summaryrefslogtreecommitdiffstats
path: root/custom
Commit message (Collapse)AuthorAgeFilesLines
* Implement ghost comment mitigation (#14349)65432021-01-171-0/+3
| | | | | | | | | | | | | * Implement ghost comment mitigation Adds a config option USER_DELETE_WITH_COMMENTS_MAX_DAYS to the [service] section. See https://codeberg.org/Codeberg/Discussion/issues/24 for the underlying issue. * cleanup * use setting module correctly * add to docs Co-authored-by: Moritz Marquardt <git@momar.de>
* Use Request.URL.RequestURI() for fcgi (#14312) (#14314)Kyungmin Bae2021-01-131-1/+1
|
* Display SVG files as images instead of text (#14101)Jonathan Tran2021-01-121-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Change to display SVG files as images * Remove unsafe styles from SVG CSP * Add integration test to test SVG headers * Add config setting to disable SVG rendering * Add test for img tag when loading SVG image * Remove the Raw view button for svg files since we don't fully support this * Fix copyright year * Rename and move config setting * Add setting to cheat sheet in docs * Fix so that comment matches cheat sheet * Add allowing styles in CSP based on pull request feedback * Re-enable raw button since we show SVG styles now * Change so that SVG files are editable * Add UI to toggle between source and rendered image for SVGs * Change to show blame button for SVG images * Fix to update ctx data * Add test for DetectContentType when file is longer than sniffLen Co-authored-by: Jonathan Tran <jon@allspice.io> Co-authored-by: Kyle D <kdumontnu@gmail.com>
* Update docs to clarify issues raised in #14272 (#14318)Nuno Silva2021-01-131-1/+8
| | | | | - example config is not supposed to be copied - 'persistable-channel' uses a leveldb internally - '*CONN_STR' overrides queue DIR
* Improve vfsgen to not unzip bindata files but send to browser directly (#7109)Lunny Xiao2020-12-241-1/+1
| | | | | | | | | | | | | | | * Don't unzip files from bindata but send to browser directly * remove dependent for httpgzip * Add tests for parseAcceptEncoding * Update docs for ENABLE_GZIP * Fix bug * Fix bug Co-authored-by: zeripath <art27@cantab.net>
* Added option to disable migrations (#13114)Paweł Bogusławski2020-12-211-0/+2
| | | | | | | | | | | | | | | | | | | | | | * Added option to disable migrations This patch introduces DISABLE_MIGRATIONS parameter in [repository] section of app.ini (by default set to false). If set to true it blocks access to repository migration feature. This mod hides also local repo import option in user editor if local repo importing or migrations is disabled. * Alter Example config DISABLE_MIGRATIONS set to false in example config to match its default value. * HTTP error 403 instead of 500 on denied access to migration * Parameter DISABLE_MIGRATIONS exposed via API Fixes: 04b04cf854bcb3ed7659442bcf79822bdebe29e9 Author-Change-Id: IB#1105130
* Manually approve new registration (#13083)Jiri Vlasak2020-12-191-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | * Add register manual confirm settings option The new settings option is used when manually approving new registrations. * Enable manual confirmation of new registered user When manual registration confirmation is desired (by default `false`) create new user in the database that is *not active*. The user must then be activated manually. This change speeds up the process of adding new confirmed users for Gitea instances without external auth mechanism. (Currently the option is to manually create new user by admin.) * Update docs/content/doc/advanced/config-cheat-sheet.zh-cn.md Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Store repository data in data path if not previously set (#13991)techknowlogick2020-12-151-0/+2
| | | | | | | | | | | | | * Store repository data in data path if not previously set * update docs * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: silverwind <me@silverwind.io> * update docs Co-authored-by: silverwind <me@silverwind.io>
* Set RUN_MODE prod by default (#13765)silverwind2020-11-301-2/+2
| | | | | | | I think it's a bad default to have "dev" as the default run mode which enables debugging and now also disables HTTP caching. It's better to just default to a value suitable for general deployments. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add Allow-/Block-List for Migrate & Mirrors (#13610)65432020-11-281-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * add black list and white list support for migrating repositories * fix fmt * fix lint * fix vendor * fix modules.txt * clean diff * specify log message * use blocklist/allowlist * allways use lowercase to match url * Apply allow/block * Settings: use existing "migrations" section * convert domains lower case * dont store unused value * Block private addresses for migration by default * fix lint * use proposed-upstream func to detect private IP addr * a nit * add own error for blocked migration, add tests, imprufe api * fix test * fix-if-localhost-is-ipv4 * rename error & error message * rename setting options * Apply suggestions from code review Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Format files (#13698)65432020-11-281-29/+29
| | | | | | | | | | | | | | | | * align "make help" * format * untouch build/generate-svg.js * untouch .eslintrc * combine editorconfig's * rm editorconfig Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* HTTP cache rework and enable caching for storage assets (#13569)silverwind2020-11-171-1/+1
| | | | | | | | | | This enabled HTTP time-based cache for storage assets, primarily avatars. I have not observed If-Modified-Since from browsers during tests but I guess it's good to support regardless. It introduces a new generic httpcache module that can handle both time-based and etag-based caching. Additionally, manifest.json and robots.txt are now also cachable.
