]> source.dussan.org Git - gitea.git/log
gitea.git
7 weeks agoEnsure `GetCSRF` doesn't return an empty token (#32130)
Jason Song [Mon, 30 Sep 2024 02:28:09 +0000 (10:28 +0800)]
Ensure `GetCSRF` doesn't return an empty token (#32130)

Since page templates keep changing, some pages that contained forms with
CSRF token no longer have them.

It leads to some calls of `GetCSRF` returning an empty string, which
fails the tests. Like

https://github.com/go-gitea/gitea/blob/3269b04d61ffe6a7ce462cd05ee150e4491124e8/tests/integration/attachment_test.go#L62-L63

The test did try to get the CSRF token and provided it, but it was
empty.

7 weeks agoBump minio-go to latest version (#32156)
Manuel Valls Fernández [Mon, 30 Sep 2024 01:57:48 +0000 (03:57 +0200)]
Bump minio-go to latest version (#32156)

Current minio-go version has issues with S3 compatible storages like
Backblaze or Wasabi. This was fixed in
https://github.com/minio/minio-go/pull/1980 .

7 weeks agoChange the code search to sort results by relevance (#32134)
Bruno Sofiato [Sat, 28 Sep 2024 20:13:55 +0000 (17:13 -0300)]
Change the code search to sort results by relevance (#32134)

Resolves #32129

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
8 weeks ago[skip ci] Updated translations via Crowdin
GiteaBot [Sat, 28 Sep 2024 00:30:56 +0000 (00:30 +0000)]
[skip ci] Updated translations via Crowdin

8 weeks agoAdd pure SSH LFS support (#31516)
ConcurrentCrab [Fri, 27 Sep 2024 14:27:37 +0000 (19:57 +0530)]
Add pure SSH LFS support (#31516)

Fixes #17554
/claim #17554

Docs PR https://gitea.com/gitea/docs/pulls/49

To test, run pushes like: `GIT_TRACE=1` git push. The trace output
should mention "pure SSH connection".

8 weeks ago[skip ci] Updated translations via Crowdin
GiteaBot [Fri, 27 Sep 2024 00:31:00 +0000 (00:31 +0000)]
[skip ci] Updated translations via Crowdin

8 weeks agoDon't join repository when loading action table data (#32127)
Lunny Xiao [Thu, 26 Sep 2024 04:50:30 +0000 (12:50 +0800)]
Don't join repository when loading action table data (#32127)

8 weeks agoNotify the user when the file path contains leading or trailing spaces and fix the...
charles [Tue, 24 Sep 2024 19:06:52 +0000 (03:06 +0800)]
Notify the user when the file path contains leading or trailing spaces and fix the error message for invalid file names. (#31507)

close #31478

8 weeks agoFix wrong status of `Set up Job` when first step is skipped (#32120)
yp05327 [Tue, 24 Sep 2024 18:34:08 +0000 (03:34 +0900)]
Fix wrong status of `Set up Job` when first step is skipped (#32120)

Fix #32089

8 weeks agoFix bug when deleting a migrated branch (#32075)
Lunny Xiao [Tue, 24 Sep 2024 07:42:08 +0000 (15:42 +0800)]
Fix bug when deleting a migrated branch (#32075)

After migrating a repository with pull request, the branch is missed and
after the pull request merged, the branch cannot be deleted.

8 weeks agoInclude collaboration repositories on dashboard source/forks/mirrors list (#31946)
Lunny Xiao [Tue, 24 Sep 2024 07:12:06 +0000 (15:12 +0800)]
Include collaboration repositories on dashboard source/forks/mirrors list (#31946)

Fix #13489

In the original implementation, only `All` will display your owned and
collaborated repositories. For other filters like `Source`, `Mirrors`
and etc. will only display your owned repositories.

This PR removed the limitations. Now except `collbrations`, other
filters will always display your owned and collaborated repositories.

8 weeks agoDisplay head branch more comfortable on pull request view (#32000)
Lunny Xiao [Tue, 24 Sep 2024 04:14:57 +0000 (12:14 +0800)]
Display head branch more comfortable on pull request view (#32000)

This PR do some minor improvements for head branch display on pull
request view UI.

- [x] Remove the link if the head branch has been deleted with a
tooltip, so that users will not result in a 404 page
- [x] Display a label if this pull request is an agit based one.

![图片](https://github.com/user-attachments/assets/872f26b6-f1cf-4427-9e41-e3a5b176dfa4)

8 weeks agoTruncate commit message during Discord webhook push events (#31970)
Kemal Zebari [Tue, 24 Sep 2024 03:38:08 +0000 (20:38 -0700)]
Truncate commit message during Discord webhook push events (#31970)

Resolves #31668.

