summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* Add release note for v1.22.4 (#32513)v1.22.4Lunny Xiao2024-11-261-0/+57
| | | | | | | Add release note for v1.22.4 --------- Co-authored-by: Kyle D. <kdumontnu@gmail.com>
* Fix get reviewers' bug (#32415) (#32616)Lunny Xiao2024-11-2312-158/+227
| | | | | | | | | | This PR rewrites `GetReviewer` function and move it to service layer. Reviewers should not be watchers, so that this PR removed all watchers from reviewers. When the repository is under an organization, the pull request unit read permission will be checked to resolve the bug of Fix #32394 Backport #32415
* Fix clean tmp dir (#32360) (#32593)Lunny Xiao2024-11-221-13/+23
| | | | | | | | | | | Backport #32360 Try to fix #31792 Credit to @jeroenlaylo Copied from https://github.com/go-gitea/gitea/issues/31792#issuecomment-2311920520 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix PR creation on forked repositories (#31863) (#32591)Lunny Xiao2024-11-222-3/+41
| | | | | | Resolves #20475 Backport #31863 Co-authored-by: Job <LordChunk@users.noreply.github.com>
* Fix the missing menu in organization project view page (#32313) (#32592)Lunny Xiao2024-11-221-5/+9
| | | | | | | | | | | | | | | | | | | | | | | | Backport #32313 #29248 didn't modify the view page. The class name is not good enough, so this is a quick fix. Before: org: ![image](https://github.com/user-attachments/assets/3e26502d-66b4-4043-ab03-003ba7391487) user: ![image](https://github.com/user-attachments/assets/9b22b90c-d63c-4228-acad-4d9fb20590ac) After: org: ![image](https://github.com/user-attachments/assets/21bf98a7-8a5b-4dc6-950a-88f529e36450) user: (no change) ![image](https://github.com/user-attachments/assets/fea0dcae-3625-44e8-bb9e-4c3733da8764) Co-authored-by: yp05327 <576951401@qq.com>
* Support HTTP POST requests to `/userinfo`, aligning to OpenID Core ↵Lunny Xiao2024-11-211-1/+1
| | | | specification (#32578) (#32594)
* Fix debian package clean up (#32351) (#32590)wxiaoguang2024-11-213-19/+56
| | | Partially backport #32351
* Fix GetInactiveUsers (#32540) (#32588)Giteabot2024-11-213-6/+27
| | | | | | | Backport #32540 by @lunny Fix #31480 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* allow the actions user to login via the jwt token (#32527) (#32580)Rowan Bohde2024-11-214-3/+105
| | | | | | | | | | | | | | | | | | Backport #32527 We have some actions that leverage the Gitea API that began receiving 401 errors, with a message that the user was not found. These actions use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to authenticate with the Gitea API. The format of this env var in actions jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a corresponding update to `act_runner`) Since it was a JWT, the OAuth parsing logic attempted to parse it as an OAuth token, and would return user not found, instead of falling back to look up the running task and assigning it to the actions user. Make ACTIONS_RUNTIME_TOKEN in action runners could be used, attempting to parse Oauth JWTs. The code to parse potential old `ACTION_RUNTIME_TOKEN` was kept in case someone is running an older version of act_runner that doesn't support the Actions JWT.
* Fix submodule parsing (#32571) (#32577)wxiaoguang2024-11-212-14/+64
| | | | A quick fix for #32568 Partially backport from #32571
* Remove unnecessary code (#32560) (#32567)Giteabot2024-11-201-7/+0
| | | | | | | | Backport #32560 by @lunny PushMirrors only be used in the repository setting page. So it should not be loaded on every repository page. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor find forks and fix possible bugs that weak permissions check ↵Lunny Xiao2024-11-198-41/+203
| | | | | | | | | | | | | | | (#32528) (#32547) Backport #32528 - Move models/GetForks to services/FindForks - Add doer as a parameter of FindForks to check permissions - Slight performance optimization for get forks API with batch loading of repository units - Add tests for forking repository to organizations --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix some places which doesn't repsect org full name setting (#32243) (#32550)Giteabot2024-11-193-3/+3
| | | | | | | Backport #32243 by @lunny Partially fix #31345 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor push mirror find and add check for updating push mirror (#32539) ↵Lunny Xiao2024-11-188-108/+147
| | | | | | | | | (#32549) backport #32539 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Improve some sanitizer rules (#32534)wxiaoguang2024-11-183-7/+7
