aboutsummaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add .gitattribute assisted language detection to blame, diff and render (#17590)zeripath2021-11-1713-95/+221
| | | | | | | Use check attribute code to check the assigned language of a file and send that in to chroma as a hint for the language of the file. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Return 400 but not 500 when request archive with wrong format (#17691)Lunny Xiao2021-11-174-9/+80
|
* Sanitize user-input on file name (#17666)Gusted2021-11-171-1/+2
| | | | | | | | | | | * Sanitize user-input on file name - Sanitize user-input before it get passed into the DOM. - Prevent things like "<iframe onload=alert(1)></iframe>" from being executed. This isn't a XSS attack as the server seems to be santizing the path as well. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move some functions into services/repository (#17677)Lunny Xiao2021-11-1715-285/+283
|
* A better go code formatter, and now `make fmt` can run in Windows (#17684)wxiaoguang2021-11-17106-42/+731
| | | | * go build / format tools * re-format imports
* Fix bug when read mysql database max lifetime (#17682)Lunny Xiao2021-11-171-2/+2
|
* Move user follow and openid into models/user/ (#17613)Lunny Xiao2021-11-1717-143/+155
| | | | | | | | | | | | | | | | | | | | | | | * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint * Move user follow and openid into models/user * Ignore the lint * Ignore the lint * Fix test * ignore stutters lint on UserOpenID
* Enable bidichk (#17610)Gusted2021-11-171-0/+1
| | | | | | - https://github.com/breml/bidichk Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* fix migrations documents (#17679)Lunny Xiao2021-11-172-6/+6
| | | Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Update golangci-lint in Makefile (#17647)Gusted2021-11-171-3/+14
| | | | | | | | | | | | | | | | | | | | | | | | | * Update golangci-lint in Makefile - Partially resolvess #17596 - Download specific version(v1.43.0) by default. - If current installed version is older than the minium version, it will download the mininium required version. - Update the install script to avoid deprecated error `golangci/golangci-lint err this script is deprecated, please do not use it anymore. check https://github.com/goreleaser/godownloader/issues/207` * Simplify golangci-lint version check * Fix version conversion * Add version that's downloading Co-authored-by: zeripath <art27@cantab.net> * Consistency Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Set unit test timeout to 20 minutes (#17664)Lunny Xiao2021-11-161-1/+1
| | | | | | | | | | * Set unit test timeout to 15 minutes * Update Makefile Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Update for reverse proxying static resources (#17670)rstular2021-11-161-1/+1
| | | | | | Gitea fetches static resources from /assets, so nginx configuration has to be updated accordingly. Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* [skip ci] Updated translations via CrowdinGiteaBot2021-11-174-0/+7
|
* Allow admins to change user avatars (#17661)qwerty2872021-11-164-0/+72
| | | | | | | Adds the avatar change panel to the edit user page (bottom) and allows admins to change it this way Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Multiple Escaping Improvements (#17551)zeripath2021-11-16153-712/+891
| | | | | | | | | | | | | | There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this. This is an extensive PR attempting to fix these issues. 1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping. 2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand. 3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.) 5. The title generation in feeds is now properly escaped. 6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move migrations into services and base into modules/migration (#17663)Lunny Xiao2021-11-1650-52/+51
| | | | | | | * Move migrtions into services and base into modules/migration * Fix imports * Fix lint
* Move some functions into services/repository (#17660)Lunny Xiao2021-11-1619-136/+114
|
* Remove superfluous argument (#17667)Gusted2021-11-161-1/+1
| | | As title.
* Decouple unit test, remove intermediate `unittestbridge` package (#17662)wxiaoguang2021-11-16151-1781/+1719
| | | Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add copy button to markdown code blocks (#17638)silverwind2021-11-1619-44/+140
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add copy button to markdown code blocks Done mostly in JS because I think it's better not to try getting buttons past the markup sanitizer. * add svg module tests * fix sanitizer regexp * remove outdated comment * vertically center button in issue comments as well * add comment to css * fix undefined on view file line copy * combine animation less files * Update modules/markup/markdown/markdown.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> * add test for different sizes * add cloneNode and add tests for it * use deep clone * remove useless optional chaining * remove the svg node cache * unify clipboard copy string and i18n * remove unused var * remove unused localization * minor css tweaks to the button * comment tweak * remove useless attribute Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Migrating wiki don't require token, so we should move it out of the require ↵Lunny Xiao2021-11-166-62/+78
| | | | | | | form (#17645) * Migrating wiki don't require token, so we should move it out of the require form * Fix lint
* Fix GitBucket icon (#17644)silverwind2021-11-162-2/+2
| | | | | Partial fix for https://github.com/go-gitea/gitea/issues/17642. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix database deadlock when update issue labels (#17649)wxiaoguang2021-11-162-26/+22
| | | | This fix updates issue labels one by one, and won't cause database deadlock. In future, we can use a batch API to update all changed labels by one request.
