Commit Graph

9703 Commits

Author SHA1 Message Date
6543
dc71d00393
RepoInit Respect AlternateDefaultBranch (#12746) (#12751) 2020-09-06 18:03:50 -04:00
6543
0bb56a413d
Fix Avatar Resize (resize algo NearestNeighbor -> Bilinear) (#12745) (#12750)
* Update Vendor github.com/nfnt/resize

* switch resize algo NearestNeighbor -> Bilinear
2020-09-06 22:14:59 +01:00
6543
2806a312e1
[Backport] Fix go1.15 lint error in modules/public/public.go (#12707) (#12708)
* fix go1.15 lint error in modules/public/public.go

* CI.restart()
2020-09-04 08:28:08 +03:00
techknowlogick
8a51c48eb6
Changelog for 1.12.4 release (#12687)
Co-authored-by: zeripath <art27@cantab.net>
2020-09-03 17:00:13 -04:00
6543
0fa538e552
[Backport] Fix comment broken issue ref dependence (#12651) (#12692)
* deleteIssuesByRepoID: delete related CommentTypeRemoveDependency & CommentTypeAddDependency comments too

* Ignore ErrIssueNotExist on comment.LoadDepIssueDetails()

* CI.restart()
2020-09-03 17:23:36 +08:00
6543
69e4b6910b
Make default StaticRootPath compile time settable (#12371) (#12652)
Make it possible to compile the default location of StaticRootPath independent from AppWorkPath

Co-authored-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-02 19:12:24 -04:00
techknowlogick
0e9dcc9500
When reading expired sessions - expire them (#12686) (#12690)
* When reading expired sessions - expire them

Update to latest macaron/session following merge of
https://gitea.com/macaron/session/pulls/11

Also remove old memory provider as 11 updates the memory provider to
make it unnecessary.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* and macaron/session/pulls/12

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-09-02 18:51:56 -04:00
6543
87f02d90cf
Escape provider name in oauth2 provider redirect (#12650)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-08-30 23:55:19 +01:00
John Olheiser
21cd7ab812
Mark Cache with ini tag (#12605) (#12611)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-08-26 11:53:14 -04:00
John Olheiser
981216c9fe
Escape Email in forgot_password.tmpl (#12610) (#12612)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-26 10:12:09 -05:00
techknowlogick
cfbfb73c56
go1.15 on windows (#12589) (#12593)
We don't support go1.15 on 1.12.x branch, however this will allow users who chose to build with go1.15 on windows to be successful
2020-08-24 18:38:47 -04:00
zeripath
4a548a0332
Fix diff path unquoting (#12554) (#12575)
Backport #12554

* Fix diff path unquoting

services/gitdiff/gitdiff.go whereby there it assumed that the path would
always be quoted on both sides

This PR simplifies the code here and uses fmt.Fscanf to parse the
strings as necessary.

Fix #12546

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add testcase as per @mrsdizzie

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-23 16:58:09 +03:00
zeripath
8bf2ee1e02
Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
Backport #12556

SSPI fails badly on authentication attempts to /api/internal which
it can never succesfully authenticate.

Fix #11260

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-22 17:09:14 -04:00
zeripath
a687980412
Default empty merger list to those with write permissions (#12535) (#12560)
Backport #12535

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-22 23:35:56 +03:00
zeripath
1f85815a3b
models: break out of loop (#12386) (#12561)
Backport #12386

Co-authored-by: Lars Lehtonen <lars.lehtonen@gmail.com>
2020-08-22 16:22:07 +01:00
silverwind
ee5e5a5093
Improve HTML escaping helper (#12562)
The previous method did not escape single quotes which under some
circumstances can lead to XSS vulnerabilites and the fact that it
depends on jQuery is also not ideal. Replace it with a lightweight
module.
2020-08-22 13:36:56 +01:00
zeripath
03ba12aabf
Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
* Prevent NPE on commenting on lines with invalidated comments

Only check for a review if we are replying to a previous review.

Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.

Fix #12239

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add hack around to show the broken comments

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-21 10:52:20 +03:00
John Olheiser
24ed1b5feb
Remove hardcoded ES indexername (#12521) (#12526)
Co-authored-by: Wim <wim@42.be>
2020-08-18 21:42:22 -04:00
zeripath
8282697734
Keys should not verify revoked email addresses (#12486) (#12495)
Backport #12486

Fix #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-17 12:06:31 -04:00
techknowlogick
ec48618d40
Fix bug preventing transfer to private organization (#12497) (#12501)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere

Co-authored-by: zeripath <art27@cantab.net>
2020-08-17 09:32:33 +03:00
techknowlogick
f0dd07129a
Do not add prefix on http/https submodule links (#12477) (#12479)
Fix #12345

