aboutsummaryrefslogtreecommitdiffstats
path: root/go.sum
Commit message (Collapse)AuthorAgeFilesLines
* Support changing labels of Actions runner without re-registration (#24806)sillyguodong2023-06-131-2/+2
| | | | | | | | | | | | | | | | | | | close #24540 related: - Protocol: https://gitea.com/gitea/actions-proto-def/pulls/9 - Runner side: https://gitea.com/gitea/act_runner/pulls/201 changes: - Add column of `labels` to table `action_runner`, and combine the value of `agent_labels` and `custom_labels` column to `labels` column. - Store `labels` when registering `act_runner`. - Update `labels` when `act_runner` starting and calling `Declare`. - Users cannot modify the `custom labels` in edit page any more. other changes: - Store `version` when registering `act_runner`. - If runner is latest version, parse version from `Declare`. But older version runner still parse version from request header.
* Update github.com/google/go-github to v53 (#25157)Yevhen Pavlov2023-06-091-2/+2
| | | | | | The new `go-github` version [53](https://github.com/google/go-github/releases/tag/v53.0.0) has been released.
* Update github.com/google/go-github to v52 (#24004)65432023-05-311-8/+10
| | | | | | | | | | based on https://github.com/google/go-github/pull/2743 because of https://github.com/go-gitea/gitea/pull/23946#discussion_r1160317554 --------- Co-authored-by: silverwind <me@silverwind.io>
* Allow all URL schemes in Markdown links by default (#24805)Yarden Shoham2023-05-191-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | - Closes #21146 - Closes #16721 ## :warning: BREAKING :warning: This changes the default behavior to now create links for any URL scheme when the user uses the markdown form for links (`[label](URL)`), this doesn't affect the rendering of inline links. To opt-out set the `markdown.CUSTOM_URL_SCHEMES` setting to a list of allowed schemes, all other schemes (except `http` and `https`) won't be allowed. # Before ![image](https://github.com/go-gitea/gitea/assets/20454870/35fa18ce-7dda-4995-b5b3-3f360f38296d) # After ![image](https://github.com/go-gitea/gitea/assets/20454870/0922216b-0b35-4b77-9919-21a5c21dd5d0) --------- Signed-off-by: Yarden Shoham <git@yardenshoham.com> Co-authored-by: Giteabot <teabot@gitea.io>
* Add RPM registry (#23380)KN4CK3R2023-05-051-0/+8
| | | | | | | | | | | | | | | Fixes #20751 This PR adds a RPM package registry. You can follow [this tutorial](https://opensource.com/article/18/9/how-build-rpm-packages) to build a *.rpm package for testing. This functionality is similar to the Debian registry (#22854) and therefore shares some methods. I marked this PR as blocked because it should be merged after #22854. ![grafik](https://user-images.githubusercontent.com/1666336/223806549-d8784fd9-9d79-46a2-9ae2-f038594f636a.png)
* Bump golang deps (#24533)techknowlogick2023-05-051-190/+183
|
* Add Debian package registry (#24426)KN4CK3R2023-05-021-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | Co-authored-by: @awkwardbunny This PR adds a Debian package registry. You can follow [this tutorial](https://www.baeldung.com/linux/create-debian-package) to build a *.deb package for testing. Source packages are not supported at the moment and I did not find documentation of the architecture "all" and how these packages should be treated. ![grafik](https://user-images.githubusercontent.com/1666336/218126879-eb80a866-775c-4c8e-8529-5797203a64e6.png) Part of #20751. Revised copy of #22854. --------- Co-authored-by: Brian Hong <brian@hongs.me> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Giteabot <teabot@gitea.io>
* Revert "Add Debian package registry" (#24412)Yarden Shoham2023-04-281-2/+0
| | | Reverts go-gitea/gitea#22854
* Add Debian package registry (#22854)KN4CK3R2023-04-281-0/+2
| | | | | | | | | | | | | | Co-authored-by: @awkwardbunny This PR adds a Debian package registry. You can follow [this tutorial](https://www.baeldung.com/linux/create-debian-package) to build a *.deb package for testing. Source packages are not supported at the moment and I did not find documentation of the architecture "all" and how these packages should be treated. --------- Co-authored-by: Brian Hong <brian@hongs.me> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Upgrade act (#24298)Zettat1232023-04-241-2/+2
|
