]> source.dussan.org Git - gitea.git/log
gitea.git
3 years agoSimplify split diff view generation and remove JS dependency (#16775) (#16863)
zeripath [Mon, 30 Aug 2021 15:43:06 +0000 (16:43 +0100)]
Simplify split diff view generation and remove JS dependency (#16775) (#16863)

Backport #16775

Gitea has relied on some slow JS code to match up added and deleted lines on the
diff pages. This can cause a considerable slow down on large diff pages.

This PR makes a small change meaning that the matching up can occur much more simply.

Partial fix #1351

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoEnsure that the default visibility is set on the user create page (#16845) (#16862)
zeripath [Sun, 29 Aug 2021 15:33:13 +0000 (16:33 +0100)]
Ensure that the default visibility is set on the user create page (#16845) (#16862)

Backport #16845

Set the default visibility on the user create page.

Fix #16840

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoIn Render tolerate not being passed a context (#16842) (#16858)
6543 [Sun, 29 Aug 2021 14:25:45 +0000 (16:25 +0200)]
In Render tolerate not being passed a context (#16842) (#16858)

* In Render tolerate not being passed a context

It is possible for RenderString to be passed to an external renderer if markdown
is set to be rendered by an external renderer. No context is currently sent to these
meaning that this will error out.

Fix #16835

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Context to Repo calls for RenderString

All calls from routers can easily add the context - so add it.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoUpgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources...
zeripath [Sat, 28 Aug 2021 11:16:19 +0000 (12:16 +0100)]
Upgrade xorm to v1.2.2 (#16663) & Add test to ensure that dumping of login sources remains correct (#16847) (#16848)

* Upgrade xorm to v1.2.2 (#16663)

Backport #16663

Fix #16683

* Add test to ensure that dumping of login sources remains correct (#16847)

#16831 has occurred because of a missed regression. This PR adds a simple test to
try to prevent this occuring again.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoReport the correct number of pushes on the feeds (#16811) (#16822)
techknowlogick [Thu, 26 Aug 2021 06:30:13 +0000 (02:30 -0400)]
Report the correct number of pushes on the feeds (#16811) (#16822)

* Report the correct number of pushes on the feeds

Since the number of commits in the Action table has been limited to 5
the number of commits reported on the feeds page is now incorrectly also
limited to 5. The correct number is available as the Len and this PR
changes this to report this.

Fix #16804

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update templates/user/dashboard/feeds.tmpl

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoAdd primary_key to issue_index (#16813) (#16820)
zeripath [Wed, 25 Aug 2021 22:10:15 +0000 (23:10 +0100)]
Add primary_key to issue_index (#16813) (#16820)

Backport #16813

Make the group_id a primary key in issue_index. This already has an
unique index and therefore is a good candidate for becoming a primary
key.

This PR also changes all other uses of this table to add the group_id as
the primary key.

The migration v192 from #16813 has not been backported but Xorm will
work fine with non-primary keyed tables. If a user on 1.15 wishes to
have the correct schema sooner than 1.16 - they can use gitea doctor
recreate-table issue_index and gitea will recreate the table with the
primary key.

Fix #16802

Signed-off-by: Andrew Thornton art27@cantab.net
3 years agoPrevent NPE on empty commit (#16812) (#16819)
zeripath [Wed, 25 Aug 2021 12:22:48 +0000 (13:22 +0100)]
Prevent NPE on empty commit (#16812) (#16819)

Backport #16812

Handle completely empty commit as the first commit to a repository.

Fix #16668

Signed-off-by: Andrew Thornton art27@cantab.net
3 years agoFix branch pagination error (#16805) (#16816)
Lunny Xiao [Wed, 25 Aug 2021 10:11:54 +0000 (18:11 +0800)]
Fix branch pagination error (#16805) (#16816)

Backport #16805

Fix #16801

Even if default branch is removed from the current page, but the total branches number should be still kept. So that the pagination calculation will be correct.

3 years agoEnsure that template compilation panics are sent to the logs (#16788) (#16792)
zeripath [Mon, 23 Aug 2021 23:50:04 +0000 (00:50 +0100)]
Ensure that template compilation panics are sent to the logs (#16788) (#16792)

Backport #16788

Although panics within the rendering pipeline are caught and dealt with,
panics that occur before that starts are unprotected and will kill Gitea
without being sent to the logs.

This PR adds a basic recovery handler to catch panics that occur after
the logger is initialised and ensure that they're sent to the logger.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoRemove spurious / from issues.opened_by (#16793)
zeripath [Mon, 23 Aug 2021 22:24:30 +0000 (23:24 +0100)]
Remove spurious / from issues.opened_by (#16793)

Fix #16713

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoAdd missing return to handleSettingRemoteAddrError (#16794) (#16795)
zeripath [Mon, 23 Aug 2021 22:09:28 +0000 (23:09 +0100)]
Add missing return to handleSettingRemoteAddrError (#16794) (#16795)

Backport #16794

There is a missing return in handleSettingRemoteAddrError which means
that the error page for repo settings is duplicately rendered.

