Commit graph

3594 commits

Author SHA1 Message Date
M Hickford
34f509eb7a
Parse OAuth Authorization header when request omits client secret (#21351)
This fixes error "unauthorized_client: invalid client secret" when
client includes secret in Authorization header rather than request body.
OAuth spec permits both.

Sanity validation that client id and client secret in request are
consistent with Authorization header.

Improve error descriptions. Error codes remain the same.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-10-07 10:53:49 +08:00
Gennady Kovshenin
fd2d5f06b0
Add stat to ToCommit function for speed (#21337)
Calls to ToCommit are very slow due to fetching diffs, analyzing files.
This patch lets us supply `stat` as false to speed fetching a commit
when we don't need the diff.

/v1/repo/commits has a default `stat` set as true now. Set to false to
experience fetching thousands of commits per second instead of 2-5 per
second.
2022-10-06 11:21:04 +08:00
Jason Song
a08b484549
Tag list should include draft releases with existing tags (#21263)
Before, a tag for a draft release disappeared in the tag list, fix #21262.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-10-03 20:05:53 +08:00
Clar Fon
3d10193be2
Allow specifying SECRET_KEY_URI, similar to INTERNAL_TOKEN_URI (#19663)
Only load SECRET_KEY and INTERNAL_TOKEN if they exist.
Never write the config file if the keys do not exist, which was only a fallback for Gitea upgraded from < 1.5

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-10-02 01:26:33 +08:00
qwerty287
08609d439d
Add pages to view watched repos and subscribed issues/PRs (#17156)
Adds GitHub-like pages to view watched repos and subscribed issues/PRs
This is my second try to fix this, but it is better than the first since
it doesn't uses a filter option which could be slow when accessing
`/issues` or `/pulls` and it shows both pulls and issues (the first try
is #17053).

Closes #16111 
Replaces and closes #17053


![Screenshot](https://user-images.githubusercontent.com/80460567/134782937-3112f7da-425a-45b6-9511-5c9695aee896.png)

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-09-29 22:09:14 +03:00
qwerty287
1dfa28ffa5
Add API endpoint to get changed files of a PR (#21177)
This adds an api endpoint `/files` to PRs that allows to get a list of changed files.

built upon #18228, reviews there are included
closes https://github.com/go-gitea/gitea/issues/654

Co-authored-by: Anton Bracke <anton@ju60.de>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-09-29 04:27:20 +02:00
M Hickford
0e83ab8df7
Improve error descriptions for unauthorized_client (#21292)
Fixes #21282


As suggested by the [OAuth RFC](https://www.rfc-editor.org/rfc/rfc6749)
(quoted below), it's helpful to give more detail in the description

> error_description
OPTIONAL. Human-readable ASCII
[[USASCII](https://www.rfc-editor.org/rfc/rfc6749#ref-USASCII)] text
providing **additional information, used to assist the client developer
in understanding the error that occurred.**
Values for the "error_description" parameter MUST NOT include characters
outside the set %x20-21 / %x23-5B / %x5D-7E.
2022-09-28 15:10:27 -04:00
Wim
889a41c6a8
Do not allow organisation owners add themselves as collaborator (#20043)
We're already checking for repo owners, but we also need to check for
organisation owners that try to add themselves as collaborator

Closes #17966
2022-09-28 01:25:40 +02:00
John Olheiser
8cd3237a9e
Better repo API unit checks (#21130)
This PR would presumably
Fix #20522
Fix #18773
Fix #19069
Fix #21077

Fix #13622

-----

1. Check whether unit type is currently enabled
2. Check if it _will_ be enabled via opt
3. Allow modification as necessary


Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-09-28 00:23:58 +02:00
KN4CK3R
0c8ce71188
Make NuGet service index publicly accessible (#21242)
Addition to #20734, Fixes #20717

The `/index.json` endpoint needs to be accessible even if the registry
is private. The NuGet client uses this endpoint without
authentification.

The old fix only works if the NuGet cli is used with `--source <name>`
but not with `--source <url>/index.json`.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-09-24 23:17:08 +08:00
Jack Vine
83680c97a7
NPM Package Registry search API endpoint (#20280)
Close #20098, in the NPM registry API, implemented to match what's described by https://github.com/npm/registry/blob/master/docs/REGISTRY-API.md#get-v1search

Currently have only implemented the bare minimum to work with the [Unity Package Manager](https://docs.unity3d.com/Manual/upm-ui.html).

