Lunny Xiao [Fri, 23 Feb 2024 11:09:18 +0000 (19:09 +0800)]
Adjust changelog for v1.21.6 to move prs to correct labels (#29339) (#29343)
When releasing, the releaser should read all the pull requests carefully
and do some adjustments because some of pull requests' labels are not
right when it's merged.
And the changelog tool needs to be adjusted. If one pull request has
both `bug` and `API`, it should mark it as `bug` but not `API`.
Lunny Xiao [Fri, 23 Feb 2024 07:24:04 +0000 (15:24 +0800)]
Allow options to disable user deletion from the interface on app.ini (#29275)
Extract from #20549
This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to
allow the site administrator to disable users visiting deletion user
interface or allow.
This options are also potentially allowed to define more features in
future PRs.
Earl Warren [Fri, 23 Feb 2024 00:57:24 +0000 (01:57 +0100)]
Add slow SQL query warning (#27545)
- Databases are one of the most important parts of Forgejo, every
interaction uses the database in one way or another. Therefore, it is
important to maintain the database and recognize when the server is not
doing well with the database. There already is the option to log *every*
SQL query along with its execution time, but monitoring becomes
impractical for larger instances and takes up unnecessary storage in the
logs.
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of
Codeberg, monitoring SQL logs is not very fruitful and most of them are
uninteresting. Recently, in the context of persistent deadlock issues
(https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that
certain queries hold locks on tables like comment and issue for several
seconds. This patch helps to identify which queries these are and when
they happen.
- Added unit test.
This PR adds basic SAML support
- Adds SAML 2.0 as an auth source
- Adds SAML configuration documentation
- Adds integration test:
- Use bare-bones SAML IdP to test protocol flow and test account is
linked successfully (only runs on Postgres by default)
- Adds documentation for configuring and running SAML integration test
locally
Future PRs:
- Support group mapping
- Support auto-registration (account linking)
silverwind [Thu, 22 Feb 2024 23:31:24 +0000 (00:31 +0100)]
Upgrade to fabric 6 (#29334)
Upgrade fabric to latest v6 beta. It works for our use case, even
thought it does not fix the upstream issue
https://github.com/fabricjs/fabric.js/issues/9679 that
https://github.com/go-gitea/gitea/issues/29326 relates to.
silverwind [Thu, 22 Feb 2024 21:21:43 +0000 (22:21 +0100)]
Don't show third-party JS errors in production builds (#29303)
So we don't get issues like
https://github.com/go-gitea/gitea/issues/29080 and
https://github.com/go-gitea/gitea/issues/29273 any more. Only active in
[production
builds](https://webpack.js.org/guides/production/#specify-the-mode), in
non-production the errors will still show.
Yarden Shoham [Thu, 22 Feb 2024 17:13:25 +0000 (19:13 +0200)]
Remove jQuery from the repo commit functions (#29230)
- Switched to plain JavaScript
- Tested the commit ellipsis button functionality and it works as before
- Tested the commits statuses tippy functionality and it works as before
- Tested the last commit loader functionality and it works as before
Zettat123 [Thu, 22 Feb 2024 14:47:35 +0000 (22:47 +0800)]
Improve the `issue_comment` workflow trigger event (#29277)
Fix #29175
Replace #29207
This PR makes some improvements to the `issue_comment` workflow trigger
event.
1. Fix the bug that pull requests cannot trigger `issue_comment`
workflows
2. Previously the `issue_comment` event only supported the `created`
activity type. This PR adds support for the missing `edited` and
`deleted` activity types.
3. Some events (including `issue_comment`, `issues`, etc. ) only trigger
workflows that belong to the workflow file on the default branch. This
PR introduces the `IsDefaultBranchWorkflow` function to check for these
events.
GitLab generates "system notes" whenever an event happens within the
platform. Unlike Gitea, those events are stored and retrieved as text
comments with no semantic details. The only way to tell whether a
comment was generated in this manner is the `system` flag on the note
type.
This PR adds detection for two specific kinds of events: Scheduling and
un-scheduling of automatic merges on a PR. When detected, they are
downloaded using Gitea's type for these events, and eventually uploaded
into Gitea in the expected format, i.e. with no text content in the
comment.
This PR also updates the template used to render comments to add support
for migrated comments of these two types.
wxiaoguang [Thu, 22 Feb 2024 07:04:30 +0000 (15:04 +0800)]
Refactor cmd setup and remove deadcode (#29313)
* use `setup(ctx, c.Bool("debug"))` like all other callers
* `setting.RunMode = "dev"` is a no-op.
* `if _, err := os.Stat(setting.RepoRootPath); err != nil` could be
simplified
silverwind [Thu, 22 Feb 2024 03:19:13 +0000 (04:19 +0100)]
Don't install playwright twice (#29302)
1. `playwright/test` is already installed as part of `deps-frontend` on
CI which runs before, so it's better to not install it again (on a
potentially different version), and just use the version from
package.json and add the `deps-frontend` dependency.
