| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Use hostmacher to replace matchlist.
And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Add settings to allow different SMTP envelope from address
Sometimes it may be advisable to hide or alias the from address on an SMTP mail
envelope. This PR adds two new options to the mailer to allow setting of an overriding
from address.
Fix #17477
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
|
|
|
|
|
|
| |
Use check attribute code to check the assigned language of a file and send that in to
chroma as a hint for the language of the file.
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
|
|
| |
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
|
|
|
|
|
| |
Gitea fetches static resources from /assets, so nginx configuration has to be updated accordingly.
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
| |
|
| |
|
|
|
|
|
| |
and 1.16 (#17530)
* fix documents for ALLOWED_HOST_LIST, its default value differs between 1.15 and 1.16
|
|
|
| |
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
|
|
| |
The passthrough is based upon AuthorizedKeysCommand and a custom shell wrapper that forwards commands to the container over the docker pipe.
|
| |
|
|
|
|
|
| |
Update the version in docs/config.yaml to 1.15.6
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
|
|
|
|
|
|
| |
* Update reverse-proxies.en-us.md
Addition of HAProxy
* Update reverse-proxies.en-us.md
|
| |
|
|
|
|
|
|
|
| |
* Update with-docker.en-us.md
* Update with-docker.en-us.md
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Convert the old mirror syncing queue to the more modern queue format.
Fix a bug in the from the repo-archive queue PR - the assumption was made that uniqueness could be enforced with by checking equality in a map in channel unique queues - however this only works for primitive types - which was the initial intention but is an imperfect. This is fixed by marshalling the data and placing the martialled data in the unique map instead.
The documentation is also updated to add information about the deprecated configuration values.
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* split `index.js` to separate files
* tune clipboard
* fix promise
* fix document
* remove intermediate empty file
* fix async event listener
* use `export function` instead of `export {}`, add more comments
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add simple update checker to Gitea
* update struct and remove comments
* fix lint
* Update custom/conf/app.example.ini
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update custom/conf/app.example.ini
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-authored-by: Steven <61625851+justusbunsi@users.noreply.github.com>
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
* Update modules/cron/tasks_extended.go
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Update custom/conf/app.example.ini
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* take PR feedback into account and display banner on admin dashboard for alerts
* Add more detailed message
* placate lint
* update per feedback
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Steven <61625851+justusbunsi@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
URLs are generated without sub-path) (#17320)
* Apache `ProxyPassReverse` only works for Location, Content-Location and URI headers on HTTP redirect responses, it causes more problems than it resolves. Now all URLs generated by Gitee have the correct prefix AppSubURL. We do not need to set `ProxyPassReverse`.
* fix url param
* use AppSubURL instead of AppURL in api/v1
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
dir, and remove unused codes. (#17301)
* frontend refactor
* Apply suggestions from code review
Co-authored-by: delvh <dev.lh@web.de>
* Update templates/base/head.tmpl
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/developers/guidelines-frontend.md
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* fix typo
* fix typo
* refactor PageData to pageData
* Apply suggestions from code review
Co-authored-by: delvh <dev.lh@web.de>
* Simply for the visual difference.
Co-authored-by: delvh <dev.lh@web.de>
* Revert "Apply suggestions from code review"
This reverts commit 4d78ad9b0e96ca180e0823de17659a2e0814c099.
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
core.protectNTFS protects NTFS from files which may be difficult to remove or interact
with using the win32 api, however, it also appears to prevent such files from
being entered into the git indexes - fundamentally causing breakages with PRs that
affect these files. However, deliberately setting this to false may cause security
issues due to the remain sparse checkout of files in the merge pipeline.
The only sensible option therefore is to provide an optional setting which admins
could set which would forcibly switch this off if they are affected by this issue.
Fix #17092
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add metrics to get issues by label
* Add comment on IssueByLabelCount
* Code review - Unify "AS" in SQL (#17201)
* Code review - Remove useless join (#17201)
* Code review - Disable issue_by_label by default in settings (#17201)
* use e
* restore empty line
* update docs
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Nodeinfo is a way to expose certain metadata about a server for use of discovery regarding functionality of its federation capabilities.
Two endpoints are required:
1. `/.well-known/nodeinfo` which informs client where it can find the location of the location of its metadata (including which version of the schema is used)
2. the endpoint which exposes the metadata in json format according to schema.
Notes:
* `openRegistrations` is a required field, but I propose to set to false as default in case someone writes a crawler to discover "open" gitea instances
* to limit data leakage I also propose to not include the `usage` field (note it is required so it should be included, but left as empty).
