Commit Graph

2400 Commits

Author SHA1 Message Date
KN4CK3R c6c829fe3f
Enhanced auth token / remember me ()
Closes 

> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
> 
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies.

The PR removes the now obsolete setting `COOKIE_USERNAME`.
2023-10-14 00:56:41 +00:00
GiteaBot ee6a390675 [skip ci] Updated translations via Crowdin 2023-10-14 00:22:28 +00:00
GiteaBot 3e9a379d38 [skip ci] Updated translations via Crowdin 2023-10-13 00:23:41 +00:00
GiteaBot d020343269 [skip ci] Updated translations via Crowdin 2023-10-12 00:21:30 +00:00
GiteaBot 50166d1f7c [skip ci] Updated translations via Crowdin 2023-10-11 00:22:56 +00:00
GiteaBot 4aae15af7a [skip ci] Updated translations via Crowdin 2023-10-09 00:23:39 +00:00
Lunny Xiao f40538e667
Remove unnecessary desc for openssh key cron task () 2023-10-08 14:23:39 +00:00
GiteaBot 4bde16e1ba [skip ci] Updated translations via Crowdin 2023-10-08 00:25:56 +00:00
GiteaBot 68b3fe88d5 [skip ci] Updated translations via Crowdin 2023-10-07 00:22:38 +00:00
GiteaBot 6cdeb7798b [skip ci] Updated translations via Crowdin 2023-10-06 00:23:05 +00:00
wxiaoguang 9f8d59858a
Refactor system setting ()
This PR reduces the complexity of the system setting system.

It only needs one line to introduce a new option, and the option can be
used anywhere out-of-box.

It is still high-performant (and more performant) because the config
values are cached in the config system.
2023-10-05 09:08:19 +08:00
GiteaBot 976d1760ac [skip ci] Updated translations via Crowdin 2023-10-05 00:23:21 +00:00
GiteaBot b37f3332f1 [skip ci] Updated translations via Crowdin 2023-10-04 00:23:10 +00:00
delvh e709bc199f
Differentiate between `push` and `pull` `mirror sync in progress` ()
Previously, if you had both a push and a pull mirror, the message did
not clarify if you've accidentally synchronized the wrong one.
Additionally fixed two typos that were encountered while debugging.

## Screenshots

![grafik](https://github.com/go-gitea/gitea/assets/51889757/164d5d20-728d-4365-9cb5-c37e95857cdf)

![grafik](https://github.com/go-gitea/gitea/assets/51889757/90bfffd2-abd4-4847-b8e2-db4231700a6d)
2023-10-02 14:52:18 +00:00
Denys Konovalov 33de64cb21
link to file from its history ()
Fixes 
Fixes https://github.com/go-gitea/gitea/issues/26707

Add a button on file history which directs you to the file at the
selected commit.

Co-authored-by: silverwind <me@silverwind.io>
2023-10-02 04:04:32 +00:00
puni9869 50070550a8
Hide archived labels when filtering by labels on the issue list ()
Followup  https://github.com/go-gitea/gitea/pull/26820
## Archived labels UI for issue filter and issue filter actions for
issues/pull request pages.

Changed:
* Enhanced the Issue filter and Issue filter actions UI page to
seamlessly incorporate a list of archived labels.
* Pagination functionality is same as before. If archived label checkbox
is checked then we are adding a query string`archived=true` in the url
to save the state of page.
* Issue filter actions menu is separated into different template.
* Adding the archived flag in issue url labels.
* Pull Request page is also work the same.

Outsourced:
* Defer the implementation of specialized handling for archived labels
to upcoming pull requests. This step will be undertaken subsequent to
the successful merge of this pull request.