Co-authored-by: Jack Vine <jackv@jack-lemur-suse.cat-prometheus.ts.net>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-09-24 19:24:33 +08:00
KN4CK3R
f52fe82add
Use absolute links in feeds (#21229)
fixes #20864

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-09-21 16:51:42 -04:00
6543
c5e88fb03d
[API] teamSearch show teams with no members if user is admin (#21204)
close #21176
2022-09-19 20:02:29 +08:00
KN4CK3R
43c10def68
Fix CSV diff for added/deleted files (#21189)
Fixes #21184
Regression of #19552

Instead of using `GetBlobByPath` I use the already existing instances.

We need more information from #19530 if that error is still present.
2022-09-17 10:45:32 +08:00
JakobDev
bf325d4412
Keep path when creating a new branch (#21153)
If you are create a new new branch while viewing file or directory, you
get redirected to the root of the repo. With this PR, you keep your
current path instead of getting redirected to the repo root.
2022-09-15 21:25:16 +08:00
JakobDev
cad8f1b1fe
Use correct branch for .editorconfig error (#21152)
In #21088 I accidentally forgot to support multiple branches. It always
checks the default branch, no matter on which branch you are working on.
With this fix, it always shows the error from the current branch. Sorry
for that.
2022-09-14 20:54:30 +02:00
JakobDev
23fbf5e1ee
Show .editorconfig errors in frontend (#21088)
If the user views the .editorconfig of the Repo, an the the
.editorconfig contains error, those errors are now shown above the file.
2022-09-12 00:16:56 +02:00
Jason Song
831e981357
Allow poster to choose reviewers (#21084)
Allow the poster of a PR to choose reviewers (add only). 

Solve #20746
2022-09-09 18:27:47 +01:00
Jason Song
5f127a729e
Fix typo of issue template name (#21117)
Should be

- .gitea/issue_template.md
- .gitea/issue_template.yaml
- .gitea/issue_template.~~md~~yml

Related to #20987, #21030.
2022-09-09 11:22:33 +08:00
Tyrone Yeh
ebafb4b575
Fix pagination limit parameter problem (#21109)
In commits list can use limit parameter to change, but pagination number
is wrong
2022-09-08 11:56:14 -04:00
KN4CK3R
8b8bdb30fb
Allow uppercase ASCII alphabet in PyPI package names (#21095)
The PyPI name regexp is too restrictive and only permits lowercase characters. This PR adjusts the regexp to add in support for uppercase characters.

Fix #21014
2022-09-07 21:18:51 +01:00
luzpaz
cb3b3e519f
Fix various typos (#21103)
Found via `codespell -q 3 -S
./options/locale,./options/license,./public/vendor,./web_src/fomantic -L
actived,allways,attachements,ba,befores,commiter,pullrequest,pullrequests,readby,splitted,te,unknwon`

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-09-07 14:40:36 -04:00
Aaron F
3963625b6e
Webhook for Wiki changes (#20219)
Add support for triggering webhook notifications on wiki changes.

This PR contains frontend and backend for webhook notifications on wiki actions (create a new page, rename a page, edit a page and delete a page). The frontend got a new checkbox under the Custom Event -> Repository Events section. There is only one checkbox for create/edit/rename/delete actions, because it makes no sense to separate it and others like releases or packages follow the same schema.

![image](https://user-images.githubusercontent.com/121972/177018803-26851196-831f-4fde-9a4c-9e639b0e0d6b.png)

The actions itself are separated, so that different notifications will be executed (with the "action" field). All the webhook receivers implement the new interface method (Wiki) and the corresponding tests.

When implementing this, I encounter a little bug on editing a wiki page. Creating and editing a wiki page is technically the same action and will be handled by the ```updateWikiPage``` function. But the function need to know if it is a new wiki page or just a change. This distinction is done by the ```action``` parameter, but this will not be sent by the frontend (on form submit). This PR will fix this by adding the ```action``` parameter with the values ```_new``` or ```_edit```, which will be used by the ```updateWikiPage``` function.

I've done integration tests with matrix and gitea (http).

![image](https://user-images.githubusercontent.com/121972/177018795-eb5cdc01-9ba3-483e-a6b7-ed0e313a71fb.png)

Fix #16457

Signed-off-by: Aaron Fischer <mail@aaron-fischer.net>
2022-09-04 20:54:23 +01:00
Eng Zer Jun
8b0aaa5f86
test: use T.TempDir to create temporary test directory (#21043)
A testing cleanup. 