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-13 11:53:40 -04:00
techknowlogick
6d3b8141df
Fix ignored login on compare (#12476) (#12478)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-12 16:36:22 -04:00
techknowlogick
13c4c7a132
Match GH with Commit page (#12425) (#12431)
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-05 15:49:12 +08:00
techknowlogick
6015d30dd6
Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
* Fix incorrect logging in oauth2.go

Fix #11945

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle ErrAlreadyInQueue in stats indexer

Fix #12380

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fixes type in error message of indexer

Add the missing character in the error message.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>
2020-08-04 16:27:43 +08:00
6543
b1cfb0d7a2
[Vendor] upgrade google/go-github to v32.1.0 (#12361) (#12390)
* upgrate go-github client to v32.1.0

* migrate
2020-07-31 12:02:23 -04:00
6543
48a423a8a8
Rendoer emoji's of Commit message on feed-page (#12373) 2020-07-29 17:09:47 -04:00
zeripath
cc8a7c9345
Git 2.28 no longer permits diff with ... on unrelated branches (#12370)
Backport #12364

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-29 12:42:22 -04:00
6543
77af0a23c4
Changelog v1.12.3 (#12356)
* Changelog v1.12.3

* better description for 12351

* @techknowlogick suggestions
2020-07-28 16:41:36 -04:00
Richard Mahn
87bfe02b5b
Backport to v1.12 for #12341 - Release date fix (#12351)
* Backport for Issue #12341 PR #12343 - Release date fix

* Adds sleep for comparing times

* Fixes imports

* Fixes tests
2020-07-28 14:10:50 -04:00
techknowlogick
9bac656b7d
Show 404 page when release not found (#12328) (#12332)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-27 00:39:44 +03:00
silverwind
ad68c9ccb2
Backport emoji fixes to 1.12 (#12327)
* Fix emoji detection in certain cases (#12320)

* Fix emoji detection certain cases

Previous tests weren't complicated enough so there were some situations where emojis were't detected properly. Find the earliest occurance in addition to checking for the longest combination.

Fixes #12312

* ok spell bot

Co-authored-by: Lauris BH <lauris@nix.lv>

* Reduce emoji size (#12317)

* Reduce emoji size

Rendering should now pretty much match GitHub with 1.25em. I verified
that emojis don't increase the line height and removed unecessary size
overrides because now all emojis should appear similar in relation to
the font size.

* fix reaction hover

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-25 12:50:57 -04:00
techknowlogick
8d1cd4d252
Fix double-indirection bug in logging IDs (#12294) (#12308)
This PR fixes a bug in log.NewColoredIDValue() which led to a double
indirection and incorrect IDs being printed out.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-07-24 02:24:22 +03:00
techknowlogick
64eaa2a942
[ui] Link to pr list page on sidebar when view pr (#12256) (#12263)
Fix #12254

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: 赵智超 <1012112796@qq.com>
2020-07-16 11:56:09 -04:00
zeripath
489e9162fc
Extend Notifications API and return pinned notifications by default (#12164) (#12232)
Backport #12164

This PR extends the notifications API to allow specific notification statuses to be searched for and to allow setting of notifications to statuses other than read.

By default unread and pinned statuses will be returned when querying for notifications - however pinned statuses will not be marked as read.

Close #12152

Signed-off-by: Andrew Thornton art27@cantab.net
2020-07-13 21:52:05 +01:00
Lauris BH
5e62137fe3
Changelog for v1.12.2 (#12214)
* Changelog for v1.12.2

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
2020-07-11 19:53:26 +03:00
赵智超
6a081f95c0
Decrease the num_stars when deleting a repo (#11954) (#12188)
* Decrease the  num_stars when deleting a repo

fix #11949

Signed-off-by: a1012112796 <1012112796@qq.com>

* Add migration

* use batch

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

* fix lint

* fix ci

* fix ci2

* add doctor

* duplicate code

* fix migration

* fix some nits

* add start

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-08 17:52:40 -04:00
techknowlogick
c3c246cffc
Fix regression: Gitea commits API again returns commit summaries, not full messages (#12186) (#12187)
Closes #12185

Co-authored-by: Kristian Antonsen <kristian@derfor.dk>
2020-07-08 11:22:07 -04:00
techknowlogick
85be939c2a
properly set symbolic-ref HEAD when a repo is created with a non-master default branch (#12135) (#12182)
This fixes an issue I noticed with #10803: when you create a repo with a non-master default branch, gitea doesn't change the remote ref HEAD, so it still points at refs/heads/master. As a result, cloning my repos gives me error messages and doesn't check out the desired default branch, so I need to manually check it out after cloning.

