Commit Graph

13422 Commits

Author SHA1 Message Date
gesangtome c1198284bc
Check go and nodejs version by go.mod and package.json (#19197)
* Check go and nodejs version by go.mod and package.json 
* Update Go official site URL 

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-26 18:39:31 +08:00
KN4CK3R 59b867dc2d
Add `ContextUser` to http request context (#18798)
This PR adds a middleware which sets a ContextUser (like GetUserByParams before) in a single place which can be used by other methods. For routes which represent a repo or org the respective middlewares set the field too.

Also fix a bug in modules/context/org.go during refactoring.
2022-03-26 17:04:22 +08:00
Nulo f36701c702
Set OpenGraph title to DisplayName in profile pages (#19206)
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-03-25 20:15:13 +02:00
Anthony Wang 3ed4a71a4c
Rename hack_16834 to user_settings
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-25 11:53:16 -05:00
zeripath 5fe764b1eb
Add pprof labels in processes and for lifecycles (#19202)
Use pprof labelling to help identify goroutines with stacks.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-25 12:47:12 +00:00
GiteaBot e48f3b0527 [skip ci] Updated translations via Crowdin 2022-03-25 00:17:35 +00:00
Anthony Wang 46973f99fa
Cleanup, handle invalid usernames for ActivityPub person GET request
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-24 18:44:44 -05:00
Robert Kaussow 909804b717
Bump goldmark to v1.4.11 (#19201)
* Bump goldmark to v1.4.11

* add testcase

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-03-24 11:47:37 -04:00
dependabot[bot] def545676f
Bump minimist from 1.2.5 to 1.2.6 (#19194) 2022-03-24 00:29:55 -04:00
6543 6fc6e14957
Changelog for 1.16.5 (#19189) (#19192)
* Changelog for 1.16.5 (#19189)

* bump version
2022-03-24 03:04:12 +01:00
Gusted a5f2894071
Fix showing issues in your repositories (#18916)
- Make a restriction on which issues can be shown based on if you the user or team has write permission to the repository.
- Fixes a issue whereby you wouldn't see any associated issues with a specific team on a organization if you wasn't a member(fixed by zeroing the User{ID} in the options).
- Resolves #18913
2022-03-23 23:57:09 +01:00
MeIchthys f7883a6aec
Update issue_no_dependencies description (#19112)
To be more consistent and concise we could change the issue_no_dependencies from: `This issue currently doesn't have any dependencies. ` to `No dependencies set.` like we do for the due date and others.

Co-authored-by: delvh <dev.lh@web.de>
2022-03-23 16:46:50 +00:00
zeripath 0b1686b67a
Prevent redirect to Host (2) (#19175)
Unhelpfully Locations starting with `/\` will be converted by the
browser to `//` because ... well I do not fully understand. Certainly
the RFCs and MDN do not indicate that this would be expected. Providing
"compatibility" with the (mis)behaviour of a certain proprietary OS is
my suspicion. However, we clearly have to protect against this.

Therefore we should reject redirection locations that match the regular
expression: `^/[\\\\/]+`

Reference #9678

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-23 16:12:36 +00:00
Andrew Thornton 81b5bef55a
Prevent start panic due to missing DotEscape function
Unfortunately #19169 causing a panic at startup in prod mode. This was hidden by dev
mode because the templates are compiled dynamically there. The issue is that DotEscape
is not in the original FuncMap at the time of compilation which causes a panic.

Ref #19169

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-23 16:08:27 +00:00
a1012112796 0eff23dae0
Fix compare link in active feeds for new branch (#19149)
When a new branch is pushed the old SHA is always listed as the empty sha and thus the compare link that is created does not work correctly. 

Therefore when creating the compare link for new branches:

1. Attempt to get the parent of the first commit and use that as the basis 
for the compare link.
2. If this is not possible make a comparison to the default branch
3. Finally if that is not possible simply do not show a compare link.

However, there are multiple broken compare links remaining therefore, in order for these to not break we will simply make the compare link redirect to the default branch.