* Clarify app.example.ini documentation (#13256)Mattias Persson2020-10-221-22/+21
| | | | | | | | | | | | | * Clarify app.example.ini documentation Hard to understand if cron i needed to activate all other cron. * Added missing "Extended cron tasks" to config-cheat-sheet.en-us.md cron default is false - setting it true activates all cron. Changed the documentation accordingly * Fixed spelling Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add ssh certificate support (#12281)Wim2020-10-101-1/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add ssh certificate support * Add ssh certificate support to builtin ssh * Write trusted-user-ca-keys.pem based on configuration * Update app.example.ini * Update templates/user/settings/keys_principal.tmpl Co-authored-by: silverwind <me@silverwind.io> * Remove unused locale string * Update options/locale/locale_en-US.ini Co-authored-by: silverwind <me@silverwind.io> * Update options/locale/locale_en-US.ini Co-authored-by: silverwind <me@silverwind.io> * Update models/ssh_key.go Co-authored-by: silverwind <me@silverwind.io> * Add missing creation of SSH.Rootpath * Update cheatsheet, example and locale strings * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go Co-authored-by: zeripath <art27@cantab.net> * Update models/ssh_key.go * Optimizations based on feedback * Validate CA keys for external sshd * Add filename option and change default filename Add a SSH_TRUSTED_USER_CA_KEYS_FILENAME option which default is RUN_USER/.ssh/gitea-trusted-user-ca-keys.pem Do not write a file when SSH_TRUSTED_USER_CA_KEYS is empty. Add some more documentation. * Remove unneeded principalkey functions * Add blank line * Apply suggestions from code review Co-authored-by: zeripath <art27@cantab.net> * Add SSH_AUTHORIZED_PRINCIPALS_ALLOW option This adds a SSH_AUTHORIZED_PRINCIPALS_ALLOW which is default email,username this means that users only can add the principals that match their email or username. To allow anything the admin need to set the option anything. This allows for a safe default in gitea which protects against malicious users using other user's prinicipals. (before that user could set it). This commit also has some small other fixes from the last code review. * Rewrite principal keys file on user deletion * Use correct rewrite method * Set correct AuthorizedPrincipalsBackup default setting * Rewrite principalsfile when adding principals * Add update authorized_principals option to admin dashboard * Handle non-primary emails Signed-off-by: Andrew Thornton <art27@cantab.net> * Add the command actually to the dashboard template * Update models/ssh_key.go Co-authored-by: silverwind <me@silverwind.io> * By default do not show principal options unless there are CA keys set or they are explicitly set Signed-off-by: Andrew Thornton <art27@cantab.net> * allow settings when enabled * Fix typos in TrustedUserCAKeys path * Allow every CASignatureAlgorithms algorithm As this depends on the content of TrustedUserCAKeys we should allow all signature algorithms as admins can choose the specific algorithm on their signing CA * Update models/ssh_key.go Co-authored-by: Lauris BH <lauris@nix.lv> * Fix linting issue Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Disable DSA ssh keys by default (#13056)zeripath2020-10-091-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Disable DSA ssh keys by default OpenSSH has disabled DSA keys since version 7.0 As the docker runs openssh > v7.0 we should just disable DSA keys by default. Refers to #11417 Signed-off-by: Andrew Thornton <art27@cantab.net> * Just disable DSA keys by default Signed-off-by: Andrew Thornton <art27@cantab.net> * Appears we need to set the minimum key sizes too Signed-off-by: Andrew Thornton <art27@cantab.net> * Appears we need to set the minimum key sizes too Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove DSA type * Fix Tests Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Mitigate Security vulnerability in the git hook feature (#13058)Niklas Goerke2020-10-071-2/+7
