| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Added type sniffer.
* Switched content detection from base to typesniffer.
* Added GuessContentType to Blob.
* Moved image info logic to client.
Added support for SVG images in diff.
* Restore old blocked svg behaviour.
* Added missing image formats.
* Execute image diff only when container is visible.
* add margin to spinner
* improve BIN tag on image diffs
* Default to render view.
* Show image diff on incomplete diff.
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* encrypt migration credentials in task persistence
Not sure this is the best approach, we could encrypt the entire
`PayloadContent` instead. Also instead of clearing individual fields in
payload content, we could just delete the task once it has
(successfully) finished..?
* remove credentials of past migrations
* only run DB migration for completed tasks
* fix binding
* add omitempty
* never serialize unencrypted credentials
* fix import order
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Unfortunately go panics you try to cast a nil interface{} as another primitive
therefore you need to check interfaces are not nil before casting.
Fix #16025
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Make modules/context.Context a context.Context
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Simplify context calls
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Set the base context for requests to the HammerContext
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use route to serve assets but not middleware
* Fix build error with bindata tag
* convert path to absolute
* fix build
* reduce function stack
* Add tests for assets
* Remove test for assets because they are not generated
* Use a http function to serve assets
* Still use middleware to serve assets then less middleware stack for assets
* Move serveContent to original position
* remove unnecessary blank line change
* Fix bug for /assets* requests
* clean code
Co-authored-by: zeripath <art27@cantab.net>
|
| | |
|
| |
|
| |
Co-authored-by: zeripath <art27@cantab.net>
|
| |
|
|
|
|
|
| |
* Unified custom config creation.
* Fixed log message.
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It appears that people have been using token authentication to navigate to raw paths
and recent changes have broken this. Whilst ideally these paths would not be being used
like this - it was not the intention to be a breaking change.
This PR restores access to these paths.
Fix #13772
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
| |
Fix #15972
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
| |
As revealed by #15964 there is inconsistent use of filepath Join and path Join
for these directories. The best thing to do is to use filepath.Join but then ToSlash
them for consistency.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
|
| |
|
|
|
|
|
|
| |
This PR suggests a change to the default configuration for queues:
* Use a common DATADIR for the queues
* Set starting workers to 0 and make boost a single worker
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
| |
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
|
|
|
|
|
|
|
| |
* Double the avatar size factor
This results on finer Avatar rendering on Hi-DPI display.
* fix test
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* add a new internal hook to save ssh log
as title, when a ssh error ocure like #15785.
only when switch ``RUN_MODE`` to dev can we
found which error is ocure. But this way is
not a good idea for production envirment.
this changes try save ssh error mesage to the
log file like other log by a new internal hook.
I think it's usefull for find error message
in production envirment. Thanks.
Signed-off-by: a1012112796 <1012112796@qq.com>
* rename and fix nit
* Update modules/private/hook.go
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Encrypt LDAP bind password in db with SECRET_KEY
The LDAP source bind password are currently stored in plaintext in the db
This PR simply encrypts them with the setting.SECRET_KEY.
Fix #15460
Signed-off-by: Andrew Thornton <art27@cantab.net>
* remove ui warning regarding unencrypted password
Co-authored-by: silverwind <me@silverwind.io>
|
| |
|
|
|
|
|
| |
* don't prompt interactively for clone credentials
* apply GIT_TERMINAL_PROMPT=0 to all git cmds
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
| |
|
|
|
| |
* GitHub: migrate draft releases too
* refactor
|
| |
|
|
|
|
|
|
|
|
| |
* Hold the event source when there are no listeners
The event source does not need to run when there are no listeners. Therefore
pause it when there are none.
* add some more logging
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
change username (#15304)
* Create a session on ReverseProxy and ensure that ReverseProxy users cannot change username
ReverseProxy users should generate a session on reverse proxy username change.
Also prevent ReverseProxy users from changing their username.
Fix #2407
* add testcase
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Prevent double-login for Git HTTP and LFS and simplify login
There are a number of inconsistencies with our current methods for
logging in for git and lfs. The first is that there is a double login
process. This is particularly evident in 1.13 where there are no less
than 4 hash checks for basic authentication due to the previous
IsPasswordSet behaviour.
This duplicated code had individual inconsistencies that were not
helpful and caused confusion.
This PR does the following:
* Remove the specific login code from the git and lfs handlers except
for the lfs special bearer token
* Simplify the meaning of DisableBasicAuthentication to allow Token and
Oauth2 sign-in.
* The removal of the specific code from git and lfs means that these
both now have the same login semantics and can - if not
DisableBasicAuthentication - login from external services. Further it
allows Oauth2 token authentication as per our standard mechanisms.
* The change in the recovery handler prevents the service from
re-attempting to login - primarily because this could easily cause a
further panic and it is wasteful.
* add test
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
level queue, reduce goroutines etc (#15693)
* move shutdownfns, terminatefns and hammerfns out of separate goroutines
Coalesce the shutdownfns etc into a list of functions that get run at shutdown
rather then have them run at goroutines blocked on selects.