Co-authored-by: xenofem <45297511+xenofem@users.noreply.github.com>
2020-07-08 00:40:22 -04:00
Jürgen Hötzel
a680c911e4
Trim to 255 runes instead of bytes (#12150)
* Trim to 255 runes instead of bytes

Prevents invalid UTF-8 encoding for Description and Website. Refs #7905

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-07 19:05:35 -04:00
zeripath
d9c18cbba0
Ensure Subkeys are verified (#12155) (#12168)
Backport #12155

When attempting to verify subkeys the email address verification step
requires checking the emails however, these emails are not stored on
subkeys but instead on the primary key.

This PR will obtain the primaryKey and check against these emails too.

Fix #12128

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-06 20:13:18 -04:00
Lauris BH
3daedb3877
Use hash of repo path, ref and entrypath as cache key (#12151) (#12161) 2020-07-06 16:51:45 +08:00
zeripath
2bf987229a
Multiple small admin dashboard fixes (#12153) (#12156)
* Prevent (EXTRA string) comments in Task headers
* Redirect tasks started from monitor page back to monitor
* Fix #12107 - redirects from process cancel should use AppSubUrl
* When wrapping queues set the name correctly

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-05 21:19:53 +01:00
zeripath
f984a7e6c6
Remove spurious logging (#12139) (#12148)
Backport #12139

Unfortunately #10745 merged a spurious logging message. This PR removes this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-05 12:09:13 -04:00
Andreas Shimokawa
c96da610c2
templates/repo/empty.tmpl : fix repo setup instructions (#12147)
Co-authored-by: codeberg <codeberg@codeberg.org>
Co-authored-by: zeripath <art27@cantab.net>
2020-07-05 15:56:10 +03:00
zeripath
e46dbec294
Move EventSource to SharedWorker (#12095) (#12130)
* Move EventSource to SharedWorker (#12095)

Backport #12095

Move EventSource to use a SharedWorker. This prevents issues with HTTP/1.1
open browser connections from preventing gitea from opening multiple tabs.

Also allow setting EVENT_SOURCE_UPDATE_TIME to disable EventSource updating

Fix #11978

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

* Bugfix for shared event source

For some reason our eslint configuration is not working correctly
and a bug has become apparent when trying to backport this to 1.12.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Re-fix #12095 again

Unfortunately some of the suggested changes to #12095 introduced
bugs which due to caching behaviour of sharedworkers were not caught
on simple tests.

These are as follows:

* Changing from simple for loop to use includes here:

```js
  register(port) {
    if (!this.clients.includes(port)) return;

    this.clients.push(port);

    port.postMessage({
      type: 'status',
      message: `registered to ${this.url}`,
    });
  }
```

The additional `!` prevents any clients from being added and should
read:

```js
    if (this.clients.includes(port)) return;
```

* Dropping the use of jQuery `$(...)` selection and using DOM
`querySelector` here:

```js
async function receiveUpdateCount(event) {
  try {
    const data = JSON.parse(event.data);

    const notificationCount = document.querySelector('.notification_count');
    if (data.Count > 0) {
      notificationCount.classList.remove('hidden');
    } else {
      notificationCount.classList.add('hidden');
    }

    notificationCount.text() = `${data.Count}`;
    await updateNotificationTable();
  } catch (error) {
    console.error(error, event);
  }
}
```

Requires that `notificationCount.text()` be changed to use `textContent`
instead.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-05 01:08:03 +03:00
赵智超
8f64017058
Fix ui bug in wiki commit page (#12089) (#12125)
* Fix ui bug in wiki commit page

TODO: Maybe we should allow wiki to have its own ``.editorconfig`` file.

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix a small nit

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-07-03 00:49:55 -04:00
zeripath
d737eaa63a
Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
Backport #11852

When migrating from gitlab, set the baseUrl in NewGitlabDownloader when using an access token or username without password

Fix #11851

Co-authored-by: Gernot Eger <gernot.eger@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-02 20:26:47 +08:00
zeripath
058ee52333
Fix gitgraph branch continues after merge (#12044) (#12105)
Backport #12044

* Fix gitgraph branch continues after merge

After fixing the initial problem in #11981 another
problem has come to light...

Fix #11981 (part 2)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update web_src/js/vendor/gitgraph.js

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>
2020-07-02 11:46:06 +01:00
Lauris BH
47b1fc5149
Fix merge section in dark theme (#12086) (#12109)
Backport #12086

* Fix merge section in dark theme

* Fix lint
2020-07-02 10:36:45 +01:00
zeripath
20c2bdf86b
Ensure BlameReaders close at end of request (#12102) (#12103)
Backport #12102

this was thought to be due to timeouts, however on closer look this
appears to be due to the Close() function of the BlameReader hanging
with a blocked stdout pipe.

This PR fixes this Close function to:

* Cancel the context of the cmd
* Close the StdoutReader - ensuring that the output pipe is closed

Further it makes the context of the `git blame` command a child of the
request context - ensuring that even if Close() is not called, on
cancellation of the Request the blame is command will also be cancelled.

Fixes #11716
Closes #11727

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-01 18:43:25 +03:00