| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| |
|
|
| |
This PR makes the actions enabled by default, so people will find it
easier to enable actions in repository setting.
|
| |
|
|
|
| |
package (#27070)
ref: https://gitea.com/gitea/homebrew-gitea/pulls/178
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Hello,
The current package guide for cargo gives you only the git index, with
the HTTP Index stabilized being used as default for crates.io and being
better for most use-cases.
However, it's not documented that gitea supports the sparse spec, and it
does not require the _crates-index git repo for the sparse api.
I personally think we should push users to use the sparse instead of the
git repository. (Even let users disable crates-index repos if they only
want to use sparse)
|
| |
|
|
|
|
|
|
|
|
|
| |
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.
And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
1. Introduce lightweight `fetch` wrapper functions that automatically
sets csfr token, content-type and use it in `RepoActionView.vue`.
2. Fix a specific issue on `RepoActionView.vue` where a fetch network
error is shortly visible during page reload sometimes. It can be
reproduced by F5-in in quick succession on the actions view page and was
also producing a red error box on the page.
Once approved, we can replace all current `fetch` uses in UI with this
in another PR.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
|
| |
|
|
|
| |
The default is false, fix the docs to reflect that.
Fixes: #26989
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This feature was removed by #22219 to avoid possible CSRF attack.
This PR takes reverseproxy auth for API back but with default disabled.
To prevent possbile CSRF attack, the responsibility will be the
reverseproxy but not Gitea itself.
For those want to enable this `ENABLE_REVERSE_PROXY_AUTHENTICATION_API`,
they should know what they are doing.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
|
| |
|
|
|
|
|
|
| |
- `Connection` and `Upgrade` [needed for
websockets](https://www.nginx.com/blog/websocket-nginx/)
- ~~`X-Real-IP` unnecessary and duplicate with `X-Forwarded-For`. [chi
checks both
headers](https://github.com/go-chi/chi/blob/master/middleware/realip.go),
but XFF is definitely the more "standard" one.~~
|
| |
|
| |
Follow-up of https://github.com/go-gitea/gitea/pull/26295
|
| |
|
|
|
|
| |
Service may fail to start at boot time with timeout
Resolves #26934
Co-authored-by: Nikolay Kobzarev <n.kobzarev@aeronavigator.ru>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:
- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
|
| |
|
|
| |
Improve the wording of the LDAP group attributes documentation and
expand the examples.
|
| |
|
|
| |
Signed-off-by: JonRB <jon.roadleybattin@gmail.com>
fixes https://github.com/go-gitea/gitea/issues/25878
|
| | |
|
| |
|
|
|
|
|
|
|
| |
clarify aspects of the dump command
Possibly closes #26862
---------
Co-authored-by: delvh <dev.lh@web.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This change was caused by #26271, for configuration as below:
```
[attachment]
ENABLE = true
PATH = data/attachments
MAX_SIZE = 100
MAX_FILES = 5
```
Before #26271, the resolved path is ${AppWorkPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/attachments`)
After #26271, the resolved path is ${AppDataPath}/${attachments.PATH}
(such as `/var/lib/gitea/data/data/attachments`)
Fix https://github.com/go-gitea/gitea/issues/26864
Follow https://github.com/go-gitea/gitea/pull/26271
|
| |
|
|
|
|
|
| |
* `/help/support` is a better document than
`/administration/logging-config` for bug reporting
* Improve `support.en-us.md`
* Move/add detailed contents into `Advanced Bug Report Tips` section
* Merge `Chinese Support` section into `Support Options`
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.
https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| | |
|
| |
|
|
| |
… because it doesn't require a separate shell, spawning a process which
cost unnecessary resources and takes time.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
copy and modified from #14572
> Whilst debating enforcing MFA within our team, I realised there isn't
a lot of context to the side effects of enabling it. Most of us use Git
over HTTP and would need to add a token.
I plan to add another PR that adds a sentence to the UI about needing to
generate a token when enabling MFA if HTTP is to be used.
---------
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
|
| | |
|
| |
|
|
|
|
| |
Explanation for using gitea's variables in `.tmpl` files.
Thanks to @wxiaoguang for advising me on
[discord](https://discord.com/channels/322538954119184384/561007778139734027/1141217820441587722).
|
| | |
|
| |
|
|
|
|
|
|
|
| |
The xorm `Sync2` has already been deprecated in favor of `Sync`,
so let's do the same inside the Gitea codebase.
Command used to replace everything:
```sh
for i in $(ag Sync2 --files-with-matches); do vim $i -c ':%sno/Sync2/Sync/g' -c ':wq'; done
```
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This PR adds our matrix space to the support options and alphabetizes
the list.
I also considered adding our Mastodon, however that isn't as suitable as
the other options because it's just whoever has access to the account vs
a community chat/forum.
---------
Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
|
| |
|
|
|
|
| |
In the previous feature description, numerous functionalities of Gitea
were listed, which appeared redundant and failed to highlight the unique
characteristics of Gitea. Therefore, I have rewritten this section based
on the description provided on the official Gitea website
|
| |
|
|
|
|
|
|
|
|
| |
(#26451)
fix
https://github.com/go-gitea/gitea/issues/25995#issuecomment-1674096710
---------
Co-authored-by: silverwind <me@silverwind.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This PR is an extended implementation of #25189 and builds upon the
proposal by @hickford in #25653, utilizing some ideas proposed
internally by @wxiaoguang.
