Commit Graph

1239 Commits

Author SHA1 Message Date
wxiaoguang dae7f1ebdb
Remove unnecessary SanitizeHTML from code (#29575)
* "mail/issue/default.tmpl": the body is rendered by backend
`markdown.RenderString() HTML`, it has been already sanitized
* "repo/settings/webhook/base_list.tmpl": "Description" is prepared by
backend `ctx.Tr`, it doesn't need to be sanitized
2024-03-04 12:02:45 +00:00
KN4CK3R c337ff0ec7
Add user blocking (#29028)
Fixes #17453

This PR adds the abbility to block a user from a personal account or
organization to restrict how the blocked user can interact with the
blocker. The docs explain what's the consequence of blocking a user.

Screenshots:


![grafik](https://github.com/go-gitea/gitea/assets/1666336/4ed884f3-e06a-4862-afd3-3b8aa2488dc6)


![grafik](https://github.com/go-gitea/gitea/assets/1666336/ae6d4981-f252-4f50-a429-04f0f9f1cdf1)


![grafik](https://github.com/go-gitea/gitea/assets/1666336/ca153599-5b0f-4b4a-90fe-18bdfd6f0b6b)

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
2024-03-04 08:16:03 +00:00
Lunny Xiao 8e12ba34ba
Allow options to disable user ssh keys configuration from the interface on app.ini (#29447)
Follow #29275
Extract from #20549
Fix #24716

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-03-04 07:50:21 +00:00
6543 77e29e0c39
Extend issue template yaml engine (#29274)
Add new option:

`visible`: witch can hide a specific field of the form or the created
content afterwards

It is a string array witch can contain `form` and `content`. If only
`form` is present, it wont show up in the created issue afterwards and
the other way around. By default it sets both except for markdown

As they are optional and github don't have any similar thing, it is non
breaking and also do not conflict with it.

With this you can:
- define "post issue creation" elements like a TODO list to track an
issue state
- make sure to have a checkbox that reminds the user to check for a
thing but dont have it in the created issue afterwards
- define markdown for the created issue (was the downside of using yaml
instead of md in the past)
 - ...

## Demo

```yaml
name: New Contribution
description: External Contributor creating a pull

body:
- type: checkboxes
  id: extern-todo
  visible: [form]
  attributes:
    label: Contribution Guidelines
    options:
      - label: I checked there exist no similar feature to be extended
        required: true
      - label: I did read the CONTRIBUTION.MD 
        required: true
- type: checkboxes
  id: intern-todo
  visible: [content]
  attributes:
    label: Maintainer Check-List
    options:
      - label: Does this pull follow the KISS principe
      - label: Checked if internal bord was notifyed  
# ....
```
[Demo
Video](https://cloud.obermui.de/s/tm34fSAbJp9qw9z/download/vid-20240220-152751.mkv)


---
*Sponsored by Kithara Software GmbH*

---------

Co-authored-by: John Olheiser <john.olheiser@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-03-04 01:37:00 +01:00
wxiaoguang e71b69257c
Breaking summary for template refactoring (#29395)
https://github.com/go-gitea/gitea/pull/29395
2024-03-03 04:57:22 +00:00
Lunny Xiao 9de5e39e25
Allow options to disable user gpg keys configuration from the interface on app.ini (#29486)
Follow #29447
Fix #29454 
Extract from #20549
2024-03-02 01:21:01 +00:00
wxiaoguang fb42972c05
Rename Str2html to SanitizeHTML and clarify its behavior (#29516)
Str2html was abused a lot. So use a proper name for it: SanitizeHTML

And add some tests to show its behavior.
2024-03-01 10:16:19 +00:00
Jason Song c7dcb58b1d
Update FAQ about git hook problems (#29495)
Close
https://github.com/go-gitea/gitea/issues/29338#issuecomment-1970363817
2024-02-29 14:16:02 +00:00
Nanguan Lin db545b208b
Implement actions badge svgs (#28102)
replace #27187 
close #23688
The badge has two parts: label(workflow name) and message(action
status). 5 colors are provided with 7 statuses.
Color mapping:
```go
var statusColorMap = map[actions_model.Status]string{
	actions_model.StatusSuccess:   "#4c1",    // Green
	actions_model.StatusSkipped:   "#dfb317", // Yellow
	actions_model.StatusUnknown:   "#97ca00", // Light Green
	actions_model.StatusFailure:   "#e05d44", // Red
	actions_model.StatusCancelled: "#fe7d37", // Orange
	actions_model.StatusWaiting:   "#dfb317", // Yellow
	actions_model.StatusRunning:   "#dfb317", // Yellow
	actions_model.StatusBlocked:   "#dfb317", // Yellow
}
```
preview:

![1](https://github.com/go-gitea/gitea/assets/70063547/5465cbaf-23cd-4437-9848-2738c3cb8985)

![2](https://github.com/go-gitea/gitea/assets/70063547/ec393d26-c6e6-4d38-b72c-51f2494c5e71)

![3](https://github.com/go-gitea/gitea/assets/70063547/3edb4fdf-1b08-4a02-ab2a-6bdd7f532fb2)

![4](https://github.com/go-gitea/gitea/assets/70063547/8c189de2-2169-4251-b115-0e39a52f3df8)

![5](https://github.com/go-gitea/gitea/assets/70063547/3fe22c73-c2d7-4fec-9ea4-c501a1e4e3bd)

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: delvh <dev.lh@web.de>
2024-02-27 18:56:18 +01:00
Jason Song 6ed74a3fc7
Update docs about `DEFAULT_ACTIONS_URL` (#29442)
Follow #25581.
2024-02-27 09:18:35 +00:00
kralo f13f93261e
Improve Documentation for Restoration from backup (#29321)
Comment the default path for repos and suggest using doctor for when
things are stuck
2024-02-25 23:35:52 +00:00
KN4CK3R ad0a34b492
Add `io.Closer` guidelines (#29387)
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
2024-02-25 13:05:23 +00:00
wxiaoguang f9207b0947
Refactor Safe modifier (#29392)
After this PR: no need to play with the Safe/Escape tricks anymore. See
the changes for more details.
2024-02-25 10:45:56 +00:00
6543 4ba642d07d
Revert "Support SAML authentication (#25165)" (#29358)
This reverts #25165 (5bb8d1924d), as there
was a chance some important reviews got missed.

so after reverting this patch it will be resubmitted for reviewing again

https://github.com/go-gitea/gitea/pull/25165#issuecomment-1960670242

temporary Open #5512 again
2024-02-24 12:18:49 +08:00
Lunny Xiao 3ef6252e06
Allow options to disable user deletion from the interface on app.ini (#29275)
Extract from #20549

This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to
allow the site administrator to disable users visiting deletion user
interface or allow.
This options are also potentially allowed to define more features in
future PRs.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-23 07:24:04 +00:00
Earl Warren b748d62b46
Add slow SQL query warning (#27545)
- Databases are one of the most important parts of Forgejo, every
interaction uses the database in one way or another. Therefore, it is
important to maintain the database and recognize when the server is not
doing well with the database. There already is the option to log *every*
SQL query along with its execution time, but monitoring becomes
impractical for larger instances and takes up unnecessary storage in the
logs.
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of
Codeberg, monitoring SQL logs is not very fruitful and most of them are
uninteresting. Recently, in the context of persistent deadlock issues
(https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that
certain queries hold locks on tables like comment and issue for several
seconds. This patch helps to identify which queries these are and when
they happen.
- Added unit test.

(cherry picked from commit 9cf501f1af4cd870221cef6af489618785b71186)

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
2024-02-23 00:57:24 +00:00
techknowlogick 5bb8d1924d
Support SAML authentication (#25165)
Closes https://github.com/go-gitea/gitea/issues/5512

This PR adds basic SAML support
- Adds SAML 2.0 as an auth source
- Adds SAML configuration documentation
- Adds integration test:
- Use bare-bones SAML IdP to test protocol flow and test account is
linked successfully (only runs on Postgres by default)
- Adds documentation for configuring and running SAML integration test
locally

Future PRs:
- Support group mapping
- Support auto-registration (account linking)

Co-Authored-By: @jackHay22

---------

Co-authored-by: jackHay22 <jack@allspice.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: morphelinho <morphelinho@users.noreply.github.com>
Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
2024-02-23 00:08:17 +00:00
6543 3f73eabb66
Explained where create issue/PR template (#29035) (#29266)
For some user (as me), documentation lack of precision about where to
store issue/pr template.