Fix #16771

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoUpdate only certmagic (#16790)
zeripath [Mon, 23 Aug 2021 22:07:44 +0000 (23:07 +0100)]
Update only certmagic (#16790)

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: jolheiser <john.olheiser@gmail.com>
3 years agochangelog for 1.15.0 (#16760) v1.15.0
techknowlogick [Sun, 22 Aug 2021 00:38:22 +0000 (20:38 -0400)]
changelog for 1.15.0 (#16760)

* changelog for 1.15.0

* Slight rename of GPG feature

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoKeep attachments on tasklist update (#16750) (#16757)
KN4CK3R [Sat, 21 Aug 2021 19:10:04 +0000 (21:10 +0200)]
Keep attachments on tasklist update (#16750) (#16757)

* Send attachments too.

* Use tasklist flag.

* use action="ignoreAttachments" instead of "tasklist"

* Use boolean parameter.

* when the update request doesn't intend to update attachments (eg: change checkbox state), ignore attachment updates (#16762)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
3 years agoRecreate Tables should Recreate indexes on MySQL (#16718) (#16739)
zeripath [Sat, 21 Aug 2021 02:47:37 +0000 (03:47 +0100)]
Recreate Tables should Recreate indexes on MySQL (#16718) (#16739)

The MySQL indexes are not being renamed at the same time as RENAME table despite the
CASCADE. Therefore it is probably better to just recreate the indexes instead.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoFix dependency translations (#16755)
Steven [Fri, 20 Aug 2021 17:11:26 +0000 (19:11 +0200)]
Fix dependency translations (#16755)

Signed-off-by: Steven Kriegler <61625851+justusbunsi@users.noreply.github.com>
3 years agoDo not use thin scrollbars on Firefox (#16738) (#16745)
Elouan Martinet [Fri, 20 Aug 2021 05:19:22 +0000 (07:19 +0200)]
Do not use thin scrollbars on Firefox (#16738) (#16745)

In #7269, thin scrollbars were added in Arc Green theme. It got moved
in base theme in #13361.

This PR removes the use of thin scrollbars which causes an
accessibility issue. The scrollbars become too thin to be dragged.

Signed-off-by: Elouan Martinet <exa@elou.world>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoFix wrong user in OpenID response (#16736) (#16741)
KN4CK3R [Thu, 19 Aug 2021 21:26:44 +0000 (23:26 +0200)]
Fix wrong user in OpenID response (#16736) (#16741)

* Fix wrong user in OpenID response (#16736)

* Fixed usage of wrong user.

* Added tests.

* Fixed wrong import.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoRestore functionality for pushing non-standard refs (Partial #16705) (#16706)
zeripath [Tue, 17 Aug 2021 08:24:47 +0000 (09:24 +0100)]
Restore functionality for pushing non-standard refs (Partial #16705) (#16706)

Partial Backport #16705

There was an inadvertent breaking change in #15629 meaning that notes refs and other
git extension refs will be automatically rejected.

This PR removes this incorrect forced rejection of non-standard refs.

Fix #16688

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agorelease/v1.15: set min go version to min upstream supported go1.16 (#16710)
techknowlogick [Tue, 17 Aug 2021 07:09:44 +0000 (03:09 -0400)]
release/v1.15: set min go version to min upstream supported go1.16 (#16710)

* release/v1.15: set min go version to min upstream supported 1.16

* update drone

3 years agoUpgrade levelqueue 0.4.1 (#16696) (#16700)
Lunny Xiao [Mon, 16 Aug 2021 07:37:27 +0000 (15:37 +0800)]
Upgrade levelqueue 0.4.1 (#16696) (#16700)

3 years agoEnsure empty lines are copiable and final new line too (#16678) (#16692)
zeripath [Sun, 15 Aug 2021 03:39:23 +0000 (04:39 +0100)]
Ensure empty lines are copiable and final new line too (#16678) (#16692)

Backport #16678

When files are highlighted the newline character needs to be added in a whitespace
compliant mode. Also ensure the final empty newline is rendered.

Fix #16434

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years ago If PatchURL is empty, skip pull patch download when migrating (Partial #16356) ...
6543 [Fri, 13 Aug 2021 16:26:19 +0000 (18:26 +0200)]
 If PatchURL is empty, skip pull patch download when migrating (Partial #16356) (#16681)

Partial backport #16356

Whilst looking at adding migration support for onedev it has become apparent that gitea would attempt to pull patches on other migration targets even if that PatchURL was empty.

