summaryrefslogtreecommitdiffstats
path: root/custom
Commit message (Collapse)AuthorAgeFilesLines
* Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)Clar Fon2022-10-021-3/+8
| | | | | | Only load SECRET_KEY and INTERNAL_TOKEN if they exist. Never write the config file if the keys do not exist, which was only a fallback for Gitea upgraded from < 1.5 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Clarify that `ENABLE_SWAGGER` only influences the API docs, not the routes ↵delvh2022-09-201-2/+2
| | | | | | | (#21215) Previously, the docs seemed to suggest that you can disable the API completely by setting `ENABLE_SWAGGER=false`. This is not the case.
* Add KaTeX rendering to Markdown. (#20571)zeripath2022-09-141-0/+3
| | | | | | | | | | | | | | | | | | | | This PR adds mathematical rendering with KaTeX. The first step is to add a Goldmark extension that detects the latex (and tex) mathematics delimiters. The second step to make this extension only run if math support is enabled. The second step is to then add KaTeX CSS and JS to the head which will load after the dom is rendered. Fix #3445 Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Only show relevant repositories on explore page (#19361)Gusted2022-08-251-0/+4
| | | | | | | Adds a new option to only show relevant repo's on the explore page, for bigger Gitea instances like Codeberg this is a nice option to enable to make the explore page more populated with unique and "high" quality repo's. A note is shown that the results are filtered and have the possibility to see the unfiltered results. Co-authored-by: vednoc <vednoc@protonmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de>
* Support Proxy protocol (#12527)zeripath2022-08-211-1/+21
| | | | | | | | | This PR adds functionality to allow Gitea to sit behind an HAProxy and HAProxy protocolled connections directly. Fix #7508 Signed-off-by: Andrew Thornton <art27@cantab.net>
* auth/reverseproxy: Add support for full name (#20776)Will Norris2022-08-161-1/+3
| | | | | | | | | | | | This adds support for getting the user's full name from the reverse proxy in addition to username and email. Tested locally with caddy serving as reverse proxy with Tailscale authentication. Signed-off-by: Will Norris <will@tailscale.com> Signed-off-by: Will Norris <will@tailscale.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Update docs for versions (#20750)wxiaoguang2022-08-101-2/+7
|
* Add support mCaptcha as captcha provider (#20458)Gusted2022-08-101-3/+10
| | | | | https://mcaptcha.org/ Co-authored-by: Felipe Leopoldo Sologuren Gutiérrez <fsologureng@users.noreply.github.com>
* Increase default item listing size `ISSUE_PAGING_NUM` to 20 (#20547)Norwin2022-08-061-1/+1
| | | | | | | | * increase default page sizes to 20 * adjust docs to reflect that the setting is used all over the place * fix tests Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add info about Wire 2 when Git over SSH (#20619)Gusted2022-08-021-0/+1
| | | | - Follow up of #20616. Add a note about this in the config cheat sheet, given there's no dedicated page for this.
* Rework mailer settings (#18982)Clar Fon2022-08-021-27/+35
| | | | | | | | | | | * `PROTOCOL`: can be smtp, smtps, smtp+startls, smtp+unix, sendmail, dummy * `SMTP_ADDR`: domain for SMTP, or path to unix socket * `SMTP_PORT`: port for SMTP; defaults to 25 for `smtp`, 465 for `smtps`, and 587 for `smtp+startls` * `ENABLE_HELO`, `HELO_HOSTNAME`: reverse `DISABLE_HELO` to `ENABLE_HELO`; default to false + system hostname * `FORCE_TRUST_SERVER_CERT`: replace the unclear `SKIP_VERIFY` * `CLIENT_CERT_FILE`, `CLIENT_KEY_FILE`, `USE_CLIENT_CERT`: clarify client certificates here Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Add disable download source configuration (#20548)Lunny Xiao2022-07-311-0/+3
| | | | | Add configuration to enable/disable download source from UI. Co-authored-by: zeripath <art27@cantab.net>
* Add setting `SQLITE_JOURNAL_MODE` to enable WAL (#20535)Norwin2022-07-301-0/+1
| | | Co-authored-by: Andrew Thornton <art27@cantab.net>
* Add tests for the host checking logic, clarify the behaviors (#20328)wxiaoguang2022-07-131-0/+1
| | | | | | Before, the combination of AllowedDomains/BlockedDomains/AllowLocalNetworks is confusing. This PR adds tests for the logic, clarify the behaviors.
