Commit graph

124 commits

Author SHA1 Message Date
Gusted
4383da91bd
[SECURITY] Notify users about account security changes
- Currently if the password, primary mail, TOTP or security keys are
changed, no notification is made of that and makes compromising an
account a bit easier as it's essentially undetectable until the original
person tries to log in. Although other changes should be made as
well (re-authing before allowing a password change), this should go a
long way of improving the account security in Forgejo.
- Adds a mail notification for password and primary mail changes. For
the primary mail change, a mail notification is sent to the old primary
mail.
- Add a mail notification when TOTP or a security keys is removed, if no
other 2FA method is configured the mail will also contain that 2FA is
no longer needed to log into their account.
- `MakeEmailAddressPrimary` is refactored to the user service package,
as it now involves calling the mailer service.
- Unit tests added.
- Integration tests added.
2024-07-23 18:31:47 +02:00
Earl Warren
ded237ee77 Merge pull request '[gitea] week 2024-30 cherry pick (gitea/main -> forgejo)' (#4607) from algernon/wcp/2024-30 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4607
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-23 16:01:28 +00:00
Gergely Nagy
0792f81e04
Add a release note for cherry-picked features
This adds a release note file for features cherry picked during the
2024-30 weekly gitea->forgejo cherry pick.

Thanks @earl-warren for the notes themselves!

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
2024-07-22 15:46:01 +02:00
0ko
78a0ca1c9d feat: allow .webp attachments by default 2024-07-21 13:01:08 +05:00
Gusted
d731dc793b
[UI] Convert milestone to HTMX
- Currently if you want to update the milestone of an issue or pull
request, your whole page will be reloaded to reflect the newly set
milestone. This is quite unecessary, as only the milestone text is
updated and a new timeline event is added.
- This patch converts the milestone section in the issue/pull request
sidebar to use HTMX, so it becomes a progressive element and avoids
reloading the whole page to update the milestone.
- The update of the milestone section itself is quite straightforward
and nothing special is happening. To support adding new timeline events,
a new element `#insert-timeline` is conviently placed after the last
timeline event, which can be used with
[`hx-swap-oob`](https://htmx.org/attributes/hx-swap-oob/) to position
new timeline events before that element.
- Adds E2E test.
2024-07-17 14:52:00 +02:00
Earl Warren
573ba5e9ac Merge pull request 'docs(release-notes): proofread multiline release-notes files' (#4515) from earl-warren/forgejo:wip-release-notes into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4515
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-07-15 19:24:00 +00:00
Earl Warren
c0f20a4e0a
docs(release-notes): proofread multiline release-notes files
It is not yet possible to manually edit them in the release notes
because the release notes assistant does not support that.
2024-07-15 21:22:56 +02:00
Gusted
45341ee9ce
[CHORE] Use github.com/ProtonMail/go-crypto
- We were previously using `github.com/keybase/go-crypto`, because the
package for openpgp by Go itself is deprecated and no longer
maintained. This library provided a maintained version of the openpgp
package. However, it hasn't seen any activity for the last five years,
 and I would therefore consider this also unmaintained.
- This patch switches the package to `github.com/ProtonMail/go-crypto`
which provides a maintained version of the openpgp package and was
already being used in the tests.
- Adds unit tests, I've carefully checked the callstacks to ensure the
OpenPGP-related code was covered under either a unit test or integration
tests to avoid regression, as this can easily turn into security
vulnerabilities if a regression happens here.
- Small behavior update, revocations are now checked correctly instead
of checking if they merely exist and the expiry time of a subkey is used
if one is provided (this is just cosmetic and doesn't impact security).
- One more dependency eliminated :D
2024-07-15 17:27:37 +02:00
Earl Warren
1171069ced
docs(release-notes): flatten release-notes files
It is not for the developer to keep them sorted in a hierarchy when
the release they belong to can be deduced from the tag of the release
into which they were merged. The release notes assistant does that
work instead.

Some files appeared in more than one directory (feat and fix for
instance) when the PR contains multiple unrelated commits which is
what happens on a regular basis with the weekly cherry-pick of
Gitea. Those files were merged into one and each line changed to start
with a conventional commit prefix (feat: fix:).

Each line in a file will be a separate line in the release notes, they
are not groupped together even when they relate to the same PR. The
determination of the category in which they should be displayed will
be based on regular expressions using either the PR title or the line
to add to the release notes itself.

