summaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* don't try to interpret treepath as hash (#17272)Norwin2021-10-081-1/+1
| | | | | | | | | | | | | ...when path contains no hash-path-separator ('/') This is a workaround to #17179. Entering this case when `path` does not contain a '/' does not really make sense, as that means the tree path is empty, but this case is only entered for routes that expect a non-empty tree path. Treepaths like <40-char-dirname>/<filename> will still fail, but hopefully don't occur that often. A more complete fix that avoids this case too is outlined in #17185, but too big of a change to backport
* API pull's head/base have correct permission(#17214) (#17245)pricly-yellow2021-10-073-18/+30
| | | | | | | | | | | | | | | | | | | * for all pull requests API return permissions of caller * for all webhook return empty permissions Signed-off-by: Danila Kryukov <pricly_yellow@dismail.de> * Fix incorrect error handler Co-authored-by: delvh <dev.lh@web.de> * Fix wrong assumption in tests * Change paramenter name to doer to indicate source Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: 6543 <6543@obermui.de>
* Fix bug of get context user (#17169) (#17172)Lunny Xiao2021-09-281-0/+11
| | | Co-authored-by: 6543 <6543@obermui.de>
* Nicely handle missing user in collaborations (#17049) (#17166)zeripath2021-09-281-217/+132
| | | | | | | | | | | | | | | | | Backport #17049 It is possible to have a collaboration in a repository which refers to a no-longer existing user. This causes the repository transfer to fail with an unusual error. This PR makes `repo.getCollaborators()` nicely handle the missing user by ghosting the collaboration but also adds consistency check. It also adds an Access consistency check. Fix #17044 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
* Create doctor command to fix repo_units broken by dumps from 1.14.3-1.14.6 ↵zeripath2021-09-272-0/+588
| | | | | | | | | | | | | | | | | | (#17136) (#17137) Backport #17136 There was a serious issue with the `gitea dump` command in 1.14.3-1.14.6 which led to corruption of the `config` field of the `repo_unit` table. This PR adds a doctor command to attempt to fix the broken repo_units. Users affected by #16961 should run: ``` gitea doctor --fix --run fix-broken-repo-units ``` Fix #16961 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent panic in Org mode HighlightCodeBlock (#17140) (#17141)zeripath2021-09-243-12/+46
| | | | | | | | | | | | | Backport #17140 When rendering source in org mode there is a mistake in the highlight code that causes a panic. This PR fixes this. Fix #17139 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add caller to cat-file batch calls (#17082) (#17089)zeripath2021-09-201-2/+21
| | | | | | | | | | | Some people still appear to report unclosed cat-files. This PR simply adds the caller to the process descriptor for the CatFileBatch and CatFileBatchCheck calls. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix bug of migrate comments which only fetch one page (#17055) (#17058)Lunny Xiao2021-09-151-2/+7
| | | | | | | | | * Fix bug of migrate comments which only fetch one page * add next page to trace Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Do not show issue context popup on external issues (#17050) (#17054)zeripath2021-09-153-4/+11
| | | | | | | | | | Backport #17050 The issues pop-up context cannot work for external issues - therefore do not show these. Fix #17047 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Correctly rollback in ForkRepository (#17034) (#17045)zeripath2021-09-151-16/+39
| | | | | | | | | | | | | | | | | Backport #17034 The rollback functionality in services/repository/repository.go:ForkRepository is incorrect and could lead to a deadlock as it uses DeleteRepository to delete the rolled-back repository - a function which creates its own transaction. This PR adjusts the rollback function to only use RemoveAll as any database changes will be automatically rolled-back. It also handles panics and adjusts the Close within WithTx to ensure that if there is a panic the session will always be closed. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Decrement Fork Num when converting from Fork (#17035) (#17046)zeripath2021-09-151-0/+31
| | | | | | | | | | Backport #17035 When converting repositories from forks to normal the root NumFork needs to be decremented too. Fix #17026 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix missing close in WalkGitLog (#17008) (#17009)zeripath2021-09-101-7/+16
