Commit graph

14531 commits

Author SHA1 Message Date
Gusted
0baefb546a
[PRIVACY] Add a DNS method to fetch new updates
- Use TXT records in order to determine the latest available version.
- This addresses a valid privacy issue, as with HTTP requests the server
can keep track(estimated) of how many instances are using Forgejo, with
DNS that's basically not possible as the server will never receive any
data, as the only ones receiving data are DNS resolvers.
2023-02-11 11:51:05 +01:00
Gusted
cd0b8b6852
[PRIVACY] Disable update_checker cron tasks
- This is being disabled as it will weekly connect to a domain.
- This only affects existing installations, as new installations will
have a explicit value being written into app.ini due to https://github.com/go-gitea/gitea/pull/21655
2023-02-11 11:51:02 +01:00
Earl Warren
b4e8b8ac81
[API] Forgejo API /api/forgejo/v1 2023-02-11 11:32:35 +01:00
Percy Ma
7c98a4c54e
[DOCS] LICENSE: add Forgejo Authors 2023-02-11 11:32:19 +01:00
Loïc Dachary
2c23d1c53c
[DOCS] RELEASE-NOTES.md 2023-02-11 11:32:14 +01:00
Loïc Dachary
9dd224f00c
[WORKFLOW] issues & pr templates 2023-02-11 11:32:14 +01:00
Loïc Dachary
a47b474586
[DOCS] README 2023-02-11 11:32:14 +01:00
Loïc Dachary
88b113d081
[DOCS] CONTRIBUTING
Refs: https://codeberg.org/forgejo/forgejo/issues/8
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/153
Refs: https://codeberg.org/forgejo/forgejo/issues/123
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/299
2023-02-11 11:32:07 +01:00
Loïc Dachary
eb85782115
delete Gitea specific files that need rewriting for Forgejo
Although it would be possible to modify these files, it would create
conflicts when rebasing. Instead, this commit removes them entirely
and another commit can start from scratch, borrowing content from the
original files.

The drawback of this approach is that some content updates from Gitea
that also need updating in Forgejo will have to be copy/pasted
instead of being merged.
2023-02-11 11:12:44 +01:00
Loïc Dachary
dd1971d4e6
[CI] implementation: forgejo container images 2023-02-11 08:19:59 +01:00
Loïc Dachary
d6f6ca7d3e
[CI] implementation: Woodpecker based CI
Refs: https://codeberg.org/forgejo/forgejo/issues/73
Refs: https://codeberg.org/forgejo/forgejo/issues/101
Refs: https://codeberg.org/woodpecker-plugins/plugin-docker-buildx/issues/51
Refs: https://codeberg.org/forgejo/forgejo/issues/117
Refs: https://codeberg.org/forgejo/forgejo/issues/25
Refs: https://codeberg.org/forgejo/forgejo/issues/154
Refs: https://codeberg.org/forgejo/forgejo/issues/180
Refs: https://codeberg.org/forgejo/forgejo/issues/230
Refs: https://codeberg.org/forgejo/forgejo/issues/316
2023-02-11 08:19:46 +01:00
Loïc Dachary
6d910daafb
[CI] implementation: publish forgejo- binaries instead of gitea- 2023-02-11 08:19:22 +01:00
Loïc Dachary
dff32676e3
[CI] upstream: remove unstable test
Fixes: https://codeberg.org/forgejo/forgejo/issues/30
2023-02-11 08:19:22 +01:00
Gusted
1cb8d14bf7
Use proxy for pull mirror (#22771)
- Use the proxy (if one is specified) for pull mirrors syncs.
- Pulled the code from
c2774d9e80/modules/git/repo.go (L164-L170)

Downstream issue: https://codeberg.org/forgejo/forgejo/issues/302

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
2023-02-11 08:39:50 +08:00
wxiaoguang
affdd40296
Make issue title edit buttons focusable and fix incorrect ajax requests (#22807)
Replace #19922 , which is stale since my last review:
https://github.com/go-gitea/gitea/pull/19922#pullrequestreview-1003546506
and https://github.com/go-gitea/gitea/pull/19922#issuecomment-1153181546

Close #19769

Changes:
1. Use `<button>` instead of `<div>` for buttons
2. Prevent default event handler in `initGlobalButtonClickOnEnter`
3. Fix the incorrect call to `pullrequest_targetbranch_change`
4. Add a slight margin-left to the input element to make UI look better

The logic in repo-issue.js is not ideal, but this PR isn't going to
touch the logic.