8 weeks agoFix template bug of pull request view (#32072)
Lunny Xiao [Tue, 24 Sep 2024 03:02:42 +0000 (11:02 +0800)]
Fix template bug of pull request view (#32072)

Caused by #31924

8 weeks agoAllow set branch protection in an empty repository (#32095)
Lunny Xiao [Tue, 24 Sep 2024 02:06:28 +0000 (10:06 +0800)]
Allow set branch protection in an empty repository (#32095)

8 weeks agoFix panic when cloning with wrong ssh format. (#32076)
Lunny Xiao [Tue, 24 Sep 2024 01:30:05 +0000 (09:30 +0800)]
Fix panic when cloning with wrong ssh format. (#32076)

8 weeks agoFix bug in getting merged pull request by commit (#32079)
Zettat123 [Tue, 24 Sep 2024 01:00:09 +0000 (09:00 +0800)]
Fix bug in getting merged pull request by commit (#32079)

8 weeks ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 24 Sep 2024 00:30:57 +0000 (00:30 +0000)]
[skip ci] Updated translations via Crowdin

8 weeks agouse rebuilt mssql-2017 image (#32109)
techknowlogick [Mon, 23 Sep 2024 20:54:20 +0000 (16:54 -0400)]
use rebuilt mssql-2017 image (#32109)

8 weeks agoFix Bug in Issue/pulls list (#32081)
cloudchamb3r [Mon, 23 Sep 2024 17:09:57 +0000 (02:09 +0900)]
Fix Bug in Issue/pulls list (#32081)

fix #32080

## After
### for opened issues
<img width="1199" alt="Screenshot 2024-09-19 at 6 29 31 PM"
src="https://github.com/user-attachments/assets/86cf48ad-5e4b-4dcb-8abe-4d7fd74e0aec">

### for closed issues
<img width="1208" alt="Screenshot 2024-09-19 at 6 29 37 PM"
src="https://github.com/user-attachments/assets/a16bc545-bfcf-49a4-be52-3e7334910482">

### for all issues
<img width="1340" alt="Screenshot 2024-09-20 at 12 07 12 PM"
src="https://github.com/user-attachments/assets/b2309c8f-e59d-44e9-ae3b-bf54e1196169">

2 months ago[skip ci] Updated licenses and gitignores
GiteaBot [Mon, 23 Sep 2024 00:31:34 +0000 (00:31 +0000)]
[skip ci] Updated licenses and gitignores

2 months agoFix rename branch permission bug (#32066)
Lunny Xiao [Sun, 22 Sep 2024 18:08:27 +0000 (02:08 +0800)]
Fix rename branch permission bug (#32066)

The previous implementation requires admin permission to rename branches
which should be write permission.

Fix #31993

2 months agoFix artifact v4 upload above 8MB (#31664)
ChristopherHX [Sun, 22 Sep 2024 11:01:09 +0000 (13:01 +0200)]
Fix artifact v4 upload above 8MB (#31664)

Multiple chunks are uploaded with type "block" without using
"appendBlock" and eventually out of order for bigger uploads.
8MB seems to be the chunk size

This change parses the blockList uploaded after all blocks to get the
final artifact size and order them correctly before calculating the
sha256 checksum over all blocks

Fixes #31354

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Sun, 22 Sep 2024 00:33:39 +0000 (00:33 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoAdd bin to Composer Metadata (#32099)
Jamie Schouten [Sat, 21 Sep 2024 22:42:17 +0000 (00:42 +0200)]
Add bin to Composer Metadata (#32099)

This PR addresses the missing `bin` field in Composer metadata, which
currently causes vendor-provided binaries to not be symlinked to
`vendor/bin` during installation.

In the current implementation, running `composer install` does not
publish the binaries, leading to issues where expected binaries are not
available.

By properly declaring the `bin` field, this PR ensures that binaries are
correctly symlinked upon installation, as described in the [Composer
documentation](https://getcomposer.org/doc/articles/vendor-binaries.md).

2 months agoFix wrong last modify time (#32102)
Lunny Xiao [Sat, 21 Sep 2024 21:56:25 +0000 (05:56 +0800)]
Fix wrong last modify time (#32102)

2 months agoFix upload maven pacakge parallelly (#31851)
Lunny Xiao [Sat, 21 Sep 2024 19:26:45 +0000 (03:26 +0800)]
Fix upload maven pacakge parallelly (#31851)

Use globallock for maven package uploads.

Thanks @tlusser for the test code.

Depends on ~#31813~

2 months agoRepo Activity: count new issues that were closed (#31776)
Timon van der Berg [Sat, 21 Sep 2024 18:57:01 +0000 (20:57 +0200)]
Repo Activity: count new issues that were closed (#31776)

I'm new to go and contributing to gitea, your guidance is much
appreciated.

This is meant to solve https://github.com/go-gitea/gitea/issues/13309

Previously, closed issues would not be shown under new issues in the
activity tab, even if they were newly created.

changes:
* Split out newlyCreatedIssues from issuesForActivityStatement to count
  both currently open and closed issues.
* Use a seperate function to count active issues to prevent
double-counting issues after the above change.

Result is that new issues that have been closed are shown both under
"new" and "closed".

Signed-off-by: Timon van der Berg <tmnvanderberg@gmail.com>
2 months agoCount typescript files as frontend for labeling (#32088)
Anbraten [Sat, 21 Sep 2024 18:26:36 +0000 (20:26 +0200)]
Count typescript files as frontend for labeling (#32088)

2 months agoUse camo.Always instead of camo.Allways (#32097)
Lunny Xiao [Sat, 21 Sep 2024 09:50:54 +0000 (17:50 +0800)]
Use camo.Always instead of camo.Allways (#32097)

Fix #31575

https://gitea.com/gitea/docs/pulls/73

2 months agoFix incorrect `/tokens` api (#32085)
KN4CK3R [Fri, 20 Sep 2024 19:00:39 +0000 (21:00 +0200)]
Fix incorrect `/tokens` api (#32085)

Fixes #32078

- Add missing scopes output.
- Disallow empty scope.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 months agoSet manual `tabindex`es on login page (#31689)
silverwind [Fri, 20 Sep 2024 15:27:19 +0000 (17:27 +0200)]
Set manual `tabindex`es on login page (#31689)

Fixes https://github.com/go-gitea/gitea/issues/31686.

