Add an option to protected branches to add writing deploy keys to the whitelist for pushing.
Please note this is technically a breaking change: previously if the owner of a repository was on the whitelist then any writing deploy key was effectively on the whitelist. This option will now need to be set if that is desired.
Closes #8472
Details:
* Allow Protected Branches to Whitelist Deploy Keys
* Add migration
* Ensure that IsDeployKey is set to false on the http pushes
* add not null default false
This PR ensures that once opened the diff stats detail box can be scrolled independently of the diff on the compare page.
Fixes #5532
Details:
* make diff-detail-box the main container
* move file diff at the same level as diff-stats
* make diff-view options sticy again
* make diff-stats scroll if to mouch
* rm useless css info
* less: mv diff-stats to own class
* use new css class
* cleanup less file
* diff-counter: margin-right: 15px;
* make CI work
* make numbers colorful
* add sign (-/+) to numbers
* allow external rendering of other filetypes
fixes #4996 and #7614
allows rendering of non-tex files, or otherwise accounted for filetypes
* Moves flie-size check before read()
And performs gofmt -s
* Only reads if markType is detected
* Ensure defaultGPGSettings not nil
* Ensure that coerced commits gain a reference to the repo
* Add warning if trying to get defaultgpgsetting on an unattached commit
* Fix #8582 by handling empty repos
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix tests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Allow committing / adding empty files from the web ui (#8420)
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
* Add a modal to confirm the commit of an empty file
Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.
## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
- [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
- Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
- [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
- app.ini configuration done
- [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation
I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
* Update the provided gitea.service since we have graceful restarting again
* Update contrib/systemd/gitea.service
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
editorconfig-core-go made breaking api changes and has recently released
v2.1.1. This change consumes the new api and fixes up any breaking
references.