wxiaoguang [Fri, 11 Feb 2022 16:23:41 +0000 (00:23 +0800)]
Update object repo with the migrated repository (#18684) (#18726)
When migrating a repository (from GitHub) using the API (**POST** `repos/migrate`), the Code Indexer is not updated. Searching in the user interface will not return any results.
When migrating the same repository using **+/New Migration** in the web interface, the search index is updated and searching works as expected.
Caused by the fact that object `repo` is never updated with the migrated repo so `setting.Indexer.RepoIndexerEnabled && !repo.IsEmpty` in `modules/notification/indexer/indexer.go:NotifyMigrateRepository` always evaluates to `false`.
Tested with gitea:1.16.1, MariaDB:10, Breve in `Run Mode: Dev`.
Co-authored-by: Hugo Hoitink <10838836+hoitih@users.noreply.github.com>
zeripath [Thu, 10 Feb 2022 15:17:44 +0000 (15:17 +0000)]
Prevent security failure due to bad APP_ID (#18678) (#18682)
Backport #18678
WebAuthn may cause a security exception if the provided APP_ID is not allowed for the
current origin. Therefore we should reattempt authentication without the appid
extension.
Also we should allow [u2f] as-well as [U2F] sections.
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
zeripath [Thu, 10 Feb 2022 11:37:53 +0000 (11:37 +0000)]
Fix issue with docker-rootless shimming script (#18690) (#18699)
Backport #18690
There is a problem with the current shimming script in that it will double quote the
provided GITEA_APP_INI due to a mistake in the bash. Here we change this to use a bash array.
zeripath [Tue, 8 Feb 2022 21:28:21 +0000 (21:28 +0000)]
Restart zero worker if there is still work to do (#18658) (#18672)
* Restart zero worker if there is still work to do (#18658)
Backport #18658
It is possible for the zero worker to timeout before all the work is finished.
This may mean that work may take a long time to complete because a worker will only
be induced on repushing.
Also ensure that requested count is reset after pulls and push mirror sync requests and add some more trace logging to the queue push.
Fix #18607
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update modules/queue/workerpool.go
zeripath [Mon, 7 Feb 2022 01:25:05 +0000 (01:25 +0000)]
If rendering has failed due to a net.OpError stop rendering (#18642) (#18645)
Backport #18642
When a net.OpError occurs during rendering the underlying connection is essentially
dead and therefore attempting to render further data will only cause further errors.
Therefore in serverErrorInternal detect if the passed in error is an OpError and
if so do not attempt any further rendering.
zeripath [Sun, 6 Feb 2022 06:55:44 +0000 (06:55 +0000)]
Only attempt to flush queue if the underlying worker pool is not finished (#18593) (#18620)
* Only attempt to flush queue if the underlying worker pool is not finished (#18593)
Backport #18593
There is a possible race whereby a worker pool could be cancelled but yet the
underlying queue is not empty. This will lead to flush-all cycling because it
cannot empty the pool.
* On shutdown of Persistant Channel Queues close datachan and empty
Partial Backport #18415
Although we attempt to empty the datachan in queues - due to
races we are better off just closing the channel and forcibly emptying
it in shutdown.
Fix #18618
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move zero workers warning to debug
Fix #18617
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update modules/queue/manager.go
zeripath [Sat, 5 Feb 2022 20:49:53 +0000 (20:49 +0000)]
Attempt to prevent intermittent failure TestGit/xxx/BranchProtectMerge/MergePR (#18451) (#18619)
Backport #18451
One of the repeated intermittent failures we see in testing is a failure due to
branches not being ready to merge.
Prior to the immediate queue implementation we would attempt to flush all the queues
and this would prevent the issue. However, the immediate queue is not flushable so
the flushall is not successful at preventing this.
This PR proposes an alternative solution - wait some time and try again up to 5 times.