I propose an enhancement about this point. With bold exergue and
precision about server itself.

I've found some user with same interrogation as :
https://forum.gitea.com/t/issue-template-directory/3328

---------

Co-authored-by: Km <cam.lafit@azerttyu.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-02-20 14:12:47 -06:00
zhangnew 7430eb9e7f
Update docs for actions variables (#29239)
the variables is supported, see
a784ed3d6c/docs/content/usage/actions/act-runner.zh-cn.md?plain=1#L262-L289
2024-02-18 18:04:58 +08:00
silverwind b96fbb567c
Enable markdownlint `no-trailing-punctuation` and `no-blanks-blockquote` (#29214)
Enable these two and fix issues.
2024-02-17 13:18:05 +00:00
xkcdstickfigure cb85ebc3ef
fix typo (#29212) 2024-02-17 12:01:54 +01:00
wienans f2d5c6edde
Docker Tag Information in Docs (#29047)
Add more details for the docker tag when using container registry.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-16 21:22:00 +08:00
Scott Yeager 4635e6d2a6
Runner tokens are multi use (#29153)
Fixes https://github.com/go-gitea/gitea/issues/28911.

Co-authored-by: Giteabot <teabot@gitea.io>
2024-02-14 00:24:35 +01:00
Chris Copeland 47b5965862
Add merge style `fast-forward-only` (#28954)
With this option, it is possible to require a linear commit history with
the following benefits over the next best option `Rebase+fast-forward`:
The original commits continue existing, with the original signatures
continuing to stay valid instead of being rewritten, there is no merge
commit, and reverting commits becomes easier.

Closes #24906
2024-02-12 23:37:23 +01:00
me2seeks 470a3e3f89
Update some translations and fix markdown formatting (#29099)
Update `docs/content/administration/backup-and-restore.zh-cn.md` 
`docs/content/contributing/guidelines-frontend.zh-cn.md`
`docs/content/help/support.zh-cn.md`
`docs/content/installation/database-preparation.zh-cn.md`
`docs/content/installation/windows-service.zh-cn.md`
`docs/content/usage/profile-readme.zh-cn.md` to be consistent with the
English document
2024-02-11 19:03:49 +02:00
silverwind 9c39f8515f
Rework spellchecking, add `lint-spell` (#29106)
- Use maintained fork https://github.com/golangci/misspell
- Rename `mispell-check` to `lint-spell`, add `lint-spell-fix`
- Run `lint-spell` in separate actions step
- Lint more files, fix discovered issues
- Remove inaccurate and outdated info in docs (we do not need GOPATH for
tools anymore)

Maybe later we can add more spellchecking tools, but I have not found
any good ones yet.
2024-02-09 03:59:39 +00:00
CEnnis91 eb5ddc0a78
Fix incorrect link to swift doc and swift package-registry login command (#29096)
Fixes a few mistakes in the Swift package registry documentation.

Syntax for the `package-registry login` command can be found
[here](https://github.com/apple/swift-package-manager/blob/main/Documentation/PackageRegistry/PackageRegistryUsage.md#registry-authentication).
I was not sure the best way to compress all of that information, so I
just focused on making sure the incorrect `package-registry set` command
was fixed.
2024-02-08 08:53:44 +00:00
Wang 4bb1fcd2e7
Fix typos in the documentation (#29048)
Corrected two typos.
2024-02-05 16:19:05 +08:00
KN4CK3R 9bea276055
Add `must-change-password` cli parameter (#27626)
This PR adds a new `must-change-password` parameter to the
`change-password` cli command.
We already have the `must-change-password` command but it feels natural
to have this integrated into the `change-password` cli command.

---------

Co-authored-by: 6543 <6543@obermui.de>
2024-02-03 19:53:27 +02:00
silverwind a062725758
Update JS and PY dependencies, build for `es2020` browsers (#28977)
- Update all JS dependencies minus @mcaptcha/vanilla-glue
- Fix new lint errors
- Regenerate SVGs
- Switch to maintained stylelint stylistic plugin
- Tested Mermaid, Citation, Swagger, sorting
- Raise ESBuild target to `es2020` as dictated by `pretty-ms`
dependency.
2024-02-02 09:36:32 +00:00
Yarden Shoham 4989ad0a9f
Add htmx guidelines (#28993)
To make sure we don't abuse it.

