Commit graph

258 commits

Author SHA1 Message Date
Gusted
fed4a421ac
[BRANDING] Update nodeinfo branding
- Change the values for the nodeinfo API, to use branded values.
- Resolves https://codeberg.org/forgejo/forgejo/issues/257

(cherry picked from commit 4608c57688)
(cherry picked from commit e837e8a529)
(cherry picked from commit 6601328d3c)
(cherry picked from commit c6be21d487)
(cherry picked from commit 5adc6ffee2)
(cherry picked from commit 2ff8d166ac)
(cherry picked from commit b6a90e7e5a)
(cherry picked from commit d1089e706c)

Conflicts:
	tests/integration/api_nodeinfo_test.go
(cherry picked from commit 7a29df737d)
(cherry picked from commit 3655a30c60)
(cherry picked from commit c90d611410)
(cherry picked from commit 0274bd8860)
(cherry picked from commit fdb786b71d)
(cherry picked from commit 4f08f100a1)
(cherry picked from commit 56a2711822)
(cherry picked from commit 3b2cfa452d)
(cherry picked from commit 773ddcf956)
(cherry picked from commit fe8321ed4e)
(cherry picked from commit a94833643b)
(cherry picked from commit 3fdbda7639)
(cherry picked from commit 7bc63d2cd3)
(cherry picked from commit a36400d9cf)
(cherry picked from commit 2535ab4201)
(cherry picked from commit 692e72f4f6)
(cherry picked from commit 265021f3e9)
(cherry picked from commit bc833125d6)
(cherry picked from commit f1f9f88155)
(cherry picked from commit 6076461ad7)
(cherry picked from commit cd1da0aa2b)
(cherry picked from commit f4e9a251d8)
2023-09-18 15:13:29 +02:00
Earl Warren
33e5e2f0d8
[BRANDING] add the forgejo webhook type & update webhook docs URLs
templates/swagger/v1_json.tmpl updated with `make generate-swagger`

(cherry picked from commit 88899c492e)
(cherry picked from commit 7171bd9617)
(cherry picked from commit 1a742446c1)
(cherry picked from commit d7c189d7b2)

Conflicts:
	routers/web/web.go
(cherry picked from commit cbdea868e4)
(cherry picked from commit 6cd150483b)
(cherry picked from commit 47246da8d3)
(cherry picked from commit f2aa0e6b76)
(cherry picked from commit 5a4fc69a16)
(cherry picked from commit 48e444ca09)
(cherry picked from commit 888e537811)
(cherry picked from commit 5121f493c9)
(cherry picked from commit 9394e55fdf)
(cherry picked from commit 3a2ce51768)
(cherry picked from commit 719ead3a65)
(cherry picked from commit 83e6f82e2a)
(cherry picked from commit 494a429b21)
(cherry picked from commit 4d775db6b4)
(cherry picked from commit b68f777dc2)
(cherry picked from commit 5b934023fa)
(cherry picked from commit 3b1ed8b16c)
(cherry picked from commit 6bc4a46c9f)
(cherry picked from commit 8064bb24a3)

Conflicts:
	templates/admin/hook_new.tmpl
	templates/org/settings/hook_new.tmpl
	templates/repo/settings/webhook/base_list.tmpl
	templates/repo/settings/webhook/new.tmpl
	templates/user/settings/hook_new.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1181
(cherry picked from commit 55f5588a91)
(cherry picked from commit a428bc06b3)
(cherry picked from commit d2186eceb9)
(cherry picked from commit b4e126e9af)
(cherry picked from commit e4c7a92c2d)
(cherry picked from commit a7165c8146)

Conflicts:
	templates/admin/hook_new.tmpl
	templates/repo/settings/webhook/new.tmpl
	https://codeberg.org/forgejo/forgejo/pulls/1420

[BRANDING] add the forgejo webhook type & update webhook docs URLs (squash) gitea logo for gitea webhooks

Refs: https://codeberg.org/forgejo/forgejo/issues/1367
(cherry picked from commit 2d8c1b9373)
(cherry picked from commit 9135a5e1db)
(cherry picked from commit 270f4020b0)
2023-09-18 15:13:29 +02:00
fluzz
47c78927d6
[FEAT] allow setting the update date on issues and comments
This field adds the possibility to set the update date when modifying
an issue through the API.

A 'NoAutoDate' in-memory field is added in the Issue struct.
If the update_at field is set, NoAutoDate is set to true and the
Issue's UpdatedUnix field is filled.

That information is passed down to the functions that actually updates
the database, which have been modified to not auto update dates if
requested.

A guard is added to the 'EditIssue' API call, to checks that the
udpate_at date is between the issue's creation date and the current
date (to avoid 'malicious' changes). It also limits the new feature
to project's owners and admins.

(cherry picked from commit c524d33402)

Add a SetIssueUpdateDate() function in services/issue.go

That function is used by some API calls to set the NoAutoDate and
UpdatedUnix fields of an Issue if an updated_at date is provided.

(cherry picked from commit f061caa655)

Add an updated_at field to the API calls related to Issue's Labels.