A more elborate manual tabindex numbering could be done, but I think
it's not really worth the extra effort and such stuff could easily break
during refactors.

Includes another small tweak to un-stretch the`<a>` element so it's only
as large as it needs to be and this change also made the margin
unneeded.

2 months agoOnly use Host header from reverse proxy (#32060)
wxiaoguang [Fri, 20 Sep 2024 14:57:55 +0000 (22:57 +0800)]
Only use Host header from reverse proxy (#32060)

X-Forwarded-Host has many problems: non-standard, not well-defined
(X-Forwarded-Port or not), conflicts with Host header, it already caused
problems like #31907. So do not use X-Forwarded-Host, just use Host
header directly.

Official document also only uses `Host` header and never mentioned
others.

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Fri, 20 Sep 2024 00:29:58 +0000 (00:29 +0000)]
[skip ci] Updated translations via Crowdin

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 19 Sep 2024 00:30:35 +0000 (00:30 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoFix: database not update release when using `git push --tags --force` (#32040)
Exploding Dragon [Wed, 18 Sep 2024 20:15:03 +0000 (04:15 +0800)]
Fix: database not update release when using `git push --tags --force` (#32040)

link: https://codeberg.org/forgejo/forgejo/issues/4274
---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 months agoResolve duplicate local string key related to PR comments (#32073)
Kemal Zebari [Wed, 18 Sep 2024 19:46:41 +0000 (12:46 -0700)]
Resolve duplicate local string key related to PR comments (#32073)

A regression in #31924 caused there to be two `issues.review.comment`
keys in the English language locale file, leading to a problem when
reading PR review histories that contain comments.

This snapshot addresses this by making the newer key unique.

2 months agoRefactor CSRF protector (#32057)
wxiaoguang [Wed, 18 Sep 2024 07:17:25 +0000 (15:17 +0800)]
Refactor CSRF protector (#32057)

Remove unused CSRF options, decouple "new csrf protector" and "prepare"
logic, do not redirect to home page if CSRF validation falis (it
shouldn't happen in daily usage, if it happens, redirecting to home
doesn't help either but just makes the problem more complex for "fetch")

2 months agoAdd missing comment reply handling (#32050)
KN4CK3R [Tue, 17 Sep 2024 20:56:26 +0000 (22:56 +0200)]
Add missing comment reply handling (#32050)

Fixes #31937

- Add missing comment reply handling
- Use `onGiteaRun` in the test because the fixtures are not present
otherwise (did this behaviour change?)

Compare without whitespaces.

2 months agoFix CI (#32062)
Lunny Xiao [Tue, 17 Sep 2024 19:35:59 +0000 (03:35 +0800)]
Fix CI (#32062)

2 months agoLazy load avatar images (#32051)
hiifong [Tue, 17 Sep 2024 19:02:48 +0000 (03:02 +0800)]
Lazy load avatar images (#32051)

2 months agoIncluded tag search capabilities (#32045)
Bruno Sofiato [Tue, 17 Sep 2024 18:33:11 +0000 (15:33 -0300)]
Included tag search capabilities (#32045)

Resolves #31998

The first screenshot shows the tag page without any filter being
applied:

![image](https://github.com/user-attachments/assets/eac0e51c-9e48-42b2-bb1c-a25896ca40cb)

The second one, shows the page when the given filter returns no tag:

![image](https://github.com/user-attachments/assets/98df191e-1a7b-4947-b0ef-4987a0293c3e)

The last one shows a single tag being filtered:

![image](https://github.com/user-attachments/assets/79c7e05e-8c86-4f06-b17e-15818b7b9291)

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
2 months agoDo not escape relative path in RPM primary index (#32038)
KN4CK3R [Mon, 16 Sep 2024 21:10:33 +0000 (23:10 +0200)]
Do not escape relative path in RPM primary index (#32038)

Fixes #32021

Do not escape the relative path.

2 months agofeat(#31666): Set the columns height to hug all its contents (#31726)
Simon Pistache [Mon, 16 Sep 2024 20:41:46 +0000 (22:41 +0200)]
feat(#31666): Set the columns height to hug all its contents (#31726)

In Projects, columns heights are defined by the sum of all contents
height of the biggest column, rather than a fraction of the viewport
height. It default to 60vh when there is no cards to display.

Fix #31666

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Mon, 16 Sep 2024 00:31:40 +0000 (00:31 +0000)]
[skip ci] Updated translations via Crowdin

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Sun, 15 Sep 2024 00:34:01 +0000 (00:34 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoUse a common message template instead of a special one (#31878)
Lunny Xiao [Sat, 14 Sep 2024 17:17:49 +0000 (01:17 +0800)]
Use a common message template instead of a special one (#31878)

2 months agoCheck if the `due_date` is nil when editing issues (#32035)
Zettat123 [Sat, 14 Sep 2024 16:40:36 +0000 (00:40 +0800)]
Check if the `due_date` is nil when editing issues (#32035)

2 months agoHandle invalid target when creating releases using API (#31841)
Kemal Zebari [Thu, 12 Sep 2024 07:47:31 +0000 (00:47 -0700)]
Handle invalid target when creating releases using API (#31841)

A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on #31840.

