Commit graph

64 commits

Author SHA1 Message Date
Earl Warren
e99d3f7055
feat(F3): CLI: f3 mirror to convert to/from Forgejo
feat(F3): driver stub

feat(F3): util.Logger

feat(F3): driver compliance tests

feat(F3): driver/users implementation

feat(F3): driver/user implementation

feat(F3): driver/{projects,project} implementation

feat(F3): driver/{labels,label} implementation

feat(F3): driver/{milestones,milestone} implementation

feat(F3): driver/{repositories,repository} implementation

feat(F3): driver/{organizations,organization} implementation

feat(F3): driver/{releases,release} implementation

feat(F3): driver/{issues,issue} implementation

feat(F3): driver/{comments,comment} implementation

feat(F3): driver/{assets,asset} implementation

feat(F3): driver/{pullrequests,pullrequest} implementation

feat(F3): driver/{reviews,review} implementation

feat(F3): driver/{topics,topic} implementation

feat(F3): driver/{reactions,reaction} implementation

feat(F3): driver/{reviewComments,reviewComment} implementation

feat(F3): CLI: f3 mirror

chore(F3): move to code.forgejo.org

feat(f3): upgrade to gof3 3.1.0

repositories in pull requests are represented with a reference instead
of an owner/project pair of names
2024-06-14 12:52:12 +02:00
Beowulf
2810b9ae0a Replace reply with a forked version to fix the cut-off of the incoming mail text (#3747)
replace reply with forgejos forked version

If plain text is selected as the message format in e.g. Apple Mail, the inline attachments are no longer at the end of the mail, but instead directly where they are in the mail. When parsing the mail, these inline attachments are replaced by "--". The new reply version no longer cuts the text at the first "--".

Tests for this are present in reply (7dc5750c6d).

Fixes https://codeberg.org/forgejo/forgejo/issues/3496#issuecomment-1798416

---

Additionally, I reduced the allocations for the inline attachments.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3747
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
2024-05-13 21:24:58 +00:00
Renovate Bot
8672ad12b1 Update module github.com/caddyserver/certmagic to v0.21.0 (#3724)
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [github.com/caddyserver/certmagic](https://github.com/caddyserver/certmagic) | require | minor | `v0.20.0` -> `v0.21.0` |

---

### Release Notes

<details>
<summary>caddyserver/certmagic (github.com/caddyserver/certmagic)</summary>

### [`v0.21.0`](https://github.com/caddyserver/certmagic/releases/tag/v0.21.0)

[Compare Source](https://github.com/caddyserver/certmagic/compare/v0.20.0...v0.21.0)

CertMagic v0.21 introduces some big changes:

-   Draft support for draft-03 of [ACME Renewal Information (ARI)](https://datatracker.ietf.org/doc/draft-ietf-acme-ari/) which assists with deciding when to renew certificates. This augments CertMagic's already-advanced logic using cert lifetime and OCSP/revocation status.
-   New [`ZeroSSLIssuer`](https://pkg.go.dev/github.com/caddyserver/certmagic@v0.21.0#ZeroSSLIssuer) uses the [ZeroSSL API](https://zerossl.com/documentation/api/) to get certificates. ZeroSSL also has an ACME endpoint, which can still be accesed using the existing ACMEIssuer, as always. Their proprietary API is paid, but has extra features like IP certificates, better reliability, and support.
-   DNS challenges should be smoother in some cases as we've improved propagation checking.
-   In the odd case your ACME account disappears from the ACME server, CertMagic will automatically retry with a new account. (This happens in some test/dev environments.)
-   ACME accounts are identified only by their public keys, but CertMagic maps accounts by CA+email for practical/storage reasons. So now you can "pin" an account key to use by specifying your email and the account public key in your config, which is useful if you need to absolutely be sure to use a specific account (like if you get rate limit exemptions from a CA).

Please try it out and report any issues!

Thanks to [@&#8203;Framer](https://github.com/Framer) for their contributions to this release!

