summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add proxy settings and support for migration and webhook (#16704)Lunny Xiao2021-08-1820-41/+302
| | | | | | | | | | | | | | | | | | | | | | | | | | * Add proxy settings and support for migration and webhook * Fix default value * Add newline for example ini * Add lfs proxy support * Fix lint * Follow @zeripath's review * Fix git clone * Fix test * missgin http requests for proxy * use empty Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: zeripath <art27@cantab.net>
* Refactored and fixed migration tests. (#16714)KN4CK3R2021-08-1710-485/+744
| | | Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-181-0/+1
|
* Add API Token Cache (#16547)zeripath2021-08-175-1/+57
| | | | | | | | | | | | | | | | | One of the issues holding back performance of the API is the problem of hashing. Whilst banning BASIC authentication with passwords will help, the API Token scheme still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can still cause enormous numbers of hash computations. A slight solution to this whilst we consider moving to using JWT based tokens and/or a session orientated solution is to simply cache the successful tokens. This has some security issues but this should be balanced by the security issues of load from hashing. Related #14668 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* build with go1.17 (#16707)techknowlogick2021-08-175-15/+15
| | | Co-authored-by: Lauris BH <lauris@nix.lv>
* Use github token URL when fetching oauth token (#16709)techknowlogick2021-08-171-1/+1
| | | Fixes regression from #16544
* Update JS dependencies (#16708)silverwind2021-08-1731-6607/+8941
| | | | | | | | | | | | | | * Update JS dependencies - Update all JS dependencies - Adapt to recent webpack changes - Add new lint rules and fix issues - Regenerate SVGs and update svgo api usage Fixes: https://github.com/go-gitea/gitea/pull/16492 * adapt jest config and sort keys Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-171-0/+39
|
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-163-3/+2
|
* Upgrade levelqueue 0.4.1 (#16696)Lunny Xiao2021-08-154-8/+8
|
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-153-119/+141
|
* Improve resource string (#16691)delvh2021-08-141-1/+1
| | | | | * Improve resource string Co-authored-by: zeripath <art27@cantab.net>
* Fix spelling of HookProcReceiveResult (#16690)Lunny Xiao2021-08-143-17/+17
|
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-141-0/+3
|
* Ensure empty lines are copiable and final new line too (#16678)zeripath2021-08-142-0/+116
| | | | | | | | | | | | * Ensure empty lines are copiable and final new line too When files are highlighted the newline character needs to be added in a whitespace compliant mode. Also ensure the final empty newline is rendered. Fix #16434 * Add test and ensure spans closed Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add filter by owner and team to issue/pulls search endpoint (#16662)Jimmy Praet2021-08-135-3/+87
| | | | | * Filter by owner and team in API issue/pulls search * Add integration test
* Update issue_index to finish migration (#16685)65432021-08-132-0/+30
| | | | | * update issue_index to finish migration * One Func to RecalculateIssueIndexForRepo
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-1325-25/+5
|
* Upgrade xorm to v1.2.2 (#16663)Lunny Xiao2021-08-13134-5404/+42865
| | | | | * Upgrade xorm to v1.2.2 * Change the Engine interface to match xorm v1.2.2
* Fix NPE in fuzzer (#16680)zeripath2021-08-133-1/+20
| | | | | | | The fuzzer found an issue with the issue pattern processor where there is a spurious path.Clean which does not need to be there. This PR also sets the default AppURL for the fuzzer too. Signed-off-by: Andrew Thornton <art27@cantab.net>
* [API] generalize list header (#16551)65432021-08-1288-328/+636
| | | | | | | | | | | | | * Add info about list endpoints to CONTRIBUTING.md * Let all list endpoints return X-Total-Count header * Add TODOs for GetCombinedCommitStatusByRef * Fix models/issue_stopwatch.go * Rrefactor models.ListDeployKeys * Introduce helper func and use them for SetLinkHeader related func
* Add link to vscode to repo header (#16664)a10121127962021-08-122-2/+8
| | | | | add link to vscode to repo header Signed-off-by: a1012112796 <1012112796@qq.com>
* Send registration email on user autoregistration (#16523)zeripath2021-08-1210-3/+88
| | | | | | | | | | | When users login and are autoregistered send email notification. Fix #16178 * Protect public functions within the mailer by testing if the mailer is configured Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Improve SMTP authentication and Fix user creation bugs (#16612)zeripath2021-08-1115-77/+161
