aboutsummaryrefslogtreecommitdiffstats
path: root/web_src/js/features
Commit message (Collapse)AuthorAgeFilesLines
* Replace deprecated String.prototype.substr() with String.prototype.slice() ↵CommanderRoot2022-02-186-11/+11
| | | | | | | | | (#18796) String.prototype.substr() is deprecated (see https://developer.mozilla.org/en-US/docs/Web/JavaScript/Reference/Global_Objects/String/substr) so we replace it with the slice() method which works similarily but isn't deprecated. Signed-off-by: Tobias Speicher <rootcommander@gmail.com> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix source code line highlighting (#18729)Jimmy Praet2022-02-121-2/+5
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add LDAP group sync to Teams, fixes #1395 (#16299)Sven Seeberg2022-02-111-10/+6
| | | | | | | | | | * Add setting for a JSON that maps LDAP groups to Org Teams. * Add log when removing or adding team members. * Sync is being run on login and periodically. * Existing group filter settings are reused. * Adding and removing team members. * Sync not existing LDAP group. * Login with broken group map JSON.
* Add apply-patch, basic revert and cherry-pick functionality (#17902)zeripath2022-02-093-10/+32
| | | | | | | | | | | | | | | This code adds a simple endpoint to apply patches to repositories and branches on gitea. This is then used along with the conflicting checking code in #18004 to provide a basic implementation of cherry-pick revert. Now because the buttons necessary for cherry-pick and revert have required us to create a dropdown next to the Browse Source button I've also implemented Create Branch and Create Tag operations. Fix #3880 Fix #17986 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent security failure due to bad APP_ID (#18678)zeripath2022-02-091-0/+13
| | | | | | | | | | | WebAuthn may cause a security exception if the provided APP_ID is not allowed for the current origin. Therefore we should reattempt authentication without the appid extension. Also we should allow [u2f] as-well as [U2F] sections. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix review excerpt (#18502)confusedsushi2022-02-011-1/+3
| | | | | | | | | | | | | | | | | Currently the "File Changed" tab of a PR is somehow broken. This is also true for the current release 1.16.0. When you are on the "File Changed" tab, and want to look at code excerpt before or after the code changes, the layout breaks. You can test this on try.gitea.io here: https://try.gitea.io/testnotexisting/magic_enum/pulls/2/files The problem occurs for the unified view and for the split view. Kind of the same problem was there for commenting a line of code, this was fixed in #18321 and #18403. For consistency, I changed the solution of #18321, I removed the ``colspan`` and instead added a ``<td>``. The goal was to have code similarly with the split view. Also the separator line in the split view was in the wrong column, this was fixed too.* more consistent unified review comment Fix #18516 Co-authored-by: Andrew Thornton <art27@cantab.net>
* Use explicit jQuery import, remove unused eslint globals (#18435)silverwind2022-01-2845-11/+68
| | | | | - Don't rely on globals (window.$) for jQuery import - Remove eslint globals no longer in use
* Place inline diff comment dialogs on split diff in 4th and 8th columns (#18403)zeripath2022-01-251-0/+2
| | | | | | Fix #18391 Fix #18320 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent showing webauthn error for every time visiting ↵wxiaoguang2022-01-241-4/+3
| | | | `/user/settings/security` (#18385)
* Fix PR comments UI (#18323)wxiaoguang2022-01-192-2/+2
| | | | | Closes: * Review comment cannot be edited #17768 * Changing PR Comment Resolved State Disables Further Changes #18315
* Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)wxiaoguang2022-01-192-4/+7
| | | And shrink the height of Dropzone.
* Place inline diff comment dialogs in the 4th column. (#18321)JonRB2022-01-181-1/+1
| | | | | | | | | | | | Comment dialogs for inline comments should appear in 4th column (not 3rd column), this PR changes the column that the inline review comment is associated with. This problem has occurred due to an unrecognised conflict between #17562 and #17315. Fix as zeripath suggested in #18320 Fix #18320 Co-authored-by: zeripath <art27@cantab.net>
* Revert "Prevent possible XSS when using jQuery (#18289)" (#18293)wxiaoguang2022-01-168-33/+33
| | | This reverts commit 661d3d28e97bb49bef075c0314edad5879148aaa.
* Prevent possible XSS when using jQuery (#18289)Gusted2022-01-168-33/+33
| | | | | | | In the case of misuse or misunderstanding from a developer whereby, if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the creation of a new element. Current usage is using hard-coded selectors in the templates, but nobody prevents that from expanding to user-controlled somehow.