* Use git.HOME_PATH for Git HOME directory (#20114)wxiaoguang2022-07-081-1/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add git.HOME_PATH * add legacy file check * Apply suggestions from code review Co-authored-by: zeripath <art27@cantab.net> * pass env GNUPGHOME to git command, move the existing .gitconfig to new home, make the fix for 1.17rc more clear. * set git.HOME_PATH for docker images to default HOME * Revert "set git.HOME_PATH for docker images to default HOME" This reverts commit f120101ddc267cef74e4f4b92c783d5fc8e275a1. * force Gitea to use a stable GNUPGHOME directory * extra check to ensure only process dir or symlink for legacy files * refactor variable name * The legacy dir check (for 1.17-rc1) could be removed with 1.18 release, since users should have upgraded from 1.17-rc to 1.17-stable * Update modules/git/git.go Co-authored-by: Steven Kriegler <61625851+justusbunsi@users.noreply.github.com> * remove initFixGitHome117rc * Update git.go * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Steven Kriegler <61625851+justusbunsi@users.noreply.github.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Allow RSA 2047 bit keys (#20272)zeripath2022-07-061-1/+1
| | | | | | | | | Unfortunately it appears that 2048 bit RSA keys can occasionally be created in such a way that they appear to have 2047 bit length. This PR simply changes our defaults to allow these. Fix #20249 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update default allowed attachment types (#20192)silverwind2022-07-011-1/+1
| | | Synced the list to what is allowed on GitHub currently.
* Remove support for sr-SP (#20155)Gusted2022-06-271-1/+1
| | | | | - The language doesn't have >= 25% translation on crowdin and therefor was automatically removed from Gitea. - Ref: https://github.com/go-gitea/gitea/commit/f91092453ed0269420ab5161b4742a692dd500fe
* Remove U2F support (#20141)Gusted2022-06-261-14/+0
| | | | | | - Completely remove U2F support from 1.18.0, 1.17.0 will be the last release that U2F is somewhat supported. Users who used U2F would already be warned about using U2F for a while now and should hopefully already be migrated. But starting 1.18 definitely remove it.
* Add sitemap support (#18407)Daniil Gentili2022-06-251-0/+3
|
* Disable federation by default (#20045)Gusted2022-06-201-7/+7
|
* User keypairs and HTTP signatures for ActivityPub federation using go-ap ↵Anthony Wang2022-06-191-0/+17
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#19133) * go.mod: add go-fed/{httpsig,activity/pub,activity/streams} dependency go get github.com/go-fed/activity/streams@master go get github.com/go-fed/activity/pub@master go get github.com/go-fed/httpsig@master * activitypub: implement /api/v1/activitypub/user/{username} (#14186) Return informations regarding a Person (as defined in ActivityStreams https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person). Refs: https://github.com/go-gitea/gitea/issues/14186 Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: add the public key to Person (#14186) Refs: https://github.com/go-gitea/gitea/issues/14186 Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: go-fed conformant Clock instance Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: signing http client Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: implement the ReqSignature middleware Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: hack_16834 Signed-off-by: Loïc Dachary <loic@dachary.org> * Fix CI checks-backend errors with go mod tidy Signed-off-by: Anthony Wang <ta180m@pm.me> * Change 2021 to 2022, properly format package imports Signed-off-by: Anthony Wang <ta180m@pm.me> * Run make fmt and make generate-swagger Signed-off-by: Anthony Wang <ta180m@pm.me> * Use Gitea JSON library, add assert for pkp Signed-off-by: Anthony Wang <ta180m@pm.me> * Run make fmt again, fix err var redeclaration Signed-off-by: Anthony Wang <ta180m@pm.me> * Remove LogSQL from ActivityPub person test Signed-off-by: Anthony Wang <ta180m@pm.me> * Assert if json.Unmarshal succeeds Signed-off-by: Anthony Wang <ta180m@pm.me> * Cleanup, handle invalid usernames for ActivityPub person GET request Signed-off-by: Anthony Wang <ta180m@pm.me> * Rename hack_16834 to user_settings Signed-off-by: Anthony Wang <ta180m@pm.me> * Use the httplib module instead of http for GET requests * Clean up whitespace with make fmt * Use time.RFC1123 and make the http.Client proxy-aware * Check if digest algo is supported in setting module * Clean up some variable declarations * Remove unneeded copy * Use system