]> source.dussan.org Git - gitea.git/log
gitea.git
2 years agoCheck issue labels slice length before calling xorm Insert(#20655) (#20836)
zeripath [Wed, 17 Aug 2022 22:36:56 +0000 (23:36 +0100)]
Check issue labels slice length before calling xorm Insert(#20655) (#20836)

Backport #20655

Fix #20654

Co-authored-by: Gabriel Vasile <gabriel.vasile@email.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2 years agoExecutable check always returns true for windows (#20637) (#20835)
zeripath [Wed, 17 Aug 2022 22:34:29 +0000 (23:34 +0100)]
Executable check always returns true for windows (#20637) (#20835)

Backport #20637

Windows doesn't have the concept of "executable" POSIX bits so for now always return true to minimise doctor and logging noise. Addresses #20636

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: JonRB <4564448+eeyrjmr@users.noreply.github.com>
Co-authored-by: silverwind <me@silverwind.io>
2 years agoCorrectly escape within tribute.js (#20831) (#20832)
zeripath [Wed, 17 Aug 2022 20:09:28 +0000 (21:09 +0100)]
Correctly escape within tribute.js (#20831) (#20832)

Backport #20831

When writing html in tribute.js ensure that strings are properly escaped.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2 years agoUse the total issue count for UI (#20785) (#20827)
parnic [Wed, 17 Aug 2022 17:25:07 +0000 (12:25 -0500)]
Use the total issue count for UI (#20785) (#20827)

Backport #20785

This fixes a problem where the "All" line item on the Issues or Pull Requests page was only showing the count of the selected repos instead of the total of all issues/prs in all repos.

The "total number of shown issues" number is now stashed in a different context variable in case it wants to be used by the frontend later. It's currently not being used.

Fixes #20574

2 years agofix merge (#20819)
Lunny Xiao [Wed, 17 Aug 2022 15:33:26 +0000 (23:33 +0800)]
fix merge (#20819)

2 years agoImprove comment header for mobile (#20781) (#20789)
Gusted [Mon, 15 Aug 2022 11:09:46 +0000 (11:09 +0000)]
Improve comment header for mobile (#20781) (#20789)

- Backport #20781
  - Since b9e8fa5 the avatar will be inlined into the comment header, so there's more room for the actual comment container(thus more text per line in the comment body). However this didn't take into consideration that the flex didn't allow any wrapping and thus was shrinking the avatar. Well this isn't a perfect solution, as you ideally all want these elements to be individually wrapped(such that comment-header-right can be on the same line as comment-header-left, which now causes a new line in certain situations). It's a better solution than the current CSS and to not mess with the desktop CSS/HTML.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoAdd missing translation for queue flush workers (#20791) (#20792)
Gusted [Sun, 14 Aug 2022 20:03:04 +0000 (20:03 +0000)]
Add missing translation for queue flush workers (#20791) (#20792)

- Backport #20791
  - Add a missing translation key and value for the flush worker indication
  - Resolves #20770

2 years agoFix git.Init for doctor sub-command (#20782) (#20783)
wxiaoguang [Sat, 13 Aug 2022 16:32:44 +0000 (00:32 +0800)]
Fix git.Init for doctor sub-command (#20782) (#20783)

2 years agoMake branch icon stand out more (#20726) (#20774)
Gusted [Fri, 12 Aug 2022 19:38:17 +0000 (19:38 +0000)]
Make branch icon stand out more (#20726) (#20774)

- Backport #20726
  - Currently the branch icon is "squashed" between the two branch names and feels a bit "amateur-ish" to my feeling(relative to other UI elements).
  - This patch tries to improve that by making the icon bigger and by adding some margin to not have a "squashed" icon.
  - This patch also includes a "fix", for some reason this symbol is not centering correctly. So apply allign-items: center to the top div

2 years agoAdd disable download source configuration (#20548) (#20579)
Lunny Xiao [Fri, 12 Aug 2022 15:53:10 +0000 (23:53 +0800)]
Add disable download source configuration (#20548) (#20579)

* Add disable download source configuration (#20548)

Add configuration to enable/disable download source from UI.

Co-authored-by: zeripath <art27@cantab.net>
* Fix BaseVars not used in renderering

* Fix disabled open in vscode menu when disabling download source from UI

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2 years agoCheck webhooks slice length before calling xorm (#20642) (#20768)
Lunny Xiao [Fri, 12 Aug 2022 08:36:45 +0000 (16:36 +0800)]
Check webhooks slice length before calling xorm (#20642) (#20768)

Fixes: #20641
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Gabriel Vasile <gabriel.vasile@email.com>
2 years agoRemove manual rollback for failed generated repositories (#20639) (#20762)
wxiaoguang [Thu, 11 Aug 2022 10:11:49 +0000 (18:11 +0800)]
Remove manual rollback for failed generated repositories (#20639) (#20762)

Generating repositories from a template is done inside a transaction.
Manual rollback on error is not needed and it always results in error
"repository does not exist".

Co-authored-by: Gabriel Vasile <gabriel.vasile@email.com>
2 years agoFix loading button with invalid form (#20754) (#20759)
silverwind [Thu, 11 Aug 2022 08:26:09 +0000 (10:26 +0200)]
Fix loading button with invalid form (#20754) (#20759)

Previously, if a invalid form was submitted (for example issue with no
title), the form could not be re-submitted again because the button
would not stay stuck in loading state. Fix that by hooking the 'submit'
event instead which triggers only when the form is valid.