| | | | | This is a backport-only fix for 1.22 1.23 has a proper fix #32533
* Fix basic auth with webauthn (#32531) (#32536)Giteabot2024-11-162-0/+63
| | | | | | | | | Backport #32531 by @lunny WebAuthn should behave the same way as TOTP. When enabled, basic auth with username/password should need to WebAuthn auth, otherwise returned 401. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix artifact v4 upload above 8MB (#31664) (#32523)Giteabot2024-11-163-40/+286
|
* Remove transaction for archive download (#32186) (#32520)Giteabot2024-11-152-26/+19
| | | | | | | | | | | Backport #32186 by @lunny Since there is a status column in the database, the transaction is unnecessary when downloading an archive. The transaction is blocking database operations, especially with SQLite. Replace #27563 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix oauth2 error handle not return immediately (#32514) (#32516)Giteabot2024-11-151-0/+2
| | | | | Backport #32514 by lunny Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Trim title before insert/update to database to match the size requirements ↵Lunny Xiao2024-11-148-0/+18
| | | | of database (#32498) (#32507)
* Fix nil panic if repo doesn't exist (#32501) (#32502)Giteabot2024-11-141-0/+6
| | | | | | | Backport #32501 by wxiaoguang fix #32496 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add a doctor check to disable the "Actions" unit for mirrors (#32424) (#32497)Giteabot2024-11-131-0/+70
| | | | | | | | | | | | Backport #32424 by @Zettat123 Resolve #32232 Users can disable the "Actions" unit for all mirror repos by running ``` gitea doctor check --run disable-mirror-actions-unit --fix ``` Co-authored-by: Zettat123 <zettat123@gmail.com>
* Update nix development environment vor v1.22.x (#32495)65432024-11-131-6/+6
| | | | | | | just bump: * golang: v1.22.2 -> v1.22.9 * nodejs: v20.12.2 -> v20.18.0 * python: v3.12.3 -> v3.12.7
* Refactor internal routers (partial backport, auth token const time ↵wxiaoguang2024-11-135-15/+28
| | | | | | | | | | | | | | comparing) (#32473) (#32479) Partially backport #32473. LFS related changes are not in 1.22, so skip them. 1. Ignore non-existing repos during migrations 2. Improve ReadBatchLine's comment 3. Use `X-Gitea-Internal-Auth` header for internal API calls and make the comparing constant time (it wasn't a serous problem because in a real world it's nearly impossible to timing-attack the token, but indeed security related and good to fix and backport) 4. Fix route mock nil check
* Disable Oauth check if oauth disabled (#32368) (#32480)wxiaoguang2024-11-121-0/+3
| | | Partially backport Disable Oauth check if oauth disabled #32368
* cargo registry - respect renamed dependencies (#32430) (#32478)Giteabot2024-11-122-17/+52
| | | | | | Backport #32430 by usbalbin Co-authored-by: Albin Hedman <albin9604@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix broken releases when re-pushing tags (#32435) (#32449)Giteabot2024-11-102-7/+59
| | | | | | | | | | Backport #32435 by @Zettat123 Fix #32427 --------- Co-authored-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix mermaid diagram height when initially hidden (#32457) (#32464)Giteabot2024-11-111-1/+12
| | | | | | | | | | | | | | Backport #32457 by @silverwind In a hidden iframe, `document.body.clientHeight` is not reliable. Use `IntersectionObserver` to detect the visibility change and update the height there. Fixes: https://github.com/go-gitea/gitea/issues/32392 <img width="885" alt="image" src="https://github.com/user-attachments/assets/a95ef6aa-27e7-443f-9d06-400ef27919ae"> Co-authored-by: silverwind <me@silverwind.io>
* Only provide the commit summary for Discord webhook push events (#32432) ↵Giteabot2024-11-083-3/+17
| | | | | | | | | | | | | | | | | | (#32447) Backport #32432 by @kemzeb Resolves #32371. #31970 should have just showed the commit summary, but `strings.SplitN()` was misused such that we did not perform any splitting at all and just used the message. This was not caught in the unit test made in that PR since the test commit summary was > 50 (which truncated away the commit description). This snapshot resolves this and adds another unit test to ensure that we only show the commit summary. Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
* Only query team tables if repository is under org when getting assignees ↵Lunny Xiao2024-11-061-14/+16
| | | | | | | | (#32414) (#32426) backport #32414 It's unnecessary to query the team table if the repository is not under organization when getting assignees.