The update date is applied to the issue's comment created to inform
about the modification of the issue's labels.

(cherry picked from commit ea36cf80f5)

Add an updated_at field to the API call for issue's attachment creation

The update date is applied to the issue's comment created to inform
about the modification of the issue's content, and is set as the
asset creation date.

(cherry picked from commit 96150971ca)

Checking Issue changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPIEditIssueWithAutoDate
- TestAPIEditIssueWithNoAutoDate

- TestAPIAddIssueLabelsWithAutoDate
- TestAPIAddIssueLabelsWithNoAutoDate

- TestAPICreateIssueAttachmentWithAutoDate
- TestAPICreateIssueAttachmentWithNoAutoDate

(cherry picked from commit 4926a5d7a2)

Add an updated_at field to the API call for issue's comment creation

The update date is used as the comment creation date, and is applied to
the issue as the update creation date.

(cherry picked from commit 76c8faecdc)

Add an updated_at field to the API call for issue's comment edition

The update date is used as the comment update date, and is applied to
the issue as an update date.

(cherry picked from commit cf787ad7fd)

Add an updated_at field to the API call for comment's attachment creation

The update date is applied to the comment, and is set as the asset
creation date.

(cherry picked from commit 1e4ff424d3)

Checking Comment changes, with and without providing an updated_at date

Those unit tests are added:

- TestAPICreateCommentWithAutoDate
- TestAPICreateCommentWithNoAutoDate

- TestAPIEditCommentWithAutoDate
- TestAPIEditCommentWithNoAutoDate

- TestAPICreateCommentAttachmentWithAutoDate
- TestAPICreateCommentAttachmentWithNoAutoDate

(cherry picked from commit da932152f1)

Pettier code to set the update time of comments

Now uses sess.AllCols().NoAutoToime().SetExpr("updated_unix", ...)

XORM is smart enough to compose one single SQL UPDATE which all
columns + updated_unix.

(cherry picked from commit 1f6a42808d)

Issue edition: Keep the max of the milestone and issue update dates.

When editing an issue via the API, an updated_at date can be provided.
If the EditIssue call changes the issue's milestone, the milestone's
update date is to be changed accordingly, but only with a greater
value.

This ensures that a milestone's update date is the max of all issue's
update dates.

(cherry picked from commit 8f22ea182e)

Rewrite the 'AutoDate' tests using subtests

Also add a test to check the permissions to set a date, and a test
to check update dates on milestones.

The tests related to 'AutoDate' are:
- TestAPIEditIssueAutoDate
- TestAPIAddIssueLabelsAutoDate
- TestAPIEditIssueMilestoneAutoDate
- TestAPICreateIssueAttachmentAutoDate
- TestAPICreateCommentAutoDate
- TestAPIEditCommentWithDate
- TestAPICreateCommentAttachmentAutoDate

(cherry picked from commit 961fd13c55)
(cherry picked from commit d52f4eea44)
(cherry picked from commit 3540ea2a43)

Conflicts:
	services/issue/issue.go
	https://codeberg.org/forgejo/forgejo/pulls/1415
(cherry picked from commit 56720ade00)

Conflicts:
	routers/api/v1/repo/issue_label.go
	https://codeberg.org/forgejo/forgejo/pulls/1462
2023-09-18 14:11:24 +02:00
Earl Warren
37cfc3b227
[DB] run all Forgejo migrations in integration tests
The tests at tests/integration/migration-test/migration_test.go will
not run any Forgejo migration when using the gitea-*.sql.gz files
because they do not contain a ForgejoVersion row which is interpreted
as a new Forgejo installation for which there is no need for migration.

Create a situation by which the ForgejoVersion table exists and has a
version of 0 in tests/integration/migration-test/forgejo-v1.19.0.*.sql.gz
thus ensuring all Forgejo migrations are run.

The forgejo*.sql.gz files do not have any Gitea related records, which
will be interpreted by the Gitea migrations as a new installation that
does not need any migration. As a consequence the migration tests run
when using forgejo-v1.19.0.*.sql.gz are exclusively about Forgejo
migrations.

(cherry picked from commit ec8003859c)
(cherry picked from commit 697570ff39)
(cherry picked from commit f041aec172)
(cherry picked from commit 60463e3bab)
(cherry picked from commit b2fc2a7c13)
(cherry picked from commit fb2759b6af)
2023-09-18 14:00:11 +02:00
Earl Warren
47c8a05b37
[TESTS] increase test-sqlite log level to Trace
It does not pollute the output because they go to sqlite-log/gitea.log
and it may provide clues for debugging. When trying to figure out a
problem in production, Debug is likely to be used but in a development
environment a very fine grain log is the most useful. If that's really
too much noise, the lines can be trimmed by removing all those with [T].