This pull request replaces `os.MkdirTemp` with `t.TempDir`. We can use the `T.TempDir` function from the `testing` package to create temporary directory. The directory created by `T.TempDir` is automatically removed when the test and all its subtests complete. 

This saves us at least 2 lines (error check, and cleanup) on every instance, or in some cases adds cleanup that we forgot.

Reference: https://pkg.go.dev/testing#T.TempDir

```go
func TestFoo(t *testing.T) {
	// before
	tmpDir, err := os.MkdirTemp("", "")
	require.NoError(t, err)
	defer os.RemoveAll(tmpDir)

	// now
	tmpDir := t.TempDir()
}
```

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
2022-09-04 16:14:53 +01:00
zeripath
e6b3be4608
Add more checks in migration code (#21011)
When migrating add several more important sanity checks:

* SHAs must be SHAs
* Refs must be valid Refs
* URLs must be reasonable

Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <matti@mdranta.net>
2022-09-04 13:47:56 +03:00
Jason Song
93a610a819
Fill the specified ref in webhook test payload (#20961)
The webhook payload should use the right ref when it‘s specified in the testing request.

The compare URL should not be empty, a URL like `compare/A...A` seems useless in most cases but is helpful when testing.
2022-09-04 12:18:07 +03:00
José Carlos
b8818a1c68
fix: PackageMetadataVersion deps (#21017)
Set DevDependencies, PeerDependencies & OptionalDependencies in npm package metadatas

Fix  #21013
2022-09-02 23:00:18 +01:00
Jason Song
84447df4d3
Support Issue forms and PR forms (#20987)
* feat: extend issue template for yaml

* feat: support yaml template

* feat: render form to markdown

* feat: support yaml template for pr

* chore: rename to Fields

* feat: template unmarshal

* feat: split template

* feat: render to markdown

* feat: use full name as template file name

* chore: remove useless file

* feat: use dropdown of fomantic ui

* feat: update input style

* docs: more comments

* fix: render text without render

* chore: fix lint error

* fix: support use description as about in markdown

* fix: add field class in form

* chore: generate swagger

* feat: validate template

* feat: support is_nummber and regex

* test: fix broken unit tests

* fix: ignore empty body of md template

* fix: make multiple easymde editors work in one page

* feat: better UI

* fix: js error in pr form

* chore: generate swagger

* feat: support regex validation

* chore: generate swagger

* fix: refresh each markdown editor

* chore: give up required validation

* fix: correct issue template candidates

* fix: correct checkboxes style

* chore: ignore .hugo_build.lock in docs

* docs: separate out a new doc for merge templates

* docs: introduce syntax of yaml template

* feat: show a alert for invalid templates

* test: add case for a valid template

* fix: correct attributes of required checkbox

* fix: add class not-under-easymde for dropzone

* fix: use more back-quotes

* chore: remove translation in zh-CN

* fix EasyMDE statusbar margin

* fix: remove repeated blocks

* fix: reuse regex for quotes

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-09-02 15:58:49 +08:00
John Olheiser
a48d6ba4b4
Go 1.19 format (#20758)
* 1.19 gofumpt

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Change CSV test

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Commit whitespace fixes from @zeripath

Co-authored-by: zeripath <art27@cantab.net>

* Update emoji

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* bump swagger & fix generate-swagger

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-30 21:15:45 -05:00
KN4CK3R
4bd3b05b62
Redirect if user does not exist (#20981) 2022-08-29 15:44:39 +02:00
Peter Gardfjäll
4562d40fce
fix hard-coded timeout and error panic in API archive download endpoint (#20925)
* fix hard-coded timeout and error panic in API archive download endpoint

This commit updates the `GET /api/v1/repos/{owner}/{repo}/archive/{archive}`
endpoint which prior to this PR had a couple of issues.

1. The endpoint had a hard-coded 20s timeout for the archiver to complete after
   which a 500 (Internal Server Error) was returned to client. For a scripted
   API client there was no clear way of telling that the operation timed out and
   that it should retry.

2. Whenever the timeout _did occur_, the code used to panic. This was caused by
   the API endpoint "delegating" to the same call path as the web, which uses a
   slightly different way of reporting errors (HTML rather than JSON for
   example).

