Commit graph

4929 commits

Author SHA1 Message Date
FermeLeLundi
9ae95d7bbb Update modules/keying/keying_test.go
Typo
2024-11-28 10:35:55 +00:00
FermeLeLundi
229cb20f68 Update modules/keying/keying.go
Typo
2024-11-28 10:34:08 +00:00
FermeLeLundi
893c2f2d90 Update modules/git/repo_commit.go
Typo
2024-11-28 10:31:28 +00:00
FermeLeLundi
0f64c5a806 Update modules/indexer/code/elasticsearch/elasticsearch.go
Typo
2024-11-28 10:29:18 +00:00
FermeLeLundi
eef6d55877 Update modules/typesniffer/typesniffer.go
Typo
2024-11-28 10:27:33 +00:00
Earl Warren
22d08c62f1 Merge pull request 'feat: migrate TOTP secrets to keying' (#6074) from gusted/forgejo-totp-keying into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6074
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-11-27 18:31:35 +00:00
Gusted
7aeb1ba1d5
fix: normalize guessed languages from enry
- In the case that Enry correctly recognized the language, but returns
the language name in a way that isn't recognized by enry. Although
overkill I've added a map such that new entries should be easier to add.
- Resolves #6077
- Added unit test
2024-11-27 17:57:02 +01:00
Gusted
a8c61532d2
feat: migrate TOTP secrets to keying
- Currently the TOTP secrets are stored using the `secrets` module with
as key the MD5 hash of the Secretkey, the `secrets` module uses general
bad practices. This patch migrates the secrets to use the `keying`
module (#5041) which is easier to use and use better practices to store
secrets in databases.
- Migration test added.
- Remove the Forgejo migration databases, and let the gitea migration
databases also run forgejo migration databases. This is required as the
Forgejo migration is now also touching tables that the forgejo migration
didn't create itself.
2024-11-27 00:34:16 +01:00
Earl Warren
e5417fdede Merge pull request '[gitea] week 2024-48 cherry pick (gitea/main -> forgejo)' (#6062) from earl-warren/wcp/2024-48 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/6062
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-26 16:42:38 +00:00
Benedikt Straub
cc8e02edda
Add Low German to list of default languages 2024-11-25 18:36:14 +01:00
Rowan Bohde
eb0645f185
disable gravatar in test (#32529)
When running e2e tests on flaky networks, gravatar can cause a timeout
and test failures. Turn off, and populate avatars on e2e test suite run
to make them reliable.

(cherry picked from commit 9ac74a1a408136455a9e0586fb8e65163048597b)

Conflicts:
	models/fixtures/user.yml
	services/repository/contributors_graph_test.go
  trivial context conflicts
2024-11-24 15:42:36 +00:00
Lunny Xiao
6482429091
Fix submodule parsing
(cherry picked from commit 33850a83fe4ebd23a762a7aac81614c42e303bfa)

This really is just the cherry pick of 407b6e6dfc7ee9ebb8a16c7f1a786e4c24d0516e
which is the first commit of the pull request, the one with the
change. The rest of the changes is a refactor that is unrelated to the
bug fix.

Conflicts:
	modules/git/commit_test.go
  trivial context conflict
2024-11-24 11:00:06 +00:00
Nirmal Kumar R
9057100182 fix: Preview picture not visible on Markdown file (#5781)
Extend API MarkupOptions to contain branch path.

The `api.MarkupOptions{}`  to have `BranchPath` which contains the
current branch. The `RenderMarkup` function utilizes a struct since there
are too many variables passed as arguments and that is not a good sign
for readability.

And `repo-editor.js` will contain a new form data which is `branch-path`
which will then be utilized by `edit.tmpl` as `data-branch-path`.

