This setting is set to `mixed` by default, allowing dates to render as
"5 hours ago". Here are some screenshots of the UI with this setting set
to `absolute`:
Since https://gitea.com/xorm/xorm/pulls/2383 merged, xorm now supports
UPDATE JOIN.
To keep consistent from different databases, xorm use
`engine.Join().Update`, but the actural generated SQL are different
between different databases.
For MySQL, it's `UPDATE talbe1 JOIN table2 ON join_conditions SET xxx
Where xxx`.
For MSSQL, it's `UPDATE table1 SET xxx FROM TABLE1, TABLE2 WHERE
join_conditions`.
For SQLITE per https://www.sqlite.org/lang_update.html, sqlite support
`UPDATE table1 SET xxx FROM table2 WHERE join conditions` from
3.33.0(2020-8-14).
Nanguan Lin [Sun, 31 Dec 2023 04:08:46 +0000 (12:08 +0800)]
Fix alpine package files are not rebuilt (#28638)
I noticed the `BuildAllRepositoryFiles` function under the Alpine folder
is unused and I thought it was a bug.
But I'm not sure about this. Was it on purpose?
Should we also apply this for long filenames in Assets?
It looks like this currently:
<img width="285" alt="image"
src="https://github.com/go-gitea/gitea/assets/50193156/e2dcbb2e-30d5-4e35-b304-6274ef60bda7">
Denys Konovalov [Thu, 28 Dec 2023 21:08:59 +0000 (22:08 +0100)]
switch destination directory for apt signing keys (#28639)
According to [Debian
docs](https://wiki.debian.org/DebianRepository/UseThirdParty):
> The certificate MUST NOT be placed in /etc/apt/trusted.gpg.d or loaded
by apt-key add.
> ...
> If future updates to the certificate will be managed by an apt/dpkg
package as recommended below, then it SHOULD be downloaded into
/usr/share/keyrings using the same filename that will be provided by the
package. If it will be managed locally , it SHOULD be downloaded into
/etc/apt/keyrings instead.
> ...
> A sources.list entry SHOULD have the signed-by option set.
Lunny Xiao [Thu, 28 Dec 2023 07:28:57 +0000 (15:28 +0800)]
Remove unnecessary syncbranchToDB with tests (#28624)
#28361 introduced `syncBranchToDB` in `CreateNewBranchFromCommit`. This
PR will revert the change because it's unnecessary. Every push will
already be checked by `syncBranchToDB`.
This PR also created a test to ensure it's right.
katsu [Wed, 27 Dec 2023 08:32:27 +0000 (16:32 +0800)]
fix wrong link in user and organization profile when using relative url (#28617)
fix #28436.
the doc https://docs.gitea.com/usage/profile-readme maybe also need to
be updated to tell that
the main branch is necessary,which means the following three conditions
should be satisfied:
- repo: **.profile**
- branch: **[default branch]**
- markdown: **README.md**
Kyle D [Sat, 23 Dec 2023 03:29:51 +0000 (22:29 -0500)]
Disable query token param in integration tests (#28592)
Follow up to https://github.com/go-gitea/gitea/pull/28484, this PR
enables the setting for integration tests and migrates a few additional
test queries.
Zettat123 [Fri, 22 Dec 2023 13:29:50 +0000 (21:29 +0800)]
Fix `status_check_contexts` matching bug (#28582)
Fix #28570
Follow #24633
---
Copied from
https://github.com/go-gitea/gitea/issues/28570#issuecomment-1867327999
The feature introduced in #24633 should be compatible with
`status_check_contexts`. However, if one or more of
`status_check_contexts` is not a legal glob expressions, `glob.Compile`
will fail and the contexts cannot match.
KN4CK3R [Thu, 21 Dec 2023 21:48:18 +0000 (22:48 +0100)]
Use information from previous blame parts (#28572)
Fixes #28545
`git blame` output can contain blocks without commit information if it
was outputted before (the `0dafa97ea3f6d9662299579e5be1875cd28baaae 48
26 1` line):
``` fec25436488499df7231f63b857f66457c193d5c 24 25 1
author Bastien Montagne
author-mail <bastien@blender.org>
author-time 1660731031
author-tz +0200
committer Bastien Montagne
committer-mail <bastien@blender.org>
committer-time 1660731031
committer-tz +0200
summary LibOverride: Add Make/Reset/Clear entries to IDTemplate contextual menu.