2 years agoUse correct field name. (#20675) (#20760)
KN4CK3R [Thu, 11 Aug 2022 07:43:18 +0000 (09:43 +0200)]
Use correct field name. (#20675) (#20760)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoAdd support for NuGet API keys (#20721) (#20734)
KN4CK3R [Tue, 9 Aug 2022 21:56:18 +0000 (23:56 +0200)]
Add support for NuGet API keys (#20721) (#20734)

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2 years agoKeep download count on Container tag overwrite (#20728) (#20735)
KN4CK3R [Tue, 9 Aug 2022 15:33:45 +0000 (17:33 +0200)]
Keep download count on Container tag overwrite (#20728) (#20735)

Co-authored-by: 6543 <6543@obermui.de>
2 years agoFix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707)
Lunny Xiao [Mon, 8 Aug 2022 15:58:11 +0000 (23:58 +0800)]
Fix v220 migration to be compatible for MSSQL 2008 r2 (#20702) (#20707)

2 years ago Fix SecToTime edge-cases (#20610) (#20611)
Gusted [Mon, 8 Aug 2022 05:09:12 +0000 (05:09 +0000)]
 Fix SecToTime edge-cases (#20610) (#20611)

2 years agoUpdate issues.ref_closing_from in locale_ru-RU.ini (#20699)
Maxim Slipenko [Sun, 7 Aug 2022 10:32:07 +0000 (13:32 +0300)]
Update issues.ref_closing_from in locale_ru-RU.ini (#20699)

2 years agoUse request timeout for git service rpc (#20689) (#20693)
parnic [Sun, 7 Aug 2022 02:37:48 +0000 (21:37 -0500)]
Use request timeout for git service rpc (#20689) (#20693)

This enables git.Command's Run to optionally use the given context directly so its deadline will be respected. Otherwise, it falls back to the previous behavior of using the supplied timeout or a default timeout value of 360 seconds.

repo's serviceRPC() calls now use the context's deadline (which is unset/unlimited) instead of the default 6-minute timeout. This means that large repo clones will no longer arbitrarily time out on the upload-pack step, and pushes can take longer than 6 minutes on the receive-pack step.

Fixes #20680

2 years agoUse correct context to get package content (#20673) (#20676)
KN4CK3R [Fri, 5 Aug 2022 18:55:16 +0000 (20:55 +0200)]
Use correct context to get package content (#20673) (#20676)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoSend correct NuGet status codes (#20647) (#20677)
KN4CK3R [Fri, 5 Aug 2022 01:38:04 +0000 (03:38 +0200)]
Send correct NuGet status codes (#20647) (#20677)

* Fixed status codes.

* Fixed status codes.

2 years agoAdd username check to doctor (#20140) (#20671)
John Olheiser [Thu, 4 Aug 2022 16:07:07 +0000 (11:07 -0500)]
Add username check to doctor (#20140) (#20671)

* Add username check to doctor

- Add a new breaking change detector to Gitea's doctor, which checks if
all users still have a valid username according to Gitea. Given from
time-to-time we need to make changes, either due to new routes or due to
security, it's for a instance's admin to check if all users still have a
valid username.

* Fix extra argument

* Apply suggestions from code review

* Apply suggestions from code review

2 years agoFix the JS error "EventSource is not defined" caused by some non-standard browsers...
wxiaoguang [Thu, 4 Aug 2022 11:20:54 +0000 (19:20 +0800)]
Fix the JS error "EventSource is not defined" caused by some non-standard browsers (#20584) (#20663)

2 years agoAdd default commit messages to PR for squash merge (#20618) (#20645)
wxiaoguang [Thu, 4 Aug 2022 03:11:59 +0000 (11:11 +0800)]
Add default commit messages to PR for squash merge (#20618) (#20645)

Keep the same behavior as 1.16

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: Tyrone Yeh <tyrone_yeh@draytek.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2 years agoFix package upload for files >32mb (#20622) (#20635)
KN4CK3R [Tue, 2 Aug 2022 22:45:38 +0000 (00:45 +0200)]
Fix package upload for files >32mb (#20622) (#20635)

* Rewind file before first read.
* Added tests.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoAdjust line detection in highlight.go (#20612)
wxiaoguang [Tue, 2 Aug 2022 17:37:28 +0000 (01:37 +0800)]
Adjust line detection in highlight.go (#20612)

The code for detection of lines in highlight.go is somewhat too complex
and doesn't take account of how Chroma is actually splitting things into
lines for us.