3 years agoUpdate issue_index to finish migration (#16685) (#16687)
6543 [Fri, 13 Aug 2021 14:13:03 +0000 (16:13 +0200)]
Update issue_index to finish migration (#16685) (#16687)

* update issue_index to finish migration

* One Func to RecalculateIssueIndexForRepo

3 years agoFix NPE in fuzzer (#16680) (#16682)
6543 [Fri, 13 Aug 2021 05:51:13 +0000 (07:51 +0200)]
Fix NPE in fuzzer (#16680) (#16682)

The fuzzer found an issue with the issue pattern processor where there is a spurious
path.Clean which does not need to be there. This PR also sets the default AppURL for
the fuzzer too.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
3 years agoChange the implementation of the go-git version of GetNote to mirror the non go-git...
nitul1991 [Mon, 9 Aug 2021 19:24:31 +0000 (00:54 +0530)]
Change the implementation of the go-git version of GetNote to mirror the non go-git version when passed a non-existent commit (#16658) (#16659)

Backport #16658

Fixes #16657

3 years agoFix direct creation of external users on admin page (#16613)
zeripath [Mon, 9 Aug 2021 12:18:40 +0000 (13:18 +0100)]
Fix direct creation of external users on admin page (#16613)

From #16612 it was noticed that when creating new external users directly it was not
possible to set their username correctly. This PR restores this ability.

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoRestore compatibility with SQLServer 2008 R2 in migrations (#16638)
zeripath [Sun, 8 Aug 2021 10:32:07 +0000 (11:32 +0100)]
Restore compatibility with SQLServer 2008 R2 in migrations (#16638)

This fixes two problems with MSSQL:

* `ALTER TABLE DROP ... IF EXISTS ...` is only supported in SQL Server >16.

The `IF EXISTS` here is a belt-and-braces and does not need to be present. Therefore
can be dropped. Also stop attempting to drop the indexes as constraints as they're indexes!

* System tables like: `sys.indexes` should be lowercase not uppercase because of collation issues.

Fix #13615

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoChangelog for 1.15.0-rc3 (#16621) v1.15.0-rc3
zeripath [Fri, 6 Aug 2021 20:08:13 +0000 (21:08 +0100)]
Changelog for 1.15.0-rc3 (#16621)

* Changelog for 1.15.0-rc3

 ## [1.15.0-rc3](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc3) - 2021-08-04

* BREAKING
  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
* SECURITY
  * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
  * Switch to maintained jwt lib (#16532) (#16533)
  * Correctly create of git-daemon-export-ok files (#16508) (#16514)
  * Don't show private user's repo in explore view (#16550) (#16554)
* API
  * Swagger AccessToken fixes (#16574) (#16597)
  * Set AllowedHeaders on API CORS handler (#16524) (#16618)
* BUGFIXES
  * Restore Accessibility for Dropdown (#16576) (#16617)
  * Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
  * Fix table alignment in markdown (#16596) (#16602)
  * Fix 500 on first wiki page (#16586) (#16598)
  * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
  * Upgrade levelqueue to v0.4.0 (#16560) (#16561)
  * Handle too long PR titles correctly (#16517) (#16549)
  * Fix data race in bleve indexer (#16474) (#16509)
  * Restore CORS on git smart http protocol (#16496) (#16506)
  * Fix race in log (#16490) (#16505)
  * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
  * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
  * Update notification table with only latest data (#16445) (#16469)
  * Revert to use alpine 3.13 (#16451) (#16452)
  * Fix crash following ldap authentication update (#16447) (#16448)
  * Fix direct creation of external users on admin page (partial #16612) (#16613)

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update CHANGELOG.md

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Update CHANGELOG.md

Co-authored-by: zeripath <art27@cantab.net>
* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoPrevent 500 on draft releases without tag (#16634) (#16636)
techknowlogick [Fri, 6 Aug 2021 08:09:33 +0000 (04:09 -0400)]
Prevent 500 on draft releases without tag (#16634) (#16636)

It is possible to create draft releases prior to creating a tag. This will cause a
500 on the releases page due to compare page failing.

This PR only shows the compare button if there is a SHA1 present.

Fix #16610

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoFrontport changelog for v1.14.6 (#16633)
zeripath [Thu, 5 Aug 2021 22:17:44 +0000 (23:17 +0100)]
Frontport changelog for v1.14.6 (#16633)

* Frontport changelog for v1.14.6

Frontport #16619

Changelog frontported to below v1.15.0-rc1.

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update config.yaml

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoUpdate node tar dependency to 6.1.6 (#16622) (#16623)
zeripath [Thu, 5 Aug 2021 04:40:25 +0000 (05:40 +0100)]
Update node tar dependency to 6.1.6 (#16622) (#16623)

Backport #16622

Forcibly update dev dependency on tar to 6.1.6

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoSet AllowedHeaders on API CORS handler (#16524) (#16618)
zeripath [Wed, 4 Aug 2021 19:57:59 +0000 (20:57 +0100)]
Set AllowedHeaders on API CORS handler (#16524) (#16618)

Backport #16524

Set AllowedHeaders on API CORS handler and add missing Access-Control-Expose-Headers
to pull API.

