summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add changelog for 1.20.1 (#26015)delvh2023-07-221-0/+28
|
* Fix version in rpm repodata/primary.xml.gz (#26009)Peter Verraedt2023-07-212-8/+8
| | | | | | | | The version listed in rpm repodata should only contain the rpm version (1.0.0) and not the combination of version and release (1.0.0-2). We correct this behaviour in primary.xml.gz, filelists.xml.gz and others.xml.gz. Signed-off-by: Peter Verraedt <peter@verraedt.be>
* Serve pre-defined files in "public", add "security.txt", add CORS header for ↵wxiaoguang2023-07-219-40/+50
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | ".well-known" (#25974) Replace #25892 Close #21942 Close #25464 Major changes: 1. Serve "robots.txt" and ".well-known/security.txt" in the "public" custom path * All files in "public/.well-known" can be served, just like "public/assets" 3. Add a test for ".well-known/security.txt" 4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so the code can be simpler 5. Add CORS header for ".well-known" endpoints 6. Add logs to tell users they should move some of their legacy custom public files ``` 2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img 2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt ``` This PR is not breaking. --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Giteabot <teabot@gitea.io>
* Use frontend fetch for branch dropdown component (#25719)HesterG2023-07-2113-66/+218
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | - Send request to get branch/tag list, use loading icon when waiting for response. - Only fetch when the first time branch/tag list shows. - For backend, removed assignment to `ctx.Data["Branches"]` and `ctx.Data["Tags"]` from `context/repo.go` and passed these data wherever needed. - Changed some `v-if` to `v-show` and used native `svg` as mentioned in https://github.com/go-gitea/gitea/pull/25719#issuecomment-1631712757 to improve perfomance when there are a lot of branches. - Places Used the dropdown component: Repo Home Page <img width="1429" alt="Screen Shot 2023-07-06 at 12 17 51" src="https://github.com/go-gitea/gitea/assets/17645053/6accc7b6-8d37-4e88-ae1a-bd2b3b927ea0"> Commits Page <img width="1431" alt="Screen Shot 2023-07-06 at 12 18 34" src="https://github.com/go-gitea/gitea/assets/17645053/2d0bf306-d1e2-45a8-a784-bc424879f537"> Specific commit -> operations -> cherry-pick <img width="758" alt="Screen Shot 2023-07-06 at 12 23 28" src="https://github.com/go-gitea/gitea/assets/17645053/1e557948-3881-4e45-a625-8ef36d45ae2d"> Release Page <img width="1433" alt="Screen Shot 2023-07-06 at 12 25 05" src="https://github.com/go-gitea/gitea/assets/17645053/3ec82af1-15a4-4162-a50b-04a9502161bb"> - Demo https://github.com/go-gitea/gitea/assets/17645053/d45d266b-3eb0-465a-82f9-57f78dc5f9f3 - Note: UI of dropdown menu could be improved in another PR as it should apply to more dropdown menus. Fix #14180 --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Remove commit status running and warning from the dashboard repo list (#26036)Yarden Shoham2023-07-212-2/+2
| | | | | | | | Also added comments so the next time the dashboard repo list won't be forgotten Follows #25839 Signed-off-by: Yarden Shoham <git@yardenshoham.com>
* Refactor to use urfave/cli/v2 (#25959)wxiaoguang2023-07-2141-643/+886
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace #10912 And there are many new tests to cover the CLI behavior There were some concerns about the "option order in hook scripts" (https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314), it's not a problem now. Because the hook script uses `/gitea hook --config=/app.ini pre-receive` format. The "config" is a global option, it can appear anywhere. ---- ## ⚠️ BREAKING ⚠️ This PR does it best to avoid breaking anything. The major changes are: * `gitea` itself won't accept web's options: `--install-port` / `--pid` / `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's options. * Use `./gitea web --pid ....` instead * `./gitea` can still run the `web` sub-command as shorthand, with default options * The sub-command's options must follow the sub-command * Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd --sub-opt` (well, might not ...) * After: only `./gitea subcmd --sub-opt` could be used * The global options like `--config` are not affected
