]> source.dussan.org Git - gitea.git/log
gitea.git
3 years agoFix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15397)
Lunny Xiao [Sun, 11 Apr 2021 02:57:23 +0000 (10:57 +0800)]
Fix delete nonexist oauth application 500 and prevent deadlock (#15384) (#15397)

* Fix delete nonexist oauth application 500

* Fix test

* Close the session

* Fix more missed sess.Close

* Remove unnecessary blank line

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoShow diff on rename with diff changes (#15338) (#15340)
zeripath [Thu, 8 Apr 2021 19:35:47 +0000 (20:35 +0100)]
Show diff on rename with diff changes (#15338) (#15340)

Backport #15338

More recent versions of git have increased support for detection of renames meaning
that a rename with diff changes is now supported.

Although ParsePatch supports this - our templates do not and the simplest solution
is simply to show the diff.

Fix #15335

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoPrepend AppSubUrl to links for default avatar (#15341) (#15343)
zeripath [Thu, 8 Apr 2021 11:23:42 +0000 (12:23 +0100)]
Prepend AppSubUrl to links for default avatar (#15341) (#15343)

Backport #15341

Fix #15334

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoUpdate Changelog (#15322) v1.13.7
6543 [Wed, 7 Apr 2021 13:23:08 +0000 (15:23 +0200)]
Update Changelog (#15322)

* update

* next

3 years agoChangelog v1.13.7 (#15319)
6543 [Wed, 7 Apr 2021 08:12:44 +0000 (10:12 +0200)]
Changelog v1.13.7 (#15319)

3 years agoadd 'fonts' into 'KnownPublicEntries' (#15188) (#15317)
6543 [Wed, 7 Apr 2021 07:20:42 +0000 (09:20 +0200)]
add 'fonts' into 'KnownPublicEntries' (#15188) (#15317)

fix #15184

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoUpdate to bluemonday-1.0.6 (#15294) (#15298)
6543 [Tue, 6 Apr 2021 00:35:50 +0000 (02:35 +0200)]
Update to bluemonday-1.0.6 (#15294) (#15298)

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoAdd size to Save function (#15264) (#15271)
zeripath [Sun, 4 Apr 2021 16:04:36 +0000 (17:04 +0100)]
Add size to Save function (#15264) (#15271)

Backport #15264

This PR proposes an alternative solution to #15255 - just add the size to the
save function. Yes it is less apparently clean but it may be more correct.

Close #15255
Fix #15253

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoupdate golang libraries (#15258) (#15260)
techknowlogick [Sat, 3 Apr 2021 04:27:14 +0000 (00:27 -0400)]
update golang libraries (#15258) (#15260)

3 years agoresponse 404 for diff/patch of a commit that not exist (#15221) (#15238)
a1012112796 [Fri, 2 Apr 2021 03:30:14 +0000 (11:30 +0800)]
response 404 for diff/patch of a commit that not exist (#15221) (#15238)

* response 404 for diff/patch of a commit that not exist

fix #15217

Signed-off-by: a1012112796 <1012112796@qq.com>
* Update routers/repo/commit.go

Co-authored-by: silverwind <me@silverwind.io>
* use ctx.NotFound()

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoSpeed up `enry.IsVendor` (#15213) (#15246)
zeripath [Thu, 1 Apr 2021 22:50:12 +0000 (23:50 +0100)]
Speed up `enry.IsVendor` (#15213) (#15246)

Backport #15213

`enry.IsVendor` is kinda slow as it simply iterates across all regexps.
This PR ajdusts the regexps to combine them to make this process a
little quicker.

Related #15143

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoPrevent NPE in CommentMustAsDiff if no hunk header (#1519) (#15201)
zeripath [Thu, 1 Apr 2021 18:30:44 +0000 (19:30 +0100)]
Prevent NPE in CommentMustAsDiff if no hunk header (#1519) (#15201)

Backport #15199

I do not understand how this can happen or why.

There is an apparent possibility for a comment.Patch to be missing a hunk header
- this should not happen and do not understand how. But it appears to happen on
1.13 at least in some case.

This PR will simply add a new section if the cursection is empty
thus preventing the NPE.