Closes: #4510

## Checklist

The [contributor guide](https://forgejo.org/docs/next/contributor/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [ ] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [x] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [ ] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5781
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Nirmal Kumar R <tildezero@gmail.com>
Co-committed-by: Nirmal Kumar R <tildezero@gmail.com>
2024-11-23 15:00:18 +00:00
Earl Warren
1597dc078d Merge pull request '[gitea] week 2024-47 cherry pick (gitea/main -> forgejo)' (#5997) from earl-warren/wcp/2024-47 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5997
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-21 18:15:34 +00:00
James Hatfield
16d06705b3 feat: add setting to block disposable emails
- Add a new setting `EMAIL_DOMAIN_BLOCK_DISPOSABLE` that will append a list of
  domains that are known for being used by temporary or disposable email
  services.

- Add a utility to automatically download and format the list of domains from
  the disposable-email-domains project on github.

  (https://github.com/disposable-email-domains/disposable-email-domains)
  license: CC0 1.0 Universal (CC0 1.0) [Public Domain]

  from README:
  """
  This repo contains a list of disposable and temporary email address domains often used to register dummy users in order to spam or abuse some services.

  We cannot guarantee all of these can still be considered disposable but we do basic checking so chances are they were disposable at one point in time.
  """
2024-11-20 23:17:37 -06:00
JakobDev
45fa9e5ae9 fix: Allow Organisations to remove the Email Address (#5517)
It is possible to set a Email for a Organization. This Email is optional and only used to be displayed on the profile page. However, once you set an EMail, you can no longer remove it. This PR fixes that.

While working on the tests, I found out, that the API returns a 500 when trying to set an invalid EMail. I fixed that too. It returns a 422 now.

Fixes #4567

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5517
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-committed-by: JakobDev <jakobdev@gmx.de>
2024-11-20 12:31:34 +00:00
JakobDev
f90928507a [FEAT]Allow changing git notes (#4753)
Git has a cool feature called git notes. It allows adding a text to a commit without changing the commit itself. Forgejo already displays git notes. With this PR you can also now change git notes.

<details>
<summary>Screenshots</summary>

![grafik](/attachments/53a9546b-c4db-4b07-92ae-eb15b209b21d)
![grafik](/attachments/1bd96f2c-6178-45d2-93d7-d19c7cbe5898)
![grafik](/attachments/9ea73623-25d1-4628-a43f-f5ecbd431788)
![grafik](/attachments/efea0c9e-43c6-4441-bb7e-948177bf9021)

</details>

## Checklist

The [developer guide](https://forgejo.org/docs/next/developer/) contains information that will be helpful to first time contributors. There also are a few [conditions for merging Pull Requests in Forgejo repositories](https://codeberg.org/forgejo/governance/src/branch/main/PullRequestsAgreement.md). You are also welcome to join the [Forgejo development chatroom](https://matrix.to/#/#forgejo-development:matrix.org).

### Tests

- I added test coverage for Go changes...
  - [ ] in their respective `*_test.go` for unit tests.
  - [x] in the `tests/integration` directory if it involves interactions with a live Forgejo server.
- I added test coverage for JavaScript changes...
  - [ ] in `web_src/js/*.test.js` if it can be unit tested.
  - [ ] in `tests/e2e/*.test.e2e.js` if it requires interactions with a live Forgejo server (see also the [developer guide for JavaScript testing](https://codeberg.org/forgejo/forgejo/src/branch/forgejo/tests/e2e/README.md#end-to-end-tests)).

### Documentation

- [ ] I created a pull request [to the documentation](https://codeberg.org/forgejo/docs) to explain to Forgejo users how to use this change.
- [x] I did not document these changes and I do not expect someone else to do it.

### Release notes

- [ ] I do not want this change to show in the release notes.
- [x] I want the title to show in the release notes with a link to this pull request.
- [ ] I want the content of the `release-notes/<pull request number>.md` to be be used for the release notes instead of the title.

<!--start release-notes-assistant-->

## Release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Features
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/4753): <!--number 4753 --><!--line 0 --><!--description QWxsb3cgY2hhbmdpbmcgZ2l0IG5vdGVz-->Allow changing git notes<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4753
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-committed-by: JakobDev <jakobdev@gmx.de>
2024-11-18 22:56:17 +00:00
Earl Warren
b9697f5227
fix(test): TestGitAttributeCheckerError must allow broken pipe
Early cancelation can lead to two kinds of error. Either canceled or
broken pipe, depending on when the goroutine stops.

