summaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* Disable federation by default (#20045)Gusted2022-06-201-1/+1
|
* Respond with a 401 on git push when password isn't changed yet (#20026)Wim2022-06-191-0/+5
| | | | | | | | | | If the user-agent starts with git and user must change password but hasn't return a 401 with the message. It must be a 401, git doesn't seem to show the contents of the error message when we return a 403 Fixes #19090
* use quoted regexp instead of git fixed-value (#20029)wxiaoguang2022-06-192-2/+9
|
* User keypairs and HTTP signatures for ActivityPub federation using go-ap ↵Anthony Wang2022-06-197-1/+304
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#19133) * go.mod: add go-fed/{httpsig,activity/pub,activity/streams} dependency go get github.com/go-fed/activity/streams@master go get github.com/go-fed/activity/pub@master go get github.com/go-fed/httpsig@master * activitypub: implement /api/v1/activitypub/user/{username} (#14186) Return informations regarding a Person (as defined in ActivityStreams https://www.w3.org/TR/activitystreams-vocabulary/#dfn-person). Refs: https://github.com/go-gitea/gitea/issues/14186 Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: add the public key to Person (#14186) Refs: https://github.com/go-gitea/gitea/issues/14186 Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: go-fed conformant Clock instance Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: signing http client Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: implement the ReqSignature middleware Signed-off-by: Loïc Dachary <loic@dachary.org> * activitypub: hack_16834 Signed-off-by: Loïc Dachary <loic@dachary.org> * Fix CI checks-backend errors with go mod tidy Signed-off-by: Anthony Wang <ta180m@pm.me> * Change 2021 to 2022, properly format package imports Signed-off-by: Anthony Wang <ta180m@pm.me> * Run make fmt and make generate-swagger Signed-off-by: Anthony Wang <ta180m@pm.me> * Use Gitea JSON library, add assert for pkp Signed-off-by: Anthony Wang <ta180m@pm.me> * Run make fmt again, fix err var redeclaration Signed-off-by: Anthony Wang <ta180m@pm.me> * Remove LogSQL from ActivityPub person test Signed-off-by: Anthony Wang <ta180m@pm.me> * Assert if json.Unmarshal succeeds Signed-off-by: Anthony Wang <ta180m@pm.me> * Cleanup, handle invalid usernames for ActivityPub person GET request Signed-off-by: Anthony Wang <ta180m@pm.me> * Rename hack_16834 to user_settings Signed-off-by: Anthony Wang <ta180m@pm.me> * Use the httplib module instead of http for GET requests * Clean up whitespace with make fmt * Use time.RFC1123 and make the http.Client proxy-aware * Check if digest algo is supported in setting module * Clean up some variable declarations * Remove unneeded copy * Use system timezone instead of setting.DefaultUILocation * Use named constant for httpsigExpirationTime * Make pubKey IRI #main-key instead of /#main-key * Move /#main-key to #main-key in tests * Implemented Webfinger endpoint. * Add visible check. * Add user profile as alias. * Add actor IRI and remote interaction URL to WebFinger response * fmt * Fix lint errors * Use go-ap instead of go-fed * Run go mod tidy to fix missing modules in go.mod and go.sum * make fmt * Convert remaining code to go-ap * Clean up go.sum * Fix JSON unmarshall error * Fix CI errors by adding @context to Person() and making sure types match * Correctly decode JSON in api_activitypub_person_test.go * Force CI rerun * Fix TestActivityPubPersonInbox segfault * Fix lint error * Use @mariusor's suggestions for idiomatic go-ap usage * Correctly add inbox/outbox IRIs to person * Code cleanup * Remove another LogSQL from ActivityPub person test * Move httpsig algos slice to an init() function * Add actor IRI and remote interaction URL to WebFinger response * Update TestWebFinger to check for ActivityPub IRI in aliases * make fmt * Force CI rerun * WebFinger: Add CORS header and fix Href -> Template for remote interactions The CORS header is needed due to https://datatracker.ietf.org/doc/html/rfc7033#section-5 and fixes some Peertube <-> Gitea federation issues * make lint-backend * Make sure Person endpoint has Content-Type application/activity+json and includes PreferredUsername, URL, and