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Improve SMTP authentication, Fix user creation bugs and add LDAP cert/key options This PR has two parts: Improvements for SMTP authentication: * Default to use SMTPS if port is 465, and allow setting of force SMTPS. * Always use STARTTLS if available * Provide CRAM-MD5 mechanism * Add options for HELO hostname disabling * Add options for providing certificates and keys * Handle application specific password response as a failed user login instead of as a 500. Close #16104 Fix creation of new users: * A bug was introduced when allowing users to change usernames which prevents the creation of external users. * The LoginSource refactor also broke this page. Close #16104 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Related refactors to ctx.FormX functions (#16567)65432021-08-1122-52/+36
| | | | | | | * use FormTrim if posible * speedup goGet * only convert if nessesary
* Add an api endpoint to fetch git notes (#15373) (#16649)nitul19912021-08-1112-1/+228
| | | close #15373
* Rename ctx.Form() to ctx.FormString() and move code into own file (#16571)65432021-08-1164-449/+236
| | | | | | | Followup from #16562 prepare for #16567 * Rename ctx.Form() to ctx.FormString() * Reimplement FormX func to need less code and cpu cycles * Move code into own file
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-111-0/+1
|
* Upgrade github.com/google/go-github v32.1.0 -> v37.0.0 (#16661)65432021-08-10120-1532/+5422
| | | | | * Upgrade github.com/google/go-github vv32.1.0 -> v37.0.0 * refactor: use GetX() func to reduce code
* Replace `list.List` with slices (#16311)KN4CK3R2021-08-0929-304/+185
| | | | | | | | | | | | | | | | | | | * Replaced list with slice. * Fixed usage of pointer to temporary variable. * Replaced LIFO list with slice. * Lint * Removed type check. * Removed duplicated code. * Lint * Fixed merge. Co-authored-by: 6543 <6543@obermui.de>
* Change the implementation of the go-git version of GetNote to mirror the non ↵nitul19912021-08-092-0/+15
| | | | | | | go-git version when passed a non-existent commit (#16658) Fixes #16657
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-091-0/+6
|
* Add Version info to migrations.go (#16653)65432021-08-081-0/+3
| | | Gitea migrations of 1.15.0 ends at v189
* Restore compatibility with SQLServer 2008 R2 in migrations (#16627)zeripath2021-08-081-6/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Restore compatibility with SQLServer 2008 R2 in migrations `ALTER TABLE DROP ... IF EXISTS ...` is only supported in SQL Server >16. The `IF EXISTS` here is a belt-and-braces and does not need to be present. Therefore can be dropped. We need to figure out some way of restricting our SQL syntax against the minimum version of SQL Server we will support. My suspicion is that `ALTER DATABASE database_name SET COMPATIBILITY_LEVEL = 100` may do that but there may be other side-effects so I am not whether to do that. Signed-off-by: Andrew Thornton <art27@cantab.net> * try just dropping the index only Signed-off-by: Andrew Thornton <art27@cantab.net> * use lowercase for system tables Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-081-0/+1
|
* Changelog for 1.15.0-rc3 (#16621) (#16645)zeripath2021-08-071-0/+31
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Frontport #16621 ## [1.15.0-rc3](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc3) - 2021-08-06 * BREAKING * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) * SECURITY * Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606) * Correctly create of git-daemon-export-ok files (#16508) (#16514) * Don't show private user's repo in explore view (#16550) (#16554) * Update node tar dependency to 6.1.6 (#16622) (#16623) * API * Swagger AccessToken fixes (#16574) (#16597) * Set AllowedHeaders on API CORS handler (#16524) (#16618) * BUGFIXES * Restore Accessibility for Dropdown (#16576) (#16617) * Pass down SignedUserName down to AccessLogger context (#16605) (#16616) * Fix table alignment in markdown (#16596) (#16602) * Fix 500 on first wiki page (#16586) (#16598) * Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570) * Upgrade levelqueue to v0.4.0 (#16560) (#16561) * Handle too long PR titles correctly (#16517) (#16549) * Fix data race in bleve indexer (#16474) (#16509) * Restore CORS on git smart http protocol (#16496) (#16506) * Fix race in log (#16490) (#16505) * Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480) * Update notification table with only latest data (#16445) (#16469) * Revert to use alpine 3.13 (#16451) (#16452) * Fix crash following ldap authentication update (#16447) (#16448) * Fix direct creation of external users on admin page (partial #16612) (#16613) * Prevent 500 on draft releases without tag (#16634) (#16636) Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Separate open and closed issue in metrics (#16637)Romain2021-08-072-2/+44