| | | | | | | | | | | | | | | | | | | | Backport #17008 When the external context is cancelled it is possible for the GitLogReader to not itself be Closed. This PR does three things: 1. Instead of adding a plain defer it wraps the `g.Close` in a func as `g` may change. 2. It adds the missing explicit g.Close - although the defer fix makes this unnecessary. 3. It passes down the external context as the base context for the GitLogReader meaning that the cancellation of the external context will pass down automatically. Fix #17007 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix bug of migrated repository not index (#16991) (#16996)65432021-09-091-3/+2
| | | | | Fix #16986, #16152 Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix storage Iterate bug and Add storage doctor to delete garbage attachments ↵Lunny Xiao2021-09-072-2/+78
| | | | | | | | | (#16971) (#16977) * Fix storage Iterate bug and Add storage doctor to delete garbage attachments * Close object when used
* Close storage objects before cleaning (#16934) (#16942)zeripath2021-09-031-0/+1
| | | | | | | | | | | | | Backport #16934 Storage.Iterate provides the path and an open object. On windows using local storage means that the objects will be locked thus preventing clean from deleting them. This PR simply closes the objects early. Fix #16932 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Ignore review comment when ref commit is missed (#16905) (#16919)Lunny Xiao2021-09-021-1/+2
| | | backport #16905
* Gitlab Migrator: dont ignore reactions of last request (#16903) (#16913)zeripath2021-09-011-6/+12
| | | | | | | Backport #16903 Fix bug related to early breaking when migrating reactions. Co-authored-by: 6543 <6543@obermui.de>
* Fix dump and restore respository (#16698) (#16898)Lunny Xiao2021-08-313-2/+10
| | | | | | | | | | * Fix dump and restore * return different error message for get commit * Fix missing delete release attachment when deleting repository * Fix ci and add some comments back port #16698 Co-authored-by: zeripath <art27@cantab.net>
* Fix git.Blob.DataAsync(): close pipe since we return a NopCloser (#16899) ↵65432021-08-311-4/+2
| | | | | | | | | (#16900) * make sure headGitRepo is closed on err too * refactor * Fix git.Blob.DataAsync(): exec cancel since we already read all bytes (close pipe since we return a NopCloser) Co-authored-by: zeripath <art27@cantab.net>
* Simplify split diff view generation and remove JS dependency (#16775) (#16863)zeripath2021-08-301-0/+3
| | | | | | | | | | | | | Backport #16775 Gitea has relied on some slow JS code to match up added and deleted lines on the diff pages. This can cause a considerable slow down on large diff pages. This PR makes a small change meaning that the matching up can occur much more simply. Partial fix #1351 Signed-off-by: Andrew Thornton <art27@cantab.net>
* In Render tolerate not being passed a context (#16842) (#16858)65432021-08-291-1/+7
| | | | | | | | | | | | | | | | | | | * In Render tolerate not being passed a context It is possible for RenderString to be passed to an external renderer if markdown is set to be rendered by an external renderer. No context is currently sent to these meaning that this will error out. Fix #16835 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add Context to Repo calls for RenderString All calls from routers can easily add the context - so add it. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Report the correct number of pushes on the feeds (#16811) (#16822)techknowlogick2021-08-262-1/+14
| | | | | | | | | | | | | | | | | | * Report the correct number of pushes on the feeds Since the number of commits in the Action table has been limited to 5 the number of commits reported on the feeds page is now incorrectly also limited to 5. The correct number is available as the Len and this PR changes this to report this. Fix #16804 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update templates/user/dashboard/feeds.tmpl Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: zeripath <art27@cantab.net>
* Prevent NPE on empty commit (#16812) (#16819)zeripath2021-08-251-0/+3
| | | | | | | | | Backport #16812 Handle completely empty commit as the first commit to a repository. Fix #16668 Signed-off-by: Andrew Thornton art27@cantab.net
* Ensure empty lines are copiable and final new line too (#16678) (#16692)zeripath2021-08-152-0/+116
| | | | | | | | | | Backport #16678 When files are highlighted the newline character needs to be added in a whitespace compliant mode. Also ensure the final empty newline is rendered. Fix #16434 Signed-off-by: Andrew Thornton <art27@cantab.net>
* If PatchURL is empty, skip pull patch download when migrating (Partial ↵65432021-08-131-0/+3
| | | | | | | #16356) (#16681) Partial backport #16356 Whilst looking at adding migration support for onedev it has become apparent that gitea would attempt to pull patches on other migration targets even if that PatchURL was empty.
