Commit Graph

18244 Commits

Author SHA1 Message Date
Giteabot
0f834f052b
Allow set branch protection in an empty repository () ()
Backport  by @lunny

Resolve 

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-24 11:42:52 +09:00
Giteabot
a3c660f89a
Fix panic when cloning with wrong ssh format. () ()
Backport  by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-24 01:58:58 +00:00
Giteabot
d5d5fb1925
Fix Bug in Issue/pulls list () () 2024-09-24 01:26:10 +00:00
Giteabot
ae37f31df6
use rebuilt mssql-2017 image () ()
Backport  by @techknowlogick

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
2024-09-23 21:23:04 +00:00
Giteabot
1f8cbbab3d
Fix rename branch permission bug () ()
Backport  by @lunny

The previous implementation requires admin permission to rename branches
which should be write permission.

Fix 

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-22 19:43:13 +00:00
Giteabot
af0cab23ea
Fix wrong last modify time () ()
Backport  by @lunny

Fix  and more places which use `http.TimeFormat` wrongly.
`http.TimeFormat` requires a UTC time. refer to
https://pkg.go.dev/net/http#TimeFormat

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-22 19:12:57 +00:00
Giteabot
73066e3f97
Add bin to Composer Metadata () ()
Backport  by @maantje

This PR addresses the missing `bin` field in Composer metadata, which
currently causes vendor-provided binaries to not be symlinked to
`vendor/bin` during installation.

In the current implementation, running `composer install` does not
publish the binaries, leading to issues where expected binaries are not
available.

By properly declaring the `bin` field, this PR ensures that binaries are
correctly symlinked upon installation, as described in the [Composer
documentation](https://getcomposer.org/doc/articles/vendor-binaries.md).

Co-authored-by: Jamie Schouten <j4mie@hey.com>
2024-09-22 18:42:02 +00:00
Giteabot
919b82461a
Fix incorrect /tokens api () ()
Backport  by @KN4CK3R

Fixes 

- Add missing scopes output.
- Disallow empty scope.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-09-22 18:02:09 +00:00
Lunny Xiao
69ba37e9fd
Fix mssql ci with a new mssql version on ci ()
backport from https://github.com/go-gitea/gitea/pull/32060
2024-09-23 01:32:26 +08:00
Giteabot
ea9e09abe5
Fix: database not update release when using git push --tags --force () ()
Backport  by @ExplodingDragon

link: https://codeberg.org/forgejo/forgejo/issues/4274

Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
2024-09-19 07:57:28 +08:00
wxiaoguang
2891edbbcb
Refactor CSRF protector () ()
 improves the CSRF handling and is worth to backport
2024-09-18 17:02:45 +00:00
Giteabot
8dbe83d205
Add missing comment reply handling () ()
Backport  by @KN4CK3R

Fixes 

- Add missing comment reply handling
- Use `onGiteaRun` in the test because the fixtures are not present
otherwise (did this behaviour change?)

Compare without whitespaces.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-09-18 09:23:28 +00:00
Giteabot
2831ae369e
Lazy load avatar images () ()
Backport  by @hiifong

Before:

https://github.com/user-attachments/assets/7b1681ba-4781-432a-ae20-c07e94c1dbb6

After:

https://github.com/user-attachments/assets/5154e160-e22c-460e-b0d9-28768486c178

Co-authored-by: hiifong <i@hiif.ong>
2024-09-18 16:52:44 +08:00
Giteabot
e6395e1e81
Handle invalid target when creating releases using API () ()
Backport  by @kemzeb

A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on .

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-09-17 02:23:40 +00:00
Giteabot
8a39a4812f
Do not escape relative path in RPM primary index () ()
Backport  by @KN4CK3R

Fixes 

Do not escape the relative path.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-09-17 08:19:35 +08:00
Giteabot
3d7d0c36e7
Check if the due_date is nil when editing issues () ()
Backport  by @Zettat123

Fix 

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-09-15 01:31:34 +08:00
Lunny Xiao
30d989d411
Fix container parallel upload bugs ()
This PR should be replaced by  in v1.23. The aim of creating this
PR is to fix it in 1.22 because globallock hasn't been introduced.

