aboutsummaryrefslogtreecommitdiffstats
path: root/go.mod
Commit message (Collapse)AuthorAgeFilesLines
* Upgrade Go 1.22 and upgrade dependency (#29869)wxiaoguang2024-03-171-76/+77
|
* Update Chroma to v2.13.0 (#29732)JakobDev2024-03-121-2/+2
| | | | | | | | | This adds new lexers and includes some fixes. See https://github.com/alecthomas/chroma/releases/tag/v2.13.0 for the full changelog. --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Make runs-on support variable expression (#29468)sillyguodong2024-03-081-1/+1
| | | | | | | | As title. Close issue: https://gitea.com/gitea/act_runner/issues/445 Follow: https://gitea.com/gitea/act/pulls/91 Move `getSecretsOfTask` and `getVariablesOfTask` under `models` because of circular dependency issues.
* Partially enable MSSQL case-sensitive collation support (#29238)wxiaoguang2024-03-081-5/+5
| | | Follow #28662
* bump protobuf module (#29617)techknowlogick2024-03-051-1/+1
|
* Use `crypto/sha256` (#29386)KN4CK3R2024-02-251-1/+1
| | | | | | | | Go 1.21 improved the performance of `crypto/sha256`. It's now similar to `minio/sha256-simd`, so we should just use the standard libs. https://go.dev/doc/go1.21#crypto/sha256 https://go-review.googlesource.com/c/go/+/408795 https://github.com/multiformats/go-multihash/pull/173
* Revert "Support SAML authentication (#25165)" (#29358)65432024-02-241-5/+0
| | | | | | | | | | This reverts #25165 (5bb8d1924d77c675467694de26697b876d709a17), as there was a chance some important reviews got missed. so after reverting this patch it will be resubmitted for reviewing again https://github.com/go-gitea/gitea/pull/25165#issuecomment-1960670242 temporary Open #5512 again
* Support SAML authentication (#25165)techknowlogick2024-02-231-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Closes https://github.com/go-gitea/gitea/issues/5512 This PR adds basic SAML support - Adds SAML 2.0 as an auth source - Adds SAML configuration documentation - Adds integration test: - Use bare-bones SAML IdP to test protocol flow and test account is linked successfully (only runs on Postgres by default) - Adds documentation for configuring and running SAML integration test locally Future PRs: - Support group mapping - Support auto-registration (account linking) Co-Authored-By: @jackHay22 --------- Co-authored-by: jackHay22 <jack@allspice.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: morphelinho <morphelinho@users.noreply.github.com> Co-authored-by: Zettat123 <zettat123@gmail.com> Co-authored-by: Yarden Shoham <git@yardenshoham.com> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: silverwind <me@silverwind.io>
* Use new RPM constants (#28931)KN4CK3R2024-01-251-1/+1
| | | https://github.com/sassoftware/go-rpmutils/pull/24 got merged.
* Update go dependencies and fix go-git (#28893)wxiaoguang2024-01-231-49/+47
| | | | | More details are in the comment of repo_base_gogit.go And ref: https://github.com/go-git/go-git/issues/1006
* Upgrade xorm to v1.3.7 to fix a resource leak problem caused by Iterate (#28891)Lunny Xiao2024-01-221-1/+1
| | | Mainly fix an error https://gitea.com/xorm/xorm/issues/2393
* Set the `isPermaLink` attribute to `false` in the `guid` sub-element (#28860)Yarden Shoham2024-01-201-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Our `guid` is not a valid URL so according to the RSS spec the `isPermaLink` attribute needs to be set to `false`. Example: ```diff <item> <title>yardenshoham opened issue &lt;a href=&#34;https://3000-yardenshoham-gitea-jqlxjixsez9.ws-us107.gitpod.io/yardenshoham/test/issues/2&#34;&gt;yardenshoham/test#2&lt;/a&gt;</title> <link>https://3000-yardenshoham-gitea-jqlxjixsez9.ws-us107.gitpod.io/yardenshoham/test/issues/2</link> <description>2#hey</description> <content:encoded><![CDATA[2#hey]]></content:encoded> <author>yardenshoham</author> - <guid>355: https://3000-yardenshoham-gitea-jqlxjixsez9.ws-us107.gitpod.io/yardenshoham/test/issues/2</guid> + <guid isPermaLink="false">355: https://3000-yardenshoham-gitea-jqlxjixsez9.ws-us107.gitpod.io/yardenshoham/test/issues/2</guid> <pubDate>Tue, 16 Jan 2024 18:54:36 +0000</pubDate> </item> ``` References: - https://www.rssboard.org/rss-specification#ltguidgtSubelementOfLtitemgt - Fixes https://github.com/go-gitea/gitea/issues/28734 - https://github.com/gorilla/feeds/issues/78 - https://github.com/go-gitea/gitea/pull/21550 - https://github.com/gorilla/feeds/pull/107 Signed-off-by: Yarden Shoham <git@yardenshoham.com>
* Update github.com/cloudflare/circl (#28789)Chongyi Zheng2024-01-151-1/+1
| | | | | | cloudflare/circl: https://github.com/advisories/GHSA-9763-4f94-gfch Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662)wxiaoguang2024-01-101-1/+1
| | | | | | | | | | | | | | | | | | Mainly for MySQL/MSSQL. It is important for Gitea to use case-sensitive database charset collation. If the database is using a case-insensitive collation, Gitea will show startup error/warning messages, and show the errors/warnings on the admin panel's Self-Check page. Make `gitea doctor convert` work for MySQL to convert the collations of database & tables & columns. * Fix #28131 ## :warning: BREAKING :warning: It is not quite breaking, but it's highly recommended to convert the database&table&column to a consistent and case-sensitive collation.