Remove both the .line and .cl classes from Chroma's HTML which made
the old conditional work again. This fixed Copy of YAML files while also
reducing the amount of rendered HTML nodes.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2 years agoDisplay project in issue list (#20583)
aceArt-GmbH [Tue, 2 Aug 2022 14:14:31 +0000 (16:14 +0200)]
Display project in issue list (#20583)

Co-authored-by: lukas <lukas.walter@aceart.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoEnable Wire 2 for Internal SSH Server (#20616) (#20617)
Gusted [Tue, 2 Aug 2022 07:58:57 +0000 (09:58 +0200)]
Enable Wire 2 for Internal SSH Server (#20616) (#20617)

- Backport of #20616
  - Git only decides to use the Wire 2 protocol when `git {receive,upload}-pack` receive the `GIT_PROTOCOL` environment with as value `version=2`. Currently the internal SSH Server wasn't passing this environment through. The `gitea serv` code already passed all received environments to the git command, so no code changes there.
  - This is mentioned in Git manual, https://git-scm.com/docs/git#Documentation/git.txt-codeGITPROTOCOLcode

2 years agoClean up and fix clone button script (#20415 & #20600) (#20599)
silverwind [Tue, 2 Aug 2022 04:31:38 +0000 (06:31 +0200)]
Clean up and fix clone button script (#20415 & #20600) (#20599)

* Clean up and fix clone button script (#20415)

The button 'primary' class needs to be set in a synchronous script to prevent flicker of the button which was regressed recently, fixed that.

Additionally, reduced the two script tags to just one, the previous scripts were actually initializing the buttons thrice on the empty repo page, now it only initializes once. Finally, removed duplicate code and re-used the inline function in the update code as well.

I had to split out the script into a separate template as on the empty repo page, the script needs access to the clone URL span in the example text, which is rendered below the clone buttons, so buttons and script could not be combined.

* Add default value for clone URLs

Default clone URLs to HTTP(S) in DOM rendering. JS will immediately
replace this if the user preference is SSH.

Fixes: https://github.com/go-gitea/gitea/issues/20558
2 years agoFix default merge style for pull requests (#20564) (#20565)
wxiaoguang [Sun, 31 Jul 2022 14:41:06 +0000 (22:41 +0800)]
Fix default merge style for pull requests (#20564) (#20565)

2 years agoChangelog v1.17.0 (#20541) v1.17.0
6543 [Sat, 30 Jul 2022 19:08:25 +0000 (21:08 +0200)]
Changelog v1.17.0 (#20541)

2 years agoWebAuthn CredentialID field needs to be increased in size (#20530) (#20555)
6543 [Sat, 30 Jul 2022 18:16:25 +0000 (20:16 +0200)]
WebAuthn CredentialID field needs to be increased in size (#20530) (#20555)

WebAuthn have updated their specification to set the maximum size of the
CredentialID to 1023 bytes. This is somewhat larger than our current
size and therefore we need to migrate.

The PR changes the struct to add CredentialIDBytes and migrates the CredentialID string
to the bytes field before another migration drops the old CredentialID field. Another migration
renames this field back.

Fix #20457

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2 years agoRework raw file http header logic (#20484) (#20542)
silverwind [Sat, 30 Jul 2022 16:37:02 +0000 (18:37 +0200)]
Rework raw file http header logic (#20484) (#20542)

- Always respect the user's configured mime type map
- Allow more types like image/pdf/video/audio to serve with correct content-type
- Shorten cache duration of raw files to 5 minutes, matching GitHub
- Don't set `content-disposition: attachment`, let the browser decide whether it wants to download or display a file directly
- Implement rfc5987 for filenames, remove previous hack. Confirmed it working in Safari.
- Make PDF attachment work in Safari by removing `sandbox` attribute.

This change will make a lot more file types open directly in browser now. Logic should generally be more readable than before with less `if` nesting and such.

Replaces: https://github.com/go-gitea/gitea/pull/20460
Replaces: https://github.com/go-gitea/gitea/pull/20455
Fixes: https://github.com/go-gitea/gitea/issues/20404
2 years agoAdd Docker /v2/_catalog endpoint (#20469) (#20556)
6543 [Sat, 30 Jul 2022 15:52:04 +0000 (17:52 +0200)]
Add Docker /v2/_catalog endpoint (#20469) (#20556)

* Added properties for packages.
* Fixed authenticate header format.
* Added _catalog endpoint.
* Check owner visibility.
* Extracted condition.
* Added test for _catalog.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2 years agoUpdate notification count for non-mobile version (#20544)
Gusted [Sat, 30 Jul 2022 02:28:48 +0000 (04:28 +0200)]
Update notification count for non-mobile version (#20544)

- Since #20108 we have two version of the notification bell, one for
mobile the other for non-mobile. However the code only accounts for one
notification count and thus was only updating the non-mobile one.
- This code fixes that by applying the code for all `.notification_count`s.
- Frontport will be in #20543

2 years agoAdd missing Tabs on organisation/package view (#20539)
6543 [Fri, 29 Jul 2022 17:14:50 +0000 (19:14 +0200)]
Add missing Tabs on organisation/package view (#20539)

hotfix #20106

2 years agoEnsure that all unmerged files are merged when conflict checking (#20528) (#20536)
6543 [Fri, 29 Jul 2022 13:37:18 +0000 (15:37 +0200)]
Ensure that all unmerged files are merged when conflict checking (#20528) (#20536)

There is a subtle bug in the code relating to collating the results of
`git ls-files -u -z` in `unmergedFiles()`. The code here makes the
mistake of assuming that every unmerged file will always have a stage 1
conflict, and this results in conflicts that occur in stage 3 only being
dropped.

This PR simply adjusts this code to ensure that any empty unmergedFile
will always be passed down the channel.

The PR also adds a lot of Trace commands to attempt to help find future
bugs in this code.