Mainly, this PR consists of a mechanism to pre-register OAuth2
applications on startup, which can be enabled or disabled by modifying
the `[oauth2].DEFAULT_APPLICATIONS` parameter in app.ini. The OAuth2
applications registered this way are being marked as "locked" and
neither be deleted nor edited over UI to prevent confusing/unexpected
behavior. Instead, they're being removed if no longer enabled in config.
The implemented mechanism can also be used to pre-register other OAuth2
applications in the future, if wanted.
Co-authored-by: hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
---------
Co-authored-by: M Hickford <mirth.hickford@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
|
|
|
| |
Added missing backtick in quickstart.zh-cn.md docs so inline code can
render properly.
Co-authored-by: Giteabot <teabot@gitea.io>
|
| |
|
| |
Fix https://gitea.com/gitea/gitea-docusaurus/issues/56
|
| |
|
|
| |
follow #26317
fix typos and adjust grammer problems.
|
| |
|
|
|
| |
As title.
Close #26309
Related to #24724, #24806
|
| |
|
|
| |
The `IS_TLS_ENABLED` option in the `mailer` section is deprecated. This
is specified by setting `PROTOCOL=smtps`
|
| |
|
|
|
|
|
| |
1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config
Co-authored-by: Giteabot <teabot@gitea.io>
|
| |
|
|
| |
Arch linux package link has changed from the community repo to the extra repo.
The link has been updated.
|
| |
|
|
|
| |
Our `devtest` page contains some good UI examples which should be taken
as example when working on Gitea UI. Mention it in our frontend
contributing guidelines to for new contributors to know about it.
|
| |
|
|
|
|
|
|
|
|
|
| |
Not too important, but I think that it'd be a pretty neat touch.
Also fixes some layout bugs introduced by a previous PR.
---------
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
|
|
|
| |
To avoid consuming user's 100% CPU, limit the default value of
MAX_WORKERS
Fix #26063 (the CPU 100% problem mentioned in it)
|
| |
|
|
|
|
|
| |
https://github.com/go-gitea/gitea/pull/26051 I accidentally rebased
locally without my re-addition for these files, so they were missed in
the merge, but only for `main`.
Signed-off-by: jolheiser <john.olheiser@gmail.com>
|
| |
|
|
|
|
|
|
| |
The setting `MAILER_TYPE` is deprecated.
According to the config cheat sheet, it should be `PROTOCOL`.
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| |
|
| |
Update part of the documents, translate English to Chinese.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This PR cleans up the docs in a way to make them simpler to ingest by
our [docs repo](https://gitea.com/gitea/gitea-docusaurus).
1. It includes all of the sed invocations our ingestion did, removing
the need to do it at build time.
2. It replaces the shortcode variable replacement method with
`@variable@` style, simply for easier sed invocations when required.
3. It removes unused files and moves the docs up a level as cleanup.
---------
Signed-off-by: jolheiser <john.olheiser@gmail.com>
|
| |
|
| |
Fix #26035
|
| |
|
|
|
|
| |
related #1635 #18159
This will probably be obsolete at some point, but it should not break
anything and it may help some users
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace #21790
And close #25965 by the way (it needs a separate fix for 1.20)
Major changes:
1. Move "gitea convert" to "gitea doctor conver". The old "gitea doctor"
still works as a hidden sub-command (to avoid breaking)
2. Do not write "doctor.log" by default, it's not useful in most cases
and causes bugs like 25965
3. Improve documents
4. Fix the "help" commands. Before, the "./gitea doctor" can't show the
sub-command help correctly (regression of the last cli/v2 refactoring)
After this PR:
```
./gitea help # show all sub-commands for the app
./gitea doctor # show the sub-commands for the "doctor"
./gitea doctor help # show the sub-commands for the "doctor", as above
```
|
| |
|
| |
as title
|
| |
|
| |
close #26045
|
| |
|
|
| |
Present documentation does not capture that secrets are only visible if
ACTIONS are enabled for a repository. This PR adds a short note
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
".well-known" (#25974)
Replace #25892
Close #21942
Close #25464
Major changes:
1. Serve "robots.txt" and ".well-known/security.txt" in the "public"
custom path
* All files in "public/.well-known" can be served, just like
"public/assets"
3. Add a test for ".well-known/security.txt"
4. Simplify the "FileHandlerFunc" logic, now the paths are consistent so
the code can be simpler
5. Add CORS header for ".well-known" endpoints
6. Add logs to tell users they should move some of their legacy custom
public files
```
2023/07/19 13:00:37 cmd/web.go:178:serveInstalled() [E] Found legacy public asset "img" in CustomPath. Please move it to /work/gitea/custom/public/assets/img
2023/07/19 13:00:37 cmd/web.go:182:serveInstalled() [E] Found legacy public asset "robots.txt" in CustomPath. Please move it to /work/gitea/custom/public/robots.txt
```
This PR is not breaking.
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
|
