| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
|
|
|
|
|
|
|
|
|
|
| |
Backport #28765 by @jackHay22
Fixes #28756
## Changes
- Require and check API token for `GET
/repos/{owner}/{repo}/subscription` in order to populate `ctx.Doer`.
Co-authored-by: Jack Hay <jack@allspice.io>
|
|
|
|
|
|
|
|
| |
Backport #28531 by @pulltheflower
- Fix the bug about admin/hooks API that `GET /admin/hooks` can only
fetch system_hooks, `POST /admin/hooks` can only create default_hooks.
Co-authored-by: vincent <38434877+pulltheflower@users.noreply.github.com>
|
|
|
|
|
| |
Backport #28636
Fix #28231, and remove some unused code.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28587, the only conflict is the test file.
The CORS code has been unmaintained for long time, and the behavior is
not correct.
This PR tries to improve it. The key point is written as comment in
code. And add more tests.
Fix #28515
Fix #27642
Fix #17098
|
|
|
|
| |
(#28596) (#28599)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28582 by @Zettat123
Fix #28570
Follow #24633
---
Copied from
https://github.com/go-gitea/gitea/issues/28570#issuecomment-1867327999
The feature introduced in #24633 should be compatible with
`status_check_contexts`. However, if one or more of
`status_check_contexts` is not a legal glob expressions, `glob.Compile`
will fail and the contexts cannot match.
https://github.com/go-gitea/gitea/blob/21229ed2c8ed00f57100adf9ebc5f4a08da9a66e/routers/web/repo/pull.go#L653-L663
Co-authored-by: Zettat123 <zettat123@gmail.com>
|
|
|
|
|
|
|
|
|
|
| |
Backport #28583 by @morphelinho
Follow #28184
Follow #28515
Fix problem with 405 method not allowed for CORS wrt OIDC
Co-authored-by: morphelinho <morphelinho@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28572 by @KN4CK3R
Fixes #28545
`git blame` output can contain blocks without commit information if it
was outputted before (the `0dafa97ea3f6d9662299579e5be1875cd28baaae 48
26 1` line):
```
fec25436488499df7231f63b857f66457c193d5c 24 25 1
author Bastien Montagne
author-mail <bastien@blender.org>
author-time 1660731031
author-tz +0200
committer Bastien Montagne
committer-mail <bastien@blender.org>
committer-time 1660731031
committer-tz +0200
summary LibOverride: Add Make/Reset/Clear entries to IDTemplate contextual menu.
previous 839ece6477203382b7a7483062961540180ff1cd source/blender/editors/interface/interface_ops.c
filename source/blender/editors/interface/interface_ops.c
#include "BLT_translation.h"
0dafa97ea3f6d9662299579e5be1875cd28baaae 48 26 1
3d57bc4397fca53bc9702a27bbf50102827829b0 27 27 1
author Hans Goudey
author-mail <hans@blender.org>
author-time 1700131315
author-tz +0100
committer Hans Goudey
committer-mail <hooglyboogly@noreply.localhost>
committer-time 1700131315
committer-tz +0100
summary Cleanup: Move several blenkernel headers to C++
previous 451c054d9b7d3148a646caa5a72fb127a5b5c408 source/blender/editors/interface/interface_ops.cc
filename source/blender/editors/interface/interface_ops.cc
#include "BKE_context.hh"
```
This PR reuses data from the previous blame part to fill these gaps.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#28555) (#28568)
Backport #28555 by @fuxiaohei
Related to https://github.com/go-gitea/gitea/issues/28279
When merging artifact chunks, it lists chunks from storage. When storage
is minio, chunk's path contains `MINIO_BASE_PATH` that makes merging
break.
<del>So trim the `MINIO_BASE_PATH` when handle chunks.</del>
Update the chunk file's basename to retain necessary information. It
ensures that the directory in the chunk's path remains unaffected.
Co-authored-by: FuXiaoHei <fuxiaohei@vip.qq.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#28286) (#28512)
Backport #28286 by @yp05327
Mentioned:
[#28277](https://github.com/go-gitea/gitea/issues/28277#issuecomment-1831325276)
We should only check online runner when detecting matching runners in
workflows,
as if runner is not online, the workflow will not run.