timezone instead of setting.DefaultUILocation * Use named constant for httpsigExpirationTime * Make pubKey IRI #main-key instead of /#main-key * Move /#main-key to #main-key in tests * Implemented Webfinger endpoint. * Add visible check. * Add user profile as alias. * Add actor IRI and remote interaction URL to WebFinger response * fmt * Fix lint errors * Use go-ap instead of go-fed * Run go mod tidy to fix missing modules in go.mod and go.sum * make fmt * Convert remaining code to go-ap * Clean up go.sum * Fix JSON unmarshall error * Fix CI errors by adding @context to Person() and making sure types match * Correctly decode JSON in api_activitypub_person_test.go * Force CI rerun * Fix TestActivityPubPersonInbox segfault * Fix lint error * Use @mariusor's suggestions for idiomatic go-ap usage * Correctly add inbox/outbox IRIs to person * Code cleanup * Remove another LogSQL from ActivityPub person test * Move httpsig algos slice to an init() function * Add actor IRI and remote interaction URL to WebFinger response * Update TestWebFinger to check for ActivityPub IRI in aliases * make fmt * Force CI rerun * WebFinger: Add CORS header and fix Href -> Template for remote interactions The CORS header is needed due to https://datatracker.ietf.org/doc/html/rfc7033#section-5 and fixes some Peertube <-> Gitea federation issues * make lint-backend * Make sure Person endpoint has Content-Type application/activity+json and includes PreferredUsername, URL, and Icon Setting the correct Content-Type is essential for federating with Mastodon * Use UTC instead of GMT * Rename pkey to pubKey * Make sure HTTP request Date in GMT * make fmt * dont drop err * Make sure API responses always refer to username in original case Copied from what I wrote on #19133 discussion: Handling username case is a very tricky issue and I've already encountered a Mastodon <-> Gitea federation bug due to Gitea considering Ta180m and ta180m to be the same user while Mastodon thinks they are two different users. I think the best way forward is for Gitea to only use the original case version of the username for federation so other AP software don't get confused. * Move httpsig algs constant slice to modules/setting/federation.go * Add new federation settings to app.example.ini and config-cheat-sheet * Return if marshalling error * Make sure Person IRIs are generated correctly This commit ensures that if the setting.AppURL is something like "http://127.0.0.1:42567" (like in the integration tests), a trailing slash will be added after that URL. * If httpsig verification fails, fix Host header and try again This fixes a very rare bug when Gitea and another AP server (confirmed to happen with Mastodon) are running on the same machine, Gitea fails to verify incoming HTTP signatures. This is because the other AP server creates the sig with the public Gitea domain as the Host. However, when Gitea receives the request, the Host header is instead localhost, so the signature verification fails. Manually changing the host header to the correct value and trying the veification again fixes the bug. * Revert "If httpsig verification fails, fix Host header and try again" This reverts commit f53e46c721a037c55facb9200106a6b491bf834c. The bug was actually caused by nginx messing up the Host header when reverse-proxying since I didn't have the line `proxy_set_header Host $host;` in my nginx config for Gitea. * Go back to using ap.IRI to generate inbox and outbox IRIs * use const for key values * Update routers/web/webfinger.go * Use ctx.JSON in Person response to make code cleaner * Revert "Use ctx.JSON in Person response to make code cleaner" This doesn't work because the ctx.JSON() function already sends the response out and it's too late to edit the headers. This reverts commit 95aad988975be3393c76094864ed6ba962157e0c. * Use activitypub.ActivityStreamsContentType for Person response Content Type * Limit maximum ActivityPub request and response sizes to a configurable setting * Move setting key constants to models/user/setting_keys.go * Fix failing ActivityPubPerson integration test by checking the correct field for username * Add a warning about changing settings that can break federation * Add better comments * Don't multiply Federation.MaxSize by 1<<20 twice * Add more better comments * Fix failing ActivityPubMissingPerson test We now use ctx.ContextUser so the message printed out when a user does not exist is slightly different * make generate-swagger For some reason I didn't realize that /templates/swagger/v1_json.tmpl was machine-generated by make generate-swagger... I've been editing it by hand for three months! 🤦 * Move getting the RFC 2616 time to a separate function * More code cleanup * Update go-ap to fix empty liked collection and removed unneeded HTTP headers * go mod tidy * Add ed25519 to httpsig algorithms * Use go-ap/jsonld to add @context and marshal JSON * Change Gitea user agent from the default to Gitea/Version * Use ctx.ServerError and remove all remote interaction code from webfinger.go