   More specifically, `api/v1/repo/file.go#GetArchive` just called through to
   `web/repo/repo.go#Download`, which expects the `Context` to have a `Render`
   field set, but which is `nil` for API calls. Hence, a `nil` pointer error.

The code addresses (1) by dropping the hard-coded timeout. Instead, any
timeout/cancelation on the incoming `Context` is used.

The code addresses (2) by updating the API endpoint to use a separate call path
for the API-triggered archive download. This avoids producing HTML-errors on
errors (it now produces JSON errors).

Signed-off-by: Peter Gardfjäll <peter.gardfjall.work@gmail.com>
2022-08-29 11:45:20 +02:00
KN4CK3R
41c76ad714
Add support for Vagrant packages (#20930)
* Add support for Vagrant boxes.

* Add authentication.

* Add tests.

* Add integration tests.

* Add docs.

* Add icons.

* Update routers/api/packages/api.go

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
2022-08-29 15:04:45 +08:00
zeripath
bb0ff77e46
Share HTML template renderers and create a watcher framework (#20218)
The recovery, API, Web and package frameworks all create their own HTML
Renderers. This increases the memory requirements of Gitea
unnecessarily with duplicate templates being kept in memory.

Further the reloading framework in dev mode for these involves locking
and recompiling all of the templates on each load. This will potentially
hide concurrency issues and it is inefficient.

This PR stores the templates renderer in the context and stores this
context in the NormalRoutes, it then creates a fsnotify.Watcher
framework to watch files.

The watching framework is then extended to the mailer templates which
were previously not being reloaded in dev.

Then the locales are simplified to a similar structure.

Fix #20210 
Fix #20211
Fix #20217

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-08-28 10:43:25 +01:00
Gusted
27ac65a124
Only show relevant repositories on explore page (#19361)
Adds a new option to only show relevant repo's on the explore page, for bigger Gitea instances like Codeberg this is a nice option to enable to make the explore page more populated with unique and "high" quality repo's. A note is shown that the results are filtered and have the possibility to see the unfiltered results.

Co-authored-by: vednoc <vednoc@protonmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: 6543 <6543@obermui.de>
2022-08-25 20:38:41 +02:00
KN4CK3R
dc0253b063
Replace ServeStream with ServeContent (#20903)
* Replace ServeStream with ServeContent.

* Update modules/timeutil/timestamp.go

Co-authored-by: delvh <dev.lh@web.de>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-08-25 12:05:21 -04:00
Lunny Xiao
1d8543e7db
Move some files into models' sub packages (#20262)
* Move some files into models' sub packages

* Move functions

* merge main branch

* Fix check

* fix check

* Fix some tests

* Fix lint

* Fix lint

* Revert lint changes

* Fix error comments

* Fix lint

Co-authored-by: 6543 <6543@obermui.de>
2022-08-25 10:31:57 +08:00
zeripath
a4a6a5987b
Return 404 NotFound if requested attachment does not exist (#20886)
Add code to test if GetAttachmentByID returns an ErrAttachmentNotExist error
and return NotFound instead of InternalServerError

Fix #20884

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-24 13:36:21 +01:00
oliverpool
0a9ed54abb
refactor webhook *EditPost (#20780) 2022-08-23 02:52:35 -04:00
CodeDoctor
aedfc923ad
Improve single repo action for issue and pull requests (#20730)
Related to #20650.

This will fix the behavior of the single repo action for pull requests and disables the button for other screens that don't have a single repo action currently.
2022-08-22 13:51:48 +01:00
Gary Wang
36dfe544f4
Fix mirror address setting not working (#20850)
This patch fixes the issue that the mirror address field is ignored from the repo setting form.
2022-08-21 19:23:50 +01:00
Gusted
0b4c166e8a
Fix SQL Query for SearchTeam (#20844)
- Currently the function takes in the `UserID` option, but isn't being
used within the SQL query. This patch fixes that by checking that only
teams are being returned that the user belongs to.

Fix #20829

Co-authored-by: delvh <dev.lh@web.de>
2022-08-21 17:24:05 +01:00
zeripath
11bae50484
Pad GPG Key ID with preceding zeroes (#20878) 2022-08-21 02:50:15 -04:00
zeripath
68f3aaee80
Remove calls to load Mirrors in user.Dashboard (#20855)
Whilst looking at #20840 I noticed that the Mirrors data doesn't appear
to be being used therefore we can remove this and in fact none of the
related code is used elsewhere so it can also be removed.