2 months agoAdd option to filter board cards by labels and assignees (#31999)
Lauris BH [Thu, 12 Sep 2024 03:53:40 +0000 (06:53 +0300)]
Add option to filter board cards by labels and assignees (#31999)

Works in both organization and repository project boards

Fixes #21846

Replaces #21963
Replaces #27117

![image](https://github.com/user-attachments/assets/1837ace8-3de2-444f-a153-e166bd0da2c0)

**Note** that implementation was made intentionally to work same as in
issue list so that URL can be bookmarked for quick access with
predefined filters in URL

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 12 Sep 2024 00:30:02 +0000 (00:30 +0000)]
[skip ci] Updated translations via Crowdin

2 months ago Failed authentications are logged to level Warning (#32016)
Daniel [Wed, 11 Sep 2024 17:58:45 +0000 (19:58 +0200)]
 Failed authentications are logged to level Warning (#32016)

PR for issue #31968
Replaces PR #31983 to comply with gitea's error definition

Failed authentications are now logged to level `Warning` instead of
`Info`.

2 months agoFix `/repos/{owner}/{repo}/pulls/{index}/files` endpoint not populating `previous_fil...
charles-plutohealth [Wed, 11 Sep 2024 17:29:27 +0000 (13:29 -0400)]
Fix `/repos/{owner}/{repo}/pulls/{index}/files` endpoint not populating `previous_filename` (#32017)

---
`status == "rename"` should have read `status == "renamed"`. The typo
means that file.PreviousFilename would never be populated, which e.g.
breaks usage of the Github Action at
https://github.com/dorny/paths-filter.

2 months agoSupport allowed hosts for migrations to work with proxy (#32025)
Jason Song [Wed, 11 Sep 2024 05:47:00 +0000 (13:47 +0800)]
Support allowed hosts for migrations to work with proxy (#32025)

2 months agoSupport migration from AWS CodeCommit (#31981)
Zettat123 [Tue, 10 Sep 2024 23:49:42 +0000 (07:49 +0800)]
Support migration from AWS CodeCommit (#31981)

This PR adds support for migrating repos from [AWS
CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html).

The access key ID and secret access key are required to get repository
information and pull requests. And [HTTPS Git
credentials](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html)
are required to clone the repository.

<img
src="https://github.com/user-attachments/assets/82ecb2d0-8d43-42b0-b5af-f5347a13b9d0"
width="680" />

The AWS CodeCommit icon is from [AWS Architecture
Icons](https://aws.amazon.com/architecture/icons/).

<img
src="https://github.com/user-attachments/assets/3c44d21f-d753-40f5-9eae-5d3589e0d50d"
width="320" />

2 months agobump to go 1.23 (#31855)
techknowlogick [Tue, 10 Sep 2024 02:23:07 +0000 (22:23 -0400)]
bump to go 1.23 (#31855)

2 months agoEnable compression for Actions logs by default (#32013)
Jason Song [Mon, 9 Sep 2024 21:34:42 +0000 (05:34 +0800)]
Enable compression for Actions logs by default (#32013)

Close #31801. Follow #31761.

Since there are so many benefits of compression and there are no reports
of related issues after weeks, it should be fine to enable compression
by default.

2 months agoSave initial signup information for users to aid in spam prevention (#31852)
techknowlogick [Mon, 9 Sep 2024 21:05:16 +0000 (17:05 -0400)]
Save initial signup information for users to aid in spam prevention (#31852)

This will allow instance admins to view signup pattern patterns for
public instances. It is modelled after discourse, mastodon, and
MediaWiki's approaches.

Note: This has privacy implications, but as the above-stated open-source
projects take this approach, especially MediaWiki, which I have no doubt
looked into this thoroughly, it is likely okay for us, too. However, I
would be appreciative of any feedback on how this could be improved.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2 months agoIncrease `cacheContextLifetime` to reduce false reports (#32011)
Jason Song [Mon, 9 Sep 2024 04:51:25 +0000 (12:51 +0800)]
Increase `cacheContextLifetime` to reduce false reports (#32011)

Replace #32001.

To prevent the context cache from being misused for long-term work
(which would result in using invalid cache without awareness), the
context cache is designed to exist for a maximum of 10 seconds. This
leads to many false reports, especially in the case of slow SQL.

This PR increases it to 5 minutes to reduce false reports.

5 minutes is not a very safe value, as a lot of changes may have
occurred within that time frame. However, as far as I know, there has
not been a case of misuse of context cache discovered so far, so I think
5 minutes should be OK.

Please note that after this PR, if warning logs are found again, it
should get attention, at that time it can be almost 100% certain that it
is a misuse.

2 months ago[skip ci] Updated licenses and gitignores
GiteaBot [Mon, 9 Sep 2024 00:31:04 +0000 (00:31 +0000)]
[skip ci] Updated licenses and gitignores

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Sun, 8 Sep 2024 00:32:28 +0000 (00:32 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoRemove SHA1 for support for ssh rsa signing (#31857)
Wim [Sat, 7 Sep 2024 22:05:18 +0000 (00:05 +0200)]
Remove SHA1 for support for ssh rsa signing (#31857)

https://github.com/go-fed/httpsig seems to be unmaintained.

Switch to github.com/42wim/httpsig which has removed deprecated crypto
and default sha256 signing for ssh rsa.

