Commit Graph

12896 Commits

Author SHA1 Message Date
zeripath b08e14bbcf
Retry rename on lock induced failures (re-fix) (#16461)
Unfortunately #16435 asserts the wrong error and should use
os.LinkError not os.PathError.

Fix #16439

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-16 19:16:04 +02:00
zeripath 6d8648ce06
Frontport v1.14.5 (#16454)
* Frontport v1.14.5

Frontport #16450

Frontport the changelog from v1.14.5

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update config.yaml

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-16 11:23:45 -04:00
dosera 95f40047ef
Extend the fail2ban instructions with a hint on how to make X-Real-IP… (#16446)
Following the merging of #14959 - Gitea is a lot more strict regarding the interpretation of `X-Real-IP` and `X-Forwarded-For` headers.

This PR updates the fail2ban documentation to include hints to set: `REVERSE_PROXY_TRUSTED_PROXIES` and `REVERSE_PROXY_LIMIT` appropriately.

See discussion in #16443

Co-authored-by: zeripath <art27@cantab.net>
2021-07-16 10:04:52 +01:00
techknowlogick 7b31aae414
revert to use alpine 3.13 (#16451)
Co-authored-by: zeripath <art27@cantab.net>
2021-07-16 09:54:39 +08:00
zeripath fdb0e82148
Fix crash following ldap authentication update (#16447)
Unfortunately #16268 contained a terrible error, whereby there was a double
indirection taken when unmarshalling the source data. This fatally breaks
authentication configuration reading.

Fix #16342

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-15 20:17:51 -04:00
GiteaBot e417cca777 [skip ci] Updated translations via Crowdin 2021-07-16 00:07:52 +00:00
Josef Fröhle 8d962daed6
cleanup code `issueFullPattern` in modules/markup (#16419)
fix #16415
2021-07-15 22:33:56 +02:00
zeripath d7ee5dc775
Update documentation to reflect #15219 (#16442)
The move to render custom/public as within /assets in #15219 missed updating
several documentation pages.

This PR updates this documentation.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-15 20:49:12 +01:00
Richard Nienaber 908136c557
add configuration option to restrict users by default (#16256)
* add configuration option to restrict users by default

* default IsRestricted permission only set on sign up

setting this in the model messes with other workflows (e.g. syncing LDAP users) where the IsRestricted permission needs to be explicitly set and not overridden by a config value

* fix formatting

* Apply suggestions from code review

* ensure newly created user is set to restricted

* ensure imports are in the correct order

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-15 15:19:48 -04:00
Ion Jaureguialzo Sarasola 251d7f524a
Check user instead of organization when creating a repo from a template via API (#16346)
* Check user instead of organization

* Enforce that only admins can copy a repo to another user
2021-07-15 20:19:39 +02:00
techknowlogick ff69dfff7a
microbadger is no more, rm from readme (#16440)
* microbadger is no more, rm from readme

* Update README_ZH.md
2021-07-15 13:08:20 -04:00
Jimmy Praet 8df3d6575a
Change @every 24h default schedules to @midnight (#16431) 2021-07-15 11:55:48 -04:00
6543 195c9999a1
Changelog for v1.15.0-rc1 (#16422)
* changelog -m 1.15.0 generate

* enhance changelog

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: techknowlogick <matti@mdranta.net>

* move SECURITY before FEATURES

* move ENHANCEMENTS above BUGFIXES

* as per techknowlogick

* more

* node16

* Apply suggestions from code review

Co-authored-by: Kyle D. <kdumontnu@gmail.com>

* next

* Apply suggestions from code review

* Update CHANGELOG.md

Co-authored-by: Norwin <noerw@users.noreply.github.com>

* Update CHANGELOG.md

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Kyle D. <kdumontnu@gmail.com>
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-15 11:47:57 -04:00
zeripath 33a8eec33e
Retry rename on lock induced failures (#16435)
* Retry rename on lock induced failures

Due to external locking on Windows it is possible for an
os.Rename to fail if the files or directories are being
used elsewhere.

This PR simply suggests retrying the rename again similar
to how we handle the os.Remove problems.