Screenshots
### Issue page
<img width="1360" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/d7efb2ef-5b2b-449d-83f0-d430a32ec432">

### Issue page with label filter on archived label checkbox when not
checked --> No archived label is there in list
<img width="1249" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/ceea68ef-91f2-4693-910f-2e25e236bfc9">

### Issue page with label filter on archived label checkbox when checked
--> Show archived label in the list.
<img width="710" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/2414d26b-2079-4c3c-bd9e-f2f5411bcabf">

### Issue page with label filter on issue action menu on archived label
checkbox when checked --> Show archived label in the list.
<img width="409" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/259cac87-3e21-4778-99a2-a6a0b8c81178">


### Applied the archived=true in Issue labels when archived checkbox is
checked.
<img width="984" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/657ce3db-c0ae-402e-b12d-3b580d3c2ed0">

---




Part of https://github.com/go-gitea/gitea/issues/25237

---------

Signed-off-by: puni9869 <punitinani1@hotmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
2023-10-01 09:04:39 -04:00
GiteaBot 4f169e4b47 [skip ci] Updated translations via Crowdin 2023-09-30 00:22:01 +00:00
Lunny Xiao c3b7231966
Add protected branch name description ()
Co-authored-by: delvh <dev.lh@web.de>
2023-09-29 14:02:35 +00:00
yp05327 3945c26722
Improve tree not found page ()
Before:

![before](https://github.com/go-gitea/gitea/assets/18380374/383822d5-7d77-4ec3-b49b-4ab1e8b167ce)

After:

![after](https://github.com/go-gitea/gitea/assets/18380374/32afa0a3-fa05-4087-b96e-7d067f0ed756)

In Github:
https://github.com/yp05327/test/blob/main/test.drawio

Updated:
UI changed

![image](https://github.com/go-gitea/gitea/assets/18380374/41ed07ff-b815-4b4e-9779-5ab36b5f3980)

![image](https://github.com/go-gitea/gitea/assets/18380374/5d7b28d6-a2fc-4d4c-8d6d-d93f9c9a270b)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-09-29 07:42:39 +00:00
Dmitry Sharshakov 5e02e3b7ee
Add support for forking single branch ()
Fixes 

Add UI for choosing branch to fork

Change default branch on single-branch forks


![image](https://github.com/go-gitea/gitea/assets/19504461/28505f69-a9a2-43a8-8b19-a0cdac3ddc5a)

---------

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-29 09:48:39 +08:00
GiteaBot e8840e7e2b [skip ci] Updated translations via Crowdin 2023-09-29 00:23:01 +00:00
GiteaBot e74a3b18af [skip ci] Updated translations via Crowdin 2023-09-28 00:22:57 +00:00
GiteaBot 3f82ca38af [skip ci] Updated translations via Crowdin 2023-09-26 00:23:08 +00:00
Yarden Shoham e6d8b14620
Disable `Test Delivery` and `Replay` webhook buttons when webhook is inactive ()
These buttons are now disabled when the webhook is not active.

The buttons were always enabled before this change.

- Fixes 
- Replaces 

# Before


![image](https://github.com/go-gitea/gitea/assets/20454870/e783d0d8-b433-440e-b95f-50d7c42613d3)


![image](https://github.com/go-gitea/gitea/assets/20454870/b4886151-9f32-4e83-8001-dd3f20c23d70)

# After


![image](https://github.com/go-gitea/gitea/assets/20454870/74b76a72-0818-4143-8548-5d42c4119a05)


![image](https://github.com/go-gitea/gitea/assets/20454870/d5ae4e5c-c1ac-4751-a072-e6f7511b1e07)

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
2023-09-25 07:33:00 +00:00
GiteaBot c2eed61329 [skip ci] Updated translations via Crowdin 2023-09-25 00:24:48 +00:00
Denys Konovalov 63b25e816d
fix issues on action runners page ()
- switch from some weird status badge to label
- translate untranslated `Reset registration token` string
- change documentation link from act_runner README to Gitea Docs site
- fix "No runners available" message width
- use `ctx.Locale.Tr` where possible


![grafik](https://github.com/go-gitea/gitea/assets/47871822/65547228-f9ed-4f80-9cfd-df5e55513a44)
2023-09-24 14:12:21 -04:00
GiteaBot 383edf2fd7 [skip ci] Updated translations via Crowdin 2023-09-22 00:22:57 +00:00
GiteaBot 2001ffee3f [skip ci] Updated translations via Crowdin 2023-09-21 00:22:27 +00:00
puni9869 a50d9af876
Display archived labels specially when listing labels ()
Follow up https://github.com/go-gitea/gitea/pull/26741

Changes:
Added archived label for org labels and added into issue filter list.


