Commit graph

16097 commits

Author SHA1 Message Date
silverwind
b073f7fd6a
Fix attachment clipboard copy on insecure origin (#26224) (#26231)
Backport https://github.com/go-gitea/gitea/pull/26224.

(cherry picked from commit 0d04f70d6a)
2023-08-21 07:22:15 +02:00
Giteabot
1d900bc6a9
Avoid writing config file if not installed (#26107) (#26113)
Backport #26107 by @wxiaoguang

Just like others (oauth2 secret, internal token, etc), do not generate
if no install lock

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit e2596b0a99)
(cherry picked from commit 78722734fe)
2023-08-21 07:22:15 +02:00
Gusted
8126dadc8d Merge pull request '[GITEA] Add anchor to review types' (#1295) from Gusted/forgejo:forgejo-bp-1293 into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1295
2023-08-19 23:47:55 +00:00
Gusted
88e179d5ef
[GITEA] Add anchor to review types
- Backport of https://codeberg.org/forgejo/forgejo/pulls/1293
  - The review type '22' is a general comment type that is attached to
single codecomments, reviews with multiple comments or to simple approve
and request changes comment. This comment can be used to create a link
towards this action on an pull request.
  - Adds an anchor to the review comment type, so that when its getting
linked to it, it actually jumps towards that event.
  - This also now fixes the behavior that after you created a review you
will be redirected to that review and because this is an general comment
type other mails will also be 'fixed' such as the approved or request changes.
  - Resolves https://codeberg.org/forgejo/forgejo/issues/1248
2023-08-19 20:46:46 +02:00
Gusted
08f1fe5812 Merge pull request '[GITEA] Use vertical tabs on issue filters' (#1294) from Gusted/forgejo:forgejo-bp-1287 into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1294
2023-08-19 18:43:09 +00:00
Gusted
7e18a86a3a
[GITEA] Use vertical tabs on issue filters
- Backport of https://codeberg.org/forgejo/forgejo/pulls/1287
  - This is actually https://github.com/go-gitea/gitea/pull/19978 &
https://github.com/go-gitea/gitea/pull/19486 but was removed in one of
the UI refactors of v1.20
  - This is a very technical fix and is best explained in the CSS
comments. But the short version: When there's an overflow being set, but
you want an element to 'break out' of that overflow with `position:
absolute`, it sometimes doesn't work! You need to set some CSS to let
the browser know that the element needs to use an element outside of
that overflow as 'clip parent'.
  - Resolves my internal frustration with the mobile UI constantly getting broken.

(cherry picked from commit 879f842bed)
2023-08-19 13:17:00 +02:00
Gusted
070904b531 Merge pull request 'Don't stack PR tab menu on small screens (#25789)' (#1288) from Gusted/forgejo:forgejo-gt-backport-25789 into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1288
2023-08-19 09:15:03 +00:00
sebastian-sauer
90053ce279
Don't stack PR tab menu on small screens (#25789)
the stacking takes up screen space - display the tabs as the navigation
bar. github uses the same layout.

Screenshots (left before, right after):

![image](https://github.com/go-gitea/gitea/assets/1135157/d7e2aaec-c67b-403d-8d56-d4c824b04eed)
![image](https://github.com/go-gitea/gitea/assets/1135157/9e150881-c265-4074-afd7-407bb52e1934)

Large screen:

![image](https://github.com/go-gitea/gitea/assets/1135157/d5cbdaa3-2962-4c4f-9595-5938981ff99e)

