]> source.dussan.org Git - gitea.git/log
gitea.git
4 years ago[skip ci] Updated translations via Crowdin v1.14.0-dev
GiteaBot [Wed, 14 Oct 2020 21:45:21 +0000 (21:45 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoClean up mysql service in drone (#13145)
techknowlogick [Wed, 14 Oct 2020 21:44:18 +0000 (17:44 -0400)]
Clean up mysql service in drone (#13145)

4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Oct 2020 18:49:08 +0000 (18:49 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoChangelog v1.13.0-RC1 (#13142)
6543 [Wed, 14 Oct 2020 18:48:03 +0000 (20:48 +0200)]
Changelog v1.13.0-RC1 (#13142)

* Changelog v1.13.0

* reorder topics

* impruve

* Apply suggestions from code review

* Apply suggestions from code review

* Apply suggestions from code review

* Apply suggestions from code review

* Goldmark ...

* Add 12516

* Apply suggestions from code review

* Update CHANGELOG.md

* Apply suggestions from code review

Co-authored-by: techknowlogick <matti@mdranta.net>
* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>
* Update CHANGELOG.md

* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>
* Securety is more importand than Breaking ...

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Oct 2020 17:02:15 +0000 (17:02 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoUpdate sshd_config (#13143)
Anders Eurenius Runvald [Wed, 14 Oct 2020 17:01:11 +0000 (19:01 +0200)]
Update sshd_config (#13143)

Afaik, adding these lines does nothing unless the file(s) are present. Having them in let's admins supply certs instead of relying on TOFU.

Co-authored-by: zeripath <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Oct 2020 13:09:05 +0000 (13:09 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoAvatars and Repo avatars support storing in minio (#12516)
Lunny Xiao [Wed, 14 Oct 2020 13:07:51 +0000 (21:07 +0800)]
Avatars and Repo avatars support storing in minio (#12516)

* Avatar support minio

* Support repo avatar minio storage

* Add missing migration

* Fix bug

* Fix test

* Add test for minio store type on avatars and repo avatars; Add documents

* Fix bug

* Fix bug

* Add back missed avatar link method

* refactor codes

* Simplify the codes

* Code improvements

* Fix lint

* Fix test mysql

* Fix test mysql

* Fix test mysql

* Fix settings

* Fix test

* fix test

* Fix bug

4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Oct 2020 12:12:40 +0000 (12:12 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoShow original author's reviews on pull summary box (#13127)
赵智超 [Wed, 14 Oct 2020 12:11:11 +0000 (20:11 +0800)]
Show original author's reviews on pull summary box (#13127)

follow #12039, show original author's reviews by other way.
fix #11705.

Signed-off-by: a1012112796 <1012112796@qq.com>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Oct 2020 11:18:41 +0000 (11:18 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoFix punctuation in trust model description (#13140)
Lauris BH [Wed, 14 Oct 2020 11:17:40 +0000 (14:17 +0300)]
Fix punctuation in trust model description (#13140)

4 years agoFinally fix diff names (#13136)
zeripath [Wed, 14 Oct 2020 04:49:33 +0000 (05:49 +0100)]
Finally fix diff names (#13136)

* Finally fix diff names

#12771 attempted to fix diff by avoiding the git diff line as
it is possible to have an ambiguous line here.

#12254 attempted to fix diff by assuming that names would quoted
if they needed to be and if one was quoted then both would be.

Both of these were wrong.

I have now discovered `--src-prefix` and `--dst-prefix` which
means that we can set this in such a way to force the git diff
to always be unambiguous.

Therefore this PR rollsback most of the changes in #12771 and
uses these options to fix this.

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update services/gitdiff/gitdiff.go

* Update services/gitdiff/gitdiff.go

* Update modules/repofiles/temp_repo.go

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 14 Oct 2020 04:07:05 +0000 (04:07 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoGitea 2 Gitea migration (#12657)
6543 [Wed, 14 Oct 2020 04:06:00 +0000 (06:06 +0200)]
Gitea 2 Gitea migration (#12657)

* first draft

* update gitea sdk to 9e280adb4da

* adapt feat of updated sdk

* releases now works

* break the Reactions loop

* use convertGiteaLabel

* fix endless loop because paggination is not supported there !!!