(cherry picked from commit 666b02eb9d)
(cherry picked from commit b69e4d3058)
(cherry picked from commit 0c1aecd7ec)
(cherry picked from commit 0304e41345)
(cherry picked from commit 4bcc7e02ce)
(cherry picked from commit 98364235f2)
(cherry picked from commit ca465e97c1)
(cherry picked from commit 653045ade1)
(cherry picked from commit 9ca2e644ab)
2023-09-18 14:00:11 +02:00
Earl Warren
d787089a5d
[TESTS] coverage for SignInOAuthCallback
(cherry picked from commit f8e1619b99)
(cherry picked from commit 46d8bc9bdf)
(cherry picked from commit e0c7b7055f)
(cherry picked from commit faab747f8e)
(cherry picked from commit 46acb6a9a7)
(cherry picked from commit 22d964e744)
(cherry picked from commit 4c8a6031ac)
(cherry picked from commit 032e8c7a9a)
(cherry picked from commit 7a17a3b0fb)
(cherry picked from commit 8ea71c2a31)
(cherry picked from commit 4b027e2d37)
2023-09-18 14:00:11 +02:00
Earl Warren
ba64fa9867
[TESTS] oauth2: add integration test helpers
(cherry picked from commit e11dcc60f2)

use backticks to avoid backslash

(cherry picked from commit 34212791ee)
(cherry picked from commit bde9473c69)
(cherry picked from commit d4deb43084)
(cherry picked from commit 08e91649b0)
(cherry picked from commit 2b988e5415)

[TESTS] auth LinkAccount test coverage (squash)

(cherry picked from commit a2b2e3066b)
(cherry picked from commit 841d1b5073)
(cherry picked from commit 35da630ad8)
(cherry picked from commit caf2dc4fa7)
(cherry picked from commit 6eb81e67ba)
(cherry picked from commit d59757239f)
(cherry picked from commit 38a121b688)
(cherry picked from commit 20613874ee)
(cherry picked from commit 6d2705e108)
(cherry picked from commit f177b72814)
(cherry picked from commit 75e1fc4c83)
2023-09-18 14:00:11 +02:00
Earl Warren
d89ef2ffa9
[TESTS] createUser via the user model helper for integration tests
(cherry picked from commit c1d14c5fff)
(cherry picked from commit e0e8aabc98)
(cherry picked from commit 392a415070)
(cherry picked from commit c7cf1307ca)
(cherry picked from commit 93b13d092b)

[TESTS] createUser via the user model helper for integration tests (squash)

(cherry picked from commit 6ff2383952)
(cherry picked from commit de2a6fe8c3)
(cherry picked from commit 398a6ab072)
(cherry picked from commit 16abc89780)
(cherry picked from commit 312a3ec5d9)
(cherry picked from commit 85c6d8e290)
(cherry picked from commit 79150d30a4)
(cherry picked from commit 436137962d)
(cherry picked from commit e4eb8d471e)
(cherry picked from commit a7257052f4)
(cherry picked from commit d5eba9a6dd)
2023-09-18 14:00:11 +02:00
Earl Warren
8034ef5fa2
[API] Forgejo API /api/forgejo/v1
(cherry picked from commit 20b5669269)
(cherry picked from commit 1574643a6a)

Update semantic version according to specification

(cherry picked from commit 22510f4130)

Mise à jour de 'Makefile'

(cherry picked from commit c3d85d8409)
(cherry picked from commit 5ea2309851)
(cherry picked from commit ec5217b9d1)
(cherry picked from commit 14f08e364b)
(cherry picked from commit b4465c67b8)

[API] [SEMVER] replace number with version

(cherry picked from commit fba48e6497)
(cherry picked from commit 532ec5d878)

[API] [SEMVER] [v1.20] less is replaced by css

(cherry picked from commit 01ca3a4f42)
(cherry picked from commit 1d928c3ab2)
(cherry picked from commit a39dc804cd)

Conflicts:
	webpack.config.js
(cherry picked from commit adc68578b3)
(cherry picked from commit 9b8d98475f)
(cherry picked from commit 2516103974)
(cherry picked from commit 18e6287963)
(cherry picked from commit e9694e67ab)
(cherry picked from commit a9763edaf0)
(cherry picked from commit e2b550f4fb)
(cherry picked from commit 2edac36701)

[API] Forgejo API /api/forgejo/v1 (squash)