More info:
https://github.com/jhass/nodeinfo
https://github.com/jhass/nodeinfo/tree/main/schemas/2.1
http://nodeinfo.diaspora.software/protocol.html
|
|
|
|
|
|
|
|
| |
Add a new default theme `auto`, which will automatically switch between
`gitea` (light) and `arc-green` (dark) themes depending on the user's
operating system settings.
Closes: #8183
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Just a tiny change to save someone some time while reading the docs. I got lost in the angular code and npm packages trying to reverse engineer it and figure out what setting controlled this file limit:
![image](https://user-images.githubusercontent.com/7119703/134829716-8f587878-21a3-413b-ba1e-c2bbe9391ad2.png)
Eventually I tracked it down from
https://github.com/go-gitea/gitea/blob/b74a0f9060d5fda341f5554ef529a2006308c6ab/options/locale/locale_en-US.ini#L2776
to
https://github.com/go-gitea/gitea/blob/b74a0f9060d5fda341f5554ef529a2006308c6ab/templates/repo/upload.tmpl#L11
to
https://github.com/go-gitea/gitea/blob/b74a0f9060d5fda341f5554ef529a2006308c6ab/web_src/js/index.js#L1043
to
https://github.com/go-gitea/gitea/blob/b74a0f9060d5fda341f5554ef529a2006308c6ab/web_src/js/features/dropzone.js#L3
to
https://www.npmjs.com/package/dropzone
and then I realized I can't read :sweat_smile:, back to
https://github.com/go-gitea/gitea/blob/b74a0f9060d5fda341f5554ef529a2006308c6ab/templates/repo/upload.tmpl#L8
and quickly solved it from there!!
https://github.com/go-gitea/gitea/blob/b74a0f9060d5fda341f5554ef529a2006308c6ab/modules/upload/upload.go#L81
Yes I know this long path was 90% me failing to read code properly and going on a red herring journey... but point is we should not have to do this in the first place to know how to configure this file upload form :pleading_face: :point_right: :point_left:
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Allow LDAP Sources to provide Avatars
Add setting to LDAP source to allow it to provide an Avatar.
Currently this is required to point to the image bytes.
Fix #4144
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Rename as Avatar Attribute (drop JPEG)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Always synchronize avatar if there is change
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Actually get the avatar from the ldap
Signed-off-by: Andrew Thornton <art27@cantab.net>
* clean-up
Signed-off-by: Andrew Thornton <art27@cantab.net>
* use len()>0 rather than != ""
Signed-off-by: Andrew Thornton <art27@cantab.net>
* slight shortcut in IsUploadAvatarChanged
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
We do not currently state the minimum versions of databases we support.
This PR sets them to:
* MySQL >=5.7
* Postgres >=10
* MSSQL >=2008R2 SP3
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* doc: Upgrade from an old Gitea
* update backup steps
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
* update backup tips
* update table header
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: silverwind <me@silverwind.io>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: silverwind <me@silverwind.io>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: techknowlogick <matti@mdranta.net>
* Update docs/content/doc/upgrade/from-gitea.en-us.md
Co-authored-by: techknowlogick <matti@mdranta.net>
* Update from-gitea.en-us.md
* Update from-gitea.en-us.md
* Update from-gitea.en-us.md
* Update from-gitea.en-us.md
* Update from-gitea.en-us.md
* Update from-gitea.en-us.md
* Update from-gitea.en-us.md
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* translated the rest of index.de-de.md to german
* fixed typo in german locale activate_account email
* fixed typo in german doc/content/page/index.md
* Update docs/content/page/index.de-de.md
Co-authored-by: delvh <dev.lh@web.de>
* commited sugesstions
Co-authored-by: delvh <dev.lh@web.de>
* commited sugesstions
Co-authored-by: delvh <dev.lh@web.de>
* commited sugesstions
Co-authored-by: delvh <dev.lh@web.de>
* revert locale change
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
|
|
|
|
|
|
|
|
|
|
|
| |
Rename`[repository]` `DISABLE_MIRRORS` to `[mirror]` `DISABLE_NEW_PULL` and add `ENABLED` and `DISABLE_NEW_PUSH` with the below meanings:
- `ENABLED`: **true**: Enables the mirror functionality. Set to **false** to disable all mirrors.
- `DISABLE_NEW_PULL`: **false**: Disable the creation of **new** mirrors. Pre-existing mirrors remain valid.
