summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
...
* Prevent panic in serv.go with Deploy Keys (#17434) (#17435)zeripath2021-10-261-1/+1
| | | | | | | | | | Backport #17434 Unfortunately there was a regression in #17373 which missed that the user is not for deploy keys. This leads to a panic when pushing with deploy keys. Fix #17412 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix CSV render error (#17406) (#17431)KN4CK3R2021-10-252-22/+21
| | | | | | | | | | | | | | | Backport #17406. Closes #17378 Both errors from #17378 were caused by #15175. Problem 1 (error with added file): `ToUTF8WithFallbackReader` creates a `MultiReader` from a `byte[2048]` and the remaining reader. `CreateReaderAndGuessDelimiter` tries to read 10000 bytes from this reader but only gets 2048 because that's the first reader in the `MultiReader`. Then the `if size < 1e4` thinks the input is at EOF and just returns that. Problem 2 (error with changed file): The blob reader gets defer closed. That was fine because the old version reads the whole file into memory. Now with the streaming version the close needs to defer after the method. Co-authored-by: zeripath <art27@cantab.net>
* Read expected buffer size (#17409) (#17430)KN4CK3R2021-10-2511-29/+51
| | | | | | | Backport of #17409 * Read expected buffer size. * Changed name.
* Fix markdown checkbox rendering (#17427)wxiaoguang2021-10-251-0/+6
| | | | | We allow to render empty check list item - [ ], while GitHub doesn't allow. To make the rendering correct, we need tune the UI (the last PR #17413 uses absolute layout, which makes the empty checkbox item can not be displayed correctly)
* Fix issue markdown bugs (#17413)wxiaoguang2021-10-233-2/+9
| | | | | | | * Bug fix: render Markdown `http://AppURL/org/repo/issues/4?a=1&b=2#comment-123 test` to HTML correctly, close #17394 * Bug fix: fix the positions of checkboxes in rendered HTML, close #17395 # Conflicts: # modules/markup/html.go
* Changelog 1.15.5 (#17392)v1.15.5zeripath2021-10-211-0/+17
| | | | | | | | | | | | | | | | | | * SECURITY * Upgrade Bluemonday to v1.0.16 (#17372) (#17374) * Ensure correct SSH permissions check for private and restricted users (#17370) (#17373) * BUGFIXES * Prevent NPE in CSV diff rendering when column removed (#17018) (#17377) * Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376) * Don't panic if we fail to parse U2FRegistration data (#17304) (#17371) * Ensure popup text is aligned left (backport for 1.15) (#17343) * Ensure that git daemon export ok is created for mirrors (#17243) (#17306) * Disable core.protectNTFS (#17300) (#17302) * Use pointer for wrappedConn methods (#17295) (#17296) * AutoRegistration is supposed to be working with disabled registration (backport) (#17292) * Handle duplicate keys on GPG key ring (#17242) (#17284) * Fix SVG side by side comparison link (#17375) (#17391) Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix SVG side by side comparison link (#17375) (#17391)zeripath2021-10-212-7/+6
| | | | | | | | | | | | Backport #17375 Define unique names for image tabs in pull requests, in order to toggle tabs correctly when multiple are displayed on one page. Fixes position of swipe-bar so it does not overlay other UI components when scrolling. Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com> Co-authored-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Offer rsa-sha2-512 and rsa-sha2-256 algorithms in internal SSH (#17281) (#17376)zeripath2021-10-211-0/+56
| | | | | | | | | | | | | | | | Backport #17281 There is a subtle bug in the SSH library x/crypto/ssh which makes the incorrect assumption that the public key type is the same as the signature algorithm type. This means that only ssh-rsa signatures are offered by default. This PR adds a workaround around this problem. Fix #17175 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix heatmap test (#17381) (#17383)Lunny Xiao2021-10-211-0/+6
| | | Backport #17381
* Upgrade Bluemonday to v1.0.16 (#17372) (#17374)65432021-10-2018-45/+159
|
* Prevent NPE in CSV diff rendering when column removed (#17018) (#17377)Richard Mahn2021-10-207-136/+351
| | | | | Backport of #17018 Fixes #16837 if a column is deleted.