| | | | | | | * Get the issue counts in one query Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Add note about build-time flags for PAM support (#16641)techknowlogick2021-08-071-0/+2
| | | Fix #16639
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-071-0/+4
|
* Allow setting X-FRAME-OPTIONS (#16643)zeripath2021-08-067-6/+12
| | | | | | | | | | | | | | | * Allow setting X-FRAME-OPTIONS This PR provides a mechanism to set the X-FRAME-OPTIONS header. Fix #7951 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Prevent 500 on draft releases without tag (#16634)zeripath2021-08-051-1/+3
| | | | | | | | | | | | | It is possible to create draft releases prior to creating a tag. This will cause a 500 on the releases page due to compare page failing. This PR only shows the compare button if there is a SHA1 present. Fix #16610 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add microsoft oauth2 providers (#16544)zeripath2021-08-0529-260/+2132
| | | | | | | | | | | | | | | | | * Clean up oauth2 providers Signed-off-by: Andrew Thornton <art27@cantab.net> * Add AzureAD, AzureADv2, MicrosoftOnline OAuth2 providers Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review * remove unused Scopes Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [skip ci] Updated translations via CrowdinGiteaBot2021-08-061-0/+1
|
* Frontport changelog for v1.14.6 (#16632)zeripath2021-08-052-1/+11
| | | | | | | | | | | * Frontport changelog for v1.14.6 Changelog frontported to below v1.15.0-rc1. Signed-off-by: Andrew Thornton <art27@cantab.net> * Update config.yaml Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Restore Accessibility for Dropdown (#16576)zeripath2021-08-065-10/+4450
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Restore #10096/#8638 and re-fix #15172 This PR restores the vendored and patched dropdow from #8638. It however, abandons the calls to `click()` using instead the default dropdown click calls instead. This prevents the issue of the dropdown grabbing focus permanently however, this may have negative effects on the effect of focus on the dropdowns. Of note, the behaviour of the template selector dropdown on the repo creation page is slightly odd - I don't believe that this odd behaviour is caused by this PR but rather by the feed source for this. I suspect that the dropdown should be adding a delete button to its selection. Fix #15172 References: #7057 Signed-off-by: Andrew Thornton <art27@cantab.net> * leverage fomantic-build instead Signed-off-by: Andrew Thornton <art27@cantab.net> * as per jookia Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fixes #16557 - duplicate csv import (#16631)Richard Mahn2021-08-051-3/+2
| | | | | Remove the unnecessary duplicate package import for `encoding/csv` in `modules/csv/csv.go` Fix #16557
* Update node tar dependency to 6.1.6 (#16622)zeripath2021-08-051-6/+6
| | | | | | | | Forcibly update dev dependency on tar to 6.1.6 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: 6543 <6543@obermui.de>
* Switch back to node 16 (#16624)zeripath2021-08-051-7/+7
| | | | | | | | | Now that node 16.6.1 is out we can (if desired) switch back to node 16. This PR proposes changing drone to run node:16 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv>
* Set AllowedHeaders on API CORS handler (#16524)zeripath2021-08-042-0/+2
| | | | | | | | Set AllowedHeaders on API CORS handler and add missing Access-Control-Expose-Headers to pull API. Fix #16100 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Pass down SignedUserName down to AccessLogger context (#16605)zeripath2021-08-043-4/+28
| | | | | | | | | | | | | | | | | | | | * Pass down SignedUserName down to AccessLogger context Unfortunately when the AccessLogger was moved back before the contexters the SignedUserName reporting was lost. This is due to Request.WithContext leading to a shallow copy of the Request and the modules/context/Context being within that request. This PR adds a new context variable of a string pointer which is set and handled in the contexters. Fix #16600 Signed-off-by: Andrew Thornton <art27@cantab.net> * handle nil ptr issue Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-03 21:28:58 +0000