Yarden Shoham [Sat, 15 Oct 2022 20:10:25 +0000 (23:10 +0300)]
Use own Go version instead of hardcoded 1.17 for `make fmt` (#21457)
We should make sure we're using the same version across the codebase.
* We upgraded in #19918 but forgot about the following line
https://github.com/go-gitea/gitea/blob/6bb6a108e0c03b323402b452fc05c6845f7d00df/build/code-batch-process.go#L273
Yarden Shoham [Sat, 15 Oct 2022 18:24:41 +0000 (21:24 +0300)]
Add `code` highlighting in issue titles (#21432)
This changes the rendering logic of issue titles. If a substring in an
issue title is enclosed with a pair of backticks, it'll be rendered with
a monospace font (HTML `code` tag).
Yarden Shoham [Fri, 14 Oct 2022 19:09:04 +0000 (22:09 +0300)]
Fix Drone pushing commits with wrong author info (#21450)
I don't know how to test this so I'll explain my thought process:
After a discussion with @techknowlogick in
https://github.com/go-gitea/gitea/commit/cda2c38f4a61ef7f448be3efab5420d9974c8474
I saw the CI config has this block:
I don't know much about Drone but after looking at
[appleboy/drone-git-push](https://github.com/appleboy/drone-git-push)'s
source code, I think each setting becomes an environment variable (e.g.
`remote` to `PLUGIN_REMOTE`, `commit_message` to `PLUGIN_COMMIT_MESSAGE`
etc...). Take a look at the code block loading the author info:
silverwind [Fri, 14 Oct 2022 13:36:16 +0000 (15:36 +0200)]
Switch from jest to vitest (#21444)
Even if we are not bundling with `vite` yet, we can use `vitest` in
place of Jest which brings a few benefits like not requiring to use
`NODE_OPTIONS` to run and having sane module resolution.
It's possible to also use `jest-extended` with vitest, but I opted to
not do so for now because it brings heavyweight dependencies and it was
trivial to just rewrite the affected matchers to be compatible.
This PR also removes 153 JS dependencies, which is certainly nice.
silverwind [Fri, 14 Oct 2022 09:43:25 +0000 (11:43 +0200)]
Diff file tree tweaks (#21446)
- Left-align the diff stat line again like previously.
- Default the file tree to collapsed view, which means the tree will
rendered initially collapsed and it may "pop in" via JS if enabled. I
think this is more desirable than having the empty space for the tree
"pop out" like it currently does.
- Mute the icon, removing color unless hovered.
- Increase icon size and vertically center it.
Neel [Thu, 13 Oct 2022 08:31:10 +0000 (14:01 +0530)]
Fix #21406: Hide repo information from file view/blame mode (#21420)
# Summary
The repo information such as description, stats and topics are getting
displayed in the top-bar when viewing a file. This has been fixed to
display the repo information only while navigating the repo and not
while viewing or blaming a file from the repo
Yarden Shoham [Wed, 12 Oct 2022 21:14:14 +0000 (00:14 +0300)]
Respect user's locale when rendering the date range in the repo activity page (#21410)
# Description
Previously, to make the date range understood by all, we used the format
"2006-01-02" for the dates as it's locale-generic.
This commit changes the rendering logic. Instead of rendering the date
on the server, we send a formatted computer-readable timestamp. The
client's javascript then renders it according to the user's locale.
This approach is reusable across the codebase, any `<time></time>` tag
with the data-format="date" attribute would get rendered according to
the user's chosen locale.
Clar Fon [Wed, 12 Oct 2022 16:17:55 +0000 (12:17 -0400)]
Add HEAD fix to gitea doctor (#21352)
Due to a bug in presumably an older version of Gitea, multiple of my
repositories still have their HEADs pointing to a `master` branch while
the default branch on the UI is listed as `main`. This adds a `gitea
doctor` command that will fix all of the HEAD references for repos when
they're not synchronized with the default branch in the DB.
This will help with cloning to ensure that git automatically checks out
the right branch, instead of a nonexistent one.
Note: I'm not sure if I actually need to do more other than add a file
here. Will try testing this out on my server soon.
KN4CK3R [Wed, 12 Oct 2022 16:17:28 +0000 (18:17 +0200)]
Contribution guidelines (#21425)
Some changes to the contribution guidelines.
- I removed the `Large Character Comments` part because I think they are
bad design. They are used in big files to group sections of code. This
code should be organized into individual files.