* Ensure correct SSH permissions check for private and restricted users ↵65432021-10-201-1/+6
| | | | | | | | | | | | (#17370) (#17373) Repositories owned by private users and organisations and pulls by restricted users need to have permissions checked. Previously Serv would simply assumed that if the user could log in and the repository was not private then it would be visible. Fix #17364 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Don't panic if we fail to parse U2FRegistration data (#17304) (#17371)zeripath2021-10-203-2/+28
| | | | | | | | | | | Backport #17304 Downgrade logging statement from Fatal to Error so that errors parsing U2FRegistration data does not panic; instead, the invalid key will be skipped and we will attempt to parse the next one, if available. Signed-off-by: David Jimenez <dvejmz@sgfault.com> Co-authored-by: David Jimenez <dvejmz@users.noreply.github.com>
* Allow mocking timeutil (#17354) (#17356)John Olheiser2021-10-182-0/+23
| | | Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Ensure popup text is aligned left (#17343)Mario Lubenka2021-10-171-0/+4
| | | Signed-off-by: Mario Lubenka <mario.lubenka@googlemail.com>
* Ensure that git daemon export ok is created for mirrors (#17243) (#17306)zeripath2021-10-146-28/+79
| | | | | | | | | | | | Backport #17243 There is an issue with #16508 where it appears that create repo requires that the repo does not exist. This causes #17241 where an error is reported because of this. This PR fixes this and also runs update-server-info for mirrors and generated repos. Fix #17241 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Disable core.protectNTFS (#17300) (#17302)zeripath2021-10-134-0/+10
| | | | | | | | | | | | | | | | Backport #17300 core.protectNTFS protects NTFS from files which may be difficult to remove or interact with using the win32 api, however, it also appears to prevent such files from being entered into the git indexes - fundamentally causing breakages with PRs that affect these files. However, deliberately setting this to false may cause security issues due to the remain sparse checkout of files in the merge pipeline. The only sensible option therefore is to provide an optional setting which admins could set which would forcibly switch this off if they are affected by this issue. Fix #17092 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use pointer for wrappedConn methods (#17295) (#17296)zeripath2021-10-121-3/+3
| | | | | | | Backport #17295 Fix #17294 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Backport of fix for auto registration - PR #17219 (#17292)Viktor Kuzmin2021-10-121-1/+1
|
* Handle duplicate keys on GPG key ring (#17242) (#17284)zeripath2021-10-111-0/+40
| | | | | | | | | | | | | | Backport #17242 It is possible that a keyring can contain duplicate keys on a keyring due to jpegs or other layers. This currently leads to a confusing error for the user - where we report a duplicate key insertion. This PR simply coalesces keys into one key if there are duplicates. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: 6543 <6543@obermui.de>
* Changelog for 1.15.4v1.15.4Matti R2021-10-081-0/+24
|
* API: don't allow merged PRs to be reopened (#17271)Norwin2021-10-082-1/+14
|
* don't try to interpret treepath as hash (#17272)Norwin2021-10-081-1/+1
| | | | | | | | | | | | | ...when path contains no hash-path-separator ('/') This is a workaround to #17179. Entering this case when `path` does not contain a '/' does not really make sense, as that means the tree path is empty, but this case is only entered for routes that expect a non-empty tree path. Treepaths like <40-char-dirname>/<filename> will still fail, but hopefully don't occur that often. A more complete fix that avoids this case too is outlined in #17185, but too big of a change to backport
* Fix incorrect repository count on organization tab of dashboard (#17266)Jimmy Praet2021-10-081-1/+1
| | | Fixes #17249
* Fix unwanted team review request deletion (#17257) (#17264)Jimmy Praet2021-10-071-1/+1
| | | | Add missing issue_id = ? to where clause Fixes #17251
* CI: migrate from 'plugins/s3:1' to 'woodpeckerci/plugin-s3:latest' (#17234) ↵65432021-10-071-3/+3