#### What's Changed

-   Bump golang.org/x/crypto from 0.14.0 to 0.17.0 by [@&#8203;dependabot](https://github.com/dependabot) in https://github.com/caddyserver/certmagic/pull/264
-   Demote "storage cleaning happened too recently" from WARN to INFO by [@&#8203;francislavoie](https://github.com/francislavoie) in https://github.com/caddyserver/certmagic/pull/270
-   Check DNS propagation at authoritative nameservers only with default resolvers by [@&#8203;pgeh](https://github.com/pgeh) in https://github.com/caddyserver/certmagic/pull/274
-   Retry with new account if account disappeared remotely by [@&#8203;mholt](https://github.com/mholt) in https://github.com/caddyserver/certmagic/pull/269
-   Update readme examples to use TLS-ALPN const from ACMEz by [@&#8203;goksan](https://github.com/goksan) in https://github.com/caddyserver/certmagic/pull/277
-   Initial implementation of ZeroSSL API issuer by [@&#8203;mholt](https://github.com/mholt) in https://github.com/caddyserver/certmagic/pull/279
-   Allow deleting directories via FileStorage by [@&#8203;goksan](https://github.com/goksan) in https://github.com/caddyserver/certmagic/pull/282
-   Use the `email` configuration in the ACME issuer to "pin" an account to a key by [@&#8203;ankon](https://github.com/ankon) in https://github.com/caddyserver/certmagic/pull/283
-   Initial implementation of ARI by [@&#8203;mholt](https://github.com/mholt) in https://github.com/caddyserver/certmagic/pull/286

#### New Contributors

-   [@&#8203;pgeh](https://github.com/pgeh) made their first contribution in https://github.com/caddyserver/certmagic/pull/274
-   [@&#8203;goksan](https://github.com/goksan) made their first contribution in https://github.com/caddyserver/certmagic/pull/277

**Full Changelog**: https://github.com/caddyserver/certmagic/compare/v0.20.0...v0.21.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am" (UTC), Automerge - "before 4am" (UTC).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoiZm9yZ2VqbyIsImxhYmVscyI6W119-->

Co-authored-by: Earl Warren <contact@earl-warren.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3724
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
Co-committed-by: Renovate Bot <forgejo-renovate-action@forgejo.org>
2024-05-12 14:56:39 +00:00
Earl Warren
d3e02eaa89 chore(licenses): make go-license 2024-05-08 19:31:56 +00:00
Earl Warren
3db929a2be
chore(licenses): github.com/minio/sha256-simd is no longer in use 2024-04-27 10:43:27 +02:00
Earl Warren
2d3705bb81 Merge pull request '[CHORE] Remove Microsoft SQL Server support' (#3040) from gusted/forgejo-rm-mssql into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3040
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-09 05:34:54 +00:00
Gusted
2d9afd0c21
[CHORE] Remove Microsoft SQL Server Support
- Per https://codeberg.org/forgejo/discussions/issues/122
2024-04-05 23:37:36 +02:00
Gusted
32134e3a43
[CHORE] Remove u2f dependency
- It was only used to parse old U2F data to webauthn credentials. We
only used the public key and keyhandle. This functiontionality was
reworked to `parseU2FRegistration`.
- Tests are already present, `Test_RemigrateU2FCredentials`.
2024-04-05 16:23:10 +02:00
Gusted
f579bde69d
[CHORE] Cleanup dependency
- Remove `gitea.com/lunny/dingtalk_webhook` as dependency, we only use
two structs which are small enough to be recreated in Forgejo and don't
need to rely on the dependency.
- Existing tests (thanks @oliverpool) prove that this has no effect.
2024-03-30 00:01:42 +01:00
Gusted
578f0b3335
[DEPS] Bump mysql driver
- Bump the SQL driver for MySQL to
[v1.8.0](https://github.com/go-sql-driver/mysql/releases/tag/v1.8.0),
which notably includes support for ed25519 authentication scheme (by
yours truly).
- Resolves #1868
2024-03-10 14:57:56 +01:00
Gusted
0c4872f839
[CHORE] Update connect-go to maintained fork
- Update github.com/bufbuild/connect-go to
https://github.com/connectrpc/connect-go.
- This is a fork that's actively maintained and is recommend by the
original library. Looking at the recent release notes, it looks like
going in the right direction what one would expect of a library, no
strange features being added, lots of improvements.
- There's still an indirect dependency by
`code.gitea.io/actions-proto-go` on a old version of `connect-go`.
2024-02-28 09:40:56 +01:00
Earl Warren
094c84ed6d
Merge branch 'rebase-forgejo-dependency' into wip-forgejo 2024-02-05 18:58:23 +01:00
Gusted
92413041bd
[GITEA] Use maintained gziphandler
- https://github.com/NYTimes/gziphandler doesn't seems to be maintained
anymore and Forgejo already includes
https://github.com/klauspost/compress which provides a maintained and
faster gzip handler fork.
- Enables Jitter to prevent BREACH attacks, as this *seems* to be
possible in the context of Forgejo.