* Support upload `outputs` and use `needs` context on Actions (#24230)Jason Song2023-04-221-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | See [Defining outputs for jobs](https://docs.github.com/en/actions/using-jobs/defining-outputs-for-jobs) and [Example usage of the needs context](https://docs.github.com/en/actions/learn-github-actions/contexts#example-usage-of-the-needs-context). Related to: - [actions-proto-def #5](https://gitea.com/gitea/actions-proto-def/pulls/5) - [act_runner #133](https://gitea.com/gitea/act_runner/pulls/133) <details> <summary>Tests & screenshots</summary> Test workflow file: ```yaml name: outputs on: push jobs: job1: runs-on: ubuntu-latest outputs: output1: ${{ steps.step1.outputs.output1 }} output2: ${{ steps.step2.outputs.output2 }} steps: - name: step1 id: step1 run: | date -Is > output1 cat output1 echo "output1=$(cat output1)" >> $GITHUB_OUTPUT - name: step2 id: step2 run: | cat /proc/sys/kernel/random/uuid > output2 cat output2 echo "output2=$(cat output2)" >> $GITHUB_OUTPUT job2: needs: job1 runs-on: ubuntu-latest steps: - run: echo ${{ needs.job1.outputs.output1 }} - run: echo ${{ needs.job1.outputs.output2 }} - run: echo ${{ needs.job1.result }} ``` <img width="397" alt="image" src="https://user-images.githubusercontent.com/9418365/233313322-903e7ebf-49a7-48e2-8c17-95a4581b3284.png"> <img width="385" alt="image" src="https://user-images.githubusercontent.com/9418365/233313442-30909135-1711-4b78-a5c6-133fcc79f47c.png"> </details> --------- Co-authored-by: Giteabot <teabot@gitea.io>
* Allow `webp` images as avatars (#24248)JakobDev2023-04-211-2/+8
| | | | | | | | | Users can now upload `webp` images. Browsers supporting webp images then display this as the avatar of this user (every major browser except IE). --------- Co-authored-by: silverwind <me@silverwind.io>
* Update redis library to support redis v7 (#24114)techknowlogick2023-04-131-2/+15
|
* Update github.com/google/go-github to v51 (#23946)harryzcy2023-04-081-10/+10
| | | | `github.com/google/go-github` has new major version releases frequently. It is required to update all import path, in additional to `go.mod`
* Drop "unrolled/render" package (#23965)wxiaoguang2023-04-081-2/+0
| | | | | | | | | | | | None of the features of `unrolled/render` package is used. The Golang builtin "html/template" just works well. Then we can improve our HTML render to resolve the "$.root.locale.Tr" problem as much as possible. Next step: we can have a template render pool (by Clone), then we can inject global functions with dynamic context to every `Execute` calls. Then we can use `{{Locale.Tr ....}}` directly in all templates , no need to pass the `$.root.locale` again and again.
* Do not crash when parsing an invalid workflow file (#23972)Jason Song2023-04-071-2/+2
| | | | | Fix #23658. Related to https://gitea.com/gitea/act/pulls/39
* Fix checks for `needs` in Actions (#23789)Jason Song2023-03-301-2/+2
| | | | | | | | | | | | | | | | | Fix: - https://gitea.com/gitea/act_runner/issues/77 - https://gitea.com/gitea/act_runner/issues/81 Before: <img width="1489" alt="image" src="https://user-images.githubusercontent.com/9418365/228501567-f752cf87-a7ed-42c6-8f3d-ba741795c1fe.png"> Highlights: - Upgrade act to make things doable, related to - https://gitea.com/gitea/act/pulls/32 - https://gitea.com/gitea/act/pulls/33 - https://gitea.com/gitea/act/pulls/35 - Make `needs` works - Sort jobs in the original order in the workflow files
* Add meilisearch support (#23136)techknowlogick2023-03-281-2/+24
| | | | | Add meilisearch support Fixes #20665
* Update act (#23512)Jason Song2023-03-161-10/+8
| | | | | | | | | | | | | | | | | | | | | | Update replace: ```diff - replace github.com/nektos/act => gitea.com/gitea/act v0.234.2-0.20230131074955-e46ede1b1744 + replace github.com/nektos/act => gitea.com/gitea/act v0.243.1 ``` Update require: ```diff - github.com/nektos/act v0.0.0 + github.com/nektos/act v0.2.43 ``` Actually, `v0.2.43` doesn't work, it will be replaced by `gitea/act`, so it's OK to put any version here. But `gitea/act` is based on `nektos/act`, so keeping the right upstream version will make security dependabot help. BTW, the [security report](https://github.com/go-gitea/gitea/security/dependabot/20) is false positive, we don't use the artifact server in act, see #22738.
