Commit Graph

16792 Commits

Author SHA1 Message Date
Giteabot
b7c944b9e4
Prevent anonymous container access if RequireSignInView is enabled (#28877) (#28882)
Backport #28877 by @KN4CK3R

Fixes #28875

If `RequireSignInView` is enabled, the ghost user has no access rights.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-01-22 01:44:38 +08:00
Giteabot
cf9a416d62
Fix migrate storage bug (#28830) (#28867)
Backport #28830 by @lunny

Fix #28728

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-21 16:32:06 +00:00
Giteabot
8c7bda8755
Fix incorrect PostgreSQL connection string for Unix sockets (#28865) (#28870)
Backport #28865 by @sdvcrx

Fix #28864

Co-authored-by: sdvcrx <memory.silentvoyage@gmail.com>
2024-01-21 16:06:34 +00:00
Giteabot
b7e32b2382
Avoid duplicate JS error messages on UI (#28873) (#28881)
Backport #28873 by wxiaoguang

Gitea treat JS errors seriously, so sometimes the JS errors caused by
3rdparty code (eg: browser extensions) would also be reported on Gitea
UI: TypeError: WeakMap key undefined (caused by extension DarkReader's
bug) #28861

To avoid fill the user's screen with a lot of error messages, this PR
merges the same error messages into one.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-21 15:40:26 +00:00
Giteabot
e3dfb512d6
Warn that DISABLE_QUERY_AUTH_TOKEN is false only if it's explicitly defined (#28783) (#28868)
Backport #28783 by @yardenshoham

So we don't warn on default behavior

- Fixes https://github.com/go-gitea/gitea/issues/28758
- Follows https://github.com/go-gitea/gitea/pull/28390

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
2024-01-21 15:21:22 +00:00
Giteabot
0d50f27469
Fix archive creating LFS hooks and breaking pull requests (#28848) (#28851)
Backport #28848 by @brechtvl

When LFS hooks are present in gitea-repositories, operations like git
push for creating a pull request fail. These repositories are not meant
to include LFS files or git push them, that is handled separately. And
so they should not have LFS hooks.

Installing git-lfs on some systems (like Debian Linux) will
automatically set up /etc/gitconfig to create LFS hooks in repositories.
For most git commands in Gitea this is not a problem, either because
they run on a temporary clone or the git command does not create LFS
hooks.

But one case where this happens is git archive for creating repository
archives. To fix that, add a GIT_CONFIG_NOSYSTEM=1 to disable using the
system configuration for that command.

According to a comment, GIT_CONFIG_NOSYSTEM is not used for all git
commands because the system configuration can be intentionally set up
for Gitea to use.

Resolves #19810, #21148

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2024-01-21 14:43:31 +00:00
Mihir Joshi
62f2d717b7
Fix reverting a merge commit failing (#28794) (#28825)
Backport https://github.com/go-gitea/gitea/pull/28794

Fixes #22236

---
Error occurring currently while trying to revert commit using read-tree
-m approach:
> 2022/12/26 16:04:43 ...rvices/pull/patch.go:240:AttemptThreeWayMerge()
[E] [63a9c61a] Unable to run read-tree -m! Error: exit status 128 -
fatal: this operation must be run in a work tree
> 	 - fatal: this operation must be run in a work tree

We need to clone a non-bare repository for `git read-tree -m` to work.


bb371aee6e
adds support to create a non-bare cloned temporary upload repository.

After cloning a non-bare temporary upload repository, we [set default
index](https://github.com/go-gitea/gitea/blob/main/services/repository/files/cherry_pick.go#L37)
(`git read-tree HEAD`).
This operation ends up resetting the git index file (see investigation
details below), due to which, we need to call `git update-index
--refresh` afterward.

Here's the diff of the index file before and after we execute
SetDefaultIndex: https://www.diffchecker.com/hyOP3eJy/

Notice the **ctime**, **mtime** are set to 0 after SetDefaultIndex.

You can reproduce the same behavior using these steps:
```bash
$ git clone https://try.gitea.io/me-heer/test.git -s -b main
$ cd test
$ git read-tree HEAD
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
error: Entry '1' not uptodate. Cannot merge.
```

After which, we can fix like this:
```bash
$ git update-index --refresh
$ git read-tree -m 1f085d7ed8 1f085d7ed8 9933caed00
```
2024-01-21 14:18:37 +00:00
Giteabot
89960c3dfb
tests: missing refs/ in bare repositories (#28844) (#28852)
Backport #28844 by @AdamMajer

Git 2.43.0 will not detect a git repository as valid without refs/
subdirectory present. `git gc` cleans this up and puts it in
packed-refs. We must keep refs/ non-empty.