(cherry picked from commit cc2847241d82001babd8d40c87d03169f21c14cd)
(cherry picked from commit 99ba56a8761dd08e08d9499cab2ded1a6b7b970f)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 711638193daa2311e2ead6249a47dcec47b4e335)
(cherry picked from commit 9c12a37fde6fa84414bf332ff4a066facdb92d38)
(cherry picked from commit d13065345431a499f9e0b7a3c2043d7487b8aa5b)
(cherry picked from commit 45a16f8c3c6f7d5e4aab8fdde6a621cf36e4801c)
(cherry picked from commit a497acb31f76d580c8b0567f9461274bd78080f4)
(cherry picked from commit fe87fd828973945192b98310c5c3b2001c6e0f86)
(cherry picked from commit 6ac12e6693cf45cb12109028dabd868957c4b74c)
(cherry picked from commit 981ec37e1e72ab19c20067ff4d2a7e20a60d3305)
(cherry picked from commit 5d6892ec10086f0ba63f26693faa82d0fd4e3f4a)
(cherry picked from commit 9df7968f4fc72de9788d84ca3f349e4c98ee630e)
(cherry picked from commit 7d588d183329cd760053663ea2e1e82e62958409)

Conflicts:
	routers/web/web.go
	https://codeberg.org/forgejo/forgejo/pulls/2075
(cherry picked from commit defb101281f5a6ba410abc763674bafa7b63dffd)
(cherry picked from commit 5830f204a17767fda3e45d16dbf3af8c32e7f387)
(cherry picked from commit 029f4e98636a7776f430684e9d7142d69a444f96)
(cherry picked from commit 816fe558126d0ecce969fdf2a196fa6afdcca792)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 99866d804560b415b6158371eb0efd17d097cfe0)
2024-02-05 16:09:40 +01:00
Caesar Schinas
31bfb80c03
[BRANDING] add Forgejo logo
(cherry picked from commit f42622c7d5a28859f535e0d86ece06101baad1ef)
(cherry picked from commit a39e7f2a79f6527d45439f21bd88378264160c3a)
(cherry picked from commit afa2a31bb99c0fd9cd25c3c0279e6c49695b1900)
(cherry picked from commit 276e8856e594ad7e73414382d34fdf0278cbca6a)
(cherry picked from commit 68e3bd469f2e8190db70d4e1564fb46d01feb5f4)
(cherry picked from commit af124b9ccbb0b699ea5d1bf1530613cb9a96f205)
(cherry picked from commit b89ab4874d403c784c92e579f4f6a854621c0078)
(cherry picked from commit 0f2a2f0d0ff9851428d6899e307f3547d7651f87)
(cherry picked from commit 80999363c73e4e01cbf9116491743c87baa952af)
(cherry picked from commit f8880b5463aa1db047d89080d21e7a69979eb4a6)
(cherry picked from commit 5f4cf4f6e143237c81da3e80875727cef4b76343)
(cherry picked from commit b38e26bc1a8bb117f571672961a8445cfc02c953)
(cherry picked from commit d839e0033244b63df16c8b548cc52106fc693629)
(cherry picked from commit 32ffe2e4f12c16a44a759c906078d40731c1a0c7)
(cherry picked from commit f1fd0504add78ae3fb5c710ab5a9ada20321afac)
(cherry picked from commit 6d77ea4d60a193d9d4175c4943b34077228e5964)
(cherry picked from commit 61a0a4a276303c3fd56f93fd109e3416cfdf7c60)
(cherry picked from commit a90b4126fdd55feef43f45d1dc3e3400806a476b)
(cherry picked from commit 9a20538fb4e88682e213a20813b77cc0f602fbfd)