* rename gitea local uploader files

* pagination can bite you in the ass

* Version Checks

* lint

* docs

* rename gitea sdk import to miss future conficts

* go-swagger: dont scan the sdk structs

* make sure gitea can shutdown gracefully

* make GetPullRequests and GetIssues similar

* rm useles

* Add Test: started ...

* ... add tests ...

* Add tests and Fixing things

* Workaround missing SHA

* Adapt: Ensure that all migration requests are cancellable
(714ab71ddc4260937b1480519d453d2dc4e77dd6)

* LINT: fix misspells in test set

* adapt ListMergeRequestAwardEmoji

* update sdk

* Return error when creating giteadownloader failed

* update sdk

* adapt new sdk

* adopt new features

* check version before err

* adapt: 'migrate service type switch page'

* optimize

* Fix DefaultBranch

* impruve

* handle subPath

* fix test

* Fix ReviewCommentPosition

* test GetReviews

* add DefaultBranch int test set

* rm unused

* Update SDK to v0.13.0

* addopt sdk changes

* found better link

* format template

* Update Docs

* Update Gitea SDK (v0.13.1)

4 years ago[Enhancement] Allow admin to merge pr with protected file changes (#12078)
赵智超 [Tue, 13 Oct 2020 18:50:57 +0000 (02:50 +0800)]
[Enhancement] Allow admin to merge pr with protected file changes (#12078)

* [Enhancement] Allow admin to merge pr with protected file changes

As tilte, show protected message in diff page and merge box.

Signed-off-by: a1012112796 <1012112796@qq.com>
* remove unused ver

* Update options/locale/locale_en-US.ini

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
* Add TrN

* Apply suggestions from code review

* fix lint

* Update options/locale/locale_en-US.ini

Co-authored-by: zeripath <art27@cantab.net>
* Apply suggestions from code review

* move pr proteced files check to TestPatch
* Call TestPatch when protected branches settings changed

* Apply review suggestion @CirnoT

* move to service @lunny

* slightly restructure routers/private/hook.go

Adds a lot of comments and simplifies the logic

Signed-off-by: Andrew Thornton <art27@cantab.net>
* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>
* skip duplicate protected files check

* fix check logic

* slight refactor of TestPatch

Signed-off-by: Andrew Thornton <art27@cantab.net>
* When checking for protected files changes in TestPatch use the temporary repository

Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix introduced issue with hook

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove the check on PR index being greater than 0 as it unnecessary

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 13 Oct 2020 16:25:13 +0000 (16:25 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoMove update-server-info to hooks (#12826)
zeripath [Tue, 13 Oct 2020 16:24:06 +0000 (17:24 +0100)]
Move update-server-info to hooks (#12826)

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoAdd API Section to Changelog (#13125)
6543 [Tue, 13 Oct 2020 05:39:17 +0000 (07:39 +0200)]
Add API Section to Changelog (#13125)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoProvide self-registering storage system (#12978)
zeripath [Tue, 13 Oct 2020 03:58:34 +0000 (04:58 +0100)]
Provide self-registering storage system (#12978)

* Provide self-registering storage system

Signed-off-by: Andrew Thornton <art27@cantab.net>
* More simplification

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove old strings from setting

Signed-off-by: Andrew Thornton <art27@cantab.net>
* oops attachments not attachment

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
4 years ago[API] If User is Admin, show 500 error message on PROD mode too (#13115)
6543 [Tue, 13 Oct 2020 00:41:49 +0000 (02:41 +0200)]
[API] If User is Admin, show 500 error message on PROD mode too (#13115)

* API: show admin 500 error message on PROD mode too

* a nit

* dont miss InternalServerError

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoSave TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124)
6543 [Tue, 13 Oct 2020 00:01:57 +0000 (02:01 +0200)]
Save TimeStamps for Star, Label, Follow, Watch and Collaboration to Database (#13124)

* Add timestamps to Star, Label, LanguageStat, Follow, Watch and Collaboration

* Star do not need updated

* LanguageStat do not need update (they wont change)

* fix unit-test

4 years agoReturn 404 not 500 from API if team does not exist (#13118)
zeripath [Mon, 12 Oct 2020 21:09:21 +0000 (22:09 +0100)]
Return 404 not 500 from API if team does not exist (#13118)

If team does not exist expect ErrTeamNotExist not ErrUserNotEXist

Fix #11336

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
4 years agoAdd team support for review request (#12039)
赵智超 [Mon, 12 Oct 2020 19:55:13 +0000 (03:55 +0800)]
Add team support for review request (#12039)