Fix #16427

Signed-off-by: Andrew Thornton <art27@cantab.net>

* resolve CI fail

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-15 11:46:07 -04:00
GiteaBot aed086f8b0 [skip ci] Updated translations via Crowdin 2021-07-15 15:07:57 +00:00
GiteaBot 8484ee2c28 [skip ci] Updated translations via Crowdin 2021-07-15 10:07:52 +00:00
GiteaBot 5cc5dfe036 [skip ci] Updated translations via Crowdin 2021-07-15 09:08:09 +00:00
techknowlogick 376fc350ee
add note about minimum required version of git installed (#16433) 2021-07-14 23:28:49 -04:00
GiteaBot 11c79b56da [skip ci] Updated translations via Crowdin 2021-07-14 20:07:55 +00:00
Lunny Xiao efeb8e890b
Change the release cycle to match actual situations (#16430)
* Change the release cycle to match actual situations

* Update CONTRIBUTING.md

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-07-14 14:03:00 -04:00
techknowlogick e180456983
Change docker tag logic (#16421)
* Change docker logic

* Apply suggestions from code review

Co-authored-by: Kyle D. <kdumontnu@gmail.com>

* docs

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Kyle D. <kdumontnu@gmail.com>
2021-07-14 18:08:43 +01:00
GiteaBot 14b6257160 [skip ci] Updated translations via Crowdin 2021-07-14 15:07:54 +00:00
zeripath 3dcb3e9073
Second attempt at preventing zombies (#16326)
* Second attempt at preventing zombies

* Ensure that the pipes are closed in ssh.go
* Ensure that a cancellable context is passed up in cmd/* http requests
* Make cmd.fail return properly so defers are obeyed
* Ensure that something is sent to stdout in case of blocks here

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint 2

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint 3

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fixup

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-07-14 10:43:13 -04:00
GiteaBot ee43d70a0c [skip ci] Updated translations via Crowdin 2021-07-14 14:07:52 +00:00
GiteaBot 0ead8cea6c [skip ci] Updated translations via Crowdin 2021-07-14 13:08:17 +00:00
6543 8798e3a098
Use TrN helper for email templates (#16425)
* Add TrN helper

* use TrN

* a nit
2021-07-14 15:06:09 +02:00
delvh 8464fa15d0
Make gpg resource string more readable (#16423) 2021-07-14 12:50:39 +02:00
GiteaBot febee86d0d [skip ci] Updated translations via Crowdin 2021-07-14 00:07:53 +00:00
Meano 423a0fccb6
Fix activation of primary email addresses (#16385)
* fix: primary email cannot be activated

* Primary email should be activated together with user account when
'RegisterEmailConfirm' is enabled.

* To fix the existing error state. When 'RegisterEmailConfirm' is enabled, the
admin should have permission to modify the activations status of user email.
And the user should be allowed to send activation to primary email.

* Only judge whether email is primary from email_address table.

* Improve logging and refactor isEmailActive

Co-authored-by: zeripath <art27@cantab.net>
2021-07-13 22:59:27 +02:00
6543 56b7f53329
Return updated repository when changing repository using API (#16420) 2021-07-13 20:31:59 +01:00
Lauris BH d26551bd0c
Load issue/PR context popup data only when needed (#15955)
* Load issue/PR context popup data only when needed

* Add SVG icon Vue component

* Remove unneeded check
2021-07-13 20:09:19 +02:00
Stanley Hu 3dba75fb97
Support HTTP/2 in Let's Encrypt (#16371)
Modify the tlsConfig.NextProtos for Let's Encrypt and built-in HTTPS server in order to support HTTP/2.

Co-authored-by: 6543 <6543@obermui.de>
2021-07-13 18:17:46 +01:00
6543 57ee06fb94
fix calculation for finalPage in repo-search component (#16382)
Co-authored-by: Jan Naahs <jan.naahs@naahstea.de>
2021-07-13 16:05:27 +02:00
zeripath b82293270c
Add option to provide signature for a token to verify key ownership (#14054)
* Add option to provide signed token to verify key ownership

Currently we will only allow a key to be matched to a user if it matches
an activated email address. This PR provides a different mechanism - if
the user provides a signature for automatically generated token (based
on the timestamp, user creation time, user ID, username and primary
email.