Co-authored-by: Adam Majer <amajer@suse.de>
2024-01-19 15:39:21 +08:00
Giteabot
8b5c9186a5
Remove duplicated checkinit on git module (#28824) (#28831)
Backport #28824 by @lunny

`checkInit` has been invoked in `InitSimple`. So it's unnecessary to
invoke it twice in `InitFull`.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-17 10:16:33 +00:00
Yarden Shoham
8b4abb1719
Bump @github/relative-time-element to 4.3.1 (#28819) (#28826)
Backport #28819

- Fixes https://github.com/go-gitea/gitea/issues/28747

# Before

![image](https://github.com/go-gitea/gitea/assets/20454870/65d8dc84-680f-4c16-9aa1-b5986102e4e7)

# After

![image](https://github.com/go-gitea/gitea/assets/20454870/7cb288e7-ebde-4e94-a10a-cac28d6bdcfd)

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2024-01-17 17:52:06 +08:00
Lunny Xiao
f4923854f6
Add changelog for 1.21.4 (#28812) 2024-01-17 10:46:50 +08:00
Giteabot
d590607106
Render code block in activity tab (#28816) (#28818)
Backport #28816 by @JakobDev

This is a little bugfix. Inline code is usually rendered in issue
titles, but it is missing in the activity tab.

Before:
![Screenshot 2024-01-16 at 14-20-51
Test](https://github.com/go-gitea/gitea/assets/15185051/383370f3-0fb2-49de-81cc-014e5cf86727)
After:

![grafik](https://github.com/go-gitea/gitea/assets/15185051/83eaf973-ce9a-44ce-beea-2db49fc8bd73)

Co-authored-by: JakobDev <jakobdev@gmx.de>
2024-01-17 01:35:26 +01:00
Giteabot
4746291b08
Use refname:strip-2 instead of refname:short when syncing tags (#28797) (#28811)
Backport #28797 by @lunny

Fix #28694 

Generally, `refname:short` should be equal to `refname:lstrip=2` except
`core.warnAmbiguousRefs is used to select the strict abbreviation mode.`

ref:
https://git-scm.com/docs/git-for-each-ref#Documentation/git-for-each-ref.txt-refname

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-16 07:33:33 +00:00
KN4CK3R
022552d5b6
Rework markup link rendering (#26745) (#28803)
Backport #26745
Fixes #26548

This PR refactors the rendering of markup links. The old code uses
`strings.Replace` to change some urls while the new code uses more
context to decide which link should be generated.

The added tests should ensure the same output for the old and new
behaviour (besides the bug).

We may need to refactor the rendering a bit more to make it clear how
the different helper methods render the input string. There are lots of
options (resolve links / images / mentions / git hashes / emojis / ...)
but you don't really know what helper uses which options. For example,
we currently support images in the user description which should not be
allowed I think:

<details>
  <summary>Profile</summary>

https://try.gitea.io/KN4CK3R


![grafik](https://github.com/go-gitea/gitea/assets/1666336/109ae422-496d-4200-b52e-b3a528f553e5)

</details>
2024-01-16 02:13:29 +00:00
Giteabot
376fa0d8c4
Forbid removing the last admin user (#28337) (#28793)
Backport #28337 by @yp05327

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-16 01:51:46 +00:00
Giteabot
be541d9877
Fix links in issue card (#28806) (#28807)
Backport #28806 by @denyskon

Fixes_
https://github.com/go-gitea/gitea/issues/23318#issuecomment-1611086747

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
2024-01-16 09:30:07 +08:00
KN4CK3R
ae99233db0
Fix GetCommitStatuses (#28787) (#28804)
Backport #28787

Replaces #28802
2024-01-15 19:30:12 +01:00
Giteabot
cbf366643b
Use correct has error check for internal responses (#28796) (#28798)
Backport #28796 by @wxiaoguang

`resp != nil` doesn't mean the request really succeeded. Add a comment
for requestJSONResp to clarify the behavior.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-15 13:13:35 +01:00
Giteabot
df694f6a7d
Fix nil pointer panic when exec some gitea cli command (#28791) (#28795)
Backport #28791 by @yp05327

panic:

![image](https://github.com/go-gitea/gitea/assets/18380374/7fcde2ad-1d42-4b60-b120-3b60a8926e8e)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/49d9f0ca-e590-4a35-8ca2-1317d1b7c939)