Add team support for review request

Block #11355

Signed-off-by: a1012112796 <1012112796@qq.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Andrew Thornton <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Mon, 12 Oct 2020 18:45:03 +0000 (18:45 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoFix args in tasks.json (#13116)
Elena Neuschild [Mon, 12 Oct 2020 18:44:01 +0000 (20:44 +0200)]
Fix args in tasks.json (#13116)

4 years agoProhibit automatic downgrades (#13108)
6543 [Mon, 12 Oct 2020 14:35:56 +0000 (16:35 +0200)]
Prohibit automatic downgrades (#13108)

Prohibit automatic downgrades by checking the version of the db and warning if the version number should be lower.

Close #13107

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
4 years agoImprove error feedback for duplicate deploy keys (#13112)
Chris Shyi [Mon, 12 Oct 2020 13:44:56 +0000 (21:44 +0800)]
Improve error feedback for duplicate deploy keys (#13112)

Instead of a generic HTTP 500 error page, a flash message is rendered with the deploy key page template to inform the user that a key with the intended title already exists.

Fixes #13110

4 years agochore: update minio image version (#13109)
wULLSnpAXbWZGYDYyhWTKKspEQoaYxXyhoisqHf [Mon, 12 Oct 2020 08:45:20 +0000 (10:45 +0200)]
chore: update minio image version (#13109)

* 2020-05-16 --> 2020-10-09

4 years ago4 line diff (#13103)
6543 [Mon, 12 Oct 2020 01:15:15 +0000 (03:15 +0200)]
4 line diff (#13103)

4 years agoUpdate golangci-lint to version 1.31.0 (#13102)
kolaente [Sun, 11 Oct 2020 20:27:20 +0000 (22:27 +0200)]
Update golangci-lint to version 1.31.0 (#13102)

This PR updates golangci-lint to the latest version 1.31.0.

The upgrade introduced a new check for which I've fixed or disabled most cases.

Signed-off-by: kolaente <k@knt.li>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Sun, 11 Oct 2020 18:52:13 +0000 (18:52 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoLog the underlying panic in runMigrateTask (#13096)
zeripath [Sun, 11 Oct 2020 18:51:13 +0000 (19:51 +0100)]
Log the underlying panic in runMigrateTask (#13096)

If there is a panic during runMigrateTask we should capture and log the underlying
panic error.

This PR ensures that the panic is logged and captured as part of the task message.

Fix #13095

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoAdd ssh certificate support (#12281)
Wim [Sun, 11 Oct 2020 00:38:09 +0000 (02:38 +0200)]
Add ssh certificate support (#12281)

* Add ssh certificate support

* Add ssh certificate support to builtin ssh

* Write trusted-user-ca-keys.pem based on configuration

* Update app.example.ini

* Update templates/user/settings/keys_principal.tmpl

Co-authored-by: silverwind <me@silverwind.io>
* Remove unused locale string

* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>
* Update options/locale/locale_en-US.ini

Co-authored-by: silverwind <me@silverwind.io>
* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>
* Add missing creation of SSH.Rootpath

* Update cheatsheet, example and locale strings

* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go

Co-authored-by: zeripath <art27@cantab.net>
* Update models/ssh_key.go

* Optimizations based on feedback

* Validate CA keys for external sshd

* Add filename option and change default filename

Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is
RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem

Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty.

Add some more documentation.

* Remove unneeded principalkey functions

* Add blank line

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>
* Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option

This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default
email,username this means that users only can add the principals
that match their email or username.

To allow anything the admin need to set the option anything.

This allows for a safe default in gitea which protects against malicious
users using other user's prinicipals. (before that user could set it).

This commit also has some small other fixes from the last code review.

* Rewrite principal keys file on user deletion

* Use correct rewrite method

* Set correct AuthorizedPrincipalsBackup default setting

* Rewrite principalsfile when adding principals

* Add update authorized_principals option to admin dashboard

* Handle non-primary emails

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add the command actually to the dashboard template

* Update models/ssh_key.go

Co-authored-by: silverwind <me@silverwind.io>
* By default do not show principal options unless there are CA keys set or they are explicitly set

Signed-off-by: Andrew Thornton <art27@cantab.net>
* allow settings when enabled

* Fix typos in TrustedUserCAKeys path

* Allow every CASignatureAlgorithms algorithm

As this depends on the content of TrustedUserCAKeys we should allow all
signature algorithms as admins can choose the specific algorithm on their
signing CA

* Update models/ssh_key.go

Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix linting issue

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoFix attachments list in edit comment (#13036)
zeripath [Sat, 10 Oct 2020 23:49:59 +0000 (00:49 +0100)]
Fix attachments list in edit comment (#13036)

#11141 broke the appearance of dropzone attachments when editting
comments causing poorly updating lists.