2. `PLAYWRIGHT_DIR` is a undefined variable, so I removed it
KN4CK3R [Wed, 21 Feb 2024 18:54:17 +0000 (19:54 +0100)]
Prevent double use of `git cat-file` session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297
Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)
// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```
The problem is the check in `CatFileBatch`:
https://github.com/go-gitea/gitea/blob/79217ea63c1f77de7ca79813ae45950724e63d02/modules/git/repo_base_nogogit.go#L81-L87
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
wxiaoguang [Wed, 21 Feb 2024 10:08:08 +0000 (18:08 +0800)]
Refactor markup rendering to accept general "protocol:" prefix (#29276)
Follow #29024
Major changes:
* refactor validLinksPattern to fullURLPattern and add comments, now it
accepts "protocol:" prefix
* rename `IsLink*` to `IsFullURL*`, and remove unnecessray "mailto:"
check
* fix some comments (by the way)
* rename EmojiShortCodeRegex -> emojiShortCodeRegex (by the way)
silverwind [Wed, 21 Feb 2024 00:05:17 +0000 (01:05 +0100)]
Remove jQuery .map() and enable eslint rules for it (#29272)
- Use case in `repo-commit` was tested until the point where the POST
request was sent with the same payload.
- Use case in `repo-legacy` was tested completely with comment editing.
- `jquery/no-fade` was disabled as well to stay in sync with
`no-jquery/no-fade`, had no violations.
Rafael Heard [Tue, 20 Feb 2024 01:01:48 +0000 (20:01 -0500)]
Left align the input labels for the link account page (#29255)
In a previous [PR](https://github.com/go-gitea/gitea/pull/28753) we
moved the labels to be above the inputs. The PR ensures that the
alignment is also on both tabs of the link account page
(`/user/link_account`).
Before
<img width="1094" alt="before"
src="https://github.com/go-gitea/gitea/assets/6152817/ac1e86bd-c4d6-4e45-87d1-87bb8a736149">
After
<img width="1094" alt="after"
src="https://github.com/go-gitea/gitea/assets/6152817/1b5fc109-f4d2-43ee-b924-0a9e53a0e391">
vincent [Mon, 19 Feb 2024 14:50:03 +0000 (22:50 +0800)]
Fix content size does not match error when uploading lfs file (#29259)
![image](https://github.com/go-gitea/gitea/assets/38434877/cd726b4d-4771-4547-8aee-ae4e4b56b1d1)
When we update an lfs file by API
`api/v1/repos/{owner}/{repo}/contents/{filepath}`, there will show an
error
```json
{
"message": "Put \"http://localhost:9000/gitea/lfs/38/92/05904d6c7bb83fc676513911226f2be25bf1465616bb9b29587100ab1414\": readfrom tcp [::1]:57300->[::1]:9000: content size does not match",
"url": "http://localhost:3000/api/swagger"
}
```
The reason of this error is
https://github.com/go-gitea/gitea/blob/main/services/repository/files/update.go,
in this file, the `file.ContentReader` been used twice. So when use
`file.ContentReader` in the second time, the `i` of this Reader has been
updated to the length of the content. it will return 0 and an `io.EOF`
error when we try to read cotent from this Reader.
Şahin Akkaya [Mon, 19 Feb 2024 12:47:38 +0000 (15:47 +0300)]
Deduplicate translations for contributors graph (#29256)
I have implemented three graph pages
([contributors](https://github.com/go-gitea/gitea/pull/27882), [code
frequency](https://github.com/go-gitea/gitea/pull/29191) and [recent
commits](https://github.com/go-gitea/gitea/pull/29210)) and they have
all same page title as the tab name so I decided to use same
translations for them. This PR is for contributors graph. Other PR's
have their own respective commits.
Jason Song [Mon, 19 Feb 2024 09:31:36 +0000 (17:31 +0800)]
Do not use lower tag names to find releases/tags (#29261)
Fix #26090, see
https://github.com/go-gitea/gitea/issues/26090#issuecomment-1952013206
Since `TagName` stores the original tag name and `LowerTagName` stores
the lower tag name, it doesn't make sense to use lowercase tags as
`TagNames` in `FindReleasesOptions`.
silverwind [Mon, 19 Feb 2024 02:23:06 +0000 (03:23 +0100)]
Downscale pasted PNG images based on metadata (#29123)
Some images like MacOS screenshots contain
[pHYs](http://www.libpng.org/pub/png/book/chapter11.html#png.ch11.div.8)
data which we can use to downscale uploaded images so they render in the
same dppx ratio in which they were taken.