| | | | | | (#17260) - this fixes the CI release upload issues, as the docker image for this is freshly built (unlike the mostly unmaintained "official" drone plugins), thus containing current CA certs needed for letsencrypt since 2021-09-31. - woodpecker is a drone-ci fork maintained partially by @6543. it's API compatible with current drone plugins afaik
* Remove dead badge on README.md (#17261)65432021-10-071-3/+0
|
* Fix broken Activities link in team dashboard (#17255) (#17258)Jimmy Praet2021-10-071-1/+1
| | | | | Remove '/' suffix from organization dashboard link Fixes #17250
* API pull's head/base have correct permission(#17214) (#17245)pricly-yellow2021-10-074-22/+34
| | | | | | | | | | | | | | | | | | | * for all pull requests API return permissions of caller * for all webhook return empty permissions Signed-off-by: Danila Kryukov <pricly_yellow@dismail.de> * Fix incorrect error handler Co-authored-by: delvh <dev.lh@web.de> * Fix wrong assumption in tests * Change paramenter name to doer to indicate source Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de>
* Fix stange behavior of DownloadPullDiffOrPatch in incorect index (#17223) ↵pricly-yellow2021-10-053-18/+11
| | | | | | | | (#17227) Fix GetPullRequestByIndex by validate index > 1 Signed-off-by: Danila Kryukov <pricly_yellow@dismail.de> Co-authored-by: a1012112796 <1012112796@qq.com>
* Check user instead of organization when creating a repo from a template via ↵65432021-10-011-4/+9
| | | | | | | | | API (#16346) (#17195) * Check user instead of organization * Enforce that only admins can copy a repo to another user Co-authored-by: Ion Jaureguialzo Sarasola <ion@jaureguialzo.com>
* upgrade xorm to v1.2.5 (#17177) (#17188)Lunny Xiao2021-09-306-8/+8
|
* fix sprintf verbs in locales (#17187)Alexey 〒erentyev2021-09-309-19/+19
| | | | | Signed-off-by: Alexey Terentyev <axifnx@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* Fix missing repo link in issue/pull assigned emails (#17183) (#17184)zeripath2021-09-304-4/+14
| | | | | | | | | | | | | | | Backport #17183 There was a mistake in the template file: `templates/mail/issue/assigned.tmpl` where the repourl was generated from a non-existent release instead of the issue. This PR changes this to use the issue but also ensure that the issue repo is loaded. It also slightly improves the English and the Russian locale string. Fix #17160 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Fix bug of get context user (#17169) (#17172)Lunny Xiao2021-09-282-10/+12
| | | Co-authored-by: 6543 <6543@obermui.de>
* Nicely handle missing user in collaborations (#17049) (#17166)zeripath2021-09-284-222/+155
| | | | | | | | | | | | | | | | | Backport #17049 It is possible to have a collaboration in a repository which refers to a no-longer existing user. This causes the repository transfer to fail with an unusual error. This PR makes `repo.getCollaborators()` nicely handle the missing user by ghosting the collaboration but also adds consistency check. It also adds an Access consistency check. Fix #17044 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 ↵zeripath2021-09-274-13/+607
| | | | | | | | | | | | | | | | | | (#17136) (#17137) Backport #17136 There was a serious issue with the `gitea dump` command in 1.14.3-1.14.6 which led to corruption of the `config` field of the `repo_unit` table. This PR adds a doctor command to attempt to fix the broken repo_units. Users affected by #16961 should run: ``` gitea doctor --fix --run fix-broken-repo-units ``` Fix #16961 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Horizontal scrollbar to inner menu on Chrome (#17086) (#17164)zeripath2021-09-271-0/+2
|
* Fix wrong i18n keys (#17150) (#17153)65432021-09-262-5/+5
| | | | | Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* correct transaction ending (#17151)Alexey 〒erentyev2021-09-251-2/+4
| | | Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
* Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)zeripath2021-09-243-12/+46