Icon Setting the correct Content-Type is essential for federating with Mastodon * Use UTC instead of GMT * Rename pkey to pubKey * Make sure HTTP request Date in GMT * make fmt * dont drop err * Make sure API responses always refer to username in original case Copied from what I wrote on #19133 discussion: Handling username case is a very tricky issue and I've already encountered a Mastodon <-> Gitea federation bug due to Gitea considering Ta180m and ta180m to be the same user while Mastodon thinks they are two different users. I think the best way forward is for Gitea to only use the original case version of the username for federation so other AP software don't get confused. * Move httpsig algs constant slice to modules/setting/federation.go * Add new federation settings to app.example.ini and config-cheat-sheet * Return if marshalling error * Make sure Person IRIs are generated correctly This commit ensures that if the setting.AppURL is something like "http://127.0.0.1:42567" (like in the integration tests), a trailing slash will be added after that URL. * If httpsig verification fails, fix Host header and try again This fixes a very rare bug when Gitea and another AP server (confirmed to happen with Mastodon) are running on the same machine, Gitea fails to verify incoming HTTP signatures. This is because the other AP server creates the sig with the public Gitea domain as the Host. However, when Gitea receives the request, the Host header is instead localhost, so the signature verification fails. Manually changing the host header to the correct value and trying the veification again fixes the bug. * Revert "If httpsig verification fails, fix Host header and try again" This reverts commit f53e46c721a037c55facb9200106a6b491bf834c. The bug was actually caused by nginx messing up the Host header when reverse-proxying since I didn't have the line `proxy_set_header Host $host;` in my nginx config for Gitea. * Go back to using ap.IRI to generate inbox and outbox IRIs * use const for key values * Update routers/web/webfinger.go * Use ctx.JSON in Person response to make code cleaner * Revert "Use ctx.JSON in Person response to make code cleaner" This doesn't work because the ctx.JSON() function already sends the response out and it's too late to edit the headers. This reverts commit 95aad988975be3393c76094864ed6ba962157e0c. * Use activitypub.ActivityStreamsContentType for Person response Content Type * Limit maximum ActivityPub request and response sizes to a configurable setting * Move setting key constants to models/user/setting_keys.go * Fix failing ActivityPubPerson integration test by checking the correct field for username * Add a warning about changing settings that can break federation * Add better comments * Don't multiply Federation.MaxSize by 1<<20 twice * Add more better comments * Fix failing ActivityPubMissingPerson test We now use ctx.ContextUser so the message printed out when a user does not exist is slightly different * make generate-swagger For some reason I didn't realize that /templates/swagger/v1_json.tmpl was machine-generated by make generate-swagger... I've been editing it by hand for three months! 🤦 * Move getting the RFC 2616 time to a separate function * More code cleanup * Update go-ap to fix empty liked collection and removed unneeded HTTP headers * go mod tidy * Add ed25519 to httpsig algorithms * Use go-ap/jsonld to add @context and marshal JSON * Change Gitea user agent from the default to Gitea/Version * Use ctx.ServerError and remove all remote interaction code from webfinger.go
* Backtick table name in generic orphan check (#20019)Gusted2022-06-191-2/+2
|
* Return 404 when tag is broken (#20017)Wim2022-06-181-0/+4
| | | Fixes #19979
* Add dbconsistency checks for Stopwatches (#20010)zeripath2022-06-181-0/+6
| | | | | | | | | | It appears possible that stopwatches can become orphaned or have been orphaned in the past. This PR adds Orphan checks for Stopwatches. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* fix push mirrors URL are no longer displayed on the UI (#20011)Mohamed Sekour2022-06-181-3/+0