| | | | | | | | | | | | | * Extend git hook warning in the UI. Git hooks are a dangerous feature, administrators should be warned before giving the git hook privilege to users. * Disable Git hooks by default and add warning. Git hooks are a dangerous features (see warning text) that should only be enabled if the administrator was informed about the risk involved. Co-authored-by: Niklas Goerke <goerke@fzi.de>
* Attachments: Add extension support, allow all types for releases (#12465)silverwind2020-10-051-5/+8
| | | | | | | | | | | | | | | | | | | | | * Attachments: Add extension support, allow all types for releases - Add support for file extensions, matching the `accept` attribute of `<input type="file">` - Add support for type wildcard mime types, e.g. `image/*` - Create repository.release.ALLOWED_TYPES setting (default unrestricted) - Change default for attachment.ALLOWED_TYPES to a list of extensions - Split out POST /attachments into two endpoints for issue/pr and releases to prevent circumvention of allowed types check Fixes: https://github.com/go-gitea/gitea/pull/10172 Fixes: https://github.com/go-gitea/gitea/issues/7266 Fixes: https://github.com/go-gitea/gitea/pull/12460 Ref: https://developer.mozilla.org/en-US/docs/Web/HTML/Element/input/file#Unique_file_type_specifiers * rename function * extract GET routes out of RepoMustNotBeArchived Co-authored-by: Lauris BH <lauris@nix.lv>
* hCaptcha Support (#12594)John Olheiser2020-10-021-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Initial work on hCaptcha Signed-off-by: jolheiser <john.olheiser@gmail.com> * Use module Signed-off-by: jolheiser <john.olheiser@gmail.com> * Format Signed-off-by: jolheiser <john.olheiser@gmail.com> * At least return and debug log a captcha error Signed-off-by: jolheiser <john.olheiser@gmail.com> * Pass context to hCaptcha Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add context to recaptcha Signed-off-by: jolheiser <john.olheiser@gmail.com> * fix lint Signed-off-by: Andrew Thornton <art27@cantab.net> * Finish hcaptcha Signed-off-by: jolheiser <john.olheiser@gmail.com> * Update example config Signed-off-by: jolheiser <john.olheiser@gmail.com> * Apply error fix for recaptcha Signed-off-by: jolheiser <john.olheiser@gmail.com> * Change recaptcha ChallengeTS to string Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Copy missing things from app.example.ini to Cheat Sheet (#12988)zeripath2020-10-011-20/+14
| | | Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add default storage configurations (#12813)Lunny Xiao2020-09-291-9/+34
| | | | Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Allow common redis and leveldb connections (#12385)zeripath2020-09-281-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Allow common redis and leveldb connections Prevents multiple reopening of redis and leveldb connections to the same place by sharing connections. Further allows for more configurable redis connection type using the redisURI and a leveldbURI scheme. Signed-off-by: Andrew Thornton <art27@cantab.net> * add unit-test Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @lunny Signed-off-by: Andrew Thornton <art27@cantab.net> * add test Signed-off-by: Andrew Thornton <art27@cantab.net> * Update modules/cache/cache_redis.go * Update modules/queue/queue_disk.go * Update modules/cache/cache_redis.go * Update modules/cache/cache_redis.go * Update modules/queue/unique_queue_disk.go * Update modules/queue/queue_disk.go * Update modules/queue/unique_queue_disk.go * Update modules/session/redis.go Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
* Add config option to make create-on-push repositories public by default (#12936)Tait Hoyem2020-09-271-0/+2
| | | | | | | | | | | | | | | | | | | | | * Add config option to make create-on-push repositories public by default * Fix linting * Add option to 'config cheat sheet' page * Chinese translation Signed-off-by: a1012112796 <1012112796@qq.com> * Fix typo in docs * fix typo * Add option to example config Co-authored-by: Tait Hoyem <code@tait.tech> Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* [Docs] Add all chooseable cron config options to 'app.example.ini' (#12931)赵智超2020-09-251-1/+106