* Update go.mod dependencies (#23126)zeripath2023-02-241-287/+96
| | | | | | | | | | | | | | This PR does a bulk update of a lot of our go deps. I have not included nektos/act and xorm for the following reasons: * Xorm updates can sometimes be complex and I'd rather do that in a separate PR * I think people more update with the actions code should double check that the latest nektos/act library works correctly. --------- Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Bump go.etcd.io/bbolt and blevesearch deps (#23062)WÁNG Xuěruì2023-02-241-13/+10
| | | | | | | | This notably brings support for GOARCH=loong64, among other fixes. --------- Signed-off-by: WANG Xuerui <xen0n@gentoo.org> Co-authored-by: zeripath <art27@cantab.net>
* Remove all package data after tests (#22984)KN4CK3R2023-02-231-2/+2
| | | | | | | | Fixes #21020 --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Bump golang.org/x/net from 0.4.0 to 0.7.0 (#22980)dependabot[bot]2023-02-201-6/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Bumps [golang.org/x/net](https://github.com/golang/net) from 0.4.0 to 0.7.0. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/golang/net/commit/8e2b117aee74f6b86c207a808b0255de45c0a18a"><code>8e2b117</code></a> http2/hpack: avoid quadratic complexity in hpack decoding</li> <li><a href="https://github.com/golang/net/commit/547e7edf3873d6f3a9c093d3785f9e2289e00746"><code>547e7ed</code></a> http2: avoid referencing ResponseWrite.Write parameter after returning</li> <li><a href="https://github.com/golang/net/commit/39940adcaaa73e661124cb80fb8dd57ea929dbaf"><code>39940ad</code></a> html: parse comments per HTML spec</li> <li><a href="https://github.com/golang/net/commit/87ce33ecb484cbb6bcfc8e506ce0330ef72e0847"><code>87ce33e</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/net/commit/415cb6d518e71d202e2dc2f44c475cbff84eee72"><code>415cb6d</code></a> all: fix some comments</li> <li><a href="https://github.com/golang/net/commit/7e3c19ca52e202ae203b1914fc00c8e47a4d72fa"><code>7e3c19c</code></a> all: correct typos in comments</li> <li><a href="https://github.com/golang/net/commit/296f09aa3817abc1ddff7703799bf9babb7bbd16"><code>296f09a</code></a> http2: case insensitive handling for 100-continue</li> <li><a href="https://github.com/golang/net/commit/f8411da775a685be247bbedcb3ed2c998f895cd2"><code>f8411da</code></a> nettest: fix tests on dragonfly and js/wasm</li> <li><a href="https://github.com/golang/net/commit/8e0e7d8d38f2b6d21d742845570dde2902d06a1d"><code>8e0e7d8</code></a> go.mod: update golang.org/x dependencies</li> <li><a href="https://github.com/golang/net/commit/7805fdc37dc2b54b28b9d621030e14dcf1dab67c"><code>7805fdc</code></a> http2: rewrite inbound flow control tracking</li> <li>Additional commits viewable in <a href="https://github.com/golang/net/compare/v0.4.0...v0.7.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=golang.org/x/net&package-manager=go_modules&previous-version=0.4.0&new-version=0.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: delvh <leon@kske.dev> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Use import of OCI structs (#22765)KN4CK3R2023-02-061-0/+4
| | | | | | Fixes #22758 Otherwise we would need to rewrite the structs in `oci.go`.