* Upgrade xorm to new version which supported update join for all supported ↵Lunny Xiao2023-12-311-1/+1
| | | | | | | | | | | | | | | | | | | | | | | databases (#28590) Fix https://github.com/go-gitea/gitea/pull/28547#issuecomment-1867740842 Since https://gitea.com/xorm/xorm/pulls/2383 merged, xorm now supports UPDATE JOIN. To keep consistent from different databases, xorm use `engine.Join().Update`, but the actural generated SQL are different between different databases. For MySQL, it's `UPDATE talbe1 JOIN table2 ON join_conditions SET xxx Where xxx`. For MSSQL, it's `UPDATE table1 SET xxx FROM TABLE1, TABLE2 WHERE join_conditions`. For SQLITE per https://www.sqlite.org/lang_update.html, sqlite support `UPDATE table1 SET xxx FROM table2 WHERE join conditions` from 3.33.0(2020-8-14). POSTGRES is the same as SQLITE.
* Update go dependencies (#28518)wxiaoguang2023-12-191-82/+82
| | | | | Update golang.org/x/crypto for CVE-2023-48795 and update other packages. `go-git` is not updated because it needs time to figure out why some tests fail.
* Bump google/go-github to v57 (#28514)Yevhen Pavlov2023-12-181-1/+1
|
* Improve CLI code and descriptions (#28482)wxiaoguang2023-12-151-1/+1
| | | | | | | | | | * Close #28444 * Actually, it doesn't need to use that trick because it looks like it is not necessary, no user really needs it * Remove the hidden (legacy) "doctor" subcommand and update documents * Fix "actions" usage ![image](https://github.com/go-gitea/gitea/assets/2114189/3c2b34a7-4f92-4a6c-96fd-9505e413d4ec)
* Remove SSH workaround (#27893)Earl Warren2023-11-031-1/+1
| | | Revert the workaround of #26409 and fix #26411, update github.com/gliderlabs/ssh to include https://github.com/gliderlabs/ssh/commit/02f9d573009f8c13755b6b90fa14a4f549b17b22
* Upgrade xorm to 1.3.4 (#27807)Nanguan Lin2023-10-271-1/+1
| | | | | | | Noticeable change: Remove the `OrderBy("1") ` [patch](https://github.com/go-gitea/gitea/pull/27673#issuecomment-1768570142) for mssql since xorm has [fixed it](https://gitea.com/xorm/xorm/commit/0f085408afd85707635eadb2294ab52be04f3c0f).
* Chroma v2.10.0 (#27803)bt902023-10-261-1/+1
| | | | | | | Bump the chroma version to v2.10.0: https://github.com/alecthomas/chroma/releases/tag/v2.10.0 This release includes a better Java lexer https://github.com/alecthomas/chroma/pull/873
* Upgrade xorm (#27673)Nanguan Lin2023-10-191-1/+1
| | | Related to https://gitea.com/xorm/xorm/pulls/2341
* Upgrade go dependencies (#27599)Chongyi Zheng2023-10-131-20/+24
| | | | | | | | | | Upgrade all dependencies in `go.mod` `golang.org/x/net` v0.17.0 also fixes [CVE-2023-39325](https://github.com/advisories/GHSA-4374-p667-p6c8) --------- Co-authored-by: delvh <dev.lh@web.de>
* Downgrade `go-co-op/gocron` to v1.31.1 (#27511)silverwind2023-10-071-1/+1
|
* bump go-deps (#27489)techknowlogick2023-10-071-45/+42
|
* bump bleve (#27300)techknowlogick2023-09-271-10/+10
| | | | | Co-authored-by: yp05327 <576951401@qq.com> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Update go-enry to 2.8.5 (#27215)delvh2023-09-231-1/+1
| | | Fixes #27214
* Update chroma to v2.9.1 (#26990)silverwind2023-09-091-1/+1
|
* Use Go 1.21 and update dependencies (#26878)wxiaoguang2023-09-031-20/+20
| | | | | | To make sure Gitea's next release's lifecycle could have active Golang support. And min/max are builtin now.