Fix #15198

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoClusterfuzz found another way (#15160) (#15169)
zeripath [Fri, 26 Mar 2021 23:53:51 +0000 (23:53 +0000)]
Clusterfuzz found another way (#15160) (#15169)

Backport #15160

Clusterfuzz found another way so I found another way to stop it

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix wrong user returned in API (#15139) (#15150)
sotho [Fri, 26 Mar 2021 06:01:32 +0000 (07:01 +0100)]
Fix wrong user returned in API (#15139) (#15150)

* Fix wrong user returned in API (#15139)

The API call: GET /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments
returns always the reviewer, but should return the poster.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
* rm regression

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoChangelog v1.13.6 (#15129) v1.13.6
6543 [Tue, 23 Mar 2021 19:44:50 +0000 (20:44 +0100)]
Changelog v1.13.6 (#15129)

3 years agoFix bug on avatar middleware (#15125)
6543 [Tue, 23 Mar 2021 18:45:06 +0000 (19:45 +0100)]
Fix bug on avatar middleware (#15125)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoFix another clusterfuzz identified issue (#15096) (#15114)
zeripath [Mon, 22 Mar 2021 20:27:21 +0000 (20:27 +0000)]
Fix another clusterfuzz identified issue (#15096) (#15114)

Backport #15096

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agofix #15104 (#15106)
a1012112796 [Mon, 22 Mar 2021 19:15:44 +0000 (03:15 +0800)]
fix #15104 (#15106)

Signed-off-by: a1012112796 <1012112796@qq.com>
3 years agoFix markdown rendering in milestone content (#15056) (#15092)
silverwind [Sun, 21 Mar 2021 17:03:52 +0000 (18:03 +0100)]
Fix markdown rendering in milestone content (#15056) (#15092)

- Add missing markdown class for rendered markdown.
- Increase font size of milestone name in list.

Fixes: https://github.com/go-gitea/gitea/issues/15046
3 years agoPlace wrapper around comment as diff to catch panics (#15085) (#15086) v1.13.5
zeripath [Sun, 21 Mar 2021 15:16:07 +0000 (15:16 +0000)]
Place wrapper around comment as diff to catch panics (#15085) (#15086)

* Place wrapper around comment as diff to prevent panics

* propagate the panic up

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoChangelog v1.13.5 (#15084)
6543 [Sun, 21 Mar 2021 14:05:21 +0000 (15:05 +0100)]
Changelog v1.13.5 (#15084)

3 years agoUpdate to goldmark 1.3.3 (#15059) (#15061)
zeripath [Sat, 20 Mar 2021 10:31:28 +0000 (10:31 +0000)]
Update to goldmark 1.3.3 (#15059) (#15061)

Backport #15059

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix bug when upload on web (#15042) (#15055)
6543 [Sat, 20 Mar 2021 01:37:53 +0000 (02:37 +0100)]
Fix bug when upload on web (#15042) (#15055)

* Fix bug when upload on web

* move into own function

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoDelete Labels & IssueLabels on Repo Delete too (#15039) (#15051)
6543 [Fri, 19 Mar 2021 21:13:39 +0000 (22:13 +0100)]
Delete Labels & IssueLabels on Repo Delete too (#15039) (#15051)

* Doctor: find IssueLabels without existing label

* Repo Delete: delete labels & issue_labels too

3 years agoFix postgres ID sequences broken by recreate-table (#15015) (#15029)
zeripath [Fri, 19 Mar 2021 03:23:58 +0000 (03:23 +0000)]
Fix postgres ID sequences broken by recreate-table (#15015) (#15029)

Backport #15015

Unfortunately there is a subtle problem with recreatetable on postgres which
leads to the sequences not being renamed and not being left at 0.

