Commit Graph

18619 Commits

Author SHA1 Message Date
Lunny Xiao 696fbe6036
Refactor push mirror find and add check for updating push mirror (#32539)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-18 05:59:04 +00:00
wxiaoguang 8a20fba8eb
Refactor markup render system (#32533)
Remove unmaintainable sanitizer rules. No need to add special "class"
regexp rules anymore, use RenderInternal.SafeAttr instead, more details
(and examples) are in the tests
2024-11-18 13:25:42 +08:00
Lunny Xiao 4f879a00df
Refactor find forks and fix possible bugs that weak permissions check (#32528)
- Move models/GetForks to services/FindForks
- Add doer as a parameter of FindForks to check permissions
- Slight performance optimization for get forks API with batch loading
of repository units
- Add tests for forking repository to organizations

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-18 03:06:25 +00:00
Lunny Xiao f122aaf9ff
Use better name for userinfo structure (#32544) 2024-11-18 10:41:59 +08:00
Lunny Xiao c3dedcffa7
Fix basic auth with webauthn (#32531) 2024-11-16 17:52:16 +00:00
wxiaoguang 5eebe1dc5f
Fix and refactor markdown rendering (#32522) 2024-11-16 08:41:44 +00:00
charles e546480d0a
Fix large image overflow in comment page (#31740)
Close #31709 

52px is calculate by avatar size in
templates\repo\issue\view_content\comments.tmpl
```html
<img src="{{.Poster.AvatarLink $.Context}}" width="40" height="40">
```
+
```css
.ui.comments .comment > .avatar ~ .content {
  margin-left: 12px;
}
```


![圖片](https://github.com/user-attachments/assets/bf15f4d4-1574-46f6-9f5e-1fbdbf1a98b0)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-15 18:34:54 +00:00
wxiaoguang ecbb03dc6d
Improve testing and try to fix MySQL hanging (#32515)
By some CI fine tunes (`run tests`), SQLite & MSSQL could complete
in about 12~13 minutes (before > 14), MySQL could complete in 18 minutes
(before: about 23 or even > 30)

Major changes:

1. use tmpfs for MySQL storage
1. run `make test-mysql` instead of `make integration-test-coverage`
because the code coverage is not really used at the moment.
1. refactor testlogger to make it more reliable and be able to report
stuck stacktrace
1. do not requeue failed items when a queue is being flushed (failed
items would keep failing and make flush uncompleted)
1. reduce the file sizes for testing
1. use math ChaCha20 random data instead of crypot/rand (for testing
purpose only)
1. no need to `DeleteRepository` in `TestLinguist`
1. other related refactoring to make code easier to maintain
2024-11-15 23:45:07 +08:00
Zettat123 a0c0cb3a2c
Fix `recentupdate` sorting bugs (#32505)
Fix #32499

- Add the missing `recentupdate` to `OrderByFlatMap`
- Assign default value(`recentupdate`) to `EXPLORE_PAGING_DEFAULT_SORT`
2024-11-15 04:36:22 +00:00
Lunny Xiao e1b269e956
Remove transaction for archive download (#32186)
Since there is a status column in the database, the transaction is
unnecessary when downloading an archive. The transaction is blocking
database operations, especially with SQLite.

Replace #27563
2024-11-15 12:04:20 +08:00
Lunny Xiao 4121f952d1
Fix oauth2 error handle not return immediately (#32514) 2024-11-15 02:13:01 +00:00
wxiaoguang 21f7db2124
Fix incorrect project page CSS class (#32510)
Otherwise milestone JS would run on this page and cause errors
2024-11-15 01:30:26 +00:00
wxiaoguang 6f1de0a9e5
Add avif image file support (#32508)
Most modern browsers support it now

` Update ALLOWED_TYPES #96 ` https://gitea.com/gitea/docs/pulls/96

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-11-15 00:55:50 +00:00
Rowan Bohde 68731c07c5
Reduce integration test overhead (#32475)
In profiling integration tests, I found a couple places where per-test
overhead could be reduced:

* Avoiding disk IO by synchronizing instead of deleting & copying test
Git repository data. This saves ~100ms per test on my machine
* When flushing queues in `PrintCurrentTest`, invoke `FlushWithContext`
in a parallel.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-14 19:28:46 +00:00
wxiaoguang 249e67672a
Remove jQuery import from some files (#32512)
Many files do not directly depend on jQuery now.

To clarify the usage: use `fomanticQuery` to operate Fomantic
components.

Then developers could focus on removing the remaining jQuery usages by
searching `import $` globally.

