Commit Graph

11984 Commits

Author SHA1 Message Date
DuckDuckWhale 484fe075f4
Fix: unstable sort skips/duplicates issues across pages (#18095)
When viewing issues in sorted order, some issues are duplicated across
pages and some are missing.  This is caused by the lack of tie-breakers
in database queries, making pagination inconsistent.

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-29 19:44:34 +08:00
zeripath de3216ee55
Use common sessioner for API and web routes (#18114)
* Use common sessioner for API and web routes

Since the regenerate session ID PR some users of the memory session provider have been
reporting difficulties with getting API results.

I am uncertain as to why this is happening - but I think that the sessioner being
created twice may be a potential cause for this. Therefore this PR attempts to move
this out to a common sessioner as it is in 1.16.

Fix #18070

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update routers/init.go
2021-12-28 22:15:01 +00:00
Lunny Xiao 353d88a42e
Migrating wiki don't require token, so we should move it out of the require form (#17645) (#18104)
* Migrating wiki don't require token, so we should move it out of the require form

* Fix lint

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-27 09:33:32 +08:00
Lunny Xiao a17fce31a9
Revert "Fix delete u2f keys bug (#18042)" (#18107)
This reverts commit 91f5be889a.
2021-12-26 22:57:00 +08:00
zeripath 71e1ebfa60
Instead of using routerCtx just escape the url before routing (#18086) (#18098)
Backport #18086

A consequence of forcibly setting the RoutePath to the escaped url is that the
auto routing to endpoints without terminal slashes fails (Causing #18060.) This
failure raises the possibility that forcibly setting the RoutePath causes other
unexpected behaviors too.

Therefore, instead we should simply pre-escape the URL in the process registering
handler. Then the request URL will be properly escaped for all the following calls.

Fix #17938
Fix #18060
Replace #18062
Replace #17997

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-26 10:32:04 +00:00
zeripath afe9d2cadd
Prevent NPE if gitea uploader fails to open url (#18080) (#18101)
Backport #18080

If http.Get() returns an error return nil and err before attempting to
use the broken file.

Thanks to walker xiong for spotting this bug.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-26 09:22:10 +00:00
zeripath 012e45a4c1
Correctly handle failed migrations (#17575) (#18099)
* Correctly handle failed migrations

There is a bug in handling failed migrations whereby the migration task gets decoupled
from the migration repository. This leads to a failure of the task to get deleted with
the repository and also leads to the migration failed page resulting in a ISE.

This PR removes the zeroing out of the task id from the migration but also makes
the migration handler tolerate missing tasks much nicer.

Fix #17571

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-12-25 15:45:51 +00:00
zeripath d25ff0d695
Reset locale on login (#17734) (#18100)
Backport #17734

When logging in reset the user's locale to ensure that it matches their
preferred locale.

Fix #15612

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-25 21:31:23 +08:00
zeripath 6eaebda1b5
Quote references to the user table in consistency checks (#18072) (#18073)
Backport #18072

Although #17487 ensured that the table was quoted in the join it missed that the
query part of the check also needed to be quoted.

Fix #17485

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-22 23:29:05 +00:00
zeripath 6100935a77
Add NotFound handler (#18062) (#18067)
Backport #18062

PR #17997 means that urls with terminal '/' are no longer immediately mapped
to the url without a terminal slash. However, it has revealed that the NotFound handler
appears to have been lost.

This PR adds back in a NotFound handler that simply redirects to a path without the
terminal slash or runs the NotFound handler.

Fix #18060

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-22 15:26:37 +00:00
zeripath 6de75224de
Ensure that git repository is closed before transfer (#18049) (#18057)
Backport #18049

Repository Transfer requires that the repository directory is renamed - which
is not possible on Windows if the git repository is open.

Fix #17885

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-21 18:27:46 +00:00
Lunny Xiao 9086916eb7
Fix code search result hint on zh-CN (#18053) 2021-12-21 16:08:06 +08:00
zeripath 877040e652
Update Changelog (#18047) 2021-12-20 22:12:46 -05:00
Lunny Xiao 91f5be889a
Fix delete u2f keys bug (#18042)
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-20 15:53:25 -05:00
zeripath a818a48c76
Move POST /{username}/action/{action} to simply POST /{username} (#18045) (#18046)
Backport #18045

The current code unfortunately requires that `action` be a reserved
repository name as it prevents posts to change the settings for
action repositories. However, we can simply change action handler
to work on POST /{username} instead.