Fix #19527

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2 years agoUpdate lunny/levelqueue to prevent NPE when reads are performed after close (#20534...
6543 [Fri, 29 Jul 2022 12:58:56 +0000 (14:58 +0200)]
Update lunny/levelqueue to prevent NPE when reads are performed after close (#20534) (#20537)

Co-authored-by: zeripath <art27@cantab.net>
2 years agoStop logging EOFs and exit(1)s in ssh handler (#20476) (#20529)
zeripath [Fri, 29 Jul 2022 00:10:42 +0000 (01:10 +0100)]
Stop logging EOFs and exit(1)s in ssh handler (#20476) (#20529)

Backport #20476

The code in modules/ssh/ssh.go:sessionHandler() currently cause an error to be
logged if `gitea serv` exits with a exit(1). This logging is useless because the
accompanying stderr is not provided and in any case the exit(1) is most likely due
to permissions errors.

Further it then causes the EOF to be logged - even though this is not helpful.

This PR simply checks the errors returned and stops logging them.

In the case of misconfigurations causing `gitea serv` to fail with exit(1)
the current logging is not helpful at determining this and users should simply
review the message passed over the ssh connection.

Fix #20473

Signed-off-by: Andrew Thornton <art27@cantab.net>
2 years agopackages/generic: Do not restrict package versions to SemVer (#20414) (#20531)
6543 [Thu, 28 Jul 2022 23:17:56 +0000 (01:17 +0200)]
packages/generic: Do not restrict package versions to SemVer (#20414) (#20531)

There are existing packages out there whose version do not conform to SemVer, yet, one would like to have them available in a generic package repository. To this end, remove the SemVer restriction on package versions when using the Generic package registry, and replace it with a check that simply makes sure the version isn't empty.

Signed-off-by: Gergely Nagy <me@gergo.csillger.hu>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Gergely Nagy <algernon@users.noreply.github.com>
2 years agoAdd labels to two buttons that were missing them (#20419) (#20524)
6543 [Thu, 28 Jul 2022 20:21:36 +0000 (22:21 +0200)]
Add labels to two buttons that were missing them (#20419) (#20524)

Backport #20419

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2 years agoAllow non-semver packages in the Conan package registry (#20412) (#20523)
6543 [Thu, 28 Jul 2022 20:19:56 +0000 (22:19 +0200)]
Allow non-semver packages in the Conan package registry (#20412) (#20523)

Backport #20412

A lot of existing packages do not conform to SemVer, yet, they should be allowed
in the Conan package registry as-is. To achieve this, remove the SemVer check
from `NewRecipeReference`, and replace it with a simple empty string check.

A unit test with a non-semver version is also included.

Fixes #20405.

Signed-off-by: Gergely Nagy <me@gergo.csillger.hu>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Gergely Nagy <algernon@users.noreply.github.com>
2 years agoFix possible panic when repository is empty (#20509) (#20526)
6543 [Thu, 28 Jul 2022 20:18:49 +0000 (22:18 +0200)]
Fix possible panic when repository is empty (#20509) (#20526)

Backport #20509

2 years agoFix Ruby package parsing by removed unused email field (#20470) (#20525)
6543 [Thu, 28 Jul 2022 18:41:57 +0000 (20:41 +0200)]
Fix Ruby package parsing by removed unused email field (#20470) (#20525)

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2 years agoFix dashboard switching on Mobile (#20238) (#20239)
Gusted [Thu, 28 Jul 2022 17:04:29 +0000 (19:04 +0200)]
Fix dashboard switching on Mobile (#20238) (#20239)

- This is a regression of improving mobile experience on Gitea, currently organization dashboard aren't readable and the popup won't show up when you want to switch between users/organization(as we saw in #19978).
- This patch fixes that, by allowing the popup to allocate the required pixels(for some absurd reason, z-index doesn't work on the popup, so it's not able to render over the existing elements, we can investigate later of why this is). And also remove the additional dropdown menu for the pages link, so it's one unified list which then can be displayed as rows.

2 years agoFix package permission checks for organizations (#20517) (#20520)
KN4CK3R [Thu, 28 Jul 2022 14:05:59 +0000 (16:05 +0200)]
Fix package permission checks for organizations (#20517) (#20520)

2 years agoFix ROOT_URL detection for URLs without trailing slash (#20503)
wxiaoguang [Wed, 27 Jul 2022 15:49:01 +0000 (23:49 +0800)]
Fix ROOT_URL detection for URLs without trailing slash (#20503)

2 years agoShow hint to link package to repo when viewing empty repo package list (#20504) ...
Norwin [Wed, 27 Jul 2022 14:06:54 +0000 (16:06 +0200)]
Show hint to link package to repo when viewing empty repo package list (#20504) (#20507)

2 years agoModify milestone search keywords to be case insensitive (#20266) (#20498)
Tyrone Yeh [Wed, 27 Jul 2022 11:55:09 +0000 (19:55 +0800)]
Modify milestone search keywords to be case insensitive (#20266) (#20498)

* Modify milestone search keywords to be case insensitive (#20266)

Milestone search keywords are now sensitive, this modification is changed to insensitive

* Modify for #18437

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoAdd repository condition for issue count (#20496)
Tyrone Yeh [Wed, 27 Jul 2022 06:09:25 +0000 (14:09 +0800)]
Add repository condition for issue count (#20496)

2 years agofix enabling repo packages when projects are off (#20486) (#20488)
Norwin [Tue, 26 Jul 2022 14:50:45 +0000 (16:50 +0200)]
fix enabling repo packages when projects are off (#20486) (#20488)

2 years agoAdd Cache-Control header to html and api responses, add no-transform (#20432) (#20459)
silverwind [Sat, 23 Jul 2022 10:58:58 +0000 (12:58 +0200)]
Add Cache-Control header to html and api responses, add no-transform (#20432) (#20459)

`no-transform` allegedly disables CloudFlare auto-minify and we did not
set caching headers on html or api requests, which seems good to have
regardless.