No impact for those that use ed25519 ssh certificates.

This is a breaking change for:
- gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too
- activitypub using deprecated crypto (is this actually used?)

2 months agoUpgrade cache to v0.2.1 (#32003)
Lunny Xiao [Sat, 7 Sep 2024 17:12:37 +0000 (01:12 +0800)]
Upgrade cache to v0.2.1 (#32003)

Fix #31757

2 months agoAdd automatic light/dark option for the colorblind theme (#31997)
Luca Söthe [Sat, 7 Sep 2024 03:09:40 +0000 (05:09 +0200)]
Add automatic light/dark option for the colorblind theme (#31997)

The normal themes already have a variant which automatically chooses
light/dark mode based on the browser.
This PR adds the same variant, but for the colorblind themes.

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Sat, 7 Sep 2024 00:29:09 +0000 (00:29 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoUse global lock instead of NewExclusivePool to allow distributed lock between multipl...
Lunny Xiao [Fri, 6 Sep 2024 10:12:41 +0000 (18:12 +0800)]
Use global lock instead of NewExclusivePool to allow distributed lock between multiple Gitea instances (#31813)

Replace #26486
Fix #19620

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2 months agoUse forum.gitea.com instead of old URL (#31989)
Lunny Xiao [Fri, 6 Sep 2024 07:20:30 +0000 (15:20 +0800)]
Use forum.gitea.com instead of old URL (#31989)

2 months agoDistinguish official vs non-official reviews, add tool tips, and upgr… (#31924)
william-allspice [Fri, 6 Sep 2024 06:40:02 +0000 (01:40 -0500)]
Distinguish official vs non-official reviews, add tool tips, and upgr… (#31924)

This Pull Request is a follow up to
https://github.com/go-gitea/gitea/pull/31886:

1. Adds a UI indicator between official (green) and unofficial (grey)
approved pull requests on the Pull Request page (as suggested by
@kdumontnu )
2. Adds tooltips adding clarity to the type and status of a review on
the Pull Request page (as suggested by @kdumontnu)
3. Updates text adding more clarity to required approvals (as suggested
by @kdumontnu)
4. Updates text on the branch settings page explaining what branch
approval limitations (as suggested by @yp05327)

Official approval:
<img width="376" alt="Screenshot 2024-08-26 at 1 03 52 PM"
src="https://github.com/user-attachments/assets/500f083d-bfc0-45c5-82b7-b98e20495696">

Unofficial approval:
<img width="442" alt="Screenshot 2024-08-26 at 12 53 15 PM"
src="https://github.com/user-attachments/assets/e8c565ff-5886-4ce1-8b79-a0fa26c282f7">

Rejected approval:
<img width="452" alt="Screenshot 2024-08-26 at 12 53 06 PM"
src="https://github.com/user-attachments/assets/aebc0e2f-7052-4dea-8098-7caa0db86617">

Stale approval:
<img width="546" alt="Screenshot 2024-08-26 at 1 07 59 PM"
src="https://github.com/user-attachments/assets/da599ff3-e35c-4fa3-8141-ed80b738dd77">

Requested review tooltip:
<img width="434" alt="Screenshot 2024-08-26 at 12 53 22 PM"
src="https://github.com/user-attachments/assets/460d163e-8724-43b6-8760-34b285da8fe2">

Updated text for approvals:
<img width="991" alt="Screenshot 2024-08-26 at 12 54 00 PM"
src="https://github.com/user-attachments/assets/ab3ff012-9742-4c1b-933d-21addcb89f2c">

Updated text for allowlisted/whitelisted approvals:
<img width="990" alt="Screenshot 2024-08-26 at 1 01 40 PM"
src="https://github.com/user-attachments/assets/1a5bae61-d9e0-4d96-b86f-92610b0940d1">

Protected branch settings text:
<img width="1022" alt="Screenshot 2024-08-26 at 1 01 14 PM"
src="https://github.com/user-attachments/assets/892ce208-e1c2-41f7-8fec-46d5a0e7e776">

Comments list:
<img width="1048" alt="Screenshot 2024-08-28 at 9 25 31 AM"
src="https://github.com/user-attachments/assets/9c5c00c5-06cf-43b3-b413-4f7f673609b2">

---------

Co-authored-by: Kyle D. <kdumontnu@gmail.com>
2 months agoReturn 404 instead of error when commit not exist (#31977)
Adam Majer [Thu, 5 Sep 2024 18:39:23 +0000 (20:39 +0200)]
Return 404 instead of error when commit not exist (#31977)

Fix #31976

2 months agoFor consistency make repo search sort options case sensitive (#31951)
6543 [Thu, 5 Sep 2024 10:53:30 +0000 (12:53 +0200)]
For consistency make repo search sort options case sensitive (#31951)

2 months agoFix nuget/conan/container packages upload bugs (#31967)
Lunny Xiao [Thu, 5 Sep 2024 07:05:42 +0000 (15:05 +0800)]
Fix nuget/conan/container packages upload bugs (#31967)

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 4 Sep 2024 06:28:39 +0000 (06:28 +0000)]
[skip ci] Updated translations via Crowdin

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 4 Sep 2024 05:30:04 +0000 (05:30 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoRemove html tags from create tag and branch translation (#31973)
Lunny Xiao [Wed, 4 Sep 2024 04:53:55 +0000 (12:53 +0800)]
Remove html tags from create tag and branch translation (#31973)

Follow #31950 and Fix the display bug of #31966 .