Fix 
Fix 
Fix 
2024-09-12 03:11:03 +00:00
Giteabot
b3af359cc6
Fix /repos/{owner}/{repo}/pulls/{index}/files endpoint not populating previous_filename () ()
Backport  by @charles-plutohealth

---
`status == "rename"` should have read `status == "renamed"`. The typo
means that file.PreviousFilename would never be populated, which e.g.
breaks usage of the Github Action at
https://github.com/dorny/paths-filter.

Co-authored-by: charles-plutohealth <143208583+charles-plutohealth@users.noreply.github.com>
2024-09-12 08:58:43 +09:00
Giteabot
0629c08a6d
Support allowed hosts for migrations to work with proxy () ()
Backport  by @wolfogre

Fix . Follow .

After this PR, all usage of "new dial context" needs to provide a proxy,
so I dropped the old `NewDialContext` and renamed
`NewDialContextWithProxy` to `NewDialContext`.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-09-11 14:54:19 +08:00
Giteabot
54d828f8ec
Increase cacheContextLifetime to reduce false reports () ()
Backport  by @wolfogre

Replace .

To prevent the context cache from being misused for long-term work
(which would result in using invalid cache without awareness), the
context cache is designed to exist for a maximum of 10 seconds. This
leads to many false reports, especially in the case of slow SQL.

This PR increases it to 5 minutes to reduce false reports.

5 minutes is not a very safe value, as a lot of changes may have
occurred within that time frame. However, as far as I know, there has
not been a case of misuse of context cache discovered so far, so I think
5 minutes should be OK.

Please note that after this PR, if warning logs are found again, it
should get attention, at that time it can be almost 100% certain that it
is a misuse.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-09-11 11:14:40 +08:00
Lunny Xiao
6d4dfcd187
Upgrade cache to v0.2.1 () ()
Fix 
Backport 
2024-09-07 21:44:28 +00:00
Giteabot
f7f4256c82
Use forum.gitea.com instead of old URL () ()
Backport  by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-07 03:47:23 +08:00
Lunny Xiao
5e36e9f5a7
Add changelog for 1.22.2 () 2024-09-06 00:16:54 +08:00
Giteabot
b39aa8528b
Fix nuget/conan/container packages upload bugs () ()
Backport  by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-05 07:34:41 +00:00
Lunny Xiao
244fb11c6b
Replace v-html with v-text in search inputbox () () ()
Backport , 
Cherry-pick 30da734f37,
74b1c589c6
Replace 

---------

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
2024-09-05 01:59:57 +00:00
Lunny Xiao
9c990ac043
Add lock for parallel maven upload ()
Backport  
Fix 
2024-09-03 14:33:28 +08:00
Lunny Xiao
d3b0bc22c0
Fix index too many file names bug () ()
Try to fix 
Fix  
Backport 
2024-09-03 01:15:30 +00:00
Giteabot
6f5748c507
Prevent update pull refs manually and will not affect other refs update () ()
Backport  by @lunny

All refs under `refs/pull` should only be changed from Gitea inside but
not by pushing from outside of Gitea.
This PR will prevent the pull refs update but allow other refs to be
updated on the same pushing with `--mirror` operations.

The main changes are to add checks on `update` hook but not
`pre-receive` because `update` will be invoked by every ref but
`pre-receive` will revert all changes once one ref update fails.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-02 18:28:00 +08:00
yp05327
cc1520221a
Fix sort order for organization home and user profile page () ()
Backport 
2024-09-02 07:58:18 +00:00
Giteabot
b5500cded1
Fix 500 error when state params is set when editing issue/PR by API () ()
Backport  by @yp05327

A quick fix for 

Co-authored-by: yp05327 <576951401@qq.com>
2024-09-01 18:38:10 +00:00
Lunny Xiao
0de69c26ec
Upgrade micromatch to 4.0.8 ()
backport 
2024-08-30 10:36:49 +08:00
silverwind
24e8825f1f
Update webpack to 5.94.0 ()
Update webpack on v1.22 branch because of
https://github.com/go-gitea/gitea/security/dependabot/70.
2024-08-29 16:10:25 +00:00
Giteabot
1d98d4e69a
Fix search team () ()
Backport  by @lunny

Fix 

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-30 00:05:21 +08:00
Giteabot
b140f647fc
Remove "dsa-1024" testcases from Test_SSHParsePublicKey and Test_calcFingerprint () ()
Backport  by @s4uliu5

DSA is considered inherently insecure and is already disabled/removed in
OpenSSH 9.8.