Unify the content of each file to either be a bullet list of
independent pull requests or be folded into a single line if it is
multiline. Multiline content belongs to the documentation.

Refs: https://code.forgejo.org/forgejo/release-notes-assistant
Refs: https://www.conventionalcommits.org/en/v1.0.0/
2024-07-11 14:20:34 +02:00
Xavier Vello
147ae2c5be Fix opengraph meta for wiki pages (#4427)
Fixes https://codeberg.org/forgejo/forgejo/issues/4417 by adding a conditional branch to the `head_opengraph` template to match wiki pages. I tried to be consistent with the other types:

- `og:title` is the wiki page title
- `og:url` is built via `{{AppUrl}}{{.Link}}` like it is done for commit and file views. This has the caveat of doubling the slash (see test below). Should we `{{trimSuffix "/" AppUrl}}` to remove this, if sprig is available?
- `og:description` is the repository description to match GH behaviour. Also, the first sentences of the page might not be descriptive enough. Should we prefix the repo description with the repo name?
- `og:type` and `og:image` are common

Added a `TestOpenGraphProperties` integration test using existing fixtures. Coverage is not 100% but can be improved later.

## Output on a test repo

```html
<meta property="og:title" content="Project architecture">
<meta property="og:url" content="http://localhost:3000//xvello/wiki-test/wiki/Project-architecture">
<meta property="og:description" content="description for a test project">
<meta property="og:type" content="object">
<meta property="og:image" content="http://localhost:3000/avatars/3dd4d1e4eef065d1b4ad4bdb081ab6e7">
```

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4427
Co-authored-by: Xavier Vello <xavier.vello@gmail.com>
Co-committed-by: Xavier Vello <xavier.vello@gmail.com>
2024-07-10 18:29:35 +00:00
Earl Warren
9b8622bc58 Merge pull request 'docs(release-notes): fix artifact range requests [skip ci]' (#4443) from earl-warren/forgejo:wip-release-notes into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4443
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-07-10 18:27:03 +00:00
Earl Warren
52775aa66a
docs(release-notes): fix artifact range requests
Refs: https://codeberg.org/forgejo/forgejo/pulls/4218
2024-07-10 08:52:06 +02:00
Earl Warren
436f8fda07 Merge pull request 'Make user privacy settings more clear' (#4439) from 0ko/forgejo:ui-settings-activity into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4439
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-10 06:09:52 +00:00
Earl Warren
2d85d51879 docs(release-notes): for pull requests #4400, #4375 [skip ci] (#4442)
Refs: https://codeberg.org/forgejo/forgejo/pulls/4400
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4442
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Earl Warren <contact@earl-warren.org>
Co-committed-by: Earl Warren <contact@earl-warren.org>
2024-07-10 05:14:16 +00:00
0ko
29a1c786a3 ui(settings): make user privacy settings more clear 2024-07-10 10:07:23 +05:00
Earl Warren
e2d09101d4
docs(release-notes): display URLs in .sh-session files 2024-07-09 08:24:46 +02:00
Gusted
70a7d6a0de
[ENHANCEMENT] Improve caching of contributor stats
- It was noticed [in the Forgejo matrix channel](https://matrix.to/#/!qjPHwFPdxhpLkXMkyP:matrix.org/$vk78UR0eFCwQMDMTZ7-DWjMVB_LIAwHW6SkjhEcGkQQ?via=matrix.org) that the generation of the Forgejo project contributor stats was taking quite a while on codeberg.org. This was continued with the fact that a few moments later it was once again generating them again; it seemed like they weren't being cached while they were.
- The problem was that the cache TTL is hardcoded to ten minutes and not to the configured TTL. This patch changes that by using the configured TLL for the contributor cache, as this is a computationally heavy operation and should be cached for as long as possible for a good user experience. This doesn't impact the accuracy of this feature because the commit ID of the default branch is used as a cache key.
- Also changed in this patch, is that errors aren't cached and are instead being logged, this is more helpful to the administrator. For the user essentially nothing changed on this side, the contributor stats just looks like it's loading indefinitely.
- Realistically, testing this isn't possible, as the cache library Forgejo currently uses doesn't expose the TTL or expiration time of a key. Manually testing this behavior is quite lengthy, as one of the steps would need to be "wait for ten minutes" and describe how you can notice the data was cached or was just generated, and because you could use different types of cache, it will be quite hard to write down how you could check the TTL of a key for a particular cache (I'm not even sure it's even possible for some).
2024-07-06 21:23:46 +02:00
Earl Warren
4c4aaea26d Merge pull request 'Update dependency katex to v0.16.11' (#4291) from renovate/katex-0.x into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4291
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-07-04 10:19:32 +00:00
Earl Warren
dc0fa915d4
docs(release-notes): 7.0.5 [skip ci] 2024-07-03 21:02:39 +02:00
Earl Warren
4b485825c9
docs(release-notes): KaTeX add support for \emph 2024-07-03 20:38:22 +02:00
Twenty Panda
5561e80b04 fix(hook): ignore unknown push options instead of failing
If a repository has