21 files now:

```
./components/RepoBranchTagSelector.vue:3:import $ from 'jquery';
./features/admin/common.ts:1:import $ from 'jquery';
./features/admin/emails.ts:1:import $ from 'jquery';
./features/common-button.ts:1:import $ from 'jquery';
./features/comp/ComboMarkdownEditor.ts:3:import $ from 'jquery'; (I am working on it, there will be a new PR)
./features/comp/LabelEdit.ts:1:import $ from 'jquery';
./features/notification.ts:1:import $ from 'jquery';
./features/org-team.ts:1:import $ from 'jquery';
./features/repo-code.ts:1:import $ from 'jquery';
./features/repo-common.ts:1:import $ from 'jquery';
./features/repo-diff.ts:1:import $ from 'jquery';
./features/repo-editor.ts:1:import $ from 'jquery';
./features/repo-issue-content.ts:1:import $ from 'jquery';
./features/repo-issue-list.ts:1:import $ from 'jquery';
./features/repo-issue-sidebar.ts:1:import $ from 'jquery';
./features/repo-issue.ts:1:import $ from 'jquery';
./features/repo-legacy.ts:1:import $ from 'jquery';
./features/repo-new.ts:1:import $ from 'jquery';
./features/repo-projects.ts:1:import $ from 'jquery';
./features/repo-settings.ts:1:import $ from 'jquery';
./features/repo-template.ts:1:import $ from 'jquery';
```
2024-11-15 02:48:41 +08:00
Lunny Xiao 98d9a71ffe
Trim title before insert/update to database to match the size requirements of database (#32498)
Fix #32489
2024-11-14 07:19:14 +00:00
Lunny Xiao b4abb6deff
Reimplement GetUserOrgsList to make it simple and clear (#32486)
Reimplement GetUserOrgsList and also move some functions and test to
org_list file.

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-11-14 05:31:47 +00:00
wxiaoguang 3f9c3e7bc3
Refactor render system (#32492)
There were too many patches to the Render system, it's really difficult
to make further improvements.

This PR clears the legacy problems and fix TODOs.

1. Rename `RenderContext.Type` to `RenderContext.MarkupType` to clarify
its usage.
2. Use `ContentMode` to replace `meta["mode"]` and `IsWiki`, to clarify
the rendering behaviors.
3. Use "wiki" mode instead of "mode=gfm + wiki=true"
4. Merge `renderByType` and `renderByFile`
5. Add more comments

----

The problem of "mode=document": in many cases it is not set, so many
non-comment places use comment's hard line break incorrectly
2024-11-14 05:02:11 +00:00
wxiaoguang 985e2a8af3
Fix nil panic if repo doesn't exist (#32501)
fix  #32496
2024-11-14 12:17:58 +08:00
silverwind 9880c1372e
Bump CI,Flake and Snap to Node 22 (#32487)
Node 22 is LTS since 2024-10-29. Updated it everywhere.

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
2024-11-13 21:39:55 +00:00
BoYanZh ad223000d4
Perf: add extra index to notification table (#32395)
Index SQL: `CREATE INDEX u_s_uu ON notification(user_id, status,
updated_unix);`

The naming follows `action.go` in the same dir.

I am unsure which version I should add SQL to the migration folder, so I
have not modified it.

Fix #32390
2024-11-13 18:17:54 +00:00
wxiaoguang 0aedb03996
Fix LFS route mock, realm, middleware names (#32488)
1. move "internal-lfs" route mock to "common-lfs"
2. fine tune tests
3. fix "realm" strings, according to RFC:
https://datatracker.ietf.org/doc/html/rfc2617:
    * realm       = "realm" "=" realm-value
    * realm-value = quoted-string
4. clarify some names of the middlewares, rename `ignXxx` to `optXxx` to
match `reqXxx`, and rename ambiguous `requireSignIn` to `reqGitSignIn`
2024-11-13 16:58:09 +08:00
Lunny Xiao 840ad7eefe
Disable Oauth check if oauth disabled (#32368)
Fix #32367

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-12 21:33:35 +00:00
silverwind 5bed7b9ec0
Update JS and PY dependencies (#32482)
Result of `make update-js update-py`.

Fixes: https://github.com/go-gitea/gitea/security/dependabot/80
Fixes: https://github.com/go-gitea/gitea/security/dependabot/81

Tested build and swagger ui.
2024-11-12 21:03:22 +00:00
silverwind cad313e64f
Update `github.com/meilisearch/meilisearch-go` (#32484)
Result of `go get -u github.com/meilisearch/meilisearch-go && make
tidy`.