Co-authored-by: yp05327 <576951401@qq.com>
2024-01-15 08:05:30 +00:00
Giteabot
84282c608c
Fix when private user following user, private user will not be counted in his own view (#28037) (#28792)
Backport #28037 by @yp05327

Doer: asdasasdasasdasasdasasdasasdasasdasasdas (private user)
Followed: TestUser (public user)

Before:
(From doer's view)

![image](https://github.com/go-gitea/gitea/assets/18380374/9ba16b3b-068c-43c5-a3dd-e3343b5b32f2)
(From followed user's view, can see doer)

![image](https://github.com/go-gitea/gitea/assets/18380374/dfd1b564-d689-4393-b3d3-1e6bf52c94ba)

After:
(From doer's view)

![image](https://github.com/go-gitea/gitea/assets/18380374/1c85c1d1-c9f7-40c8-948c-145f7cae9a04)

Co-authored-by: yp05327 <576951401@qq.com>
2024-01-15 15:07:10 +08:00
Chongyi Zheng
d1db2b7251
Update github.com/cloudflare/circl (#28789) (#28790)
Backport #28789

cloudflare/circl: https://github.com/advisories/GHSA-9763-4f94-gfch

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-15 13:19:18 +08:00
Giteabot
6493085aee
Speed up loading the dashboard on mysql/mariadb (#28546) (#28784)
Backport #28546 by @lunny

Fixes #28155

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-15 02:01:25 +00:00
Giteabot
fbf29f29b5
Modernize merge button (#28140) (#28786)
Backport #28140 by @earl-warren

- Make use of the `form-fetch-action` for the merge button, which will
automatically prevent the action from happening multiple times and show
a nice loading indicator as user feedback while the merge request is
being processed by the server.
- Adjust the merge PR code to JSON response as this is required for the
`form-fetch-action` functionality.
- Resolves https://codeberg.org/forgejo/forgejo/issues/774
- Likely resolves the cause of
https://codeberg.org/forgejo/forgejo/issues/1688#issuecomment-1313044

(cherry picked from commit 4ec64c19507caefff7ddaad722b1b5792b97cc5a)

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
2024-01-15 09:40:52 +08:00
Lunny Xiao
6e29242ebb
Fix schedule tasks bugs (#28691) (#28780)
Fix #28157
Backport #28691 

This PR fix the possible bugs about actions schedule.

- Move `UpdateRepositoryUnit` and `SetRepoDefaultBranch` from models to
service layer
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when actions unit has been disabled
or global disabled.
- Remove schedules plan from database and cancel waiting & running
schedules tasks in this repository when default branch changed.
2024-01-14 23:54:22 +01:00
Jack Hay
56e722f825
Require token for GET subscription endpoint (#28765) (#28778)
Backport #28765 for 1.21
2024-01-13 02:01:15 +00:00
Giteabot
80e564087d
Assign pull request to project during creation (#28227) (#28775)
Backport #28227 by @denyskon

When creating a pull request, allow directly assigning it to a project,
as it is already possible for issues.

After:


![grafik](https://github.com/go-gitea/gitea/assets/47871822/01dc2b3d-d56a-4053-b2fc-138725d7633a)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-12 21:53:16 +00:00
Giteabot
571822b6ec
Fix issue dependencies (#27736) (#28776)
Backport #27736 by @lng2020

Fix #27722 
Fix #27357
Fix #25837 
Fix #28732 
1. Fix the typo `BlockingByDependenciesNotPermitted`, which causes the
`not permitted message` not to show. The correct one is `Blocking` or
`BlockedBy`
2. Rewrite the perm check. The perm check uses a very tricky way to
avoid duplicate checks for a slice of issues, which is confusing. In
fact, it's also the reason causing the bug. It uses `lastRepoID` and
`lastPerm` to avoid duplicate checks, but forgets to assign the
`lastPerm` at the end of the code block. So I rewrote this to avoid this
trick.
![I U1AT{GNFY3
1HZ`6L{(2L](https://github.com/go-gitea/gitea/assets/70063547/79acd02a-a567-4316-ae0d-11c6461becf1)
3. It also reuses the `blocks` slice, which is even more confusing. So I
rewrote this too.