* Update issue_index to finish migration (#16685) (#16687)65432021-08-131-0/+5
| | | | | * update issue_index to finish migration * One Func to RecalculateIssueIndexForRepo
* Fix NPE in fuzzer (#16680) (#16682)65432021-08-132-1/+17
| | | | | | | | | The fuzzer found an issue with the issue pattern processor where there is a spurious path.Clean which does not need to be there. This PR also sets the default AppURL for the fuzzer too. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: zeripath <art27@cantab.net>
* Change the implementation of the go-git version of GetNote to mirror the non ↵nitul19912021-08-092-0/+15
| | | | | | | go-git version when passed a non-existent commit (#16658) (#16659) Backport #16658 Fixes #16657
* Pass down SignedUserName down to AccessLogger context (#16605) (#16616)zeripath2021-08-043-4/+28
| | | | | | | | | | | | | | | | Backport #16605 Unfortunately when the AccessLogger was moved back before the contexters the SignedUserName reporting was lost. This is due to Request.WithContext leading to a shallow copy of the Request and the modules/context/Context being within that request. This PR adds a new context variable of a string pointer which is set and handled in the contexters. Fix #16600 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix table alignment in markdown (#16596) (#16602)zeripath2021-08-041-1/+3
| | | | | | | | | | Backport #16596 Set the TableOptions in markdown to allow alignment of the tables to work correctly Fix #15959 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Lock goth/gothic and Re-attempt OAuth2 registration on login if registration ↵zeripath2021-07-291-0/+21
| | | | | | | | | | | | | | | | | | | | failed at startup (#16570) Backport #16564 This PR has two parts: * Add locking to goth and gothic calls with a RWMutex The goth and gothic calls are currently unlocked and thus are a cause of multiple potential races * Reattempt OAuth2 registration on login if registration failed If OAuth2 registration fails at startup we currently disable the login_source however an alternative approach could be to reattempt registration on login attempt. Fix #16096 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Handle too long PR titles correctly (#16517) (#16549)zeripath2021-07-261-0/+35
| | | | | | | | | | | | | | | | Backport #16517 The CompareAndPullRequestPost handler for POST to /compare incorrectly handles returning errors to the user. For a start it does not set the necessary markers to switch SimpleMDE but it also does not immediately return to the form. This PR fixes this by setting the appropriate values, fixing the templates and preventing the suggestion of a too long title. Fix #16507 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Switch to maintained jwt lib (#16532) (#16533)zeripath2021-07-242-2/+3
| | | | | Backport #16532 Co-authored-by: Matti R <matti@mdranta.net>
* Restore creation of git-daemon-export-ok files (#16508) (#16514)zeripath2021-07-221-0/+73
| | | | | | | | | | | | | | | Backport #16508 Somewhere along the line the creation of git-daemon-export-ok files disappeared but the updating of these files when repo visibility changes remained. The problem is that the current state will create files even when the org or user is private. This PR restores creation correctly. Fix #15521 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix data race in bleve indexer (#16474) (#16509)65432021-07-223-6/+69
| | | | | * Fix data race in bleve indexer Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Restore CORS on git smart http protocol (#16496) (#16506)zeripath2021-07-211-0/+20
| | | | | | | | | | | | | | | | | | | Backport #16496 Unfortunately the chi changes have resulted in the CORS headers for the git smart http protocol going missing. This is mostly because the OPTIONS method is not being handled by httpBase anymore. This PR adds a GetOptions, PostOptions and Options methods to web handler to allow OPTIONS method requests to still reach the httpBase function. Fix #16350 Close #16491 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix race in log (#16490) (#16505)zeripath2021-07-212-27/+30
| | | | | | | | | Backport #16490 A race has been detected in #1441 relating to getting log levels. This PR protects the GetLevel and GetStacktraceLevel calls with a RW mutex. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add TestPrepareWikiFileName (#16487) (#16498)65432021-07-211-0/+21
| | | | | | | | | * Add TestPrepareWikiFileName * use LsTree as LsFiles is index only * ajust other tests Co-authored-by: Andrew Thornton <art27@cantab.net>
* Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to ↵zeripath2021-07-202-2/+34
| | | | | | | | | | | end (#16479) (#16480) * Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) Fix #16427 (again!) * handle sharing violation error code Signed-off-by: Andrew Thornton <art27@cantab.net>
* Retry rename on lock induced failures (re-fix) (#16461) (#16462)zeripath2021-07-161-1/+1