This PR fixes this.

Fix #12583

Signed-off-by: Andrew Thornton art27@cantab.net
4 years agoFix deadlock when deleting team user (#13092)
zeripath [Sat, 10 Oct 2020 19:48:58 +0000 (20:48 +0100)]
Fix deadlock when deleting team user (#13092)

`models.getUserRepoPermission(...)` calls `HasOrgVisible` which
uses `models.x` potentially outside of the transaction `e` provided
as an argument to `getUserRepoPermission`.

This PR switches to use `hasOrgVisible(e, ...)`.

Fix #12983

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoChange default log configuration (#13088)
zeripath [Sat, 10 Oct 2020 15:19:50 +0000 (16:19 +0100)]
Change default log configuration (#13088)

* Change default log configuration

This PR changes the install page and the docker default
logging configuration to match the suggested configuration
that I repeatedly end up suggesting on issues.

It further improves the logging configuration docs to
recommend specific instructions for how to configure logs
for posting to issues.

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update docs/content/doc/advanced/logging-documentation.en-us.md

4 years agoSet appropriate `autocomplete` attributes on password fields (#13078)
silverwind [Fri, 9 Oct 2020 07:32:30 +0000 (09:32 +0200)]
Set appropriate `autocomplete` attributes on password fields (#13078)

`new-password` prevents annoying autocompletion in some cases, thought
it's not semantically correct to use that for example on all three
fields on the user account page, so some annoyances remain.

Co-authored-by: Lauris BH <lauris@nix.lv>
4 years agoDisable DSA ssh keys by default (#13056)
zeripath [Fri, 9 Oct 2020 06:52:57 +0000 (07:52 +0100)]
Disable DSA ssh keys by default (#13056)

* Disable DSA ssh keys by default

OpenSSH has disabled DSA keys since version 7.0

As the docker runs openssh > v7.0 we should just disable
DSA keys by default.

Refers to #11417

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Just disable DSA keys by default

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Appears we need to set the minimum key sizes too

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove DSA type

* Fix Tests

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
4 years agoFix line break for MS teams webhook (#13081)
Iván Valdés [Fri, 9 Oct 2020 05:30:55 +0000 (22:30 -0700)]
Fix line break for MS teams webhook (#13081)

Signed-off-by: Ivan Valdes <ivan@vald.es>
Co-authored-by: Lauris BH <lauris@nix.lv>
4 years agoImprove Docker container name (#13077)
Melroy van den Berg [Fri, 9 Oct 2020 02:31:07 +0000 (04:31 +0200)]
Improve Docker container name (#13077)

* Improve Docker container name

Use a better Docker container name than the default 'server'

* Changing to gitea and use recommended v3 Docker-compose

Use `gitea` as container name. And use version 3 of the docker-compose, which should now be used: https://docs.docker.com/compose/compose-file/compose-versioning/

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoCache last commit when pushing for big repository (#10109)
Lunny Xiao [Thu, 8 Oct 2020 22:17:23 +0000 (06:17 +0800)]
Cache last commit when pushing for big repository (#10109)

* Cache last commit when pushing for big repository

* Fix bug

* detect force push

* Refactor cache push

* Finish cache last commit info when push

* Some improvements

* Fix lint

* Remove unused changes

* Move pull request test before cache

* Fix test mysql

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
4 years agoHide sync ssh keys button on admin dashboard if ssh disabled or builtin-ssh enabled...
Lunny Xiao [Thu, 8 Oct 2020 16:43:15 +0000 (00:43 +0800)]
Hide sync ssh keys button on admin dashboard if ssh disabled or builtin-ssh enabled (#13072)

Co-authored-by: zeripath <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 8 Oct 2020 15:51:23 +0000 (15:51 +0000)]
[skip ci] Updated translations via Crowdin

4 years agofix a small nit (#13074)
赵智超 [Thu, 8 Oct 2020 15:50:17 +0000 (23:50 +0800)]
fix a small nit (#13074)

Signed-off-by: a1012112796 <1012112796@qq.com>
4 years agoAvoid setting the CONN_STR in issue indexer queue unless it is meant to be set (...
zeripath [Wed, 7 Oct 2020 22:24:41 +0000 (23:24 +0100)]
Avoid setting the CONN_STR in issue indexer queue unless it is meant to be set (#13069)

Since the move to common leveldb and common redis the disk queue code (#12385)
will check the connection string before defaulting to the DATADIR.