* [skip ci] Updated translations via CrowdinGiteaBot2021-11-162-1/+2
|
* Changed migration text. (#17654)KN4CK3R2021-11-151-1/+1
|
* Fix nil checking on typed interface (#17598)Gusted2021-11-154-15/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | * Fix nil checking on typed interface - Partially resoles #17596 - Resolves SA4023 errors. - Ensure correctly that typed interface are nil. * Remove unnecessary code `NewBleveIndexer` will never return nil, even on errors. * Patch `NewBleveIndexer` * Fix low-level functions * Remove deadcode * Fix GetSession * Close Elastic search when err isn't nil * Update elastic_search.go Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Remove unnecassary calls to `filepath.Join` (#17608)Gusted2021-11-154-5/+5
| | | | | | | | | | | - Partialy resolvess #17596 - Resolves `badCall` errors from go-critic `badCall: suspicious Join on 1 argument` - When only 1 argument is passed into `filepath.Join`, it won't do anything special other than `filepath.Clean(...)` will be applied over it. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: 6543 <6543@obermui.de>
* Add download button for file viewer (#17640)Gusted2021-11-152-0/+2
| | | | | | | | - Resolves #17286 - Use the `download` attribute such that the browser will natively initate a download dialog for the given URL. Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [skip ci] Updated translations via CrowdinGiteaBot2021-11-151-0/+4
|
* fix typo (#17614)缘生2021-11-141-1/+3
|
* Add icon to vscode clone link (#17641)silverwind2021-11-143-6/+6
|
* Add migration from GitBucket (#16767)KN4CK3R2021-11-148-106/+365
| | | | | | | | | | | | | This PR adds [GitBucket](https://gitbucket.github.io/) as migration source. Supported: - Milestones - Issues - Pull Requests - Comments - Reviews - Labels There is no public usable instance so no integration tests added.
* Fix offBy1 errors (#17606)Gusted2021-11-142-2/+13
| | | | | | | | | | | | | | | | | | | | | * Fix offBy1 errors - Partially resolves #17596 - Resolve errors from go-critic `offBy1: Index() can return -1; maybe you wanted to do Index()+1`. * Match golang spec * Remove comments * Update migrations.go * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* perf: only generate data-comment-url once (#17618)Gusted2021-11-144-7/+7
|
* [skip ci] Updated licenses and gitignoresGiteaBot2021-11-145-19/+408
|
* Correctly handle failed migrations (#17575)zeripath2021-11-136-4/+26
| | | | | | | | | | | | | | * Correctly handle failed migrations There is a bug in handling failed migrations whereby the migration task gets decoupled from the migration repository. This leads to a failure of the task to get deleted with the repository and also leads to the migration failed page resulting in a ISE. This PR removes the zeroing out of the task id from the migration but also makes the migration handler tolerate missing tasks much nicer. Fix #17571 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Minor readability patch. (#17627)Michael Grigoryan2021-11-121-1/+1
|
* Decouple unit test code from business code (#17623)wxiaoguang2021-11-12136-829/+1057
|
* Fix some incorrect async functions, improve frontend document. (#17597)wxiaoguang2021-11-127-44/+107
|
* unbind the CheckConsistency for some structs so that they can be moved to ↵Lunny Xiao2021-11-121-20/+33
| | | | | | | | | sub packages easier (#17612) * unbind the CheckConsistency for some structs so that they can be moved to sub packages easier * Fix functions name * Fix typo
* Move EmailAddress & UserRedirect into models/user/ (#17607)Lunny Xiao2021-11-1132-644/+719
| | | | | | | | | | | | | | | | | | | | | * Move EmailAddress into models/user/ * Fix test * rename user_mail to user_email * Fix test * Move UserRedirect into models/user/ * Fix lint & test * Fix lint * Fix lint * remove nolint comment * Fix lint
* Refactor commentTags functionality (#17558)Gusted2021-11-115-74/+111
| | | | | | | | | | | | | | | | | | | | | | | | * feat: Allow multiple tags on comments - Allow for multiples tags(Currently Poster + {Owner, Writer}). - Utilize the Poster tag within the commentTag function and remove the checking from templates. - Use bitwise on CommentTags to enable specific tags. - Don't show poster tag(view_content.tmpl) on the initial issue comment. * Change parameters naming * Change function name * refactor variable wording * Merge 'master' branch into 'tags-comments' branch * Change naming * `tag` -> `role` Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Remove `golint` as linter (#17609)Gusted2021-11-111-1/+0
| | | | | | | | | | - Partialy resolvess #17596 - In the newer versions of `golangci-lint`, golint is deprecated and replaced by the `revive` linter. Thus removing the `golint` linter is a good idea, as we're already using the `revive` linter which covers all the current `golint` cases. Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Update JS dependencies (#17611)silverwind2021-11-1110-3190/+1394
| | | | | | | | | - Update monaco, adapting to breaking changes - Update dropzone, adapting to breaking changes - Update linters, fix new issues, disable opinionated stylelint rules - Rebuild SVGs and images - Tested Dropzone and Monaco Replaces: https://github.com/go-gitea/gitea/pull/17574
* Move oauth2 error to oauth2 service package (#17603)Lunny Xiao2021-11-113-28/+20
|
* Fix 500 when a comment was deleted which has a notification (#17550)Lunny Xiao2021-11-103-5/+11
| | | | | | | | | | * Fix 500 when a comment was deleted which has a notification * Tolerate missing Comment in other places too Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move webhook into models/webhook/ (#17579)Lunny Xiao2021-11-1047-717/+770
|
* Added GetUserByIDCtx. (#17602)KN4CK3R2021-11-093-5/+10
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* [skip ci] Updated translations via CrowdinGiteaBot2021-11-1022-22/+0
|
* Move unit into models/unit/ (#17576)Lunny Xiao2021-11-0968-491/+556
| | | | | * Move unit into models/unit/ * Rename unit.UnitType as unit.Type