This is also an example for future developers to understand how to make
buttons work properly.

### Before


![image](https://user-images.githubusercontent.com/2114189/217262515-ec0462f7-7051-46a5-bfa2-2f6c6a807b7d.png)

### After

* Add a slight margin-left.
* The `Cancel` button is focused.


![image](https://user-images.githubusercontent.com/2114189/217264891-934c9c8d-d190-4866-98b5-666cea57e28d.png)

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-09 12:11:16 -05:00
Brecht Van Lommel
bdd2c9d2ef
Fix update by rebase being wrongly disabled by protected base branch (#22825)
The branch this is force pushing to is the head branch in the head repo,
so it should be checking if that is protected, not the base.
2023-02-09 12:08:42 -05:00
Brecht Van Lommel
137fcc989b
Fix inconsistent Filter Project name in issue list (#22827)
Use Project instead of Filter Project like the other filter menus.
2023-02-09 11:39:31 -05:00
wxiaoguang
24a9caa2f3
Fix more HTMLURL in templates (#22831)
I haven't tested `runs_list.tmpl` but I think it could be right.

After this PR, besides the `<meta .. HTMLURL>` in html head, the only
explicit HTMLURL usage is in `pull_merge_instruction.tmpl`, which
doesn't affect users too much and it's difficult to fix at the moment.

There are still many usages of `AppUrl` in the templates (eg: the
package help manual), they are similar problems as the HTMLURL in
pull_merge_instruction, and they might be fixed together in the future.

Diff without space:
https://github.com/go-gitea/gitea/pull/22831/files?diff=unified&w=1
2023-02-09 11:31:30 -05:00
John Olheiser
0c190e396d
Fix unmatched div in project filter (#22832)
(Note that the below screenshots aren't the same repo, the former is try
and the latter is local)

Before

![div-before](https://user-images.githubusercontent.com/42128690/217723899-a15da77f-a196-4b23-a157-e7f1e1979610.png)

After

![div-after](https://user-images.githubusercontent.com/42128690/217723878-e54235bc-a7d7-425e-bd0d-47d1814f18ba.png)

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-02-09 11:15:07 -05:00
wxiaoguang
cef8f50286
Improve AppUrl/ROOT_URL checking (#22836)
After some PRs:
* #21986
* #22795
* #22808
* #22831
* #22839

Users won't be affected by the ROOT_URL problem in most cases. Close
#19345

This PR improves AppUrl/ROOT_URL checking, only check it on the admin
page, and the message is also updated.

Feel free to suggest about more English-native messages.



![image](https://user-images.githubusercontent.com/2114189/217811809-7d44ddb7-2c4a-46d0-a5db-8ae6ee65f8c3.png)
2023-02-09 11:14:45 -05:00
Jason Song
e253888a0e
Fix isAllowed of escapeStreamer (#22814)
The use of `sort.Search` is wrong: The slice should be sorted, and
`return >= 0` doen't mean it exists, see the
[manual](https://pkg.go.dev/sort#Search).

Could be fixed like this if we really need it:

```diff
diff --git a/modules/charset/escape_stream.go b/modules/charset/escape_stream.go
index 823b63513..fcf1ffbc1 100644
--- a/modules/charset/escape_stream.go
+++ b/modules/charset/escape_stream.go
@@ -20,6 +20,9 @@ import (
 var defaultWordRegexp = regexp.MustCompile(`(-?\d*\.\d\w*)|([^\` + "`" + `\~\!\@\#\$\%\^\&\*\(\)\-\=\+\[\{\]\}\\\|\;\:\'\"\,\.\<\>\/\?\s\x00-\x1f]+)`)

 func NewEscapeStreamer(locale translation.Locale, next HTMLStreamer, allowed ...rune) HTMLStreamer {
+       sort.Slice(allowed, func(i, j int) bool {
+               return allowed[i] < allowed[j]
+       })
        return &escapeStreamer{
                escaped:                 &EscapeStatus{},
                PassthroughHTMLStreamer: *NewPassthroughStreamer(next),
@@ -284,14 +287,8 @@ func (e *escapeStreamer) runeTypes(runes ...rune) (types []runeType, confusables
 }

 func (e *escapeStreamer) isAllowed(r rune) bool {
-       if len(e.allowed) == 0 {
-               return false
-       }
-       if len(e.allowed) == 1 {
-               return e.allowed[0] == r
-       }
-
-       return sort.Search(len(e.allowed), func(i int) bool {
+       i := sort.Search(len(e.allowed), func(i int) bool {
                return e.allowed[i] >= r
-       }) >= 0
+       })
+       return i < len(e.allowed) && e.allowed[i] == r
 }
```