Update semver as v1.20 is entering release candidate mode

(cherry picked from commit 4995098ec3)
(cherry picked from commit 578ccfdd27)
(cherry picked from commit 1bf6ac0952)
(cherry picked from commit 2fe16b2bfe)
(cherry picked from commit 7cd9d027ee)
(cherry picked from commit eaed4be2ae)
(cherry picked from commit cc94f3115f)
(cherry picked from commit d7a77e35cc)
(cherry picked from commit cd8eb68ab7)
(cherry picked from commit 68487ac95f)
(cherry picked from commit 616dceb565)
(cherry picked from commit 545fe5975b)
(cherry picked from commit c042cf8eda)
(cherry picked from commit ae5e5a7468)
2023-09-18 14:00:11 +02:00
Loïc Dachary
3fd0092056
[CI] set PASSWORD_HASH_ALGO = argon2 for integration tests
(cherry picked from commit 1d7ce2a39c)
(cherry picked from commit 3af8757583)
(cherry picked from commit 0b81815209)
(cherry picked from commit 7180a3222a)
(cherry picked from commit 069044f4a6)
(cherry picked from commit dd1438f389)
(cherry picked from commit 4ae6b5d64d)
(cherry picked from commit c572666d78)
(cherry picked from commit de0a4480bc)
(cherry picked from commit 60272ef4f7)
(cherry picked from commit a68fdde4be)
(cherry picked from commit ff448cf3a6)
(cherry picked from commit 208498caaa)
(cherry picked from commit 1abd3efad8)
(cherry picked from commit 818c7f4ca9)
(cherry picked from commit 1e552bbe44)
(cherry picked from commit 88dbd6da1d)
(cherry picked from commit b1c86fb777)
(cherry picked from commit 185b1e25b1)
(cherry picked from commit 0af35605ae)
(cherry picked from commit 350975b63f)
(cherry picked from commit 2788142515)
(cherry picked from commit b418a53717b247e10d2dda26d1d236400d423a94)
(cherry picked from commit 086cde3f10)
(cherry picked from commit 3e4818c779)
(cherry picked from commit f2bf1fe64f)
(cherry picked from commit db4eb288ee)
(cherry picked from commit f8db31821b)
(cherry picked from commit 2b13c06f49)
2023-09-18 13:25:11 +02:00
Earl Warren
fd8c13be6b
[CLI] implement forgejo-cli
(cherry picked from commit 2555e315f7)
(cherry picked from commit 51b9c9092e)

[CLI] implement forgejo-cli (squash) support initDB

(cherry picked from commit 5c31ae602a)
(cherry picked from commit bbf76489a7)

Conflicts:
	because of d0dbe52e76
	upgrade to https://pkg.go.dev/github.com/urfave/cli/v2
(cherry picked from commit b6c1bcc008)

[CLI] implement forgejo-cli actions

(cherry picked from commit 08be2b226e)
(cherry picked from commit b6cfa88c6e)
(cherry picked from commit 59704200de)

[CLI] implement forgejo-cli actions generate-secret

(cherry picked from commit 6f7905c8ec)
(cherry picked from commit e085d6d273)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb2)

[CLI] implement forgejo-cli actions register

(cherry picked from commit 2f95143000)
(cherry picked from commit 42f2f8731e)

[CLI] implement forgejo-cli actions register (squash) no private

Do not go through the private API, directly modify the database

(cherry picked from commit 1ba7c0d39d)

[CLI] implement forgejo-cli actions

(cherry picked from commit 6f7905c8ec)
(cherry picked from commit e085d6d273)

[CLI] implement forgejo-cli actions generate-secret (squash) NoInit

(cherry picked from commit 962c944eb2)
(cherry picked from commit 4c121ef022)

Conflicts:
	cmd/forgejo/actions.go
	tests/integration/cmd_forgejo_actions_test.go
(cherry picked from commit 36997a48e3)

[CLI] implement forgejo-cli actions (squash) restore --version

Refs: https://codeberg.org/forgejo/forgejo/issues/1134
(cherry picked from commit 9739eb52d8)

[CI] implement forgejo-cli (squash) the actions subcommand needs config

(cherry picked from commit def638475122a26082ab3835842c84cd03839154)

Conflicts:
	cmd/main.go
	https://codeberg.org/forgejo/forgejo/pulls/1209
(cherry picked from commit a1758a3910)
(cherry picked from commit 935fa650c7)
(cherry picked from commit cd21026bc9)
(cherry picked from commit 1700b8973a)
(cherry picked from commit 1def42a379)
(cherry picked from commit 839d97521d)
2023-09-18 13:25:11 +02:00
CaiCandong
f93ee5937b
Fix token endpoints ignore specified account (#27080)
Fix #26234
close #26323
close #27040

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-09-18 00:21:15 +00:00
JakobDev
f91dbbba98
Next round of db.DefaultContext refactor (#27089)
Part of #27065
2023-09-16 14:39:12 +00:00
JakobDev
c548dde205
More refactoring of db.DefaultContext (#27083)
Next step of #27065
2023-09-15 06:13:19 +00:00
JakobDev
76659b1114
Reduce usage of db.DefaultContext (#27073)
Part of #27065

This reduces the usage of `db.DefaultContext`. I think I've got enough
files for the first PR. When this is merged, I will continue working on
this.