* Add more events details supports for actions (#22680)Lunny Xiao2023-02-011-2/+2
| | | | | | | | | | | | | | | #21937 implemented only basic events based on name because of `act`'s limitation. So I sent a PR to parse all possible events details in https://gitea.com/gitea/act/pulls/11 and it merged. The ref documentation is https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows This PR depends on that and make more detail responses for `push` events and `pull_request` events. And it lefts more events there for future PRs. --------- Co-authored-by: Jason Song <i@wolfogre.com>
* Implement actions (#21937)Jason Song2023-01-311-2/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Close #13539. Co-authored by: @lunny @appleboy @fuxiaohei and others. Related projects: - https://gitea.com/gitea/actions-proto-def - https://gitea.com/gitea/actions-proto-go - https://gitea.com/gitea/act - https://gitea.com/gitea/act_runner ### Summary The target of this PR is to bring a basic implementation of "Actions", an internal CI/CD system of Gitea. That means even though it has been merged, the state of the feature is **EXPERIMENTAL**, and please note that: - It is disabled by default; - It shouldn't be used in a production environment currently; - It shouldn't be used in a public Gitea instance currently; - Breaking changes may be made before it's stable. **Please comment on #13539 if you have any different product design ideas**, all decisions reached there will be adopted here. But in this PR, we don't talk about **naming, feature-creep or alternatives**. ### ⚠️ Breaking `gitea-actions` will become a reserved user name. If a user with the name already exists in the database, it is recommended to rename it. ### Some important reviews - What is `DEFAULT_ACTIONS_URL` in `app.ini` for? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1055954954 - Why the api for runners is not under the normal `/api/v1` prefix? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061173592 - Why DBFS? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1061301178 - Why ignore events triggered by `gitea-actions` bot? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1063254103 - Why there's no permission control for actions? - https://github.com/go-gitea/gitea/pull/21937#discussion_r1090229868 ### What it looks like <details> #### Manage runners <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205870657-c72f590e-2e08-4cd4-be7f-2e0abb299bbf.png"> #### List runs <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205872794-50fde990-2b45-48c1-a178-908e4ec5b627.png"> #### View logs <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205872501-9b7b9000-9542-4991-8f55-18ccdada77c3.png"> </details> ### How to try it <details> #### 1. Start Gitea Clone this branch and [install from source](https://docs.gitea.io/en-us/install-from-source). Add additional configurations in `app.ini` to enable Actions: ```ini [actions] ENABLED = true ``` Start it. If all is well, you'll see the management page of runners: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205877365-8e30a780-9b10-4154-b3e8-ee6c3cb35a59.png"> #### 2. Start runner Clone the [act_runner](https://gitea.com/gitea/act_runner), and follow the [README](https://gitea.com/gitea/act_runner/src/branch/main/README.md) to start it. If all is well, you'll see a new runner has been added: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205878000-216f5937-e696-470d-b66c-8473987d91c3.png"> #### 3. Enable actions for a repo Create a new repo or open an existing one, check the `Actions` checkbox in settings and submit. <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205879705-53e09208-73c0-4b3e-a123-2dcf9aba4b9c.png"> <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205879383-23f3d08f-1a85-41dd-a8b3-54e2ee6453e8.png"> If all is well, you'll see a new tab "Actions": <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205881648-a8072d8c-5803-4d76-b8a8-9b2fb49516c1.png"> #### 4. Upload workflow files Upload some workflow files to `.gitea/workflows/xxx.yaml`, you can follow the [quickstart](https://docs.github.com/en/actions/quickstart) of GitHub Actions. Yes, Gitea Actions is compatible with GitHub Actions in most cases, you can use the same demo: ```yaml name: GitHub Actions Demo run-name: ${{ github.actor }} is testing out GitHub Actions 🚀 on: [push] jobs: Explore-GitHub-Actions: runs-on: ubuntu-latest steps: - run: echo "🎉 The job was automatically triggered by a ${{ github.event_name }} event." - run: echo "🐧 This job is now running on a ${{ runner.os }} server hosted by GitHub!" - run: echo "🔎 The name of your branch is ${{ github.ref }} and your repository is ${{ github.repository }}." - name: Check out repository code uses: actions/checkout@v3 - run: echo "💡 The ${{ github.repository }} repository has been cloned to the runner." - run: echo "🖥️ The workflow is now ready to test your code on the runner." - name: List files in the repository run: | ls ${{ github.workspace }} - run: echo "🍏 This job's status is ${{ job.status }}." ``` If all is well, you'll see a new run in `Actions` tab: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205884473-79a874bc-171b-4aaf-acd5-0241a45c3b53.png"> #### 5. Check the logs of jobs Click a run and you'll see the logs: <img width="1792" alt="image" src="https://user-images.githubusercontent.com/9418365/205884800-994b0374-67f7-48ff-be9a-4c53f3141547.png"> #### 6. Go on You can try more examples in [the documents](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions) of GitHub Actions, then you might find a lot of bugs. Come on, PRs are welcome. </details> See also: [Feature Preview: Gitea Actions](https://blog.gitea.io/2022/12/feature-preview-gitea-actions/) --------- Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: ChristopherHX <christopher.homberger@web.de> Co-authored-by: John Olheiser <john.olheiser@gmail.com>
* Consume hcaptcha and pwn deps (#22610)John Olheiser2023-01-291-4/+0
| | | | | | | | | | | This PR just consumes the [hcaptcha](https://gitea.com/jolheiser/hcaptcha) and [haveibeenpwned](https://gitea.com/jolheiser/pwn) modules directly into Gitea. Also let this serve as a notice that I'm fine with transferring my license (which was already MIT) from my own name to "The Gitea Authors". Signed-off-by: jolheiser <john.olheiser@gmail.com>
* Add support for incoming emails (#22056)KN4CK3R2023-01-141-2/+22
| | | | | | | | | | | | | | | | | | | | | | | | | | | | closes #13585 fixes #9067 fixes #2386 ref #6226 ref #6219 fixes #745 This PR adds support to process incoming emails to perform actions. Currently I added handling of replies and unsubscribing from issues/pulls. In contrast to #13585 the IMAP IDLE command is used instead of polling which results (in my opinion 😉) in cleaner code. Procedure: - When sending an issue/pull reply email, a token is generated which is present in the Reply-To and References header. - IMAP IDLE waits until a new email arrives - The token tells which action should be performed A possible signature and/or reply gets stripped from the content. I added a new service to the drone pipeline to test the receiving of incoming mails. If we keep this in, we may test our outgoing emails too in future. Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Update golang deps (#22410)techknowlogick2023-01-121-107/+123
| | | | Note, hashicorp's LRU has been updated to v2 which supports generics but this was left out as it is a more involved upgrade.
* Replace deprecated Webauthn library (#22400)techknowlogick2023-01-111-388/+25
| | | | | Fix #22052 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Remove satori/go.uuid (#22375)Jason Song2023-01-091-1/+0
| | | | `github.com/satori/go.uuid` is no longer used, so the `replace` is not needed now
* Upgrade go-chi to v5.0.8 (#22304)Lunny Xiao2023-01-011-2/+2
|
* Update bleve and zapx to fix unaligned atomic (#22031)zeripath2022-12-211-25/+20
| | | | | | | | | | | | There is an unaligned atomic field in zapx 15.3.5 which should have been fixed in a subsequent patch This bug causes issues on 32bit builds. Update bleve and zapx to account for this. Fix #21957 Signed-off-by: Andrew Thornton <art27@cantab.net>
* verify nodeinfo response by schema (#22137)Meisam2022-12-171-0/+6
| | | | | | ... using [github.com/xeipuuv/gojsonschema](https://github.com/xeipuuv/gojsonschema) Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Update xorm (#22094)KN4CK3R2022-12-101-6/+6
|
* Update gitea-vet to check FSFE REUSE (#22004)Jason Song2022-12-021-2/+2
| | | | | | | | | | | | | Related to: - #21840 - https://gitea.com/gitea/gitea-vet/pulls/21 What it looks like when it's working: https://drone.gitea.io/go-gitea/gitea/64040/1/5 All available SPDX license identifiers: [SPDX License List](https://spdx.org/licenses/). Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Update chroma to v2.4.0 (#22000)silverwind2022-12-011-2/+4
| | | Did a few cursory tests, seems to work well.
* Upgrade golang.org/x/crypto (#21792)Gusted2022-11-121-9/+9
| | | | | | | | | - Update the crypto dependency to include https://github.com/golang/crypto/commit/6fad3dfc18918c2ac9c112e46b32473bd2e5e2f9 - Resolves #17798 Executed: `go get golang.org/x/crypto@6fad3dfc18918c2ac9c112e46b32473bd2e5e2f9 && rm go.sum && go mod tidy`
* Update binding to fix bugs (#21556)Lunny Xiao2022-10-231-2/+2
| | | Fix #19698
* Bump `golang.org/x/text` (#21412)Gusted2022-10-111-1/+2
| | | | | - Update the `golang.org/x/text` dependency, this fixes [a security issue](https://groups.google.com/g/golang-announce/c/-hjNw559_tE/m/KlGTfid5CAAJ).