| | | | | | | | | | * fix push mirrors URL are no longer displayed on the UI Signed-off-by: Mohamed Sekour <mohamed.sekour@exfo.com> * Update modules/templates/helper.go Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Empty log queue on flush and close (#19994)zeripath2022-06-181-0/+39
| | | | | | | | | | | | | | | | | | | * Empty log queue on flush and close It is possible for log events to remain in the buffer off the multichannelledlog and thus not be logged despite close or flush. This PR simply adds a function to empty the queue before closing or flushing. (Except when the logger is paused.) Reference #19982 Signed-off-by: Andrew Thornton <art27@cantab.net> * and do similar for ChannelledLog Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Stop spurious APIFormat stopwatches logs (#20008)zeripath2022-06-171-1/+3
| | | | | | | | | If there are dangling stopwatches with missing issues there will be repeated logging of Unable to APIFormat stopwatches. These are unhelpful and instead we should only log if the error is not an issue not exist error. And we should also prevent an error on missing issue in GetActiveStopwatch too Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add fetch.writeCommitGraph to gitconfig (#20006)zeripath2022-06-171-0/+3
| | | | | | | Add fetch.writeCommitGraph to gitconfig to ensure that a commit-graph will be written on git fetch calls. Signed-off-by: Andrew Thornton <art27@cantab.net>
* gitconfig: set safe.directory = * (#19870)singuliere2022-06-171-0/+13
| | | | | | | | | | | | | | | | | | | | | | | | | | | Allow git push to work when networked file systems with mixed ownership are used with Gitea docker images >= 1.16.6 or Gitea binaries running alongside git versions published after 04/2022. There are circumstances independent of Gitea (networked file systems with various permission systems) by which the git repositories managed by Gitea may have mixed owners. It is not a behavior that Gitea have control over nor is it a problem as long as the permissions for Gitea to operate are correct. Gitea instances have been operating under these conditions for a number of years. It is detected as a potential security risk ( see GHSA-vw2c-22j4-2fh2 ) by the most recent git versions. However, Gitea always runs git commands with a current directory matching the repository on which it operates. That makes Gitea immune from this security problem and it is safe to ignore the mixed owner permission check. This gitconfig modification is done on a file dedicated to the user exclusively used by Gitea. Fixes: #19455 Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: zeripath <art27@cantab.net>
* Remove legacy git code (ver < 2.0), fine tune markup tests (#19930)wxiaoguang2022-06-1610-140/+117
| | | | | | | | | | | | | | | | | | | | | | | | * clean git support for ver < 2.0 * fine tune tests for markup (which requires git module) * remove unnecessary comments * try to fix tests * try test again * use const for GitVersionRequired instead of var * try to fix integration test * Refactor CheckAttributeReader to make a *git.Repository version * update document for commit signing with Gitea's internal gitconfig * update document for commit signing with Gitea's internal gitconfig Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Allow render HTML with css/js external links (#19017)Lunny Xiao2022-06-1610-69/+125
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Allow render HTML with css/js external links * Fix bug because of filename escape chars * Fix lint * Update docs about new configuration item * Fix bug of render HTML in sub directory * Add CSP head for displaying iframe in rendering file * Fix test * Apply suggestions from code review Co-authored-by: delvh <dev.lh@web.de> * Some improvements * some improvement * revert change in SanitizerDisabled of external renderer * Add sandbox for iframe and support allow-scripts and allow-same-origin * refactor * fix * fix lint * fine tune * use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts * fine tune CSP * Apply suggestions from code review Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Remove tab/TabName usage where it's not needed (#19973)Lauris BH2022-06-151-1/+0
| | | `tab` query argument and `TabName` in context is used only in profile so remove it from all other places where it's not used anymore.