Fix #14725

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoanother clusterfuzz spotted issue (#15032) (#15034)
6543 [Thu, 18 Mar 2021 22:21:33 +0000 (23:21 +0100)]
another clusterfuzz spotted issue (#15032) (#15034)

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoFix several render issues (#14986) (#15013)
zeripath [Wed, 17 Mar 2021 08:58:58 +0000 (08:58 +0000)]
Fix several render issues (#14986) (#15013)

Backport #14986

* Fix an issue with panics related to attributes
* Wrap goldmark render in a recovery function
* Reduce memory use in render emoji
* Use a pipe for rendering goldmark - still needs more work and a limiter

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoAPI: fix set milestone on PR creation (#14981) (#15001)
Norwin [Mon, 15 Mar 2021 15:01:04 +0000 (15:01 +0000)]
API: fix set milestone on PR creation (#14981) (#15001)

* API: fix set milestone on PR creation

pr creation via API failed with 404, because we searched
for milestoneID 0, due to uninitialized var usage D:

* add tests

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoMake sure sibling images get a link too (#14979) (#14995)
zeripath [Mon, 15 Mar 2021 04:34:56 +0000 (04:34 +0000)]
Make sure sibling images get a link too (#14979) (#14995)

Backport #14979

Due a problem with the ast.Walker in the our transformer in goldmark
an image with a sibling image will not be transformed to gain a parent
link. This PR fixes this.

Fix #12925

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix Anchor jumping with escaped query components (#14969) (#14977)
zeripath [Sat, 13 Mar 2021 09:54:53 +0000 (09:54 +0000)]
Fix Anchor jumping with escaped query components (#14969) (#14977)

Backport #14969

Fix #14968

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agocheck if original author is set (#14972)
Norwin [Sat, 13 Mar 2021 03:05:56 +0000 (03:05 +0000)]
check if original author is set (#14972)

Co-authored-by: 6543 <6543@obermui.de>
3 years agofix release mail html template (#14976)
Norwin [Fri, 12 Mar 2021 20:39:05 +0000 (20:39 +0000)]
fix release mail html template (#14976)

was missing an </a>

3 years agoFix excluding more than two labels on issues list (#14962) (#14973)
zeripath [Fri, 12 Mar 2021 17:12:14 +0000 (17:12 +0000)]
Fix excluding more than two labels on issues list (#14962) (#14973)

Backport #14962

Fix #14840

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Norwin Roosen <git@nroo.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
Co-authored-by: Norwin Roosen <git@nroo.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
3 years agoPrevent panic when editing forked repos by API (#14960) (#14963)
6543 [Fri, 12 Mar 2021 00:54:18 +0000 (01:54 +0100)]
Prevent panic when editing forked repos by API (#14960) (#14963)

When editing forked repos using the API the BaseRepository needs to loaded
in order to check its visibility otherwise there will be NPE panic.

Fix #14956

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoAdd "captcha" to list of reserved usernames (#14930)
fnetX (aka fralix) [Mon, 8 Mar 2021 16:50:13 +0000 (17:50 +0100)]
Add "captcha" to list of reserved usernames (#14930)

Signed-off-by: Otto Richter <git@fralix.ovh>
3 years agoRe-enable import local paths after reversion from #13610 (#14925) (#14927)
zeripath [Mon, 8 Mar 2021 13:50:57 +0000 (13:50 +0000)]
Re-enable import local paths after reversion from #13610 (#14925) (#14927)

Backport #14925

PR #13610 unfortunately disabled importing repositories from local paths.
This PR restores this functionality.

Fix #14700

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoChangelog v1.13.4 (#14917) v1.13.4
6543 [Sun, 7 Mar 2021 15:02:54 +0000 (16:02 +0100)]
Changelog v1.13.4 (#14917)

* Changelog v1.13.4

* nit

3 years agoFix race in LFS ContentStore.Put(...) (#14895) (#14913)
zeripath [Sat, 6 Mar 2021 22:53:37 +0000 (22:53 +0000)]
Fix race in LFS ContentStore.Put(...) (#14895) (#14913)

Backport #14895

Continuing on from #14888

The previous implementation has race whereby an incomplete upload or
hash mismatch upload can end up in the ContentStore. This PR moves the
validation into the reader so that if there is a hash error or size
mismatch the reader will return with an error instead of an io.EOF
causing the storage to abort the storage.