| | | | | | | | | | | | | Backport #17140 When rendering source in org mode there is a mistake in the highlight code that causes a panic. This PR fixes this. Fix #17139 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Changelog 1.15.3 (#17091)v1.15.3zeripath2021-09-201-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | ## [1.15.3](https://github.com/go-gitea/gitea/releases/tag/v1.15.3) - 2021-09-19 * ENHANCEMENTS * Add fluid to ui container class to remove margin (#16396) (#16976) * Add caller to cat-file batch calls (#17082) (#17089) * BUGFIXES * Render full plain readme. (#17083) (#17090) * Upgrade xorm to v1.2.4 (#17059) * Fix bug of migrate comments which only fetch one page (#17055) (#17058) * Do not show issue context popup on external issues (#17050) (#17054) * Decrement Fork Num when converting from Fork (#17035) (#17046) * Correctly rollback in ForkRepository (#17034) (#17045) * Fix missing close in WalkGitLog (#17008) (#17009) * Add prefix to SVG id/class attributes (#16997) (#17000) * Fix bug of migrated repository not index (#16991) (#16996) * Skip AllowedUserVisibilityModes validation on update user if it is an organisation (#16988) (#16990) * Fix storage Iterate bug and Add storage doctor to delete garbage attachments (#16971) (#16977) * Fix issue with issue default mail template (#16956) (#16975) * Ensure that rebase conflicts are handled in updates (#16952) (#16960) * Prevent panic on diff generation (#16950) (#16951) Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add caller to cat-file batch calls (#17082) (#17089)zeripath2021-09-202-8/+29
| | | | | | | | | | | Some people still appear to report unclosed cat-files. This PR simply adds the caller to the process descriptor for the CatFileBatch and CatFileBatchCheck calls. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Render full plain readme. (#17083) (#17090)zeripath2021-09-191-0/+4
| | | | | | | Backport #17083 Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Fix bug of migrate comments which only fetch one page (#17055) (#17058)Lunny Xiao2021-09-151-2/+7
| | | | | | | | | * Fix bug of migrate comments which only fetch one page * add next page to trace Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Upgrade xorm to v1.2.4 (#17059)Lunny Xiao2021-09-1513-163/+151
|
* Do not show issue context popup on external issues (#17050) (#17054)zeripath2021-09-154-4/+14
| | | | | | | | | | Backport #17050 The issues pop-up context cannot work for external issues - therefore do not show these. Fix #17047 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Correctly rollback in ForkRepository (#17034) (#17045)zeripath2021-09-152-21/+41
| | | | | | | | | | | | | | | | | Backport #17034 The rollback functionality in services/repository/repository.go:ForkRepository is incorrect and could lead to a deadlock as it uses DeleteRepository to delete the rolled-back repository - a function which creates its own transaction. This PR adjusts the rollback function to only use RemoveAll as any database changes will be automatically rolled-back. It also handles panics and adjusts the Close within WithTx to ensure that if there is a panic the session will always be closed. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Decrement Fork Num when converting from Fork (#17035) (#17046)zeripath2021-09-153-4/+39
| | | | | | | | | | Backport #17035 When converting repositories from forks to normal the root NumFork needs to be decremented too. Fix #17026 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix missing close in WalkGitLog (#17008) (#17009)zeripath2021-09-101-7/+16
| | | | | | | | | | | | | | | | | | | | Backport #17008 When the external context is cancelled it is possible for the GitLogReader to not itself be Closed. This PR does three things: 1. Instead of adding a plain defer it wraps the `g.Close` in a func as `g` may change. 2. It adds the missing explicit g.Close - although the defer fix makes this unnecessary. 3. It passes down the external context as the base context for the GitLogReader meaning that the cancellation of the external context will pass down automatically. Fix #17007 Signed-off-by: Andrew Thornton <art27@cantab.net>
generated by cgit v1.2.3 (git 2.39.1) at 2025-04-07 19:18:50 +0000