(cherry picked from commit ce0fc02f0fbaa45b146fed175ce68bd02c507f3e)
(cherry picked from commit 541f7cb026f976d078ecb6da3a6c9e13cc4336f2)
(cherry picked from commit d6d0c2ab78a14d7aac8d7b6b0d007149de2f7295)
(cherry picked from commit 2c28f5ad2496cf30eb15d6caf9171b79e5017141)
(cherry picked from commit 9571bddb3308e3c1f0383e60f972ca61a0a467b7)
(cherry picked from commit c83ba08d01f149ecd52d983eec76bd60822c1ddd)
(cherry picked from commit 30e7d567ede79c015d0d115d9a2d535e6c681cb9)
(cherry picked from commit a8b8c3eba75511449dc97fa27b37db1076ce95f0)
(cherry picked from commit 8e053e1ade4710ade3b6e4bc6aa04fe9281243d7)
(cherry picked from commit 9e3b0f7520a56e5eb22cd0e33e231ea9063f0e1f)
(cherry picked from commit 2343b9bd09cda3e474b36842fae419f9fe32b134)
(cherry picked from commit 56572d4156050c2beb62f63a871375fdc2424271)
(cherry picked from commit 9b09eda1680282f8114f752e52afd544ef30350c)
(cherry picked from commit 86a8b7b4904158ea80d259d7a1846528a9b3c403)
(cherry picked from commit 99a550c0e3de3bd8d17a610b849da0c04f776dbd)
(cherry picked from commit bdcf3f51e07c9f5f067fca7501ad69c42f925197)
(cherry picked from commit cec8f2d31e1cd9237120ee57af80b17e4abf026e)
(cherry picked from commit 25aa22ba2b8b8bdb215c14002ebc137e2e70cad4)
(cherry picked from commit 31510249a01fad40cc001277f5bcbe57248b0330)
(cherry picked from commit 95dc569227ac57c2efe7817edb6749fcead0ec24)
(cherry picked from commit f6caf5f1b9f8f560fcfef29247525c018976dcde)
(cherry picked from commit aba34fbf70dce183907083593cab7716597575a3)
(cherry picked from commit 41b816fdac30cfca311d5c24c155301de5d08a40)
(cherry picked from commit c98e79b89f5a12b50b6eb1ff1d0afc2cbd756ca3)
(cherry picked from commit d33d4f193cd79493e3d206e0c73395aea5bd305c)
(cherry picked from commit 4e5bb41cbe9823f8c198a54b56f0ee66b9cf8bf8)
(cherry picked from commit 3aa8ddb8cb4cb836b98c465342b106d027868606)
(cherry picked from commit e8057040bb751d1bdcb0e7412495da353189a02f)
(cherry picked from commit f3bf61e51e8c44ac098dca03532507bae5b65fc1)
(cherry picked from commit e9d08aad76cc38a81e9489871e1116819f84052e)
2024-02-05 16:02:13 +01:00
Gusted
8735fcdb7d
[GITEA] Vendor rupture dependency
- The [rupture](https://github.com/ethantkoenig/rupture) dependency was
essentially outdated in the sense it was using old version of
dependencies.
- The usage by Forgejo was rather a small portion, so that portion is
now vendored (with its tests).
- Removes old dependencies from go.sum (less dependencies is better for
reviewing what the heck we're importing). Just to note that they were
likely not being used by Go's build process (according to
https://go.dev/ref/mod#minimal-version-selection), so it's really a
matter of formal cleaning up dependencies we don't use and therefor
don't want to download and be in our go.sum.