Transformation is still allowed for asset requests.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2 years agoDismiss prior pull reviews if done via web in review dismiss (#20197) (#20407)
6543 [Tue, 19 Jul 2022 15:46:33 +0000 (17:46 +0200)]
Dismiss prior pull reviews if done via web in review dismiss (#20197) (#20407)

2 years agoChangelog v1.17.0-rc2 (#20350) v1.17.0-rc2
6543 [Tue, 19 Jul 2022 13:43:24 +0000 (15:43 +0200)]
Changelog v1.17.0-rc2 (#20350)

Co-authored-by: zeripath <art27@cantab.net>
2 years agoAllow RSA 2047 bit keys (#20272) (#20396)
zeripath [Mon, 18 Jul 2022 14:30:01 +0000 (15:30 +0100)]
Allow RSA 2047 bit keys (#20272) (#20396)

Backport #20272

Unfortunately it appears that 2048 bit RSA keys can occasionally be created in such
a way that they appear to have 2047 bit length. This PR simply changes our defaults to
allow these.

Fix #20249

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2 years agoAdd missing return for when topic isn't found (#20351) (#20395)
zeripath [Mon, 18 Jul 2022 02:16:58 +0000 (03:16 +0100)]
Add missing return for when topic isn't found (#20351) (#20395)

2 years agoFix commit status icon when in subdirectory (#20285) (#20385)
silverwind [Sat, 16 Jul 2022 12:54:49 +0000 (14:54 +0200)]
Fix commit status icon when in subdirectory (#20285) (#20385)

When viewing a subdirectory and the latest commit to that directory in
the table, the commit status icon incorrectly showed the status of the
HEAD commit instead of the latest for that directory.

2 years agoSet target on create release with existing tag (#20381) (#20382)
Gusted [Fri, 15 Jul 2022 18:39:48 +0000 (18:39 +0000)]
Set target on create release with existing tag (#20381) (#20382)

When you create a new release(e.g. via Tea) and specify a tag that already exists on the repository, Gitea will instead use the `UpdateRelease` functionality. However it currently doesn't set the Target field. This PR fixes that.

2 years agoInitialize cron last (#20373) (#20384)
zeripath [Fri, 15 Jul 2022 17:44:22 +0000 (18:44 +0100)]
Initialize cron last (#20373) (#20384)

Backport #20373

Cron will try to run certain things at startup but these depend on multiple things
being set-up. Therefore we should initialize cron last.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2 years agoMake sure `repo_dir` is an empty directory or doesn't exist before 'dump-repo' (...
6543 [Fri, 15 Jul 2022 03:12:52 +0000 (05:12 +0200)]
Make sure `repo_dir` is an empty directory or doesn't exist before 'dump-repo' (#20205) (#20370)

Co-authored-by: a1012112796 <1012112796@qq.com>
2 years agoupdate xorm.io/xorm v1.3.2-0.20220714055524-c3bce556200f (#20371) (#20372)
6543 [Thu, 14 Jul 2022 16:42:23 +0000 (18:42 +0200)]
update xorm.io/xorm v1.3.2-0.20220714055524-c3bce556200f (#20371) (#20372)

Backport #20371

Xorm 1.3.2-0.20220714055524 contains a fix for interpreting db column sizes. Prior to this fix xorm would assume that the size of a column was within the range of an `int`. This is correct on 64bit machines where `int` is typical equivalent to `int64` however, on 32bit machines `int` tends to be `int32`.

Unfortunately the size of a LONGTEXT field is actually `max_uint32`, thus using `strconv.Atoi` on these fields will fail and thus #20161 occurs on 32 bit arm. Xorm 1.3.2-0.20220714055524 changes this field to use int64 instead.

Fix  #20161

2 years agoPrevent context deadline error propagation in GetCommitsInfo (#20346) (#20361)
6543 [Thu, 14 Jul 2022 02:44:34 +0000 (04:44 +0200)]
Prevent context deadline error propagation in GetCommitsInfo (#20346) (#20361)

Backport #20346

Although `WalkGitLog` tries to test for `context.DeadlineExceededErr`
there is a small chance that the error will propagate to the reader
before it is recognised. This will cause the error to propagate up to
`renderDirectoryFiles` and cause a http status 500.