Related #20840
Related #20804

Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-08-18 20:53:31 -04:00
Lunny Xiao
999392f6a5
Fix owners cannot create organization repos bug (#20841)
* Fix owners cannot create organization repos bug

* Fix api

* Update routers/api/v1/org/team.go

Co-authored-by: Gusted <williamzijl7@hotmail.com>

Co-authored-by: Gusted <williamzijl7@hotmail.com>
2022-08-18 11:58:21 +03:00
techknowlogick
d8e6c99125
Add badge capabilities to users (#20607)
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2022-08-18 02:25:25 +03:00
parnic
7503cd35c2
Use the total issue count for UI (#20785)
* Use the total issue count for UI

This fixes a problem where the "All" line item on the Issues or Pull Requests page was only showing the count of the selected repos instead of the total of all issues/prs in all repos.

The "total number of shown issues" number is now stashed in a different context variable in case it wants to be used by the frontend later. It's currently not being used.

Fixes #20574

* Remove unused context variable

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-17 21:13:41 +08:00
Will Norris
82f89ff996
auth/reverseproxy: Add support for full name (#20776)
This adds support for getting the user's full name from the reverse
proxy in addition to username and email.

Tested locally with caddy serving as reverse proxy with Tailscale
authentication.

Signed-off-by: Will Norris <will@tailscale.com>

Signed-off-by: Will Norris <will@tailscale.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-16 14:30:27 +08:00
Lunny Xiao
1f146090ec
Add migrate repo archiver and packages storage support on command line (#20757)
* Add migrate repo archiver and packages storage support on command line

* Fix typo

* Use stdCtx

* Use packageblob and fix command description

* Add migrate packages unit tests

* Fix comment year

* Fix the migrate storage command line description

* Update cmd/migrate_storage.go

Co-authored-by: zeripath <art27@cantab.net>

* Update cmd/migrate_storage.go

Co-authored-by: zeripath <art27@cantab.net>

* Update cmd/migrate_storage.go

Co-authored-by: zeripath <art27@cantab.net>

* Fix test

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2022-08-16 12:05:15 +08:00
Lunny Xiao
86c85c19b6
Refactor AssertExistsAndLoadBean to use generics (#20797)
* Refactor AssertExistsAndLoadBean to use generics

* Fix tests

Co-authored-by: zeripath <art27@cantab.net>
2022-08-16 10:22:25 +08:00
zeripath
58a4407acb
Remove follow from commits by file (#20765)
The use of `--follow` makes getting these commits very slow on large repositories
as it results in searching the whole commit tree for a blob.

Now as nice as the results of `--follow` are, I am uncertain whether it is really
of sufficient importance to keep around.

Fix #20764

Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-08-14 21:22:13 -04:00
zeripath
99efa02edf
Switch Unicode Escaping to a VSCode-like system (#19990)
This PR rewrites the invisible unicode detection algorithm to more
closely match that of the Monaco editor on the system. It provides a
technique for detecting ambiguous characters and relaxes the detection
of combining marks.

Control characters are in addition detected as invisible in this
implementation whereas they are not on monaco but this is related to
font issues.

Close #19913

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-08-13 19:32:34 +01:00
oliverpool
c81b26b0e5
refactor webhook *NewPost (#20729)
* refactor webhook *NewPost

* remove empty values

* always show errs.Message

* remove utils.IsValidSlackChannel

* move IsValidSlackChannel to services/webhook package

* binding: handle empty Message case

* make IsValidSlackChannel more strict
2022-08-11 17:48:23 +02:00
Gusted
58de07e5fd
Add support mCaptcha as captcha provider (#20458)
https://mcaptcha.org/

Co-authored-by: Felipe Leopoldo Sologuren Gutiérrez <fsologureng@users.noreply.github.com>
2022-08-10 15:20:10 +02:00
KN4CK3R
7009eb9a24
Add support for NuGet API keys (#20721)
* Add support for NuGet API key.