Fixes: https://github.com/go-gitea/gitea/security/dependabot/78
2024-11-12 15:55:01 -05:00
wxiaoguang 160ccb5ee2
Fix test fixtures for user2/lfs.git (#32477) 2024-11-12 05:41:22 +00:00
6543 4c924bf43c
Limit org member view of restricted users (#32211)
currently restricted users can only see the repos of teams in orgs they
are part at.
they also should only see the users that are also part at the same team.


---
*Sponsored by Kithara Software GmbH*
2024-11-12 03:44:24 +00:00
Albin Hedman 2763766f85
cargo registry - respect renamed dependencies (#32430)
rust allows renaming dependencies such as when depending on multiple
versions of the same package. This is not supported by gitea as
discovered in #31500 . This PR tries to address that.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-12 02:57:30 +00:00
wxiaoguang 580e21dd2e
Refactor LFS SSH and internal routers (#32473)
Gitea instance keeps reporting a lot of errors like "LFS SSH transfer connection denied, pure SSH protocol is disabled". When starting debugging the problem, there are more problems found. Try to address most of them:

* avoid unnecessary server side error logs (change `fail()` to not log them)
* figure out the broken tests/user2/lfs.git (added comments)
* avoid `migratePushMirrors` failure when a repository doesn't exist (ignore them)
* avoid "Authorization" (internal&lfs) header conflicts, remove the tricky "swapAuth" and use "X-Gitea-Internal-Auth"
* make internal token comparing constant time (it wasn't a serous problem because in a real world it's nearly impossible to timing-attack the token, but good to fix and backport)
* avoid duplicate routers (introduce AddOwnerRepoGitLFSRoutes)
* avoid "internal (private)" routes using session/web context (they should use private context)
* fix incorrect "path" usages (use "filepath")
* fix incorrect mocked route point handling (need to check func nil correctly)
* split some tests from "git general tests" to "git misc tests" (to keep "git_general_test.go" simple)

Still no correct result for Git LFS SSH tests. So the code is kept there
(`tests/integration/git_lfs_ssh_test.go`) and a FIXME explains the details.
2024-11-12 02:38:22 +00:00
silverwind f35e2b0cd1
Fix a number of typescript issues (#32459)
Fixes 69 typescript errors found in the `admin` and `markup` folders.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-11-11 11:13:57 +00:00
ChristopherHX f888e45432
Harden runner updateTask and updateLog api (#32462)
Per proposal https://github.com/go-gitea/gitea/issues/32461
2024-11-11 04:58:37 +00:00
Lunny Xiao a1892cf7e3
Move some functions from issue.go to standalone files (#32468)
Just functions move, no code change.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-11 04:28:54 +00:00
6543 43c252dfea
Calculate `PublicOnly` for org membership only once (#32234)
Refactoring of #32211

this move the PublicOnly() filter calcuation next to the DB querys and
let it be decided by the Doer


---
*Sponsored by Kithara Software GmbH*
2024-11-11 01:38:30 +01:00
Zettat123 b1f42a0cdd
Add `DEFAULT_MIRROR_REPO_UNITS` and `DEFAULT_TEMPLATE_REPO_UNITS` options (#32416)
Resolve #30350

The action unit of mirrors and templates should be disabled by default.
This PR adds `DEFAULT_MIRROR_REPO_UNITS` and
`DEFAULT_TEMPLATE_REPO_UNITS` options to allow users to specify default
units for mirrors and templates.

Thanks to @lng2020 for the
[idea](https://github.com/go-gitea/gitea/issues/30350#issuecomment-2053942243)
2024-11-11 00:11:00 +00:00
Zettat123 a910abbb45
Add a doctor check to disable the "Actions" unit for mirrors (#32424)
Resolve #32232

Users can disable the "Actions" unit for all mirror repos by running 
```
gitea doctor check --run  disable-mirror-actions-unit --fix
```
2024-11-10 23:37:24 +00:00
wxiaoguang a928739456
Refactor sidebar assignee&milestone&project selectors (#32465)
Follow #32460

Now the code could be much clearer than before and easier to maintain. A
lot of legacy code is removed.

Manually tested.

This PR is large enough, that fine tunes could be deferred to the future if
there is no bug found or design problem.

Screenshots:

<details>

![image](https://github.com/user-attachments/assets/35f4ab7b-1bc0-4bad-a73c-a4569328303c)

</details>
2024-11-11 04:07:54 +08:00
wxiaoguang 58c634b854
Refactor sidebar label selector (#32460)
Introduce `issueSidebarLabelsData` to handle all sidebar labels related data.
2024-11-10 08:26:42 +00:00
silverwind b55a31eb6a
Fix mermaid diagram height when initially hidden (#32457)
In a hidden iframe, `document.body.clientHeight` is not reliable. Use
`IntersectionObserver` to detect the visibility change and update the
height there.