Here we check that the error passed is a `DeadlineExceededErr` via error.Is

Fix #20329

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2 years agoFix org label open count, including close count issue (#20364)
Tyrone Yeh [Thu, 14 Jul 2022 02:42:46 +0000 (10:42 +0800)]
Fix org label open count, including close count issue (#20364)

2 years agoFix checks in PR for empty commits (#20290) (#20352)
Ing. Jaroslav Šafka [Wed, 13 Jul 2022 17:36:23 +0000 (19:36 +0200)]
Fix checks in PR for empty commits (#20290) (#20352)

Backport #20290

* Fix #19603
* fill HeadCommitID in PullRequest
* compare real commits ID as check for merging

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2 years agoHide notify mail setting ui if not enabled (#20138) (#20336)
Lunny Xiao [Wed, 13 Jul 2022 01:47:29 +0000 (09:47 +0800)]
Hide notify mail setting ui if not enabled (#20138) (#20336)

Co-authored-by: 6543 <6543@obermui.de>
2 years agoCorrectly handle draft releases without a tag (#20314) (#20335)
zeripath [Tue, 12 Jul 2022 18:55:25 +0000 (19:55 +0100)]
Correctly handle draft releases without a tag (#20314) (#20335)

Backport #20314

`errors.Is(err, git.ErrNotExist{})` is not working

Fixes #20313

Co-authored-by: Chongyi Zheng <harry@harryzheng.com>
2 years agoAdd write check for creating Commit status (#20332) (#20333)
Gusted [Tue, 12 Jul 2022 12:51:35 +0000 (12:51 +0000)]
Add write check for creating Commit status (#20332) (#20333)

- Backport #20332
  - Add write code checks for creating new commit status
  - Regression from #5314
  - Resolves #20331

2 years agoRefactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299...
wxiaoguang [Mon, 11 Jul 2022 15:27:51 +0000 (23:27 +0800)]
Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299) (#20306)

Backport #20299. Follow #20298. Only the `GlobalInitInstalled` function should prepare the SSH files for external server or starts the builtin server.
* `trustedUserCaKeys` is removed, use `SSH.TrustedUserCAKeys` directly
* introduce `ssh.Init`, move the SSH init code from `routers/init.go` to it
* `ssh.Init` will start builtin SSH server or prepare external SSH server files

2 years agoPrevent "empty" scrollbars on Firefox (#20294) (#20308)
KN4CK3R [Sun, 10 Jul 2022 18:48:35 +0000 (20:48 +0200)]
Prevent "empty" scrollbars on Firefox (#20294) (#20308)

Addition to: Show scrollbar when necessary #20142
Fixes the "empty" scrollbars with Firefox.

2 years agoDo not create empty ".ssh" directory when loading config (#20289) (#20298)
wxiaoguang [Sun, 10 Jul 2022 10:09:42 +0000 (18:09 +0800)]
Do not create empty ".ssh" directory when loading config (#20289) (#20298)

Backport #20289

The code is as old as back to 2016, creating the directory automatically is not correct IMO.

In other places for ssh key writing (RewriteAllPrincipalKeys / appendAuthorizedKeysToFile, etc), the directory will still be created when updating the keys.

This PR will resolve the confusing and annoying problem: the dummy and empty ".ssh" directory in new git home

2 years agoBump goldmark to v1.4.13 (#20300) (#20301)
Gusted [Sat, 9 Jul 2022 20:39:38 +0000 (22:39 +0200)]
Bump goldmark to v1.4.13 (#20300) (#20301)

Backport #20300

  - Update goldmark to v1.4.13 to fix a issue with quotes after a empty list item(See https://github.com/yuin/goldmark/issues/313) and downstream issue https://codeberg.org/Codeberg/Community/issues/645

2 years agoStore read access in access for team repo's (#20275) (#20276)
Gusted [Sat, 9 Jul 2022 18:01:44 +0000 (20:01 +0200)]
Store read access in access for team repo's (#20275) (#20276)

Backport #20275

Currently when a Team has read access to a organization's non-private repository, their access(in the `access` table) won't be stored in the database. This cause issues for code that rely on read access being stored, like retrieving all users who have read permission to that repository(even though this is confusing as this doesn't include all registered users). So from now-on if we see that the repository is owned by a organization don't increase the `minMode` to write permission.

Resolves #20083

2 years agoUse git.HOME_PATH for Git HOME directory (#20114) (#20293)
wxiaoguang [Fri, 8 Jul 2022 13:44:36 +0000 (21:44 +0800)]
Use git.HOME_PATH for Git HOME directory (#20114) (#20293)

Before, in #19732, the old home directory is not correct.
This PR introduces a new config option for git home: git.HOME_PATH,
which is default to %(APP_DATA_PATH)/home

And pass env GNUPGHOME to git command, force Gitea to use a stable GNUPGHOME directory

2 years agoMake notification bell more prominent on mobile (#20108, #20236, #20251) (#20269)
zeripath [Thu, 7 Jul 2022 15:48:03 +0000 (16:48 +0100)]
Make notification bell more prominent on mobile (#20108, #20236, #20251) (#20269)

Backport #20108
Backport #20236
Backport #20251

Make notification bell more prominent on mobile

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Tyrone Yeh <siryeh@gmail.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>
2 years agoFix NPE when using non-numeric (#20277) (#20278)
Gusted [Thu, 7 Jul 2022 12:56:50 +0000 (14:56 +0200)]
Fix NPE when using non-numeric (#20277) (#20278)

- Backport (#20277
  - This code is only valid when `refNumeric` exist(otherwise we didn't find such numeric PR and can skip that check) and give a free-pas to the  "BEFORE" check when `ref` is nil.
  - Resolves #20109

2 years agoOnly show Followers that current user can access (#20220) (#20252)
zeripath [Wed, 6 Jul 2022 21:03:23 +0000 (22:03 +0100)]
Only show Followers that current user can access (#20220) (#20252)

Backport #20220

Users who are following or being followed by a user should only be
displayed if the viewing user can see them.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2 years agoEscapeFilter the group dn membership (#20200) (#20254)
zeripath [Wed, 6 Jul 2022 19:51:40 +0000 (20:51 +0100)]
EscapeFilter the group dn membership (#20200) (#20254)

Backport #20200

The uid provided to the group filter must be properly escaped using the provided
ldap.EscapeFilter function.