![UARFPXRGGZQFB7J$2`R}5_R](https://github.com/go-gitea/gitea/assets/70063547/f21cff0f-d9ac-4ce4-ae4d-adffc98ecd99)

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
2024-01-12 23:29:22 +02:00
Giteabot
2a0fbe23b8
Fix button size in "attached header right" (#28770) (#28774)
Backport #28770 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-12 15:04:19 +00:00
Giteabot
95901a99c0
Fix convert.ToTeams on empty input (#28426) (#28767)
Backport #28426 by @KN4CK3R

Fixes #28420

Don't return `nil` if the input was empty.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-01-12 07:12:18 +00:00
Giteabot
cb33623bb6
Require token for GET subscription endpoint (#28765) (#28768)
Backport #28765 by @jackHay22

Fixes  #28756

## Changes
- Require and check API token for `GET
/repos/{owner}/{repo}/subscription` in order to populate `ctx.Doer`.

Co-authored-by: Jack Hay <jack@allspice.io>
2024-01-12 14:51:27 +08:00
Giteabot
9f0c709637
Show description as tooltip instead of title for labels (#28754) (#28766)
Backport #28754 by @delvh

Follow GitHubs behavior of showing the label description as a tooltip
instead of the browser native title.

## Before

![grafik](https://github.com/go-gitea/gitea/assets/51889757/70448327-467b-4bee-b799-40a442a5ce16)


## After

![grafik](https://github.com/go-gitea/gitea/assets/51889757/abe7d700-148b-4cef-a487-6b0f8f20b212)

Co-authored-by: delvh <dev.lh@web.de>
2024-01-12 10:45:07 +08:00
Giteabot
5e9fd0ab5e
Hide code related setting options in repository when code unit is disabled (#28631) (#28749)
Backport #28631 by @lunny

Since #20805, code can be hidden.
However, the related settings are still shown even though they don't
have any meaning then.


https://github.com/go-gitea/gitea/assets/81045/5fdee54d-ac81-418a-82f7-eadff048cedd

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-01-11 04:31:24 +00:00
Giteabot
f220f4231a
Add -F to commit search to treat keywords as strings (#28744) (#28748)
Backport #28744 by @me-heer

Fixes #28269

The [default
behavior](https://git-scm.com/docs/git-log#Documentation/git-log.txt---basic-regexp)
of --grep in git log is to interpret the keyword as a regular
expression. This causes the search to fail in the cases where the search
keyword contains a `[`, since `[` is a special character used in grep.

If we want our keywords to be interpreted as 'strings', we should use
[-F
flag](https://git-scm.com/docs/git-log#Documentation/git-log.txt---basic-regexp).

Co-authored-by: Mihir Joshi <mihir67mj@gmail.com>
2024-01-10 21:29:01 +01:00
Giteabot
bce27d0a31
Concatenate error in checkIfPRContentChanged (#28731) (#28737)
Backport #28731 by @earl-warren

- If there's a error with the Git command in `checkIfPRContentChanged`
the stderr wasn't concatendated to the error, which results in still not
knowing why an error happend.
- Adds concatenation for stderr to the returned error.
- Ref: https://codeberg.org/forgejo/forgejo/issues/2077

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
2024-01-09 14:06:12 +00:00
Giteabot
12f418a7e8
Add download attribute to release attachments (#28739) (#28740)
Backport #28739 by @JakobDev

Fixes #28736

Co-authored-by: JakobDev <jakobdev@gmx.de>
2024-01-09 21:18:13 +08:00
wxiaoguang
9865aa2394
Suggest to use Type=simple for systemd service (#28717) (#28722)
Backport #28717 (only the gitea.service sample)

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-01-07 16:42:43 +01:00
Giteabot
def178ce32
Fix incorrect URL for "Reference in New Issue" (#28716) (#28723)
Backport #28716 by wxiaoguang

Gitea prefers to use relative URLs in code (to make multiple domain work
for some users)

So it needs to use `toAbsoluteUrl` to generate a full URL when click
"Reference in New Issues"

And add some comments in the test code

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-07 23:40:29 +08:00
Giteabot
2399b4d483
Avoid unnecessary 500 panic when a commit doesn't exist (#28719) (#28721)
Backport #28719 by wxiaoguang

In #26851, it assumed that `Commit` always exists when
`PageIsDiff==true`.