Therefore we should ensure that the connection string is kept empty
unless it is actually set.

Unforunately the issue indexer was missed in #13025 this PR fixes this omission

Fix #13062

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoGitea serv, hooks, manager and the like should always display Fatals (#13032)
zeripath [Wed, 7 Oct 2020 20:44:16 +0000 (21:44 +0100)]
Gitea serv, hooks, manager and the like should always display Fatals (#13032)

The gitea cmd/serv.go setup function deletes the console logger to
prevent stdout interference with commands. However, the problem is that
it then calls setting.NewContext which may cause an exit with log.Fatal
- which will then not be shown.

Now, log.Fatal is so disastrous that the interference that logging
causes is wanted. However, we can avoid stdout interference by emitting
on stderr.

This PR forces the creation of a console logger on stderr listening on
Fatal for these commands. Most commands have a `--debug` option now that
will print more reasons too - however, defaulting to give the log for
Fatal seems reasonable.

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 7 Oct 2020 18:25:19 +0000 (18:25 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoDisable Git Hooks by default (#13064)
techknowlogick [Wed, 7 Oct 2020 18:24:14 +0000 (14:24 -0400)]
Disable Git Hooks by default (#13064)

* Disable Git Hooks by default

Related #13058

* pass tests

4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 7 Oct 2020 09:56:17 +0000 (09:56 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoMitigate Security vulnerability in the git hook feature (#13058)
Niklas Goerke [Wed, 7 Oct 2020 09:55:13 +0000 (11:55 +0200)]
Mitigate Security vulnerability in the git hook feature (#13058)

* Extend git hook warning in the UI.

Git hooks are a dangerous feature, administrators should be warned before giving
the git hook privilege to users.

* Disable Git hooks by default and add warning.

Git hooks are a dangerous features (see warning text) that should only
be enabled if the administrator was informed about the risk involved.

Co-authored-by: Niklas Goerke <goerke@fzi.de>
4 years agoUpdate third-party-tools.en-us.md (#13046)
Rongjian Zhang [Tue, 6 Oct 2020 16:55:51 +0000 (00:55 +0800)]
Update third-party-tools.en-us.md (#13046)

4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 6 Oct 2020 16:17:17 +0000 (16:17 +0000)]
[skip ci] Updated translations via Crowdin

4 years agofix: case typo (#13049)
Rongjian Zhang [Tue, 6 Oct 2020 16:16:16 +0000 (00:16 +0800)]
fix: case typo (#13049)

* Update settings.go

* Run swagger generate

4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 6 Oct 2020 07:24:15 +0000 (07:24 +0000)]
[skip ci] Updated translations via Crowdin

4 years ago[Docs] Update GitNex Link (#13050)
6543 [Tue, 6 Oct 2020 07:23:10 +0000 (09:23 +0200)]
[Docs] Update GitNex Link (#13050)

4 years agoAdding visual cue for "Limited" & "Private" organizations. (#13040)
Spencer Taylor [Tue, 6 Oct 2020 06:25:43 +0000 (01:25 -0500)]
Adding visual cue for "Limited" & "Private" organizations. (#13040)

* Adding visual cue for "Limited" & "Private" organizations.

* Moving org visibility CSS styles to .less files.

Co-authored-by: Gitea <gitea@fake.local>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoFix error create comment on outdated file (#13041)
6543 [Tue, 6 Oct 2020 00:18:55 +0000 (02:18 +0200)]
Fix error create comment on outdated file (#13041)

* FIX

* more specific

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoFix Pull Request merge buttons on mobile (#13035)
kolaente [Mon, 5 Oct 2020 23:31:25 +0000 (01:31 +0200)]
Fix Pull Request merge buttons on mobile (#13035)

Signed-off-by: kolaente <k@knt.li>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Mon, 5 Oct 2020 22:47:15 +0000 (22:47 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoFix Issue & Pull Request comment headers on mobile (#13039)
kolaente [Mon, 5 Oct 2020 22:46:11 +0000 (00:46 +0200)]
Fix Issue & Pull Request comment headers on mobile (#13039)

Signed-off-by: kolaente <k@knt.li>
4 years ago(Re)Load issue labels when changing them (#13007)
zeripath [Mon, 5 Oct 2020 06:49:11 +0000 (07:49 +0100)]
(Re)Load issue labels when changing them (#13007)

(Re)Load issue labels when labels are added or removed

This means that the label state that the webhooks produce accurately matches
the changes that they are reporting.