git config --add push.pushOption submit=".sourcehut/*.yml"

it failed when pushed because of the unknown submit push
option. It will be ignored instead.

Filtering out the push options is done in an earlier stage, when the
hook command runs, before it submits the options map to the private
endpoint.

* move all the push options logic to modules/git/pushoptions
* add 100% test coverage for modules/git/pushoptions

Test coverage for the code paths from which code was moved to the
modules/git/pushoptions package:

* cmd/hook.go:runHookPreReceive
* routers/private/hook_pre_receive.go:validatePushOptions
  tests/integration/git_push_test.go:TestOptionsGitPush runs through
  both. The test verifying the option is rejected was removed and, if
  added again, will fail because the option is now ignored instead of
  being rejected.

* cmd/hook.go:runHookProcReceive
* services/agit/agit.go:ProcReceive
  tests/integration/git_test.go: doCreateAgitFlowPull runs through
  both. It uses variations of AGit related push options.

* cmd/hook.go:runHookPostReceive
* routers/private/hook_post_receive.go:HookPostReceive
  tests/integration/git_test.go:doPushCreate called by TestGit/HTTP/sha1/PushCreate
  runs through both.
  Note that although it provides coverage for this code path it does not use push options.

Fixes: https://codeberg.org/forgejo/forgejo/issues/3651
2024-07-02 21:39:01 +02:00
Earl Warren
c7bb90bc6b Merge pull request '[gitea] week 2024-27 cherry pick (gitea/main -> forgejo)' (#4266) from earl-warren/wcp/2024-27 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4266
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-07-02 08:29:04 +00:00
Danko Aleksejevs
36b6444f34 Remove tab key handling in markdown editor, add toolbar buttons instead, re #4072 #4142 (#4263)
We haven't decided much (to my knowledge), and I've been using the main branch in production (as one does) and found out even I myself rely on Tab sometimes working to move focus and have been caught off guard by it indenting lines instead.

So this removes Tab handling and instead adds two new buttons to the toolbar. The indentation logic is unchanged (other than now focusing the textarea during button handling, to ensure execCommand works, and thus undo history is preserved).

I'm not sure which terminology to use in tooltips. Could also add keyboard shortcuts for the whole toolbar eventually, but as is this is hopefully an better solution to the problems I previously created than un-merging the whole thing :)

<img width="414" alt="Screenshot with two new buttons" src="/attachments/b7af3aa4-a195-48d1-be0a-1559f25dce8e">

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4263
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Danko Aleksejevs <danko@very.lv>
Co-committed-by: Danko Aleksejevs <danko@very.lv>
2024-06-30 13:03:32 +00:00
Shiny Nematoda
8546b01249 [FEAT] branch/tag dropdown for git-grep (#4262)
#3654 introduced support for searching non-default branches and tags.

However, the results page lacked any indicator (aside from the url) on which branch/tag the searcg was performed. A branch dropdown was introduced to the code search page when git-grep is used both as an indicator and as a intrusive way to switch between branches/tags.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4262
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-06-29 06:57:34 +00:00
Earl Warren
a2426e2f90
docs(release-notes): week 2024-27 cherry pick 2024-06-29 08:03:51 +02:00
0ko
28ceec6fad ui: fix wrong string used in a search box (#4258)
Resolves https://codeberg.org/forgejo/forgejo/issues/4256.
Fixes regression caused by https://github.com/go-gitea/gitea/pull/29530/files#diff-b46ae540c8eb41d1ccaa1659489fcc47d72eee4c4f04dc83c5ccf4d6d1a3395eR45.