previous 839ece6477203382b7a7483062961540180ff1cd source/blender/editors/interface/interface_ops.c
filename source/blender/editors/interface/interface_ops.c
#include "BLT_translation.h" 0dafa97ea3f6d9662299579e5be1875cd28baaae 48 26 1
3d57bc4397fca53bc9702a27bbf50102827829b0 27 27 1
author Hans Goudey
author-mail <hans@blender.org>
author-time 1700131315
author-tz +0100
committer Hans Goudey
committer-mail <hooglyboogly@noreply.localhost>
committer-time 1700131315
committer-tz +0100
summary Cleanup: Move several blenkernel headers to C++
previous 451c054d9b7d3148a646caa5a72fb127a5b5c408 source/blender/editors/interface/interface_ops.cc
filename source/blender/editors/interface/interface_ops.cc
#include "BKE_context.hh"
```
This PR reuses data from the previous blame part to fill these gaps.
wxiaoguang [Wed, 20 Dec 2023 14:11:59 +0000 (22:11 +0800)]
Fix the issue ref rendering for wiki (#28556)
Fix #28526, regression of
* #26365
(although the author of #26365 has recent activities, but there is no
response for the regression, so I proposed this quick fix and keep the
fix simple to make it easier to backport to 1.21)
Nanguan Lin [Tue, 19 Dec 2023 19:12:02 +0000 (03:12 +0800)]
Remove deadcode under models/issues (#28536)
Using the Go Official tool `golang.org/x/tools/cmd/deadcode@latest`
mentioned by [go blog](https://go.dev/blog/deadcode).
Just use `deadcode .` in the project root folder and it gives a list of
unused functions. Though it has some false alarms.
This PR removes dead code detected in `models/issues`.
Lunny Xiao [Tue, 19 Dec 2023 09:29:05 +0000 (17:29 +0800)]
Always enable caches (#28527)
Nowadays, cache will be used on almost everywhere of Gitea and it cannot
be disabled, otherwise some features will become unaviable.
Then I think we can just remove the option for cache enable. That means
cache cannot be disabled.
But of course, we can still use cache configuration to set how should
Gitea use the cache.
Introduced the new interfrace method `ComputeHash` which will replace
the interface `HasherInterface`. Now we don't need to keep two
interfaces.
Reintroduced `git.NewIDFromString` and `git.MustIDFromString`. The new
function will detect the hash length to decide which objectformat of it.
If it's 40, then it's SHA1. If it's 64, then it's SHA256. This will be
right if the commitID is a full one. So the parameter should be always a
full commit id.
David Øvrelid [Tue, 19 Dec 2023 04:40:05 +0000 (05:40 +0100)]
Fix duplicate ID when deleting repo (#28520)
There is an accessibility issue in the interface when attempting to
delete a repository. When I click on "Delete repository," a dialog box
appears, requiring confirmation to proceed with the repository deletion.
However, when I press the "Repo name" label, the wrong input field gains
focus. The focused field is located behind the dialog and is intended
for renaming the repository.
Bo-Yi Wu [Tue, 19 Dec 2023 02:32:45 +0000 (10:32 +0800)]
chore(api): support ignore password if login source type is LDAP for creating user API (#28491)
- Modify the `Password` field in `CreateUserOption` struct to remove the
`Required` tag
- Update the `v1_json.tmpl` template to include the `email` field and
remove the `password` field
wxiaoguang [Tue, 19 Dec 2023 01:18:42 +0000 (09:18 +0800)]
Update go dependencies (#28518)
Update golang.org/x/crypto for CVE-2023-48795 and update other packages.
`go-git` is not updated because it needs time to figure out why some
tests fail.
Earl Warren [Mon, 18 Dec 2023 15:32:08 +0000 (16:32 +0100)]
Add orphaned topic consistency check (#28507)
- If a topic has zero repository count, it means that none of the
repositories are using that topic, that would make them 'useless' to
keep. One caveat is that if that topic is going to be used in the
future, it will be added again to the database, but simply with a new
ID.
Lunny Xiao [Sun, 17 Dec 2023 11:56:08 +0000 (19:56 +0800)]
Adjust object format interface (#28469)
- Remove `ObjectFormatID`
- Remove function `ObjectFormatFromID`.
- Use `Sha1ObjectFormat` directly but not a pointer because it's an
empty struct.