Co-authored-by: yp05327 <576951401@qq.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
creating user API (#28491) (#28525)
Backport #28491 by @appleboy
- Modify the `Password` field in `CreateUserOption` struct to remove the
`Required` tag
- Update the `v1_json.tmpl` template to include the `email` field and
remove the `password` field
Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Bo-Yi Wu <appleboy.tw@gmail.com>
|
|
|
|
|
|
|
|
| |
Backport #28454 (the only conflict is caused by some comments)
* Close #24483
* Close #28123
* Close #23682
* Close #23149
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28457 by @KN4CK3R
Recently Docker started to use the optional `POST /v2/token` endpoint
which should respond with a `404 Not Found` status code instead of the
current `405 Method Not Allowed`.
> Note: Not all token servers implement oauth2. If the request to the
endpoint returns 404 using the HTTP POST method, refer to Token
Documentation for using the HTTP GET method supported by all token
servers.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
|
|
| |
backport #28423
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28390 by @jackHay22
## Changes
- Add deprecation warning to `Token` and `AccessToken` authentication
methods in swagger.
- Add deprecation warning header to API response. Example:
```
HTTP/1.1 200 OK
...
Warning: token and access_token API authentication is deprecated
...
```
- Add setting `DISABLE_QUERY_AUTH_TOKEN` to reject query string auth
tokens entirely. Default is `false`
## Next steps
- `DISABLE_QUERY_AUTH_TOKEN` should be true in a subsequent release and
the methods should be removed in swagger
- `DISABLE_QUERY_AUTH_TOKEN` should be removed and the implementation of
the auth methods in question should be removed
## Open questions
- Should there be further changes to the swagger documentation?
Deprecation is not yet supported for security definitions (coming in
[OpenAPI Spec version
3.2.0](https://github.com/OAI/OpenAPI-Specification/issues/2506))
- Should the API router logger sanitize urls that use `token` or
`access_token`? (This is obviously an insufficient solution on its own)
Co-authored-by: Jack Hay <jack@allspice.io>
Co-authored-by: delvh <dev.lh@web.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix #28056
Backport #28361
This PR will check whether the repo has zero branch when pushing a
branch. If that, it means this repository hasn't been synced.
The reason caused that is after user upgrade from v1.20 -> v1.21, he
just push branches without visit the repository user interface. Because
all repositories routers will check whether a branches sync is necessary
but push has not such check.
For every repository, it has two states, synced or not synced. If there
is zero branch for a repository, then it will be assumed as non-sync
state. Otherwise, it's synced state. So if we think it's synced, we just
need to update branch/insert new branch. Otherwise do a full sync. So
that, for every push, there will be almost no extra load added. It's
high performance than yours.
For the implementation, we in fact will try to update the branch first,
if updated success with affect records > 0, then all are done. Because
that means the branch has been in the database. If no record is
affected, that means the branch does not exist in database. So there are
two possibilities. One is this is a new branch, then we just need to
insert the record. Another is the branches haven't been synced, then we
need to sync all the branches into database.
|
|
|
|
|
| |
Backport #28406 by @lunny
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28013 by @earl-warren
Refs: https://codeberg.org/forgejo/forgejo/issues/1403
(cherry picked from commit dd4d17c159eaf8b642aa9e6105b0532e25972bb7)
---------
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28314 by @yp05327
Fix #28264
`DataAsync()` will be called twice.
Caused by https://github.com/go-gitea/gitea/pull/27958.
I'm sorry, I didn't completely remove all unnecessary codes.
Co-authored-by: yp05327 <576951401@qq.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
workflows but other branches have (#28359) (#28365)
Backport #28359 by @lunny
The left menu will only display the default branch's workflows but the
right side will display the runs triggered by all branches' workflows.
So we cannot hide right side if default branch has no workflows.
Fix #28332
Replace #28333
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #28309 by @KN4CK3R
Fixes https://codeberg.org/forgejo/forgejo/issues/1810
zypper uses HEAD requests to check file existence.
https://github.com/openSUSE/libzypp/blob/HEAD/zypp/RepoManager.cc#L2549
https://github.com/openSUSE/libzypp/blob/HEAD/zypp-curl/ng/network/private/downloaderstates/basicdownloader_p.cc#L116
@ExplodingDragon fyi
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
|
|
|
|
|
|
|
|
|
| |
Backport #28306 by @KN4CK3R
Fixes #28280
Reads the `previous` info from the `git blame` output instead of
calculating it afterwards.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
|
|
|
|
|
|
|
|
| |
contributor` (#28237) (#28271)
Backport #28237 by @yp05327
Fix #28224
Co-authored-by: yp05327 <576951401@qq.com>
|
|
|
|
|
|
|
| |
backport #28213
This PR will fix some missed checks for private repositories' data on
web routes and API routes.
|
|
|
|
|
|
|
|
|
|
| |
Backport #28184
Fix #25473
Although there was `m.Post("/login/oauth/access_token", CorsHandler()...`,
it never really worked, because it still lacks the "OPTIONS" handler.