This may help reduce the background select/poll load in certain
configurations.
* The LevelDB queues can actually wait on empty instead of polling
Slight refactor to cause leveldb queues to wait on empty instead of polling.
* Shutdown the shadow level queue once it is empty
* Remove bytefifo additional goroutine for readToChan as it can just be run in run
* Remove additional removeWorkers goroutine for workers
* Simplify the AtShutdown and AtTerminate functions and add Channel Flusher
* Add shutdown flusher to CUQ
* move persistable channel shutdown stuff to Shutdown Fn
* Ensure that UPCQ has the correct config
* handle shutdown during the flushing
* reduce risk of race between zeroBoost and addWorkers
* prevent double shutdown
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
| |
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
| |
* Create a copy of the sha bytes.
Co-authored-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
| |
In #15826 it has become apparent that there are a few occasions when a response can
hang during writing, and because there is no timeout go will happily just block
interminably. This PR adds a fixed 5 second timeout to all writes to a connection.
Fix #15826
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
| |
Fixes http: superfluous response.WriteHeader call from code.gitea.io/gitea/modules/context.(*Response).WriteHeader (response.go:67)
* Looking again we don't need this writeHeader as all of our downstream
implementations will always do it for us
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
| |
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
|
|
| |
* fix truncate utf8 string.
* revoke truncated user info.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Unfortunately some old repositories can have tags with empty Tagger, Commit
or Author. Go-Git variants will always have empty values for these whereas
the native git variant leaves them at nil. The simplest solution is just to
always have these set to empty Signatures.
v156 migration also makes the incorrect assumption that these cannot be empty.
Therefore add some handling to this and add logging and adjust broken
logging elsewhere in this migration.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Decouple TestAction_GetRepoLink and TestSizedAvatarLink.
* Load database for TestCheckGPGUserEmail.
* Load database for TestMakeIDsFromAPIAssigneesToAdd.
* Load database for TestGetUserIDsByNames and TestGetMaileableUsersByIDs.
* Load database for TestUser_ToUser.
* Load database for TestRepository_EditWikiPage.
* Include AppSubURL in test.
* Prevent panic with empty slice.
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Queue manager FlushAll can loop rapidly - add delay
Add delay within FlushAll to prevent rapid loop when workers are busy
Signed-off-by: Andrew Thornton <art27@cantab.net>
* as per lunny
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
|
| |
|
|
|
| |
* Added active and prohibit_login.
* Do not omit fields for normal users.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
* Fix APK's Content-Type header
* Fix case sensitive comparison
* Add custom mime type mapping for downloadable files
* Add documentation for MIME type mapping
* Rename download.mimetype.mapping configuration to repository.mimetype_mapping
Co-authored-by: zeripath <art27@cantab.net>
|
| |
|
|
| |
Signed-off-by: jolheiser <john.olheiser@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
the same db file or queues files (#15790)
* Move restore repo to internal router and invoke from command to avoid open the same db file or queues files
* Follow @zeripath's review
* set no timeout for resotre repo private request
* make restore repo cancelable
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Use single shared random string generation function
- Replace 3 functions that do the same with 1 shared one
- Use crypto/rand over math/rand for a stronger RNG
- Output only alphanumerical for URL compatibilty
Fixes: #15536
* use const string method
* Update modules/avatar/avatar.go
Co-authored-by: a1012112796 <1012112796@qq.com>
Co-authored-by: a1012112796 <1012112796@qq.com>
|
| |
|
|
|
|
|
| |
Use common git cat-file --batch and git cat-file --batch-check to
significantly reduce calls to git.
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
| |
Fixes another regression from https://github.com/go-gitea/gitea/pull/15219.
|
| |
|
|
|
|
|
| |
* Respect merge message structure for parsing item references
Signed-off-by: JustusBunsi <61625851+justusbunsi@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
|
| |
|
|
|
|
| |
It is currenly impossible to detect which "SSO" method is responsible for login. This
PR adds some basic trace logging to these methods.
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| | |
|
| |
|
|
|
| |
* Add ALLOW_ONLY_INTERNAL_REGISTRATION into settings
* OpenID respect setting too
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This PR is another in the vein of queue improvements. It suggests an
exponential backoff for bytefifo queues to reduce the load from queue
polling. This will mostly be useful for redis queues.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
|
| |
|
|
| |
Use a new name for this template/frontend variable to make it distinct
from the server variable StaticURLPrefix.
|
| |
|
| |
Fixes regression from #15219
|
| | |
|
| |
|
|
|
|
|
| |
* Set GIT_DIR correctly if it is not set
* Expand out templates
Signed-off-by: Andrew Thornton <art27@cantab.net>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Drop back to use IsAnInteractiveSession for SVC
There is an apparent permission change problem when using
IsWindowsService to determine if the SVC manager should be
used.
This PR simply drops back to using IsAnInteractiveSession as
this does not change behaviour.
Fix #15454
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Yes staticcheck I know this is deprecated
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Just leave me alone lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
|
