKING

The key `[database].CHARSET` was removed completely as every newer
(>10years) MySQL database supports `utf8mb4` already.
There is a (deliberately) undocumented new fallback option if anyone
still needs to use it, but we don't recommend using it as it simply
causes problems.
2023-06-21 10:49:25 +00:00
Lunny Xiao
e79ff50560
Use the new download domain replace the old (#25405)
As title.
2023-06-21 03:11:17 +00:00
sillyguodong
35a653d7ed
Support configuration variables on Gitea Actions (#24724)
Co-Author: @silverwind @wxiaoguang 
Replace: #24404

See:
- [defining configuration variables for multiple
workflows](https://docs.github.com/en/actions/learn-github-actions/variables#defining-configuration-variables-for-multiple-workflows)
- [vars
context](https://docs.github.com/en/actions/learn-github-actions/contexts#vars-context)

Related to:
- [x] protocol: https://gitea.com/gitea/actions-proto-def/pulls/7
- [x] act_runner: https://gitea.com/gitea/act_runner/pulls/157
- [x] act: https://gitea.com/gitea/act/pulls/43

#### Screenshoot
Create Variable:

![image](https://user-images.githubusercontent.com/33891828/236758288-032b7f64-44e7-48ea-b07d-de8b8b0e3729.png)


![image](https://user-images.githubusercontent.com/33891828/236758174-5203f64c-1d0e-4737-a5b0-62061dee86f8.png)

Workflow:
```yaml
  test_vars:
    runs-on: ubuntu-latest
    steps:
      - name: Print Custom Variables
        run: echo "${{ vars.test_key }}"
      - name: Try to print a non-exist var
        run: echo "${{ vars.NON_EXIST_VAR }}"
```

Actions Log:

![image](https://user-images.githubusercontent.com/33891828/236759075-af0c5950-368d-4758-a8ac-47a96e43b6e2.png)

---
This PR just implement the org / user (depends on the owner of the
current repository) and repo level variables, The Environment level
variables have not been implemented.
Because
[Environment](https://docs.github.com/en/actions/deployment/targeting-different-environments/using-environments-for-deployment#about-environments)
is a module separate from `Actions`. Maybe it would be better to create
a new PR to do it.

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-20 22:54:15 +00:00
Zettat123
33cd74ad70
Fix LDAP sync when Username Attribute is empty (#25278)
Fix #21072

![image](https://github.com/go-gitea/gitea/assets/15528715/96b30beb-7f88-4a60-baae-2e5ad8049555)

Username Attribute is not a required item when creating an
authentication source. If Username Attribute is empty, the username
value of LDAP user cannot be read, so all users from LDAP will be marked
as inactive by mistake when synchronizing external users.

This PR improves the sync logic, if username is empty, the email address
will be used to find user.
2023-06-20 11:04:13 +08:00
wxiaoguang
4e2f1ee58d
Refactor web package and context package (#25298)
1. The "web" package shouldn't depends on "modules/context" package,
instead, let each "web context" register themselves to the "web"
package.
2. The old Init/Free doesn't make sense, so simplify it
* The ctx in "Init(ctx)" is never used, and shouldn't be used that way
* The "Free" is never called and shouldn't be called because the SSPI
instance is shared

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-18 09:59:09 +02:00
Jason Song
6348823eab
Fix panic when migrating a repo from GitHub with issues (#25246)
Fix #25245. Regression of #23946.
2023-06-14 14:12:39 +08:00
Lunny Xiao
d6dd6d641b
Fix all possible setting error related storages and added some tests (#23911)
Follow up #22405

Fix #20703 

This PR rewrites storage configuration read sequences with some breaks
and tests. It becomes more strict than before and also fixed some
inherit problems.

- Move storage's MinioConfig struct into setting, so after the
configuration loading, the values will be stored into the struct but not
still on some section.
- All storages configurations should be stored on one section,
configuration items cannot be overrided by multiple sections. The
prioioty of configuration is `[attachment]` > `[storage.attachments]` |
`[storage.customized]` > `[storage]` > `default`
- For extra override configuration items, currently are `SERVE_DIRECT`,
`MINIO_BASE_PATH`, `MINIO_BUCKET`, which could be configured in another
section. The prioioty of the override configuration is `[attachment]` >
`[storage.attachments]` > `default`.
- Add more tests for storages configurations.
- Update the storage documentations.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-14 11:42:38 +08:00
sillyguodong
8228751c55
Support changing labels of Actions runner without re-registration (#24806)
close #24540

related:
- Protocol: https://gitea.com/gitea/actions-proto-def/pulls/9
- Runner side: https://gitea.com/gitea/act_runner/pulls/201

changes:
- Add column of `labels` to table `action_runner`, and combine the value
of `agent_labels` and `custom_labels` column to `labels` column.
- Store `labels` when registering `act_runner`.
- Update `labels` when `act_runner` starting and calling `Declare`.
- Users cannot modify the `custom labels` in edit page any more.