* lint

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-09 17:36:49 +03:00
KN4CK3R
920481340b
Keep download count on Container tag overwrite (#20728)
Co-authored-by: 6543 <6543@obermui.de>
2022-08-09 16:47:57 +03:00
CodeDoctor
36f9ee5813
Add an option to create new issues from "/issues" page (#20650) 2022-08-09 19:30:09 +08:00
KN4CK3R
fba20550f9
Add support for npm unpublish (#20688) 2022-08-09 15:23:43 +08:00
KN4CK3R
cc6927b2d8
Allow multiple files in generic packages (#20661)
* Allow multiple files in generic packages.
* Add deletion of a single file.
* Update docs.
* Change version check.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-09 12:39:24 +08:00
wxiaoguang
75d96f4a02
Refactor legacy git init (#20376)
* merge `CheckLFSVersion` into `InitFull` (renamed from `InitWithSyncOnce`)
* remove the `Once` during git init, no data-race now
* for doctor sub-commands, `InitFull` should only be called in initialization stage

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-09 11:22:24 +08:00
parnic
0066bc5113
Add issue filter for Author (#20578)
This adds a new filter option on the issues and pulls pages to filter by the author/poster/creator of the issue or PR
2022-08-08 22:03:58 +02:00
KN4CK3R
2b101994a6
Fix init mail render logic (#20704)
This bug affects tests which are sending emails (#20307). Some tests reinitialise the web routes (like `TestNodeinfo`) which messed up the mail templates. There is no reason why the templates should be loaded in the routes method.
2022-08-08 20:04:28 +02:00
KN4CK3R
f55af4675c
Add support for Pub packages (#20560)
* Added support for Pub packages.

* Update docs/content/doc/packages/overview.en-us.md

Co-authored-by: Gergely Nagy <algernon@users.noreply.github.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Gergely Nagy <algernon@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-08-07 18:09:54 +08:00
parnic
27789908d8
Use request timeout for git service rpc (#20689)
This enables git.Command's Run to optionally use the given context directly so its deadline will be respected. Otherwise, it falls back to the previous behavior of using the supplied timeout or a default timeout value of 360 seconds.

repo's serviceRPC() calls now use the context's deadline (which is unset/unlimited) instead of the default 6-minute timeout. This means that large repo clones will no longer arbitrarily time out on the upload-pack step, and pushes can take longer than 6 minutes on the receive-pack step.

Fixes #20680

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-06 16:13:11 +03:00
KN4CK3R
baf374a3a4
Allow multiple metadata files for Maven packages (#20674)
* Allow file overwrite for meta files.

* Added tests.

* lint

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2022-08-05 15:00:47 -04:00
KN4CK3R
99fc419855
Send correct NuGet status codes (#20647)
* Fixed status codes.

* Fixed status codes.
2022-08-03 11:22:32 -04:00
Tyrone Yeh
7a31292c20
Add default commit messages to PR for squash merge (#20618)
Keep the same behavior as 1.16

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: John Olheiser <john.olheiser@gmail.com>
2022-08-03 12:56:59 +08:00
Norwin
2754ecc293
Use correct page size for link header pagination (#20546)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-08-02 22:59:44 +08:00
Clar Fon
036dd8a788
Rework mailer settings (#18982)
* `PROTOCOL`: can be smtp, smtps, smtp+startls, smtp+unix, sendmail, dummy
* `SMTP_ADDR`: domain for SMTP, or path to unix socket
* `SMTP_PORT`: port for SMTP; defaults to 25 for `smtp`, 465 for `smtps`, and 587 for `smtp+startls`
* `ENABLE_HELO`, `HELO_HOSTNAME`: reverse `DISABLE_HELO` to `ENABLE_HELO`; default to false + system hostname
* `FORCE_TRUST_SERVER_CERT`: replace the unclear `SKIP_VERIFY`
* `CLIENT_CERT_FILE`, `CLIENT_KEY_FILE`, `USE_CLIENT_CERT`: clarify client certificates here

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-08-02 13:24:18 +08:00
Gary Wang
c35535ce07
Support localized README (#20508)
* Support localized README

* Slightly simplify getting the readme file and add some tests. Ensure that i18n also
works for docs/ etc.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update modules/markup/renderer.go

* Update modules/markup/renderer.go

* Update modules/markup/renderer.go

Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-08-01 01:36:58 +03:00
Lunny Xiao
589677fafb
Add disable download source configuration (#20548)
Add configuration to enable/disable download source from UI.

