summaryrefslogtreecommitdiffstats
path: root/modules
Commit message (Collapse)AuthorAgeFilesLines
* Fix a panic in NotifyCreateIssueComment (caused by string truncation) (#17928)wxiaoguang2021-12-093-16/+104
| | | | | | | | | | | * Fix a panic in NotifyCreateIssueComment (caused by string truncation) * more unit tests * refactor * fix some edge cases * use SplitStringAtByteN for comment content
* Improve checkBranchName (#17901)zeripath2021-12-085-24/+75
| | | | | | | | | | | | The current implementation of checkBranchName is highly inefficient involving opening the repository, the listing all of the branch names checking them individually before then using using opened repo to get the tags. This PR avoids this by simply walking the references from show-ref instead of opening the repository (in the nogogit case). Signed-off-by: Andrew Thornton <art27@cantab.net>
* allways set a message-id on mails (#17900)Garionion2021-12-081-5/+11
| | | | | | | * allways set a message-id on mails * Add unit tests for mailer & Message-ID Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Refactor install page (db type) (#17919)wxiaoguang2021-12-072-9/+5
| | | | | | | | | | | | * Refactor install page (db type) * set correct default DB HOST for different DB TYPE * remove legacy TiDB from documents * unify the usage of DB TYPE, in code we only use "mysql". "MySQL" is only shown to users for friendly name. * Gitea can use TiDB via MySQL protocol Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Replace "unix" by "http+unix" for PROTOCOL (#17771)mscherer2021-12-052-20/+19
|
* Test cache during init (#17852)wxiaoguang2021-12-061-0/+15
|
* Removed SizeFmt. (#17890)KN4CK3R2021-12-031-1/+0
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add migrate from Codebase (#16768)KN4CK3R2021-12-021-0/+4
| | | | | | | | | | This PR adds [Codebase](https://www.codebasehq.com/) as migration source. Supported: - Milestones - Issues - Pull Requests - Comments - Labels
* Use fmt.Sprintf correctly (#17886)delvh2021-12-022-2/+2
|
* Refactor various strings (#17784)mscherer2021-12-028-19/+30
| | | | | | | | Fixes #16478 Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: Gusted <williamzijl7@hotmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Improve install code to avoid low-level mistakes. (#17779)wxiaoguang2021-12-016-50/+144
| | | | | | | | | | | | | | * Improve install code to avoid low-level mistakes. If a user tries to do a re-install in a Gitea database, they gets a warning and double check. When Gitea runs, it never create empty app.ini automatically. Also some small (related) refactoring: * Refactor db.InitEngine related logic make it more clean (especially for the install code) * Move some i18n strings out from setting.go to make the setting.go can be easily maintained. * Show errors in CLI code if an incorrect app.ini is used. * APP_DATA_PATH is created when installing, and checked when starting (no empty directory is created any more).
* Make Requests Processes and create process hierarchy. Associate ↵zeripath2021-11-3041-224/+503
| | | | | | | | | OpenRepository with context. (#17125) This PR registers requests with the process manager and manages hierarchy within the processes. Git repos are then associated with a context, (usually the request's context) - with sub commands using this context as their base context. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make Co-committed-by and co-authored-by trailers optional (#17848)zeripath2021-11-291-0/+3
| | | | | | | | This PR adds another option to app.ini make co-committed-by and co-authored-by trailers optional on a per server basis. Fix #17194 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move accessmode into models/perm (#17828)Lunny Xiao2021-11-2810-34/+43
|
* Handle relative unix socket paths (#17836)zeripath2021-11-271-3/+10
| | | | | | | | | | | | Make relative unix sockets absolute by making them absolute against the AppWorkPath Fix #17833 ## :warning: BREAKING :warning: Prior to this PR relative unix sockets would have been asserted to be relative to the current working directory that gitea, gitea serv, hook and manager etc were running in. Hooks and Serv would have failed to work properly under this situation so we expect that although this is a technically breaking change the previous situation was already broken. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Replace regex usage for MIME parsing (#17831)Gabriel Vasile2021-11-271-2/+6
| | | | | | | MIME types can have multiple optional parameters, eg: video/webm; codecs="w/e codec"; charset="binary" This commit replaces the usage of regex for getting the "type/subtype" with mime.ParseMediaType.