When cleanup artifacts, it removes storage first. If storage is not
exist (maybe delete manually), it gets error and continue loop. It makes
a dead loop if there are a lot pending but non-existing artifacts.
Now it updates db record at first to avoid keep a lot of pending status
artifacts.
yp05327 [Sun, 18 Feb 2024 10:58:46 +0000 (19:58 +0900)]
Implement some action notifier functions (#29173)
Fix #29166
Add support for the following activity types of `pull_request`
- assigned
- unassigned
- review_requested
- review_request_removed
- milestoned
- demilestoned
zhangnew [Sun, 18 Feb 2024 10:04:58 +0000 (18:04 +0800)]
Update docs for actions variables (#29239)
the variables is supported, see
https://github.com/go-gitea/gitea/blob/a784ed3d6c6946fd9bf95f2e910f52f549326fe2/docs/content/usage/actions/act-runner.zh-cn.md?plain=1#L262-L289
wxiaoguang [Sun, 18 Feb 2024 09:52:02 +0000 (17:52 +0800)]
Refactor more code in templates (#29236)
Follow #29165.
* Introduce JSONTemplate to help to render JSON templates
* Introduce JSEscapeSafe for templates. Now only use `{{ ... |
JSEscape}}` instead of `{{ ... | JSEscape | Safe}}`
* Simplify "UserLocationMapURL" useage
Jimmy Praet [Sat, 17 Feb 2024 14:07:56 +0000 (15:07 +0100)]
Load outdated comments when (un)resolving conversation on PR timeline (#29203)
Relates to #28654, #29039 and #29050.
The "show outdated comments" flag should only apply to the file diff
view.
On the PR timeline, outdated comments are always shown.
So they should also be loaded when (un)resolving a conversation on the
timeline page.
There is a missing newline when generating the debian apt repo InRelease
file, which results in output like:
```
[...]
Date: Wed, 14 Feb 2024 05:03:01 UTC
Acquire-By-Hash: yesMD5Sum: 51a518dbddcd569ac3e0cebf330c800a 3018 main-dev/binary-amd64/Packages
[...]
```
It appears this would probably result in apt ignoring the
Acquire-By-Hash setting and not using the by-hash functionality,
although I'm not sure how to confirm it.
silverwind [Fri, 16 Feb 2024 21:41:23 +0000 (22:41 +0100)]
Add `eslint-plugin-github` and fix issues (#29201)
This plugin has a few useful rules. The only thing I dislike about it is
that it pulls in a rather big number of dependencies for react-related
rules we don't use, but it can't really be avoided.
Yarden Shoham [Fri, 16 Feb 2024 15:52:50 +0000 (17:52 +0200)]
Remove jQuery from username change prompt and fix its detection (#29197)
- Switched to plain JavaScript
- Tested the user rename prompt toggling functionality and it works as
before
- Fixed bug that allowed pasting with the mouse to avoid the prompt
> If the .NOTPARALLEL special target with no prerequisites is specified
anywhere then the entire instance of make will be run serially,
regardless of the parallel setting
Yarden Shoham [Fri, 16 Feb 2024 02:52:25 +0000 (04:52 +0200)]
Auto-update the system status in admin dashboard (#29163)
- Refactor the system status list into its own template
- Change the backend to return only the system status if htmx initiated
the request
- `hx-get="{{$.Link}}/system_status`: reuse the backend handler
- `hx-swap="innerHTML"`: replace the `<div>`'s innerHTML (essentially
the new template)
- `hx-trigger="every 5s"`: call every 5 seconds
- `hx-indicator=".divider"`: the `is-loading` class shouldn't be added
to the div during the request, so set it on an element it has no effect
on
- Render "Since Last GC Time" with `<relative-time>`, so we send a
timestamp
silverwind [Fri, 16 Feb 2024 02:27:45 +0000 (03:27 +0100)]
Avoid vue warning in dev mode (#29188)
`vue` currently outputs a warning for this undefined variable during
development, which is apparently caused by a bug in `vue-cli`.
Workaround by setting this variable.
---
#### Overview
This is the implementation of a requested feature: Contributors graph
(#847)
It makes Activity page a multi-tab page and adds a new tab called
Contributors. Contributors tab shows the contribution graphs over time
since the repository existed. It also shows per user contribution graphs
for top 100 contributors. Top 100 is calculated based on the selected
contribution type (commits, additions or deletions).
---
#### Demo
(The demo is a bit old but still a good example to show off the main
features)
- Select contribution type (commits, additions or deletions)
- See overall and per user contribution graphs for the selected
contribution type
- Zoom and pan on graphs to see them in detail
- See top 100 contributors based on the selected contribution type and
selected time range
- Go directly to users' profile by clicking their name if they are
registered gitea users
- Cache the results so that when the same repository is visited again
fetching data will be faster