Fix #18037

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-20 15:53:08 -05:00
zeripath 76e1c130fb
Reset Session ID on login (#18018) (#18041)
Backport #18018

When logging in the SessionID should be reset and the session cleaned up.

Also logs the user in on completion of linking account

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-20 20:06:54 +00:00
zeripath 148a417774
Prevent off-by-one error on comments on newly appended lines (#18029) (#18035)
* Prevent off-by-one error on comments on newly appended lines (#18029)

Backport #18029

There was a bug in CutDiffAroundLine whereby if a file without a terminal new line
has a patch which appends lines to it and a comment is placed on one of those lines
the comment diff will be a line out of place.

This fixes CutDiffAroundLine to simply ignore the missing terminal newline - however,
we should really improve this rendering to add a marker to say that there was a
previously missing terminal newline.

Fix #17875

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-20 11:38:58 -05:00
zeripath 6081948ef0
Changelog 1.15.8 (#18026)
## [1.15.8](https://github.com/go-gitea/gitea/releases/tag/v1.15.8) - 2021-12-19

* BUGFIXES
  * Reset locale on login (#18023) (#18025)
  * Fix reset password email template (#17025) (#18022)
  * Fix outType on gitea dump (#18000) (#18016)
  * Ensure complexity, minlength and isPwned are checked on password setting (#18005) (#18015)
  * Fix rename notification bug (#18011)
  * Prevent double decoding of % in url params  (#17997) (#18001)
  * Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
  * Prevent deadlock in create issue (#17970) (#17982)
* TESTING
  * Use non-expiring key. (#17984) (#17985)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update CHANGELOG.md

Co-authored-by: 6543 <6543@obermui.de>
2021-12-20 12:32:07 +02:00
zeripath 48bd54286c
Stop printing 03d after escaped characters in logs (#18030) (#18034)
Backport #18030

Strangely a weird bug was present in the log escaping code whereby any escaped
character would gain 03d - this was due to a mistake in the format string where
it should have read %03o but read instead %o03d. This has led to spurious 03d
trailing characters on these escaped characters!

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-19 21:35:29 +00:00
zeripath c69b3b65f3
Reset locale on login (#18023) (#18025)
Backport #18023

Although we reset the locale in a number of places there were several ways of logging in that were missing the same code.

Fix #18020

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Gusted <williamzijl7@hotmail.com>
2021-12-19 15:04:31 +00:00
zeripath fe91d9617b
Fix reset password email template (#17025) (#18022) 2021-12-18 17:55:26 -05:00
Gusted 711ca52f1f
backport: fix outType on gitea dump (#18016)
- Backport from #18000

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-18 09:55:24 +08:00
Lunny Xiao a15f0cb010
Fix rename notification bug (#18011) 2021-12-17 18:59:08 -05:00
zeripath 2051f850ef
Ensure complexity, minlength and ispwned are checked on password setting (#18005) (#18015)
Backport #18005

It appears that there are several places that password length, complexity and ispwned
are not currently been checked when changing passwords. This PR adds these.

Fix #17977

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-17 21:24:59 +00:00
zeripath 3ae4c4898b
Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991) (#17992)
* Prevent hang in git cat-file if the repository is not a valid repository (Partial #17991)

Unfortunately it appears that if git cat-file is run in an invalid
repository it will hang until stdin is closed. This will result in
deadlocked /pulls pages and dangling git cat-file calls if a broken
repository is tried to be reviewed or pulls exists for a broken
repository.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix compilation bug

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add the missing directories to the testrepos

* fixup! Add the missing directories to the testrepos

* and ensure that all of the other places have the objects directories too

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-12-17 10:08:00 +08:00
zeripath 3a77465e4e
Prevent double decoding of % in url params (#17997) (#18001) 2021-12-16 18:03:20 -05:00
zeripath fc8c23edb7
Prevent deadlock in create issue (#17970) (#17982) 2021-12-14 21:06:40 -05:00
KN4CK3R 31df892059
Use non-expiring key. (#17984) (#17985) 2021-12-14 17:42:03 -05:00
Lunny Xiao 9879e23c57
Changelog for v1.15.7 (#17871)
* Changelog for v1.15.7