Preview:
Before - https://codeberg.org/forgejo/forgejo/attachments/d629f2e9-0d07-4719-9250-52d3ba9f4a9e
After - https://codeberg.org/forgejo/forgejo/attachments/6a5f5cb2-124d-4673-a387-8483125a89eb

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4258
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-06-28 16:28:03 +00:00
Mai-Lapyst
51735c415b Add support for workflow_dispatch (#3334)
Closes #2797

I'm aware of https://github.com/go-gitea/gitea/pull/28163 exists, but since I had it laying around on my drive and collecting dust, I might as well open a PR for it if anyone wants the feature a bit sooner than waiting for upstream to release it or to be a forgejo "native" implementation.

This PR Contains:
- Support for the `workflow_dispatch` trigger
- Inputs: boolean, string, number, choice

Things still to be done:
- [x] API Endpoint `/api/v1/<org>/<repo>/actions/workflows/<workflow id>/dispatches`
- ~~Fixing some UI bugs I had no time figuring out, like why dropdown/choice inputs's menu's behave weirdly~~ Unrelated visual bug with dropdowns inside dropdowns
- [x] Fix bug where opening the branch selection submits the form
- [x] Limit on inputs to render/process

Things not in this PR:
- Inputs: environment (First need support for environments in forgejo)

Things needed to test this:
- A patch for https://code.forgejo.org/forgejo/runner to actually consider the inputs inside the workflow.
  ~~One possible patch can be seen here: https://code.forgejo.org/Mai-Lapyst/runner/src/branch/support-workflow-inputs~~
  [PR](https://code.forgejo.org/forgejo/runner/pulls/199)

![image](/attachments/2db50c9e-898f-41cb-b698-43edeefd2573)

## Testing

- Checkout PR
- Setup new development runner with [this PR](https://code.forgejo.org/forgejo/runner/pulls/199)
- Create a repo with a workflow (see below)
- Go to the actions tab, select the workflow and see the notice as in the screenshot above
- Use the button + dropdown to run the workflow
  - Try also running it via the api using the `` endpoint
- ...
- Profit!

<details>
<summary>Example workflow</summary>

```yaml
on:
  workflow_dispatch:
    inputs:
      logLevel:
        description: 'Log Level'
        required: true
        default: 'warning'
        type: choice
        options:
        - info
        - warning
        - debug
      tags:
        description: 'Test scenario tags'
        required: false
        type: boolean
      boolean_default_true:
        description: 'Test scenario tags'
        required: true
        type: boolean
        default: true
      boolean_default_false:
        description: 'Test scenario tags'
        required: false
        type: boolean
        default: false
      number1_default:
        description: 'Number w. default'
        default: '100'
        type: number
      number2:
        description: 'Number w/o. default'
        type: number
      string1_default:
        description: 'String w. default'
        default: 'Hello world'
        type: string
      string2:
        description: 'String w/o. default'
        required: true
        type: string

jobs:
  test:
    runs-on: docker
    steps:
      - uses: actions/checkout@v3
      - run: whoami
      - run: cat /etc/issue
      - run: uname -a
      - run: date
      - run: echo ${{ inputs.logLevel }}
      - run: echo ${{ inputs.tags }}
      - env:
          GITHUB_CONTEXT: ${{ toJson(github) }}
        run: echo "$GITHUB_CONTEXT"
      - run: echo "abc"
```
</details>

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3334
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
Co-committed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
2024-06-28 05:17:11 +00:00
Earl Warren
282dfa1bea Merge pull request 'Clarify author label in tooltip' (#4201) from 0ko/forgejo:ui-author-tooltip into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4201
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-26 08:38:55 +00:00
Renovate Bot
d9b83719d6 Update module github.com/yuin/goldmark to v1.7.4 2024-06-26 06:19:55 +00:00
0ko
0c4716b047 Clarify author label in tooltip 2024-06-25 18:30:06 +05:00
0ko
1496bb6079 Better logic for showing user feed/public activity elements (#4189)
There are a few changes of template logic which defines when which elements should be shown on profile page. The motivation is to have the elements when needed and don't when they're not relevant.