Considering how many files this PR affect, I hope it won't take to long
to merge, so I don't end up in the merge conflict hell.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-14 17:09:32 +00:00
Nanguan Lin
da50be7360
Replace 'userxx' with 'orgxx' in all test files when the user type is org (#27052)
Currently 'userxx' and 'orgxx' are both used as username in test files
when the user type is org, which is confusing. This PR replaces all
'userxx' with 'orgxx' when the user type is org(`user.type==1`).
Some non-trivial changes
1. Rename `user3` dir to `org3` in `tests/git-repositories-meta` 
2. Change `end` in `issue reference` because 'org3' is one char shorter
than 'user3'

![ksnip_20230913-112819](https://github.com/go-gitea/gitea/assets/70063547/442988c5-4cf4-49b8-aa01-4dd6bf0ca954)
3. Change the search result number of `user/repo2` because
`user3/repo21` can't be searched now

![ksnip_20230913-112931](https://github.com/go-gitea/gitea/assets/70063547/d9ebeba4-479f-4110-9a85-825efbc981fd)
4. Change the first org name getting from API because the result is
ordered by alphabet asc and now `org 17` is before `org25`
![JW8U7NIO(J$H
_YCRB36H)T](https://github.com/go-gitea/gitea/assets/70063547/f55a685c-cf24-40e5-a87f-3a2327319548)
![)KFD411O4I8RB5ZOH7E0
Z3](https://github.com/go-gitea/gitea/assets/70063547/a0dc3299-249c-46f6-91cb-d15d4ee88dd5)

Other modifications are just find all and replace all.
Unit tests with SQLite are all passed.

---------

Co-authored-by: caicandong <1290147055@qq.com>
2023-09-14 02:59:53 +00:00
Lunny Xiao
4f32abaf94
move repository deletion to service layer (#26948)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-08 04:51:15 +00:00
Lunny Xiao
b9df9fa2e2
Move createrepository from module to service layer (#26927)
Repository creation depends on many models, so moving it to service
layer is better.
2023-09-06 12:08:51 +00:00
FuXiaoHei
460a2b0edf
Artifacts retention and auto clean up (#26131)
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
KN4CK3R
a99b96cbcd
Refactor secrets modification logic (#26873)
- Share code between web and api
- Add some tests
2023-09-05 15:21:02 +00:00
JakobDev
e9f5067653
Add missing reqToken() to notifications endpoints (#26914)
They currently throw a Internal Server Error when you use them without a
token. Now they correctly return a `token is required` error.

This is no security issue. If you use this endpoints with a token that
don't have the correct permission, you get the correct error. This is
not affected by this PR.
2023-09-05 14:43:34 +00:00
Lunny Xiao
dc2dd76d98
Remove duplicated notify mail configuration on tests (#26912)
Extract from #22266

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-05 12:34:36 +02:00
wxiaoguang
f01bed2443
Avoid double-unescaping of form value (#26853)
1. The old `prepareQueryArg` did double-unescaping of form value.
2. By the way, remove the unnecessary `ctx.Flash = ...` in
`MockContext`.

Co-authored-by: Giteabot <teabot@gitea.io>
2023-09-01 12:01:36 +00:00
wxiaoguang
e8aae43f56
Move web/api context related testing function into a separate package (#26859)
Just like `models/unittest`, the testing helper functions should be in a
separate package: `contexttest`

And complete the TODO:

> // TODO: move this function to other packages, because it depends on
"models" package
2023-09-01 11:26:07 +00:00
Jack Hay
c0ab7070e5
Update team invitation email link (#26550)
Co-authored-by: Kyle D <kdumontnu@gmail.com>
Co-authored-by: Jonathan Tran <jonnytran@gmail.com>
2023-08-31 16:26:13 +00:00
Denys Konovalov
5b5bb8d354
User details page (#26713)
This PR implements a proposal to clean up the admin users table by
moving some information out to a separate user details page (which also
displays some additional information).

Other changes:
- move edit user page from `/admin/users/{id}` to
`/admin/users/{id}/edit` -> `/admin/users/{id}` now shows the user
details page
- show if user is instance administrator as a label instead of a
separate column
- separate explore users template into a page- and a shared one, to make
it possible to use it on the user details page
- fix issue where there was no margin between alert message and
following content on admin pages

<details>

<summary>Screenshots</summary>


![grafik](https://github.com/go-gitea/gitea/assets/47871822/1ad57ac9-f20a-45a4-8477-ffe572a41e9e)


![grafik](https://github.com/go-gitea/gitea/assets/47871822/25786ecd-cb9d-4c92-90f4-e7f4292c073b)


</details>

Partially resolves #25939

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-31 11:21:18 +02:00
mainboarder
c533991519
Expanded minimum RSA Keylength to 3072 (#26604)
German Federal Office for Information Security requests in its technical
guideline BSI TR-02102-1 RSA Keylength not shorter than 3000bits
starting 2024, in the year 2023 3000bits as a recommendation. Gitea
should request longer RSA Keys by default in favor of security and drop
old clients which do not support longer keys.


https://www.bsi.bund.de/SharedDocs/Downloads/DE/BSI/Publikationen/TechnischeRichtlinien/TR02102/BSI-TR-02102.pdf?__blob=publicationFile&v=9
- Page 19, Table 1.2

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-08-28 00:53:16 +00:00
Earl Warren
a9ce570298
add Upload URL to release API (#26663)
- Resolves https://codeberg.org/forgejo/forgejo/issues/580
- Return a `upload_field` to any release API response, which points to
the API URL for uploading new assets.
- Adds unit test.
- Adds integration testing to verify URL is returned correctly and that
upload endpoint actually works

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
2023-08-24 10:36:10 +00:00
Infinoid
86ee5b4b1b
PATCH branch-protection updates check list even when checks are disabled (#26351)
Fixes: #26333.