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-12-02 21:16:33 +01:00
Lunny Xiao 56a3b50136
Check if column exist before rename if exist, just return with no error (#17870) (#17882)
* Check if column exist before rename if exist, just return with no error

* Also check if errors column exist

* Add comment for migration

* Fix sqlite test
2021-12-02 18:12:11 +01:00
a1012112796 9a8532d928
fix 500 error while use a reserved name in org rename (#17878) (#17881)
fix #17876

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-12-02 19:52:08 +08:00
Lunny Xiao d29a0fc3be
Fix user primary email changed (#17840) 2021-11-28 12:04:44 +01:00
Gusted 04517e17d6
Use correct user on releases (#17818)
- Backport #17806
2021-11-26 07:06:26 +00:00
KN4CK3R 3a222ee416
Fixed commit count (#17698) (#17790)
* Fixed commit count (#17698)

Added "Tag" label.
Unified branch, tag and commit name.

* Keep 1.15 behaviour.

* Removed locale change.
2021-11-26 00:21:56 +01:00
silverwind add85f5a85
Preserve color when inverting emojis (#17799)
Fixes: https://github.com/go-gitea/gitea/issues/17795
2021-11-24 22:43:22 +08:00
Gusted 76ad83f05e
backport: use correct sender on title change (#17792) 2021-11-24 03:53:18 -05:00
Lunny Xiao 714ecd9f1e
Fix close issue but time watcher still running (#17761)
* Fix bug

* Update models/issue_stopwatch.go

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2021-11-23 20:05:44 +08:00
Lunny Xiao a08856606e
Return 400 but not 500 when request archive with wrong format (#17691) (#17700)
* Return 400 but not 500 when request archive with wrong format (#17691)
* Remove bundle because it's not in this version
2021-11-20 00:31:29 +08:00
99rgosse 7be2d7b136
Fix Migrate Description - backport (#17727) 2021-11-19 17:52:47 +08:00
Lunny Xiao 6f3596e33c
Fix bug when project board get open issue number (#17703) (#17726)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-19 14:28:37 +08:00
Lunny Xiao 0305a73633
Fix bug when read mysql database max lifetime (#17682) (#17690) 2021-11-17 21:28:41 +08:00
wxiaoguang 6cd1ccef3d
Backport #17649, fix database deadlock when update issue labels (#17665) 2021-11-17 13:32:31 +08:00
Gusted ea0fe83888
Fix golangci-lint warnings (#17598 et al) (#17668)
Backport #17598 
Backport #17606 
Backport #17608 
Backport #17609

- Since https://gitea.com/gitea/test-env/pulls/10 the golangci-lint has been upgraded and is erroring about new warnings in the code, this PR fixes those warnings.
2021-11-16 20:38:49 +00:00
Lunny Xiao 1cec7f5ab5
Fix bug on detect issue/comment writer (#17592) 2021-11-09 16:00:40 +08:00
Gusted 1cb1101d44
backport(1.15): Fix stats upon searching issues (#17578)
- Backport of https://github.com/go-gitea/gitea/pull/17566

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-11-08 23:14:57 +02:00
zeripath 653dff4e57
Remove appSubUrl from pasted images (#17572) (#17588)
Backport #17572

* Remove appSubUrl from pasted images

Since we fixed the url base for the links in repositories we no longer need to add
the appsuburl to pasted image links.

Fix #17057

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-08 20:28:10 +00:00
Gusted b661bbaed7
backport(1.15): make `ParsePatch` more robust (#17580)
- Backport of https://github.com/go-gitea/gitea/pull/17573
2021-11-08 11:28:16 +08:00
wxiaoguang 20ae184967
Only allow webhook to send requests to allowed hosts (#17482) (#17510)
Backport #17482

* Only allow webhook to send requests to allowed hosts (backport #17482)

* use ALLOWED_HOST_LIST=* for default to keep the legacy behavior in 1.15.x
2021-11-06 09:23:43 +00:00
zeripath 15b44496ec
Escape issue titles in comments list (#17555) (#17556)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-05 23:20:51 +00:00
Gusted 0d0ff5e32a
backport(1.15): Use correct defaultValue for stracktrace (#17557)
- Backporting https://github.com/go-gitea/gitea/pull/17552
2021-11-05 22:55:33 +08:00