(cherry picked from commit aa72a5f009b5027b2324106343f91b466ba46293)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2148
(cherry picked from commit fbe8d65f0b1836b2e771991b4d5d12f1bfa938ed)
(cherry picked from commit e18debcb6a9476f60d364e847265b4ac7fb76c8e)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/2245
(cherry picked from commit 8c43c2ada82102a0df44fd874c4f5fe3a36ef758)
2024-02-05 15:08:04 +01:00
wxiaoguang
82acf22d9c
Update go dependencies and fix go-git (#28893)
More details are in the comment of repo_base_gogit.go

And ref: https://github.com/go-git/go-git/issues/1006
2024-01-23 05:40:00 +00:00
wxiaoguang
11f0519ad8
Update go dependencies (#28518)
Update golang.org/x/crypto for CVE-2023-48795 and update other packages.
`go-git` is not updated because it needs time to figure out why some
tests fail.
2023-12-19 09:18:42 +08:00
Yevhen Pavlov
cd2ff6e83d
Bump google/go-github to v57 (#28514) 2023-12-18 15:42:04 -06:00
techknowlogick
e3229c8e9b
bump go-deps (#27489) 2023-10-07 05:55:08 +00:00
wxiaoguang
1432d4eab9
Update go dependencies (#26534) 2023-08-16 12:02:40 +00:00
Chongyi Zheng
f2138d6968
Replace gogs/cron with go-co-op/gocron (#25977)
Replace `github.com/gogs/cron` with `github.com/go-co-op/gocron` as the
former package is not maintained for many years.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-24 04:13:41 +00:00
wxiaoguang
d0dbe52e76
Refactor to use urfave/cli/v2 (#25959)
Replace #10912

And there are many new tests to cover the CLI behavior

There were some concerns about the "option order in hook scripts"
(https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314),
it's not a problem now. Because the hook script uses `/gitea hook
--config=/app.ini pre-receive` format. The "config" is a global option,
it can appear anywhere.

----

## ⚠️ BREAKING ⚠️

This PR does it best to avoid breaking anything. The major changes are:

* `gitea` itself won't accept web's options: `--install-port` / `--pid`
/ `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's
options.
    * Use `./gitea web --pid ....` instead
* `./gitea` can still run the `web` sub-command as shorthand, with
default options
* The sub-command's options must follow the sub-command
* Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd
--sub-opt` (well, might not ...)
    * After: only `./gitea subcmd --sub-opt` could be used
    * The global options like `--config` are not affected
2023-07-21 17:28:19 +08:00
harryzcy
ec227d6682
Remove nfnt/resize and oliamb/cutter (#25999)
The package `github.com/nfnt/resize` is deprecated and archived by the
author. `github.com/oliamb/cutter` is not maintained since 2018. We
could use `golang.org/x/image/draw` instead.
2023-07-20 19:52:42 +08:00
harryzcy
0f9f6567bb
Bump github.com/golang-jwt/jwt to v5 (#25975)
Bumping `github.com/golang-jwt/jwt` from v4 to v5.

`github.com/golang-jwt/jwt` v5 is bringing some breaking changes:

- standard `Valid()` method on claims is removed. It's replaced by
`ClaimsValidator` interface implementing `Validator()` method instead,
which is called after standard validation. Gitea doesn't seem to be
using this logic.
- `jwt.Token` has a field `Valid`, so it's checked in `ParseToken`
function in `services/auth/source/oauth2/token.go`

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-19 09:57:10 +00:00
harryzcy
c5e187c389
Upgrade go dependencies (#25819) 2023-07-14 11:00:31 +08:00
isla w
e882398c5a
Update emoji set to Unicode 15 (#25595)
Update emoji set to Unicode 15 which was added upstream here:
cb5c514d47