Part of https://github.com/go-gitea/gitea/issues/25237

---------

Signed-off-by: puni9869 <punitinani1@hotmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2023-09-18 04:54:05 +00:00
Lunny Xiao 47b878858a
Search branches ()
Resolve  

<img width="1315" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/3ba59b58-471a-4e1b-985c-87edac2268c0">

<img width="1297" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/b6caa12f-323b-4f70-9c44-ef91cb71a26c">
2023-09-17 08:24:40 +00:00
GiteaBot ea83c0647c [skip ci] Updated translations via Crowdin 2023-09-17 00:24:27 +00:00
KN4CK3R ed64f1c2b8
Support `.git-blame-ignore-revs` file ()
Closes 

This PR adds the ability to ignore revisions specified in the
`.git-blame-ignore-revs` file in the root of the repository.


![grafik](https://github.com/go-gitea/gitea/assets/1666336/9e91be0c-6e9c-431c-bbe9-5f80154251c8)

The banner is displayed in this case. I intentionally did not add a UI
way to bypass the ignore file (same behaviour as Github) but you can add
`?bypass-blame-ignore=true` to the url manually.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-09-16 17:42:34 +00:00
GiteaBot 684ab403aa [skip ci] Updated translations via Crowdin 2023-09-16 00:21:59 +00:00
GiteaBot f8a1094406 [skip ci] Updated translations via Crowdin 2023-09-15 00:22:32 +00:00
Lunny Xiao 198a9ca635
Display all user types and org types on admin management UI ()
Follow  

<img width="1049" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/d3fc5159-b5e7-411a-b6f8-4a111a027e6b">

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-09-14 06:53:36 +00:00
GiteaBot d0318c4ae0 [skip ci] Updated translations via Crowdin 2023-09-14 00:22:27 +00:00
GiteaBot 7d56459c6c [skip ci] Updated translations via Crowdin 2023-09-13 00:22:36 +00:00
GiteaBot f599814001 [skip ci] Updated translations via Crowdin 2023-09-12 00:21:32 +00:00
GiteaBot 148c9c4b05 [skip ci] Updated translations via Crowdin 2023-09-11 00:22:57 +00:00
GiteaBot a20e0affba [skip ci] Updated translations via Crowdin 2023-09-10 00:23:48 +00:00
GiteaBot 049b9f3718 [skip ci] Updated translations via Crowdin 2023-09-09 00:21:42 +00:00
Lunny Xiao 9c0a3532a4
Add a new column schedule_id for action_run to track ()
Fix  

And the UI now will display it's scheduled but not triggered by a push.

<img width="954" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/d211845c-457e-4c3e-af1f-a0d654d3f365">
2023-09-08 23:01:19 +08:00
GiteaBot 6cbbd51ad4 [skip ci] Updated translations via Crowdin 2023-09-08 00:21:56 +00:00
Lunny Xiao f20e317d6d
Improve hint when uploading a too large avatar ()
Fix 

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: silverwind <me@silverwind.io>
2023-09-07 13:35:45 +00:00
GiteaBot 9860dba566 [skip ci] Updated translations via Crowdin 2023-09-07 00:22:15 +00:00
FuXiaoHei 460a2b0edf
Artifacts retention and auto clean up ()
Currently, Artifact does not have an expiration and automatic cleanup
mechanism, and this feature needs to be added. It contains the following
key points:

- [x] add global artifact retention days option in config file. Default
value is 90 days.
- [x] add cron task to clean up expired artifacts. It should run once a
day.
- [x] support custom retention period from `retention-days: 5` in
`upload-artifact@v3`.
- [x] artifacts link in actions view should be non-clickable text when
expired.
2023-09-06 07:41:06 +00:00
Lunny Xiao 31c92d9695
Add missing translation ()
Fix 
2023-09-05 22:13:08 -04:00
wxiaoguang c17fd68be7
Show queue's active worker number () 2023-09-04 21:07:32 +08:00
Jack Hay 9881b8a4e2
Add more descriptive error on forgot password page ()
## Changes
- Forces flashed error to render immediately when forgot password code
is incorrect or has expired.
- Adds a link back to the `forgot_password` page so that the user can
restart the process (in the event that their link has expired)
2023-09-01 16:15:39 +00:00
GiteaBot 3ff81d38d8 [skip ci] Updated translations via Crowdin 2023-09-01 00:24:05 +00:00