But I don't think so, a map is better to do it.
2023-02-09 20:51:36 +08:00
wxiaoguang
29aea3642f
Make clone URL use current page's host (#22808)
Follow #21986

Even if the ROOT_URL is incorrect, the clone URL on the UI should be
correct.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-09 17:29:13 +08:00
yp05327
7ae10cb7f1
change org_type.go to visible_type.go and fix the notes (#22752)
It seems `VisibleType` is only designed for org at first. But it is also
used by user's visibility now.
So I think `org_type.go` can be changed to `visible_type.go`.
2023-02-09 06:40:34 +00:00
silverwind
90cf07a2c8
Improve notification and stopwatch styles (#22169)
- Add dot-style indicators to notification and time tracker
- Slightly reduce whitespace between right-aligned icons
- Move notification icon to right on mobile
- Switch menu icon to SVG

<img width="270" alt="Screenshot 2022-12-19 at 19 40 32"
src="https://user-images.githubusercontent.com/115237/208496795-ce8734a0-f109-47b7-8eb8-96931e867b23.png">
<img width="607" alt="Screenshot 2022-12-19 at 19 41 04"
src="https://user-images.githubusercontent.com/115237/208496797-2ff68197-f520-4174-927e-ead15addd63e.png">

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-09 13:42:18 +08:00
Brecht Van Lommel
87261f3fb9
Fix blame view missing lines (#22826)
Creating a new buffered reader for every part of the blame can miss
lines, as it will read and buffer bytes that the next buffered reader
will not get.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-09 11:51:02 +08:00
John Olheiser
4dd7d61ac8
Load issue before accessing index in merge message (#22822)
Fixes #22821

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-02-09 10:47:52 +08:00
Michal
5ae07d4c2f
include build info in Prometheus metrics (#22819)
Related to: https://github.com/go-gitea/gitea/issues/18061

This PR adds build info to the Prometheus metrics. This includes:
- goarch: https://pkg.go.dev/runtime#GOARCH
- goos: https://pkg.go.dev/runtime#pkg-constants
- goversion: https://pkg.go.dev/runtime#Version
- gitea version: just exposes the existing
code.gitea.io/gitea/modules/setting.AppVer

It's a similar approach to what some other Golang projects are doing,
e.g. Prometheus:
https://github.com/prometheus/common/blob/main/version/info.go

example /metrics response from Prometheus:
```
# HELP prometheus_build_info A metric with a constant '1' value labeled by version, revision, branch, goversion from which prometheus was built, and the goos and goarch for the build.
# TYPE prometheus_build_info gauge
prometheus_build_info{branch="HEAD",goarch="amd64",goos="linux",goversion="go1.19.4",revision="c0d8a56c69014279464c0e15d8bfb0e153af0dab",version="2.41.0"} 1
```

/metrics response from gitea with this PR:
```
# HELP gitea_build_info Build information
# TYPE gitea_build_info gauge
gitea_build_info{goarch="amd64",goos="linux",goversion="go1.20",version="2c6cc0b8c"} 1
```

Signed-off-by: Michal Wasilewski <mwasilewski@gmx.com>

<!--

Please check the following:

1. Make sure you are targeting the `main` branch, pull requests on
release branches are only allowed for bug fixes.
2. Read contributing guidelines:
https://github.com/go-gitea/gitea/blob/main/CONTRIBUTING.md
3. Describe what your pull request does and which issue you're targeting
(if any)

-->

Signed-off-by: Michal Wasilewski <mwasilewski@gmx.com>
2023-02-08 19:54:01 +02:00
Jason Song
7d3c4c3e8a
Fix rerun button of Actions (#22798)
When clicking the return button, the page should be refreshed. However,
the browser may cancel the previous fetch request, and it fails to rerun
the job. It's easier to reproduce the bug in Safari or Firefox than
Chrome for some reason.