Fixes: forgejo/forgejo#6012
2024-11-18 08:20:10 +01:00
wxiaoguang
45435a8789
Fix and refactor markdown rendering (#32522)
(cherry picked from commit 5eebe1dc5fb29a162c51d050396fce7b14e47f4e)

Conflicts:
	models/repo/repo.go
	models/repo/repo_test.go
	modules/markup/html.go
	modules/markup/html_commit.go
	modules/markup/html_email.go
	modules/markup/html_emoji.go
	modules/markup/html_internal_test.go
	modules/markup/html_issue.go
	modules/markup/html_link.go
	modules/markup/html_node.go
	modules/markup/html_test.go
	modules/markup/markdown/goldmark.go
	modules/markup/markdown/markdown_test.go
	modules/markup/markdown/transform_image.go
	modules/markup/orgmode/orgmode.go
	modules/markup/orgmode/orgmode_test.go
	modules/markup/render.go
	modules/markup/render_links.go
	modules/templates/util_render.go
	modules/templates/util_render_test.go
	routers/common/markup.go
	routers/web/feed/convert.go
	routers/web/repo/wiki.go
  but a few lines survived and are useful
2024-11-17 20:34:28 +01:00
Gusted
da40383cf4 Revert defaulting to EdDSA
- Apparently JWT actually checks when doing a JWT operation if the key type is valid and not on startup, this caused errors unfortunately.
2024-11-17 00:42:31 +00:00
Gusted
e4eb82b738
fix: use better code to group UID and stopwatches
- Instead of having code that relied on the result being sorted (which
wasn't specified in the query and therefore not safe to assume so). Use
a map where it doesn't care if the result that we get from the database
is sorted or not.
- Added unit test.
2024-11-16 15:59:02 +01:00
Gusted
02a2dbef69
feat: default to generating EdDSA for OAuth JWT signing key 2024-11-16 15:03:28 +01:00
Gusted
7067cc7da4
fix: strict matching of allowed content for sanitizer
- _Simply_ add `^$` to regexp that didn't had it yet, this avoids any
content being allowed that simply had the allowed content as a
substring.
- Fix file-preview regex to have `$` instead of `*`.
2024-11-15 10:59:36 +01:00
Gusted
1ce33aa38d
fix: extend forgejo_auth_token table
- Add a `purpose` column, this allows the `forgejo_auth_token` table to
be used by other parts of Forgejo, while still enjoying the
no-compromise architecture.
- Remove the 'roll your own crypto' time limited code functions and
migrate them to the `forgejo_auth_token` table. This migration ensures
generated codes can only be used for their purpose and ensure they are
invalidated after their usage by deleting it from the database, this
also should help making auditing of the security code easier, as we're
no longer trying to stuff a lot of data into a HMAC construction.
-Helper functions are rewritten to ensure a safe-by-design approach to
these tokens.
- Add the `forgejo_auth_token` to dbconsistency doctor and add it to the
`deleteUser` function.
- TODO: Add cron job to delete expired authorization tokens.
- Unit and integration tests added.
2024-11-15 10:59:36 +01:00
Michael Kriese
969027e3f2
test: add trailing newline to testlogger.go:recordError message 2024-11-14 14:38:47 +01:00
Gusted
b86f6cae03 Merge pull request 'feat: Make AVIF Images work with Forgejo' (#5940) from JakobDev/forgejo:avif into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5940
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-11-14 08:40:53 +00:00
Gusted
bb93d3e6c8
fix: handle renamed dependency for cargo registery
- When a dependency is renamed, specified via `package="actual-name"` in
Cargo.toml, this should become the name of the depedency when the
package is retrieved from the registery by cargo and the old name should
be available in the `package` field.
- The reference implementation also does this: 490e66a9d6/src/controllers/krate/publish.rs (L702-L705)
- Resolves #5936
- Unit test added.
2024-11-13 21:26:49 +01:00
JakobDev
19a27ded86
feat: Make AVIF Images work with Forgejo 2024-11-13 19:09:40 +01:00
Otto
3531710dc6 Merge pull request 'fix: Proper parsing of date for git commits' (#5892) from gusted/forgejo-port-32409 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5892
Reviewed-by: Otto <otto@codeberg.org>
2024-11-11 14:22:32 +00:00
Michael Kriese
c33cbae7cc
test: fix test linting
See forgejo/forgejo#5911
2024-11-11 12:44:36 +01:00
Gusted
a1762a6f9b
fix: Proper paring of date for git commits
- Properly parse the date of the git commit and pass that around.
2024-11-10 22:23:28 +01:00
wxiaoguang
7e1aa8a5cd
[PORT] Refactor DateUtils and merge TimeSince (gitea#32409)
Follow #32383 and #32402