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix a couple of issues with a feeds (#14897) (#14903)
6543 [Sat, 6 Mar 2021 05:13:38 +0000 (06:13 +0100)]
Fix a couple of issues with a feeds (#14897) (#14903)

Backport (#14897)

witch fix couple of issues with feeds

3 years agoFix race in local storage (#14888) (#14901)
6543 [Sat, 6 Mar 2021 04:07:03 +0000 (05:07 +0100)]
Fix race in local storage (#14888) (#14901)

LocalStorage should only put completed files in position

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoWhen transfering repository and database transaction failed, rollback the renames...
6543 [Sat, 6 Mar 2021 03:12:11 +0000 (04:12 +0100)]
When transfering repository and database transaction failed, rollback the renames (#14864) (#14902)

Fix #14821

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
3 years agoSigned-off-by: jolheiser <john.olheiser@gmail.com> (#14898) (#14899)
John Olheiser [Fri, 5 Mar 2021 21:54:01 +0000 (15:54 -0600)]
Signed-off-by: jolheiser <john.olheiser@gmail.com> (#14898) (#14899)
3 years ago[Docs] Fix how lfs data path is set (#14855) (#14884)
6543 [Thu, 4 Mar 2021 21:10:15 +0000 (22:10 +0100)]
[Docs] Fix how lfs data path is set (#14855) (#14884)

* fix docs: lfs data path

* DEPRECATED | 已废弃

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoIsUserAllowedToUpdate should igonre if user is nil (#14886)
6543 [Thu, 4 Mar 2021 20:28:28 +0000 (21:28 +0100)]
IsUserAllowedToUpdate should igonre if user is nil (#14886)

3 years agoAdd changelog for v1.13.3 (#14877) v1.13.3
Lunny Xiao [Thu, 4 Mar 2021 14:42:57 +0000 (22:42 +0800)]
Add changelog for v1.13.3 (#14877)

Add changelog for v1.13.3

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
3 years agoFix paging of file commit logs (#14831) (#14879)
zeripath [Thu, 4 Mar 2021 11:53:28 +0000 (11:53 +0000)]
Fix paging of file commit logs (#14831) (#14879)

Backport #14831

Unfortunately `git log revision ... --skip=x -- path` skips the number of commits
not the number of commits relating to the path.

This PR changes the function to have a reader that reads and skips the
necessary number of commits by hand instead.

Fix #8716

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoPrint usefull error if SQLite is used in settings but not supported (#14476) (#14874)
6543 [Wed, 3 Mar 2021 21:54:32 +0000 (22:54 +0100)]
Print usefull error if SQLite is used in settings but not supported (#14476) (#14874)

* move log output to points where they are relefant

* check explicit of sqlite3 in settings

3 years agoFix display since time round (#14226) (#14873)
zeripath [Wed, 3 Mar 2021 21:17:34 +0000 (21:17 +0000)]
Fix display since time round (#14226) (#14873)

Backport #14226

* Fix display since time round

* Fix since time

* Fix tests

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoWhen Deleting Repository only explicitly close PRs whose base is not this repository...
zeripath [Tue, 2 Mar 2021 13:44:14 +0000 (13:44 +0000)]
When Deleting Repository only explicitly close PRs whose base is not this repository (#14823) (#14842)

Backport #14823

When Deleting Repository only explicitly close PRs whose base is not this repository

Fix #14775

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoSet HCaptchaSiteKey on Link Account pages (#14834) (#14839)
zeripath [Mon, 1 Mar 2021 15:12:48 +0000 (15:12 +0000)]
Set HCaptchaSiteKey on Link Account pages (#14834) (#14839)

Backport #14834

When using HCaptcha on link account pages the site key needs to be passed
in. This PR ensures that HCaptchaSiteKey is set in the data.

Fix #14766

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix a couple of CommentAsPatch issues. (#14804) (#14820)
zeripath [Sun, 28 Feb 2021 13:19:51 +0000 (13:19 +0000)]
Fix a couple of CommentAsPatch issues.  (#14804) (#14820)

Backport #14804

* CutDiffAroundLine makes the incorrect assumption that `---` and `+++` always represent part of the header of a diff.

This PR adds a flag to its parsing to prevent this problem and adds a streaming parsing technique to CutDiffAroundLine using an io.pipe instead of just sending data to an unbounded buffer.