<img width="854" alt="Screenshot 2023-06-29 at 11 02 56 AM"
src="https://github.com/go-gitea/gitea/assets/1669571/7bfb663d-0804-4d23-a62d-f585a6783ca6">

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-06-29 16:29:48 +00:00
Yevhen Pavlov
5fa4415bbb
Update github.com/google/go-github to v53 (#25157)
The new `go-github` version
[53](https://github.com/google/go-github/releases/tag/v53.0.0) has been
released.
2023-06-09 19:42:51 +00:00
6543
4c81dae297
Update github.com/google/go-github to v52 (#24004)
based on https://github.com/google/go-github/pull/2743

because of
https://github.com/go-gitea/gitea/pull/23946#discussion_r1160317554

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-05-31 00:31:51 +00:00
KN4CK3R
05209f0d1d
Add RPM registry (#23380)
Fixes #20751

This PR adds a RPM package registry. You can follow [this
tutorial](https://opensource.com/article/18/9/how-build-rpm-packages) to
build a *.rpm package for testing.

This functionality is similar to the Debian registry (#22854) and
therefore shares some methods. I marked this PR as blocked because it
should be merged after #22854.


![grafik](https://user-images.githubusercontent.com/1666336/223806549-d8784fd9-9d79-46a2-9ae2-f038594f636a.png)
2023-05-05 20:33:37 +00:00
techknowlogick
a1cd455c85
Bump golang deps (#24533) 2023-05-05 17:17:19 +08:00
KN4CK3R
bf999e4069
Add Debian package registry (#24426)
Co-authored-by: @awkwardbunny

This PR adds a Debian package registry.
You can follow [this
tutorial](https://www.baeldung.com/linux/create-debian-package) to build
a *.deb package for testing.
Source packages are not supported at the moment and I did not find
documentation of the architecture "all" and how these packages should be
treated.


![grafik](https://user-images.githubusercontent.com/1666336/218126879-eb80a866-775c-4c8e-8529-5797203a64e6.png)

Part of #20751.

Revised copy of #22854.

---------

Co-authored-by: Brian Hong <brian@hongs.me>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-05-02 12:31:35 -04:00
Yarden Shoham
c0ddec8a2a
Revert "Add Debian package registry" (#24412)
Reverts go-gitea/gitea#22854
2023-04-28 18:06:41 -04:00
KN4CK3R
bf77e2163b
Add Debian package registry (#22854)
Co-authored-by: @awkwardbunny

This PR adds a Debian package registry. You can follow [this
tutorial](https://www.baeldung.com/linux/create-debian-package) to build
a *.deb package for testing. Source packages are not supported at the
moment and I did not find documentation of the architecture "all" and
how these packages should be treated.

---------

Co-authored-by: Brian Hong <brian@hongs.me>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-04-28 17:51:36 -04:00
silverwind
572af214a7
Ensure final newline in assets/go-licenses.json (#24407)
This will ensure that the file always has a final newline. I'm not sure
where this bug with inconsistent final newline actually comes from, it
is likely Windows-related.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-04-28 13:39:18 -04:00
JakobDev
65fe0fb22c
Allow webp images as avatars (#24248)
Users can now upload `webp` images.
Browsers supporting webp images then display this as the avatar of this
user (every major browser except IE).

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-21 13:15:49 -04:00
techknowlogick
985f76dc4b
Update redis library to support redis v7 (#24114) 2023-04-13 18:41:04 -04:00
harryzcy
1ee45305e0
Update github.com/google/go-github to v51 (#23946)
`github.com/google/go-github` has new major version releases frequently.
It is required to update all import path, in additional to `go.mod`
2023-04-08 19:27:30 +08:00
wxiaoguang
8f00979f73
Drop "unrolled/render" package (#23965)
None of the features of `unrolled/render` package is used. 

The Golang builtin "html/template" just works well. Then we can improve
our HTML render to resolve the "$.root.locale.Tr" problem as much as
possible.