Fix #16100

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoPass down SignedUserName down to AccessLogger context (#16605) (#16616)
zeripath [Wed, 4 Aug 2021 17:26:35 +0000 (18:26 +0100)]
Pass down SignedUserName down to AccessLogger context (#16605) (#16616)

Backport #16605

Unfortunately when the AccessLogger was moved back before the contexters the
SignedUserName reporting was lost. This is due to Request.WithContext leading to a
shallow copy of the Request and the modules/context/Context being within that request.

This PR adds a new context variable of a string pointer which is set and handled
in the contexters.

Fix #16600

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoRestore #10096/#8638 and re-fix #15172 (#16576) (#16617)
zeripath [Wed, 4 Aug 2021 12:31:10 +0000 (13:31 +0100)]
Restore #10096/#8638 and re-fix #15172 (#16576) (#16617)

Backport #16576

This PR restores the vendored and patched dropdow from #8638. It
however, it partially abandons the call to `click()` using instead the
default dropdown click calls instead. This prevents the issue of the
dropdown grabbing focus permanently however, this may have negative
effects on the effect of focus on the dropdowns.

Of note, the behaviour of the template selector dropdown on the repo
creation page is slightly odd - I don't believe that this odd behaviour
is caused by this PR but rather by the feed source for this. I suspect
that the dropdown should be adding a delete button to its selection.

Fix #15172
References: #7057

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix table alignment in markdown (#16596) (#16602)
zeripath [Tue, 3 Aug 2021 23:16:00 +0000 (00:16 +0100)]
Fix table alignment in markdown (#16596) (#16602)

Backport #16596

Set the TableOptions in markdown to allow alignment of the tables to work correctly

Fix #15959

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix 500 on first wiki page (#16586) (#16598)
zeripath [Tue, 3 Aug 2021 22:46:08 +0000 (23:46 +0100)]
Fix 500 on first wiki page (#16586) (#16598)

Backport #16586

There is a mistake in #16319 and #16487 which means that the first time
a wiki page is created a 500 is reported because the `master` branch is
not in existence in that wiki yet.

This PR simply checks for this error and returns not found.

Fix #16584

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoUpgrade to the latest version of golang-jwt (#16590) (#16606)
zeripath [Tue, 3 Aug 2021 21:22:52 +0000 (22:22 +0100)]
Upgrade to the latest version of golang-jwt (#16590) (#16606)

* Upgrade to the latest version of golang-jwt.

Backport #16590

* Forcibly update the vendored versions too
* Update our minimal go lang version to 1.15 (differs from 1.16 in #16590)

Signed-off-by: Andrew Thornton <art27@cantab.net>
 ### :warning: BREAKING :warning:

This PR raises the minimal version of go supported to 1.15 which will mean the end of support of 32-bit Mac and Mac OS versions before Sierra.

Signed-off-by: Andrew Thornton <art27@cantab.net>
* update minimal go required

Signed-off-by: Andrew Thornton <art27@cantab.net>
* update config.yaml

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoSwagger AccessToken fixes (#16574) (#16597)
zeripath [Mon, 2 Aug 2021 18:24:47 +0000 (19:24 +0100)]
Swagger AccessToken fixes (#16574) (#16597)

Backport #16574

There is a subtle problem with the Swagger definition for AccessTokens which causes
autogeneration of APIs for these endpoints to fail.

This PR corrects these errors.

Ref: https://github.com/zeripath/java-gitea-api/issues/4
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years ago[CI] Use node v14 instead of node v16 until it will pass again (#16595) (#16599)
6543 [Mon, 2 Aug 2021 06:41:58 +0000 (08:41 +0200)]
[CI] Use node v14 instead of node v16 until it will pass again (#16595) (#16599)

* for CI release: use node 14 (lts) to build until 16 do fail

* all in for node v14.x

3 years agoLock goth/gothic and Re-attempt OAuth2 registration on login if registration failed...
zeripath [Thu, 29 Jul 2021 17:52:38 +0000 (18:52 +0100)]
Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16570)

Backport #16564

This PR has two parts:

* Add locking to goth and gothic calls with a RWMutex

The goth and gothic calls are currently unlocked and thus are a cause of multiple potential races

* Reattempt OAuth2 registration on login if registration failed

If OAuth2 registration fails at startup we currently disable the login_source however an alternative approach could be to reattempt registration on login attempt.