* Remove commit status running and warning to align GitHub (#25839)caicandong2023-07-219-44/+45
| | | | | | | | | | | | | | | | | | | | | | Fix #25776. Close #25826. In the discussion of #25776, @wolfogre's suggestion was to remove the commit status of `running` and `warning` to keep it consistent with github. references: - https://docs.github.com/en/rest/commits/statuses?apiVersion=2022-11-28#about-commit-statuses ## :warning: BREAKING :warning: So the commit status of Gitea will be consistent with GitHub, only `pending`, `success`, `error` and `failure`, while `warning` and `running` are not supported anymore. --------- Co-authored-by: Jason Song <i@wolfogre.com>
* Fix escape problems in the branch selector (#25875)yp053272023-07-211-4/+4
| | | Fix #25865
* Update README.md to fix the broken link of Hugo (#26008)Pavel2023-07-211-1/+1
| | | Fix gohugo installiation link
* Support copy protected branch from template repository (#25889)Lunny Xiao2023-07-218-38/+86
| | | Fix #14303
* Update JS dependencies (#26025)silverwind2023-07-214-326/+566
| | | | | | | | - Update all JS dependencies - Tweak eslint config, disable SequenceExpression aka. [Comma operator](https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Operators/Comma_operator), remove deprecated rule - Add new stylelint rule - Tested Monaco and Swagger
* Reduce margins on admin pages (#26026)silverwind2023-07-213-3/+25
| | | | | | | | | | Reduce margins around admin boxes and reduce sidebar size from 275px to 240px. This is the same 16px margin we use on issue pages. Before and After: <img width="1270" alt="Screenshot 2023-07-21 at 00 28 11" src="https://github.com/go-gitea/gitea/assets/115237/f9b0dcb0-8f7e-49b4-b130-54bf31c142fd"> <img width="1271" alt="Screenshot 2023-07-21 at 00 30 51" src="https://github.com/go-gitea/gitea/assets/115237/ddd75d59-9ab9-4061-8989-852e89727560">
* Actions Artifacts support uploading multiple files and directories (#24874)FuXiaoHei2023-07-2110-350/+640
| | | | | | | | | | | | | | current actions artifacts implementation only support single file artifact. To support multiple files uploading, it needs: - save each file to each db record with same run-id, same artifact-name and proper artifact-path - need change artifact uploading url without artifact-id, multiple files creates multiple artifact-ids - support `path` in download-artifact action. artifact should download to `{path}/{artifact-path}`. - in repo action view, it provides zip download link in artifacts list in summary page, no matter this artifact contains single or multiple files.
* [skip ci] Updated translations via CrowdinGiteaBot2023-07-212-0/+81
|
* Remove redundant "RouteMethods" method (#26024)wxiaoguang2023-07-214-24/+19
| | | | | | The `RouteMethods` is mainly an alias for `Methods` with different argument order. Remove it to keep the "route.go" code clear
* Adding remaining enum for migration repo model type. (#26021)puni98692023-07-202-2/+6
|
* RPM Registry: Show zypper commands for SUSE based distros as well (#25981)Dominik Heidler2023-07-206-7/+17
| | | | | | | | | After RPM is supported with https://github.com/go-gitea/gitea/pull/23380 let's show the user how to add the repo and install the RPM via all common package managers. --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Fix the route for pull-request's authors (#26016)wxiaoguang2023-07-202-5/+11
| | | | | | | | | | | | | | | Close #25906 ![image](https://github.com/go-gitea/gitea/assets/2114189/e689f3e1-9a90-46c0-89f4-2d61394d34d3) Succeeded logs: ``` [I] router: completed GET /root/test/issues/posters?&q=%20&_=1689853025011 for [::1]:59271, 200 OK in 127.7ms @ repo/issue.go:3505(repo.IssuePosters) [I] router: completed GET /root/test/pulls/posters?&q=%20&_=1689853968204 for [::1]:59269, 200 OK in 94.3ms @ repo/issue.go:3509(repo.PullPosters) ```
* Remove nfnt/resize and oliamb/cutter (#25999)harryzcy2023-07-204-39/+36
| | | | | The package `github.com/nfnt/resize` is deprecated and archived by the author. `github.com/oliamb/cutter` is not maintained since 2018. We could use `golang.org/x/image/draw` instead.