| | | | | | | | | | | As title. ref: https://github.com/go-gitea/gitea/blob/master/modules/cron/tasks_basic.go https://github.com/go-gitea/gitea/blob/master/modules/cron/tasks_extended.go https://github.com/go-gitea/gitea/blob/ba20dd7a7b59157d9232de7dfa99a23b0fb0d2aa/modules/setting/cron.go#L7-L11 Signed-off-by: a1012112796 <1012112796@qq.com>
* Adopt repositories (#12920)zeripath2020-09-251-0/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Don't automatically delete repository files if they are present Prior to this PR Gitea would delete any repository files if they are present during creation or migration. This can in certain circumstances lead to data-loss and is slightly unpleasant. This PR provides a mechanism for Gitea to adopt repositories on creation and otherwise requires an explicit flag for deletion. PushCreate is slightly different - the create will cause adoption if that is allowed otherwise it will delete the data if that is allowed. Signed-off-by: Andrew Thornton <art27@cantab.net> * Update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix tests and migrate overwrite Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @lunny Only offer to adopt or overwrite if the user can do that. Allow the site administrator to adopt or overwrite in all circumstances Signed-off-by: Andrew Thornton <art27@cantab.net> * Use setting.Repository.DefaultBranch for the default branch Signed-off-by: Andrew Thornton <art27@cantab.net> * Always set setting.Repository.DefaultBranch Signed-off-by: Andrew Thornton <art27@cantab.net> * update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * update templates Signed-off-by: Andrew Thornton <art27@cantab.net> * ensure repo closed Signed-off-by: Andrew Thornton <art27@cantab.net> * Rewrite of adoption as per @6543 and @lunny Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review * update swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * missing not Signed-off-by: Andrew Thornton <art27@cantab.net> * add modals and flash reporting Signed-off-by: Andrew Thornton <art27@cantab.net> * Make the unadopted page searchable Signed-off-by: Andrew Thornton <art27@cantab.net> * Add API Signed-off-by: Andrew Thornton <art27@cantab.net> * Fix swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * fix swagger Signed-off-by: Andrew Thornton <art27@cantab.net> * Handle empty and non-master branched repositories Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * remove commented out code Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add configurable Trust Models (#11712)zeripath2020-09-201-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add configurable Trust Models Gitea's default signature verification model differs from GitHub. GitHub uses signatures to verify that the committer is who they say they are - meaning that when GitHub makes a signed commit it must be the committer. The GitHub model prevents re-publishing of commits after revocation of a key and prevents re-signing of other people's commits to create a completely trusted repository signed by one key or a set of trusted keys. The default behaviour of Gitea in contrast is to always display the avatar and information related to a signature. This allows signatures to be decoupled from the committer. That being said, allowing arbitary users to present other peoples commits as theirs is not necessarily desired therefore we have a trust model whereby signatures from collaborators are marked trusted, signatures matching the commit line are marked untrusted and signatures that match a user in the db but not the committer line are marked unmatched. The problem with this model is that this conflicts with Github therefore we need to provide an option to allow users to choose the Github model should they wish to. Signed-off-by: Andrew Thornton <art27@cantab.net> * Adjust locale strings Signed-off-by: Andrew Thornton <art27@cantab.net> * as per @6543 Co-authored-by: 6543 <6543@obermui.de> * Update models/gpg_key.go * Add migration for repository Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Check passwords against HaveIBeenPwned (#12716)John Olheiser2020-09-081-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement pwn Signed-off-by: jolheiser <john.olheiser@gmail.com> * Update module Signed-off-by: jolheiser <john.olheiser@gmail.com> * Apply suggestions mrsdizzie Co-authored-by: mrsdizzie <info@mrsdizzie.com> * Add link to HIBP Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add more details to admin command Signed-off-by: jolheiser <john.olheiser@gmail.com> * Add context to pwn Signed-off-by: jolheiser <john.olheiser@gmail.com> * Consistency and making some noise ;) Signed-off-by: jolheiser <john.olheiser@gmail.com> Co-authored-by: mrsdizzie <info@mrsdizzie.com> Co-authored-by: zeripath <art27@cantab.net>