Fix #16096

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoUpgrade levelqueue to v0.4.0 (#16560) (#16561)
Lunny Xiao [Tue, 27 Jul 2021 16:59:06 +0000 (00:59 +0800)]
Upgrade levelqueue to v0.4.0 (#16560) (#16561)

Fix #16546

3 years agonot show private user's repo in explore view (#16550) (#16554)
a1012112796 [Tue, 27 Jul 2021 06:34:25 +0000 (14:34 +0800)]
not show private user's repo in explore view (#16550) (#16554)

after #16069, visibility is also usefull for user,
so this limit is not usefull.

fix #16545

3 years agoFix session bugs (#16552) (#16553)
6543 [Tue, 27 Jul 2021 01:44:44 +0000 (03:44 +0200)]
Fix session bugs (#16552) (#16553)

* Fix session bugs (#16552)

* fix deadlog bug

* Fix models/issue_stopwatch.go

* Update models/issue_stopwatch.go

Co-authored-by: zeripath <art27@cantab.net>
* fix getLatestCommitStatus

Co-authored-by: zeripath <art27@cantab.net>
3 years agoHandle too long PR titles correctly (#16517) (#16549)
zeripath [Mon, 26 Jul 2021 15:49:48 +0000 (16:49 +0100)]
Handle too long PR titles correctly (#16517) (#16549)

Backport #16517

The CompareAndPullRequestPost handler for POST to /compare
incorrectly handles returning errors to the user. For a start
it does not set the necessary markers to switch SimpleMDE
but it also does not immediately return to the form.

This PR fixes this by setting the appropriate values, fixing
the templates and preventing the suggestion of a too long
title.

Fix #16507

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoupgraded github.com/markbates/goth v1.67.1 => v1.68.0 (#16539)
6543 [Sat, 24 Jul 2021 17:17:50 +0000 (19:17 +0200)]
upgraded github.com/markbates/goth v1.67.1 => v1.68.0 (#16539)

3 years agoFix issue pasted image missing if no release permission (#16520) (#16527)
Lunny Xiao [Sat, 24 Jul 2021 16:34:57 +0000 (00:34 +0800)]
Fix issue pasted image missing if no release permission (#16520) (#16527)

* Fix issue pasted image missing if no release permission

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoSwitch to maintained jwt lib (#16532) (#16533)
zeripath [Sat, 24 Jul 2021 15:13:50 +0000 (16:13 +0100)]
Switch to maintained jwt lib (#16532) (#16533)

Backport #16532

Co-authored-by: Matti R <matti@mdranta.net>
3 years agoAdd basic edit ldap auth test & actually fix #16252 (#16465) (#16494) v1.15.0-rc2
zeripath [Thu, 22 Jul 2021 14:24:21 +0000 (15:24 +0100)]
Add basic edit ldap auth test & actually fix #16252 (#16465) (#16494)

Backport #16465

One of the reasons why #16447 was needed and why #16268 was needed in
the first place was because it appears that editing ldap configuration
doesn't get tested.

This PR therefore adds a basic test that will run the edit pipeline.

In doing so it's now clear that #16447 and #16268 aren't actually
solving #16252. It turns out that what actually happens is that is that
the bytes are actually double encoded.

This PR now changes the json unmarshal wrapper to handle this double
encode.

Fix #16252

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoRestore creation of git-daemon-export-ok files (#16508) (#16514)
zeripath [Thu, 22 Jul 2021 13:52:02 +0000 (14:52 +0100)]
Restore creation of git-daemon-export-ok files (#16508) (#16514)

Backport #16508

Somewhere along the line the creation of git-daemon-export-ok
files disappeared but the updating of these files when
repo visibility changes remained. The problem is that the
current state will create files even when the org or user
is private.

This PR restores creation correctly.

Fix #15521

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoChangelog for 1.15.0-rc2 (#16511)
zeripath [Thu, 22 Jul 2021 12:47:38 +0000 (13:47 +0100)]
Changelog for 1.15.0-rc2 (#16511)

* Changelog for 1.15.0-rc2

Results of `~/go/bin/changelog -m 1.15.0 --after 16422 generate`

We need to release RC2 as there are mulitple problems with alpine 3.14 related to
the seccomp issues on Docker <20.

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update CHANGELOG.md

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
3 years agoFix data race in bleve indexer (#16474) (#16509)
6543 [Thu, 22 Jul 2021 03:42:32 +0000 (05:42 +0200)]
Fix data race in bleve indexer (#16474) (#16509)

* Fix data race in bleve indexer

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
3 years agoRestore CORS on git smart http protocol (#16496) (#16506)
zeripath [Wed, 21 Jul 2021 14:03:02 +0000 (15:03 +0100)]
Restore CORS on git smart http protocol (#16496) (#16506)

Backport #16496

Unfortunately the chi changes have resulted in the CORS headers for the
git smart http protocol going missing.

This is mostly because the OPTIONS method is not being handled by
httpBase anymore.