## Changes

### RSS button

Now displayed if:
* feeds are enabled
AND one or more of:
* the current user is an admin
* the current user is viewing their profile
* the activity is publicly available

So, basically in cases when the .rss feed actually contains any events. Before this change this button was constantly shown and was giving an empty feed if it was unavailable.

### Public activity tab

The tab is displayed if:
* the current user is an admin
* the current user is viewing their profile
* the activity is publicly available
* the current tab is this exact tab, for example, in case it was accessed by adding `?tab=activity` to the URL, so that the UI is not broken w/o a highlighted tab

So, this tab is not displayed when it's not going to contain any information, but still can be accessed.

### Banner "This user has disabled the public visibility of the activity."

For admins:
* always show the big blue banner to warn that sharing a screenshot of this publicly is bad idea

For self:
* always display a little note about the current visibility status with a "Change" link

For others:
* only display a little note to explain why the activity is not shown

### Heatmap and activity feed

Elements are only displayed when relevant, instead of keeping empty leftovers, for easier testing. This template change is also covered by test. **Everything in this Changes section is covered by test unless I forgot something.**

## Preview

There's obviously too many states to screenshot, here are highlights:

![](https://codeberg.org/attachments/47559531-9bcd-46c0-90d4-8b51512da752)
_Warning admin for why they're seeing the information_

![](https://codeberg.org/attachments/3107bf62-955b-4fe5-bce3-6305a928afe1)
_Viewing self - private_

![](https://codeberg.org/attachments/afb63ead-fb0b-4fc7-9d8b-c6c09e9ae62b)
_Viewing self - public_

![](https://codeberg.org/attachments/df3c090a-7490-4827-b33b-771fd4fa0a9f)
_Don't have access to the information_

![](https://codeberg.org/attachments/2dd2b0ac-2fe0-4453-aa4b-e91fd08f4411)
_The tab is not shown when the activity can't be accessed_

![](https://codeberg.org/attachments/ed4c61de-b3b7-4523-b92b-bc76e1d8b7c5)
_Can't access the RSS feed_

![](https://codeberg.org/attachments/5a27f2be-d79c-4fb4-85a5-758348398f1b)
_Can access the RSS feed_

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4189
Reviewed-by: Otto <otto@codeberg.org>
2024-06-24 08:19:11 +00:00
Renovate Bot
e91961224d
Update module github.com/yuin/goldmark to v1.7.3 2024-06-24 08:03:18 +02:00
oliverpool
65f8c22cc7 [BUG] admin oauth2 source required check (#4194)
#4059 was unfortunately incomplete: some custom_url fields are currently shown, even if they are not used by the provider. Moreover the `Use Custom URLs Instead of Default URLs` is always checked by default.

Manual testing:
- go to http://localhost:3000/admin/auths
- click on `Add authentication source`
- Choose `Authentication type`: `OAuth2`
- Choose `OAuth2 provider`: `GitLab`
- verify that the `Use Custom URLs Instead of Default URLs` option is **initially unchecked**
- enable the `Use Custom URLs Instead of Default URLs` checkbox
- verify that only the fields "Authorize", "Token" and "Profile" URLs are shown (no "Email URL", nor "Tenant").
- Switch the `OAuth2 provider` to `Azure AD v2`
- verify that the `Use Custom URLs Instead of Default URLs` option is **initially checked**
- verify that only the field "Tenant" is shown (with the default "organizations").

![image](/attachments/0e2b1508-861c-4b0e-ae6a-6eb24ce94911)

Note: this is loosely based on the upstream fix https://github.com/go-gitea/gitea/pull/31246 which I initially overlooked.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4194
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
2024-06-21 06:21:37 +00:00
Earl Warren
328b5d79d3 Merge pull request '[gitea] week 2024-25 cherry pick (gitea/main -> forgejo)' (#4145) from earl-warren/wcp/2024-25 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4145
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-06-18 07:56:20 +00:00
Shiny Nematoda
b5d96e7db7 [FEAT] expose fuzzy search for issues/repo (#4160)
Ports fuzzy search for `/issues` and `/pulls` from gitea.
Adds fuzzy search for `/user/repo/issues` and `/user/repo/pulls`.