* Use argon as default password hash algorithm (#12688)zeripath2020-09-031-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | * Restrict TLS connections to 1.2 minimum * Set Argon2 as the default KDF * Fix user.yml * Remove TLS minversion changes Signed-off-by: Andrew Thornton <art27@cantab.net> * Add migration as per @techknowlogick Signed-off-by: Andrew Thornton <art27@cantab.net> * set the password algo in the fixtures Signed-off-by: Andrew Thornton <art27@cantab.net> * Remove the v148 migration - it needs recreate table to change the defaults Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Nadim Kobeissi <nadim@symbolic.software>
* Support elastic search for code search (#10273)Lunny Xiao2020-08-301-0/+8
| | | | | | | | | | | | | | | | | | | | | | | * Support elastic search for code search * Finished elastic search implementation and add some tests * Enable test on drone and added docs * Add new fields to elastic search * Fix bug * remove unused changes * Use indexer alias to keep the gitea indexer version * Improve codes * Some code improvements * The real indexer name changed to xxx.v1 Co-authored-by: zeripath <art27@cantab.net>
* fix documentation for REFRESH_TOKEN_EXPIRATION_TIME (#12642)zeripath2020-08-291-1/+1
| | | | | | | REFRESH_TOKEN_EXPIRATION_TIME refers to the refresh token not the access token Fix #12641 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update JWT docs in example config (#12591)techknowlogick2020-08-241-2/+2
| | | | | | | | | | | | | * Update JWT docs in example config align with way we have `LFS_JWT_SECRET` in config Fix #12590 * Update custom/conf/app.example.ini Co-authored-by: John Olheiser <john.olheiser@gmail.com> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Disable password complexity check default (#12557)mrsdizzie2020-08-211-3/+3
| | | | | | | * Disable password complexity check default These features enourange bad passwords/are annoying for people using better password methods, and at minimum we shouldn't force that as a default for obvious reasons. Disable any default check to avoid regular complaints. * fix copy paste format
* fix typos (#12545)Success2020-08-201-1/+1
| | | | | | | * fix typo in app.ini * fix typo in git hook module Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add a storage layer for attachments (#11387)Lunny Xiao2020-08-181-2/+23
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add a storage layer for attachments * Fix some bug * fix test * Fix copyright head and lint * Fix bug * Add setting for minio and flags for migrate-storage * Add documents * fix lint * Add test for minio store type on attachments * fix test * fix test * Apply suggestions from code review Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> * Add warning when storage migrated successfully * Fix drone * fix test * rebase * Fix test * display the error on console * Move minio test to amd64 since minio docker don't support arm64 * refactor the codes * add trace * Fix test * remove log on xorm * Fi download bug * Add a storage layer for attachments * Add setting for minio and flags for migrate-storage * fix lint * Add test for minio store type on attachments * Apply suggestions from code review Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> * Fix drone * fix test * Fix test * display the error on console * Move minio test to amd64 since minio docker don't support arm64 * refactor the codes * add trace * Fix test * Add URL function to serve attachments directly from S3/Minio * Add ability to enable/disable redirection in attachment configuration * Fix typo * Add a storage layer for attachments * Add setting for minio and flags for migrate-storage * fix lint * Add test for minio store type on attachments * Apply suggestions from code review Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> * Fix drone * fix test * Fix test * display the error on console * Move minio test to amd64 since minio docker don't support arm64 * don't change unrelated files * Fix lint * Fix build * update go.mod and go.sum * Use github.com/minio/minio-go/v6 * Remove unused function * Upgrade minio to v7 and some other improvements * fix lint * Fix go mod Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: Tyler <tystuyfzand@gmail.com>