Next step: we can have a template render pool (by Clone), then we can
inject global functions with dynamic context to every `Execute` calls.
Then we can use `{{Locale.Tr ....}}` directly in all templates , no need
to pass the `$.root.locale` again and again.
2023-04-08 14:21:50 +08:00
techknowlogick
92c160d8e7
Add meilisearch support (#23136)
Add meilisearch support

Fixes #20665
2023-03-28 22:23:23 -04:00
Jason Song
19bfea6d7d
Update act (#23512)
Update replace:
```diff
- replace github.com/nektos/act => gitea.com/gitea/act v0.234.2-0.20230131074955-e46ede1b1744
+ replace github.com/nektos/act => gitea.com/gitea/act v0.243.1
```

Update require:
```diff
-	github.com/nektos/act v0.0.0
+	github.com/nektos/act v0.2.43
```

Actually, `v0.2.43` doesn't work, it will be replaced by `gitea/act`, so
it's OK to put any version here. But `gitea/act` is based on
`nektos/act`, so keeping the right upstream version will make security
dependabot help.

BTW, the [security
report](https://github.com/go-gitea/gitea/security/dependabot/20) is
false positive, we don't use the artifact server in act, see #22738.
2023-03-16 18:09:11 +08:00
zeripath
740a5ecdd9
Update go.mod dependencies (#23126)
This PR does a bulk update of a lot of our go deps.

I have not included nektos/act and xorm for the following reasons:
* Xorm updates can sometimes be complex and I'd rather do that in a
separate PR
* I think people more update with the actions code should double check
that the latest nektos/act library works correctly.

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-24 20:18:49 +00:00
KN4CK3R
f8c1e14a13
Use import of OCI structs (#22765)
Fixes #22758

Otherwise we would need to rewrite the structs in `oci.go`.
2023-02-06 10:07:09 +00:00
Jason Song
4011821c94
Implement actions (#21937)
Close #13539.

Co-authored by: @lunny @appleboy @fuxiaohei and others.

Related projects:
- https://gitea.com/gitea/actions-proto-def
- https://gitea.com/gitea/actions-proto-go
- https://gitea.com/gitea/act
- https://gitea.com/gitea/act_runner

### Summary

The target of this PR is to bring a basic implementation of "Actions",
an internal CI/CD system of Gitea. That means even though it has been
merged, the state of the feature is **EXPERIMENTAL**, and please note
that:

- It is disabled by default;
- It shouldn't be used in a production environment currently;
- It shouldn't be used in a public Gitea instance currently;
- Breaking changes may be made before it's stable.

**Please comment on #13539 if you have any different product design
ideas**, all decisions reached there will be adopted here. But in this
PR, we don't talk about **naming, feature-creep or alternatives**.

### ⚠️ Breaking

`gitea-actions` will become a reserved user name. If a user with the
name already exists in the database, it is recommended to rename it.

### Some important reviews

- What is `DEFAULT_ACTIONS_URL` in `app.ini` for?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954
- Why the api for runners is not under the normal `/api/v1` prefix?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592
- Why DBFS?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178
- Why ignore events triggered by `gitea-actions` bot?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103
- Why there's no permission control for actions?
  - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868

### What it looks like

<details>

#### Manage runners

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png">

#### List runs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png">


#### View logs

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png">



</details>

### How to try it

<details>

#### 1. Start Gitea

Clone this branch and [install from
source](https://docs.gitea.io/en-us/install-from-source).

Add additional configurations in `app.ini` to enable Actions:

```ini
[actions]
ENABLED = true
```

Start it.

If all is well, you'll see the management page of runners:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png">


#### 2. Start runner

Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow
the
[README](https://gitea.com/gitea/act_runner/src/branch/main/README.md)
to start it.

If all is well, you'll see a new runner has been added:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png">

#### 3. Enable actions for a repo

Create a new repo or open an existing one, check the `Actions` checkbox
in settings and submit.