This will only fix the English version. I will update all these
translation files in crowdin after this merged so that all the languages
can be fixed.

And all these files should be backported together.

This PR remove the bold effect around the name when creating a new tag
or branch.

2 months agoReplace v-html with v-text in search inputbox (#31966)
Lunny Xiao [Wed, 4 Sep 2024 02:52:00 +0000 (10:52 +0800)]
Replace v-html with v-text in search inputbox (#31966)

Credit for @techknowlogick

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 4 Sep 2024 00:29:09 +0000 (00:29 +0000)]
[skip ci] Updated translations via Crowdin

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 3 Sep 2024 00:29:33 +0000 (00:29 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoImprove get feed with pagination (#31821)
Lunny Xiao [Mon, 2 Sep 2024 19:05:09 +0000 (03:05 +0800)]
Improve get feed with pagination (#31821)

Fix #31752

@somera

---------

Co-authored-by: delvh <dev.lh@web.de>
2 months agoRemove urls from translations (#31950)
Denys Konovalov [Mon, 2 Sep 2024 18:36:24 +0000 (20:36 +0200)]
Remove urls from translations (#31950)

Part of #27700

Removes all URLs from translation strings to easy up changing them in
the future and to exclude people injecting malicious URLs through
translations. First measure as long as #24402 is out of scope.

2 months agoPrevent update pull refs manually and will not affect other refs update (#31931)
Lunny Xiao [Mon, 2 Sep 2024 07:38:27 +0000 (15:38 +0800)]
Prevent update pull refs manually and will not affect other refs update (#31931)

All refs under `refs/pull` should only be changed from Gitea inside but
not by pushing from outside of Gitea.
This PR will prevent the pull refs update but allow other refs to be
updated on the same pushing with `--mirror` operations.

The main changes are to add checks on `update` hook but not
`pre-receive` because `update` will be invoked by every ref but
`pre-receive` will revert all changes once one ref update fails.

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Mon, 2 Sep 2024 00:30:20 +0000 (00:30 +0000)]
[skip ci] Updated translations via Crowdin

2 months agonix wording nit in todo code comment
6543 [Sun, 1 Sep 2024 18:25:02 +0000 (20:25 +0200)]
nix wording nit in todo code comment

2 months agoFix 500 error when `state` params is set when editing issue/PR by API (#31880)
yp05327 [Sun, 1 Sep 2024 18:08:27 +0000 (03:08 +0900)]
Fix 500 error when `state` params is set when editing issue/PR by API (#31880)

A quick fix for #31871

2 months agoFix sort order for organization home and user profile page (#31921)
yp05327 [Sun, 1 Sep 2024 16:55:05 +0000 (01:55 +0900)]
Fix sort order for organization home and user profile page (#31921)

Fix #31916

In #30876, `sortOrder` has been changed into a map, but it is only
implemented in explore.
~~But it seems that size sort order has no effect from long long ago,~~
not directly caused by the PR above.

I think it is still caused by #29231.
In #29231, it merged the sort orders from
`templates/explore/repo_search.tmpl` and
`templates/admin/repo/search.tmpl`.
In `templates/admin/repo/search.tmpl`, it contains size sort orders, but
not in `templates/explore/repo_search.tmpl`, which is used in non-admin
pages.
So `order by size` is added from #29231, but the handler was not added.

---------

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2 months agoImprove textarea paste (#31948)
silverwind [Sun, 1 Sep 2024 15:15:29 +0000 (17:15 +0200)]
Improve textarea paste (#31948)

- When pasting a URL over another URL, replace the URL instead of
creating a useless `[url](url)`. This is the 1-line change
[here](https://github.com/go-gitea/gitea/pull/31948/files#diff-be8e94d7e3da33b187381f53d28095107bd0cf29ae9a9e997e4f422f4a54479cR122).
- Always run `initTextareaEvents`, previously it was not run when
`dropzoneEl` was not present like when attachements are disabled on the
server. Refactored the function to gracefully handle absent `dropzoneEl`
and rename the function to a better name.

2 months agoFix index too many file names bug (#31903)
Lunny Xiao [Sun, 1 Sep 2024 05:57:31 +0000 (13:57 +0800)]
Fix index too many file names bug (#31903)

Try to fix #31884
Fix #28584

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Sun, 1 Sep 2024 00:35:09 +0000 (00:35 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoMove web globals to `web_src/js/globals.d.ts` (#31943)
silverwind [Fri, 30 Aug 2024 07:36:53 +0000 (09:36 +0200)]
Move web globals to `web_src/js/globals.d.ts` (#31943)

This file serves exclusively to support `web_src/js`, so move it there.

2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Fri, 30 Aug 2024 00:29:03 +0000 (00:29 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoUpdate JS and PY dependencies (#31940)
silverwind [Thu, 29 Aug 2024 14:51:51 +0000 (16:51 +0200)]
Update JS and PY dependencies (#31940)

- `stylelint` is excluded because of deprecation warnings added in
16.8.2, depending on
https://github.com/AndyOGo/stylelint-declaration-strict-value/issues/379
- `eslint-plugin-sonarjs@2` adds a lot of new rules, but I have not
gotten around to reviewing them yet, so rule config is unchanged.
- Fixes https://github.com/go-gitea/gitea/security/dependabot/70
- Tested code editor and contributor graph

2 months agoFix search team (#31923)
Lunny Xiao [Thu, 29 Aug 2024 13:26:25 +0000 (21:26 +0800)]
Fix search team (#31923)

Fix #20658

2 months agoUpgrade micromatch to 4.0.8 (#31939)
Lunny Xiao [Thu, 29 Aug 2024 04:54:38 +0000 (12:54 +0800)]
Upgrade micromatch to 4.0.8 (#31939)

2 months agoRefactor globallock (#31933)
Jason Song [Thu, 29 Aug 2024 03:48:21 +0000 (11:48 +0800)]
Refactor globallock (#31933)

Follow #31908. The main refactor is that it has removed the returned
context of `Lock`.

