| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
| |
backport #28423
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28390 by @jackHay22
## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example:
```
HTTP/1.1 200 OK
...
Warning: token and access_token API authentication is deprecated
...
```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`
## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed
## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)
Co-authored-by: Jack Hay <jack@allspice.io>
Co-authored-by: delvh <dev.lh@web.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28409 by @earl-warren
- Currently there's code to recover gracefully from panics that happen
within the execution of cron tasks. However this recover code wasn't
being run, because `RunWithShutdownContext` also contains code to
recover from any panic and then gracefully shutdown Forgejo. Because
`RunWithShutdownContext` registers that code as last, that would get run
first which in this case is not behavior that we want.
- Move the recover code to inside the function, so that is run first
before `RunWithShutdownContext`'s recover code (which is now a noop).
Fixes: https://codeberg.org/forgejo/forgejo/issues/1910
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
|
| |
|
|
|
|
|
|
|
|
| |
Backport #28422 by wxiaoguang
1. Do not sort the "checks" slice again and again when "Register", it
just wastes CPU when the Gitea instance runs
2. If a check doesn't exist, tell the end user
3. Add some tests
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28302 by @yp05327
Close #28287
## How to test it in local
convert Makefile L34 into:
```
cd .tmp/upstream-docs && git clean -f && git reset --hard && git fetch origin pull/28302/head:pr28302 && git switch pr28302
```
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix #28056
Backport #28361
This PR will check whether the repo has zero branch when pushing a
branch. If that, it means this repository hasn't been synced.
The reason caused that is after user upgrade from v1.20 -> v1.21, he
just push branches without visit the repository user interface. Because
all repositories routers will check whether a branches sync is necessary
but push has not such check.
For every repository, it has two states, synced or not synced. If there
is zero branch for a repository, then it will be assumed as non-sync
state. Otherwise, it's synced state. So if we think it's synced, we just
need to update branch/insert new branch. Otherwise do a full sync. So
that, for every push, there will be almost no extra load added. It's
high performance than yours.
For the implementation, we in fact will try to update the branch first,
if updated success with affect records > 0, then all are done. Because
that means the branch has been in the database. If no record is
affected, that means the branch does not exist in database. So there are
two possibilities. One is this is a new branch, then we just need to
insert the record. Another is the branches haven't been synced, then we
need to sync all the branches into database.
|
| |
|
|
|
| |
Backport #28406 by @lunny
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport #28013 by @earl-warren
Refs: https://codeberg.org/forgejo/forgejo/issues/1403
(cherry picked from commit dd4d17c159eaf8b642aa9e6105b0532e25972bb7)
---------
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28348 by @AdamMajer
nogogit GetBranchNames() lists branches sorted in reverse commit date
order. On the other hand the gogit implementation doesn't apply any
ordering resulting in unpredictable behaviour. In my case, the unit
tests requiring particular order fail
repo_branch_test.go:24:
Error Trace:
./gitea/modules/git/repo_branch_test.go:24
Error: elements differ
extra elements in list A:
([]interface {}) (len=1) {
(string) (len=6) "master"
}
extra elements in list B:
([]interface {}) (len=1) {
(string) (len=7) "branch1"
}
listA:
([]string) (len=2) {
(string) (len=6) "master",
(string) (len=7) "branch2"
}
listB:
([]string) (len=2) {
(string) (len=7) "branch1",
(string) (len=7) "branch2"
}
Test: TestRepository_GetBranches
To fix this, we sort branches based on their commit date in gogit
implementation.
Fixes: #28318
Co-authored-by: Adam Majer <amajer@suse.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28379 by @lafriks
Before:
After:
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport #28314 by @yp05327
Fix #28264
`DataAsync()` will be called twice.
Caused by https://github.com/go-gitea/gitea/pull/27958.
I'm sorry, I didn't completely remove all unnecessary codes.
