Commit graph

4057 commits

Author SHA1 Message Date
Giteabot
2138661dae
fix orphan check for deleted branch (#27310) (#27320)
Backport #27310 by @earl-warren

- Modify the deleted branch orphan check to check for the new table
instead.
- Regression from 6e19484f4d
- Resolves https://codeberg.org/forgejo/forgejo/issues/1522

(cherry picked from commit c1d888686f)

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-09-28 11:16:05 +08:00
Giteabot
4b37eb2c23
Fix PushEvent NullPointerException jenkinsci/github-plugin (#27203) (#27249)
Backport #27203 by @Nabapadma-sarker

Fixes #27202

Co-authored-by: Nabapadma-sarker <nabapadmacse1991@gmail.com>
2023-09-25 07:02:08 +00:00
KN4CK3R
eae6985b63
Quote table release in sql queries (#27205) (#27219)
Backport of #27205

Fixes #27174

`release` is a reserved keyword in MySql. I can't reproduce the issue on
my setup and we have a test for that code but it seems there can be
setups where it fails.
2023-09-24 01:48:50 +03:00
sebastian-sauer
d8b39324d7
Load reviewer before sending notification (#27063) (#27064)
Fixes #27035
2023-09-13 15:32:58 -05:00
Lunny Xiao
9df573bddc
Fix context cache bug & enable context cache for dashabord commits' authors(#26991) (#27017)
backport #26991 

Unfortunately, when a system setting hasn't been stored in the database,
it cannot be cached.
Meanwhile, this PR also uses context cache for push email avatar display
which should avoid to read user table via email address again and again.

According to my local test, this should reduce dashboard elapsed time
from 150ms -> 80ms .
2023-09-13 15:15:00 +08:00
wxiaoguang
b0a405c5fa
Use secure cookie for HTTPS sites (#26999) (#27013)
Backport #26999

If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.

And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.
2023-09-11 09:59:00 +00:00
Giteabot
da7d7e60d8
Fix INI parsing for value with trailing slash (#26995) (#27001)
Backport #26995 by @wxiaoguang

Fix #26977 (a temp fix)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-10 20:52:25 +02:00
wxiaoguang
e8da63c24e
Avoid double-unescaping of form value (#26853) (#26863)
Backport #26853

The old `prepareQueryArg` did double-unescaping of form value.
2023-09-01 21:15:00 +08:00
Giteabot
41bae29f84
check blocklist for emails when adding them to account (#26812) (#26831)
Backport #26812 by @techknowlogick

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2023-08-31 00:52:19 +00:00
Giteabot
c3d323fd85
Add fix incorrect can_create_org_repo for org owner team (#26683) (#26791)
Backport #26683 by @yp05327

Related to: #8312 #26491

In migration v109, we only added a new column `CanCreateOrgRepo` in Team
table, but not initial the value of it.
This may cause bug like #26491.

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-29 21:26:40 +00:00
Giteabot
4013f3f600
Fix some slice append usages (#26778) (#26798)
Backport #26778 by @harryzcy

Co-authored-by: Chongyi Zheng <git@zcy.dev>
Co-authored-by: delvh <dev.lh@web.de>
2023-08-29 16:13:24 +00:00
Lunny Xiao
b159ebbab7
Use docs.gitea.com instead of docs.gitea.io (#26769)
backport #26739
2023-08-28 19:58:16 +08:00
Giteabot
a4b14638b5
Use correct minio error (#26634) (#26639)
Backport #26634 by @delvh

Previously, `err` was defined above, checked for `err == nil` and used
nowhere else.
Hence, the result of `convertMinioErr` would always be `nil`.
This leads to a NPE further down the line.
That is not intentional, it should convert the error of the most recent
operation, not one of its predecessors.

Found through
https://discord.com/channels/322538954119184384/322538954119184384/1143185780206993550.

Co-authored-by: delvh <dev.lh@web.de>
2023-08-21 16:51:30 +00:00
Giteabot
fe78aabc67
Add branch_filter to hooks API endpoints (#26599) (#26632)
Backport #26599 by @yardenshoham

We now include the branch filler in the response.

- Closes #26591 

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
2023-08-21 12:17:19 +00:00
Giteabot
7da85fa0c3
Sync repo's IsEmpty status correctly (#26517) (#26560)
Backport #26517 by @wxiaoguang

Close #26509

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-17 05:12:14 +00:00
Giteabot
4bdb8dd9cc
Detect ogg mime-type as audio or video (#26494) (#26505)
Backport #26494 by @wxiaoguang

"ogg" is just a "container" format for audio and video.

Golang's `DetectContentType` only reports "application/ogg" for
potential ogg files.