| | | | | | | | | | Backport #16461 Unfortunately #16435 asserts the wrong error and should use os.LinkError not os.PathError. Fix #16439 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Retry rename on lock induced failures (#16435)zeripath2021-07-153-3/+30
| | | | | | | | | | | | | | | | | | * Retry rename on lock induced failures Due to external locking on Windows it is possible for an os.Rename to fail if the files or directories are being used elsewhere. This PR simply suggests retrying the rename again similar to how we handle the os.Remove problems. Fix #16427 Signed-off-by: Andrew Thornton <art27@cantab.net> * resolve CI fail Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Second attempt at preventing zombies (#16326)zeripath2021-07-149-48/+82
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Second attempt at preventing zombies * Ensure that the pipes are closed in ssh.go * Ensure that a cancellable context is passed up in cmd/* http requests * Make cmd.fail return properly so defers are obeyed * Ensure that something is sent to stdout in case of blocks here Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 2 Signed-off-by: Andrew Thornton <art27@cantab.net> * placate lint 3 Signed-off-by: Andrew Thornton <art27@cantab.net> * fixup Signed-off-by: Andrew Thornton <art27@cantab.net> * Apply suggestions from code review Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: Lauris BH <lauris@nix.lv>
* Support HTTP/2 in Let's Encrypt (#16371)Stanley Hu2021-07-131-1/+1
| | | | | Modify the tlsConfig.NextProtos for Let's Encrypt and built-in HTTPS server in order to support HTTP/2. Co-authored-by: 6543 <6543@obermui.de>
* Add option to provide signature for a token to verify key ownership (#14054)zeripath2021-07-132-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add option to provide signed token to verify key ownership Currently we will only allow a key to be matched to a user if it matches an activated email address. This PR provides a different mechanism - if the user provides a signature for automatically generated token (based on the timestamp, user creation time, user ID, username and primary email. * Ensure verified keys can act for all active emails for the user * Add code to mark keys as verified * Slight UI adjustments * Slight UI adjustments 2 * Simplify signature verification slightly * fix postgres test * add api routes * handle swapped primary-keys * Verify the no-reply address for verified keys * Only add email addresses that are activated to keys * Fix committer shortcut properly * Restructure gpg_keys.go * Use common Verification Token code Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix archive error when rename repo or user (#16399)Lunny Xiao2021-07-133-1/+28
| | | Use repo id instead of full name to generate archive path
* Add checkbox to delete pull branch after successful merge (#16049)Jimmy Praet2021-07-131-0/+2
| | | | | | | | | | | | | | | | | | | | | | | * Add checkbox to delete pull branch after successful merge * Omit DeleteBranchAfterMerge field in json * Log a warning instead of error when PR head branch deleted * Add DefaultDeleteBranchAfterMerge to PullRequestConfig * Add support for delete_branch_after_merge via API * Fix for API: the branch should be deleted from the HEAD repo If head and base repo are the same, reuse the already opened ctx.Repo.GitRepo * Don't delegate to CleanupBranch, only reuse branch deletion code CleanupBranch contains too much logic that has already been performed by the Merge * Reuse gitrepo in MergePullRequest Co-authored-by: Andrew Thornton <art27@cantab.net>
* Fix external renderer (#16401)65432021-07-121-0/+4
| | | | | | | | | * fix external renderer * use GBackground context as fallback * no fallback, return error Co-authored-by: Lauris BH <lauris@nix.lv>
* Add LRU mem cache implementation (#16226)zeripath2021-07-102-1/+210
| | | | | | | | | | | | | | The current default memory cache implementation is unbounded in size and number of objects cached. This is hardly ideal. This PR proposes creating a TwoQueue LRU cache as the underlying cache for Gitea. The cache is limited by the number of objects stored in the cache (rather than size) for simplicity. The default number of objects is 50000 - which is perhaps too small as most of our objects cached are going to be much less than 1kB. It may be worth considering using a different LRU implementation that actively limits sizes or avoids GC - however, this is just a beginning implementation. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update bluemonday to v1.0.15 (#16379)65432021-07-091-3/+3
| | | | | | | * update github.com/microcosm-cc/bluemonday * add exec flag to contrib/update_dependencies.sh * Fix TESTS
* Redirect on bad CSRF instead of presenting bad page (#14937)zeripath2021-07-081-4/+19
| | | | | | The current CSRF handler is a bit harsh with bad CSRF tokens on webpages I think we can be a little kinder and redirect to base page with a flash error Signed-off-by: Andrew Thornton <art27@cantab.net>
generated by cgit v1.2.3 (git 2.39.1) at 2025-08-16 00:18:58 +0000