* Update document to clarify that ALLOWED_DOMAINS/BLOCKED_DOMAINS support ↵wxiaoguang2022-06-181-0/+2
| | | | wildcard (#20016)
* Allow render HTML with css/js external links (#19017)Lunny Xiao2022-06-161-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Allow render HTML with css/js external links * Fix bug because of filename escape chars * Fix lint * Update docs about new configuration item * Fix bug of render HTML in sub directory * Add CSP head for displaying iframe in rendering file * Fix test * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * Some improvements * some improvement * revert change in SanitizerDisabled of external renderer * Add sandbox for iframe and support allow-scripts and allow-same-origin * refactor * fix * fix lint * fine tune * use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts * fine tune CSP * Apply suggestions from code review Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Uppercase first languages letters (#19965)AHOHNMYC2022-06-151-1/+1
|
* Disable unnecessary mirroring elements (#18527)Paweł Bogusławski2022-06-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Disable unnecessary mirroring elements This mod fixes disabling unnecessary mirroring elements. Related: https://github.com/go-gitea/gitea/pull/16957 Related: https://github.com/go-gitea/gitea/pull/13084 Author-Change-Id: IB#1105104 * Checkbox rendering disabled instead of hiding it Fixes: 02b45051503d4330da9757ff084c9cc5e6e60d84 Related: https://github.com/go-gitea/gitea/pull/18527#pullrequestreview-878061913 Author-Change-Id: IB#1105104 * Update custom/conf/app.example.ini Co-authored-by: silverwind <me@silverwind.io> * Update docs/content/doc/advanced/config-cheat-sheet.en-us.md Co-authored-by: silverwind <me@silverwind.io> * Mirror filter removed only when whole mirroring feature is disabled Fixes: 02b45051503d4330da9757ff084c9cc5e6e60d84 Related: https://github.com/go-gitea/gitea/pull/18527#discussion_r883268890 Author-Change-Id: IB#1105104 Co-authored-by: silverwind <me@silverwind.io>
* feat: add DEFAULT_MERGE_STYLE to `repository.pull-request` section for repo ↵ttys32022-06-021-0/+3
| | | | init (#19751)
* docs: update the ROOT documentation and error messages (#19832)singuliere2022-05-311-1/+2
| | | | | | | | | | | | | | | * docs: update the ROOT documentation and error messages * The documentation now reflects what happens in the setting/repository.go::newRepository function: filepath.Join(AppWorkPath, RepoRootPath) was missing. * The error message displayed when RepoRootPath is not found now displays the value of RepoRootPath. Given the complexity of the construction of this value, only referring to it in the abstract is likely to be misleading to the Gitea admin trying to interpret the message. Co-authored-by: delvh <dev.lh@web.de>
* Make WIP prefixes case insensitive, e.g. allow `Draft` as a WIP prefix (#19780)Ondřej Čertík2022-05-261-1/+1
| | | | | | | | | | | | | | | | | | | | | The issue was that only the actual title was converted to uppercase, but not the prefix as specified in `WORK_IN_PROGRESS_PREFIXES`. As a result, the following did not work: WORK_IN_PROGRESS_PREFIXES=Draft:,[Draft],WIP:,[WIP] One possible workaround was: WORK_IN_PROGRESS_PREFIXES=DRAFT:,[DRAFT],WIP:,[WIP] Then indeed one could use `Draft` (as well as `DRAFT`) in the title. However, the link `Start the title with DRAFT: to prevent the pull request from being merged accidentally.` showed the suggestion in uppercase; so it is not possible to show it as `Draft`. This PR fixes it, and allows to use `Draft` in `WORK_IN_PROGRESS_PREFIXES`. Fixes #19779. Co-authored-by: zeripath <art27@cantab.net>
* clarify what session provider 'db' does (#19713)f0x522022-05-161-1/+2
| | | | | | | * clarify what session provider 'db' does * Also update session.PROVIDER in app.example.ini Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Update documentation to disable duration settings with -1 instead of 0 (#19647)Jimmy Praet2022-05-091-6/+6
| | | To turn off the notification endpoint polling, the value should be set to -1, not 0.