(cherry picked from commit b81c013057)
2023-08-18 15:40:21 +02:00
Gusted
30b11209d1 Merge pull request '[GITEA] Wrap branch information in PR list' (#1255) from Gusted/forgejo:forgejo-120-wrap-branches into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1255
2023-08-13 12:22:55 +00:00
Gusted
b45b87988b [GITEA] Wrap branch information in PR list
- On mobile there's not a lot of horizontal space, so sometimes
information such as icons has to be removed or information gets wrapped
in order to not result in overflowing or weird UI behavior.
- On mobile visiting the pull requests list of an repository, it shows
which head branch is merging into which base branch. This wasn't
properly made responsive and with sufficient long branch names (such as
those used in the Forgejo repository) it resulted in weird UI behavior.
- This patch fixes that by allowing it to wrap, such as the behavior in
1.21
- This already has been fixed in 1.21 with
b9baed2c74.
2023-08-12 17:14:21 +00:00
Gusted
291b1b6a26 Merge pull request '[GITEA] Fix media description render for orgmode' (#1256) from Gusted/forgejo:forgejo-backport-1224 into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1256
2023-08-12 17:13:56 +00:00
Gusted
82cb19649d
[GITEA] Fix media description render for orgmode
- Backport of #1224
- In org mode you can specify an description for media via the following
syntax `[[description][media link]]`. The description is then used as
title or alt.
- This patch fixes the rendering of the description by seperating the
description and non-description cases and using `org.String()`.
- Added unit tests.
- Inspired by 6eb20dbda9/org/html_writer.go (L406-L427)
- Resolves https://codeberg.org/Codeberg/Community/issues/848
2023-08-12 16:04:33 +02:00
Gusted
a8f5ad1437 Merge pull request 'Improve profile readme rendering (#25988)' (#1240) from earl-warren/forgejo:forgejo-v1.20-readme into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1240
2023-08-11 08:54:23 +00:00
Earl Warren
84c3b60a4c
Improve profile readme rendering (#25988)
- Tell the renderer to use the `document` mode, so it's consistent with
other renderers.
- Use the same padding as `.file-view.markup`, so it's consistent with
other containers that contain markup rendering.
- Resolves https://codeberg.org/forgejo/forgejo/issues/833

Co-authored-by: Gusted <postmaster@gusted.xyz>
Conflicts:
	routers/web/user/profile.go
	inserted Metas:   map[string]string{"mode": "document"}, where
	it was missing
2023-08-11 08:56:04 +02:00
Earl Warren
5d3cfbd2ba
[CI] pin go v1.20 for testing
Refs: https://codeberg.org/forgejo/forgejo/issues/1228
2023-08-09 17:56:06 +02:00
Gusted
b1b90dbb4b Merge pull request 'Fix API leaking Usermail if not logged in' (#1197) from Gusted/forgejo:gitea-backport-25097 into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1197
2023-08-05 19:46:59 +00:00
JakobDev
d89003cc1b Fix API leaking Usermail if not logged in (#25097)
The API should only return the real Mail of a User, if the caller is
logged in. The check do to this don't work. This PR fixes this. This not
really a security issue, but can lead to Spam.

---------

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit ea385f5d39)
2023-08-05 11:43:54 +00:00
Loïc Dachary
c9cd5fc65a
[GITEA] golang.org/x/net v0.13.0
Vulnerability #1: GO-2023-1988
    Improper rendering of text nodes in golang.org/x/net/html
  More info: https://pkg.go.dev/vuln/GO-2023-1988
  Module: golang.org/x/net
    Found in: golang.org/x/net@v0.12.0
    Fixed in: golang.org/x/net@v0.13.0
    Example traces found:
      #1: modules/markup/html.go:371:24: markup.postProcess calls html.Render
2023-08-04 23:27:27 +02:00
Gusted
d21b0026c7 Merge pull request '[GITEA] Show manual cron run's last time' (#1167) from Gusted/forgejo:backport-1087 into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1167
2023-07-31 20:29:47 +00:00
Gusted
5f769ef20d [GITEA] Show manual cron run's last time
- Currently in the cron tasks, the 'Previous Time' only displays the
previous time of when the cron library executes the function, but not
any of the manual executions of the task.
- Store the last run's time in memory in the Task struct and use that,
when that time is later than time that the cron library has executed this
task.
- This ensures that if an instance admin manually starts a task, there's
feedback that this task is/has been run, because the task might be run
that quick, that the status icon already has been changed to an
checkmark,
- Tasks that are executed at startup now reflect this as well, as the
time of the execution of that task on startup is now being shown as
'Previous Time'.
- Added integration tests for the API part, which is easier to test
because querying the HTML table of cron tasks is non-trivial.
- Resolves https://codeberg.org/forgejo/forgejo/issues/949
- Backport #1087
2023-07-31 18:34:14 +00:00
Gusted
eaa9b35cf6 Merge pull request '[GITEA] Use join for the deleting issue actions query' (#1165) from Gusted/forgejo:backport-1154 into v1.20/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1165
2023-07-31 18:33:47 +00:00
Gusted
9b71369be9 [GITEA] Use join for the deleting issue actions query
- The action tables can become very large as it's a dumpster for every
action that an user does on an repository.
- The following query: `DELETE FROM action WHERE comment_id IN (SELECT id FROM comment WHERE
issue_id=?)` is not using indexes for `comment_id` and is instead using
an full table scan by MariaDB.
- Rewriting the query to use an JOIN will allow MariaDB to use the
index.
- More information: https://codeberg.org/Codeberg-Infrastructure/techstack-support/issues/9
- Backport https://codeberg.org/forgejo/forgejo/pulls/1154
2023-07-31 10:14:30 +00:00
Gusted
e7d0475e15
[GOLDMARK] html <img /> code cannot be parse in markdown file
- Update goldmark to v1.5.5, which includes
254b9f8f77
- Resolves https://codeberg.org/Codeberg/Community/issues/936
- Backport https://codeberg.org/forgejo/forgejo/pulls/1155
2023-07-30 20:12:49 +02:00
Earl Warren
a1986507b7
Revert "Avoid writing config file if not installed (#26107) (#26113)"
This reverts commit 78722734fe.