<img width="384" alt="image"
src="https://user-images.githubusercontent.com/9418365/217142792-a783f9a1-7089-44db-b7d8-46c46c72d284.png">


<img width="752" alt="image"
src="https://user-images.githubusercontent.com/9418365/217132406-b8381b63-b323-474e-935b-2596b1b5c046.png">
2023-02-08 15:55:57 +08:00
KN4CK3R
e8186f1c0f
Map OIDC groups to Orgs/Teams (#21441)
Fixes #19555

Test-Instructions:
https://github.com/go-gitea/gitea/pull/21441#issuecomment-1419438000

This PR implements the mapping of user groups provided by OIDC providers
to orgs teams in Gitea. The main part is a refactoring of the existing
LDAP code to make it usable from different providers.

Refactorings:
- Moved the router auth code from module to service because of import
cycles
- Changed some model methods to take a `Context` parameter
- Moved the mapping code from LDAP to a common location

I've tested it with Keycloak but other providers should work too. The
JSON mapping format is the same as for LDAP.


![grafik](https://user-images.githubusercontent.com/1666336/195634392-3fc540fc-b229-4649-99ac-91ae8e19df2d.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-08 14:44:42 +08:00
wxiaoguang
2c6cc0b8c9
Fix links for the menus in the view file page (#22795) 2023-02-08 00:08:44 +08:00
wxiaoguang
d5fa2e7510
Fix restore repo bug, clarify the problem of ForeignIndex (#22776)
Fix #22581

TLDR: #18446 made a mess with ForeignIndex and triggered a design
flaw/bug of #16356, then a quick patch #21271 helped #18446, then the
the bug was re-triggered by #21721 .

Related:
* #16356
* BasicIssueContext
https://github.com/go-gitea/gitea/pull/16356/files#diff-7938eb670d42a5ead6b08121e16aa4537a4d716c1cf37923c70470020fb9d036R16-R27
* #18446 
* If some issues were dumped without ForeignIndex, then they would be
imported as ForeignIndex=0
https://github.com/go-gitea/gitea/pull/18446/files#diff-1624a3e715d8fc70edf2db1630642b7d6517f8c359cc69d58c3958b34ba4ce5eR38-R39
* #21271
* It patched the above bug (somewhat), made the issues without
ForeignIndex could have the same value as LocalIndex
* #21721 
    * It re-triggered the zero-ForeignIndex bug.


ps: I am not sure whether the changes in `GetForeignIndex` are ideal (at
least, now it has almost the same behavior as BasicIssueContext in
#16356), it's just a quick fix. Feel free to edit on this PR directly or
replace it.

Co-authored-by: zeripath <art27@cantab.net>
2023-02-07 09:18:52 +08:00
Peyton Duncan
3ae78bc0a9
Grammar fix (#22790)
Noticed a minor grammatical error.
2023-02-06 16:05:59 -06:00
Lunny Xiao
769be877f2
Use link in UI which returned a relative url but not html_url which contains an absolute url (#21986)
partially fix #19345

This PR add some `Link` methods for different objects. The `Link`
methods are not different from `HTMLURL`, they are lack of the absolute
URL. And most of UI `HTMLURL` have been replaced to `Link` so that users
can visit them from a different domain or IP.

This PR also introduces a new javascript configuration
`window.config.reqAppUrl` which is different from `appUrl` which is
still an absolute url but the domain has been replaced to the current
requested domain.
2023-02-06 12:09:18 -06:00
John Olheiser
189d5b7045
Add repo adoption to FAQ (#22778)
This should be a simple set of steps to achieve
repo adoption.
2023-02-06 10:20:20 -06:00
KN4CK3R
f8c1e14a13
Use import of OCI structs (#22765)
Fixes #22758

Otherwise we would need to rewrite the structs in `oci.go`.
2023-02-06 10:07:09 +00:00
John Olheiser
361d807274
Update gogs upgrade information (#22777)
It seems that migrating from Gogs `0.12.x` and above may require more
work as time goes on and the projects continue to diverge.

This PR updates the docs to make it more clear.

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2023-02-06 14:37:18 +08:00
Adi
c13eb8e6b3
Add CLI option tenant ID for oauth2 source (#22769)
Fixes #22713
2023-02-05 22:12:13 -06:00
wxiaoguang
50111c71c3
Refactor legacy strange git operations (#22756)
During the refactoring of the git module, I found there were some
strange operations. This PR tries to fix 2 of them

1. The empty argument `--` in repo_attribute.go, which was introduced by
#16773. It seems unnecessary because nothing else would be added later.
2. The complex git service logic in repo/http.go. 
* Before: the `hasAccess` only allow `service == "upload-pack" ||
service == "receive-pack"`
* After: unrelated code is removed. No need to call ToTrustedCmdArgs
anymore.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 10:23:17 +08:00
KN4CK3R
d987ac6bf1
Add Chef package registry (#22554)
This PR implements a [Chef registry](https://chef.io/) to manage
cookbooks. This package type was a bit complicated because Chef uses RSA
signed requests as authentication with the registry.