Fix #20181

Signed-off-by: Andrew Thornton <art27@cantab.net>
2 years agoDisplay full name (#20171) (#20246)
zeripath [Tue, 5 Jul 2022 15:58:10 +0000 (16:58 +0100)]
Display full name (#20171) (#20246)

Backport #20171

The setting `DEFAULT_SHOW_FULL_NAME` promises to use the user's full name everywhere it can be used.

Unfortunately the function `*user_model.User.ShortName()` currently uses the `.Name` instead - but this should also use the `.FullName()`.

Therefore we should make `*user_model.User.ShortName()` base its pre-shortened name on the `.FullName()` function.

Co-authored-by: Baekjun Kim <36013575+kimbj95@users.noreply.github.com>
2 years agoAdjust max-widths for the repository file table (#20243) (#20247)
zeripath [Tue, 5 Jul 2022 15:15:56 +0000 (16:15 +0100)]
Adjust max-widths for the repository file table (#20243) (#20247)

Backport #20243

Adjust the max-widths for the repository file table to allow for nicer
resizing of the names and commit messages.

Fix #20040

Signed-off-by: Andrew Thornton <art27@cantab.net>
 ## Screenshots

 ## MediaXL
![Screenshot from 2022-07-05 10-22-12](https://user-images.githubusercontent.com/1824502/177295867-7ba8cf60-8f61-4227-892f-e5a0477e4146.png)

 ## MediaLg
![Screenshot from 2022-07-05 10-24-37](https://user-images.githubusercontent.com/1824502/177296301-e066e206-10f7-4a15-a68b-0f772a95f369.png)

 ## MediaMd
![Screenshot from 2022-07-05 10-23-03](https://user-images.githubusercontent.com/1824502/177295965-69397649-16ca-456a-bc0c-ed507fcb7f44.png)

 ## MediaSm
![Screenshot from 2022-07-05 10-26-44](https://user-images.githubusercontent.com/1824502/177296700-ca2a853b-c47b-4592-baf4-4bc08a7e1c9c.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoBypass Firefox (iOS) bug (#20244) (#20250)
wxiaoguang [Tue, 5 Jul 2022 15:01:01 +0000 (23:01 +0800)]
Bypass Firefox (iOS) bug (#20244) (#20250)

Backport #20244

* https://github.com/go-gitea/gitea/issues/20240

At the moment, Firefox (iOS) (10x) has an engine bug. See https://github.com/go-gitea/gitea/issues/20240
If a script inserts a newly created (and content changed) element into DOM, there will be a nonsense error event reporting: Script error: line 0, col 0.

This PR ignores such nonsense error event.

Fix #20240

2 years agoInit popup for new code comment (#20234) (#20235)
Gusted [Tue, 5 Jul 2022 12:29:04 +0000 (14:29 +0200)]
Init popup for new code comment (#20234) (#20235)

- Backport #20234

  - Initialize the popup for the tooltip inside the new code comment.
  - This works and is good enough to have this issue fixed for 1.17

Fix #20068

2 years agoUpdate Bluemonday to v1.0.19 (#20199) (#20209)
zeripath [Mon, 4 Jul 2022 02:15:35 +0000 (03:15 +0100)]
Update Bluemonday to v1.0.19 (#20199) (#20209)

2 years agoRefix indices on actions table (#20158) (#20198)
zeripath [Sat, 2 Jul 2022 13:31:51 +0000 (14:31 +0100)]
Refix indices on actions table (#20158) (#20198)

Backport #20158

Unforunately the previous PR #20035 created indices that were not helpful
for SQLite. This PR adjusts these after testing using the try.gitea.io db.

Fix #20129

Signed-off-by: Andrew Thornton <art27@cantab.net>
2 years agoFix `dump-repo` git init, fix wrong error type for NullDownloader (#20182) (#20186)
wxiaoguang [Fri, 1 Jul 2022 16:01:05 +0000 (00:01 +0800)]
Fix `dump-repo` git init, fix wrong error type for NullDownloader (#20182) (#20186)

* Fix `dump-repo` git init

* Fix wrong error type for NullDownloader

2 years agoFix cli command restore-repo: "units" should be parsed as cli.String (#20183) (#20187)
wxiaoguang [Fri, 1 Jul 2022 15:16:59 +0000 (23:16 +0800)]
Fix cli command restore-repo: "units" should be parsed as cli.String (#20183) (#20187)

2 years agoCheck if project has the same repository id with issue when assign project to issue...
Lunny Xiao [Fri, 1 Jul 2022 13:00:05 +0000 (21:00 +0800)]
Check if project has the same repository id with issue when assign project to issue (#20133) (#20188)

* Check if project has the same repository id with issue when assign project to issue

* Check if issue's repository id match project's repository id

* Add more permission checking

* Remove invalid argument

* Fix errors

* Add generic check

* Remove duplicated check

* Return error + add check for new issues

* Apply suggestions from code review

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
2 years agoUpdate default allowed attachment types (#20193)
silverwind [Fri, 1 Jul 2022 11:37:52 +0000 (13:37 +0200)]
Update default allowed attachment types (#20193)

Synced the list to what is allowed on GitHub currently.