This PR adds a GetOptions, PostOptions and Options methods to web
handler to allow OPTIONS method requests to still reach the httpBase
function.

Fix #16350
Close #16491

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix race in log (#16490) (#16505)
zeripath [Wed, 21 Jul 2021 12:19:36 +0000 (13:19 +0100)]
Fix race in log (#16490) (#16505)

Backport #16490

A race has been detected in #1441 relating to getting log levels.

This PR protects the GetLevel and GetStacktraceLevel calls with a RW mutex.

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoAdd TestPrepareWikiFileName (#16487) (#16498)
6543 [Wed, 21 Jul 2021 02:37:00 +0000 (04:37 +0200)]
Add TestPrepareWikiFileName (#16487) (#16498)

* Add TestPrepareWikiFileName

* use LsTree as LsFiles is index only

* ajust other tests

Co-authored-by: Andrew Thornton <art27@cantab.net>
3 years agoMake cancel from CatFileBatch and CatFileBatchCheck wait for the command to end ...
zeripath [Tue, 20 Jul 2021 21:52:19 +0000 (22:52 +0100)]
Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)

* Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479)

Fix #16427 (again!)

* handle sharing violation error code

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agofix: support delete non-urlencoded wiki page (#16482) (#16486)
Gary Wang [Mon, 19 Jul 2021 17:39:50 +0000 (01:39 +0800)]
fix: support delete non-urlencoded wiki page (#16482) (#16486)

* fix: support delete non-urlencoded wiki page

* fix: check error

3 years agoUpdate notification table with only latest data (#16445) (#16469)
zeripath [Sat, 17 Jul 2021 17:05:59 +0000 (18:05 +0100)]
Update notification table with only latest data (#16445) (#16469)

When marking notifications read the results may be returned out of order
or be delayed.  This PR sends a sequence number to gitea so that the
browser can ensure that only the results of the latest notification
change are shown.

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoRetry rename on lock induced failures (re-fix) (#16461) (#16462)
zeripath [Fri, 16 Jul 2021 17:22:44 +0000 (18:22 +0100)]
Retry rename on lock induced failures (re-fix) (#16461) (#16462)

Backport #16461

Unfortunately #16435 asserts the wrong error and should use
os.LinkError not os.PathError.

Fix #16439

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFrontport v1.14.5 (#16453)
zeripath [Fri, 16 Jul 2021 15:17:16 +0000 (16:17 +0100)]
Frontport v1.14.5 (#16453)

Frontport the changelog from v1.14.5

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agorevert to use alpine 3.13 (#16452)
techknowlogick [Fri, 16 Jul 2021 01:55:14 +0000 (21:55 -0400)]
revert to use alpine 3.13 (#16452)

Co-authored-by: zeripath <art27@cantab.net>
3 years agoFix crash following ldap authentication update (#16447) (#16448)
zeripath [Fri, 16 Jul 2021 00:17:44 +0000 (01:17 +0100)]
Fix crash following ldap authentication update (#16447) (#16448)

Backport #16447

Unfortunately #16268 contained a terrible error, whereby there was a double
indirection taken when unmarshalling the source data. This fatally breaks
authentication configuration reading.

Fix #16342

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoUpdate documentation to reflect #15219 (#16442) (#16444)
zeripath [Thu, 15 Jul 2021 20:28:07 +0000 (21:28 +0100)]
Update documentation to reflect #15219 (#16442) (#16444)

Backport #16442

The move to render custom/public as within /assets in #15219 missed updating
several documentation pages.

This PR updates this documentation.

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoChangelog for v1.15.0-rc1 (#16422) v1.15.0-rc1
6543 [Thu, 15 Jul 2021 15:47:57 +0000 (17:47 +0200)]
Changelog for v1.15.0-rc1 (#16422)

* changelog -m 1.15.0 generate

* enhance changelog

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: techknowlogick <matti@mdranta.net>
* move SECURITY before FEATURES

* move ENHANCEMENTS above BUGFIXES

* as per techknowlogick

* more

* node16

* Apply suggestions from code review

Co-authored-by: Kyle D. <kdumontnu@gmail.com>
* next

* Apply suggestions from code review

* Update CHANGELOG.md

Co-authored-by: Norwin <noerw@users.noreply.github.com>
* Update CHANGELOG.md

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Kyle D. <kdumontnu@gmail.com>
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoRetry rename on lock induced failures (#16435)
zeripath [Thu, 15 Jul 2021 15:46:07 +0000 (16:46 +0100)]
Retry rename on lock induced failures (#16435)

* Retry rename on lock induced failures

Due to external locking on Windows it is possible for an
os.Rename to fail if the files or directories are being
used elsewhere.

This PR simply suggests retrying the rename again similar
to how we handle the os.Remove problems.