---
## Notes
### Port: [`gitea#be5be0ac81`](be5be0ac81)

- CONFLICT (content): Merge conflict in routers/web/user/home.go

Conflict resolved by
  1. keeping both `PageIsOrgIssues` and the newly introduced `IsFuzzy`
  2. using `pager.AddParam(ctx, "fuzzy", "IsFuzzy")` rather than `pager.AddParamString("fuzzy", fmt.Sprintf("%v", isFuzzy))`

- CONFLICT (content): Merge conflict in templates/user/dashboard/issues.tmpl

Conflict resolved by keeping the changes from #4096, and picking the `&fuzzy=${{.IsFuzzy}}` inclusion to all urls and `{{if .PageIsPulls}}...`

### Port: [`gitea#fede3cbada`](fede3cbada)

- CONFLICT (content): Merge conflict in templates/user/dashboard/issues.tmpl

Conflict resolved by keeping previous changes and picking the replacement of `{{if .PageIsPulls}}...` with `{{template "shared/search/combo_fuzzy"...` which contains the replacement of `explorer.go` to `explorer.go_to`

### Fixup commit

replaces `Iif` with `if` which was introduced in gitea#fede3cbada

### Feature commit

adds in support for /user/repo/(issues|pulls) + test

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Kerwin Bryant <kerwin612@qq.com>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4160
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-06-17 18:58:24 +00:00
oliverpool
82ae7460bf [BUG] admin authentication source JS errors (#4059)
While trying to understand #1236, I was quite confused not to see the `Use Custom URLs` checkbox.

This checkbox disappeared in b95a893b22 (because `getElementById` does not expect a `#` as first char), fixed in 4e816e1326086ff0929c028f837f62ba1c747759.

After solving this, switching from `Nextcloud` to `OpenID Connect` triggered a JS error, which is addressed in 3efa4d836a300dc45b3ffece766b2b13539fc47c.

Manual testing:
- go to http://localhost:3000/admin/auths
- click on `Add authentication source`
- Choose `Authentication type`: `OAuth2`
- Choose `OAuth2 provider`: `Nextcloud`
- check that the `Use Custom URLs Instead of Default URLs` checkbox toggles the fields below
- let the checkbox be checked
- Switch the `OAuth2 provider` to `OpenID Connect`
- ensure that no JS error is shown
- Switch the `OAuth2 provider` to `Mastodon`
- check that the fields below `Use Custom URLs Instead of Default URLs` have the right defaults (mastodon.social)

![2024-06-07-101638.png](/attachments/5bd6692e-3457-4dd8-b1c1-50e9a95a3100)

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4059
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: oliverpool <git@olivier.pfad.fr>
Co-committed-by: oliverpool <git@olivier.pfad.fr>
2024-06-17 10:05:59 +00:00
Earl Warren
f3c475eeba Merge pull request 'Fix bug in GetIssueStats' (#4124) from JakobDev/forgejo:statfix into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4124
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-06-16 18:27:50 +00:00
Lunny Xiao
8efef06fb1 fix(repository): git push to an adopted repository fails
Fix adopt repository has empty object name in database (#31333)

Fix #31330
Fix #31311

A workaround to fix the old database is to update object_format_name to
`sha1` if it's empty or null.

(cherry picked from commit 1968c2222dcf47ebd1697afb4e79a81e74702d31)

With tests services/repository/adopt_test.go
2024-06-16 19:06:06 +02:00
0ko
0a026a9cd8 Reorder repo tabs (#4139)
More info in the linked PR.

---

Make positioning of the repo tabs make more sense. This is an isolated implementation for one of many changes discussed in the referenced issue, it will work good without the other changes too.

## Changes

- Actions are moved to the edge. This tab is the least relevant to both visitors and developers. The first don't really need it at all, the second only visit it when something goes unexpected (run did not happen or attached to the wrong event), or just to see the run queue to know when their actions is going to get processed. This is not a tab with always-relevant information.

- put Packages after releases. The Packages are like a download page for Releases, but for released packages instead of binaries/source code. It is relevant to Releases, so it should stay close, but it is secondary to Releases by importance. For example, because they don't actually contain release notes unlike Releases.

- the above makes Projects appear next to Issues and Pull requests which I think is nice as they're related.

## Preview

### v7
https://codeberg.org/attachments/c434e8fd-aaab-4c27-9071-2a3ba68ad4b7

### This PR
https://codeberg.org/attachments/74743c03-883e-40cf-8cb1-384d1d8cf63c

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4139
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
2024-06-16 12:36:41 +00:00
Earl Warren
053eb65a0b
docs(release-notes): week 2024-25 cherry pick
Refs: https://codeberg.org/forgejo/forgejo/pulls/4145
2024-06-16 13:42:59 +02:00
Earl Warren
642501e365
chore(dependency): asciinema-player to v3.8.0 release notes 2024-06-16 07:30:29 +02:00
Shiny Nematoda
53d4e90411 [FEAT] folding results for repo search (#4134)
closes #3855

unlike #3854, this implementation uses a generic details html tag and a bit of tailwind magic...

---
## Maintainers Note
- previously tailwind classes of the form `[-a-zA-Z:0-9_.]` was disabled, however they were enabled since they were required for the `group-open:` classes

---

## Manual Testing
1. Visit the code search results after submitting a valid query for repo (if indexer disabled) or repo, user, explore (if indexer enabled)
2. Verify thst
    1. the results are unfloded/open by default
    2. the chevron points down when open and right when closed

<video src="/attachments/5a55c56f-6159-4422-ab80-962e0121e7d2" title="fold2.mp4" controls></video>

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4134
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-06-15 20:16:18 +00:00
Danko Aleksejevs
221ca0c404 Implement tab indentation and list continuation in the new editor (#3848, #3849) (#4072)
This overrides handling of Tab and Enter keys in the ComboMarkdownEditor, so that:

* Pressing Tab prepending 4 spaces to the line under cursor, or all the lines in the selection.
* Pressing Shift+Tab removes up to 4 spaces.
* Pressing Enter repeats any indentation and a "repeatable" prefix (list or blockquote) from the current line.

Since Tab "capture" can interfere with keyboard navigation, it's only done if there was any previous input in the textarea or if it was selected with a pointer. Additionally, presing Esc will make the textarea lose focus, resuming tab navigation. This seems adequate to me, but I might be wrong.

Had to use the "deprecated" execCommand method, since anything else I tried messes up the undo history. There's a fallback for when (if?) it's actually removed.

Only tested in desktop Firefox and Chrome so far.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4072
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Beowulf <beowulf@noreply.codeberg.org>
Co-authored-by: Danko Aleksejevs <danko@very.lv>
Co-committed-by: Danko Aleksejevs <danko@very.lv>
2024-06-15 13:40:31 +00:00
Earl Warren
b386d23d09
chore(dependency): github.com/yuin/goldmark v1.7.2 release notes 2024-06-15 06:38:04 +02:00
JakobDev
4c90d20c9c
Add release note 2024-06-13 10:29:23 +02:00
Earl Warren
6176063e73
[skip ci] docs(release-notes): 7.0.4 2024-06-13 08:09:27 +02:00
Earl Warren
df373c9f7e Merge pull request '[gitea] week 2024-24 cherry pick (gitea/main -> forgejo)' (#4083) from earl-warren/wcp/2024-24 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4083
Reviewed-by: twenty-panda <twenty-panda@noreply.codeberg.org>
2024-06-11 10:37:26 +00:00
Earl Warren
0cbe402e99
docs(release): week 2024-24 cherry pick
Refs: https://codeberg.org/forgejo/forgejo/pulls/4083
2024-06-11 09:19:09 +02:00
0ko
367317af6c Disable issue subscribe button for guest users (#4095)
* disabled the button itself, but added the tooltip to the form, because it didn't work for the button and likely has something to do with JS
* added an integration test to verify the new logic

## Preview

|Signed in|Guest|
|-|-|
|![](/attachments/b1441565-6aec-4a72-a28f-6383914c8918)|![](/attachments/839cc58e-18cf-4a5d-a9d7-f0e3e2556c98)|

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4095
Reviewed-by: Mai-Lapyst <mai-lapyst@noreply.codeberg.org>
2024-06-11 05:54:35 +00:00
Beowulf
187860bded Fix margin above headline in rendered org-mode (#4076)
This Fixes #3962 by adding `!important` to the margin of the heading in the rendered markdown.

In the current behaviour, the margin-top was always overridden by a global css-rule. This is prevented by this change.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4076
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Beowulf <beowulf@beocode.eu>
Co-committed-by: Beowulf <beowulf@beocode.eu>
2024-06-11 03:34:21 +00:00