Fix #14711

* Handle unquoted comment patch files

When making comment patches unfortunately the patch does not always quote the filename
This makes the diff --git header ambiguous again.

This PR finally adds handling for ambiguity in to parse patch

Fix #14812

* Add in testing for no error

There is no way currently for CutDiffAroundLine in this test to cause an
error however, it should still be tested.

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoDisable broken OAuth2 providers at startup (#14802) (#14811)
zeripath [Fri, 26 Feb 2021 10:44:45 +0000 (10:44 +0000)]
Disable broken OAuth2 providers at startup (#14802) (#14811)

Backport #14802

Instead of causing a log.Fatal, we should handle broken OAuth2
providers by disabling them.

Fix #8930

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoRe-enable transfer repo back from org to user account (#14807)
6543 [Fri, 26 Feb 2021 09:08:09 +0000 (10:08 +0100)]
Re-enable transfer repo back from org to user account (#14807)

* re-enable transfer repo back from org to user account

* add test case

3 years agoBuild for only available darwin target (#14771) (#14798)
6543 [Thu, 25 Feb 2021 14:29:03 +0000 (15:29 +0100)]
Build for only available darwin target (#14771) (#14798)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoBackport: Repo Transfer permission checks (#14792) (#14794)
6543 [Thu, 25 Feb 2021 07:49:27 +0000 (08:49 +0100)]
Backport: Repo Transfer permission checks (#14792) (#14794)

* Backport: Repo Transfer permission checks (#14792)

* update tests

3 years agoFix double alert in oauth2 application edit view (#14764) (#14768)
a1012112796 [Mon, 22 Feb 2021 23:22:49 +0000 (07:22 +0800)]
Fix double alert in oauth2 application edit view (#14764) (#14768)

Signed-off-by: a1012112796 <1012112796@qq.com>
3 years agoFix broken spans in diffs (#14678) (#14683)
zeripath [Sun, 14 Feb 2021 23:30:07 +0000 (23:30 +0000)]
Fix broken spans in diffs (#14678) (#14683)

Backport #14678

Gitea runs diff on highlighted code fragment for each line in order to
provide code highlight diffs. Unfortunately this diff algorithm is not
aware that span tags and entities are atomic and cannot be split.

The current fixup code makes some attempt to fix these broken tags
however, it cannot handle situations where a tag is split over multiple
blocks.

This PR provides a more algorithmic fixup mechanism whereby spans and
entities are completely coalesced into their respective blocks.

This may result in a incompletely reduced diff but - it will definitely
prevent the broken entities and spans that are currently possible.

As a result of this fixup several inconsistencies were discovered in our
testcases and these were also fixed.

Fix #14231

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoHasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)
zeripath [Sun, 14 Feb 2021 22:44:26 +0000 (22:44 +0000)]
HasPreviousCommit causes recursive load of commits unnecessarily (#14598) (#14649)

This PR improves HasPreviousCommit to prevent the automatic and recursive loading
of previous commits using git merge-base --is-ancestor and git rev-list

Fix #13684

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoPrevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)
zeripath [Sun, 14 Feb 2021 00:50:50 +0000 (00:50 +0000)]
Prevent race in PersistableChannelUniqueQueue.Has (#14651) (#14676)

Backport #14651

There is potentially a race with a slow starting internal
queue causing a NPE if Has is checked before the internal
queue has been setup.

This PR adds a lock on the Has() fn.

Fix #14311

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoTurn default hash password algorightm back to pbkdf2 from argon2 until we found a...
Lunny Xiao [Sat, 13 Feb 2021 20:19:33 +0000 (04:19 +0800)]
Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one (#14673) (#14675)

* Turn default hash password algorightm back to pbkdf2 from argon2 until we found a better one

* Add a warning on document

Co-authored-by: zeripath <art27@cantab.net>
3 years agoAllow org labels to be set with issue templates (#14593) (#14647)
zeripath [Sat, 13 Feb 2021 18:34:47 +0000 (18:34 +0000)]
Allow org labels to be set with issue templates (#14593) (#14647)

Backport #14593

Fix #13688

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoDo not assume all 40 char strings are SHA1s (#14624) (#14648)
zeripath [Sat, 13 Feb 2021 17:25:47 +0000 (17:25 +0000)]
Do not assume all 40 char strings are SHA1s (#14624) (#14648)

Backport #14624

GetCommit() assumes that all 40 char strings are SHA1s. This leads to an
error if you try to do a PR on a branch which is 40 characters long.