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
|
|
|
|
|
|
|
| |
Backport #28101 by @lng2020
Reverts go-gitea/gitea#27141
close #28097
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
| |
Backport #28164 by @yp05327

Don't know why there's a `.` behind. 🤔
Co-authored-by: yp05327 <576951401@qq.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#28099)
Backport #27610 by @evantobin
Fixes #27598
In #27080, the logic for the tokens endpoints were updated to allow
admins to create and view tokens in other accounts. However, the same
functionality was not added to the DELETE endpoint. This PR makes the
DELETE endpoint function the same as the other token endpoints and adds
unit tests
Co-authored-by: Evan Tobin <me@evantob.in>
|
|
|
|
|
|
|
|
|
| |
Backport #28040 by @JakobDev
Fixes https://codeberg.org/forgejo/forgejo/issues/1758
For some weird reason we need to cast this nil.
Co-authored-by: JakobDev <jakobdev@gmx.de>
|
|
|
|
|
|
| |
Backport #28023 by @6543
there was no check in place if a user could see a other user, if you
append e.g. `.rss`
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#27965)
Backport #27958 by @yp05327
Mentioned in:
https://github.com/go-gitea/gitea/pull/27931#issuecomment-1798016960
Same to #25131, so use the same method to fix this problem.
Co-authored-by: yp05327 <576951401@qq.com>
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #27915 by @KN4CK3R
Fixes #27819
We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
|
|
|
|
| |
Backport #27875 by @lunny
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
|
|
|
|
|
|
|
|
| |
Fixes https://codeberg.org/forgejo/forgejo/issues/1514
Backports #27273
---------
Co-authored-by: JakobDev <jakobdev@gmx.de>
|
|
|
|
|
|
|
| |
Backport #27856
The only conflict is `ThemeName` in `500.tmpl`, it has been resolved
manually by keeping using old
`{{.SignedUser.Theme}}{{else}}{{DefaultTheme}}`
|
| |
|
|
|
|
|
|
|
|
|
| |
Backport #27829 by @jbgomond
Fixed a little mistake when you deleting user secrets via the API. Found
it when working on #27725.
It should be backported to 1.21 I think.
Co-authored-by: Jean-Baptiste Gomond <dev@jbgomond.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #27266 by @merlleu
Hello there,
Cargo Index over HTTP is now prefered over git for package updates: we
should not force users who do not need the GIT repo to have the repo
created/updated on each publish (it can still be created in the packages
settings).
The current behavior when publishing is to check if the repo exist and
create it on the fly if not, then update it's content.
Cargo HTTP Index does not rely on the repo itself so this will be
useless for everyone not using the git protocol for cargo registry.
This PR only disable the creation on the fly of the repo when publishing
a crate.
This is linked to #26844 (error 500 when trying to publish a crate if
user is missing write access to the repo) because it's now optional.
Co-authored-by: merlleu <r.langdorph@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
|
|
|
|
|
|
|
|
|
| |
Backport #27734 by @lng2020
<img width="823" alt="image"
src="https://github.com/go-gitea/gitea/assets/70063547/99da3d5a-c28a-4fd0-8ae0-88461a9142e2">
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
Co-authored-by: 6543 <6543@obermui.de>
|
|
|
|
|
|
|
| |
Backport #27721 by @lng2020
Fix #27711
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
|
|
|
|
|
|
|
|
| |
Backport #27615 by @lng2020
close #27601
The Docker registry has an internal version, which leads to 404
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #27585 by @JakobDev
Fixes https://codeberg.org/forgejo/forgejo/issues/1592
When login in with WebAuth, the page has a link to use TOTP instead.
This link is always displayed, no matter if the User has set up TOTP or
not, which do of cause not work for those who have not.
Co-authored-by: JakobDev <jakobdev@gmx.de>
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #27267 by @silverwind
1. Dropzone attachment removal, pretty simple replacement
2. Image diff: The previous code fetched every image twice, once via
`img[src]` and once via `$.ajax`. Now it's only fetched once and a
second time only when necessary. The image diff code was partially
rewritten.