* Webauthn nits (#18284)zeripath2022-01-151-8/+11
| | | | | | | This contains some additional fixes and small nits related to #17957 Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Support webauthn (#17957)Lunny Xiao2022-01-142-125/+197
| | | | | | | Migrate from U2F to Webauthn Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix EasyMDE image paste bug during refactoring (#18207)wxiaoguang2022-01-082-4/+9
|
* Fix CSS specificity issue with easymde's css (#18201)silverwind2022-01-071-1/+1
| | | | | | | | | | | | | | | | * Fix CSS specificity issue with easymde's css PR #18069 introduced a regression in certain overwritten editor styles because the dynamic loading of easymde.min.css causes its's style to apply after our supposed override styles. Solve this by bundling the styles into index.css. We should later aim to completely replace easymde.min.css completely with our own styles so there are no more conflicts. * Update web_src/js/features/comp/EasyMDE.js Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Add warning for BIDI characters in page renders and in diffs (#17562)zeripath2022-01-073-1/+44
| | | | | | | | | | | | Fix #17514 Given the comments I've adjusted this somewhat. The numbers of characters detected are increased and include things like the use of U+300 to make à instead of à and non-breaking spaces. There is a button which can be used to escape the content to show it. Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Gwyneth Morgan <gwymor@tilde.club> Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Load EasyMDE/CodeMirror dynamically, remove RequireEasyMDE (#18069)wxiaoguang2022-01-056-180/+237
| | | This PR makes frontend load EasyMDE/CodeMirror dynamically, and removes `RequireEasyMDE`.
* Fix EasyMDE validation (#18161)wxiaoguang2022-01-033-24/+40
|
* Require codereview to have content (#18156)Gusted2022-01-023-13/+38
| | | | | - Report a validityError when the codeReview have no comment. - Resolves #18151 - Refactor
* Clean legacy SimpleMDE code (#17926)wxiaoguang2021-12-106-60/+83
| | | | | | | | | | | Since we are using EasyMDE now, we do not need to keep the SimpleMDE code anymore. This PR removes all legacy SimpleMDE code, and makes some related changes: * `createCommentEasyMDE` can accept native DOM element, and it doesn't need `jQuery.data` to store EasyMDE editor object (as discussed about the frontend guideline). * introduce `getAttachedEasyMDE` to get the attached EasyMDE editor object, it's easier to find all the usage of EasyMDE. * rename variable names from `$simplemde` to `easyMDE`, the `$` was incorrect because it is a EasyMDE editor, not a jQuery object. With this PR, it will be easier to do more refactoring or replacing EasyMDE with other editors.
* Support sorting for project board issuses (#17152)Anbraten2021-12-081-14/+26
| | | Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Remove unnecessary `X-Remote` HTTP header in AJAX request (#17932)wxiaoguang2021-12-082-7/+0
|
* Refactor install page (db type) (#17919)wxiaoguang2021-12-071-36/+27
| | | | | | | | | | | | * Refactor install page (db type) * set correct default DB HOST for different DB TYPE * remove legacy TiDB from documents * unify the usage of DB TYPE, in code we only use "mysql". "MySQL" is only shown to users for friendly name. * Gitea can use TiDB via MySQL protocol Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Fix loading content history on show more (#17819)Gusted2021-12-061-1/+3
| | | | | | | | | | | | | | | * Fix loading content history on show more - Call `initRepoIssueContentHistory` so that the newly loaded issues also get their content history. - Resolves #17767 * apply history to show diff too Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: zeripath <art27@cantab.net> Co-authored-by: 6543 <6543@obermui.de>
* Update JS dependencies, adjust eslint config (#17904)silverwind2021-12-044-6/+5
| | | | | - Update all JS dependencies to latest versions - Add new lint rules, enable es2022 eslint parser features - Disable github/no-then, I feel the rule was too restricting
* Added missing `data-` prefix. (#17884)KN4CK3R2021-12-031-3/+3
|
* Switch archive URL code back to href attributes (#17796)fnetX (aka fralix)2021-11-291-1/+1
| | | | | | * Add fallback href link * Switch async archive generation to use href links * Edit all templates to use href instead of data-url for archives * Add consistent rel="nofollow" as per wxiaoguang
* Improve ellipsis buttons (#17773)silverwind2021-11-221-2/+4
| | | | | | | | | | | | * Improve ellipsis buttons - Remove icon font usage - Add aria-expanded attribute * rename function to match Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Improvements to content history (#17746)Jimmy Praet2021-11-221-3/+6
| | | | | | | | | | | * Improvements to content history * initialize content history when making an edit to an old item created before the introduction of content history * show edit history for code comments on pull request files tab * Fix a flaw in keepLimitedContentHistory Fix a flaw in keepLimitedContentHistory, the first and the last should never be deleted * Remove obsolete eager initialization of content history
* Fix project board bug and improve documents (#17753)wxiaoguang2021-11-221-9/+12
| | | | * the project board was broken, this PR fixes it, and refactor the code, and we prevent the uncategorized column from being dragged. * improve the frontend guideline (as discussed in https://github.com/go-gitea/gitea/pull/17699)
* Add new JS linter rules (#17699)silverwind2021-11-2212-84/+94