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-31 23:36:23 +01:00
yp05327 0b1a42ce0f
Fix doc img path in profile readme (#28994)
https://gitea.com/gitea/gitea-docusaurus/actions/runs/1007/jobs/0#jobstep-9-25
2024-01-31 21:32:17 +08:00
Mike Cifelli 8ef53c871b
Update golang links to use https (#28980)
Many of the golang links point to the old site and don't use https. This
pull request updates these outdated links to https://go.dev .

https://github.com/go-gitea/gitea/issues/28979
2024-01-30 03:11:11 +02:00
wackbyte d9b3849454
Fix inconsistent naming of OAuth 2.0 `ENABLE` setting (#28951)
Renames it to `ENABLED` to be consistent with other settings and
deprecates it.

I believe this change is necessary because other setting groups such as
`attachment`, `cors`, `mailer`, etc. have an `ENABLED` setting, but
`oauth2` is the only one with an `ENABLE` setting, which could cause
confusion for users.

This is no longer a breaking change because `ENABLE` has been set as
deprecated and as an alias to `ENABLED`.
2024-01-28 12:36:44 +00:00
6543 61f8ca4906
Add screenshot for "Profile Readmes" to docs (#28964)
introduced in #23260 ... the docs still looks to empty:
https://docs.gitea.com/usage/profile-readme

this changes it :)
2024-01-28 00:20:17 +01:00
Mechiel Lukkien b9d91694af
In administration documentation about environment variables, point to those for the Go runtime instead of Go compiler (#28859)
The previous variables are used by the compiler and aren't too useful
for non-developers. The newly listed variables are more likely to be of
interest.

Apologies for this drive-by PR, I probably missed instructions from the
contributors guide. The patch can be regarded as a simple way to explain
the problem and solution. Feel free to close and possibly create a new
PR that does adhere to the contributors guide.
2024-01-20 10:12:20 +08:00
KN4CK3R 461d8b53c2
Fix some RPM registry flaws (#28782)
Related #26984
(https://github.com/go-gitea/gitea/pull/26984#issuecomment-1889588912)

Fix admin cleanup message.
Fix models `Get` not respecting default values.
Rebuild RPM repository files after cleanup.
Do not add RPM group to package version name.
Force stable sorting of Alpine/Debian/RPM repository data.
Fix missing deferred `Close`.
Add tests for multiple RPM groups.
Removed non-cached `ReplaceAllStringRegex`.

If there are multiple groups available, it's stated in the package
installation screen:

![grafik](https://github.com/go-gitea/gitea/assets/1666336/8f132760-882c-4ab8-9678-77e47dfc4415)
2024-01-19 11:37:10 +00:00
Viktor Kuzmin 49eb168677
Retarget depending pulls when the parent branch is deleted (#28686)
Sometimes you need to work on a feature which depends on another (unmerged) feature.
In this case, you may create a PR based on that feature instead of the main branch.
Currently, such PRs will be closed without the possibility to reopen in case the parent feature is merged and its branch is deleted.
Automatic target branch change make life a lot easier in such cases.
Github and Bitbucket behave in such way.

Example:
$PR_1$: main <- feature1
$PR_2$: feature1 <- feature2

Currently, merging $PR_1$ and deleting its branch leads to $PR_2$ being closed without the possibility to reopen.
This is both annoying and loses the review history when you open a new PR.

With this change, $PR_2$ will change its target branch to main ($PR_2$: main <- feature2) after $PR_1$ has been merged and its branch has been deleted.

This behavior is enabled by default but can be disabled.
For security reasons, this target branch change will not be executed when merging PRs targeting another repo. 

Fixes #27062
Fixes #18408

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-17 01:44:56 +01:00
crapStone 5374d29aa9
Add gist to comparison (#28809)
This PR adds a section to the documentation that links to the project
[Opengist](https://github.com/thomiceli/opengist) on GitHub.

The feature was proposed in #16670 but didn't resonate well with the
maintainers.
2024-01-15 23:37:32 +01:00
Exploding Dragon ba4d0b8ffb
Support for grouping RPMs using paths (#26984)
The current rpm repository places all packages in the same repository,
and different systems (el7,f34) may hit packages that do not belong to
this distribution ( #25304 ) , which now supports grouping of rpm.