* Update to go-enry v2.8.3 (#21360)Clark Boylan2022-10-061-2/+2
| | | | | | | | | | | | This fixes an issue with enry's isVendor() method being too greedy. This lead to gitea classifying unvendored code as vendored. The impact of this is fairly minimal, but our Gitea users did notice which led me to fixing this in go-enry. Some files will be tagged with a vendored flag in the UI. I think it also impacts the calculation of language statistics in the repo as vendored files are not incorporated into the stats. For more information on the issue see the go-enry bug: https://github.com/go-enry/go-enry/issues/135
* Update Golang deps (#21304)techknowlogick2022-10-011-68/+78
|
* Update bluemonday (#21281)65432022-09-271-3/+4
| | | | | https://github.com/microcosm-cc/bluemonday/releases/tag/v1.0.20 Co-authored-by: Lauris BH <lauris@nix.lv>
* Upgrade chroma to v2.3.0 (#21259)silverwind2022-09-261-7/+9
| | | | | | | | | | | | | The behaviour of `PreventSurroundingPre` has changed in https://github.com/alecthomas/chroma/pull/618 so that apparently it now causes line wrapper tags to be no longer emitted, but we need some form of indication to split the HTML into lines, so I did what https://github.com/yuin/goldmark-highlighting/pull/33 did and added the `nopWrapper`. Maybe there are more elegant solutions but for some reason, just splitting the HTML string on `\n` did not work. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Update a few go dependencies (#21022)zeripath2022-09-011-351/+291
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | There are a lot of go dependencies that appear old and we should update them. The following packages have been updated: * codeberg.org/gusted/mcaptcha * github.com/markbates/goth * github.com/buildkite/terminal-to-html * github.com/caddyserver/certmagic * github.com/denisenkom/go-mssqldb * github.com/duo-labs/webauthn * github.com/editorconfig/editorconfig-core-go/v2 * github.com/felixge/fgprof * github.com/gliderlabs/ssh * github.com/go-ap/activitypub * github.com/go-git/go-git/v5 * github.com/go-ldap/ldap/v3 * github.com/go-swagger/go-swagger * github.com/go-testfixtures/testfixtures/v3 * github.com/golang-jwt/jwt/v4 * github.com/klauspost/compress * github.com/lib/pq * gitea.com/lunny/dingtalk_webhook - instead of github.com * github.com/mattn/go-sqlite3 * github/matn/go-isatty * github.com/minio/minio-go/v7 * github.com/niklasfasching/go-org * github.com/prometheus/client_golang * github.com/stretchr/testify * github.com/unrolled/render * github.com/xanzy/go-gitlab * gopkg.in/ini.v1 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add support mCaptcha as captcha provider (#20458)Gusted2022-08-101-0/+2
| | | | | https://mcaptcha.org/ Co-authored-by: Felipe Leopoldo Sologuren Gutiérrez <fsologureng@users.noreply.github.com>
* Update lunny/levelqueue to prevent NPE when reads are performed after close ↵zeripath2022-07-291-2/+2
| | | | (#20534)
* update xorm.io/xorm v1.3.2-0.20220714055524-c3bce556200f (#20371)65432022-07-141-2/+2
| | | | | | | Xorm 1.3.2-0.20220714055524 contains a fix for interpreting db column sizes. Prior to this fix xorm would assume that the size of a column was within the range of an `int`. This is correct on 64bit machines where `int` is typical equivalent to `int64` however, on 32bit machines `int` tends to be `int32`. Unfortunately the size of a LONGTEXT field is actually `max_uint32`, thus using `strconv.Atoi` on these fields will fail and thus #20161 occurs on 32 bit arm. Xorm 1.3.2-0.20220714055524 changes this field to use int64 instead. Fix #20161
* Update goldmark (#20300)Gusted2022-07-091-2/+2
| | | | | Update goldmark to v1.4.13 to fix a issue with quotes after a empty list item(See https://github.com/yuin/goldmark/issues/313) and downstream issue https://codeberg.org/Codeberg/Community/issues/645
* Update Bluemonday to v1.0.19 (#20199)zeripath2022-07-011-7/+6
| | | | | | | | | | | The current version of bluemonday is double escaping attributes. This PR updates bluemonday to the version that fixes this. (See: microcosm-cc/bluemonday#143 ) Fix #19860 Signed-off-by: Andrew Thornton art27@cantab.net