- Updated some paths.
- Added `Documentation` because our documentation is not good at the
moment. We should enforce documentation of newly added features to help
our users.
Andreas Fischer [Wed, 12 Oct 2022 02:44:09 +0000 (04:44 +0200)]
Make e-mail sanity check more precise (#20991)
For security reasons, all e-mail addresses starting with
non-alphanumeric characters were rejected. This is too broad and rejects
perfectly valid e-mail addresses. Only leading hyphens should be
rejected -- in all other cases e-mail address specification should
follow RFC 5322.
zeripath [Tue, 11 Oct 2022 16:26:22 +0000 (17:26 +0100)]
Do DB update after merge in hammer context (#21401)
When merge was changed to run in the background context, the db updates
were still running in request context. This means that the merge could
be successful but the db not be updated.
This PR changes both these to run in the hammer context, this is not
complete rollback protection but it's much better.
Fix #21332
Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Anbraten [Tue, 11 Oct 2022 16:15:14 +0000 (18:15 +0200)]
add gitpod config (#20995)
Add a config for <https://www.gitpod.io/>. This allows users to easily
run an online IDE pre-configured to develop and test Gitea by opening
<https://gitpod.io/#https://github.com/go-gitea/gitea>.
[![Open in
Gitpod](https://gitpod.io/button/open-in-gitpod.svg)](https://gitpod.io/#https://github.com/go-gitea/gitea)
KN4CK3R [Tue, 11 Oct 2022 11:54:44 +0000 (13:54 +0200)]
Redirect to new repository owner (#21398)
Fixes #17655
If you rename `user1` to `user2` and visit `/user1` you get redirected
to `/user2`. But if you visit `/user1/repo` you just get a 404 error.
With this PR the user is redirected to `/user2/repo`.
Lunny Xiao [Tue, 11 Oct 2022 08:57:37 +0000 (16:57 +0800)]
log real ip of requests from ssh (#21216)
Partially fix #21213.
This PR will get client IP address from SSH_CONNECTION env which should
be the first field of that. And deliver it to the internal API so Gitea
routers could record the real IP from SSH requests.
Gusted [Tue, 11 Oct 2022 06:41:39 +0000 (06:41 +0000)]
Add Num{Issues,Pulls} stats checks (#21404)
- Currently `repository.Num{Issues,Pulls}` weren't checked and could
become out-of-consistency. Adds these two checks to `CheckRepoStats`.
- Fix incorrect SQL query for `repository.NumClosedPulls`, the check
should be for `repo_num_pulls`.
- Reference: https://codeberg.org/Codeberg/Community/issues/696
silverwind [Mon, 10 Oct 2022 18:45:02 +0000 (20:45 +0200)]
Hook go-licenses into tidy again (#21353)
Running it as part of the build is really unnecessary because we have a
valid output file in the repo and assuming go dependencies do not change
unless go.mod also changes, tidy really is the best target to run the
license generation after.
Also, regenerate the file as I missed to do so during the chroma update,
and mark all json files in assets as generated.
qwerty287 [Sun, 9 Oct 2022 12:07:41 +0000 (14:07 +0200)]
Allow creation of OAuth2 applications for orgs (#18084)
Adds the settings pages to create OAuth2 apps also to the org settings
and allows to create apps for orgs.
Refactoring: the oauth2 related templates are shared for
instance-wide/org/user, and the backend code uses `OAuth2CommonHandlers`
to share code for instance-wide/org/user.
unfortunately their api documentation leaves this out:
https://github.com/npm/registry/blob/master/docs/responses/package-metadata.md#abbreviated-version-objectdoc
which is likely to be the reason this was left out in gitea's initial
implementation
this response is critical for npm to install the binary in the `.bin`
folder so as to be included on the users default bin path, resulting in
immediate access to any binaries provided by the package
zeripath [Fri, 7 Oct 2022 21:02:24 +0000 (22:02 +0100)]
Add nicer error handling on template compile errors (#21350)
There are repeated issues reported whereby users are unable to interpret
the template errors. This PR adds some (somewhat complex) error handling
to the panic recovery for template renderering but hopefully makes the
interpretation of the error easier.
delvh [Fri, 7 Oct 2022 09:48:03 +0000 (11:48 +0200)]
Add new CSS variables --color-accent and --color-small-accent (#21305)
At the moment, this is only used to replace the color of the `viewed`
checkbox and of the `has changed` label.