* chore(actions): support cron schedule task (#26655)Lunny Xiao2023-08-241-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace #22751 1. only support the default branch in the repository setting. 2. autoload schedule data from the schedule table after starting the service. 3. support specific syntax like `@yearly`, `@monthly`, `@weekly`, `@daily`, `@hourly` ## How to use See the [GitHub Actions document](https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#schedule) for getting more detailed information. ```yaml on: schedule: - cron: '30 5 * * 1,3' - cron: '30 5 * * 2,4' jobs: test_schedule: runs-on: ubuntu-latest steps: - name: Not on Monday or Wednesday if: github.event.schedule != '30 5 * * 1,3' run: echo "This step will be skipped on Monday and Wednesday" - name: Every time run: echo "This step will always run" ``` Signed-off-by: Bo-Yi.Wu <appleboy.tw@gmail.com> --------- Co-authored-by: Jason Song <i@wolfogre.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Update go dependencies (#26534)wxiaoguang2023-08-161-38/+39
|
* Upgrade x/net to 0.13.0 (#26297)Lunny Xiao2023-08-031-1/+1
|
* Update xorm version (#26128)Lunny Xiao2023-07-251-2/+2
| | | | | | | Test new xorm version compatible with Gitea --------- Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Replace gogs/cron with go-co-op/gocron (#25977)Chongyi Zheng2023-07-241-1/+2
| | | | | | | | Replace `github.com/gogs/cron` with `github.com/go-co-op/gocron` as the former package is not maintained for many years. --------- Co-authored-by: delvh <dev.lh@web.de>
* Refactor to use urfave/cli/v2 (#25959)wxiaoguang2023-07-211-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replace #10912 And there are many new tests to cover the CLI behavior There were some concerns about the "option order in hook scripts" (https://github.com/go-gitea/gitea/pull/10912#issuecomment-1137543314), it's not a problem now. Because the hook script uses `/gitea hook --config=/app.ini pre-receive` format. The "config" is a global option, it can appear anywhere. ---- ## ⚠️ BREAKING ⚠️ This PR does it best to avoid breaking anything. The major changes are: * `gitea` itself won't accept web's options: `--install-port` / `--pid` / `--port` / `--quiet` / `--verbose` .... They are `web` sub-command's options. * Use `./gitea web --pid ....` instead * `./gitea` can still run the `web` sub-command as shorthand, with default options * The sub-command's options must follow the sub-command * Before: `./gitea --sub-opt subcmd` might equal to `./gitea subcmd --sub-opt` (well, might not ...) * After: only `./gitea subcmd --sub-opt` could be used * The global options like `--config` are not affected
* Remove nfnt/resize and oliamb/cutter (#25999)harryzcy2023-07-201-2/+0
| | | | | The package `github.com/nfnt/resize` is deprecated and archived by the author. `github.com/oliamb/cutter` is not maintained since 2018. We could use `golang.org/x/image/draw` instead.
* Bump github.com/golang-jwt/jwt to v5 (#25975)harryzcy2023-07-191-2/+3
| | | | | | | | | | | | | | | | Bumping `github.com/golang-jwt/jwt` from v4 to v5. `github.com/golang-jwt/jwt` v5 is bringing some breaking changes: - standard `Valid()` method on claims is removed. It's replaced by `ClaimsValidator` interface implementing `Validator()` method instead, which is called after standard validation. Gitea doesn't seem to be using this logic. - `jwt.Token` has a field `Valid`, so it's checked in `ParseToken` function in `services/auth/source/oauth2/token.go` --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Disallow dangerous url schemes (#25960)KN4CK3R2023-07-181-1/+1
| | | | | | | | | | | | Regression: https://github.com/go-gitea/gitea/pull/24805 Closes: #25945 - Disallow `javascript`, `vbscript` and `data` (data uri images still work) url schemes even if all other schemes are allowed - Fixed older `cbthunderlink` tests --------- Co-authored-by: delvh <dev.lh@web.de>
* Upgrade go dependencies (#25819)harryzcy2023-07-141-105/+106
|
* Fix wrong warn messages in migration steps (#25475)Lunny Xiao2023-06-241-1/+1
| | | | | | | | | | | | | | | | | | | The recent change on xorm for `Sync` is it will not warn when database have columns which is not listed on struct. So we just need this warn logs when `Sync` the whole database but not in the migrations Sync. This PR will remove almost unnecessary warning logs on migrations. Now below logs in CI will disappear. ```log 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column creator_id but struct has not related field 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column is_closed but struct has not related field 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column board_type but struct has not related field 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column type but struct has not related field 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column closed_date_unix but struct has not related field 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column created_unix but struct has not related field 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column updated_unix but struct has not related field 2023/06/23 17:51:32 models/db/engine.go:191:InitEngineWithMigration() [W] Table gtestschema.project has column card_type but struct has not related field ```
* Support changing labels of Actions runner without re-registration (#24806)sillyguodong2023-06-131-1/+1
| | | | | | | | | | | | | | | | | | | close #24540 related: - Protocol: https://gitea.com/gitea/actions-proto-def/pulls/9 - Runner side: https://gitea.com/gitea/act_runner/pulls/201 changes: - Add column of `labels` to table `action_runner`, and combine the value of `agent_labels` and `custom_labels` column to `labels` column. - Store `labels` when registering `act_runner`. - Update `labels` when `act_runner` starting and calling `Declare`. - Users cannot modify the `custom labels` in edit page any more. other changes: - Store `version` when registering `act_runner`. - If runner is latest version, parse version from `Declare`. But older version runner still parse version from request header.