| | | | | | | | | | | | | | | | | | | | * Add new JS linter rules Adds a few useful rules from eslint-plugin-github. Notable changes: - Forbid dataset usage, its camel-casing behaviour makes it hard to grep for attributes. - Forbid .then() and .catch(), we should generally prefer await for new code. For rare cases where they are useful, a eslint-disable-line directive can be set. - Add docs js to linting * also enable github/array-foreach * small tweak Co-authored-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Allow Loading of Diffs that are too large (#17739)zeripath2021-11-221-1/+28
| | | | | | | | | | | * Allow Loading of Diffs that are too large This PR allows the loading of diffs that are suppressed because the file is too large. It does not handle diffs of files which have lines which are too long. Fix #17738 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Make a.add-code-comment click handler an event handler (#17737)zeripath2021-11-201-1/+1
| | | | | | | | | Instead of directly attaching the add-code-comment on click handler to the a.add-code-comment elements - make this an event handler on the document instead. Fix #17736 Signed-off-by: Andrew Thornton <art27@cantab.net>
* perf: sent `data-path` once for each file (#17657)Gusted2021-11-192-5/+5
| | | | | | | | | | | | | | - Don't sent it with each line, instead send it at the top-element for each file. - Related: https://github.com/go-gitea/gitea/pull/17618#issuecomment-968192761 2.5K Additions: No-Patch: Unified: 2.14 MB (2.14 MB size) Split: 2.59 MB (2.59 MB size) Patch: Unified: 2.10 MB (2.10 MB size) (-1.8%) Split: 2.55 MB (2.55 MB size) (-1.5%)
* Refactor repo-legacy.js, remove messy global variables. Fix errors. (#17646)wxiaoguang2021-11-192-200/+197
| | | | | Refactor repo-legacy.js, remove messy global variables. Fix errors. Fix an error in Sortable Fix a incorrect call assignMenuAttributes from the template
* Cleanup and use global style on popups (#17674)silverwind2021-11-181-5/+13
| | | | | | | | | | | | | * Cleanup and use global style on popups - Fix typo 'poping' to 'popping' - Remove most inline 'data-variation' attributes - Initialize all popups with 'inverted tiny' variation * misc tweaks * rename to .tooltip, use jQuery Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Sanitize user-input on file name (#17666)Gusted2021-11-171-1/+2
| | | | | | | | | | | * Sanitize user-input on file name - Sanitize user-input before it get passed into the DOM. - Prevent things like "<iframe onload=alert(1)></iframe>" from being executed. This isn't a XSS attack as the server seems to be santizing the path as well. Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Multiple Escaping Improvements (#17551)zeripath2021-11-161-1/+1
| | | | | | | | | | | | | | There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this. This is an extensive PR attempting to fix these issues. 1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping. 2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand. 3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.) 5. The title generation in feeds is now properly escaped. 6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net> Signed-off-by: Andrew Thornton <art27@cantab.net>
* Remove superfluous argument (#17667)Gusted2021-11-161-1/+1
| | | As title.
* Add copy button to markdown code blocks (#17638)silverwind2021-11-162-17/+19
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Add copy button to markdown code blocks Done mostly in JS because I think it's better not to try getting buttons past the markup sanitizer. * add svg module tests * fix sanitizer regexp * remove outdated comment * vertically center button in issue comments as well * add comment to css * fix undefined on view file line copy * combine animation less files * Update modules/markup/markdown/markdown.go Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> * add test for different sizes * add cloneNode and add tests for it * use deep clone * remove useless optional chaining * remove the svg node cache * unify clipboard copy string and i18n * remove unused var * remove unused localization * minor css tweaks to the button * comment tweak * remove useless attribute Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
* Fix database deadlock when update issue labels (#17649)wxiaoguang2021-11-162-26/+22
| | | | This fix updates issue labels one by one, and won't cause database deadlock. In future, we can use a batch API to update all changed labels by one request.
* perf: only generate data-comment-url once (#17618)Gusted2021-11-141-1/+1
|
* Fix some incorrect async functions, improve frontend document. (#17597)wxiaoguang2021-11-126-44/+48
|
* Update JS dependencies (#17611)silverwind2021-11-112-2/+1
| | | | | | | | | - Update monaco, adapting to breaking changes - Update dropzone, adapting to breaking changes - Update linters, fix new issues, disable opinionated stylelint rules - Rebuild SVGs and images - Tested Dropzone and Monaco Replaces: https://github.com/go-gitea/gitea/pull/17574
* Improve async/await usage, and sort init calls in `index.js` (#17386)wxiaoguang2021-11-0919-128/+137
| | | | * clean up async/await, and sort init calls in `index.js * use `const _promise` to indicate that we do not need await an async function
* Remove appSubUrl from pasted images (#17572)zeripath2021-11-081-3/+3
| | | | | | | | | | * Remove appSubUrl from pasted images Since we fixed the url base for the links in repositories we no longer need to add the appsuburl to pasted image links. Fix #17057 Signed-off-by: Andrew Thornton <art27@cantab.net>
* Move key forms before list and add cancel button (#17432)qwerty2872021-10-281-1/+2
| | | | | | | * Move GPG form before list and add cancel button * Move SSH form before list and add cancel button Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>