Fix #10660

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoAttachments: Add extension support, allow all types for releases (#12465)
silverwind [Mon, 5 Oct 2020 05:49:33 +0000 (07:49 +0200)]
Attachments: Add extension support, allow all types for releases (#12465)

* Attachments: Add extension support, allow all types for releases

- Add support for file extensions, matching the `accept` attribute of `<input type="file">`
- Add support for type wildcard mime types, e.g. `image/*`
- Create repository.release.ALLOWED_TYPES setting (default unrestricted)
- Change default for attachment.ALLOWED_TYPES to a list of extensions
- Split out POST /attachments into two endpoints for issue/pr and
  releases to prevent circumvention of allowed types check

Fixes: https://github.com/go-gitea/gitea/pull/10172
Fixes: https://github.com/go-gitea/gitea/issues/7266
Fixes: https://github.com/go-gitea/gitea/pull/12460
Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers

* rename function

* extract GET routes out of RepoMustNotBeArchived

Co-authored-by: Lauris BH <lauris@nix.lv>
4 years ago[#13004] Add Timestamp to Tag list API (#13026)
Lucas Queiroz [Mon, 5 Oct 2020 04:07:54 +0000 (01:07 -0300)]
[#13004] Add Timestamp to Tag list API (#13026)

* Add Timestamp to Tag list API

* Add unit test for ToCommitMeta

* Rename timestamp to created

* Reformat files

4 years agoupdated docs with caveat for authorized_keys (#13030)
Divyam Bhasin [Sun, 4 Oct 2020 23:52:40 +0000 (19:52 -0400)]
updated docs with caveat for authorized_keys (#13030)

* updated docs with caveat for authorized_keys

* wrapped authorized_keys in ticks

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoReturn sample message for login error in api context (#12994)
赵智超 [Sun, 4 Oct 2020 21:39:31 +0000 (05:39 +0800)]
Return sample message for login error in api context (#12994)

* Return sample message for login error in api context

Signed-off-by: a1012112796 <1012112796@qq.com>
* Update modules/context/auth.go

Co-authored-by: silverwind <me@silverwind.io>
* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>
* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoCSS tweaks to warning/error segments and misc fixes (#13024)
silverwind [Sun, 4 Oct 2020 20:54:22 +0000 (22:54 +0200)]
CSS tweaks to warning/error segments and misc fixes (#13024)

* CSS tweaks to warning/error segments and misc fixes

- Adjust styling for warning/error in arc-green
- Change danger boxes from orange to red
- Fix code highlight text color in arc-green
- Fix warning message in arc-green
- Fix border in org member list in arc-green
- Fix disabled checkbox text in arc-green

* use same selector in gitea theme

* fix blame highlight

Co-authored-by: zeripath <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Sun, 4 Oct 2020 17:13:45 +0000 (17:13 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoAvoid setitng the CONN_STR in queues unless it is meant to be set (#13025)
zeripath [Sun, 4 Oct 2020 17:12:26 +0000 (18:12 +0100)]
Avoid setitng the CONN_STR in queues unless it is meant to be set (#13025)

Since the move to common leveldb and common redis the disk queue code
will check the connection string before defaulting to the DATADIR.

Therefore we should ensure that the connection string is kept empty
unless it is actually set.

Fix #13023

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agohCaptcha Support (#12594)
John Olheiser [Sat, 3 Oct 2020 03:37:53 +0000 (22:37 -0500)]
hCaptcha Support (#12594)

* Initial work on hCaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Use module

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Format

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* At least return and debug log a captcha error

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Pass context to hCaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Add context to recaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>
* Finish hcaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update example config

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Apply error fix for recaptcha

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Change recaptcha ChallengeTS to string

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
4 years agoFix formatting of branches ahead-behind on narrow windows (#12989)
zeripath [Fri, 2 Oct 2020 23:10:43 +0000 (00:10 +0100)]
Fix formatting of branches ahead-behind on narrow windows (#12989)

Make the bar-groups width 50% with max-width of 90px

Fix #12252

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoUpdate comparison for GitLab CE (#13019)
Claudius Ellsel [Fri, 2 Oct 2020 22:08:17 +0000 (00:08 +0200)]
Update comparison for GitLab CE (#13019)

* Update comparison for GitLab CE

Fixes #13018.