If this fails then there is a genuine issue and we should fail.
zeripath [Fri, 4 Feb 2022 17:03:41 +0000 (17:03 +0000)]
Ensure commit-statuses box is sized correctly in headers (#18538) (#18606)
* Ensure commit-statuses box is sized correctly in headers (#18538)
Backport #18538
Backport #18605
* Ensure commit-statuses box is sized correctly in headers
When viewing commits as commits the commit-status box will be fixed at 30px in height
due to being forced to be this size by a fomantic selector. This PR simply adds a
few more selectors to force this to have height auto.
Fix #18498
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Remove the spurious space in the .ui.right additional selector
Somehow a spurious space sneaked in to #18538
this PR simply removes it.
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
zeripath [Fri, 4 Feb 2022 08:30:36 +0000 (08:30 +0000)]
Prevent merge messages from being sorted to the top of email chains (#18566) (#18588)
Backport #18566
Gitea will currrently resend the same message-id for the closed/merged/reopened
messages for issues. This will cause the merged message to leap to the top of an
email chain and become out of sync.
zeripath [Thu, 3 Feb 2022 21:46:24 +0000 (21:46 +0000)]
Fix pushing to 1-x-dev docker tag (#18578) (#18579)
* Fix pushing to 1-x-dev docker tag
It appears that #18551 and #18573 have a mistake in that raymond does not have
an {{else}} on {{#equal}}. This PR notes that Sprig has a hasPrefix function
and so we use this with another if.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix pushing to 1-x-dev docker tag (part 2)
Although we now have the manifest working, we need to create the images.
Here we adjust the .drone.yml to force building of the images
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix pushing to 1-x-dev docker tag
OK now we have the images building we should make sure that the main ones stays
dev and the release/v* ones become *-dev-*
zeripath [Thu, 3 Feb 2022 12:00:33 +0000 (12:00 +0000)]
Make docker gitea/gitea:v1.16-dev etc refer to the latest build on that branch (#18551) (#18569)
Backport #18551
(Backporting this will enable this target to create 1.16-dev)
One of the problems with our current docker tagging is that although we
have strict version tags, latest and dev we do not have a way for docker
users to track the current release branch. This PR simply suggests that
we use the 1.x-dev tag for these and we build and push these. This will
give users who want or need unreleased bug fixes the option of tracking
the pre-release version instead of simply jumping to dev.
zeripath [Wed, 2 Feb 2022 08:40:04 +0000 (08:40 +0000)]
Add `GetUserTeams` (#18499) (#18531)
Backport #18499
* Correct use `UserID` in `SearchTeams`
- Use `UserID` in the `SearchTeams` function, currently it was useless
to pass such information. Now it does a INNER statement to `team_user`
which obtains UserID -> TeamID data.
- Make OrgID optional.
- Resolves #18484
zeripath [Wed, 2 Feb 2022 08:38:28 +0000 (08:38 +0000)]
Fix review excerpt (#18502) (#18530)
Backport #18502
Currently the "File Changed" tab of a PR is somehow broken. This is also true for the current release 1.16.0.
When you are on the "File Changed" tab, and want to look at code excerpt before or after the code changes, the layout breaks. You can test this on try.gitea.io here: https://try.gitea.io/testnotexisting/magic_enum/pulls/2/files
The problem occurs for the unified view and for the split view.
Kind of the same problem was there for commenting a line of code, this was fixed in #18321 and #18403.
For consistency, I changed the solution of #18321, I removed the ``colspan`` and instead added a ``<td>``. The goal was to have code similarly with the split view.
Also the separator line in the split view was in the wrong column, this was fixed too.* more consistent unified review comment
Fix #18516
Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: confusedsushi <confused.sushi@googlemail.com>
zeripath [Tue, 1 Feb 2022 22:46:45 +0000 (22:46 +0000)]
In docker rootless use $GITEA_APP_INI if provided (#18524) (#18535)
Currently when calling `gitea` from any shell in rootless docker image it won't respect my `$GITEA_APP_INI`. Which this change it will use that value when defined instead of the default value.
zeripath [Tue, 1 Feb 2022 22:09:07 +0000 (22:09 +0000)]
Update 1.16.0 changelog to set #17846 as breaking (#18533) (#18534)
Backport #18533
Unfortunately #17846 was determined to be breaking due to affecting ssh passthrough
however, this discovery happened after the changelog was created. Update the
Changelog to mark this as breaking.