It does not create `LFS_JWT_SECRET` if `INSTALL_LOCK` is true and the
value of `LFS_JWT_SECRET` found in `app.ini` is incorrect. As a result
LFS_JWT_SECRET will not be set at all and the Forgejo admin will not
be notified that the value in the `app.ini` was ignored.
2023-07-30 09:30:36 +02:00
Earl Warren
fb8de41e05
[SEMVER] 5.0.1+0-gitea-1.20.2 2023-07-30 07:48:18 +02:00
Giteabot
a81c6561e3
Fixed incorrect locale references (#26218) (#26222)
Backport #26218 by @kerwin612

Fixed two incorrect headers for setting the page navigation bar:
* User settings page, should not use the title "`org.settings`"
* Repo settings page, should not use the title "`org.settings`"

Co-authored-by: Kerwin Bryant <kerwin612@qq.com>
(cherry picked from commit 2122743093)
2023-07-30 07:46:19 +02:00
Giteabot
5afb0294f4
Fix access check for org-level project (#26182) (#26223)
Backport #26182 by @Zettat123

Fix #25934

Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global
disabled units when `ignoreGlobal` is true. So the org-level projects
and user-level projects won't be affected by global disabled
`repo.projects` unit.

Co-authored-by: Zettat123 <zettat123@gmail.com>
(cherry picked from commit 3a29712e0a)
2023-07-30 07:46:19 +02:00
Giteabot
7ee4804b9c
Fix commit compare style (#26209) (#26226)
Backport #26209 by @puni9869

as title

Fixes : #25825
Before
<img width="1334" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/c54a41b0-39bd-4094-a956-081a8f4128f2">

After change
<img width="1340" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/c112d235-6bbe-4bcb-9529-78da3ab0fa14">

Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
(cherry picked from commit 81d3dc1da5)
2023-07-30 07:46:19 +02:00
Giteabot
4c3dcdf815
Warn instead of reporting an error when a webhook cannot be found (#26039) (#26211)
Backport #26039 by @puni9869

Attemp fix: #25744
Fixing the log level when we delete any repo then we get error hook not
found by id. That should be warn level to reduce the noise in the logs.

Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
(cherry picked from commit c5fe09db72)
2023-07-30 07:46:19 +02:00
Giteabot
dfa114bfcb
Add changelog for 1.20.2 (#26208) (#26217)
Backport #26208 by @delvh

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 09814117e3)
2023-07-30 07:46:19 +02:00
Giteabot
268569b462
Fix allowed user types setting problem (#26200) (#26206)
Backport #26200 by @lunny

Fix #25951

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 499c5594c3)
2023-07-30 07:46:19 +02:00
Giteabot
751028549d
Prevent primary key update on migration (#26192) (#26199)
Backport #26192 by @KN4CK3R

Fixes #25918

The migration fails on MSSQL because xorm tries to update the primary
key column. xorm prevents this if the column is marked as auto
increment:

c622cdaf89/internal/statements/update.go (L38-L40)

I think it would be better if xorm would check for primary key columns
here because updating such columns is bad practice. It looks like if
that auto increment check should do the same.

fyi @lunny

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit ecfbcced46)
2023-07-30 07:46:18 +02:00
Giteabot
5a4b19435d
Calculate MAX_WORKERS default value by CPU number (#26177) (#26183)
(cherry picked from commit 892e24aaf1)
2023-07-30 07:46:18 +02:00
Lunny Xiao
4640c53386
Fix bug when pushing to a pull request which enabled dismiss approval automatically (#25882) (#26158)
Fix #25858
Backport #25882

The option `dissmiss stale approvals` was listed on protected branch but
never implemented. This PR fixes that.

<img width="1006" alt="图片"

src="https://github.com/go-gitea/gitea/assets/81045/60bfa968-4db7-4c24-b8be-2e5978f91bb9">

<img width="1021" alt="图片"

src="https://github.com/go-gitea/gitea/assets/81045/8dabc14d-2dfe-40c2-94ed-24fcbf6e0e8f">

(cherry picked from commit 666038a06d)
2023-07-30 07:46:18 +02:00
Giteabot
7bb8526736
Fix handling of plenty Nuget package versions (#26075) (#26173)
Backport #26075 by @KN4CK3R

Fixes #25953

- Do not load full version information (v3)
- Add pagination support (v2)

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 54614767a2)
2023-07-30 07:46:18 +02:00
Giteabot
31f2ce3998
Update email-setup.en-us.md (#26068) (#26166)
Backport #26068 by @felixvictor

The setting `MAILER_TYPE` is deprecated.
According to the config cheat sheet, it should be `PROTOCOL`.

Co-authored-by: Felix Victor <felix.victor.na@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 72b55c8094)
2023-07-30 07:43:05 +02:00
Giteabot
9654d71bb2
Fix bugs in LFS meta garbage collection (#26122) (#26157)
Backport #26122 by @Zettat123

This PR

- Fix #26093. Replace `time.Time` with `timeutil.TimeStamp`
- Fix #26135. Add missing `xorm:"extends"` to `CountLFSMetaObject` for
LFS meta object query
- Add a unit test for LFS meta object garbage collection

Co-authored-by: Zettat123 <zettat123@gmail.com>
(cherry picked from commit a12d036a68)
2023-07-30 07:43:05 +02:00
Giteabot
f3c26de1f4
Fix UI regression of asciinema player (#26159) (#26162)
Backport #26159 by @wolfogre

It was caused by updating `asciinema-player`, the upstream changed the
CSS class prefix:
`40505e479e`

<details>
<summary>Before:</summary>

<img width="1320" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/b91a2cf5-c1da-43d6-bac2-bc278728b11e">

</details>

<details>
<summary>After:</summary>

<img width="1311" alt="image"
src="https://github.com/go-gitea/gitea/assets/9418365/c9872d25-e0bb-43d4-8b1e-d87c6b03c0a2">

</details>

Co-authored-by: Jason Song <i@wolfogre.com>
(cherry picked from commit 65d6bdf0be)
2023-07-30 07:43:05 +02:00
Lunny Xiao
28f4029e40
Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154)
backport #26094
Temporily resolve #25915
Related #25994

This PR includes #26007 's changes but have a UI to prompt administrator
about the deprecated settings as well as the log or console warning.
Then users will have enough time to notice the problem and don't have
surprise like before.

