summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Reset build identifiers for next point release cycleHEADmasterFlorian Zschocke2025-06-142-2/+20
|
* doc: Use www.gitblit.com in link to full release notesv1.10.0Florian Zschocke2025-06-141-1/+1
| | | | | | | | | | | The release process generates a release on Github. The release notes on Github link to the full release notes on the Gitblit website. But since gitblit.com/ only has a simple redirect in the index.html to the Github pages site, a direct link to the releasenotes on gitblit.com will end up in the outdated pages on Jame's site. Therefore use www.gitblit.com/ for the link, which we can control and which leads to the Github pages directly.
* Prepare 1.10.0 releaseflaix2025-06-142-10/+10
|
* test: Fix URL or remote repo used in testsFlorian Zschocke2025-06-141-1/+1
|
* dep: Update multiple dependencies after security scanFlorian Zschocke2025-06-146-94/+112
| | | | Update dependencies after running grype to the fixed versions.
* fix: Fix exposing password hashes in user edit pageFlorian Zschocke2025-06-1411-24/+36
| | | | | | | | | | When an administrator edits a user entry, the user's password hash is present on the edit page. This is unnecessary. But it exposes the hash to an administrator who could choose to try to brute-force the hash and use the password on other logins of that user. This is an issue for administrative users who have no access to the actual database on disk but access to the user edit web page.
* fix: Prevent premature authentication on failed ssh key challegeFlorian Zschocke2025-06-144-9/+72
| | | | | Many thanks to András Veres-Szentkirályi for the report and the support in understanding and finding the issue.
* ci: Detect test running in container under GossFlorian Zschocke2025-06-141-3/+3
| | | | | Add environment variable that lets us detect that Gitblit is running under Goss for testing purposes.
* ci: Update GH actions to latest versions in GH workflowsFlorian Zschocke2025-06-142-17/+17
|
* Create instance reports, with test server URLFlorian Zschocke2025-06-143-5/+90
|
* Make sure reports are not run in test environmentsFlorian Zschocke2025-06-147-4/+179
|
* Create gitblit instance to schedule reportingFlorian Zschocke2025-06-142-0/+61
|
* Add report for instance to sendFlorian Zschocke2025-06-144-1/+336
|
* Add id for a running gitblit instanceFlorian Zschocke2025-06-143-1/+426
|
* doc: Update release notes.Florian Zschocke2025-06-141-9/+22
|
* doc: Update SECURITY.md to include Github's reporting mechanismFlorian Zschocke2025-06-131-1/+4
|
* dep: Remove obsolete dagger source referenceFlorian Zschocke2025-06-131-5/+0
| | | | This crept in via some left over directory on disk. I guess.
* Merge pull request #1461 from flaix/depupdFlorian Zschocke2023-10-314-56/+56
|\ | | | | Update dependencies
| * dep: Update Apache Tika to 1.28.5Florian Zschocke2023-10-313-5/+5
| |
| * dep: Update slf4j to 1.7.36 and switch from log4j1 to reload4jFlorian Zschocke2023-10-313-15/+15
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace log4j 1.2.17 with reload4j 1.2.25. log4j 1.x was caught in the fire of the Log4Shell vulnerability, even though the 1.x line was not affected by the vulnerability. Still, this looks bad when it shows up in security scanners even though it doesn't mean it has the Log4Shell vulnerability. Switch to reload4j instead. This is a drop-in replacement of log4j. Actually, it is log4j rebooted by the same author. The reload4j 1.x line fixes security issues that have since surfaced. At the same time we update to the latest slf4j version, which also switched to reload4j for the log4j12 line.
| * dep: Update JSoup to 1.16.2Florian Zschocke2023-10-314-9/+9
| | | | | | | | | | | | | | Update JSoup to version 1.16.2. This requires renaming `Whitelist` to `Safelist`, because the class name was changed in version 1.15.1 in a breaking change.
| * dep: Update mina-core, commons-compress and guavaFlorian Zschocke2023-10-313-27/+27
|/ | | | | Update dependencies: Mina Core, Guava and commons-compress. These don't need any other adjustments.
* Merge pull request #1457 from flaix/fixLogStringsFlorian Zschocke2023-10-2410-130/+95
|\
| * Update some outdated, and sometimes wrong, logger format stringsFlorian Zschocke2023-10-2410-130/+95
|/
* Merge pull request #1456 from flaix/sha256Florian Zschocke2023-10-152-31/+82
|\ | | | | Add SHA-256 hash calculation to StringUtils
| * Add function to calculate SHA-256 has sum to StingUtils.Florian Zschocke2023-10-152-0/+28
| |
| * Refactor StringUtils to provide message digest in common functionFlorian Zschocke2023-10-151-31/+54
| | | | | | | | | | | | | | | | | | | | The calculation of a MD5 and SHA-1 sum are all message digest implementations. Instead or replicating the same code over and over again, provide a common function for message digest calculation which can do this for different algorithms based on the algorithm name passed as a parameter. Then replace the existing `getMD5` and `getSHA1` functions by calling the common function passing the respective algorithm name.