* Kanban board (#8346)Lanre Adelowo2020-08-161-2/+7
| | | | | | | | | | | | | Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com> Co-authored-by: Kerry <flatline-studios@users.noreply.github.com> Co-authored-by: Jaqra <jaqra@hotmail.com> Co-authored-by: Kyle Evans <kevans91@users.noreply.github.com> Co-authored-by: Tsakiridis Ilias <TsakiDev@users.noreply.github.com> Co-authored-by: Ilias Tsakiridis <ilias.tsakiridis@outlook.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Make dashboard newsfeed list length a configurable item (#12469)techknowlogick2020-08-111-0/+2
| | | Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Clarify documentation of SKIP_VERIFY (#12203)Alexander Scheel2020-07-211-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | * Clarify documentation of SKIP_VERIFY The documentation clearly documents the empty value as the default, however at least one user reported this as being unclear. Mark values explicitly so it is clear what values it can take. This clarifies that an empty value in fact leaves certificate verification enabled, whereas it has to be explicitly set to true to disable certificate verification. Resolves: #12117 Signed-off-by: Alexander Scheel <alexander.m.scheel@gmail.com> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: mrsdizzie <info@mrsdizzie.com> * Update custom/conf/app.example.ini Co-authored-by: mrsdizzie <info@mrsdizzie.com> * Update custom/conf/app.example.ini Co-authored-by: mrsdizzie <info@mrsdizzie.com> Co-authored-by: mrsdizzie <info@mrsdizzie.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Move EventSource to SharedWorker (#12095)zeripath2020-07-031-1/+1
| | | | | | | | | | | | | Move EventSource to use a SharedWorker. This prevents issues with HTTP/1.1 open browser connections from preventing gitea from opening multiple tabs. Also allow setting EVENT_SOURCE_UPDATE_TIME to disable EventSource updating Fix #11978 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Update docs to specify utf8mb4 default (#11962)silverwind2020-06-181-2/+2
| | | | | | Install tool already sets it as the default so we can just update example ini and docs to it. Fixes: https://github.com/go-gitea/gitea/issues/11081
* Rename custom/conf/app.ini.sample to custom/conf/app.example.ini for better ↵Lunny Xiao2020-06-171-0/+0
| | | | | | | | | | | syntax light on editor (#11926) * Rename custom/conf/app.ini.sample to custom/conf/app.sample.ini for better syntax light on editor * rename to app.example.ini * per @6543 's comment, update all references on docs Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Global default branch setting (#11918)techknowlogick2020-06-171-0/+2
| | | | | | | | | * Global default branch setting * add to app.ini example per @silverwind * update per @lunny Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Replace jquery-datetimepicker with native date input (#11684)silverwind2020-06-101-29/+3
| | | | | | | | | | | | This removes the jQuery plugin as well as the associated config options. Native input[type=date] does not require a language attribute as it is localized by default, except for the placeholder attribute for which I currently piggy-back the repo.issues.due_date_form localization option. Implementation should pretty much match GH. Of note is that Safari does not provide a UI for this input type, but I don't think providing one is neccessary and GH did not bother either. Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* European Portuguese translation (#11568)Emanuel Angelo2020-06-051-2/+3
| | | | This PR includes the modifications necessary to make use of the European Portuguese translation from the default setting.