* Use correct user on releases (#17806)Gusted2021-11-251-2/+2
| | | | | | | - Use the provided `doer` instead of `rel.Publisher`. The code will also run on edited releases and deleted ones, which isn't necessary done by `rel.Publisher`. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Move user related model into models/user (#17781)Lunny Xiao2021-11-2433-291/+363
| | | | | | | | | | | | | * Move user related model into models/user * Fix lint for windows * Fix windows lint * Fix windows lint * Move some tests in models * Merge
* Use `*PushUpdateOptions` as receiver (#17724)Gusted2021-11-241-14/+14
|
* Move repofiles from modules/repofiles to services/repository/files (#17774)Lunny Xiao2021-11-2422-2716/+8
| | | | | | | | | * Move repofiles from modules to services * rename services/repository/repofiles -> services/repository/files * Fix test Co-authored-by: 6543 <6543@obermui.de>
* Fix visibility of org avatars (#17789)qwerty2872021-11-241-7/+13
| | | | | | | * Fix visibility of org avatar * more clear syntax Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Use correct Sender on webhook change title (#17791)Gusted2021-11-241-1/+1
| | | As title, thanks to @mscherer for pointing out the incorrect code.
* More pleasantly handle broken or missing git repositories (#17747)zeripath2021-11-221-1/+33
| | | | | | | | | | | | | | | | | | | | | | * More pleasantly handle broken or missing git repositories In #17742 it was noted that there a completely invalid git repository underlying a repo on gitea.com. This happened due to a problem during a migration however, it is not beyond the realms of possibility that a corruption could occur to another user. This PR adds a check to RepoAssignment that will detect if a repository loading has failed due to an absent git repository. It will then show a page suggesting the user contacts the administrator or deletes the repository. Fix #17742 Signed-off-by: Andrew Thornton <art27@cantab.net> * Update options/locale/locale_en-US.ini Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Remove unnecessary attributes of User struct (#17745)Lunny Xiao2021-11-222-3/+8
| | | | | | | | | | | | | | | * Remove unnecessary functions of User struct * Move more database methods out of user struct * Move more database methods out of user struct * Fix template failure * Fix bug * Remove finished FIXME * remove unnecessary code
* Add user settings key/value DB table (#16834)techknowlogick2021-11-221-1/+1
|
* Fix close issue but time watcher still running (#17643)Lunny Xiao2021-11-212-517/+0
| | | | | | | | | | | | | * Fix close issue but time watcher still running * refactor stopwatch codes * Fix test * Fix test * Fix typo * Fix test
* Reset locale on login (#17734)zeripath2021-11-202-0/+6
| | | | | | | | | When logging in reset the user's locale to ensure that it matches their preferred locale. Fix #15612 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Extract constant names out for the ReverseProxy and Basic authentication ↵zeripath2021-11-202-2/+2
| | | | | | | | | methods (#17735) In order to reduce load on the GC extract out the constant names of the Basic and ReverseProxy methods. As mentioned in https://github.com/go-gitea/gitea/pull/15119#discussion_r730352176 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Enable show more files in diff for git <2.31 (#17733)zeripath2021-11-201-1/+1
| | | | | | | | | | | | | Unfortunately due to a misread on my behalf I missed that git diff only learned --skip-to in version 2.31.0. Thus this functionality was not working on older versions of git. This PR adds a handler that simply allows for us to skip reading the diffs until we find the correct file to skip to. Fix #17731 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Use `hostmatcher` to replace `matchlist`, improve security (#17605)wxiaoguang2021-11-2010-140/+247
| | | | | Use hostmacher to replace matchlist. And we introduce a better DialContext to do a full host/IP check, otherwise the attackers can still bypass the allow/block list by a 302 redirection.