* Uppercase first languages letters (#19965)AHOHNMYC2022-06-151-15/+15
|
* Fix mirror template bug (#19959)Lunny Xiao2022-06-131-14/+6
| | | | | | * Fix mirror template bug Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: delvh <dev.lh@web.de>
* Add deprecated log when using MySQL with utf8 charset (#19952)Lunny Xiao2022-06-131-0/+6
|
* Move issues related files into models/issues (#19931)Lunny Xiao2022-06-1323-225/+235
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Move access and repo permission to models/perm/access * fix test * fix git test * Move functions sequence * Some improvements per @KN4CK3R and @delvh * Move issues related code to models/issues * Move some issues related sub package * Merge * Fix test * Fix test * Fix test * Fix test * Rename some files
* fix: some typos (#19956)yutotnh2022-06-131-1/+1
|
* Move some code into models/git (#19879)Lunny Xiao2022-06-129-23/+31
| | | | | | | | | | | | | | | | | | | * Move access and repo permission to models/perm/access * fix test * Move some git related files into sub package models/git * Fix build * fix git test * move lfs to sub package * move more git related functions to models/git * Move functions sequence * Some improvements per @KN4CK3R and @delvh
* Fix signal loop in graceful manager (#19943)wxiaoguang2022-06-121-0/+1
|
* Prettify number of issues (#17760)Gusted2022-06-124-15/+44
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Prettify number of issues - Use the PrettyNumber function to add commas in large amount of issues. * Use client-side formatting * prettify on both server and client * remove unused i18n entries * handle more cases, support other int types in PrettyNumber * specify locale to avoid issues with node default locale * remove superfluos argument * introduce template helper, octicon tweaks, js refactor * Update modules/templates/helper.go * Apply some suggestions. * Add comment * Update templates/user/dashboard/issues.tmpl Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Unify repo settings & show better error (#19828)Gusted2022-06-121-1/+1
| | | | * Unify context data * Actually show invalid url in error
* Fix some mirror bugs (#18649)Lunny Xiao2022-06-114-12/+295
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix some mirror bugs * Remove unnecessary code * Fix lint * rename stdard url * Allow more charactors in git ssh protocol url * improve the detection * support ipv6 for git url parse * Fix bug * Fix template * Fix bug * fix template * Fix tmpl * Fix tmpl * Fix parse ssh with interface * Rename functions name Co-authored-by: zeripath <art27@cantab.net>
* Fix data-race problems in git module (quick patch) (#19934)wxiaoguang2022-06-113-47/+38
| | | | | | | * Fix data-race problems in git module * use HomeDir instead of setting.RepoRootPath Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix copy/paste of empty lines (#19798)silverwind2022-06-104-61/+105
| | | | | | | | | | | | | | | | | | | | | | | | | | | * Fix copy/paste of empty newlines again Fixes: https://github.com/go-gitea/gitea/issues/19331 Regressed by: https://github.com/go-gitea/gitea/pull/18270 Needed to do another newline addition to the Chroma output HTML to get copy/paste work again. The previous replacement conditions are probably obsolete, but as I'm not 100% sure, I opted to keep them. Specifically, the Chroma HTML change mentioned in https://github.com/go-gitea/gitea/pull/18270#issuecomment-1013350246 broke our previous newline replacement for such empty lines. Also included are a few changes to make the test more pleasant to work with. * run go mod tidy * add util.Dedent * copy in the code Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Lauris BH <lauris@nix.lv>
* Custom regexp external issues (#17624)Sandro Santilli2022-06-105-16/+168
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Implement custom regular expression for external issue tracking. Signed-off-by: Alexander Beyn <malex@fatelectrons.org> * Fix syntax/style * Update repo.go * Set metas['regexp'] * gofmt * fix some tests * fix more tests * refactor frontend * use LRU cache for regexp * Update modules/markup/html_internal_test.go Co-authored-by: Alexander Beyn <malex@fatelectrons.org> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Refactor git module, make Gitea use internal git config (#19732)wxiaoguang2022-06-1011-143/+231