Fixes: https://github.com/go-gitea/gitea/issues/32392

<img width="885" alt="image"
src="https://github.com/user-attachments/assets/a95ef6aa-27e7-443f-9d06-400ef27919ae">
2024-11-09 20:03:55 +02:00
Calvin K 18aeca5320
Add reviewers selection to new pull request (#32403)
Users could add reviewers when creating new PRs.

---------

Co-authored-by: splitt3r <splitt3r@users.noreply.github.com>
Co-authored-by: Sebastian Sauer <sauer.sebastian@gmail.com>
Co-authored-by: bb-ben <70356237+bboerben@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-09 04:48:31 +00:00
wxiaoguang d80f99ef04
Fix issue sidebar (#32455)
Fix #32453

Major changes:

* revert the `<div class="divider"></div>` in
`templates/repo/issue/branch_selector_field.tmpl` (it was removed by
mistake in ##32444)
* remove incorrect `<div class="inline field">` in
`templates/repo/issue/sidebar/allow_maintainer_edit.tmpl`
* use `gt-ellipsis` to replace the "title" class in the dependency list,
then `.repository .issue-content-right .ui.list .title` could be removed
* remove the "relaxed" from dependency list, then there is no padding,
then `.repository .issue-content-right .ui.list .dependency` could be
removed (`white-space` doesn't have effect either because there is
`gt-ellipsis`)
* remove dead code `.repository .issue-content-right #deadlineForm input
`

The fixed UI should be the same as before.
2024-11-09 01:55:32 +08:00
wxiaoguang 0f397ae09b
Refactor language menu and dom utils (#32450)
1. Make `queryElem*` functions could correctly handle TS types
2. Remove some legacy jQuery $ calls (introduce fomanticQuery for Fomantic UI only)
3. Fix some TS typing problems
2024-11-08 14:04:24 +08:00
Zettat123 35bcd667b2
Fix broken releases when re-pushing tags (#32435)
Fix #32427
2024-11-08 10:53:06 +08:00
wxiaoguang 623a2d41cc
Refactor issue page info (#32445)
Fix a longstanding TODO since 2021 (#14826) / 2018 (#2531)
2024-11-08 02:21:13 +00:00
wxiaoguang 028e612094
Split issue sidebar into small templates (#32444)
Only move code
2024-11-08 01:44:20 +00:00
Kemal Zebari fb03062478
Only provide the commit summary for Discord webhook push events (#32432)
Resolves #32371.

#31970 should have just showed the commit summary, but
`strings.SplitN()` was misused such that we did not perform any
splitting at all and just used the message. This was not caught in the
unit test made in that PR since the test commit summary was > 50 (which
truncated away the commit description).

This snapshot resolves this and adds another unit test to ensure that we
only show the commit summary.
2024-11-07 19:56:53 +00:00
Lunny Xiao 331e878e81
Add new event commit status creation and webhook implementation (#27151)
This PR introduces a new event which is similar as Github's. When a new
commit status submitted, the event will be trigged. That means, now we
can receive all feedback from CI/CD system in webhooks or other notify
systems.

ref:
https://docs.github.com/en/webhooks/webhook-events-and-payloads#status

Fix #20749
2024-11-07 06:41:49 +00:00
wxiaoguang 145e266987
Support quote selected comments to reply (#32431)
Many existing tests were quite hacky, these could be improved later.

<details>

![image](https://github.com/user-attachments/assets/93aebb4f-9de5-4cb8-910b-50c64cbcd25a)

</details>
2024-11-07 03:57:07 +00:00
Lunny Xiao 276500c314
Move AddCollabrator and CreateRepositoryByExample to service layer (#32419)
- [x] Move `CreateRepositoryByExample` to service layer
- [x] Move `AddCollabrator` to service layer
- [x] Add a new parameter for `AddCollabrator` so that changing mode
immediately after that will become unnecessary.
2024-11-07 11:28:11 +08:00
Lunny Xiao 913be9e8ac
Add new index for action to resolve the performance problem (#32333)
Fix #32224
2024-11-06 22:04:48 +00:00
Kemal Zebari 7adc4717ec
Include file extension checks in attachment API (#32151)
From testing, I found that issue posters and users with repository write
access are able to edit attachment names in a way that circumvents the
instance-level file extension restrictions using the edit attachment
APIs. This snapshot adds checks for these endpoints.
2024-11-06 21:34:32 +00:00