Co-authored-by: zeripath <art27@cantab.net>
2022-07-31 18:57:02 +02:00
6543
0b12abcfb5
Add missing Tabs on organisation/package view (Frontport #20539) (#20540)
hotfix #20106
2022-07-31 14:32:51 +02:00
silverwind
ae3dde1c87
Rework file highlight rendering and fix yaml copy-paste (#19967)
* Rework file highlight rendering and fix yaml copy-paste

* use Split+Trim to replace tag parser

* remove unnecessary bytes.Count

* remove newLineInHTML = "&#10;"

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-30 21:17:43 +02:00
Mohamed Sekour
0e61a74e5a
Add new API endpoints for push mirrors management (#19841)
- Add a new push mirror to specific repository
- Sync now ( send all the changes to the configured push mirrors )
- Get list of all push mirrors of a repository
- Get a push mirror by ID
- Delete push mirror by ID

Signed-off-by: Mohamed Sekour <mohamed.sekour@exfo.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
2022-07-30 18:45:59 +02:00
zeripath
e819da0837
WebAuthn CredentialID field needs to be increased in size (#20530)
WebAuthn have updated their specification to set the maximum size of the
CredentialID to 1023 bytes. This is somewhat larger than our current
size and therefore we need to migrate.

The PR changes the struct to add CredentialIDBytes and migrates the CredentialID string 
to the bytes field before another migration drops the old CredentialID field. Another migration
renames this field back.

Fix #20457

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-30 15:25:26 +02:00
Gusted
692707f145
Add latest commit's SHA to content response (#20398)
* Add latest commit's SHA to content response

- When requesting the contents of a filepath, add the latest commit's
SHA to the requested file.
- Resolves #12840

* Add swagger

* Fix NPE

* Fix tests

* Hook into LastCommitCache

* Move AddLastCommitCache to a common nogogit and gogit file

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Prevent NPE

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-30 16:09:04 +08:00
silverwind
eaf653f843
Rework raw file http header logic (#20484)
- Always respect the user's configured mime type map
- Allow more types like image/pdf/video/audio to serve with correct content-type
- Shorten cache duration of raw files to 5 minutes, matching GitHub
- Don't set `content-disposition: attachment`, let the browser decide whether it wants to download or display a file directly
- Implement rfc5987 for filenames, remove previous hack. Confirmed it working in Safari.
- Make PDF attachment work in Safari by removing `sandbox` attribute.

This change will make a lot more file types open directly in browser now. Logic should generally be more readable than before with less `if` nesting and such.

Replaces: https://github.com/go-gitea/gitea/pull/20460
Replaces: https://github.com/go-gitea/gitea/pull/20455
Fixes: https://github.com/go-gitea/gitea/issues/20404
2022-07-29 17:26:55 +02:00
Gergely Nagy
99f2f826ce
packages/generic: Do not restrict package versions to SemVer (#20414)
There are existing packages out there whose version do not conform to SemVer, yet, one would like to have them available in a generic package repository. To this end, remove the SemVer restriction on package versions when using the Generic package registry, and replace it with a check that simply makes sure the version isn't empty.

Signed-off-by: Gergely Nagy <me@gergo.csillger.hu>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: 6543 <6543@obermui.de>
2022-07-29 00:09:54 +02:00
Tyrone Yeh
3bd8f50af8
Added email notification option to receive all own messages (#20179)
Sometimes users want to receive email notifications of messages they create or reply to,
Added an option to personal preferences to allow users to choose

Closes #20149
2022-07-28 16:30:12 +08:00
KN4CK3R
86e5268c39
Add Docker /v2/_catalog endpoint (#20469)
* Added properties for packages.
* Fixed authenticate header format.
* Added _catalog endpoint.
* Check owner visibility.
* Extracted condition.
* Added test for _catalog.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-28 11:59:39 +08:00
Lunny Xiao
6554d5197f
Fix possible panic when repository is empty (#20509)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-07-28 00:46:34 +08:00
Norwin
2ae1675092
Show hint to link package to repo when viewing empty repo package list (#20504)
* show hint to link package to repo

on empty repo package listing

* reword
2022-07-27 19:58:21 +08:00
KN4CK3R
a3d55ac523
Hide internal package versions (#20492)
* Hide internal versions from most searches.

* Added test.
2022-07-27 09:59:10 +08:00
Norwin
305372efe3
fix enabling repo packages when projects are off (#20486) 2022-07-26 16:34:14 +02:00
zeripath
a2cfcdb91a
Slightly simplify LastCommitCache (#20444)
The LastCommitCache code is a little complex and there is unnecessary
duplication between the gogit and nogogit variants.