* Update docs/content/doc/features/comparison.en-us.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
* Update comparison.en-us.md

According to the linked issue it is there and just the documentation is lacking.

* Update docs/content/doc/features/comparison.en-us.md

Co-authored-by: techknowlogick <matti@mdranta.net>
* Update docs/content/doc/features/comparison.en-us.md

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: techknowlogick <matti@mdranta.net>
4 years agoFix comment header span. (#13009)
rebeckanylander [Fri, 2 Oct 2020 15:13:46 +0000 (17:13 +0200)]
Fix comment header span. (#13009)

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoRemove code-view class from diff view (#13011)
mrsdizzie [Fri, 2 Oct 2020 14:38:38 +0000 (10:38 -0400)]
Remove code-view class from diff view (#13011)

code-view class seems unecessary here as everything needed style wise comes from various diff classes. This allows comments and comment editor to be styled properly and fixes linked bug.

Fixes #13010

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoFix 500 on README in submodule (#13006)
zeripath [Fri, 2 Oct 2020 13:27:44 +0000 (14:27 +0100)]
Fix 500 on README in submodule (#13006)

If a README file is a symlink to a submodule Gitea the view branch page
will return a 500.

The underlying problem is a missed conversion of an
plumbing.ErrObjectNotFound in git/tree_blob.go.

Fix #12599

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Fri, 2 Oct 2020 09:38:47 +0000 (09:38 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoFix repository create/delete event webhooks (#13008)
James Lakin [Fri, 2 Oct 2020 09:37:46 +0000 (09:37 +0000)]
Fix repository create/delete event webhooks (#13008)

This small PR changes the webhook trigger behaviour to be more in line with what's expected. (When 'repository' events are enabled, of course)

In other words:

For system-wide or default webhooks, repository events will now trigger said webhook. Previously it had to be under an organization for create events to be visible - a tad unexpected!
Deleting a repository will now fire its own defined webhooks, not just organisational and system ones.
In order to enable the latter the webhook has to now be triggered before the actual repo undergoes deletion. I'm willing to tweak this to try and 'grab' the webhook model beforehand and trigger the webhook notifier directly afterwards, but this may make the code more complex for little benefit.

Closes #11766, #9180.

4 years agolatest version is 1.12.5 (#13005)
techknowlogick [Thu, 1 Oct 2020 19:21:25 +0000 (15:21 -0400)]
latest version is 1.12.5 (#13005)

4 years agoChangelog 1.12.5 (#13002) (#13003)
John Olheiser [Thu, 1 Oct 2020 18:47:54 +0000 (13:47 -0500)]
Changelog 1.12.5 (#13002) (#13003)

* Changelog 1.12.5

Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Update CHANGELOG.md

* Update CHANGELOG.md

Co-authored-by: techknowlogick <matti@mdranta.net>
* Apply suggestions from code review

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
4 years agofix: media links in org files not liked to media files (#12997)
Pranav Nachnekar [Thu, 1 Oct 2020 15:22:34 +0000 (20:52 +0530)]
fix: media links in org files not liked to media files (#12997)

* fix: media links in org files not liked to media files

* fix: write directly to io.Writer r

as suggested by code review

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 1 Oct 2020 12:50:55 +0000 (12:50 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoallow U2F with default settings for gitea in subpath (#12990)
techknowlogick [Thu, 1 Oct 2020 12:49:49 +0000 (08:49 -0400)]
allow U2F with default settings for gitea in subpath (#12990)

* allow U2F with default settings for gitea in subpath

* use trim suffix

Co-authored-by: zeripath <art27@cantab.net>
4 years agoCopy missing things from app.example.ini to Cheat Sheet (#12988)
zeripath [Thu, 1 Oct 2020 06:57:57 +0000 (07:57 +0100)]
Copy missing things from app.example.ini to Cheat Sheet (#12988)