- `DISABLE_NEW_PUSH`: **false**: Disable the creation of **new** push mirrors. Pre-existing mirrors remain valid.
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Thanks to https://github.com/go-gitea/gitea/pull/16788 I can see why our docker container kept restarting when adding the custom mail template example.
[The example template](https://docs.gitea.io/en-us/mail-templates/#example) has an error
```
2021/09/03 10:55:25 cmd/web.go:91:func1() [F] PANIC: template: mail/issue/default:35: function "AppURL" not defined
/usr/local/go/src/html/template/template.go:374 (0x1563bb8)
/go/src/code.gitea.io/gitea/vendor/github.com/unrolled/render/render.go:322 (0x1563782)
/go/src/code.gitea.io/gitea/vendor/github.com/unrolled/render/render.go:202 (0x1562f8b)
/go/src/code.gitea.io/gitea/vendor/github.com/unrolled/render/render.go:146 (0x15629d2)
/go/src/code.gitea.io/gitea/modules/templates/base.go:88 (0x16b0769)
/go/src/code.gitea.io/gitea/routers/web/base.go:125 (0x225f284)
/go/src/code.gitea.io/gitea/routers/web/web.go:95 (0x2261284)
/go/src/code.gitea.io/gitea/routers/init.go:147 (0x22817ba)
/go/src/code.gitea.io/gitea/cmd/web.go:158 (0x239741a)
/go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/app.go:524 (0x1740884)
/go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/command.go:173 (0x17415f8)
/go/src/code.gitea.io/gitea/vendor/github.com/urfave/cli/app.go:277 (0x173e8c7)
/go/src/code.gitea.io/gitea/main.go:115 (0x23d3e69)
/usr/local/go/src/runtime/proc.go:225 (0x443995)
/usr/local/go/src/runtime/asm_amd64.s:1371 (0x47b360)
```
|
| |
|
|
|
|
|
|
|
| |
* Add release default page and set it to 10
* use limit
Co-authored-by: 6543 <6543@obermui.de>
|
|
|
| |
Co-authored-by: zeripath <art27@cantab.net>
|
|
|
|
|
| |
* frontport: 1.15.0 changelog
* Update config.yaml
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Add proxy settings and support for migration and webhook
* Fix default value
* Add newline for example ini
* Add lfs proxy support
* Fix lint
* Follow @zeripath's review
* Fix git clone
* Fix test
* missgin http requests for proxy
* use empty
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
One of the issues holding back performance of the API is the problem of hashing.
Whilst banning BASIC authentication with passwords will help, the API Token scheme
still requires a PBKDF2 hash - which means that heavy API use (using Tokens) can
still cause enormous numbers of hash computations.
A slight solution to this whilst we consider moving to using JWT based tokens and/or
a session orientated solution is to simply cache the successful tokens. This has some
security issues but this should be balanced by the security issues of load from
hashing.
Related #14668
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
|
|
| |
Co-authored-by: Lauris BH <lauris@nix.lv>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Improve SMTP authentication, Fix user creation bugs and add LDAP cert/key options
This PR has two parts:
Improvements for SMTP authentication:
* Default to use SMTPS if port is 465, and allow setting of force SMTPS.
* Always use STARTTLS if available
* Provide CRAM-MD5 mechanism
* Add options for HELO hostname disabling
* Add options for providing certificates and keys
* Handle application specific password response as a failed user login
instead of as a 500.
Close #16104
Fix creation of new users:
* A bug was introduced when allowing users to change usernames which
prevents the creation of external users.
* The LoginSource refactor also broke this page.
Close #16104
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
|
|
| |
Fix #16639
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Allow setting X-FRAME-OPTIONS
This PR provides a mechanism to set the X-FRAME-OPTIONS header.
Fix #7951
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update docs/content/doc/advanced/config-cheat-sheet.en-us.md
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
* Frontport changelog for v1.14.6
Changelog frontported to below v1.15.0-rc1.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update config.yaml
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Upgrade to golang-jwt 3.2.2
Upgrade to the latest version of golang-jwt
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Forcibly replace the 3.2.1 version of golang-jwt/jwt and increase minimum Go version
Using go.mod we can forcibly replace the 3.2.1 version used by goth to 3.2.2.
Further given golang-jwt/jwts stated policy of only supporting supported go versions
we should just raise our minimal version of go to 1.16 for 1.16 as by time of release
1.15 will be out of support.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update minimal go required
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update config.yaml
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
|
|
|
|
|
| |
Signed-off-by: ltdk <usr@ltdk.xyz>
|