This PR adds the LastCommitCache as a field to the git.Repository and
pre-creates it in the ReferencesGit helpers etc. There has been some
simplification and unification of the variant code.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-25 16:39:42 +01:00
Tyrone Yeh
16edee85bd
Add repository condition for issue count (#20454)
* Add repository condition for issue count

* Update routers/web/user/home.go

Co-authored-by: Gusted <williamzijl7@hotmail.com>

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-07-24 19:53:40 +03:00
Gusted
9cf0352f14
Prepend commit message to template content (#20429)
- When a repository has a pull request template, it will always override
the current content. With this PR it will prepend content to the
template content when appropriate. This is similar how GitHub(and GitLab
I presume) does it and it saves developers time to not go open their
commit and copy paste their will written commit message.
2022-07-24 04:45:33 +01:00
silverwind
14178c56bb
Add Cache-Control header to html and api responses, add no-transform (#20432)
`no-transform` allegedly disables CloudFlare auto-minify and we did not
set caching headers on html or api requests, which seems good to have
regardless.

Transformation is still allowed for asset requests.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-07-23 14:38:03 +08:00
6543
0a97480934
Add "X-Gitea-Object-Type" header for GET /raw/ & /media/ API (#20438) 2022-07-21 21:18:41 +02:00
6543
c0f5111fea
Dismiss prior pull reviews if done via web in review dismiss (#20197) 2022-07-19 15:20:28 +02:00
Lunny Xiao
d6779c7ad3
Fix public org members displayed too many informations (#20403) 2022-07-19 12:22:38 +02:00
Gusted
57e0bf43eb
Set target on create release with existing tag (#20381)
When you create a new release(e.g. via Tea) and specify a tag that already exists on
the repository, Gitea will instead use the `UpdateRelease`
functionality. However it currently doesn't set the Target field. This
PR fixes that.
2022-07-15 20:39:03 +02:00
zeripath
dbd3b7f9fd
Initialize cron last (#20373)
Cron will try to run certain things at startup but these depend on multiple things
being set-up. Therefore we should initialize cron last.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-15 16:20:05 +01:00
a1012112796
4f267ef643
Allow access to the Public Organization Member lists with minimal permissions (#20330)
Examining Organization membership should not necessarily require sign-in if the organization is public and the members are public. Therefore we should adjust `/org/{org}/members` to not require login.

Fix #7501

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-07-15 15:21:54 +01:00
silverwind
7d20c8323a
Fix commit status icon when in subdirectory (#20285)
When viewing a subdirectory and the latest commit to that directory in
the table, the commit status icon incorrectly showed the status of the
HEAD commit instead of the latest for that directory.
2022-07-15 14:01:32 +01:00
zeripath
bffa303020
Add option to purge users (#18064)
Add the ability to purge users when deleting them.

Close #15588

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-07-14 08:22:09 +01:00
Gusted
07ec8288bf
Add missing return for when topic isn't found (#20351)
Add missing return to DeleteTopic API when the topic is not found.
2022-07-13 18:39:19 +01:00
luzpaz
d29d6d1991
Fix various typos (#20338)
* Fix various typos

Found via `codespell -q 3 -S ./options/locale,./options/license,./public/vendor -L actived,allways,attachements,ba,befores,commiter,pullrequest,pullrequests,readby,splitted,te,unknwon`

Co-authored-by: zeripath <art27@cantab.net>
2022-07-12 23:32:37 +02:00
Gusted
3aec32ad16
Add write check for creating Commit status (#20332)
- Add write code checks for creating new commit status
- Regression #5314

Co-authored-by: zeripath <art27@cantab.net>
2022-07-12 14:51:06 +02:00
silverwind
c8e0fd0bcc
Add spectral linter for Swagger (#20321)
[spectral](https://github.com/stoplightio/spectral) lints
openapi/swagger files for mistakes of which it has identified a few and
which I've fixed.

I had to put it into `lint-frontend` because it depends on node_modules
so can not run on Drone during the backend target. I plan to refactor
these targets later to `lint-js` and `lint-go` so that they are
categorized based on the tool dependencies.
2022-07-11 18:07:16 -05:00
wxiaoguang
27e2def5f0
Refactor SSH init code, fix directory creation for TrustedUserCAKeys file (#20299)
* Refactor SSH init code, fix directory creation for TrustedUserCAKeys file

* Update modules/ssh/init.go

Co-authored-by: zeripath <art27@cantab.net>

* fix lint copyright

* Update modules/ssh/init.go

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-07-10 14:50:26 +08:00