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png">
<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png">

If all is well, you'll see a new tab "Actions":

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png">

#### 4. Upload workflow files

Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can
follow the [quickstart](https://docs.github.com/en/actions/quickstart)
of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions
in most cases, you can use the same demo:

```yaml
name: GitHub Actions Demo
run-name: ${{ github.actor }} is testing out GitHub Actions 🚀
on: [push]
jobs:
  Explore-GitHub-Actions:
    runs-on: ubuntu-latest
    steps:
      - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event."
      - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!"
      - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}."
      - name: Check out repository code
        uses: actions/checkout@v3
      - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner."
      - run: echo "🖥️ The workflow is now ready to test your code on the runner."
      - name: List files in the repository
        run: |
          ls ${{ github.workspace }}
      - run: echo "🍏 This job's status is ${{ job.status }}."
```

If all is well, you'll see a new run in `Actions` tab:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png">

#### 5. Check the logs of jobs

Click a run and you'll see the logs:

<img width="1792" alt="image"
src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png">

#### 6. Go on

You can try more examples in [the
documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions)
of GitHub Actions, then you might find a lot of bugs.

Come on, PRs are welcome.

</details>

See also: [Feature Preview: Gitea
Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/)

---------

Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2023-01-31 09:45:19 +08:00
John Olheiser
2052a9e2b4
Consume hcaptcha and pwn deps (#22610)
This PR just consumes the
[hcaptcha](https://gitea.com/jolheiser/hcaptcha) and
[haveibeenpwned](https://gitea.com/jolheiser/pwn) modules directly into
Gitea.

Also let this serve as a notice that I'm fine with transferring my
license (which was already MIT) from my own name to "The Gitea Authors".

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-01-29 09:49:51 -06:00
KN4CK3R
fc037b4b82
Add support for incoming emails (#22056)
closes #13585
fixes #9067
fixes #2386
ref #6226
ref #6219
fixes #745

This PR adds support to process incoming emails to perform actions.
Currently I added handling of replies and unsubscribing from
issues/pulls. In contrast to #13585 the IMAP IDLE command is used
instead of polling which results (in my opinion 😉) in cleaner code.

Procedure:
- When sending an issue/pull reply email, a token is generated which is
present in the Reply-To and References header.
- IMAP IDLE waits until a new email arrives
- The token tells which action should be performed

A possible signature and/or reply gets stripped from the content.

I added a new service to the drone pipeline to test the receiving of
incoming mails. If we keep this in, we may test our outgoing emails too
in future.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-14 23:57:10 +08:00
techknowlogick
b36854df37
Update golang deps (#22410)
Note, hashicorp's LRU has been updated to v2 which supports generics but
this was left out as it is a more involved upgrade.
2023-01-12 09:21:16 +01:00
techknowlogick
6f231a7980
Replace deprecated Webauthn library (#22400)
Fix #22052

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-01-11 21:51:00 -05:00
isla w
f41ad344cb
Update Emoji dataset to Unicode 14 (#22342)
Gitea emoji dataset was out of date because it gets manually built and
hasn't been rebuilt since it was added. This means Gitea doesn't
recognize some newer emoji or changes to existing ones.

After changing the max unicode version to 14 I just ran: `go run
build/generate-emoji.go`

This should address the initial issue seen in #22153 where Gitea doesn't
recognize a standard alias used elsewhere when importing content.

14 is the latest supported version from the upstream source as 15 is not
widely supported (in their opinion) yet
2023-01-04 11:52:48 -06:00
Lunny Xiao
e72acd5e5b
Split migrations folder (#21549)
There are too many files in `models/migrations` folder so that I split
them into sub folders.
2022-11-02 16:54:36 +08:00
qwerty287
a813c9d8f3
Allow creation of OAuth2 applications for orgs (#18084)
Adds the settings pages to create OAuth2 apps also to the org settings
and allows to create apps for orgs.

Refactoring: the oauth2 related templates are shared for
instance-wide/org/user, and the backend code uses `OAuth2CommonHandlers`
to share code for instance-wide/org/user.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-10-09 20:07:41 +08:00