Actually it could do more "guess" to see whether it is a audio file or a
video file.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-15 11:15:26 +08:00
Giteabot
f1c5d33d3e
Fix storage path logic especially for relative paths (#26441) (#26481)
Backport #26441 by @lunny

This PR rewrites the function `getStorage` and make it more clear.

Include tests from #26435, thanks @earl-warren

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Earl Warren <contact@earl-warren.org>
2023-08-13 22:38:18 -04:00
Giteabot
fe1b11b639
Close stdout correctly for "git blame" (#26470) (#26473)
Backport #26470 by @wxiaoguang

Close stdout correctly for "git blame", otherwise the failed "git blame"
would cause the request hanging forever.

And "os.Stderr" should never (seldom) be used as git command's stderr
(there seems some similar problems in code, they could be fixed later).

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-13 16:00:28 +08:00
Giteabot
80d7288ea4
Remove last newline from config file (#26468) (#26471)
Backport #26468 by @wxiaoguang

When users put the secrets into a file (GITEA__sec__KEY__FILE), the
newline sometimes is different to avoid (eg: echo/vim/...)

So the last newline could be removed when reading, it makes the users
easier to maintain the secret files.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-13 00:19:33 +08:00
Giteabot
2d1202b32c
Check first if minio bucket exists before trying to create it (#26420) (#26465)
Backport #26420 by @lunny

For some reason, the permission of the client_id and secret may cannot
create bucket, so now we will check whether bucket does exist first and
then try to create a bucket if it doesn't exist.

Try to fix #25984

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-08-12 09:00:51 +00:00
Giteabot
981ab48503
minio: add missing region on client initialization (#26412) (#26438)
Backport #26412 by @nekrondev

The MinIO client isn't redirecting to the correct AWS endpoint if a
non-default data center is used.

In my use case I created an AWS bucket at `eu-central-1` region. Because
of the missing region initialization of the client the default
`us-east-1` API endpoint is used returning a `301 Moved Permanently`
response that's not handled properly by MinIO client. This in return
aborts using S3 storage on AWS as the `BucketExists()` call will fail
with the http moved error.

MinIO client trace shows the issue:

```text
---------START-HTTP---------
HEAD / HTTP/1.1
Host: xxxxxxxxxxx-prod-gitea-data.s3.dualstack.us-east-1.amazonaws.com
User-Agent: MinIO (windows; amd64) minio-go/v7.0.61
Authorization: AWS4-HMAC-SHA256 Credential=**REDACTED**/20230809/accesspoint.eu-central-1/s3/aws4_request, SignedHeaders=host;x-amz-content-sha256;x-amz-date, Signature=**REDACTED**
X-Amz-Content-Sha256: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
X-Amz-Date: 20230809T141143Z

HTTP/1.1 301 Moved Permanently
Connection: close
Content-Type: application/xml
Date: Wed, 09 Aug 2023 14:11:43 GMT
Server: AmazonS3
X-Amz-Bucket-Region: eu-central-1
X-Amz-Id-2: UK7wfeYi0HcTcytNvQ3wTAZ5ZP1mOSMnvRZ9Fz4xXzeNsS47NB/KfFx2unFxo3L7XckHpMNPPVo=
X-Amz-Request-Id: S1V2MJV8SZ11GEVN
---------END-HTTP---------
```

Co-authored-by: nekrondev <heiko@noordsee.de>
Co-authored-by: Heiko Besemann <heiko.besemann@qbeyond.de>
2023-08-10 14:11:22 +00:00
wxiaoguang
8ad331c9d2
Fix admin queue page title and fix CI failures (#26409) (#26421)
Backport #26409

* Fix #26408
* Bypass the data race issue in "ssh" package
2023-08-10 11:04:48 +02:00
Giteabot
2d1a7e1cd4
Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392) (#26405)
Backport #26392 by @wxiaoguang

Fix #26389

And complete an old TODO: `ctx.Params does un-escaping,..., which is
incorrect.`

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-09 07:31:44 +00:00
wxiaoguang
fa431b377d
Fix incorrect CLI exit code and duplicate error message (#26346) (#26347)
Backport #26346

Follow the CLI refactoring, and add tests.
2023-08-05 23:37:04 +08:00
Giteabot
3e9475b3b2
Prevent newline errors with Debian packages (#26332) (#26342)
Backport #26332 by @KN4CK3R

Fixes #26313

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-08-05 11:41:30 +02:00
Giteabot
9451781ebe
Make git batch operations use parent context timeout instead of default timeout (#26325) (#26330)
Backport #26325 by @wxiaoguang

Fix #26064

Some git commands should use parent context, otherwise it would exit too
early (by the default timeout, 10m), and the "cmd.Wait" waits till the
pipes are closed.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-04 15:44:25 +02:00
Giteabot
88f6f7579c
Fix the wrong derive path (#26271) (#26318)
Backport #26271 by @lunny

This PR will fix #26264, caused by #23911.