This PR attempts the SHA first - and if it fails will switch to using rev-parse.

Fix #14470

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoAccept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)
zeripath [Mon, 8 Feb 2021 01:25:30 +0000 (01:25 +0000)]
Accept multiple SSH keys in single LDAP SSHPublicKey attribute (#13989) (#14607)

Backport #13989

Fix #13984

Fix #14566

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)
6543 [Fri, 5 Feb 2021 21:11:15 +0000 (22:11 +0100)]
Fix bug about ListOptions and stars/watchers pagnation (#14556) (#14573)

* Fix bug about ListOptions and stars/watchers pagnation

* fix unit test

3 years agoFix GPG key deletion during account deletion (#14561) (#14569)
Anton Khimich [Thu, 4 Feb 2021 20:28:48 +0000 (15:28 -0500)]
Fix GPG key deletion during account deletion (#14561) (#14569)

Per #14531, deleting a user account will delete the user's GPG keys
from the `gpg_key` table but not from `gpg_key_import`, which causes
an error when creating an account with the same email and attempting
to re-add the same key. This commit deletes all entries from
`gpg_key_import` that match any GPG key IDs belonging to the user.

Co-authored-by: Anton Khimich <anton.khimicha@mail.utoronto.ca>
3 years agoChangelog v1.13.2 (#14535) v1.13.2
6543 [Mon, 1 Feb 2021 23:11:05 +0000 (00:11 +0100)]
Changelog v1.13.2 (#14535)

3 years agoconfigure internal ssh server w/ macs and ciphers, backport of #14523 (#14530)
Stefan [Sat, 30 Jan 2021 19:57:31 +0000 (20:57 +0100)]
configure internal ssh server w/ macs and ciphers, backport of #14523 (#14530)

3 years agoSet the name Mapper in migrations (#14526) (#14529)
6543 [Sat, 30 Jan 2021 19:47:11 +0000 (20:47 +0100)]
Set the name Mapper in migrations (#14526) (#14529)

Migrations currently uses the default Xorm mapper which is
not the same as the mapper Gitea actually uses.

This means that there is a difference between the struct
parsing and mapping to database tables in migrations as
compared to normal Sync2.

This was the cause for the catastrophic problem in v168 -
untagged fields are not mapped in the same way in migrations
as compared to outside of migrations.

This is also likely the cause of some weird subtle failures
in other migrations as any untagged field may not be being
mapped exactly the same way.

This PR suggests that we ensure that the mapper is set at
the start of the migrations code - but also enforces a strict
clean mapper between each migration.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoFix wiki preview (#14515)
Lunny Xiao [Fri, 29 Jan 2021 14:37:20 +0000 (22:37 +0800)]
Fix wiki preview (#14515)

Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoupdate code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)
6543 [Thu, 28 Jan 2021 15:14:57 +0000 (16:14 +0100)]
update code.gitea.io/sdk/gitea v0.13.1 -> v0.13.2 (#14497)

3 years agoChangeUserName: rename user files back on DB issue (#14447)
6543 [Sun, 24 Jan 2021 23:36:16 +0000 (00:36 +0100)]
ChangeUserName: rename user files back on DB issue (#14447)

3 years agoFix migration v141 (#14387) (#14388)
6543 [Sat, 23 Jan 2021 11:33:03 +0000 (12:33 +0100)]
Fix migration v141 (#14387) (#14388)

* Fix mig 141

* temporary fix dump

3 years agoensure timeout error is shown on u2f timeout (#14417) (#14431)
zeripath [Sat, 23 Jan 2021 04:11:57 +0000 (04:11 +0000)]
ensure timeout error is shown on u2f timeout (#14417) (#14431)