---
Conflict resolution: Magic, painful.

(cherry picked from commit b068dbd40ee3b4dc7d18cdcf168f0c24cea234c0)
2024-11-10 22:23:27 +01:00
Otto
ab36ab57e4 Merge pull request 'enh(issue search): sort by score and term based query for fuzzy search' (#5819) from snematoda/enh-issue-search into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5819
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-10 12:51:55 +00:00
Shiny Nematoda
b6e6a2c36e test: add for issue indexer sort by score 2024-11-10 07:17:27 +00:00
Shiny Nematoda
a265574821 enh(search): improve issue search
- new sort by relevency option for issue search
- rework bleve fuzzy search to consider each term rather than matching the entire phrase
2024-11-10 07:17:27 +00:00
wxiaoguang
3c4153b195
[PORT] Refactor tests to prevent from unnecessary preparations (gitea#32398)
Some preparations are only used by a few tests, so to make the tests fast, they should only be prepared when they are used.

By the way, this PR splits PrepareTestEnv into small functions to make it simple.

---

Conflict resolution: Mostly magical and just re-pasting the code into
the right places.
Done differently: use `require.NoError` instead of `assert.NoError`.

(cherry picked from commit ec2d1593c269e06655525deb96f74b8094221b6f)
2024-11-07 23:02:10 +01:00
Otto
0fb48872ac Merge pull request '[FEAT] Trim spaces from repo names on form submission' (#5822) from gusted/forgejo-trim-spaces-form into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5822
Reviewed-by: Otto <otto@codeberg.org>
2024-11-06 09:16:17 +00:00
Earl Warren
36b18fb6cc Merge pull request '[gitea] week 2024-45 cherry pick (gitea/main -> forgejo)' (#5789) from algernon/wcp/2024-45 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5789
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-06 08:57:43 +00:00
Gusted
310376525b
[CHORE] Use forked binding library
- Use the forked [binding](https://code.forgejo.org/go-chi/binding)
library. This library has two benefits, it removes the usage of
`github.com/goccy/go-json` (has no benefit as the minimo library is also
using it). It adds the `TrimSpace` feature, which will during the
binding part trim the spaces around the value it got from the form, this
is done before validation.
2024-11-05 22:47:34 +01:00
Otto
f28e728317 Merge pull request '[PORT] Replace DateTime with proper functions (gitea#32402)' (#5796) from gusted/forgejo-port-dateutils into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5796
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-11-05 21:46:29 +00:00
Gusted
2f8e7a2c67
[CHORE] Add extra testing
- Do more property testing for null values.
- Add test for `AbsoluteLong`.
2024-11-05 21:20:55 +01:00
Gusted
d5a1188086 Merge pull request 'feat: add partial quoting' (#5677) from gusted/forgejo-partial-qouting into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5677
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-11-05 20:13:04 +00:00
Otto
ae8e8f388c Merge pull request 'i18n: Add dummy language for checking translation keys (#5785)' (#5786) from xtex/forgejo:dummy-lang into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5786
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-11-05 10:41:15 +00:00
xtex
42eed7dbea i18n: Add dummy language for checking translation keys (#5785) 2024-11-05 09:59:04 +00:00
Lunny Xiao
268276d4a7
Fix created_unix for mirroring (#32342)
Fix #32233