Previously, this endpoint only updates the `StatusCheckContexts` field
when `EnableStatusCheck==true`, which makes it impossible to clear the
array otherwise.

This patch uses slice `nil`-ness to decide whether to update the list of
checks. The field is ignored when either the client explicitly passes in
a null, or just omits the field from the json ([which causes
`json.Unmarshal` to leave the struct field
unchanged](https://go.dev/play/p/Z2XHOILuB1Q)). I think this is a better
measure of intent than whether the `EnableStatusCheck` flag was set,
because it matches the semantics of other field types.

Also adds a test case. I noticed that [`testAPIEditBranchProtection`
only checks the branch
name](c1c83dbaec/tests/integration/api_branch_test.go (L68))
and no other fields, so I added some extra `GET` calls and specific
checks to make sure the fields are changing properly.

I added those checks the existing integration test; is that the right
place for it?
2023-08-24 05:36:04 +00:00
techknowlogick
b3f7137174
Update minimum password length requirements (#25946) 2023-08-21 19:27:50 +00:00
wxiaoguang
79c3329502
Do not use deprecated log config options by default (#26592)
Simplify the log config

* Remove unnecessary `ROUTER` config, it defaults to the `MODE`.
* `XORM` config was deprecated
2023-08-20 01:05:29 +00:00
KN4CK3R
ecd51f710b
Fix NuGet search endpoints (#25613)
Fixes #25564
Fixes #23191

- Api v2 search endpoint should return only the latest version matching
the query
- Api v3 search endpoint should return `take` packages not package
versions
2023-08-14 02:50:55 +00:00
wxiaoguang
c28e29fd94
Refactor tests (#26464)
1. Give the global variable clear names
2. Use generic parameter for `onGiteaRun`
2023-08-12 16:30:16 +00:00
wxiaoguang
a85a862804
Fix admin queue page title (#26409)
Fix #26408

```
# locale_en-US.ini
[admin]
monitor.queues = Queues
```

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-08-10 02:05:37 +00:00
Panagiotis "Ivory" Vasilopoulos
daf7092863
Improve multiple strings in en-US locale (#26213)
I kept sending pull requests that consisted of one-line changes. It's
time to
settle this once and for all. (Maybe.)

- Explain Gitea behavior and the consequences of each
  setting better, so that the user does not have to consult
  the docs.
- Do not use different spellings of identical terms
  interchangeably, e.g. `e-mail` and `email`.
- Use more conventional terms to describe the same things,
  e.g. `Confirm Password` instead of `Re-Type Password`.
- Introduces additional clarification for Mirror Settings
- Small adjustments in test
- This is a cry for help.
- Grammar and spelling consistencies for en-US locale
  (e.g. cancelled -> canceled)
- Introduce tooltip improvements.

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-08 15:25:05 +00:00
Earl Warren
20f47bbca9
fix generated source URL on rendered files (#26364)
- The permalink and 'Reference in New issue' URL of an renderable file
(those where you can see the source and a rendered version of it, such
as markdown) doesn't contain `?display=source`. This leads the issue
that the URL doesn't have any effect, as by default the rendered version
is shown and thus not the source.
- Add `?display=source` to the permalink URL and to 'Reference in New
Issue' if it's renderable file.
- Add integration testing.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1088

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-08 09:04:04 +00:00
KN4CK3R
0c6ae61229
Allow package cleanup from admin page (#25307)
Until now expired package data gets deleted daily by a cronjob. The
admin page shows the size of all packages and the size of unreferenced
data. The users (#25035, #20631) expect the deletion of this data if
they run the cronjob from the admin page but the job only deletes data
older than 24h.

This PR adds a new button which deletes all expired data.

![grafik](https://github.com/go-gitea/gitea/assets/1666336/b3e35d73-9496-4fa7-a20c-e5d30b1f6850)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-08-08 00:46:10 +00:00
Zettat123
9a8af92577
Fix the bug when getting files changed for pull_request_target event (#26320)
Follow #25229

Copy from
https://github.com/go-gitea/gitea/pull/26290#issuecomment-1663135186

The bug is that we cannot get changed files for the
`pull_request_target` event. This event runs in the context of the base
branch, so we won't get any changes if we call
`GetFilesChangedSinceCommit` with `PullRequest.Base.Ref`.
2023-08-05 14:26:06 +08:00
Earl Warren
b1089bdafe
speed up TestEventSourceManagerRun (#26262)
- `setting.UI.Notification.EventSourceUpdateTime` is by default 10
seconds, which adds an 10 second delay before the test succeeds.
- Lower the interval to reduce it to at most 3 second delay (the code
only send events when they are at least 2 seconds old).