The returned context of `Lock` in old code is to provide a way to let
callers know that they have lost the lock. But in most cases, callers
shouldn't cancel what they are doing even it has lost the lock. And the
design would confuse developers and make them use it incorrectly.

See the discussion history:
https://github.com/go-gitea/gitea/pull/31813#discussion_r1732041513 and
https://github.com/go-gitea/gitea/pull/31813#discussion_r1734078998

It's a breaking change, but since the new module hasn't been used yet, I
think it's OK to not add the `pr/breaking` label.

## Design principles

It's almost copied from #31908, but with some changes.

### Use spinlock even in memory implementation (unchanged)

In actual use cases, users may cancel requests. `sync.Mutex` will block
the goroutine until the lock is acquired even if the request is
canceled. And the spinlock is more suitable for this scenario since it's
possible to give up the lock acquisition.

Although the spinlock consumes more CPU resources, I think it's
acceptable in most cases.

### Do not expose the mutex to callers (unchanged)

If we expose the mutex to callers, it's possible for callers to reuse
the mutex, which causes more complexity.

For example:
```go
lock := GetLocker(key)
lock.Lock()
// ...
// even if the lock is unlocked, we cannot GC the lock,
// since the caller may still use it again.
lock.Unlock()
lock.Lock()
// ...
lock.Unlock()

// callers have to GC the lock manually.
RemoveLocker(key)
```

That's why
https://github.com/go-gitea/gitea/pull/31813#discussion_r1721200549

In this PR, we only expose `ReleaseFunc` to callers. So callers just
need to call `ReleaseFunc` to release the lock, and do not need to care
about the lock's lifecycle.
```go
release, err := locker.Lock(ctx, key)
if err != nil {
    return err
}
// ...
release()

// if callers want to lock again, they have to re-acquire the lock.
release, err := locker.Lock(ctx, key)
// ...
```

In this way, it's also much easier for redis implementation to extend
the mutex automatically, so that callers do not need to care about the
lock's lifecycle. See also
https://github.com/go-gitea/gitea/pull/31813#discussion_r1722659743

### Use "release" instead of "unlock" (unchanged)

For "unlock", it has the meaning of "unlock an acquired lock". So it's
not acceptable to call "unlock" when failed to acquire the lock, or call
"unlock" multiple times. It causes more complexity for callers to decide
whether to call "unlock" or not.

So we use "release" instead of "unlock" to make it clear. Whether the
lock is acquired or not, callers can always call "release", and it's
also safe to call "release" multiple times.

But the code DO NOT expect callers to not call "release" after acquiring
the lock. If callers forget to call "release", it will cause resource
leak. That's why it's always safe to call "release" without extra
checks: to avoid callers to forget to call it.

### Acquired locks could be lost, but the callers shouldn't stop

Unlike `sync.Mutex` which will be locked forever once acquired until
calling `Unlock`, for distributed lock, the acquired lock could be lost.

For example, the caller has acquired the lock, and it holds the lock for
a long time since auto-extending is working for redis. However, it lost
the connection to the redis server, and it's impossible to extend the
lock anymore.

In #31908, it will cancel the context to make the operation stop, but
it's not safe. Many operations are not revert-able. If they have been
interrupted, then the instance goes corrupted. So `Lock` won't return
`ctx` anymore in this PR.

### Multiple ways to use the lock

1. Regular way

```go
release, err := Lock(ctx, key)
if err != nil {
    return err
}
defer release()
// ...
```

2. Early release

```go
release, err := Lock(ctx, key)
if err != nil {
    return err
}
defer release()
// ...
// release the lock earlier
release()
// continue to do something else
// ...
```

3. Functional way

```go
if err := LockAndDo(ctx, key, func(ctx context.Context) error {
    // ...
    return nil
}); err != nil {
    return err
}
```

2 months agoFix a number of Typescript issues (#31877)
silverwind [Wed, 28 Aug 2024 16:32:38 +0000 (18:32 +0200)]
Fix a number of Typescript issues (#31877)

Typescript error count is reduced from 633 to 540 with this. No runtime
changes except in test code.

2 months agoSplit org Propfile README to a new tab `overview` (#31373)
a1012112796 [Tue, 27 Aug 2024 02:54:12 +0000 (10:54 +0800)]
Split org Propfile README to a new tab `overview` (#31373)

like user profile, add a new overviw tab to show profile READEME when it
is exist.

replace #31349 (another solution option)

example view:
![屏幕截图 2024-06-14
094116](https://github.com/go-gitea/gitea/assets/25342410/3303a1f2-ae02-48e0-9519-7fa11e65657f)
![屏幕截图 2024-06-14
094101](https://github.com/go-gitea/gitea/assets/25342410/7a4a5a48-dc2b-4ad4-b2a2-9ea4ab5d5808)

---------

Signed-off-by: a1012112796 <1012112796@qq.com>
2 months ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 27 Aug 2024 00:28:30 +0000 (00:28 +0000)]
[skip ci] Updated translations via Crowdin

2 months agoIntroduce globallock as distributed locks (#31908)
Jason Song [Mon, 26 Aug 2024 14:27:57 +0000 (22:27 +0800)]
Introduce globallock as distributed locks (#31908)

To help #31813, but do not replace it, since this PR just introduces the
new module but misses some work:

- New option in settings. `#31813` has done it.
- Use the locks in business logic. `#31813` has done it.