- Store `ObjectFormatName` in `repository` struct
This change follows the recommendation by wxiaoguang to remove the
"Disable Minimum Key Size Check" from the "Service Configuration"
section of the UI, because this option belongs to the "SSH
Configuration" section of the administration menu and already has a
functioning indicator in that section of the UI.
Earl Warren [Sat, 16 Dec 2023 12:17:39 +0000 (13:17 +0100)]
Initalize stroage for orphaned repository doctor (#28487)
- When a repository is orphaned and has objects stored in any of the
storages such as repository avatar or attachments the delete function
would error, because the storage module wasn't initalized.
- Add code to initialize the storage module.
wxiaoguang [Fri, 15 Dec 2023 15:49:01 +0000 (23:49 +0800)]
Improve CLI code and descriptions (#28482)
* Close #28444
* Actually, it doesn't need to use that trick because it looks like it
is not necessary, no user really needs it
* Remove the hidden (legacy) "doctor" subcommand and update documents
* Fix "actions" usage
KN4CK3R [Wed, 13 Dec 2023 20:23:53 +0000 (21:23 +0100)]
Add endpoint for not implemented Docker auth (#28457)
Recently Docker started to use the optional `POST /v2/token` endpoint
which should respond with a `404 Not Found` status code instead of the
current `405 Method Not Allowed`.
> Note: Not all token servers implement oauth2. If the request to the
endpoint returns 404 using the HTTP POST method, refer to Token
Documentation for using the HTTP GET method supported by all token
servers.
David Hulick [Wed, 13 Dec 2023 07:14:37 +0000 (02:14 -0500)]
docs: Update group membership fields to match application. (#28175)
Several fields in the "Verify group membership in LDAP" docs were
confusingly titled when compared to the actual fields in the
application, this change rectifies that by matching the docs to the
fields already present in gitea.
Signed-off-by: David Hulick <dave.hulick@gmail.com>
Jack Hay [Tue, 12 Dec 2023 03:48:53 +0000 (22:48 -0500)]
Deprecate query string auth tokens (#28390)
## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example:
```
HTTP/1.1 200 OK
...
Warning: token and access_token API authentication is deprecated
...
```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`
## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed
## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)
wxiaoguang [Mon, 11 Dec 2023 15:55:10 +0000 (23:55 +0800)]
Improve doctor cli behavior (#28422)
1. Do not sort the "checks" slice again and again when "Register", it
just wastes CPU when the Gitea instance runs
2. If a check doesn't exist, tell the end user
3. Add some tests
![image](https://github.com/go-gitea/gitea/assets/18380374/0663e443-682c-4a68-b14e-a0fa0e4c3716)
`TestOrg/testactions` does have commit status, but won't display in
`All`
Earl Warren [Sun, 10 Dec 2023 20:15:06 +0000 (21:15 +0100)]
Actually recover from a panic in cron task (#28409)
- Currently there's code to recover gracefully from panics that happen
within the execution of cron tasks. However this recover code wasn't
being run, because `RunWithShutdownContext` also contains code to
recover from any panic and then gracefully shutdown Forgejo. Because
`RunWithShutdownContext` registers that code as last, that would get run
first which in this case is not behavior that we want.
- Move the recover code to inside the function, so that is run first
before `RunWithShutdownContext`'s recover code (which is now a noop).
Lunny Xiao [Sat, 9 Dec 2023 13:30:56 +0000 (21:30 +0800)]
Also sync DB branches on push if necessary (#28361)
Fix #28056
This PR will check whether the repo has zero branch when pushing a
branch. If that, it means this repository hasn't been synced.
The reason caused that is after user upgrade from v1.20 -> v1.21, he
just push branches without visit the repository user interface. Because
all repositories routers will check whether a branches sync is necessary
but push has not such check.
For every repository, it has two states, synced or not synced. If there
is zero branch for a repository, then it will be assumed as non-sync
state. Otherwise, it's synced state. So if we think it's synced, we just
need to update branch/insert new branch. Otherwise do a full sync. So
that, for every push, there will be almost no extra load added. It's
high performance than yours.
For the implementation, we in fact will try to update the branch first,
if updated success with affect records > 0, then all are done. Because
that means the branch has been in the database. If no record is
affected, that means the branch does not exist in database. So there are
two possibilities. One is this is a new branch, then we just need to
insert the record. Another is the branches haven't been synced, then we
need to sync all the branches into database.