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Refactor git module, make Gitea use internal git config, add safe.directory config * introduce git.InitSimple and git.InitWithConfigSync, make serv cmd use gitconfig * use HOME instead of GIT_CONFIG_GLOBAL, because git always needs a correct HOME * fix cmd env in cmd/serv.go * fine tune error message * Fix a incorrect test case * fix configAddNonExist * fix configAddNonExist logic, add `--fixed-value` flag, add tests * add configSetNonExist function in case it's needed. * use configSetNonExist for `user.name` and `user.email` * add some comments * Update cmd/serv.go Co-authored-by: zeripath <art27@cantab.net> * Update cmd/serv.go Co-authored-by: zeripath <art27@cantab.net> * Update modules/git/git.go Co-authored-by: zeripath <art27@cantab.net> * Update modules/setting/setting.go Co-authored-by: zeripath <art27@cantab.net> * Update modules/git/repo_attribute.go Co-authored-by: zeripath <art27@cantab.net> * fix spaces in messages * use `configSet("core.protectNTFS", ...)` instead of `globalCommandArgs` * remove GIT_CONFIG_NOSYSTEM, continue to use system's git config * Update cmd/serv.go Co-authored-by: zeripath <art27@cantab.net> * fix merge * remove code for safe.directory * separate git.CommonEnvs to CommonGitCmdEnvs and CommonCmdServEnvs * avoid Golang's data race error Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Prevent NPE whilst migrating if there is a team request review (#19855)zeripath2022-06-091-0/+1
| | | | | | | | | A pr.Reviewer may be nil when migrating from Gitea if this is a team request review. We do not migrate teams therefore we cannot map these requests, but we can migrate user requests. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add support for rendering terminal output with colors (#19497)Lauris BH2022-06-093-0/+147
|
* Automatically render wiki TOC (#19873)zeripath2022-06-085-40/+103
| | | | | | Automatically add sidebar in the wiki view containing a TOC for the wiki page. Make the TOC collapsable Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add breaking email restrictions checker in doctor (#19903)Gusted2022-06-071-0/+69
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add breaking change check in doctor - This patch introduces a new kind of doctor type, breaking. This file is made to register checks that helps with detecting when a breaking change might impact a Gitea instance. - For now the only check here(and the reason of creating this) is to check if all users in the database has a valid email address, which might not be the case after https://github.com/go-gitea/gitea/pull/17688. This _simply_ uses the validation function to detect and report these cases. - Helps admins with detecting #19897. - I have no clue which priority should be and IsDefault is true, because when breaking change happen and we have a doctor check for it, we can say "run `gitea doctor` to help you with this and maybe you find other errors :wink:". * Makes no sense tbh * Fix copyright * Update modules/doctor/breaking.go Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <matti@mdranta.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Only log non ErrNotExist errors in git.GetNote (#19884)Lunny Xiao2022-06-071-1/+4
| | | | | | | | | * Fix GetNote * Only log errors if the error is not ErrNotExist Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Andrew Thornton <art27@cantab.net>
* Make AppDataPath absolute against the AppWorkPath if it is not (#19815)zeripath2022-06-061-0/+16
| | | | | | | | | | | | | | | | | | | | | | | * Make AppDataPath absolute against the AppWorkPath if it is not There are multiple repeated issues whereby a non-absolute provided APP_DATA_PATH causes strange issues. This PR simply absolutes the APP_DATA_PATH against the AppWorkPath if its not so. It also ensures that AppWorkPath is also always absolute. Ref #19367 Signed-off-by: Andrew Thornton <art27@cantab.net> * Add logging Signed-off-by: Andrew Thornton <art27@cantab.net> * absolute workpath against pwd instead of app path first Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Move some repository related code into sub package (#19711)Lunny Xiao2022-06-0610-20/+338