* Quick fix milestone deadline 9999 for 1.22 (#32423)wxiaoguang2024-11-051-1/+1
|
* Fix created_unix for mirroring (#32342) (#32406)Lunny Xiao2024-11-051-2/+3
| | | | Fix #32233 Backport #32342
* Fix broken image when editing comment with non-image attachments (#32319) ↵Lunny Xiao2024-11-022-2/+9
| | | | | | | | | | | (#32345) Backport #32319 Fix #32316 --------- Co-authored-by: yp05327 <576951401@qq.com>
* Fix `missing signature key` error when pulling Docker images with ↵Zettat1232024-11-0118-23/+29
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `SERVE_DIRECT` enabled (#32365) (#32397) Backport #32365 Fix #28121 I did some tests and found that the `missing signature key` error is caused by an incorrect `Content-Type` header. Gitea correctly sets the `Content-Type` header when serving files. https://github.com/go-gitea/gitea/blob/348d1d0f322ca57c459acd902f54821d687ca804/routers/api/packages/container/container.go#L712-L717 However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may be set to an incorrect value by the storage service. To fix this issue, we can use query parameters to override response header values. https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html <img width="600px" src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555" /> In this PR, I introduced a new parameter to the `URL` method to support additional parameters. ``` URL(path, name string, reqParams url.Values) (*url.URL, error) ```
* Respect UI.ExploreDefaultSort setting again (#32357) (#32385)65432024-10-312-2/+4
| | | | | | | | Backport #32357 fix regression of https://github.com/go-gitea/gitea/pull/29430 --- *Sponsored by Kithara Software GmbH*
* Fix disable 2fa bug (#32320) (#32330)Lunny Xiao2024-10-251-3/+6
| | | Backport #32320
* Fix the permission check for user search API and limit the number of ↵Zettat1232024-10-234-40/+32
| | | | | | | | | returned users for `/user/search` (#32310) Partially backport #32288 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add warn log when deleting inactive users (#32318) (#32321)Lunny Xiao2024-10-231-0/+1
| | | | | Backport #32318 Add log for the problem #31480
* API: enhance SearchIssues swagger docs (#32208) (#32298)65432024-10-212-36/+73
| | | | | | | | Backport #32208 This will result in better api clients generated out of the openapi docs for SearchIssues --- *Sponsored by Kithara Software GmbH*
* Update github.com/go-enry/go-enry to v2.9.1 (#32295) (#32296)YR Chen2024-10-212-3/+3
| | | | | | Backport #32295 `go-enry` v2.9.1 includes latest file patterns from Linguist, which can identify more generated file type, eg. `pdm.lock`.
* Always update expiration time when creating an artifact (#32281) (#32285)Zettat1232024-10-181-1/+8
| | | | | Backport #32281 Fix #32256
* make `show stats` work when only one file changed (#32244) (#32268)a10121127962024-10-172-1/+4
| | | | | | | | | | | | | | | | | | Backport #32244 fix https://github.com/go-gitea/gitea/issues/32226 in https://github.com/go-gitea/gitea/pull/27775 , it do some changes to only show diff file tree when more than one file changed. But looks it also break the `diff-file-list` logic, which looks not expected change. so try fix it. /cc @silverwind example view: ![image](https://github.com/user-attachments/assets/281e9c4f-a269-4d36-94eb-a132058aea87) Signed-off-by: a1012112796 <1012112796@qq.com>
* [v1.22 backport] Fix null errors on conversation holder (#32258) (#32266) ↵cloudchamb3r2024-10-171-7/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | (#32282) Backport #32266 fix #32258 Errors in the issue was due to unhandled null check. so i fixed it. ### Detailed description for Issue & Fix To reproduce that issue, the comment must be deleted on Conversation tab. #### Before Delete <img width="1032" alt="image" src="https://github.com/user-attachments/assets/72df61ba-7db6-44c9-bebc-ca1178dd27f1"> #### After Delete (AS-IS) <img width="1010" alt="image" src="https://github.com/user-attachments/assets/36fa537e-4f8e-4535-8d02-e538c50f0dd8"> gitea already have remove logic for `timeline-item-group`, but because of null ref exception the later logic that removes `timeline-item-group` could be not be called correctly.
* Warn users when they try to use a non-root-url to sign in/up (#32272) (#32273)wxiaoguang2024-10-173-2/+16
|
* Make `owner/repo/pulls` handlers use "PR reader" permission (#32254) (#32265)wxiaoguang2024-10-151-26/+29
| | | Backport #32254 (no conflict)
* Update scheduled tasks even if changes are pushed by "ActionsUser" (#32246) ↵Zettat1232024-10-141-1/+9
| | | | | | | | | (#32252) Backport #32246 Fix #32219 Co-authored-by: delvh <dev.lh@web.de>
* Only rename a user when they should receive a different name (#32247) (#32249)Giteabot2024-10-131-4/+4
| | | | | | | Backport #32247 by @lunny Fix #31996 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix dropdown content overflow (#31610) (#32250)Giteabot2024-10-132-9/+35
| | | | | | | | Backport #31610 by charles7668 close #31602 Co-authored-by: charles <30816317+charles7668@users.noreply.github.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix checkbox bug on private/archive filter (#32236) (#32240)Giteabot2024-10-111-3/+3
| | | | | | | | Backport #32236 by cloudchamb3r fix #32235 Co-authored-by: cloudchamb3r <jizon0123@protonmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add release note for v1.22.3 (#32205)v1.22.3Lunny Xiao2024-10-091-0/+41
| | | Co-authored-by: sebastian-sauer <sauer.sebastian@gmail.com>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-03 07:25:54 +0000