Backport #14417

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoFix lfs preview bug (#14428) (#14433)
6543 [Sat, 23 Jan 2021 02:55:52 +0000 (03:55 +0100)]
Fix lfs preview bug (#14428) (#14433)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years ago[Backport] Fix Deadlock & Delete affected reactions on comment deletion (#14392)...
6543 [Sat, 23 Jan 2021 02:03:29 +0000 (03:03 +0100)]
[Backport] Fix Deadlock & Delete affected reactions on comment deletion (#14392) (#14425)

* Enhance Ghost comment mitigation Settings (#14392)

* refactor models.DeleteComment and delete related reactions too

* use deleteComment for UserDeleteWithCommentsMaxDays in DeleteUser

* Resolve Fixme & fix potential deadlock

* rm refactor

* make diff eaven less

3 years agoPrevent panic on fuzzer provided string (#14405) (#14409) 14430/head
6543 [Wed, 20 Jan 2021 18:47:30 +0000 (19:47 +0100)]
Prevent panic on fuzzer provided string (#14405) (#14409)

* Prevent panic on fuzzer provided string

The fuzzer has found that providing a <body> tag with an attribute to
PostProcess causes a panic. This PR removes any rendered html or body
tags from the output.

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Placate lint

* placate lint again

Signed-off-by: Andrew Thornton <art27@cantab.net>
* minor cleanup

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoUse path not filepath in routers/editor (#14390) (#14396)
6543 [Tue, 19 Jan 2021 09:00:13 +0000 (10:00 +0100)]
Use path not filepath in routers/editor (#14390) (#14396)

The incorrect use of filepath instead of path means that
it is possible to cause a stackoverflow on Windows

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoRemoved invalid form tag (#14391) (#14395)
6543 [Tue, 19 Jan 2021 05:12:04 +0000 (06:12 +0100)]
Removed invalid form tag (#14391) (#14395)

introduced by #5073

Co-authored-by: KN4CK3R <KN4CK3R@users.noreply.github.com>
3 years agoCheck if label template exist first (#14384) (#14389)
6543 [Mon, 18 Jan 2021 22:27:33 +0000 (23:27 +0100)]
Check if label template exist first (#14384) (#14389)

3 years agocheck release publisher exists (#14375)
Norwin [Mon, 18 Jan 2021 13:14:27 +0000 (13:14 +0000)]
check release publisher exists (#14375)

fixes #14365
was silently fixed in the feature PR #12096 for v1.14

3 years agoUse Request.URL.RequestURI() for fcgi (#14312) (#14347)
Kyungmin Bae [Fri, 15 Jan 2021 12:26:45 +0000 (21:26 +0900)]
Use Request.URL.RequestURI() for fcgi (#14312) (#14347)

Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoUse ServerError provided by Context (#14333) (#14345)
Lunny Xiao [Fri, 15 Jan 2021 09:36:30 +0000 (17:36 +0800)]
Use ServerError provided by Context (#14333) (#14345)

... instead of InternalServerError by macaron

3 years agoFix edit-label form init (#14337)
Norwin [Thu, 14 Jan 2021 13:03:16 +0000 (13:03 +0000)]
Fix edit-label form init (#14337)

3 years agofix mailIssueCommentBatch for pull request (#14252) (#14296)
a1012112796 [Mon, 11 Jan 2021 00:46:19 +0000 (08:46 +0800)]
fix mailIssueCommentBatch for pull request (#14252) (#14296)

fix #14250

Signed-off-by: a1012112796 <1012112796@qq.com>
3 years agoAdd secure/httpOnly attributes to the lang cookie (#14279) (#14280)
6543 [Thu, 7 Jan 2021 14:35:02 +0000 (15:35 +0100)]
Add secure/httpOnly attributes to the lang cookie (#14279) (#14280)

* Add secure/httpOnly attributes to the lang cookie (#9690) (#14279)

* apply to InitLocales() too

Co-authored-by: Timo Gurr <timo.gurr@gmail.com>
3 years agoRender links for commit hashes followed by comma (#14224) (#14227)
Nuno Silva [Sun, 3 Jan 2021 16:58:39 +0000 (16:58 +0000)]
Render links for commit hashes followed by comma (#14224) (#14227)