2 years agoShow scrollbar when necessary (#20142) (#20143)
Gusted [Mon, 27 Jun 2022 05:20:47 +0000 (07:20 +0200)]
Show scrollbar when necessary (#20142) (#20143)

- Backport #20142
  - Firefox on Windows will unconditionally show scrollbars when you specify `overflow: scroll`. This is bad behavior, as you don't always need the scrollbar. Changing the scroll value to auto fixes this issue and only shows the scrollbar when necessary.
  - Resolves #20139

2 years agoFix remove file on initial comment (#20127) (#20128)
Gusted [Sat, 25 Jun 2022 19:50:23 +0000 (21:50 +0200)]
Fix remove file on initial comment (#20127) (#20128)

Backport #20127

Store the file uuid(which is returned by Gitea in the upload file response) onto the file object, so it can be used for the remove feature to specify this file.

Fix #20115

2 years agoFix wrong login requirement routers (#20101) (#20104)
Lunny Xiao [Fri, 24 Jun 2022 07:02:22 +0000 (15:02 +0800)]
Fix wrong login requirement routers (#20101) (#20104)

2 years agoCatch the error before the response is processed by goth. (#20000) (#20102)
SteveTheEngineer [Fri, 24 Jun 2022 02:05:23 +0000 (05:05 +0300)]
Catch the error before the response is processed by goth. (#20000) (#20102)

The code introduced by #18185 gets the error from response after it was processed by goth.

That is incorrect, as goth (and golang.org/x/oauth) doesn't really care about the error, and it sends a token request with an empty authorization code to the server anyway, which always results in a `oauth2: cannot fetch token: 400 Bad Request` error from goth.
It means that unless the "state" parameter is omitted from the error response (which is required to be present, according to [RFC 6749, Section 4.1.2.1](https://datatracker.ietf.org/doc/html/rfc6749#section-4.1.2.1)) or the page is reloaded (makes the session invalid), a 500 Internal Server Error page will be displayed.
This fixes it by handling the error before the request is passed to goth.

2 years agoDashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099)
Jimmy Praet [Thu, 23 Jun 2022 09:51:44 +0000 (11:51 +0200)]
Dashboard feed respect setting.UI.FeedPagingNum again (#20094) (#20099)

Fixes #20080

2 years agoUse correct variable for issue count (#20086)
Lunny Xiao [Wed, 22 Jun 2022 16:26:41 +0000 (00:26 +0800)]
Use correct variable for issue count (#20086)

2 years agoRelease page show all tags in compare dropdown (#20070) (#20072)
6543 [Tue, 21 Jun 2022 18:08:25 +0000 (20:08 +0200)]
Release page show all tags in compare dropdown (#20070) (#20072)

Backport #20070

Just get all tags when creating the compare dropdown.

Fix #19936

2 years agoChangelog v1.17.0-rc1 (#20023) v1.17.0-rc1
6543 [Mon, 20 Jun 2022 13:09:50 +0000 (15:09 +0200)]
Changelog v1.17.0-rc1 (#20023)

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2 years agoDisable federation by default (#20045) (#20046)
Gusted [Mon, 20 Jun 2022 06:44:55 +0000 (08:44 +0200)]
Disable federation by default (#20045) (#20046)

* Disable federation by default (#20045)

- Backport #20045
  - A Gitea instance should choose whetever they want to federate(as once it has more features also brings extra costs/moderation/unexpected behavior) with other AP/ForgeFed software.

* Fix tests

2 years agoSimplify and fix migration 216 (#20036)
zeripath [Mon, 20 Jun 2022 01:34:54 +0000 (02:34 +0100)]
Simplify and fix migration 216 (#20036)

There appears to be a strange bug whereby the comment_id index can sometimes be missed
or missing from the action table despite the sync2 that should create it in the earlier
part of this migration. However, looking through the code for Sync2 there is no need
for this pre-code to exist and Sync2 should drop/create the indices as necessary.

I think therefore we should simplify the migration to simply be Sync2.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2 years agoAlter hook_task TEXT fields to LONGTEXT (#20038) (#20041)
Wim [Sun, 19 Jun 2022 20:12:48 +0000 (22:12 +0200)]
Alter hook_task TEXT fields to LONGTEXT (#20038) (#20041)

Mysql TEXT has a limit of 64KB, change this to LONGTEXT in mysql only so we can have bigger hook payloads.

Postgresql has unlimited TEXT - https://www.postgresql.org/docs/current/datatype-character.html
Sqlite has unlimited TEXT - https://www.sqlitetutorial.net/sqlite-data-types/#:~:text=The%20maximum%20length%20of%20TEXT,SQLite%20supports%20various%20character%20encodings.

Backport of #20038

Co-authored-by: zeripath <art27@cantab.net>
2 years agoBacktick table name in generic orphan check (#20019) (#20037)
zeripath [Sun, 19 Jun 2022 18:41:12 +0000 (19:41 +0100)]
Backtick table name in generic orphan check (#20019) (#20037)

Backport #20019

- Resolves #20018