But for a 404 page, the `Commit` doesn't exist, so the following code
would cause panic because nil value can't be passed as string parameter
to `IsMultilineCommitMessage(string)` (or the StringUtils.Cut in later
PRs)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-07 10:40:30 +00:00
Giteabot
ad2cb9863c
Improve frontend guideline (#28711) (#28713) 2024-01-06 12:30:36 -05:00
Giteabot
7f833d8f71
Fix panic when parsing empty pgsql host (#28708) (#28709)
Backport #28708 by wxiaoguang

Regression of #27723
Fix #28705

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-01-06 20:05:49 +08:00
Giteabot
e67c819cf4
Fix wrapping of label list (#28684) (#28688)
Backport #28684 by @denyskon

Before:

![grafik](https://github.com/go-gitea/gitea/assets/47871822/2fbd7ef2-22ad-4515-9c66-81c29bfbb7a3)

After:

![grafik](https://github.com/go-gitea/gitea/assets/47871822/df86d1ae-03db-4543-834c-761859c367be)

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
2024-01-04 10:21:35 +08:00
wxiaoguang
83457805bb
Make template DateTime show proper tooltip (#28677) (#28683)
Backport #28677
2024-01-03 18:41:03 +08:00
Giteabot
3c79315cf2
Fix: system webhooks API bug (#28531) (#28666)
Backport #28531 by @pulltheflower

- Fix the bug about admin/hooks API that `GET /admin/hooks` can only
fetch system_hooks, `POST /admin/hooks` can only create default_hooks.

Co-authored-by: vincent <38434877+pulltheflower@users.noreply.github.com>
2023-12-31 12:53:09 +00:00
Giteabot
3e1bd61000
Fix alpine package files are not rebuilt (#28638) (#28665)
Backport #28638 by @lng2020

I noticed the `BuildAllRepositoryFiles` function under the Alpine folder
is unused and I thought it was a bug.
But I'm not sure about this. Was it on purpose?

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
2023-12-31 06:18:26 +00:00
Giteabot
18da3f8483
Upgrade xorm to new version which supported update join for all supported databases (#28590) (#28668)
Backport #28590 by @lunny

Fix https://github.com/go-gitea/gitea/pull/28547#issuecomment-1867740842

Since https://gitea.com/xorm/xorm/pulls/2383 merged, xorm now supports
UPDATE JOIN.
To keep consistent from different databases, xorm use
`engine.Join().Update`, but the actural generated SQL are different
between different databases.

For MySQL, it's `UPDATE talbe1 JOIN table2 ON join_conditions SET xxx
Where xxx`.

For MSSQL, it's `UPDATE table1 SET xxx FROM TABLE1, TABLE2 WHERE
join_conditions`.

For SQLITE per https://www.sqlite.org/lang_update.html, sqlite support
`UPDATE table1 SET xxx FROM table2 WHERE join conditions` from
3.33.0(2020-8-14).

POSTGRES is the same as SQLITE.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-12-31 13:57:36 +08:00
wxiaoguang
2165729d16
Avoid cycle-redirecting user/login page (#28636) (#28658)
Backport #28636

Fix #28231, and remove some unused code.
2023-12-30 20:50:08 +08:00
Giteabot
683b95f0da
fix empty ref for cron workflow runs (#28640) (#28647)
Backport #28640 by @denyskon

Fix #27678 
Please see
https://github.com/go-gitea/gitea/issues/27678#issuecomment-1871445853
for details.

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
2023-12-29 09:08:16 +00:00
Lunny Xiao
ff565a787f
Remove unnecessary syncbranchToDB with tests (#28624) (#28629)
Replace #28625

Backport #28624 by lunny

#28361 introduced `syncBranchToDB` in `CreateNewBranchFromCommit`. This
PR will revert the change because it's unnecessary. Every push will
already be checked by `syncBranchToDB`.
This PR also created a test to ensure it's right.
2023-12-29 08:47:02 +00:00
Giteabot
f7cca2a290
Improve document for ARTIFACT_RETENTION_DAYS (#28646) (#28648)
Backport #28646 by wxiaoguang

Follow #28626

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-12-29 15:39:59 +08:00
Giteabot
373e78895e
switch destination directory for apt signing keys (#28639) (#28642)
Backport #28639 by @denyskon

According to [Debian
docs](https://wiki.debian.org/DebianRepository/UseThirdParty):

> The certificate MUST NOT be placed in /etc/apt/trusted.gpg.d or loaded
by apt-key add.
> ...
> If future updates to the certificate will be managed by an apt/dpkg
package as recommended below, then it SHOULD be downloaded into
/usr/share/keyrings using the same filename that will be provided by the
package. If it will be managed locally , it SHOULD be downloaded into
/etc/apt/keyrings instead.
> ...
> A sources.list entry SHOULD have the signed-by option set.

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
2023-12-29 05:44:47 +00:00