* Allow site admin to disable mirrors (#11740)John Olheiser2020-06-021-0/+2
| | | | | | | | | | | | | | | | | | | * Allow site admin to disable mirrors Signed-off-by: jolheiser <john.olheiser@gmail.com> * No need to run through Safe Signed-off-by: jolheiser <john.olheiser@gmail.com> * Clarify only disabling NEW mirrors Signed-off-by: jolheiser <john.olheiser@gmail.com> * Apply suggestions from @guillep2k Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Fix chardet test and add ordering option (#11621)zeripath2020-06-021-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix chardet test and add ordering option Signed-off-by: Andrew Thornton <art27@cantab.net> * minor fixes Signed-off-by: Andrew Thornton <art27@cantab.net> * remove log Signed-off-by: Andrew Thornton <art27@cantab.net> * remove log2 Signed-off-by: Andrew Thornton <art27@cantab.net> * only iterate through top results Signed-off-by: Andrew Thornton <art27@cantab.net> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md * slight restructure of for loop Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Add warning to mailer documentation about authentication (#11563)zeripath2020-05-241-2/+5
| | | | | | | | | | | | | | | * Add warning to mailer documentation about authentication References #7966 Signed-off-by: Andrew Thornton <art27@cantab.net> * As per @guillep2k and @mrsdizzie * as per @mrsdizzie Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Allow different HardBreaks settings for documents and comments (#11515)zeripath2020-05-241-1/+4
| | | | | | | | | | | | | | | | GH has different HardBreaks behaviour for markdown comments and documents. Comments have hard breaks and documents have soft breaks - therefore Gitea's rendering will always be different from GH's if we only provide one setting. Here we split the setting in to two - one for documents and one for comments and other things. Signed-off-by: Andrew Thornton art27@cantab.net Changes to index.js as per @silverwind Co-authored-by: silverwind <me@silverwind.io> Changes to docs as per @guillep2k Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
* Switch code editor to Monaco (#11366)silverwind2020-05-141-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Switch code editor to Monaco This switches out CodeMirror for Monaco which is based on the same code base as VS code and should work pretty similar to it. It does add a few async chunks, totalling around 10MB to our build. It currently supports around 65 languages and in the default configuration, each language would emit one ugly [number].js chunk, so I opted to combine them all into a single file for now. CodeMirror is still being used under the hood by SimpleMDE so it can not be removed yet. * inline editorconfig, fix diff, use for markdown, remove more dead code * refactors, remove jquery usage * use tab_width * fix intellisense * rename function for clarity * misc tweaks, enable webpack progress display * only use --progress on dev build * remove useless borders in arc-green * fix typo * remove obsolete comment * small refactor * fix file creation and various refactors * unset useTabStops too when no editorconfig * small refactor * disable webpack's [big] warnings * remove useless await * fix dark theme check * rename chunk to 'monaco' * add to .gitignore and delete webpack dest before build * increase editor height * support more editorconfig properties * remove empty element filter * rename Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Add EventSource support (#11235)zeripath2020-05-071-1/+4
| | | | | | If the browser supports EventSource switch to use this instead of polling notifications. Signed-off-by: Andrew Thornton art27@cantab.net
* Sendmail should create a process on the gitea system and have a default ↵zeripath2020-05-031-0/+2
| | | | | | | | | | | | timeout (#11256) * Make sure that sendmail processes register with the process manager * Provide a timeout for these (initially of 5 minutes) * Add configurable value and tie in to documentation * Tie in to the admin config page. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix sanitizer config - multiple rules (#11133)Alexander Scheel2020-04-291-2/+4
| | | | | | | | | | | | | | | | | | | | | | | | In #9888, it was reported that my earlier pull request #9075 didn't quite function as expected. I was quite hopeful the `ValuesWithShadow()` worked as expected (and, I thought my testing showed it did) but I guess not. @zeripath proposed an alternative syntax which I like: ```ini [markup.sanitizer.1] ELEMENT=a ALLOW_ATTR=target REGEXP=something [markup.sanitizer.2] ELEMENT=a ALLOW_ATTR=target REGEXP=something ``` This was quite easy to adopt into the existing code. I've done so in a semi-backwards-compatible manner: - The value from `.Value()` is used for each element. - We parse `[markup.sanitizer]` and all `[markup.sanitizer.*]` sections and add them as rules. This means that existing configs will load one rule (not all rules). It also means people can use string identifiers (`[markup.sanitiser.KaTeX]`) if they prefer, instead of numbered ones. Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-28 22:37:30 +0000