* Correctly refer to dev tags as nightly in the docker docs (#26004)John Olheiser2023-07-202-2/+2
| | | | | As title, `dev` tags are no longer used since we switched to `nightly` Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Fix env config parsing for "GITEA____APP_NAME" (#26001)wxiaoguang2023-07-202-1/+7
| | | | | | | Regression of #24832 Fix the bug and add a test for it Co-authored-by: Giteabot <teabot@gitea.io>
* Add file status for API "Get a single commit from a repository" (#16205) ↵jeremiepozzigithub2023-07-203-1/+7
| | | | | | | | | | (#25831) #16205 To obtain a closer behavior to the api from github, the status (added, modified, removed) of a file should be available in addition to the filename. See github doc : https://docs.github.com/fr/rest/commits/commits?apiVersion=2022-11-28#get-a-commit
* Add a link to OpenID Issuer URL in WebFinger response (#26000)Noah Snelson2023-07-201-0/+4
| | | | | | | | | | | This change adds an entry to the `links` field of the `/.well-known/webfinger` response. The new entry points to the `appURL` as an OpenID issuer. This is consistent with the output of `/.well-known/openid-configuration`, which also uses the value of `appURL`. This change is required for Tailscale SSO to work, as it uses the OpenID Issuer URL when querying the Tailscale user email during signup/login ([docs](https://tailscale.com/kb/1240/sso-custom-oidc/#webfinger-setup)).
* Fix bug when pushing to a pull request which enabled dismiss approval ↵Lunny Xiao2023-07-208-183/+251
| | | | | | | | | | | | | | | automatically (#25882) Fix #25858 The option `dissmiss stale approvals` was listed on protected branch but never implemented. This PR fixes that. <img width="1006" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/60bfa968-4db7-4c24-b8be-2e5978f91bb9"> <img width="1021" alt="图片" src="https://github.com/go-gitea/gitea/assets/81045/8dabc14d-2dfe-40c2-94ed-24fcbf6e0e8f">
* [skip ci] Updated translations via CrowdinGiteaBot2023-07-201-0/+172
|
* Fix commit status color on dashboard repolist (#25993)silverwind2023-07-201-1/+1
| | | | | | | Followup to https://github.com/go-gitea/gitea/pull/25935 which has missed to change the icon on the repolist because the logic is not shared with templates. Co-authored-by: Giteabot <teabot@gitea.io>
* Improve profile readme rendering (#25988)Earl Warren2023-07-192-2/+6
| | | | | | | | | - Tell the renderer to use the `document` mode, so it's consistent with other renderers. - Use the same padding as `.file-view.markup`, so it's consistent with other containers that contain markup rendering. - Resolves https://codeberg.org/forgejo/forgejo/issues/833 Co-authored-by: Gusted <postmaster@gusted.xyz>
* avoid hard-coding height in language dropdown menu (#25986)Earl Warren2023-07-191-2/+1
| | | | | | | | | | | | This commit removes the hard-coded height of 500px, using that as a max-height instead. The height of items in the dropdown menu, assuming a default font size of 16px, is 36px, so the old CSS would cause overly large dropdown menus in instances where less than 14 languages are offered. Refs: https://codeberg.org/forgejo/forgejo/pulls/1000 Co-authored-by: rome-user <rome-user@noreply.codeberg.org> Co-authored-by: Giteabot <teabot@gitea.io>
* parseScope with owner/repo always sets owner to zero (#25987)Earl Warren2023-07-191-1/+2
| | | Refs: https://codeberg.org/forgejo/forgejo/pulls/1001
* Bump github.com/golang-jwt/jwt to v5 (#25975)harryzcy2023-07-1911-23/+32
| | | | | | | | | | | | | | | | Bumping `github.com/golang-jwt/jwt` from v4 to v5. `github.com/golang-jwt/jwt` v5 is bringing some breaking changes: - standard `Valid()` method on claims is removed. It's replaced by `ClaimsValidator` interface implementing `Validator()` method instead, which is called after standard validation. Gitea doesn't seem to be using this logic. - `jwt.Token` has a field `Valid`, so it's checked in `ParseToken` function in `services/auth/source/oauth2/token.go` --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Update path related documents (#25417)wxiaoguang2023-07-1911-46/+31
| | | | | | | | | | | | Update WorkPath/WORK_PATH related documents, remove out-dated information. Remove "StaticRootPath" on the admin config display page, because few end user really need it, it only causes misconfiguration. ![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d) Co-authored-by: Giteabot <teabot@gitea.io>
* Update djlint, enable H026 and T027 (#25980)silverwind2023-07-192-50/+50
| | | | | | | | | | | New rules enabled as the bugs I reported were fixed: - H026 | Empty id and class tags can be removed. - T027 | Unclosed string found in template syntax. Refs: https://github.com/Riverside-Healthcare/djLint/issues/711 https://github.com/Riverside-Healthcare/djLint/issues/712
* [skip ci] Updated translations via CrowdinGiteaBot2023-07-192-99/+109
|