Fix #16427

Signed-off-by: Andrew Thornton <art27@cantab.net>
* resolve CI fail

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 15 Jul 2021 15:07:57 +0000 (15:07 +0000)]
[skip ci] Updated translations via Crowdin

3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 15 Jul 2021 10:07:52 +0000 (10:07 +0000)]
[skip ci] Updated translations via Crowdin

3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 15 Jul 2021 09:08:09 +0000 (09:08 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoadd note about minimum required version of git installed (#16433)
techknowlogick [Thu, 15 Jul 2021 03:28:49 +0000 (23:28 -0400)]
add note about minimum required version of git installed (#16433)

3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Jul 2021 20:07:55 +0000 (20:07 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoChange the release cycle to match actual situations (#16430)
Lunny Xiao [Wed, 14 Jul 2021 18:03:00 +0000 (02:03 +0800)]
Change the release cycle to match actual situations (#16430)

* Change the release cycle to match actual situations

* Update CONTRIBUTING.md

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoChange docker tag logic (#16421)
techknowlogick [Wed, 14 Jul 2021 17:08:43 +0000 (13:08 -0400)]
Change docker tag logic (#16421)

* Change docker logic

* Apply suggestions from code review

Co-authored-by: Kyle D. <kdumontnu@gmail.com>
* docs

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Kyle D. <kdumontnu@gmail.com>
3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Jul 2021 15:07:54 +0000 (15:07 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoSecond attempt at preventing zombies (#16326)
zeripath [Wed, 14 Jul 2021 14:43:13 +0000 (15:43 +0100)]
Second attempt at preventing zombies (#16326)

* Second attempt at preventing zombies

* Ensure that the pipes are closed in ssh.go
* Ensure that a cancellable context is passed up in cmd/* http requests
* Make cmd.fail return properly so defers are obeyed
* Ensure that something is sent to stdout in case of blocks here

Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint 2

Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint 3

Signed-off-by: Andrew Thornton <art27@cantab.net>
* fixup

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Jul 2021 14:07:52 +0000 (14:07 +0000)]
[skip ci] Updated translations via Crowdin

3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Jul 2021 13:08:17 +0000 (13:08 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoUse TrN helper for email templates (#16425)
6543 [Wed, 14 Jul 2021 13:06:09 +0000 (15:06 +0200)]
Use TrN helper for email templates (#16425)

* Add TrN helper

* use TrN

* a nit

3 years agoMake gpg resource string more readable (#16423)
delvh [Wed, 14 Jul 2021 10:50:39 +0000 (12:50 +0200)]
Make gpg resource string more readable (#16423)

3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Jul 2021 00:07:53 +0000 (00:07 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoFix activation of primary email addresses (#16385)
Meano [Tue, 13 Jul 2021 20:59:27 +0000 (04:59 +0800)]
Fix activation of primary email addresses (#16385)

* fix: primary email cannot be activated

* Primary email should be activated together with user account when
'RegisterEmailConfirm' is enabled.

* To fix the existing error state. When 'RegisterEmailConfirm' is enabled, the
admin should have permission to modify the activations status of user email.
And the user should be allowed to send activation to primary email.

* Only judge whether email is primary from email_address table.

* Improve logging and refactor isEmailActive

Co-authored-by: zeripath <art27@cantab.net>
3 years agoReturn updated repository when changing repository using API (#16420)
6543 [Tue, 13 Jul 2021 19:31:59 +0000 (21:31 +0200)]
Return updated repository when changing repository using API (#16420)

3 years agoLoad issue/PR context popup data only when needed (#15955)
Lauris BH [Tue, 13 Jul 2021 18:09:19 +0000 (21:09 +0300)]
Load issue/PR context popup data only when needed (#15955)

* Load issue/PR context popup data only when needed

* Add SVG icon Vue component

* Remove unneeded check

3 years agoSupport HTTP/2 in Let's Encrypt (#16371)
Stanley Hu [Tue, 13 Jul 2021 17:17:46 +0000 (01:17 +0800)]
Support HTTP/2 in Let's Encrypt (#16371)

Modify the tlsConfig.NextProtos for Let's Encrypt and built-in HTTPS server in order to support HTTP/2.