* Federation: return useful statistic information for nodeinfo (#19561)65432022-05-021-0/+3
| | | Add statistic information for total user count, active user count, issue count and comment count for `/nodeinfo`
* Disable unnecessary GitHooks elementsPawel Boguslawski2022-04-261-0/+1
| | | | | | | This mod fixes disabling unnecessary GitHooks elements. Related: https://github.com/go-gitea/gitea/pull/13129 Author-Change-Id: IB#1115251
* Use "main" as default branch name (#19354)wxiaoguang2022-04-081-1/+1
| | | | | * Use "main" as default branch name * fix test code
* Allow custom redirect for landing page (#19324)techknowlogick2022-04-051-1/+1
| | | | | | | | | | | | | * Allow custom redirect for landing page * Update modules/setting/setting.go Co-authored-by: delvh <dev.lh@web.de> * fix lint * one option Co-authored-by: delvh <dev.lh@web.de>
* Remove legacy unmaintained packages, refactor to support change default ↵wxiaoguang2022-04-031-0/+1
| | | | | | | | | | locale (#19308) Remove two unmaintained vendor packages `i18n` and `paginater`. Changes: * Rewrite `i18n` package with a more clear fallback mechanism. Fix an unstable `Tr` behavior, add more tests. * Refactor the legacy `Paginater` to `Paginator`, test cases are kept unchanged. Trivial enhancement (no breaking for end users): * Use the first locale in LANGS setting option as the default, add a log to prevent from surprising users.
* Add Package Registry (#16510)KN4CK3R2022-03-301-0/+40
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Added package store settings. * Added models. * Added generic package registry. * Added tests. * Added NuGet package registry. * Moved service index to api file. * Added NPM package registry. * Added Maven package registry. * Added PyPI package registry. * Summary is deprecated. * Changed npm name. * Sanitize project url. * Allow only scoped packages. * Added user interface. * Changed method name. * Added missing migration file. * Set page info. * Added documentation. * Added documentation links. * Fixed wrong error message. * Lint template files. * Fixed merge errors. * Fixed unit test storage path. * Switch to json module. * Added suggestions. * Added package webhook. * Add package api. * Fixed swagger file. * Fixed enum and comments. * Fixed NuGet pagination. * Print test names. * Added api tests. * Fixed access level. * Fix User unmarshal. * Added RubyGems package registry. * Fix lint. * Implemented io.Writer. * Added support for sha256/sha512 checksum files. * Improved maven-metadata.xml support. * Added support for symbol package uploads. * Added tests. * Added overview docs. * Added npm dependencies and keywords. * Added no-packages information. * Display file size. * Display asset count. * Fixed filter alignment. * Added package icons. * Formatted instructions. * Allow anonymous package downloads. * Fixed comments. * Fixed postgres test. * Moved file. * Moved models to models/packages. * Use correct error response format per client. * Use simpler search form. * Fixed IsProd. * Restructured data model. * Prevent empty filename. * Fix swagger. * Implemented user/org registry. * Implemented UI. * Use GetUserByIDCtx. * Use table for dependencies. * make svg * Added support for unscoped npm packages. * Add support for npm dist tags. * Added tests for npm tags. * Unlink packages if repository gets deleted. * Prevent user/org delete if a packages exist. * Use package unlink in repository service. * Added support for composer packages. * Restructured package docs. * Added missing tests. * Fixed generic content page. * Fixed docs. * Fixed swagger. * Added missing type. * Fixed ambiguous column. * Organize content store by sha256 hash. * Added admin package management. * Added support for sorting. * Add support for multiple identical versions/files. * Added missing repository unlink. * Added file properties. * make fmt * lint * Added Conan package registry. * Updated docs. * Unify package names. * Added swagger enum. * Use longer TEXT column type. * Removed version composite key. * Merged package and container registry. * Removed index. * Use dedicated package router. * Moved files to new location. * Updated docs. * Fixed JOIN order. * Fixed GROUP BY statement. * Fixed GROUP BY #2. * Added symbol server support. * Added more tests. * Set NOT NULL. * Added setting to disable package registries. * Moved auth into service. * refactor * Use ctx everywhere. * Added package cleanup task. * Changed packages path. * Added container registry. * Refactoring * Updated comparison. * Fix swagger. * Fixed table order. * Use token auth for npm routes. * Enabled ReverseProxy auth. * Added packages link for orgs. * Fixed anonymous org access. * Enable copy button for setup instructions. * Merge error * Added suggestions. * Fixed merge. * Handle "generic". * Added link for TODO. * Added suggestions. * Changed temporary buffer filename. * Added suggestions. * Apply suggestions from code review Co-authored-by: Thomas Boerger <thomas@webhippie.de> * Update docs/content/doc/packages/nuget.en-us.md Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Thomas Boerger <thomas@webhippie.de>
* Provide configuration to allow camo-media proxying (#12802)zeripath2022-03-291-0/+17
| | | | | | | | | * Provide configuration to allow camo-media proxying Fix #916 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* New cron task: delete old system notices (#19219)Pilou2022-03-281-0/+13
| | | Add a new cron task which deletes the old system notices.