Previously, the used variable accentuated always either darker or
lighter, which meant that one theme looked good while the other didn't.
M Hickford [Fri, 7 Oct 2022 02:53:49 +0000 (03:53 +0100)]
Parse OAuth Authorization header when request omits client secret (#21351)
This fixes error "unauthorized_client: invalid client secret" when
client includes secret in Authorization header rather than request body.
OAuth spec permits both.
Sanity validation that client id and client secret in request are
consistent with Authorization header.
Improve error descriptions. Error codes remain the same.
Joe Constant [Thu, 6 Oct 2022 20:53:02 +0000 (14:53 -0600)]
Add redirect of /upgrade/ to /upgrade-from-gitea/ on docs site (#21330)
Since adding an aliases block doesn't seem to work locally for me (I
suspect because a page actually exists and Hugo is granting preference
to existing pages over aliases), I also added entries to
static/_redirects file so Netlify will handle the redirects
Clark Boylan [Thu, 6 Oct 2022 20:51:38 +0000 (13:51 -0700)]
Update to go-enry v2.8.3 (#21360)
This fixes an issue with enry's isVendor() method being too greedy. This
lead to gitea classifying unvendored code as vendored. The impact of
this is fairly minimal, but our Gitea users did notice which led me to
fixing this in go-enry. Some files will be tagged with a vendored flag
in the UI. I think it also impacts the calculation of language
statistics in the repo as vendored files are not incorporated into the
stats.
For more information on the issue see the go-enry bug:
https://github.com/go-enry/go-enry/issues/135
Add `stat` to `ToCommit` function for speed (#21337)
Calls to ToCommit are very slow due to fetching diffs, analyzing files.
This patch lets us supply `stat` as false to speed fetching a commit
when we don't need the diff.
/v1/repo/commits has a default `stat` set as true now. Set to false to
experience fetching thousands of commits per second instead of 2-5 per
second.
Clar Fon [Sat, 1 Oct 2022 17:26:33 +0000 (13:26 -0400)]
Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)
Only load SECRET_KEY and INTERNAL_TOKEN if they exist.
Never write the config file if the keys do not exist, which was only a fallback for Gitea upgraded from < 1.5
Chongyi Zheng [Sat, 1 Oct 2022 13:07:05 +0000 (09:07 -0400)]
Fix issue that `sync_on_commit` is not set (#21309)
<!--
Please check the following:
1. Make sure you are targeting the `main` branch, pull requests on
release branches are only allowed for bug fixes.
2. Read contributing guidelines:
https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md
3. Describe what your pull request does and which issue you're targeting
(if any)
-->
Fixes #21308.
With the original frontend template
`templates/repo/settings/options.tmpl`, the field
`push_mirror_sync_on_commit` is always empty even when checkbox is
checked. Removing `value` from the input tag seems to solve the issue,
and will set `push_mirror_sync_on_commit: on` when the checkbox is
checked.
(I'm not familiar with the frontend logics Gitea is using, so I don't
really understand the cause of it)
Add pages to view watched repos and subscribed issues/PRs (#17156)
Adds GitHub-like pages to view watched repos and subscribed issues/PRs
This is my second try to fix this, but it is better than the first since
it doesn't uses a filter option which could be slow when accessing
`/issues` or `/pulls` and it shows both pulls and issues (the first try
is #17053).
M Hickford [Wed, 28 Sep 2022 19:10:27 +0000 (20:10 +0100)]
Improve error descriptions for unauthorized_client (#21292)
Fixes #21282
As suggested by the [OAuth RFC](https://www.rfc-editor.org/rfc/rfc6749)
(quoted below), it's helpful to give more detail in the description
> error_description
OPTIONAL. Human-readable ASCII
[[USASCII](https://www.rfc-editor.org/rfc/rfc6749#ref-USASCII)] text
providing **additional information, used to assist the client developer
in understanding the error that occurred.**
Values for the "error_description" parameter MUST NOT include characters
outside the set %x20-21 / %x23-5B / %x5D-7E.
Add support for authentication based on reverse proxy email (#19949)
This is useful in scenarios where the reverse proxy may have knowledge
of user emails, but does not know about usernames set on gitea,
as in the feature request in #19948.
I tested this by setting up a fresh gitea install with one user `mhl`
and email `m.hasnain.lakhani@gmail.com`. I then created a private repo,
and configured gitea to allow reverse proxy authentication.
Via curl I confirmed that these two requests now work and return 200s: