Commit graph

17213 commits

Author SHA1 Message Date
Cyborus
a6f2ca8c44 allow empty issues 2024-01-18 13:55:36 -05:00
Earl Warren
c4675549c9
Merge remote-tracking branch 'forgejo/forgejo-development' into forgejo 2024-01-16 21:19:45 +00:00
Earl Warren
7809891ece Merge pull request '[DOCS] RELEASE-NOTES.md (squash) v1.21.4-0 security update' (#2162) from earl-warren/forgejo:wip-release-notes-1.21 into forgejo-development
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2162
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-01-16 21:19:10 +00:00
Earl Warren
7e663e496e
[DOCS] RELEASE-NOTES.md (squash) v1.21.4-0 security
Refs: https://codeberg.org/forgejo/forgejo/issues/2158
2024-01-16 20:49:09 +00:00
Earl Warren
8651aa4c0a
Merge remote-tracking branch 'forgejo/forgejo-development' into forgejo 2024-01-16 17:30:56 +00:00
Earl Warren
515b7f3888 Merge pull request '[DOCS] RELEASE-NOTES.md (squash) v1.21.4-0' (#2159) from earl-warren/forgejo:wip-release-notes-1.21 into forgejo-development
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2159
Reviewed-by: Loïc Dachary <dachary@noreply.codeberg.org>
2024-01-16 17:30:28 +00:00
Earl Warren
5033cd2a43
[DOCS] RELEASE-NOTES.md (squash) v1.21.4-0
Refs: https://codeberg.org/forgejo/forgejo/issues/2158
2024-01-16 16:36:51 +00:00
Earl Warren
629ce952f8
[CI] push forgejo branches to the specified destination (squash) verbose 2024-01-15 19:01:28 +00:00
Earl Warren
691e4f3253
Merge branch 'rebase-forgejo-branding' into forgejo 2024-01-15 18:28:27 +00:00
Earl Warren
e165ff8886
Merge branch 'rebase-forgejo-dependency' into forgejo 2024-01-15 18:28:22 +00:00
Earl Warren
9f0a656854
Merge branch 'rebase-forgejo-moderation' into forgejo 2024-01-15 18:28:16 +00:00
Earl Warren
0033b48653
Merge branch 'rebase-forgejo-i18n' into forgejo 2024-01-15 18:28:09 +00:00
Earl Warren
fed50cf72e
[GITEA] Optionally allow anyone to edit Wikis (squash) AddTokenAuth 2024-01-15 16:56:41 +00:00
Earl Warren
1296f4d115
[GITEA] GET /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments/{comment}
Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 69fcf26dee)
2024-01-15 16:51:46 +00:00
Earl Warren
09db07aeae
[GITEA] API commentAssignment() to verify the id belongs
Instead of repeating the tests that verify the ID of a comment
is related to the repository of the API endpoint, add the middleware
function commentAssignment() to assign ctx.Comment if the ID of the
comment is verified to be related to the repository.

There already are integration tests for cases of potential unrelated
comment IDs that cover some of the modified endpoints which covers the
commentAssignment() function logic.

* TestAPICommentReactions - GetIssueCommentReactions
* TestAPICommentReactions - PostIssueCommentReaction
* TestAPICommentReactions - DeleteIssueCommentReaction
* TestAPIEditComment - EditIssueComment
* TestAPIDeleteComment - DeleteIssueComment
* TestAPIGetCommentAttachment - GetIssueCommentAttachment

The other modified endpoints do not have tests to verify cases of
potential unrelated comment IDs. They no longer need to because they
no longer implement the logic to enforce this. They however all have
integration tests that verify the commentAssignment() they now rely on
does not introduce a regression.

* TestAPIGetComment - GetIssueComment
* TestAPIListCommentAttachments - ListIssueCommentAttachments
* TestAPICreateCommentAttachment - CreateIssueCommentAttachment
* TestAPIEditCommentAttachment - EditIssueCommentAttachment
* TestAPIDeleteCommentAttachment - DeleteIssueCommentAttachment

(cherry picked from commit d414376d74)
2024-01-15 16:51:46 +00:00
Gusted
8602dfa6a2
[GITEA] Fix test TestWebhookProxy with http proxy env
- Unset the http proxies environments for the `TestWebhookProxy`.
- Resolves #2132

(cherry picked from commit 244b9786fc)
2024-01-15 16:51:46 +00:00
Gergely Nagy
2527e09125
[GITEA] Include a branch link in the recently pushed banner
The message telling us that we recently pushed on a branch should
include a link to said branch, not just a "New pull request" button.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit d9662d03a4)
2024-01-15 16:51:45 +00:00
Gergely Nagy
06b808fa2c
[GITEA] Fix the topic search paging
When searching for repository topics, either via the API, or via
Explore, paging did not work correctly, because it only applied when the
`page` parameter was non-zero. Paging should have applied when the page
size is greater than zero, which is what this patch does.

As a result, both the API, and the Explore endpoint will return paged
results (30 by default). As such, when managing topics on the frontend,
the offered completions will also be limited to a pageful of results,
based on what the user has already typed.

This drastically reduces the amount of traffic, and also the number of
the topics to choose from, and thus, the rendering time too.

The topics will be returned by popularity, with most used topics first.
A single page will contain `[api].DEFAULT_PAGING_NUM` (30 by default)
items that match the query. That's plenty to choose from.

Fixes #132.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 64d4ff41db)
2024-01-15 16:51:45 +00:00
Gusted
96dd3e87cf
[GITEA] Log SQL queries when the database return error
- When the database returns an error about the SQL query, the error is
logged but not the SQL query and arguments, which is just as valuable as
the vague deeply hidden documented error that the database returns.
It's possible to log the SQL query by logging **all** SQL queries. For
bigger instances such as Codeberg, this is not a viable option.
- Adds a new hook, enabled by default, to log SQL queries with their
arguments and the error returned by the database when the database
returns an error.
- This likely needs some fine tuning in the future to decide when to
enable this, as the error is already logged and if people have the
`[database].LOG_SQL` option enabled, the SQL would be logged twice. But
given that it's an rare occurence for SQL queries to error, it's fine to
leave that as-is.
- Ref: https://codeberg.org/forgejo/forgejo/issues/1998

(cherry picked from commit 866229bc32)
2024-01-15 16:51:45 +00:00
Gergely Nagy
439fadf563
[GITEA] services: Gracefully handle missing branches
services: in loadOneBranch, return if CountDivergingCommits fail

If we can't count the number of diverging commits for one reason or
another (such as the branch being in the database, but missing from
disk), rather than logging an error and continuing into a crash (because
`divergence` will be nil), return an error instead.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 8266105f24)

services: Gracefully handle missing branches

When loading branches, if loading one fails, log an error, and ignore
the branch, rather than returning and causing an internal server error.

Ideally, we would only ignore the error if it was caused by a missing
branch, and do it silently, like the respective API endpoint does.
However, veryfing that at this place is not very practical, so for the
time being, ignore any and all branch loading errors.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e552a8fd62)

tests: Add a testcase for missing branches

This tests the scenario reported in Codeberg/Community#1408: a branch
that is recorded in the database, but missing on disk was causing
internal server errors. With recent changes, that is no longer the case,
the error is logged and then ignored.

This test case tests this behaviour, that the repo's branches page on
the web UI functions even if the git branch is missing.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e20eb7b385)

tests: More testing in TestDatabaseMissingABranch

In the `TestDatabaseMissingABranch` testcase, make sure that the
branches are in sync between the db and git before deleting a branch via
git, then compare the branch count from the web UI, making sure that it
returns an out-of-sync value first, and the correct one after another
sync.

This is currently tested by scraping the UI, and relies on the fact that
the branch counter is out of date before syncing. If that issue gets
resolved, we'll have to adjust the test to verify the sync another way.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 8c2ccfcece)
2024-01-15 16:51:45 +00:00
Gusted
30d168bcc8
[GITEA] Fix panic in canSoftDeleteContentHistory
- It's possible that `canSoftDeleteContentHistory` is called without
`ctx.Doer` being set, such as an anonymous user requesting the
`/content-history/detail` endpoint.
- Add a simple condition to always set to `canSoftDelete` to false if an
anonymous user is requesting this, this avoids a panic in the code that
assumes `ctx.Doer` is set.
- Added integration testing.

(cherry picked from commit 0b5db0dcc6)
2024-01-15 16:51:45 +00:00
Earl Warren
196edea0f9
[GITEA] POST /repos/{owner}/{repo}/pulls/{index}/reviews/{id}/comments
Refs: https://codeberg.org/forgejo/forgejo/issues/2109
(cherry picked from commit 8b4ba3dce7)
2024-01-15 16:51:45 +00:00
Gusted
ef5e1b01b8
[GITEA] Improve 404 screen on mobile
- Remove `container` to remove unnecessary margins being added to the
whole page.
- Specify max width for the 404 image to avoid overflow of the image.

(cherry picked from commit b1ced72ce5)
2024-01-15 16:51:45 +00:00
Gergely Nagy
e7f5c1ba14
[FEAT] API support for repository flags
Expose the repository flags feature over the API, so the flags can be
managed by a site administrator without using the web API.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit bac9f0225d)
2024-01-15 16:51:45 +00:00
Gergely Nagy
f09f6e029b
[FEAT] Repository flags
This implements "repository flags", a way for instance administrators to
assign custom flags to repositories. The idea is that custom templates
can look at these flags, and display banners based on them, Forgejo does
not provide anything built on top of it, just the foundation. The
feature is optional, and disabled by default. To enable it, set
`[repository].ENABLE_FLAGS = true`.

On the UI side, instance administrators will see a new "Manage flags"
tab on repositories, and a list of enabled tags (if any) on the
repository home page. The "Manage flags" page allows them to remove
existing flags, or add any new ones that are listed in
`[repository].SETTABLE_FLAGS`.

The model does not enforce that only the `SETTABLE_FLAGS` are present.
If the setting is changed, old flags may remain present in the database,
and anything that uses them, will still work. The repository flag
management page will allow an instance administrator to remove them, but
not set them, once removed.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit ba735ce222)
2024-01-15 16:51:45 +00:00
Gergely Nagy
70cb266760
[GITEA] Disable the RSS feed in file view for non-branches
Files can have an RSS feed, but those only make sense when taken in the
context of a branch. There is no history to make a feed of on a tag or a
commit: they're static. Forgejo does not provide a feed for them for
this reason.

However, the file view on the web UI was offering a link to these
non-existent feeds. With this patch, it does that no longer, and only
provides a link when viewing the file in the context of a branch.

Fixes #2102.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 4b48d21ea7)
2024-01-15 16:51:45 +00:00
Earl Warren
0077b2661e
[GITEA] add option for banning dots in usernames (squash) set in test
(cherry picked from commit b005b586c3)
2024-01-15 16:51:45 +00:00
Gergely Nagy
3975a9f3aa
[GITEA] Find README.md for user profiles case insensitively
When trying to find a `README.md` in a `.profile` repo, do so case
insensitively. This change does not make it possible to render readmes
in formats other than Markdown, it just removes the hard-coded
"README.md".

Also adds a few tests to make sure the change works.

Fixes #1494.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit edd219d8e9)
(cherry picked from commit 2c0105ef17)
2024-01-15 16:51:45 +00:00
Gusted
6b7c7d18dc
[GITEA] Check for Commit in opengraph
- It's possible that `PageIsDiff` is set but not `Commit` resulting in a
NPE in the template. This can happen when the requested commit doesn't exist.
- Regression of c802c46a9b &
5743d7cb5b
- Added 'hacky' integration test.

(cherry picked from commit 8db2d5e4a7)
(cherry picked from commit 8c737a802b)
2024-01-15 16:51:45 +00:00
Gergely Nagy
4359741431
[GITEA] Add support for shields.io-based badges
Adds a new `/{username}/{repo}/badges` family of routes, which redirect
to various shields.io badges. The goal is to not reimplement badge
generation, and delegate it to shields.io (or a similar service), which
are already used by many. This way, we get all the goodies that come
with it: different styles, colors, logos, you name it.

So these routes are just thin wrappers around shields.io that make it
easier to display the information we want. The URL is configurable via
`app.ini`, and is templatable, allowing to use alternative badge
generator services with slightly different URL patterns.

Additionally, for compatibility with GitHub, there's an
`/{username}/{repo}/actions/workflows/{workflow_file}/badge.svg` route
that works much the same way as on GitHub. Change the hostname in the
URL, and done.

Fixes gitea#5633, gitea#23688, and also fixes #126.

Work sponsored by Codeberg e.V.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit fcd0f61212)
(cherry picked from commit 20d14f7844)
2024-01-15 16:51:45 +00:00
Gergely Nagy
c3a8e98870
[GITEA] repo: Don't redirect the repo to external units
When displaying the repo home view, do not redirect to unit types that
can't be defaults (which, at the moment, are the external wiki and issue
tracker unit types).

If we'd redirect to those, that would mean that a repository with the
Code unit disabled, and an external issue tracker would immediately
redirect to the external issue tracker, making it harder to reach other,
non-external units of the repo.

Fixes #1965.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 44078e5460)
(cherry picked from commit 1868dec2e4)
2024-01-15 16:51:45 +00:00
Earl Warren
63d086f666
[GITEA] notifies admins on new user registration (squash) DeleteByID
trivial conflict because of
   778ad795fd Refactor deletion (#28610)

(cherry picked from commit 05682614e5)
(cherry picked from commit 64bd374803)
2024-01-15 16:48:45 +00:00
Earl Warren
63b9b624bd
[GITEA] Fix session generation for database (squash) timeutil.Mock
because of e743570f65 * Refactor timeutil package (#28623)

(cherry picked from commit acc6b51be2)
(cherry picked from commit 02b74317f2)
2024-01-15 16:48:44 +00:00
Gusted
986be6171a
[GITEA] Remove redundant syncBranchToDB
- The transaction in combination with Git push was causing deadlocks if
you had the `push_update` queue set to `immediate`. This was the root
cause of slow integration tests in CI.
- Remove the sync branch code as this is already being done in the Git
post-receive hook.
- Add tests to proof the branch models are in sync even with this code
removed.

(cherry picked from commit 90110e1f44)
(cherry picked from commit a064065cb9)
(cherry picked from commit 7713e558eb)

Conflicts:
	services/repository/branch.go
	https://codeberg.org/forgejo/forgejo/pulls/2068
(cherry picked from commit 3bb73e0813)
(cherry picked from commit c557540926)
2024-01-15 16:48:44 +00:00
Gergely Nagy
3d3366dbbe
[GITEA] Configurable clone methods
Adds `[repository].DOWNLOAD_OR_CLONE_METHODS` (defaulting to
"download-zip,download-targz,download-bundle,vscode-clone"), which lets
an instance administrator override the additional clone methods
displayed on the repository home view.

This is purely display-only, the clone methods not listed here are still
available, unless disabled elsewhere. They're just not displayed.

Fixes #710.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 2aadcf4946)
(cherry picked from commit 42ac34fbf9)
(cherry picked from commit bd231b0245)
2024-01-15 16:48:44 +00:00
Gusted
70623e8da1
[GITEA] Fix NPE in ToPullReviewList
- Add condition to ensure doer isn't nil when using it.
- Added unit test.
- Resolves #2055

(cherry picked from commit 8f1a74fb29)
(cherry picked from commit 60ac881776)
(cherry picked from commit 5fdc461ac5)
2024-01-15 16:48:44 +00:00
Antonin Delpeuch
94e954ce22
[GITEA] pulls: "Edit File" button in "Files Changed" tab
Closes #1894.
Gitea issue: https://github.com/go-gitea/gitea/issues/23848

(cherry picked from commit 79c75164ca)
(cherry picked from commit 58c76aad8f)
(cherry picked from commit 5bdb3c6c53)
2024-01-15 16:48:44 +00:00
Gusted
19013ba5ea
[GITEA] Avoid WHERE IN for comment migration query
- Rewrite `UpdateCommentsMigrationsByType` to not use `WHERE IN` as
that's a performance diaster for MariaDB, it now use batching to query
the the relevant comment IDs via JOINs (which is not possible in a
UPDATE query for SQLite) and then update them in a seperate query.
- Add unit test.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1856

(cherry picked from commit 8098ca9d2e)

Conflicts:
	models/issues/comment.go
	https://codeberg.org/forgejo/forgejo/pulls/2075
(cherry picked from commit ca65deba1c)
(cherry picked from commit 0e1e09e77d)
2024-01-15 16:48:44 +00:00
Gusted
66eae1041c
[GITEA] Fix /issues/search endpoint
- The endpoint was moved from being an API endpoint to an web endpoint
with JSON result. However the API context isn't the same as the web
context, for example the `ctx.Error` only takes in the first two
arguments into consideration and doesn't do logging, which is not the
same behavior as the API context where there's three arguments and does
do logging and only reveal the function + error if the user is admin.
- Remove any details in the error message and do the logging seperatly,
this is somewhat consistent with how other API endpoints behave.
- Ref: https://codeberg.org/forgejo/forgejo/issues/1998

(cherry picked from commit fe71e32ace)
(cherry picked from commit c89e0735fa)
(cherry picked from commit 4c04dcfc59)
2024-01-15 16:48:44 +00:00
Gergely Nagy
a5d2829a10
[GITEA] Optionally allow anyone to edit Wikis
This is largely based on gitea#6312 by @ashimokawa, with updates and
fixes by myself, and incorporates the review feedback given in that pull
request, and more.

What this patch does is add a new "default_permissions" column to the
`repo_units` table (defaulting to read permission), adjusts the
permission checking code to take this into consideration, and then
exposes a setting that lets a repo administrator enable any user on a
Forgejo instance to edit the repo's wiki (effectively giving the wiki
unit of the repo "write" permissions by default).

By default, wikis will remain restricted to collaborators, but with the
new setting exposed, they can be turned into globally editable wikis.

Fixes Codeberg/Community#28.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit 4b74439922)
(cherry picked from commit 337cf62c10)
(cherry picked from commit b6786fdb32)
2024-01-15 16:48:44 +00:00
Gusted
65dbc4303b
[GITEA] Fix session generation for database
- If the session doesn't exist, it shouldn't be expected that the
variable is non-nil. Define the session variable instead and insert that.
- Add unit tests to test the behavior of the database sessions code .
- Regression caused by dd30d9d5c0.
- Resolves https://codeberg.org/forgejo/forgejo/issues/2042

(cherry picked from commit 90307ad200)
(cherry picked from commit 874ef1978d)
(cherry picked from commit 27d5f035fc)
2024-01-15 16:47:17 +00:00
Earl Warren
53f5a3aa91
[ACTIONS] on.schedule: create a new payload
do not reuse the payload of the event that triggered the creation of
the scheduled event. Create a new one instead that contains no other
information than the event name in the action field ("schedule").

(cherry picked from commit 0b40ca1ea5)
(cherry picked from commit f86487432b)
(cherry picked from commit 4bd5d2e9d0)
(cherry picked from commit d10830e238)
2024-01-15 16:47:17 +00:00
Earl Warren
9a08db699c
[ACTIONS] on.schedule: the event is always "schedule"
handleSchedules() is called every time an event is received and will
check the content of the main branch to (re)create scheduled events.
There is no reason why intput.Event will be relevant when the schedule
workflow runs.

(cherry picked from commit 9a712bb276)
(cherry picked from commit 41af36da81)
(cherry picked from commit bb83604fa2)
(cherry picked from commit 65e4503a7a)
2024-01-15 16:47:17 +00:00
Gusted
c4cb7812e3
[GITEA] Fix NPE in UsernameSubRoute
- When the user is not found in `reloadparam`, early return when the
user is not found to avoid calling `IsUserVisibleToViewer` which in turn
avoids causing a NPE.
- This fixes the case that a 500 error and 404 error is shown on the
same page.
- Add integration test for non-existant user RSS.
- Regression by c6366089df

(cherry picked from commit f0e0696278)
(cherry picked from commit 75d8066908)
(cherry picked from commit 4d0a1e0637)
(cherry picked from commit 5f40a485da)
2024-01-15 16:47:17 +00:00
Earl Warren
cbecdd618d
[GITEA] the ref of a scheduled action is always the default branch
Since a scheduled action is only run from the default branch, it
cannot be anything else.

Refs: https://codeberg.org/forgejo/forgejo/issues/1926
(cherry picked from commit eff0822856)
(cherry picked from commit 2b1aa50bd1)

Conflicts:
	services/actions/notifier_helper.go
	https://codeberg.org/forgejo/forgejo/pulls/2075
(cherry picked from commit 4ff3474fc0)
(cherry picked from commit 07b8887031)
2024-01-15 16:47:17 +00:00
Earl Warren
16e337153b
[GITEA] Allow release creation on commit (squash) s/SHAFullLength/FullLength/
(cherry picked from commit 9d549c0d33)
(cherry picked from commit 8b2af5f040)
(cherry picked from commit 2262654cd7)
(cherry picked from commit 5e98785109)
2024-01-15 16:47:16 +00:00
Gusted
f863f4b005
[GITEA] Add footnote testing
- This adds coverage to the most common and the edge cases of what the
footnote implementation should be capable of. This was partly done to
ensure no hidden surprises when changing the implementation, as markdown
rendering is one of the more important features of Forgejo.

(cherry picked from commit 16ecdb4170)
(cherry picked from commit 19dc5ef5e5)
(cherry picked from commit d5955efc0a)
(cherry picked from commit 2cdaf10836)
(cherry picked from commit 251b567794)

Conflicts:
	modules/markup/markdown/markdown_test.go
	https://codeberg.org/forgejo/forgejo/pulls/2153
2024-01-15 16:47:16 +00:00
Gergely Nagy
cad9184a36
[GITEA] Allow changing the email address before activation
During registration, one may be required to give their email address, to
be verified and activated later. However, if one makes a mistake, a
typo, they may end up with an account that cannot be activated due to
having a wrong email address.

They can still log in, but not change the email address, thus, no way to
activate it without help from an administrator.

To remedy this issue, lets allow changing the email address for logged
in, but not activated users.

This fixes gitea#17785.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit aaaece28e4)
(cherry picked from commit 639dafabec)
(cherry picked from commit d699c12ceb)

[GITEA] Allow changing the email address before activation (squash) cache is always active

This needs to be revisited because the MailResendLimit is not enforced
and turns out to not be tested.

See e7cb8da2a8 * Always enable caches (#28527)

(cherry picked from commit 43ded8ee30)

Rate limit pre-activation email change separately

Changing the email address before any email address is activated should
be subject to a different rate limit than the normal activation email
resending. If there's only one rate limit for both, then if a newly
signed up quickly discovers they gave a wrong email address, they'd have
to wait three minutes to change it.

With the two separate limits, they don't - but they'll have to wait
three minutes before they can change the email address again.

The downside of this setup is that a malicious actor can alternate
between resending and changing the email address (to something like
`user+$idx@domain`, delivered to the same inbox) to effectively halving
the rate limit. I do not think there's a better solution, and this feels
like such a small attack surface that I'd deem it acceptable.

The way the code works after this change is that `ActivatePost` will now
check the `MailChangeLimit_user` key rather than `MailResendLimit_user`,
and if we're within the limit, it will set `MailChangedJustNow_user`. The
`Activate` method - which sends the activation email, whether it is a
normal resend, or one following an email change - will check
`MailChangedJustNow_user`, and if it is set, it will check the rate
limit against `MailChangedLimit_user`, otherwise against
`MailResendLimit_user`, and then will delete the
`MailChangedJustNow_user` key from the cache.

Fixes #2040.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit e35d2af2e5)
(cherry picked from commit 03989418a7)
(cherry picked from commit f50e0dfe5e)
2024-01-15 16:47:16 +00:00
Earl Warren
137daabc9b
[GITEA] test markdown CleanValue to prevent regression
It will determine how anchors are created and will break existing
links otherwise.

Adapted from Revert "Make `user-content-* ` consistent with github (#26388)

(cherry picked from commit 1666fba8f5)
(cherry picked from commit 48f38280e8)
(cherry picked from commit 03adb3a2b4)
(cherry picked from commit a0ad36f0ad)
(cherry picked from commit 3aac990064)
2024-01-15 16:47:16 +00:00
Earl Warren
2c426c28af
[GITEA] Revert "Make user-content-* consistent with github (#26388)"
Refs: https://codeberg.org/forgejo/forgejo/issues/1943

This reverts commit d41aee1d1e.

(cherry picked from commit d29ec91e91)
(cherry picked from commit a0f5a9750e)
(cherry picked from commit 26bfc3bc14)
(cherry picked from commit 59f57a1bc9)
(cherry picked from commit ce3b73a033)
2024-01-15 16:47:16 +00:00