other changes:
- Store `version` when registering `act_runner`.
- If runner is latest version, parse version from `Declare`. But older
version runner still parse version from request header.
2023-06-13 22:28:31 +08:00
silverwind
a51b115b0a
Use inline SVG for built-in OAuth providers (#25171)
The plan is that all built-in auth providers use inline SVG for more
flexibility in styling and to get the GitHub icon to follow
`currentcolor`. This only removes the `public/img/auth` directory and
adds the missing svgs to our svg build.

It should map the built-in providers to these SVGs and render them. If
the user has set a Icon URL, it should render that as an `img` tag
instead.

```
gitea-azure-ad
gitea-bitbucket
gitea-discord
gitea-dropbox
gitea-facebook
gitea-gitea
gitea-gitlab
gitea-google
gitea-mastodon
gitea-microsoftonline
gitea-nextcloud
gitea-twitter
gitea-yandex
octicon-mark-github
```

GitHub logo is now white again on dark theme:

<img width="431" alt="Screenshot 2023-06-12 at 21 45 34"
src="https://github.com/go-gitea/gitea/assets/115237/27a43504-d60a-4132-a502-336b25883e4d">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-13 10:51:02 +00:00
yp05327
22a39bb961
Fix profile render when the README.md size is larger than 1024 bytes (#25131)
Fixes https://github.com/go-gitea/gitea/issues/25094

`GetBlobContent` will only get the first 1024 bytes, if the README.md
size is larger than 1024 bytes,
We can not render the rest of them.
After this fix, we should provide the limited size to read when call
`GetBlobContent`.

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/22a42936-4cf8-40b4-a5c7-e384082beb0d)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-13 09:02:25 +00:00
Lunny Xiao
419804fd4d
Fix compatible for webhook ref type (#25195)
Fix #25185 
Caused by #24634
2023-06-13 06:05:28 +00:00
Zettat123
15d238d321
Add WithPullRequest for actionsNotifier (#25144) 2023-06-11 09:06:43 +08:00
Yevhen Pavlov
5fa4415bbb
Update github.com/google/go-github to v53 (#25157)
The new `go-github` version
[53](https://github.com/google/go-github/releases/tag/v53.0.0) has been
released.
2023-06-09 19:42:51 +00:00
HesterG
63a429581c
Modify OAuth login ui and fix display name, iconurl related logic (#25030)
Close #24808 

Co-Authour @wxiaoguang @silverwind 

1. Most svgs are found from https://worldvectorlogo.com/ , and some are
from conversion of png to svg. (facebook and nextcloud). And also
changed `templates/user/settings/security/accountlinks.tmpl`.

2. Fixed display name and iconurl related logic

# After

<img width="1436" alt="Screen Shot 2023-06-05 at 14 09 05"
src="https://github.com/go-gitea/gitea/assets/17645053/a5db39d8-1ab0-4676-82a4-fba60a1d1f84">

On mobile

<img width="378" alt="Screen Shot 2023-06-05 at 14 09 46"
src="https://github.com/go-gitea/gitea/assets/17645053/71d0f51b-baac-4f48-8ca2-ae0e013bd62e">


user/settings/security/accountlinks (The dropdown might be improved
later)

<img width="973" alt="Screen Shot 2023-06-01 at 10 01 44"
src="https://github.com/go-gitea/gitea/assets/17645053/27010e7e-2785-4fc5-8c49-b06621898f37">

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-06-08 16:35:29 +00:00
Lunny Xiao
0d47b0ab1d
Remove duplicated functions when deleting a branch (#25128)
Extract from #22743

`DeleteBranch` will trigger a push update event, so that
`pull_service.CloseBranchPulls` has been invoked twice and
`AddDeletedBranch` is better to be moved to push update then even user
delete a branch via git command, it will also be triggered.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-06-08 10:10:59 +00:00