So I think the most efficient way is to merge this PR first (if it's
acceptable) and then finish #31813.

## Design principles

### Use spinlock even in memory implementation

In actual use cases, users may cancel requests. `sync.Mutex` will block
the goroutine until the lock is acquired even if the request is
canceled. And the spinlock is more suitable for this scenario since it's
possible to give up the lock acquisition.

Although the spinlock consumes more CPU resources, I think it's
acceptable in most cases.

### Do not expose the mutex to callers

If we expose the mutex to callers, it's possible for callers to reuse
the mutex, which causes more complexity.

For example:
```go
lock := GetLocker(key)
lock.Lock()
// ...
// even if the lock is unlocked, we cannot GC the lock,
// since the caller may still use it again.
lock.Unlock()
lock.Lock()
// ...
lock.Unlock()

// callers have to GC the lock manually.
RemoveLocker(key)
```

That's why
https://github.com/go-gitea/gitea/pull/31813#discussion_r1721200549

In this PR, we only expose `ReleaseFunc` to callers. So callers just
need to call `ReleaseFunc` to release the lock, and do not need to care
about the lock's lifecycle.
```go
_, release, err := locker.Lock(ctx, key)
if err != nil {
    return err
}
// ...
release()

// if callers want to lock again, they have to re-acquire the lock.
_, release, err := locker.Lock(ctx, key)
// ...
```

In this way, it's also much easier for redis implementation to extend
the mutex automatically, so that callers do not need to care about the
lock's lifecycle. See also
https://github.com/go-gitea/gitea/pull/31813#discussion_r1722659743

### Use "release" instead of "unlock"

For "unlock", it has the meaning of "unlock an acquired lock". So it's
not acceptable to call "unlock" when failed to acquire the lock, or call
"unlock" multiple times. It causes more complexity for callers to decide
whether to call "unlock" or not.

So we use "release" instead of "unlock" to make it clear. Whether the
lock is acquired or not, callers can always call "release", and it's
also safe to call "release" multiple times.

But the code DO NOT expect callers to not call "release" after acquiring
the lock. If callers forget to call "release", it will cause resource
leak. That's why it's always safe to call "release" without extra
checks: to avoid callers to forget to call it.

### Acquired locks could be lost

Unlike `sync.Mutex` which will be locked forever once acquired until
calling `Unlock`, in the new module, the acquired lock could be lost.

For example, the caller has acquired the lock, and it holds the lock for
a long time since auto-extending is working for redis. However, it lost
the connection to the redis server, and it's impossible to extend the
lock anymore.

If the caller don't stop what it's doing, another instance which can
connect to the redis server could acquire the lock, and do the same
thing, which could cause data inconsistency.

So the caller should know what happened, the solution is to return a new
context which will be canceled if the lock is lost or released:

```go
ctx, release, err := locker.Lock(ctx, key)
if err != nil {
    return err
}
defer release()
// ...
DoSomething(ctx)

// the lock is lost now, then ctx has been canceled.

// Failed, since ctx has been canceled.
DoSomethingElse(ctx)
```

### Multiple ways to use the lock

1. Regular way

```go
ctx, release, err := Lock(ctx, key)
if err != nil {
    return err
}
defer release()
// ...
```

2. Early release

```go
ctx, release, err := Lock(ctx, key)
if err != nil {
    return err
}
defer release()
// ...
// release the lock earlier and reset the context back
ctx = release()
// continue to do something else
// ...
```

3. Functional way

```go
if err := LockAndDo(ctx, key, func(ctx context.Context) error {
    // ...
    return nil
}); err != nil {
    return err
}
```

2 months ago[skip ci] Updated licenses and gitignores
GiteaBot [Mon, 26 Aug 2024 00:28:33 +0000 (00:28 +0000)]
[skip ci] Updated licenses and gitignores

2 months agoUpdate mermaid to v11 (#31913)
silverwind [Sun, 25 Aug 2024 17:23:13 +0000 (19:23 +0200)]
Update mermaid to v11 (#31913)

Update mermaid to
[v11](https://github.com/mermaid-js/mermaid/releases/tag/v11.0.0) and
enable the new [`suppressErrorRendering`
option](https://github.com/mermaid-js/mermaid/pull/4359) to ensure
mermaid never renders error elements into the DOM (we have per-chart
error rendering, so don't need it). Tested various chart types.

BTW, I was unable to reproduce that error rendering from mermaid with
`suppressErrorRendering: false` and I thought we had some CSS to hide
the error element, but I could not find it, not even in git history.

2 months agoHandle "close" actionable references for manual merges (#31879)
Zettat123 [Sun, 25 Aug 2024 17:18:19 +0000 (01:18 +0800)]
Handle "close" actionable references for manual merges (#31879)

Fix #31743