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Thu, 1 Oct 2020 05:55:40 +0000 (05:55 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoRefactor use TrimSuffix instead of TrimRight (#12993)
6543 [Thu, 1 Oct 2020 05:54:34 +0000 (07:54 +0200)]
Refactor use TrimSuffix instead of TrimRight (#12993)

* Refactor use TrimSuffix instead of TrimRight

* TrimRight right

* has #12990

4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 30 Sep 2020 21:00:33 +0000 (21:00 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoFix hugo shortcode typo in faq (#12987)
raoulb [Wed, 30 Sep 2020 20:59:30 +0000 (22:59 +0200)]
Fix hugo shortcode typo in faq (#12987)

* Fix hugo shortcode typo in faq

* Switch to using language tags

4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 30 Sep 2020 16:17:15 +0000 (16:17 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoClarification on the use of certificate chains (#12986)
PE1NUT [Wed, 30 Sep 2020 16:16:13 +0000 (18:16 +0200)]
Clarification on the use of certificate chains (#12986)

* Clarification on the use of certificate chains

* As per @bagasme

Co-authored-by: Bagas Sanjaya <bagasdotme@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Bagas Sanjaya <bagasdotme@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Wed, 30 Sep 2020 12:28:46 +0000 (12:28 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoFix typo on Chinese documents (#12982)
Lunny Xiao [Wed, 30 Sep 2020 12:27:41 +0000 (20:27 +0800)]
Fix typo on Chinese documents (#12982)

4 years agoAlways return a list from GetCommitsFromIDs (#12981)
zeripath [Tue, 29 Sep 2020 21:26:54 +0000 (22:26 +0100)]
Always return a list from GetCommitsFromIDs (#12981)

`GetCommitsFromIDs` is only used in one place: `LoadPushCommits` where
it expects that `c.Commits` is not nil.

This potentially nil set causes a NPE in in #12953

Fix #12953

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoOnly set the user password if the password field would have been shown (#12980)
zeripath [Tue, 29 Sep 2020 20:27:03 +0000 (21:27 +0100)]
Only set the user password if the password field would have been shown (#12980)

POSTing to /admin/users/:id should only set the password if the the user
IsLocal or IsOauth2

Fix #12952

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years ago[skip ci] Updated translations via Crowdin
GiteaBot [Tue, 29 Sep 2020 19:27:47 +0000 (19:27 +0000)]
[skip ci] Updated translations via Crowdin

4 years agoFix admin/config page (#12979)
zeripath [Tue, 29 Sep 2020 19:26:45 +0000 (20:26 +0100)]
Fix admin/config page (#12979)

Change `.LFS.ContentPath` to `.LFS.Path`

Fix #12975

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoAdd default storage configurations (#12813)
Lunny Xiao [Tue, 29 Sep 2020 09:05:13 +0000 (17:05 +0800)]
Add default storage configurations (#12813)

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
4 years agoCompletely quote AppPath and CustomConf paths (#12955)
zeripath [Tue, 29 Sep 2020 01:16:52 +0000 (02:16 +0100)]
Completely quote AppPath and CustomConf paths (#12955)

* Completely quote AppPath and CustomConf paths

Properly handle spaces in AppPath and CustomConf within hooks and
authorized_keys. Unfortunately here we don't seem to be able to get away
with using go-shellquote as it appears that Windows doesn't play too
well with singlequote quoting - therefore we will avoid singlequote
quoting unless we absolutely cannot get away without it, e.g. \n or !.

Fix #10813

Signed-off-by: Andrew Thornton <art27@cantab.net>
* missing change

Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix Test_CmdKeys

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoFix the issue reported on #12385 (#12969)
zeripath [Mon, 28 Sep 2020 23:00:54 +0000 (00:00 +0100)]
Fix the issue reported on #12385 (#12969)

Missed setting ConnectionString on queuesettings

Signed-off-by: Andrew Thornton <art27@cantab.net>
4 years agoDocs: Add missing SESSION_LIFE_TIME to Config Cheat Sheet (#12968)
6543 [Mon, 28 Sep 2020 20:39:54 +0000 (22:39 +0200)]
Docs: Add missing SESSION_LIFE_TIME to Config Cheat Sheet (#12968)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
4 years agoChanged width of signature avatar from auto to 16px (#12961)
Victor [Mon, 28 Sep 2020 20:39:22 +0000 (22:39 +0200)]
Changed width of signature avatar from auto to 16px (#12961)

Signed-off-by: Victor Roest <victor@xirion.net>
Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>