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Move some repository related code into sub package * Move more repository functions out of models * Fix lint * Some performance optimization for webhooks and others * some refactors * Fix lint * Fix * Update modules/repository/delete.go Co-authored-by: delvh <dev.lh@web.de> * Fix test * Merge * Fix test * Fix test * Fix test * Fix test Co-authored-by: delvh <dev.lh@web.de>
* Implement http signatures support for the API (#17565)Wim2022-06-051-1/+2
| | | | | | | | | | | | | | | | Fixes #12338 This allows use to talk to the API with our ssh certificate (and/or ssh-agent) without needing to fetch an API key or tokens. It will just automatically work when users have added their ssh principal in gitea. This needs client code in tea Update: also support normal pubkeys ref: https://tools.ietf.org/html/draft-cavage-http-signatures Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Set Setpgid on child git processes (#19865)zeripath2022-06-037-0/+41
| | | | | | | | | | When Gitea is running as PID 1 git will occassionally orphan child processes leading to (defunct) processes. This PR simply sets Setpgid to true on these child processes meaning that these defunct processes will also be correctly reaped. Fix #19077 Signed-off-by: Andrew Thornton <art27@cantab.net>
* feat: add DEFAULT_MERGE_STYLE to `repository.pull-request` section for repo ↵ttys32022-06-021-0/+3
| | | | init (#19751)
* Prevent NPE on update mirror settings (#19864)zeripath2022-06-021-1/+1
| | | | | | | | | | | | | A `repo_model.Mirror` repository field (`.Repo`) will not automatically be set, but is used without checking in mirror_pull.go:UpdateAddress. This will cause an NPE. This PR changes UpdateAddress to use the helper function GetRepository() helping prevent future NPEs but also changes modules/context/repo.go to ensure that the Mirror.Repo is set. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Ensure responses are context.ResponseWriters (#19843)zeripath2022-05-311-0/+6
| | | | | | | | | | | | | | | In order for web.Wrap to be able to detect if a response has been written we need to wrap any non-context.ResponseWriters as a such. Otherwise responses will be incorrectly detected as non-written to and handlers can double run. In the case of GZip this handler will change the response to a non-context.RW and this failure to correctly detect response writing causes fallthrough and a NPE. Fix #19839 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Fix inconsistency in doctor output (#19836)Gusted2022-05-312-4/+10
| | | | | | | | | | | | | * Fix inconsistency in doctor output - Use `logger.Info` instead of `logger.Warn` when no errors were found. * Update modules/doctor/fix16961.go Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Fix raw endpoint PDF file headers (#19825)Lauris BH2022-05-281-2/+6
|
* Detect truncated utf-8 characters at the end of content as still ↵zeripath2022-05-212-1/+164
| | | | | | | | | | | | | | representing utf-8 (#19773) Our character detection algorithm can potentially incorrectly detect utf-8 as iso-8859-x if there is a truncated character at the end of the partially read file. This PR changes the detection algorithm to truncated utf8 characters at the end of the buffer. Fix #19743 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Nuke the incorrect permission report on /api/v1/notifications (#19761)zeripath2022-05-201-0/+5
| | | | | | | | | | | | | The permissions created in convertRepo use a minimal perm.AccessModeRead instead of correctly computing the permission for the repository. This incorrect permission is then reported to the user. I do not believe that reporting the permissions is helpful and therefore I propose we simply null these out. The user can check their permissions using a different endpoint. Fix #19759 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move almost all functions' parameter db.Engine to context.Context (#19748)Lunny Xiao2022-05-2013-19/+23
| | | | * Move almost all functions' parameter db.Engine to context.Context * remove some unnecessary wrap functions
* [doctor] pq: syntax error at or near "." quote user table name (#19765)silentcodeg2022-05-201-2/+2
|
* Enable packages by default again (as described by docs) (#19746)delvh2022-05-201-1/+1
|
* Fix org package owner permissions (#19742)KN4CK3R2022-05-191-13/+21
| | | Old code did not respect owner visibility and the organization access calculation was wrong if the user was not a member.
* [doctor] do not update User Stars numbers unless --fix (#19750)silentcodeg2022-05-191-3/+8
|