* Make SSL cipher suite configurable (#17440)zeripath2021-11-203-44/+11
|
* Fix correct usage of teams (#17732)Gusted2021-11-201-0/+6
| | | | | | | - `.Teams` isn't a field on the User type, thus using the seperate loaded teams. - Add a space between `PathEscape` and argument. Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Better builtin avatar generator (#17707)wxiaoguang2021-11-207-17/+1109
| | | | | | | This PR fixes the builtin avatar generator. 1. The random background color makes some images very dirty. So now we only use white background for avatars. 2. We use left-right mirror avatars to satisfy #14799 3. Fix a small padding error in the algorithm
* Add settings to allow different SMTP envelope from address (#17479)zeripath2021-11-191-7/+25
| | | | | | | | | | | * Add settings to allow different SMTP envelope from address Sometimes it may be advisable to hide or alias the from address on an SMTP mail envelope. This PR adds two new options to the mailer to allow setting of an overriding from address. Fix #17477 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move attachment into models/repo/ (#17650)Lunny Xiao2021-11-193-5/+7
| | | | | | | * Move attachment into models/repo/ * Fix test * Fix bug
* Use a standalone struct name for Organization (#17632)Lunny Xiao2021-11-195-21/+16
| | | | | | | | | | | | | | | | | | | | | * Use a standalone struct name for Organization * recover unnecessary change * make the code readable * Fix template failure * Fix template failure * Move HasMemberWithUserID to org * Fix test * Remove unnecessary user type check * Fix test Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Prevent double sanitize (#16386)KN4CK3R2021-11-193-64/+48
| | | | | | | | * Prevent double sanitize. * Use SanitizeReaderToWriter. At the moment `actualRender` uses `SanitizeReader` to sanitize the output. But `SanitizeReader` gets called in `markup.render` too so the output gets sanitized twice. I moved the `SanitizeReader` call into `RenderRaw` because this method does not use `markup.render`. I would like to remove the `RenderRaw`/`RenderRawString` methods too because they are only called from tests, the fuzzer and the `/markup/raw` api endpoint. This endpoint is not in use so I think we could remove them. If we really in the future need a method to render markdown without PostProcessing we could achieve this with a more flexible `renderer.NeedPostProcess` method.
* Prevent deadlock in TestPersistableChannelQueue (#17717)zeripath2021-11-191-0/+33
| | | | | | | | | | | | * Prevent deadlock in TestPersistableChannelQueue There is a potential deadlock in TestPersistableChannelQueue due to attempting to shutdown the test queue before it is ready. Signed-off-by: Andrew Thornton <art27@cantab.net> * prevent npe Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move user/org deletion to services (#17673)KN4CK3R2021-11-191-1/+2
|
* Simplify code for wrting SHA to name-rev (#17696)Gusted2021-11-181-17/+8
|
* Move task from modules to services (#17680)Lunny Xiao2021-11-182-273/+0
|
* Move user functions into user.go (#17659)Lunny Xiao2021-11-181-6/+7
| | | | | * Move user functions into user.go * Fix test
* Remove unnecessary variable assignments (#17695)Gusted2021-11-183-6/+2
| | | | | | | | | | * Remove unnecessary variable assignments As title * enable ineffassign Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fixed commit count. (#17698)KN4CK3R2021-11-171-7/+11
| | | | Added "Tag" label. Unified branch, tag and commit name.
* Add .gitattribute assisted language detection to blame, diff and render (#17590)zeripath2021-11-178-71/+134
| | | | | | | Use check attribute code to check the assigned language of a file and send that in to chroma as a hint for the language of the file. Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move some functions into services/repository (#17677)Lunny Xiao2021-11-174-314/+0
|
* A better go code formatter, and now `make fmt` can run in Windows (#17684)wxiaoguang2021-11-1723-10/+21
| | | | * go build / format tools * re-format imports
* Fix bug when read mysql database max lifetime (#17682)Lunny Xiao2021-11-171-2/+2
|
* Multiple Escaping Improvements (#17551)zeripath2021-11-1613-50/+71
| | | | | | | | | | | | | | There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this. This is an extensive PR attempting to fix these issues. 1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping. 2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand. 3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.) 5. The title generation in feeds is now properly escaped. 6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move migrations into services and base into modules/migration (#17663)Lunny Xiao2021-11-1640-7622/+20
| | | | | | | * Move migrtions into services and base into modules/migration * Fix imports * Fix lint