Co-authored-by: silverwind <me@silverwind.io>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #27483 by @msantos
Fixes https://github.com/go-gitea/gitea/issues/27481
---
Patch tested:
```json
[
{
"url": "http://100.115.92.198:9292/api/v1/repos/msantos/test/git/commits/7664dcb44167e0f9efd994e4ca6a9164694adc27",
"sha": "7664dcb44167e0f9efd994e4ca6a9164694adc27",
"created": "2023-10-06T09:57:08-04:00",
"html_url": "http://100.115.92.198:9292/msantos/test/commit/7664dcb44167e0f9efd994e4ca6a9164694adc27",
...
"files": [
{
"filename": "README.md",
"status": "modified"
}
],
"stats": {
"total": 2,
"additions": 2,
"deletions": 0
}
}
]
```
Co-authored-by: Michael Santos <michael.santos@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #27446 by @sryze
storageHandler() is written as a middleware but is used as an endpoint
handler, and thus `next` is actually `nil`, which causes a null pointer
dereference when a request URL does not match the pattern (where it
calls `next.ServerHTTP()`).
Example CURL command to trigger the panic:
```
curl -I "http://yourhost/gitea//avatars/a"
```
Fixes #27409
---
Note: the diff looks big but it's actually a small change - all I did
was to remove the outer closure (and one level of indentation) ~and
removed the HTTP method and pattern checks as they seem redundant
because go-chi already does those checks~. You might want to check "Hide
whitespace" when reviewing it.
Alternative solution (a bit simpler): append `, misc.DummyOK` to the
route declarations that utilize `storageHandler()` - this makes it
return an empty response when the URL is invalid. I've tested this one
and it works too. Or maybe it would be better to return a 400 error in
that case (?)
Co-authored-by: Sergey Zolotarev <sryze@outlook.com>
|
|
|
|
|
|
|
| |
Backport #27433 by @JakobDev
Fixes #27380
Co-authored-by: JakobDev <jakobdev@gmx.de>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Backport #27000 by @wxiaoguang
This PR reduces the complexity of the system setting system.
It only needs one line to introduce a new option, and the option can be
used anywhere out-of-box.
It is still high-performant (and more performant) because the config
values are cached in the config system.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
|
|
|
|
|
|
|
| |
(#27442)
Backport #27437 by @lunny
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
(#27381)
Backport #27115 by @puni9869
Followup https://github.com/go-gitea/gitea/pull/26820
## Archived labels UI for issue filter and issue filter actions for
issues/pull request pages.
Changed:
* Enhanced the Issue filter and Issue filter actions UI page to
seamlessly incorporate a list of archived labels.
* Pagination functionality is same as before. If archived label checkbox
is checked then we are adding a query string`archived=true` in the url
to save the state of page.
* Issue filter actions menu is separated into different template.
* Adding the archived flag in issue url labels.
* Pull Request page is also work the same.
Outsourced:
* Defer the implementation of specialized handling for archived labels
to upcoming pull requests. This step will be undertaken subsequent to
the successful merge of this pull request.
Screenshots
### Issue page
<img width="1360" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/d7efb2ef-5b2b-449d-83f0-d430a32ec432">
### Issue page with label filter on archived label checkbox when not
checked --> No archived label is there in list
<img width="1249" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/ceea68ef-91f2-4693-910f-2e25e236bfc9">
### Issue page with label filter on archived label checkbox when checked
--> Show archived label in the list.
<img width="710" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/2414d26b-2079-4c3c-bd9e-f2f5411bcabf">
### Issue page with label filter on issue action menu on archived label
checkbox when checked --> Show archived label in the list.
<img width="409" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/259cac87-3e21-4778-99a2-a6a0b8c81178">
### Applied the archived=true in Issue labels when archived checkbox is
checked.
<img width="984" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/657ce3db-c0ae-402e-b12d-3b580d3c2ed0">
---
Part of https://github.com/go-gitea/gitea/issues/25237
Signed-off-by: puni9869 <punitinani1@hotmail.com>
Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
Co-authored-by: delvh <dev.lh@web.de>
|
|
|
|
|
|
|
|
|
|
| |
(#26430) (#27379)
Backport #26430 by @lunny
Fix #26165
Fix #25257
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
|