* Show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is ↵Jason Song2023-07-183-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | | enabled (#25947) Since OAuth2 will callback the root URL, if the user starts signing in from a wrong host, Gitea will return 500 because it cannot find the session. <details> <summary>How to reproduce</summary> <img width="901" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/2c2e255c-e13e-4a11-9be7-b226bee54920"> <img width="1014" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/b31cfcf6-a320-483d-9ce5-ba8562f065e1"> </details> So show the mismatched ROOT_URL warning on the sign-in page if OAuth2 is enabled. <img width="1015" alt="image" src="https://github.com/go-gitea/gitea/assets/9418365/99e80b17-c790-49a3-bbf2-2bd9396a7daa">
* Refactor "Content" for file uploading (#25851)wxiaoguang2023-07-1815-80/+103
| | | | | | | | | | | | | | | Before: the concept "Content string" is used everywhere. It has some problems: 1. Sometimes it means "base64 encoded content", sometimes it means "raw binary content" 2. It doesn't work with large files, eg: uploading a 1G LFS file would make Gitea process OOM This PR does the refactoring: use "ContentReader" / "ContentBase64" instead of "Content" This PR is not breaking because the key in API JSON is still "content": `` ContentBase64 string `json:"content"` ``
* Fix SSPI auth panic (#25955)wxiaoguang2023-07-181-2/+2
| | | | | Try to fix #25952 Co-authored-by: Giteabot <teabot@gitea.io>
* Make pending commit status yellow again (#25935)silverwind2023-07-182-5/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | With the introduction of Actions, the pending commit icon has changed from yellow to grey for Drone integrations which never set the "running" status, so it stays in "pending" until completion. I find it better to have this icon colored like on 1.19. Now both the "pending" and "running" icons look the same, but I guess we could add an animation to the "running" state similar to GitHub has to it later. Before: <img width="339" alt="Screenshot 2023-07-17 at 19 14 19" src="https://github.com/go-gitea/gitea/assets/115237/2f4886e4-74fd-42ea-b59e-9af8f141bf1f"> After: <img width="335" alt="Screenshot 2023-07-17 at 19 14 30" src="https://github.com/go-gitea/gitea/assets/115237/53189642-e72d-47f6-9cbe-f14eda28f730"> Also, it matches GH's icon: <img width="466" alt="image" src="https://github.com/go-gitea/gitea/assets/115237/5804ff90-d223-4a3c-8093-7a9abbaacf87"> --------- Co-authored-by: delvh <dev.lh@web.de>
* Move public asset files to the proper directory (#25907)wxiaoguang2023-07-18417-123/+125
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Move `public/*` to `public/assets/*` Some old PRs (like #15219) introduced inconsistent directory system. For example: why the local directory "public" is accessed by `http://site/assets`? How to serve the ".well-known" files properly in the public directory? For convention rules, the "public" directory is widely used for the website's root directory. It shouldn't be an exception for Gitea. So, this PR makes the things consistent: * `http://site/assets/foo` means `{CustomPath}/public/assets/foo`. * `{CustomPath}/public/.well-known` and `{CustomPath}/public/robots.txt` can be used in the future. This PR is also a prerequisite for a clear solution for: * #21942 * #25892 * discourse.gitea.io: [.well-known path serving custom files behind proxy?](https://discourse.gitea.io/t/well-known-path-serving-custom-files-behind-proxy/5445/1) This PR is breaking for users who have custom "public" files (CSS/JS). After getting approvals, I will update the documents. ---- ## ⚠️ BREAKING ⚠️ If you have files in your "custom/public/" folder, please move them to "custom/public/assets/". --------- Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Giteabot <teabot@gitea.io>
* Disallow dangerous url schemes (#25960)KN4CK3R2023-07-184-5/+19
| | | | | | | | | | | | Regression: https://github.com/go-gitea/gitea/pull/24805 Closes: #25945 - Disallow `javascript`, `vbscript` and `data` (data uri images still work) url schemes even if all other schemes are allowed - Fixed older `cbthunderlink` tests --------- Co-authored-by: delvh <dev.lh@web.de>
* Avoid creating directories when loading config (#25944)wxiaoguang2023-07-181-2/+4
| | | | | | | | | The "creating dir/file during load config" is a longstanding and complex problem. This PR only does a quick patch, it still needs more refactorings in the future. Fix #25938
* [skip ci] Updated translations via CrowdinGiteaBot2023-07-181-29/+29
|
* Import `sortablejs` only once (#25936)silverwind2023-07-173-7/+10
| | | | | | | Previously, `sortablejs` was imported twice, once synchronously and once asynchronously, leading to webpack creating duplicate output code (once in the index bundle, and once in a separate chunk). Fix this by always asynchronously importing it. This was one of the build warnings observed when trying to build with vite.