* Make cron task no notice on success (#19221)zeripath2022-03-261-17/+17
| | | | | | | | | | | | | | | | | | Change all cron tasks to make them no notice on success default. Instead if a user wants notices on success they need to add NOTICE_ON_SUCCESS=true instead. ## :warning: BREAKING :warning: This changes the cron config so that notices on success are no longer set by default and breaks NO_SUCCESS_NOTICE settings. Instead users who want notices on success must set NOTICE_ON_SUCCESS=true instead. Signed-off-by: Andrew Thornton <art27@cantab.net> * Update custom/conf/app.example.ini Co-authored-by: Norwin <noerw@users.noreply.github.com> Co-authored-by: Norwin <noerw@users.noreply.github.com>
* Add warning to set SENDMAIL_ARGS to -- (#19102)zeripath2022-03-181-0/+1
| | | | | | | Even with #17688 email addresses that contain an initial `-` may still be present in the db and it may in future still be possible to imagine a situation whereby initial `-` are repermitted. This PR simply updates the documentation to warn users to set their SENDMAIL_ARGS with a terminal `--` to prevent this possibility email addresses being interpreted as options. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update golang.org/x/crypto (#19097)Gusted2022-03-161-1/+1
| | | | | | | | | | | | | | | | | | | | * Update golang.org/x/crypto - Update dependency to include fix for CVE. - See https://groups.google.com/g/golang-announce/c/-cp44ypCT5s/m/wmegxkLiAQAJ?utm_medium=email&utm_source=footer * Fix deprecation notice * Remove workaround - Introduced in https://github.com/go-gitea/gitea/pull/17281 - Fixed in x/crypto: - https://github.com/golang/crypto/commit/5d542ad81a58c89581d596f49d0ba5d435481bcf - & https://github.com/golang/crypto/commit/3147a52a75dda54ac3a611ef8978640d85188a2a * Update Kex Algorithms - Use standardized name for curve22519-sha256. https://github.com/golang/crypto/commit/9b076918e3c7e908b2bdea932f272a9979f2488a - Prefer SHA256 version over SHA1 version. https://github.com/golang/crypto/commit/e4b3678e5f38521e67eba223ddd1902ceb3a303c
* Support ignore all santize for external renderer (#18984)Lunny Xiao2022-03-061-0/+2
| | | | | | | | | | | | | | * Support ignore all santize for external renderer * Update docs * Apply suggestions from code review Co-authored-by: silverwind <me@silverwind.io> * Fix doc Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: 6543 <6543@obermui.de>
* Don't clean up hardcoded `tmp` (#18983)KN4CK3R2022-03-021-2/+2
| | | | | * Don't clean up hardcoded `tmp`. * Fixed import.
* Disable service worker by default (#18914)silverwind2022-02-261-1/+1
| | | | | | | | The service worker causes a lot of issues with JS errors after instance upgrades while not bringing any real performance gain over regular HTTP caching. Disable it by default for this reason. Maybe later we can remove it completely, as I simply see no benefit in having it.
* Update SSH Server crypto settings (#18697)Gusted2022-02-101-3/+3
| | | | - Use a better and more curated list of Ciphers and KeyExchanges, these roughly follows OpenSSH's default. - Remove some cryptography values which were deprecated.
* Support custom ACME provider (#18340)Cristian Le2022-02-081-0/+30
| | | | | | * Added ACMECAURL option to support custom ACME provider. Closes #18306 * Refactor setting.go https settings, renamed options and variables, and documented app.example.ini * Refactored runLetsEncrypt to runACME * Improved documentation
* Add separate SSH_USER config option (#17584)Clar Fon2022-02-071-2/+5
| | | Co-authored-by: zeripath <art27@cantab.net>
* Switch to non-deprecation setting (#18358)Gusted2022-01-231-2/+3
| | | | | | * Switch to non-deprecation setting (Avoid by-default: "Deprecated fallback `[server]` `LFS_CONTENT_PATH` present. Use `[lfs]` `PATH` instead. This fallback will be removed in v1.18.0") * Update all references
* Refactor Router Logger (#17308)wxiaoguang2022-01-201-4/+13
| | | | | | Make router logger more friendly, show the related function name/file/line. [BREAKING] This PR substantially changes the logging format of the router logger. If you use this logging for monitoring e.g. fail2ban you will need to update this to match the new format.