![grafik](https://user-images.githubusercontent.com/1666336/213747995-46819fd8-c3d6-45a2-afd4-a4c3c8505a4a.png)


![grafik](https://user-images.githubusercontent.com/1666336/213748145-d01c9e81-d4dd-41e3-a3cc-8241862c3166.png)

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 09:49:21 +08:00
techknowlogick
ff18d17442
use drone secrets for s3 config (#22770) 2023-02-05 16:42:48 -05:00
yp05327
c07199f9ab
remove update language in ProfilePost (#22748)
Fixes https://github.com/go-gitea/gitea/issues/22703

Change language has been moved to `UpdateUserLang`

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-06 00:06:26 +08:00
Jason Song
d74d16a4b1
Set PR for issue when load attributes for PRs (#22766)
A missing patch for #22650.
2023-02-05 08:24:43 -06:00
Jason Song
c18a62279a
Fix time to NotifyPullRequestSynchronized (#22650)
Should call `PushToBaseRepo` before
`notification.NotifyPullRequestSynchronized`.

Or the notifier will get an old commit when reading branch
`pull/xxx/head`.

Found by ~#21937~ #22679.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-05 19:57:38 +08:00
KN4CK3R
df789d962b
Add Cargo package registry (#21888)
This PR implements a [Cargo registry](https://doc.rust-lang.org/cargo/)
to manage Rust packages. This package type was a little bit more
complicated because Cargo needs an additional Git repository to store
its package index.

Screenshots:

![grafik](https://user-images.githubusercontent.com/1666336/203102004-08d812ac-c066-4969-9bda-2fed818554eb.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102141-d9970f14-dca6-4174-b17a-50ba1bd79087.png)

![grafik](https://user-images.githubusercontent.com/1666336/203102244-dc05743b-78b6-4d97-998e-ef76341a978f.png)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-05 18:12:31 +08:00
ByLCY
7baeb9c52a
Add new captcha: cloudflare turnstile (#22369)
Added a new captcha(cloudflare turnstile) and its corresponding
document. Cloudflare turnstile official instructions are here:
https://developers.cloudflare.com/turnstile

Signed-off-by: ByLCY <bylcy@bylcy.dev>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
2023-02-05 15:29:03 +08:00
yp05327
e35f8e15a6
add default user visibility to cli command "admin user create" (#22750)
Fixes https://github.com/go-gitea/gitea/issues/22523
2023-02-04 17:35:04 +00:00
Lunny Xiao
8574a6433f
Show all projects, not just repo projects and open/closed projects (#22640)
This PR fixes two problems. One is when filter repository issues, only
repository level projects are listed. Another is if you list open
issues, only open projects will be displayed in filter options and if
you list closed issues, only closed projects will be displayed in filter
options.

In this PR, both repository level and org/user level projects will be
displayed in filter, and both open and closed projects will be listed as
filter items.

---------

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2023-02-04 22:35:08 +08:00
delvh
4d20a4a1ba
Remove ONLY_SHOW_RELEVANT_REPOS setting (#21962)
Every user can already disable the filter manually, so the explicit
setting is absolutely useless and only complicates the logic.

Previously, there was also unexpected behavior when multiple query
parameters were present.

---------

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-02-04 21:26:38 +08:00
wxiaoguang
ea13b23349
Escape path for the file list (#22741)
Fix #22740
2023-02-04 10:30:55 +00:00
techknowlogick
2741546bed
Repositories: by default disable all units except code and pulls on forks (#22541)
Most of the time forks are used for contributing code only, so not
having
issues, projects, release and packages is a better default for such
cases.
They can still be enabled in the settings.

A new option `DEFAULT_FORK_REPO_UNITS` is added to configure the default
units on forks.

Also add missing `repo.packages` unit to documentation.

code by: @brechtvl

## ⚠️ BREAKING ⚠️ 

When forking a repository, the fork will now have issues, projects,
releases, packages and wiki disabled. These can be enabled in the
repository settings afterwards. To change back to the previous default
behavior, configure `DEFAULT_FORK_REPO_UNITS` to be the same value as
`DEFAULT_REPO_UNITS`.

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2023-02-04 14:48:38 +08:00