(cherry picked from commit 13a203828c40f9ad1005b16b4ae26256a7df8263)
2024-11-05 09:39:23 +01:00
Kyle D.
748ae10e7c
Add artifacts test fixture (#30300)
Closes https://github.com/go-gitea/gitea/issues/30296

- Adds a DB fixture for actions artifacts
- Adds artifacts test files
- Clears artifacts test files between each run
- Note: I initially initialized the artifacts only for artifacts tests,
but because the files are small it only takes ~8ms, so I changed it to
always run in test setup for simplicity
- Fix some otherwise flaky tests by making them not depend on previous
tests

(cherry picked from commit 66971e591e5dddd5b6dc1572ac48f4e4ab29b8e0)

Conflicts:
	- tests/integration/api_actions_artifact_test.go
	  Conflict resolved by manually changing the tested artifact
	  name from "artifact" to "artifact-download"
	- tests/integration/api_actions_artifact_v4_test.go
	  Conflict resolved by manually updating the tested artifact
	  names, and adjusting the test case only present in our tree.
	- tests/test_utils.go
	  Resolved by manually copying the added function.
2024-11-05 09:33:15 +01:00
Zettat123
6b74043b85
Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365)
Fix #28121

I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.

348d1d0f32/routers/api/packages/container/container.go (L712-L717)
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html
<img width="600px"
src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>

In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.

```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```

---

Most S3-like services support specifying the content type when storing
objects. However, Gitea always use `application/octet-stream`.
Therefore, I believe we also need to improve the `Save` method to
support storing objects with the correct content type.

b7fb20e73e/modules/storage/minio.go (L214-L221)
(cherry picked from commit 0690cb076bf63f71988a709f62a9c04660b51a4f)

Conflicts:
	- modules/storage/azureblob.go
	  Dropped the change, as we do not support Azure blob storage.
	- modules/storage/helper.go
	  Resolved by adjusting their `discardStorage` to our
	  `DiscardStorage`
	- routers/api/actions/artifacts.go
	  routers/api/actions/artifactsv4.go
	  routers/web/repo/actions/view.go
	  routers/web/repo/download.go
	  Resolved the conflicts by manually adding the new `nil`
	  parameter to the `storage.Attachments.URL()` calls.

	  Originally conflicted due to differences in the if expression
	  above these calls.
2024-11-05 09:33:15 +01:00
Oleksandr Redko
4aa61601c3
refactor: remove redundant err declarations (#32381)
(cherry picked from commit f4d3aaeeb9e1b11c5495e4608a3f52f316c35758)

Conflicts:
	- modules/charset/charset_test.go
	  Resolved by manually changing a `=` to `:=`, as per the
	  original patch. Conflict was due to `require.NoError`.
2024-11-05 09:33:15 +01:00
Royce Remer
fe5adbbbdc
Add new [lfs_client].BATCH_SIZE and [server].LFS_MAX_BATCH_SIZE config settings. (#32307)
This contains two backwards-compatible changes:
* in the lfs http_client, the number of lfs oids requested per batch is
loaded from lfs_client#BATCH_SIZE and defaulted to the previous value of
20
* in the lfs server/service, the max number of lfs oids allowed in a
batch api request is loaded from server#LFS_MAX_BATCH_SIZE and defaults
to 'nil' which equates to the previous behavior of 'infinite'

This fixes #32306

---------

Signed-off-by: Royce Remer <royceremer@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit c60e4dc1095ef90a790582cacfad27c972637bb2)

Conflicts:
	- services/lfs/server.go
	  Conflict due to our Quota implementation. Resolved by manually
	  adding the change after the quota check.
2024-11-05 09:33:15 +01:00
Lunny Xiao
42724b09c1
Fix clean tmp dir (#32360)
Try to fix #31792

Credit to @jeroenlaylo
Copied from
https://github.com/go-gitea/gitea/issues/31792#issuecomment-2311920520

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit feca8802b85dd75090c533ebdb92835d3d529f17)
2024-11-05 09:33:15 +01:00