The package configuration derive is totally wrong when storage type is
local in that PR.

This PR fixed the inherit logic when storage type is local with some
unit tests.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-04 06:24:13 +00:00
Giteabot
a57568bad7
Support getting changed files when commit ID is EmptySHA (#26290) (#26316)
Backport #26290 by @Zettat123

Fixes #26270.

Co-Author: @wxiaoguang 

Thanks @lunny for providing this solution

As
https://github.com/go-gitea/gitea/issues/26270#issuecomment-1661695151
said, at present we cannot get the names of changed files correctly when
the `OldCommitID` is `EmptySHA`. In this PR, the `GetCommitFilesChanged`
method is added and will be used to get the changed files by commit ID.

References:
- https://stackoverflow.com/a/424142

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-04 03:27:45 +00:00
Giteabot
a758337046
Clarify the logger's MODE config option (#26267) (#26281)
Backport #26267 by @wxiaoguang

1. Fix the wrong document (add the missing `MODE=`)
2. Add a more friendly log message to tell users to add `MODE=` in their
config

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-02 01:08:28 +02:00
Giteabot
499c5594c3
Fix allowed user types setting problem (#26200) (#26206)
Backport #26200 by @lunny

Fix #25951

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-29 14:42:40 +08:00
Giteabot
892e24aaf1
Calculate MAX_WORKERS default value by CPU number (#26177) (#26183) 2023-07-27 19:24:07 +08:00
Lunny Xiao
c598741f01
Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154)
backport #26094 
Temporily resolve #25915
Related #25994

This PR includes #26007 's changes but have a UI to prompt administrator
about the deprecated settings as well as the log or console warning.
Then users will have enough time to notice the problem and don't have
surprise like before.

<img width="1293" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/c33355f0-1ea7-4fb3-ad43-cd23cd15391d">
2023-07-26 09:22:39 +00:00
Giteabot
782b137682
Fix incorrect router logger (#26137) (#26143)
Backport #26137 by @wxiaoguang

A low-level mistake:

* `log.Info` is global `Info` function, which calls "default" logger
* `logger.Info` is the for router's logger

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-26 08:37:43 +08:00
Giteabot
e2596b0a99
Avoid writing config file if not installed (#26107) (#26113)
Backport #26107 by @wxiaoguang

Just like others (oauth2 secret, internal token, etc), do not generate
if no install lock

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-25 13:31:50 +08:00
Giteabot
a424f6d4f8
Fix handling of Debian files with trailing slash (#26087) (#26098)
Backport #26087 by @KN4CK3R

Fixes #26022

- Fix handling of files with trailing slash
- Fix handling of duplicate package file errors
- Added test for both

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-07-24 14:56:13 +00:00
Giteabot
8d9193680d
Use stderr as fallback if the log file can't be opened (#26074) (#26083)
Backport #26074 by @wxiaoguang

If the log file can't be opened, what should it do? panic/exit? ignore
logs? fallback to stderr?

It seems that "fallback to stderr" is slightly better than others ....
2023-07-24 05:58:16 +00:00
Giteabot
8b002b429d
Adding remaining enum for migration repo model type. (#26021) (#26034)
Backport #26021 by @puni9869

Fixes: https://github.com/go-gitea/gitea/issues/26010

Adding remaining enum for migration repo model type.

Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
2023-07-21 08:54:43 +02:00
Giteabot
4d5e3b9372
Fix env config parsing for "GITEA____APP_NAME" (#26001) (#26013)
Backport #26001 by @wxiaoguang

Regression of #24832 

Fix the bug and add a test for it

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-20 11:56:36 +02:00
Giteabot
ee47face12
Update path related documents (#25417) (#25982)
Backport #25417 by @wxiaoguang

Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.


![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-19 09:48:54 +00:00
wxiaoguang
5c3662b902
Avoid creating directories when loading config (#25944) (#25957)
Backport #25944

The "creating dir/file during load config" is a longstanding and complex
problem.

This PR only does a quick patch, it still needs more refactorings in the
future.

Fix #25938
2023-07-18 20:24:07 +00:00
KN4CK3R
ab54310731
Disallow dangerous URL schemes (#25960) (#25964)
Regression: https://github.com/go-gitea/gitea/pull/24805
Closes: #25945

- Disallow `javascript`, `vbscript` and `data` (data uri images still
work) url schemes even if all other schemes are allowed
- Fixed older `cbthunderlink` tests

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-07-18 19:48:52 +00:00
Giteabot
9369b38315
Skip unuseful error message in dev mode when watching local filesystem (#25919) (#25927)
Backport #25919 by @wxiaoguang

Before, in dev mode, there might be some error logs like:

```
2023/07/17 13:54:51 ...s/assetfs/layered.go:221:WatchLocalChanges() [E] Unable to watch directory .: lstat /data/work/gitea/custom/templates: no such file or directory

```

Because there is no "custom/templates" directory.