(cherry picked from commit 3adb9ae600)

Refs: https://codeberg.org/forgejo/forgejo/pulls/1166

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-01 17:57:11 +00:00
Denys Konovalov
b9baed2c74
Introduce flex-list & flex-item elements for Gitea UI (#25790)
This PR introduces a new UI element type for Gitea called `flex-item`.
It consists of a horizontal card with a leading, main and trailing part:


![grafik](https://github.com/go-gitea/gitea/assets/47871822/395dd3f3-3906-4481-8f65-be6ac0acbe03)

The idea behind it is that in Gitea UI, we have many cases where we use
this kind of layout, but it is achieved in many different ways:
  - grid layout
  - `.ui.list` with additional hacky flexbox
- `.ui.key.list` - looks to me like a style set originally created for
ssh/gpg key list, was used in many other places
  - `.issue.list` - created for issue cards, used in many other places
  - ...

This new style is based on `.issue.list`, specifically the refactoring
of it done in #25750.

In this PR, the new element is introduced and lots of templates are
being refactored to use that style. This allows to remove a lot of
page-specific css, makes many of the elements responsive or simply
provides a cleaner/better-looking way to present information.

A devtest section with the new style is also available.

<details>
<summary>Screenshots (left: before, right: after)</summary>

![Bildschirmfoto vom 2023-07-09
21-01-21](https://github.com/go-gitea/gitea/assets/47871822/545b7da5-b300-475f-bd6d-b7d836950bb5)
![Bildschirmfoto vom 2023-07-09
21-01-56](https://github.com/go-gitea/gitea/assets/47871822/b6f70415-6795-4f71-a5ea-117d56107ea1)
![Bildschirmfoto vom 2023-07-09
21-02-45](https://github.com/go-gitea/gitea/assets/47871822/47407121-3f2a-4778-8f6d-ad2687c2e7b3)
![Bildschirmfoto vom 2023-07-09
21-03-44](https://github.com/go-gitea/gitea/assets/47871822/76167aaf-c3b2-46f6-9ffd-709f20aa6a34)
![Bildschirmfoto vom 2023-07-09
21-04-52](https://github.com/go-gitea/gitea/assets/47871822/af8fdde5-711e-4524-99cf-fb5d68af85b9)
![Bildschirmfoto vom 2023-07-09
21-05-25](https://github.com/go-gitea/gitea/assets/47871822/ae406946-e3e4-4109-abfe-b3588a07b468)
![Bildschirmfoto vom 2023-07-09
21-06-35](https://github.com/go-gitea/gitea/assets/47871822/2dbacc04-24d6-4f91-9e42-e16d6e4b5f1f)
![Bildschirmfoto vom 2023-07-09
21-09-03](https://github.com/go-gitea/gitea/assets/47871822/d3ca4e56-a72f-4179-adc8-98bfd638025b)
![Bildschirmfoto vom 2023-07-09
21-09-44](https://github.com/go-gitea/gitea/assets/47871822/df1fa689-499c-4e54-b6fb-3b81644b725f)
![Bildschirmfoto vom 2023-07-09
21-10-27](https://github.com/go-gitea/gitea/assets/47871822/b21cac71-a85a-4c8c-bb99-ab90373d8e09)
![Bildschirmfoto vom 2023-07-09
21-11-12](https://github.com/go-gitea/gitea/assets/47871822/89be39cf-0af9-4f2d-9fca-42f9eb5e7824)
![Bildschirmfoto vom 2023-07-09
21-12-01](https://github.com/go-gitea/gitea/assets/47871822/079579ea-1ecb-49c0-b32b-b59ed957caec)
![Bildschirmfoto vom 2023-07-09
21-17-44](https://github.com/go-gitea/gitea/assets/47871822/61ac6ec4-a319-4d5c-9c99-2e02a77295ba)
![Bildschirmfoto vom 2023-07-09
21-18-27](https://github.com/go-gitea/gitea/assets/47871822/5b55b73f-6244-47f7-a3e6-c5e4a7474585)
![Bildschirmfoto vom 2023-07-09
21-19-18](https://github.com/go-gitea/gitea/assets/47871822/c1b7c22e-3e5a-46d4-b8d6-5560db478c0b)
![Bildschirmfoto vom 2023-07-09
21-29-13](https://github.com/go-gitea/gitea/assets/47871822/82ffca8d-ab2e-4a18-9954-5b685bf6a422)
![Bildschirmfoto vom 2023-07-09
21-30-11](https://github.com/go-gitea/gitea/assets/47871822/ad2fdccc-2be8-41bb-bfdc-a084aa387b61)
![Bildschirmfoto vom 2023-07-09
21-32-44](https://github.com/go-gitea/gitea/assets/47871822/2d298ba7-d084-48b5-a139-f86d56262110)
![Bildschirmfoto vom 2023-07-09
21-33-28](https://github.com/go-gitea/gitea/assets/47871822/4cbd838e-9de8-4ad0-8ed9-438da5c9a5cb)


</details>

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2023-08-01 00:13:42 +02:00
Panagiotis "Ivory" Vasilopoulos
d58c542579
Add 'Show on a map' button to Location in profile, fix layout (#26214)
Not too important, but I think that it'd be a pretty neat touch.

Also fixes some layout bugs introduced by a previous PR.