Co-authored-by: 6543 <6543@obermui.de>
3 years agofix calculation for finalPage in repo-search component (#16382)
6543 [Tue, 13 Jul 2021 14:05:27 +0000 (16:05 +0200)]
fix calculation for finalPage in repo-search component (#16382)

Co-authored-by: Jan Naahs <jan.naahs@naahstea.de>
3 years agoAdd option to provide signature for a token to verify key ownership (#14054)
zeripath [Tue, 13 Jul 2021 13:28:07 +0000 (14:28 +0100)]
Add option to provide signature for a token to verify key ownership (#14054)

* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix archive error when rename repo or user (#16399)
Lunny Xiao [Tue, 13 Jul 2021 12:16:31 +0000 (20:16 +0800)]
Fix archive error when rename repo or user (#16399)

Use repo id instead of full name to generate archive path

3 years agoLet branch/tag name be a valid ref to get CI status (#16400)
6543 [Tue, 13 Jul 2021 07:14:14 +0000 (09:14 +0200)]
Let branch/tag name be a valid ref to get CI status (#16400)

* fix #16384#

* refactor: move shared helper func to utils package

* extend Tests

* use ctx.Repo.GitRepo if not nil

3 years agoDetect encoding changes while parsing diff (#16330)
Jimmy Praet [Tue, 13 Jul 2021 01:13:52 +0000 (03:13 +0200)]
Detect encoding changes while parsing diff (#16330)

* Detect encoding changes while parsing diff

3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 13 Jul 2021 00:07:51 +0000 (00:07 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoAdd checkbox to delete pull branch after successful merge (#16049)
Jimmy Praet [Mon, 12 Jul 2021 23:26:25 +0000 (01:26 +0200)]
Add checkbox to delete pull branch after successful merge (#16049)

* Add checkbox to delete pull branch after successful merge

* Omit DeleteBranchAfterMerge field in json

* Log a warning instead of error when PR head branch deleted

* Add DefaultDeleteBranchAfterMerge to PullRequestConfig

* Add support for delete_branch_after_merge via API

* Fix for API: the branch should be deleted from the HEAD repo

If head and base repo are the same, reuse the already opened ctx.Repo.GitRepo

* Don't delegate to CleanupBranch, only reuse branch deletion code

CleanupBranch contains too much logic that has already been performed by the Merge

* Reuse gitrepo in MergePullRequest

Co-authored-by: Andrew Thornton <art27@cantab.net>
3 years agoFix external renderer (#16401)
6543 [Mon, 12 Jul 2021 21:13:59 +0000 (23:13 +0200)]
Fix external renderer (#16401)

* fix external renderer

* use GBackground context as fallback

* no fallback, return error

Co-authored-by: Lauris BH <lauris@nix.lv>
3 years agoValidate Issue Index before querying DB (#16406)
Norwin [Mon, 12 Jul 2021 20:22:27 +0000 (20:22 +0000)]
Validate Issue Index before querying DB (#16406)

3 years agodocs: rewrite email setup (#16404)
Bagas Sanjaya [Mon, 12 Jul 2021 20:05:40 +0000 (03:05 +0700)]
docs: rewrite email setup (#16404)

* Add intro for both the docs page and mailer methods
  * Fix numbering level in SMTP section
  * Recommends implicit TLS

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
3 years agoReplace `plugins/docker` with `techknowlogick/drone-docker`in ci (#16407)
6543 [Mon, 12 Jul 2021 19:20:44 +0000 (21:20 +0200)]
Replace `plugins/docker` with `techknowlogick/drone-docker`in ci (#16407)

* plugins/docker -> techknowlogick/drone-docker

* It is multi-arch

3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Mon, 12 Jul 2021 00:24:54 +0000 (00:24 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoAdd LRU mem cache implementation (#16226)
zeripath [Sat, 10 Jul 2021 21:54:15 +0000 (22:54 +0100)]
Add LRU mem cache implementation (#16226)

The current default memory cache implementation is unbounded in size and number of
objects cached. This is hardly ideal.

This PR proposes creating a TwoQueue LRU cache as the underlying cache for Gitea.
The cache is limited by the number of objects stored in the cache (rather than size)
for simplicity. The default number of objects is 50000 - which is perhaps too small
as most of our objects cached are going to be much less than 1kB.

It may be worth considering using a different LRU implementation that actively limits
sizes or avoids GC - however, this is just a beginning implementation.

Signed-off-by: Andrew Thornton <art27@cantab.net>
3 years agoFix invalid params and typo of email templates (#16394)
Meano [Sat, 10 Jul 2021 17:40:14 +0000 (01:40 +0800)]
Fix invalid params and typo of email templates (#16394)

Signed-off-by: Meano <meanocat@gmail.com>
3 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Sat, 10 Jul 2021 00:24:52 +0000 (00:24 +0000)]
[skip ci] Updated translations via Crowdin

3 years agoAdded documentation about 413 errors with an nginx solution (#15313)
Avahe Kellenberger [Sat, 10 Jul 2021 00:16:07 +0000 (20:16 -0400)]
Added documentation about 413 errors with an nginx solution (#15313)

* Added documentation about 413 errors with an nginx solution.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
3 years agoFix #16387 - rootless Docker user (#16388)
Jonathan Hult [Fri, 9 Jul 2021 14:08:22 +0000 (09:08 -0500)]
Fix #16387 - rootless Docker user (#16388)

Move comment to top of USER instruction