After: ignore such error, no such error message anymore.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-17 10:26:29 +00:00
Giteabot
6e82d0bb7c
Add shutting down notice (#25920) (#25922)
Backport #25920 by @KN4CK3R

Got the same problem as #25915 when updating an instance. The
`log.Fatal` should have been marked as breaking in #23911.

This PR adds a notice that the system is shutting down because of the
deprecated setting.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-07-17 09:44:10 +00:00
Giteabot
45b1f4dd3b
Add support for different Maven POM encoding (#25873) (#25890)
Backport #25873 by @KN4CK3R

Fixes #25853

- Maven POM files aren't always UTF-8 encoded.
- Reject the upload of unparsable POM files

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-07-14 10:27:15 +00:00
Zettat123
c1a10be07e
Fix activity type match in matchPullRequestEvent (#25746) (#25796)
Backport #25746

Fix #25736
Caused by #24048

Right now we only check the activity type for `pull_request` event when
`types` is specified or there are no `types` and filter. If a workflow
only specifies filters but no `types` like this:
```
on:
  pull_request:
    branches: [main]
```
the workflow will be triggered even if the activity type is not one of
`[opened, reopened, sync]`. We need to check the activity type in this
case.
2023-07-11 06:42:07 +00:00
wxiaoguang
b4460cf541
Make "install page" respect environment config (#25648) (#25799)
Backport #25648

Replace #25580

Fix #19453

The problem was: when users set "GITEA__XXX__YYY" , the "install page"
doesn't respect it.

So, to make the result consistent and avoid surprising end users, now
the "install page" also writes the environment variables to the config
file.

And, to make things clear, there are enough messages on the UI to tell
users what will happen.

There are some necessary/related changes to `environment-to-ini.go`:

* The "--clear" flag is removed and it was incorrectly written there.
The "clear" operation should be done if INSTALL_LOCK=true
* The "--prefix" flag is removed because it's never used, never
documented and it only causes inconsistent behavior.

The only conflict during backport is "ui divider" in
templates/install.tmpl
2023-07-10 11:51:05 +00:00
Giteabot
372b622c2b
Revert package access change from #23879 (#25707) (#25785)
Backport #25707 by @KN4CK3R

Fixes (?) #25538
Fixes https://codeberg.org/forgejo/forgejo/issues/972

Regression #23879

#23879 introduced a change which prevents read access to packages if a
user is not a member of an organization.

That PR also contained a change which disallows package access if the
team unit is configured with "no access" for packages. I don't think
this change makes sense (at the moment). It may be relevant for private
orgs. But for public or limited orgs that's useless because an
unauthorized user would have more access rights than the team member.
This PR restores the old behaviour "If a user has read access for an
owner, they can read packages".

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-07-09 21:00:42 +00:00
silverwind
24e64fe372
Replace interface{} with any (#25686) (#25687)
Same perl replacement as https://github.com/go-gitea/gitea/pull/25686
but for 1.20 to ease future backporting.
2023-07-04 23:41:32 -04:00
Giteabot
24cf06592e
Restrict [actions].DEFAULT_ACTIONS_URL to only github or self (#25581) (#25604)
Backport #25581 by @wolfogre

Resolve #24789

## ⚠️ BREAKING ⚠️

Before this, `DEFAULT_ACTIONS_URL` cound be set to any custom URLs like
`https://gitea.com` or `http://your-git-server,https://gitea.com`, and
the default value was `https://gitea.com`.

But now, `DEFAULT_ACTIONS_URL` supports only
`github`(`https://github.com`) or `self`(the root url of current Gitea
instance), and the default value is `github`.

If it has configured with a URL, an error log will be displayed and it
will fallback to `github`.

Actually, what we really want to do is always make it
`https://github.com`, however, this may not be acceptable for some
instances of internal use, so there's extra support for `self`, but no
more, even `https://gitea.com`.

Please note that `uses: https://xxx/yyy/zzz` always works and it does
exactly what it is supposed to do.

Although it's breaking, I belive it should be backported to `v1.20` due
to some security issues.

Follow-up on the runner side:

- https://gitea.com/gitea/act_runner/pulls/262
- https://gitea.com/gitea/act/pulls/70

Co-authored-by: Jason Song <i@wolfogre.com>
2023-06-30 07:53:00 +00:00
wxiaoguang
e6f62eea70
Do not prepare oauth2 config if it is not enabled, do not write config in some sub-commands (#25567) (#25576)
Backport #25567

Ref:

* https://github.com/go-gitea/gitea/issues/25377#issuecomment-1609757289

And some sub-commands like "generate" / "docs", they do not need to use
the ini config
2023-06-29 06:30:40 +02:00