<img width="1293" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/c33355f0-1ea7-4fb3-ad43-cd23cd15391d">

(cherry picked from commit c598741f01)
2023-07-30 07:42:53 +02:00
Earl Warren
f4fcdaba8c
Revert "[GITEA] do not use deprecatedSettingFatal for cosmetic reasons"
This reverts commit 2de8602855.
2023-07-30 07:42:38 +02:00
Giteabot
df5200e814
Remove "misc" scope check from public API endpoints (#26134) (#26149)
Backport #26134 by @wxiaoguang

Fix #26035

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit a8445e9320)
2023-07-26 13:51:46 +02:00
Earl Warren
bbc3426c53
Revert "[GITEA] do not enforce misc scope tokens for public API endpoints"
This reverts commit 666f43fb64.
2023-07-26 13:51:06 +02:00
Lunny Xiao
7099ef15b6
Update xorm version (#26128) (#26150)
backport #26128 to fix some serious bug.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit bc73e6a85c)
2023-07-26 13:50:10 +02:00
Giteabot
f20cfc291c
Fix LFS object list style (#26133) (#26147)
Backport #26133 by @wxiaoguang

Close #26104 . Only a quick fix, the UI is not perfect.

Before:

<details>

![image](https://github.com/go-gitea/gitea/assets/2114189/7b10d42d-8317-4d99-80f9-b6c5fe05c17e)

![image](https://github.com/go-gitea/gitea/assets/2114189/b43f1242-61a0-45e3-98b7-aa74b29f3813)

</details>

After:

<details>

![image](https://github.com/go-gitea/gitea/assets/2114189/a8d27f70-781d-4702-866f-a56df6dd6c0a)

![image](https://github.com/go-gitea/gitea/assets/2114189/379274e7-c67b-4c11-9cee-28a298b4ff5a)

</details>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 0f73be0ae3)
2023-07-26 13:49:16 +02:00
John Olheiser
b217ce3e9f
Docusaurus-ify 1.20 (#26052)
See https://github.com/go-gitea/gitea/pull/26051

---------

Signed-off-by: jolheiser <john.olheiser@gmail.com>
Co-authored-by: JonRB <4564448+eeyrjmr@users.noreply.github.com>
(cherry picked from commit 4033d95dbf)
2023-07-26 13:49:16 +02:00
Giteabot
b699e1d340
Fix CLI allowing creation of access tokens with existing name (#26071) (#26144)
Backport #26071 by @yardenshoham

We are now:
- Making sure there is no existing access token with the same name
- Making sure the given scopes are valid (we already did this before but
now we have a message)

The logic is mostly taken from
a12a5f3652/routers/api/v1/user/app.go (L101-L123)

Closes #26044

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
(cherry picked from commit 43213b816d)
2023-07-26 13:49:16 +02:00
Giteabot
016162f2a3
Increase table cell horizontal padding (#26140) (#26142)
Backport #26140 by @silverwind

Extract from https://github.com/go-gitea/gitea/pull/26043, just the
padding increase.

Before and After (hard to notice, but it's there):
<img width="427" alt="Screenshot 2023-07-25 at 19 37 12"
src="https://github.com/go-gitea/gitea/assets/115237/9543dcda-eccb-4739-b7dd-06b076108ab4">
<img width="420" alt="Screenshot 2023-07-25 at 19 37 26"
src="https://github.com/go-gitea/gitea/assets/115237/0a9c3724-81a1-4c67-a13b-4b728a51fc3a">

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit a55924aaf4)
2023-07-26 13:49:16 +02:00
Giteabot
f4a8f10f64
Fix incorrect router logger (#26137) (#26143)
Backport #26137 by @wxiaoguang

A low-level mistake:

* `log.Info` is global `Info` function, which calls "default" logger
* `logger.Info` is the for router's logger

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 782b137682)
2023-07-26 13:49:15 +02:00
Giteabot
d9d38b6244
added ssh mirror workaround description (#26096) (#26136)
Backport #26096 by @thigg

related #1635 #18159

This will probably be obsolete at some point, but it should not break
anything and it may help some users

Co-authored-by: thigg <thigg@users.noreply.github.com>
(cherry picked from commit 5992365fc1)
2023-07-26 13:49:15 +02:00
Giteabot
5969ec33a1
Improve commit graph alignment and truncating (#26112) (#26127)
Backport #26112 by @wxiaoguang

Fix #26101

![image](https://github.com/go-gitea/gitea/assets/2114189/7507d201-822e-4534-8b20-e659d56b1268)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 3b518a3af5)
2023-07-26 13:49:15 +02:00