* Make environment-to-ini work with INSTALL_LOCK=true (#25926)wxiaoguang2023-07-171-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Regression of #25648, fix #25924 Test: ```bash rm -f /tmp/example.ini /tmp/out.ini && \ echo "[security]" > /tmp/example.ini && \ echo "INSTALL_LOCK = true" >> /tmp/example.ini && \ GITEA__foo__bar=1 go run contrib/environment-to-ini/environment-to-ini.go --config=/tmp/example.ini --out=/tmp/out.ini && \ echo "==== example:" && \ cat /tmp/example.ini && \ echo "==== out:" && \ cat /tmp/out.ini ``` Output: ``` 2023/07/17 17:40:51 ...nvironment-to-ini.go:99:runEnvironmentToIni() [I] Settings saved to: "/tmp/out.ini" ==== example: [security] INSTALL_LOCK = true ==== out: [security] INSTALL_LOCK = true [foo] bar = 1 ```
* Ignore `runs-on` with expressions when warning no matched runners (#25917)Jason Song2023-07-171-0/+7
| | | | | Fix #25905 Co-authored-by: Giteabot <teabot@gitea.io>
* Skip unuseful error message in dev mode when watching local filesystem (#25919)wxiaoguang2023-07-171-1/+1
| | | | | | | | | | | | Before, in dev mode, there might be some error logs like: ``` 2023/07/17 13:54:51 ...s/assetfs/layered.go:221:WatchLocalChanges() [E] Unable to watch directory .: lstat /data/work/gitea/custom/templates: no such file or directory ``` Because there is no "custom/templates" directory. After: ignore such error, no such error message anymore.
* Add shutting down notice (#25920)KN4CK3R2023-07-171-1/+1
| | | | | | | Got the same problem as #25915 when updating an instance. The `log.Fatal` should have been marked as breaking in #23911. This PR adds a notice that the system is shutting down because of the deprecated setting.
* Downgrading Snap to build with node/18 instead of node/20techknowlogick2023-07-161-1/+1
|
* Fix margin on the new/edit project page. (#25885)puni98692023-07-161-3/+3
| | | | | | | | | | | | | | | | | | New/Edit Project page consistent layout. Fix margin on the new/edit page. Before: <img width="1381" alt="image" src="https://github.com/go-gitea/gitea/assets/80308335/303e128c-0bd0-4289-a395-ff077e33b1c8"> <img width="1392" alt="image" src="https://github.com/go-gitea/gitea/assets/80308335/d11f7a42-ddf4-4c0a-a1b1-b8cefca9dfa1"> After <img width="1390" alt="image" src="https://github.com/go-gitea/gitea/assets/80308335/8ae1a979-9050-4d68-8f5d-9dfaa620c0e8"> <img width="1391" alt="image" src="https://github.com/go-gitea/gitea/assets/80308335/24a62711-dc0a-4425-bf84-7c1896b9a005"> Co-authored-by: silverwind <me@silverwind.io>
* Add 1.20.0 changelog (#25901)delvh2023-07-161-0/+615
| | | Co-authored-by: Yarden Shoham <git@yardenshoham.com>
* Fix incorrect milestone count when provide a keyword (#25880)yp053272023-07-161-10/+9
| | | | | | | You can confirm this issue in: https://try.gitea.io/yp05327/testrepo/milestones?state=open&q=a There's no milestone, but the count is 1. ![image](https://github.com/go-gitea/gitea/assets/18380374/25e58cee-aeeb-43c1-8ec8-6e2ec6bf1284)