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
| |
Backport #28373 by @capvor
In the documents, the `[attachment] MAX_SIZE` default value should be 4.
Reference the source code `modules/setting/attachment.go` line 29.
Co-authored-by: capvor <capvor@sina.com>
|
| |
|
|
|
|
|
| |
(#28378)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Fix #28300
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
workflows but other branches have (#28359) (#28365)
Backport #28359 by @lunny
The left menu will only display the default branch's workflows but the
right side will display the runs triggered by all branches' workflows.
So we cannot hide right side if default branch has no workflows.
Fix #28332
Replace #28333
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| |
|
|
| |
Co-authored-by: Nate Levesque <nate@thenaterhood.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport #28356 by @darrinsmart
The summary string ends up in the database, and (at least) MySQL &
PostgreSQL require valid UTF8 strings.
Fixes #28178
Co-authored-by: darrinsmart <darrin@djs.to>
Co-authored-by: Darrin Smart <darrin@filmlight.ltd.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28334 by @lng2020
Fix #28328
```
func (p *PullRequestComment) GetDiffHunk() string {
if p == nil || p.DiffHunk == nil {
return ""
}
return *p.DiffHunk
}
```
This function in the package `go-github` may return an empty diff. When
it's empty, the following code will panic because it access `ss[1]`
https://github.com/go-gitea/gitea/blob/ec1feedbf582b05b6a5e8c59fb2457f25d053ba2/services/migrations/gitea_uploader.go#L861-L867
https://github.com/go-gitea/gitea/blob/ec1feedbf582b05b6a5e8c59fb2457f25d053ba2/modules/git/diff.go#L97-L101
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28309 by @KN4CK3R
Fixes https://codeberg.org/forgejo/forgejo/issues/1810
zypper uses HEAD requests to check file existence.
https://github.com/openSUSE/libzypp/blob/HEAD/zypp/RepoManager.cc#L2549
https://github.com/openSUSE/libzypp/blob/HEAD/zypp-curl/ng/network/private/downloaderstates/basicdownloader_p.cc#L116
@ExplodingDragon fyi
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport #28351 by @KN4CK3R
Fix #28347
As there is no info how to reproduce it, I can't test it.
Fix may be `section_split.tmpl @ 126/130`.
Other changes are "empty check" refactorings.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport #28352 by @KN4CK3R
Fixes #28324
The name parameter can't contain some characters
(https://github.com/keybase/go-crypto/blob/master/openpgp/keys.go#L680)
but is optional. Therefore just use an empty string.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
| |
|
|
|
|
|
| |
Backport #28320 by @JakobDev
Fixes https://codeberg.org/Codeberg/Community/issues/1355
Co-authored-by: JakobDev <jakobdev@gmx.de>
|
| |
|
|
|
|
|
|
|
| |
Backport #28325 by @brechtvl
Changing an issue status, assignee, labels or milestone without also
adding a comment would not update the index, resulting in wrong search
results.
Co-authored-by: Brecht Van Lommel <brecht@blender.org>
|
| |
|
|
|
|
|
|
| |
Backport #28313 by @yp05327
The current href will link to
`https://domain/owner/repo/settings/branches/github.com/gobwas/glob`
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport #28306 by @KN4CK3R
Fixes #28280
Reads the `previous` info from the `git blame` output instead of
calculating it afterwards.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
| |
|
|
|
|
|
|
|
|
|
| |
(#28276) (#28285)
Backport #28276
The git command may operate the git directory (add/remove) files in any
time.
So when the code iterates the directory, some files may disappear during
the "walk". All "IsNotExist" errors should be ignored.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28266 by @earl-warren
- When crafting the OAuth2 callbackURL take into account `appSubUrl`,
which is quite safe given that its strictly formatted.