![图片](https://github.com/go-gitea/gitea/assets/33776693/d1e1d99f-7799-4b2b-a19b-cb2a5c692914)

Fixes #25304 .
Fixes #27056 .

Refactor: [#25866](https://github.com/go-gitea/gitea/pull/25866)
2024-01-12 03:16:05 +00:00
wxiaoguang 2df7563f31
Recommend/convert to use case-sensitive collation for MySQL/MSSQL (#28662)
Mainly for MySQL/MSSQL.

It is important for Gitea to use case-sensitive database charset
collation. If the database is using a case-insensitive collation, Gitea
will show startup error/warning messages, and show the errors/warnings
on the admin panel's Self-Check page.

Make `gitea doctor convert` work for MySQL to convert the collations of
database & tables & columns.

* Fix #28131

## ⚠️ BREAKING ⚠️

It is not quite breaking, but it's highly recommended to convert the
database&table&column to a consistent and case-sensitive collation.
2024-01-10 11:03:23 +00:00
wxiaoguang 7215224112
Improve frontend guideline (#28711)
It has been a consensus for long time during reviewing: "avoiding inline
styles as much as possible".
2024-01-07 01:14:10 +08:00
Kyle D 54acf7b0d4
Normalize oauth email username (#28561) 2024-01-03 18:48:20 -06:00
Yarden Shoham cdc33b29a0
Add global setting how timestamps should be rendered (#28657)
- Resolves https://github.com/go-gitea/gitea/issues/22493
- Related to https://github.com/go-gitea/gitea/issues/4520

Some admins prefer all timestamps to display the full date instead of
relative time. They can do that now by setting

```ini
[ui]
PREFERRED_TIMESTAMP_TENSE = absolute
```

This setting is set to `mixed` by default, allowing dates to render as
"5 hours ago". Here are some screenshots of the UI with this setting set
to `absolute`:

![image](https://github.com/go-gitea/gitea/assets/20454870/f496457f-6afa-44be-a1e7-249ee5fe0706)

![image](https://github.com/go-gitea/gitea/assets/20454870/c03b14f5-063d-4e13-9780-76ab002d76a9)

![image](https://github.com/go-gitea/gitea/assets/20454870/f4b34e28-1546-4374-9199-c43348844edd)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: delvh <dev.lh@web.de>
2024-01-02 09:25:30 +08:00
silverwind ce55a74374
Update JS dependencies (#28537)
- Update all JS dependencies excluding mcaptcha (breaking changes) and
stylelint (plugin not compatible with v16)
- Regenerate SVGs
- Update markdownlint rule names
- Fix one issue of heading in markdown discovered during lint
- Update for monaco options renames
- Fix stylelint rule length-zero-no-unit for custom properties
- Tested editor, swagger, sorting, vue, lint
2023-12-30 05:29:03 +00:00
wxiaoguang 19b1b698c9
Improve document for ARTIFACT_RETENTION_DAYS (#28646)
Follow #28626
2023-12-29 06:44:58 +00:00
wxiaoguang 19c45dd479
Improve 1.22 document for Database Preparation (#28643)
Fix #28247
2023-12-29 05:42:22 +00:00
Denys Konovalov 6c133b9fe0
switch destination directory for apt signing keys (#28639)
According to [Debian
docs](https://wiki.debian.org/DebianRepository/UseThirdParty):

> The certificate MUST NOT be placed in /etc/apt/trusted.gpg.d or loaded
by apt-key add.
> ...
> If future updates to the certificate will be managed by an apt/dpkg
package as recommended below, then it SHOULD be downloaded into
/usr/share/keyrings using the same filename that will be provided by the
package. If it will be managed locally , it SHOULD be downloaded into
/etc/apt/keyrings instead.
> ...
> A sources.list entry SHOULD have the signed-by option set.
2023-12-28 22:08:59 +01:00
Gerd Katzenbeisser 4d1277c0cb
Extend description for ARTIFACT_RETENTION_DAYS (#28626)
Make it clear that this value is just a default value and that every
artifact can have it's own value.
2023-12-28 10:11:44 +00:00
Volodymyr Stelmashchuk 0e9c988373
Update repo-mirror.en-us.md (#28612)
Add small changes to the doc. The workflow scope require for push code
to github mirror in case the project use the github action compatibility
ui.
2023-12-27 00:36:11 +08:00