Regex test cases: https://regex101.com/r/mVbPxM/2/

fixes #14223

3 years agoSend notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)
Jimmy Praet [Sun, 3 Jan 2021 13:44:40 +0000 (14:44 +0100)]
Send notifications for mentions in pulls, issues, (code-)comments (#14218) (#14221)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoFix avatar bugs (#14217) (#14220)
6543 [Sun, 3 Jan 2021 01:21:39 +0000 (01:21 +0000)]
Fix avatar bugs (#14217) (#14220)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoEnsure that schema search path is set with every connection on postgres (#14131)...
zeripath [Sat, 2 Jan 2021 17:58:53 +0000 (17:58 +0000)]
Ensure that schema search path is set with every connection on postgres (#14131) (#14216)

Backport #14131

Unfortunately every connection to postgres requires that the search path is
set appropriately.

This PR shadows the postgres driver to ensure that as soon as a connection
is open, the search_path is set appropriately.

Fix #14088

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix dashboard issues labels filter bug (#14210) (#14214)
Lunny Xiao [Sat, 2 Jan 2021 17:08:04 +0000 (01:08 +0800)]
Fix dashboard issues labels filter bug (#14210) (#14214)

3 years agoWhen visit /favicon.ico but the static file is not exist return 404 but not continue...
Lunny Xiao [Sat, 2 Jan 2021 10:52:36 +0000 (18:52 +0800)]
When visit /favicon.ico but the static file is not exist return 404 but not continue to handle the route (#14211) (#14213)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agofix branch selector on new issue page (#14194) (#14207)
a1012112796 [Fri, 1 Jan 2021 14:14:49 +0000 (22:14 +0800)]
fix branch selector on new issue page (#14194) (#14207)

fix #14185

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoCheck for notExist on profile repository page (#14197) (#14203)
zeripath [Thu, 31 Dec 2020 13:03:56 +0000 (13:03 +0000)]
Check for notExist on profile repository page (#14197) (#14203)

Backport #14197

Fix #14189

3 years agoAdd changelog for v1.13.1 (#14172) v1.13.1
Lunny Xiao [Mon, 28 Dec 2020 17:36:22 +0000 (01:36 +0800)]
Add changelog for v1.13.1 (#14172)

* Add changelog for v1.13.1

* Update CHANGELOG.md

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Update CHANGELOG.md

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Update CHANGELOG.md

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoFix bug of link query order on markdown render (#14156) (#14171)
Lunny Xiao [Mon, 28 Dec 2020 17:08:55 +0000 (01:08 +0800)]
Fix bug of link query order on markdown render (#14156) (#14171)

* Fix bug of link query order on markdown render

* Fix bluemonday bug and fix one wrong test

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoMigration: drop too long repo topics (#14152) (#14155)
6543 [Sun, 27 Dec 2020 02:57:06 +0000 (02:57 +0000)]
Migration: drop too long repo topics (#14152) (#14155)

* Migration: drop to long repo topics

* Update modules/migrations/gitea_uploader.go

3 years agoFix escaping issue in diff (#14154)
zeripath [Sat, 26 Dec 2020 22:15:42 +0000 (22:15 +0000)]
Fix escaping issue in diff (#14154)

Ensure that linecontent is escaped before passing to template.HTML

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix creation OAuth2 auth source from CLI. (#14146)
Daniil Pankratov [Fri, 25 Dec 2020 12:02:52 +0000 (15:02 +0300)]
Fix creation OAuth2 auth source from CLI. (#14146)

Fix #8356

3 years agoEnsure that search term and page are not lost on adoption page-turn (#14133) (#14143)
zeripath [Thu, 24 Dec 2020 21:54:15 +0000 (21:54 +0000)]
Ensure that search term and page are not lost on adoption page-turn (#14133) (#14143)

Backport #14133

Fix #14111

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agomore test case for STORAGE_TYPE overrides (and fixes) (#14096) (#14104)
6543 [Tue, 22 Dec 2020 07:13:57 +0000 (07:13 +0000)]
more test case for STORAGE_TYPE overrides (and fixes) (#14096) (#14104)

Signed-off-by: 胡玮文 <huww98@outlook.com>
Co-authored-by: 胡玮文 <huww98@outlook.com>