- No integration testing as this is all done in Javascript.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1795
(cherry picked from commit 27cb6b7956136f87aa78067d9adb5a4c4ce28a24)
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
|
| |
|
|
| |
Co-authored-by: Brecht Van Lommel <brecht@blender.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport #28267 by @earl-warren
- Say to the binding middleware which locale should be used for the
required error.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1683
(cherry picked from commit 5a2d7966127b5639332038e9925d858ab54fc360)
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
|
| |
|
|
|
|
|
|
|
| |
contributor` (#28237) (#28271)
Backport #28237 by @yp05327
Fix #28224
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
| |
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
|
| |
|
|
|
|
|
| |
Backport #28225 by @denyskon
Inspired by #28182
Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
|
| |
|
|
|
|
|
|
|
|
| |
(#28243) (#28244)
Backport #28243
Setting the same value should not trigger DuplicateKey error, and the
"version" should be increased
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
| |
https://github.com/go-gitea/gitea/pull/28233#discussion_r1405539630
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28234 by @yp05327
Follow #28191
Changes:
- `(doc/administration/config-cheat-sheet.md` is incorrect:
- remove `../../`
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
| |
As title.
---------
Co-authored-by: delvh <dev.lh@web.de>
|
| |
|
|
|
|
|
| |
backport #28213
This PR will fix some missed checks for private repositories' data on
web routes and API routes.
|
| |
|
|
|
|
|
|
| |
Backport #28061 by @lunny
close https://github.com/go-gitea/gitea/issues/28053
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#28205) (#28208)
Backport #28205 by @CodeShakingSheep
In the [docs for email
setup](https://docs.gitea.com/administration/email-setup)
`mailer.IS_TLS_ENABLED` is mentioned which was replaced by
`mailer.PROTOCOL` in release 1.18.0 according to
https://blog.gitea.com/release-of-1.18.0/ . This change wasn't reflected
in the docs for email setup. I just replaced the deprecated mailer
setting.
Co-authored-by: CodeShakingSheep <19874562+CodeShakingSheep@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Backport #28191 by @yp05327
https://gitea.com/gitea/gitea-docusaurus/actions/runs/661/jobs/0#jobstep-9-39
I noticed that there are many warning logs in building docs.
It is causing 404 in docs.gitea.com now, so we need to fix it.
And there are also some other problems in v1.19 which can not be done in
this PR.
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
| |
Backport #28200
gitea doctor failed at checking and fixing 'delete-orphaned-repos',
because table name 'user' needs quoting to be correctly recognized by at
least PostgreSQL.
fixes #28199
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28182 by @lng2020
Follow-up #22844
close #28142
Before
After
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
|
| |
Backport #28184
Fix #25473
Although there was `m.Post("/login/oauth/access_token", CorsHandler()...`,
it never really worked, because it still lacks the "OPTIONS" handler.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28179 by @lng2020
fix #28173
regression #25948
That PR is supposed to only change the style but somehow delete a code
snippet. See the
diff(https://github.com/go-gitea/gitea/pull/25948/files#diff-7c36d66fe058f4ff9f2beaac73cf710dca45b350d0dd98daf806828a4745fe62L125-L129)
for details.
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
|
|
|
|
|
| |
Backport #28101 by @lng2020
Reverts go-gitea/gitea#27141
close #28097
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
|
| |
|
|
|
|
|
|
|
| |
Backport #28164 by @yp05327
Don't know why there's a `.` behind. 🤔
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
document (#28160) (#28168)
Backport #28160 by @yp05327
Since #27054, Actions are enabled by default. so we should also edit the
document. 😃
ps: I think this should be backport to 1.21.0.
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28145 by @yp05327
Before:
After:
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28146 by @yp05327
Before:
After:
Co-authored-by: yp05327 <576951401@qq.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28149 by @yp05327
Reproduce:
- Create a new Gitea instance
- Register a runner
- Create a repo and add a workflow
- Check the log, you will see warnings:
It comes from:
The reason is that we forgot registering `ActionTaskOutput` model.
So `action_table_output` table will be missing in your db.
Co-authored-by: yp05327 <576951401@qq.com>
|