Therefore "dsa-1024" tescases are failing.

```
--- FAIL: Test_calcFingerprint (0.02s)
    --- FAIL: Test_calcFingerprint/dsa-1024 (0.00s)
        --- FAIL: Test_calcFingerprint/dsa-1024/SSHKeygen (0.00s)
            ssh_key_test.go:196:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:196
                        Error:          Received unexpected error:
                                        Unable to verify key content [result: /tmp/gitea_keytest1239408114 is not a public key file.
                                        ]
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
            ssh_key_test.go:197:
                        Error Trace:    /src/gitea/models/asymkey/ssh_key_test.go:197
                        Error:          Not equal:
                                        expected: "SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc"
                                        actual  : ""

                                        Diff:
                                        --- Expected
                                        +++ Actual
                                        @@ -1 +1 @@
                                        -SHA256:fSIHQlpKMDsGPVAXI8BPYfRp+e2sfvSt1sMrPsFiXrc
                                        +
                        Test:           Test_calcFingerprint/dsa-1024/SSHKeygen
FAIL
```

Fix 

Co-authored-by: Saulius Gurklys <s4uliu5@gmail.com>
2024-08-25 20:39:00 +08:00
Lunny Xiao
e060ae88e5
Don't return 500 if mirror url contains special chars () ()
Backport 
2024-08-22 00:10:50 +08:00
Lunny Xiao
d9c65c9a52
Upgrade bleve to 2.4.2 ()
backport 
2024-08-21 05:13:59 +00:00
Lunny Xiao
96de5c2a9f
bug fix for translation in ru ()
Fix 
2024-08-21 10:01:36 +08:00
Giteabot
e536d18fe5
Refactor the usage of batch catfile () ()
Backport  by @lunny

When opening a repository, it will call `ensureValidRepository` and also
`CatFileBatch`. But sometimes these will not be used until repository
closed. So it's a waste of CPU to invoke 3 times git command for every
open repository.

This PR removed all of these from `OpenRepository` but only kept
checking whether the folder exists. When a batch is necessary, the
necessary functions will be invoked.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-21 01:55:14 +08:00
Giteabot
a0d1630700
Fix agit automerge () ()
Backport  by @lunny

Fix 

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-20 16:20:58 +00:00
Giteabot
0affb5c775
add CfTurnstileSitekey context data to all captcha templates () ()
Backport  by @bohde

In the OpenID flows, the "CfTurnstileSitekey" wasn't populated, which
caused those flows to fail if using Turnstile as the Captcha
implementation.

This adds the missing context variables, allowing Turnstile to be used
in the OpenID flows.

Co-authored-by: Rowan Bohde <rowan.bohde@gmail.com>
2024-08-20 14:45:08 +00:00
Giteabot
3913ef69d5
Fix actions notify bug () ()
Backport  by @lunny

Try to fix
https://github.com/go-gitea/gitea/issues/31757#issuecomment-2295131062

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-20 02:14:29 +08:00
sillyguodong
5d2afc6e4f
fix the component of access token list not mounted () () 2024-08-19 12:56:17 -04:00
Giteabot
fe9a631939
Fix overflowing content in action run log () ()
Backport  by @Adrian-Hirt

When a long line with characters such as dots is returned by a step in
an action (e.g. by the output of the Ruby on Rails test runner), it
overflows the log container, causing the page to scroll sideways (see
first screenshot):


![before](https://github.com/user-attachments/assets/d71a8446-2c81-42d7-ad20-92514884365a)

This PR adds the CSS `overflow-wrap: anywhere;` to the
`.job-step-section .job-step-logs .job-log-line .log-msg` selector,
which causes such lines to wrap as well (see second screenshot in which
the line wraps nicely):


![after](https://github.com/user-attachments/assets/ba9abaec-dc0b-4fab-8129-b9341d4bf784)

Co-authored-by: Adrian Hirt <13788379+Adrian-Hirt@users.noreply.github.com>
2024-08-18 08:34:05 +08:00
Giteabot
3fe1f73268
Fix raw wiki links () ()
Backport  by @Zettat123

Fix 

This regression is introduced by . To find out how GitHub handles
this case, I did [some
tests](https://github.com/go-gitea/gitea/issues/31395#issuecomment-2278929115).