GitLab reviews may not have the updated_at field set (#18450) (#18461)
Fallback to created_at if that the case and to time.Now() if it is
also missing.
Fixes: #18434 Co-authored-by: Loïc Dachary <loic@dachary.org>
Conflicts:
services/migrations/gitlab.go
trivial context conflict because var reviews became reviews := in 1.17
It appears that there was a broken merge of the edit.tmpl page during the merge
of #16594 - I am not entirely sure how this happened as the PR was correct.
zeripath [Wed, 19 Jan 2022 21:03:15 +0000 (21:03 +0000)]
Stop trimming preceding and suffixing spaces from editor filenames (#18334)
* Stop trimming preceding and suffixing spaces from editor filenames
In #5702 it was decided to trim preceding and suffixed spaces aswell as / from
editing file filenames. This was because at this point in time the url-safety of
Gitea was much poorer.
We can now drop this requirement and file editing should work correctly.
JonRB [Tue, 18 Jan 2022 10:28:45 +0000 (10:28 +0000)]
Place inline diff comment dialogs in the 4th column. (#18321)
Comment dialogs for inline comments should appear in 4th column (not 3rd column), this PR changes the column that the inline review comment is associated with.
This problem has occurred due to an unrecognised conflict between #17562 and #17315.
The update SQL statements for updating the repository
num_closed_issues & num_closed_pulls fields were repeated in three
functions (repo.CheckRepoStats, migrate.insertIssues and
models.Issue.updateClosedNum) and were moved to a single helper.
The UpdateRepoStats is implemented and called in the Finish migration method so that it happens immediately instead of wating for the
CheckRepoStats to run.
a1012112796 [Sun, 16 Jan 2022 09:32:32 +0000 (17:32 +0800)]
not show double error response in git hook (#18292)
if return a error message to cli, it will print it
to stderr which is duplicate with our code (line 82
in same file). so user will see two line same
error message in git output. I think it's not mecessary,
so suggerst not return error message to cli. Thanks.
Gusted [Sun, 16 Jan 2022 05:14:32 +0000 (05:14 +0000)]
Prevent possible XSS when using jQuery (#18289)
In the case of misuse or misunderstanding from a developer whereby,
if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the
creation of a new element. Current usage is using hard-coded selectors
in the templates, but nobody prevents that from expanding to
user-controlled somehow.
silverwind [Sat, 15 Jan 2022 20:06:29 +0000 (12:06 -0800)]
Add lockfile-check (#18285)
* Add lockfile-check
This check runs `npm install` which will rewrite the lockfile in case it
is inconsistent with package.json. This check detects this and will fail
the CI in such a case.
* BUGFIXES
* Fix inconsistent PR comment counts (#18260) (#18261)
* Fix release link broken (#18252) (#18253)
* Fix update user from site administration page bug (#18250) (#18251)
* Set HeadCommit when creating tags (#18116) (#18173)
* Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
* Fix purple color in suggested label colors (#18241) (#18242)
* SECURITY
* Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)
* update docs/config.yaml
Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Richard Mahn <richmahn@users.noreply.github.com>
migrations: a deadline at January 1st, 1970 is valid (#18237)
* migrations: a deadline at January 1st, 1970 is valid
Do not change the deadline value if it is set to January 1st, 1970.
Setting the deadline to year 9999 when it is zero (which is equal to
January 1st, 1970) modifies a deadline set to January 1st, 1970 which
is a valid date. In addition, setting a date in year 9999 will be
converted to a null date in some cases.
Signed-off-by: Loïc Dachary <loic@dachary.org>
* tests: set milestone.deadline_unix in fixtures
The value of deadline_unix must be set to 253370764800 (i.e. 9999-01-01) in
fixtures, otherwise it will be inserted as null which leads to
unexpected errors. For instance, DumpRepository will store a null
deadline_unix as 0 (i.e. 1970-01-01) and RestoreRepository will change
it to 9999-01-01.
projects / gitea.git / log