* | Merge pull request #1455 from losiki/message-formatFlorian Zschocke2023-10-153-5/+5
|\ \ | |/ |/| Fix single quotes in MessageFormat patterns.
| * Fix single quotes in MessageFormat patterns.Egor Shchegolkov2023-10-143-5/+5
|/
* Merge pull request #1454 from flaix/update-clientsFlorian Zschocke2023-10-1314-24/+24
|\
| * Update Git clients list on empty repository pageFlorian Zschocke2023-10-1214-24/+24
|/ | | | | | | | | | | | The page shown for an empty repository lists suggestions for Git clients, mostly GUI ones, and links to their web pages. The TortoiseGit client entry is removed since the URL is no longer valid. The excellent client Fork is added to the closed source clients section. This commit also cleans up some other entries, fixing broken tags, escaping ampersands and removing outdated or wrong information.
* Merge pull request #1452 from flaix/chinese-forkFlorian Zschocke2023-10-121-17/+17
|\ | | | | Improve Chinese translation of "fork"
| * Improve Chinese translation of "fork"Florian Zschocke2023-10-091-17/+17
|/ | | | | | | The currently used translation of "fork" is ambiguous, using the same word as for "branch". Fixes #1448
* build: Keep CNAME file when updating gh-pages branchFlorian Zschocke2023-04-061-2/+6
| | | | | | | The CNAME file on the gh-pages branch is used to link the gh-pages to the gitblit.com domain. So it needs to stay around when updating the gh-pages branch with new documentation pages. This is possible since Moxie 0.10.0 with a new `keep` sub-element.
* Update Moxie to version 0.10.0Florian Zschocke2023-04-033-6/+6
| | | | This provides changes and new commands used for release.
* doc Add some basic steps to the "contributing" section of ReadmeFlorian Zschocke2023-04-031-0/+7
|
* doc: Update release notesFlorian Zschocke2023-04-031-13/+60
|
* doc: Adjust current stable release infoFlorian Zschocke2023-04-031-2/+2
| | | | That was not updated after the 1.9.3 hotfix release.
* doc: Cleanup Google Code links and obsolete design descriptionFlorian Zschocke2023-04-032-8/+4
| | | | | | | | | | | Replace the links in NOTICE to the closed down Google Code (code.google.com) with their Github counterparts where the projects moved to. Gitblit used to download dependencies upon first start. This has since long been changed and everything is bundled with Gitblit now. So reflect this in the design.mkd document, which still said they would be downloaded.
* doc: Replace Clippy with clipboard.js in design doc and NOTICEFlorian Zschocke2023-04-032-2/+9
|
* doc: Fix link to log4j.properties on Github in setup_GOFlorian Zschocke2023-04-032-2/+5
|
* Merge pull request #1442 from glmdev/patch-1Florian Zschocke2023-04-034-5/+5
|\ | | | | Fix Moxie URL in build.xml (#1441)
| * Adjust URLs to gitblit.github.io to point to gitblit-org.github.ioFlorian Zschocke2023-04-033-3/+3
| | | | | | | | | | Adjust other references to the old 'gitblit' organisation on Github to point to the new 'gitblit-org' organisation.
| * Fix Moxie URL in build.xml (#1441)Garrett Mills2023-02-081-2/+2
|/
* Merge pull request #1425 from srp-gmbh/jenkins_access_tokenFlorian Zschocke2022-12-091-1/+5
|\ | | | | Add support for Jenkins Git plugin access token, fixes #1423
| * Add support for Jenkins access token fixes #1423Tino Desjardins2022-09-031-1/+5
| |
* | Adjust path after moving from "gitblit" to "gitblit-org" on GithubFlorian Zschocke2022-12-0919-37/+36
| |
* | fix: Fix broken pushes to ticketsFlorian Zschocke2022-12-073-8/+10
| | | | | | | | | | | | | | The update of JGit broke pushes to tickets. The ReceiveCommand now requires all three arguments, oldId, newId and name, to be not null. The ticket code handling pushes to tickets left name and old id as null in certain cases. This is fixed by always providing values.
* | fix: Fix incorrect text being copied by copy button on tickets pageFlorian Zschocke2022-12-061-1/+1
| | | | | | | | The merge step for using `pt` added the wrong text to the copy button.
* | Add french version of Empty Repository pageFlorian Zschocke2022-12-051-0/+60
| | | | | | | | Donated by @piradix