I use redirect in this PR instead of checking if the corresponding `.md`
file exists when rendering the link because GitHub also uses redirect.
With this PR, there is no need to resolve the raw wiki link when
rendering a wiki page. If a wiki link points to a raw file, access will
be redirected to the raw link.

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-17 03:19:26 +00:00
Giteabot
1cf8f69b38
Avoid returning without written ctx when posting PR () ()
Backport  by @wolfogre

Fix .

If `pull_service.NewPullRequest` return an error which misses each `if`
check, `CompareAndPullRequestPost` will return immediately, since it
doesn't write the HTTP response, a 200 response with empty body will be
sent to clients.

```go
	if err := pull_service.NewPullRequest(ctx, repo, pullIssue, labelIDs, attachments, pullRequest, assigneeIDs); err != nil {
		if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) {
			ctx.Error(http.StatusBadRequest, "UserDoesNotHaveAccessToRepo", err.Error())
		} else if git.IsErrPushRejected(err) {
			// ...
			ctx.JSONError(flashError)
		} else if errors.Is(err, user_model.ErrBlockedUser) {
			// ...
			ctx.JSONError(flashError)
		} else if errors.Is(err, issues_model.ErrMustCollaborator) {
			// ...
			ctx.JSONError(flashError)
		}
		return
	}
```

Not sure what kind of error can cause it to happen, so this PR just
expose it. And we can fix it when users report that creating PRs failed
with error responses.

It's all my guess since I cannot reproduce the problem, but even if it's
not related, the code here needs to be improved.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-16 13:50:12 -04:00
Giteabot
771fb453a1
Add missing repository type filter parameters to pager () ()
Backport  by @yp05327

Fix 

ps: the newly added params's value will be changed.
When the first time you selected the filter, the values of params will
be `0` or `1`
But in pager it will be `true` or `false`.
So do we have `boolToInt` function?

Co-authored-by: yp05327 <576951401@qq.com>
2024-08-16 20:41:45 +08:00
Giteabot
5fa90ad9bc
Fix panic of ssh public key page after deletion of auth source () ()
Backport  by @lunny

Fix  

This PR rewrote the function `PublicKeysAreExternallyManaged` with a
simple test. The new function removed the loop to make it more readable.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-16 01:50:57 +08:00
Giteabot
b6ede69a1b
Fixes for unreachable project issues when transfer repository from organization () ()
Backport  by @emrebdr

When transferring repositories that have issues linked to a project
board to another organization, the issues remain associated with the
original project board. This causes the columns in the project board to
become bugged, making it difficult to move other issues in or out of the
affected columns. As a solution, I removed the issue relations since the
other organization does not have this project table.

Fix for 

Co-authored-by: Edip Emre Bodur <emrebdr29@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-14 09:57:23 +08:00
Giteabot
a3633b53d4
Scroll images in project issues separately from the remaining issue () ()
Backport  by @SimonPistache

As discussed in  & , when a card on a Project contains
images, they can overflow the card on its containing column. This aims
to fix this issue via snapping scrollbars.

---
Issue  is open to discussion as there should be room for
improvement.

Co-authored-by: Simon Priet <105607989+SimonPistache@users.noreply.github.com>
2024-08-13 10:43:48 +08:00
Giteabot
f6f2349f8c
Add :focus-visible style to buttons () ()
Backport  by @silverwind

Buttons now show a focus style via
[`:focus-visible`](https://developer.mozilla.org/en-US/docs/Web/CSS/:focus-visible)
when the browser deems the focus to be important, like for example when
the button is focused via keyboard navigation.

<img width="492" alt="Screenshot 2024-08-07 at 22 12 51"
src="https://github.com/user-attachments/assets/060568b1-1599-4c56-bafb-b36ebb1bec35">
<img width="479" alt="image"
src="https://github.com/user-attachments/assets/885f4e10-f496-47f0-8ae5-45827ded09f8">

Co-authored-by: silverwind <me@silverwind.io>
2024-08-12 12:41:13 +08:00