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-07-31 08:44:45 +00:00
Jason Song
1e76a824bc
Refactor and enhance issue indexer to support both searching, filtering and paging (#26012)
Fix #24662.

Replace #24822 and #25708 (although it has been merged)


## Background

In the past, Gitea supported issue searching with a keyword and
conditions in a less efficient way. It worked by searching for issues
with the keyword and obtaining limited IDs (as it is heavy to get all)
on the indexer (bleve/elasticsearch/meilisearch), and then querying with
conditions on the database to find a subset of the found IDs. This is
why the results could be incomplete.

To solve this issue, we need to store all fields that could be used as
conditions in the indexer and support both keyword and additional
conditions when searching with the indexer.

## Major changes

- Redefine `IndexerData` to include all fields that could be used as
filter conditions.
- Refactor `Search(ctx context.Context, kw string, repoIDs []int64,
limit, start int, state string)` to `Search(ctx context.Context, options
*SearchOptions)`, so it supports more conditions now.
- Change the data type stored in `issueIndexerQueue`. Use
`IndexerMetadata` instead of `IndexerData` in case the data has been
updated while it is in the queue. This also reduces the storage size of
the queue.
- Enhance searching with Bleve/Elasticsearch/Meilisearch, make them
fully support `SearchOptions`. Also, update the data versions.
- Keep most logic of database indexer, but remove
`issues.SearchIssueIDsByKeyword` in `models` to avoid confusion where is
the entry point to search issues.
- Start a Meilisearch instance to test it in unit tests.
- Add unit tests with almost full coverage to test
Bleve/Elasticsearch/Meilisearch indexer.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-31 06:28:53 +00:00
JakobDev
ea385f5d39
Fix API leaking Usermail if not logged in (#25097)
The API should only return the real Mail of a User, if the caller is
logged in. The check do to this don't work. This PR fixes this. This not
really a security issue, but can lead to Spam.

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-07-31 01:18:38 +00:00
Zettat123
b33cf4fabc
Fix access check for org-level project (#26182)
Fix #25934

Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global
disabled units when `ignoreGlobal` is true. So the org-level projects
and user-level projects won't be affected by global disabled
`repo.projects` unit.
2023-07-29 14:13:24 +00:00
sebastian-sauer
55532061c8
Add commits dropdown in PR files view and allow commit by commit review (#25528)
This PR adds a new dropdown to select a commit or a commit range
(shift-click like github) of a Pull Request.
After selection of a commit only the changes of this commit will be shown.
When selecting a range of commits the diff of this range is shown.

This allows to review a PR commit by commit or by viewing only commit ranges.
The "Show changes since your last review" mechanism github uses is implemented, too.
When reviewing a single commit or a commit range the "Viewed" functionality is disabled.

## Screenshots

### The commit dropdown

![image](https://github.com/go-gitea/gitea/assets/51889757/0db3ae62-1272-436c-be64-4730c5d611e3)

### Selecting a commit range

![image](https://github.com/go-gitea/gitea/assets/51889757/ad81eedb-8437-42b0-8073-2d940c25fe8f)

### Show changes of a single commit only

![image](https://github.com/go-gitea/gitea/assets/51889757/6b1a113b-73ef-4ecc-adf6-bc2340bb8f97)

### Show changes of a commit range

![image](https://github.com/go-gitea/gitea/assets/51889757/6401b358-cd66-4c09-8baa-6cf6177f23a7)


Fixes https://github.com/go-gitea/gitea/issues/20989
Fixes https://github.com/go-gitea/gitea/issues/19263

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2023-07-28 21:18:12 +02:00
KN4CK3R
2d7fe4cc1e
Fix handling of plenty Nuget package versions (#26075)
Fixes #25953

- Do not load full version information (v3)
- Add pagination support (v2)
2023-07-26 19:43:21 +00:00
Felix Victor
0533187f28
Update email-setup.en-us.md (#26068)
The setting `MAILER_TYPE` is deprecated.
According to the config cheat sheet, it should be `PROTOCOL`.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-07-26 21:50:15 +08:00
wxiaoguang
915cdf8f87
Remove "misc" scope check from public API endpoints (#26134)
Fix #26035
2023-07-26 02:53:31 +00:00
JakobDev
6598d0291c
Allow Organisations to have a E-Mail (#25082)
Resolves #25057

This adds a E-Mail field to Organisations. The E-Mail is just shown on
the Profile when it is visited by a logged in User. The E-mail is not
used for something else.

**Screenshots:**

![grafik](https://github.com/go-gitea/gitea/assets/15185051/a8d622b3-7278-4c08-984b-9c5ebfdb5471)

![grafik](https://github.com/go-gitea/gitea/assets/15185051/6dcb1dd7-d04b-49eb-bc96-6582cfe9757b)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Denys Konovalov <privat@denyskon.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-07-25 08:26:27 +00:00
KN4CK3R
6aa30af724
Fix handling of Debian files with trailing slash (#26087)
Fixes #26022

- Fix handling of files with trailing slash
- Fix handling of duplicate package file errors
- Added test for both
2023-07-24 16:19:44 +02:00