* Ensure verified keys can act for all active emails for the user

* Add code to mark keys as verified

* Slight UI adjustments

* Slight UI adjustments 2

* Simplify signature verification slightly

* fix postgres test

* add api routes

* handle swapped primary-keys

* Verify the no-reply address for verified keys

* Only add email addresses that are activated to keys

* Fix committer shortcut properly

* Restructure gpg_keys.go

* Use common Verification Token code

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-13 15:28:07 +02:00
Lunny Xiao 67f135ca5d
Fix archive error when rename repo or user (#16399)
Use repo id instead of full name to generate archive path
2021-07-13 14:16:31 +02:00
6543 b81106be3f
Let branch/tag name be a valid ref to get CI status (#16400)
* fix #16384#

* refactor: move shared helper func to utils package

* extend Tests

* use ctx.Repo.GitRepo if not nil
2021-07-13 08:14:14 +01:00
Jimmy Praet 4ce32c9e93
Detect encoding changes while parsing diff (#16330)
* Detect encoding changes while parsing diff
2021-07-13 03:13:52 +02:00
GiteaBot 2614309a58 [skip ci] Updated translations via Crowdin 2021-07-13 00:07:51 +00:00
Jimmy Praet 78118a3b02
Add checkbox to delete pull branch after successful merge (#16049)
* Add checkbox to delete pull branch after successful merge

* Omit DeleteBranchAfterMerge field in json

* Log a warning instead of error when PR head branch deleted

* Add DefaultDeleteBranchAfterMerge to PullRequestConfig

* Add support for delete_branch_after_merge via API

* Fix for API: the branch should be deleted from the HEAD repo

If head and base repo are the same, reuse the already opened ctx.Repo.GitRepo

* Don't delegate to CleanupBranch, only reuse branch deletion code

CleanupBranch contains too much logic that has already been performed by the Merge

* Reuse gitrepo in MergePullRequest

Co-authored-by: Andrew Thornton <art27@cantab.net>
2021-07-13 01:26:25 +02:00
6543 46a4c6835d
Fix external renderer (#16401)
* fix external renderer

* use GBackground context as fallback

* no fallback, return error

Co-authored-by: Lauris BH <lauris@nix.lv>
2021-07-12 17:13:59 -04:00
Norwin fb04cc7dbd
Validate Issue Index before querying DB (#16406) 2021-07-12 16:22:27 -04:00
Bagas Sanjaya 18c18bb196
docs: rewrite email setup (#16404)
* Add intro for both the docs page and mailer methods
  * Fix numbering level in SMTP section
  * Recommends implicit TLS

Signed-off-by: Bagas Sanjaya <bagasdotme@gmail.com>
2021-07-12 22:05:40 +02:00
6543 5b1d0a7701
Replace `plugins/docker` with `techknowlogick/drone-docker`in ci (#16407)
* plugins/docker -> techknowlogick/drone-docker

* It is multi-arch
2021-07-12 15:20:44 -04:00
GiteaBot 522b720954 [skip ci] Updated translations via Crowdin 2021-07-12 00:24:54 +00:00
zeripath 2f725cbc9e
Add LRU mem cache implementation (#16226)
The current default memory cache implementation is unbounded in size and number of
objects cached. This is hardly ideal.

This PR proposes creating a TwoQueue LRU cache as the underlying cache for Gitea.
The cache is limited by the number of objects stored in the cache (rather than size)
for simplicity. The default number of objects is 50000 - which is perhaps too small
as most of our objects cached are going to be much less than 1kB.

It may be worth considering using a different LRU implementation that actively limits
sizes or avoids GC - however, this is just a beginning implementation.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-07-10 23:54:15 +02:00
Meano 07284792d4
Fix invalid params and typo of email templates (#16394)
Signed-off-by: Meano <meanocat@gmail.com>
2021-07-10 19:40:14 +02:00
GiteaBot 7a402067ce [skip ci] Updated translations via Crowdin 2021-07-10 00:24:52 +00:00
Avahe Kellenberger 8cbb38f546
Added documentation about 413 errors with an nginx solution (#15313)
* Added documentation about 413 errors with an nginx solution.

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Norwin <noerw@users.noreply.github.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-07-10 02:16:07 +02:00
Jonathan Hult 615444dcbd
Fix #16387 - rootless Docker user (#16388)
Move comment to top of USER instruction
2021-07-09 10:08:22 -04:00
6543 91162bbaea
Update bluemonday to v1.0.15 (#16379)
* update github.com/microcosm-cc/bluemonday

* add exec flag to contrib/update_dependencies.sh

* Fix TESTS
2021-07-09 03:30:31 +02:00