* Update github.com/google/go-github to v53 (#25157)Yevhen Pavlov2023-06-091-1/+1
| | | | | | The new `go-github` version [53](https://github.com/google/go-github/releases/tag/v53.0.0) has been released.
* Update github.com/google/go-github to v52 (#24004)65432023-05-311-4/+4
| | | | | | | | | | based on https://github.com/google/go-github/pull/2743 because of https://github.com/go-gitea/gitea/pull/23946#discussion_r1160317554 --------- Co-authored-by: silverwind <me@silverwind.io>
* Use Go 1.20 for next release (#24859)wxiaoguang2023-05-221-1/+1
|
* Allow all URL schemes in Markdown links by default (#24805)Yarden Shoham2023-05-191-3/+2
| | | | | | | | | | | | | | | | | | | | | | | | - Closes #21146 - Closes #16721 ## :warning: BREAKING :warning: This changes the default behavior to now create links for any URL scheme when the user uses the markdown form for links (`[label](URL)`), this doesn't affect the rendering of inline links. To opt-out set the `markdown.CUSTOM_URL_SCHEMES` setting to a list of allowed schemes, all other schemes (except `http` and `https`) won't be allowed. # Before ![image](https://github.com/go-gitea/gitea/assets/20454870/35fa18ce-7dda-4995-b5b3-3f360f38296d) # After ![image](https://github.com/go-gitea/gitea/assets/20454870/0922216b-0b35-4b77-9919-21a5c21dd5d0) --------- Signed-off-by: Yarden Shoham <git@yardenshoham.com> Co-authored-by: Giteabot <teabot@gitea.io>
* Add RPM registry (#23380)KN4CK3R2023-05-051-0/+2
| | | | | | | | | | | | | | | Fixes #20751 This PR adds a RPM package registry. You can follow [this tutorial](https://opensource.com/article/18/9/how-build-rpm-packages) to build a *.rpm package for testing. This functionality is similar to the Debian registry (#22854) and therefore shares some methods. I marked this PR as blocked because it should be merged after #22854. ![grafik](https://user-images.githubusercontent.com/1666336/223806549-d8784fd9-9d79-46a2-9ae2-f038594f636a.png)
* Bump golang deps (#24533)techknowlogick2023-05-051-70/+79
|
* Remove unused zapx replace statement on go.mod (#24515)Lunny Xiao2023-05-041-2/+0
| | | | | Fix #23617 Co-authored-by: Giteabot <teabot@gitea.io>
* Add ntlm authentication support for mail (#23811)木木田2023-05-021-1/+1
| | | | | | | | | Add ntlm authentication support for mail use "github.com/Azure/go-ntlmssp" --------- Co-authored-by: yangtan_win <YangTan@Fitsco.com.cn> Co-authored-by: silverwind <me@silverwind.io>
* Add Debian package registry (#24426)KN4CK3R2023-05-021-1/+2
| | | | | | | | | | | | | | | | | | | | | | | | Co-authored-by: @awkwardbunny This PR adds a Debian package registry. You can follow [this tutorial](https://www.baeldung.com/linux/create-debian-package) to build a *.deb package for testing. Source packages are not supported at the moment and I did not find documentation of the architecture "all" and how these packages should be treated. ![grafik](https://user-images.githubusercontent.com/1666336/218126879-eb80a866-775c-4c8e-8529-5797203a64e6.png) Part of #20751. Revised copy of #22854. --------- Co-authored-by: Brian Hong <brian@hongs.me> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Giteabot <teabot@gitea.io>
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-06 07:47:09 +0000