Fix #19144

Signed-off-by: a1012112796 <1012112796@qq.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-03-23 13:40:12 +00:00
a1012112796 d8f578412e
Redirect .wiki/* ui link to /wiki (#18831)
Redirect .wiki/* ui link to /wiki

fix #18590

Signed-off-by: a1012112796 <1012112796@qq.com>
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2022-03-23 13:29:18 +00:00
zeripath 5248232c44
Try to prevent autolinking of displaynames by email readers (#19169)
Unfortunately many email readers will (helpfully) detect url or url-like names and
automatically create links to them, even in HTML emails. This is not ideal when
usernames can have dots in them.

This PR tries to prevent this behaviour by sticking ZWJ characters between dots and
also set the meta tag to prevent format detection.

Not every email template has been changed in this way - just the activation emails but
it may be that we should be setting the above meta tag in all of our emails too.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-23 12:34:20 +00:00
KN4CK3R 3f280f89e7
Update HTTP status codes to modern codes (#18063)
* 2xx/3xx/4xx/5xx -> http.Status...
* http.StatusFound -> http.StatusTemporaryRedirect
* http.StatusMovedPermanently -> http.StatusPermanentRedirect
2022-03-23 12:54:07 +08:00
wxiaoguang 395117d301
Remove the Go version in UI, add a link on Gitea Version to show config details (Go/Git version) (#19173)
This PR mainly helps maintainers to save time from asking the issue reporters to get the correct version.

There are so many reporters that have difficulty to get the correct Gitea version. Some of they just report Go version.

The Go version doesn't help debug except in very limited circumstances. Instead, there is a new link on the Gitea version, the link is for the admin/config page which shows all version information, including Gitea, Go, Git, it could help more.
2022-03-23 01:15:54 +00:00
GiteaBot db6080f4f8 [skip ci] Updated translations via Crowdin 2022-03-23 00:24:20 +00:00
zeripath 3f71ab9a12
Clean paths when looking in Storage (#19124)
* Clean paths when looking in Storage

Ensure paths are clean for minio aswell as local storage.

Use url.Path not RequestURI/EscapedPath in storageHandler.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>
2022-03-22 17:02:26 -04:00
zeripath d2c165811a
Use the new/choose link for New Issue on project page (#19172)
Extend issues/new/choose to pass the project id and change New Issue
link on project page to use new/choose

Fix #19170

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-22 19:54:24 +00:00
zeripath 461068cfa1
Ensure that setting.LocalURL always has a trailing slash (#19171)
Fix #19166

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-22 16:59:57 +00:00
wxiaoguang 7a550b3af2
Use `ctx` instead of `db.DefaultContext` in some packages(routers/services/modules) (#19163)
* Remove `db.DefaultContext` usage in routers, use `ctx` directly

* Use `ctx` directly if there is one, remove some `db.DefaultContext` in `services`

* Use ctx instead of db.DefaultContext for `cmd` and some `modules` packages

* fix incorrect context usage
2022-03-22 16:22:54 +01:00
wxiaoguang 2b55422cd7
Fix the bug: deploy key with write access can not push (#19010)
Use DeployKeyID to replace the IsDeployKey, then CanWriteCode uses the DeployKeyID to check the write permission.
2022-03-22 17:29:07 +08:00
KN4CK3R 80fd25524e
Renamed ctx.User to ctx.Doer. (#19161)
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-03-22 15:03:22 +08:00
Robin 5495ba7660
[docs] Enhance container selection in docker dump (#14292)
* Enhance container selection in docker dump

The problem with the previous query was, that it sometimes selected multiple containers, which make the command file with a hard to understand message. Now, use '^...$' to make sure a regex full match.
2022-03-22 13:50:31 +08:00
Norwin 77d1c7bf2f
Cleanup protected branches when deleting users & teams (#19158)
* Clean up protected_branches when deleting user

fixes #19094

* Clean up protected_branches when deleting teams

* fix issue

Co-authored-by: Lauris BH <lauris@nix.lv>
2022-03-22 09:09:45 +08:00
delvh bfe2e3d562
Reorder issue templates and automatically add labels (#18875)
* Reorder bug-report.yaml

* Add bug label on bug-report.yaml

* Add feature label on feature-request.yaml

* Reorder ui.bug-report.yaml

* Apply suggestions

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2022-03-21 20:00:25 +08:00
zeripath b05b40180f
Use IterateBufferSize whilst querying repositories during adoption check (#19140)
The adoption page checks directories to see if they are repositories by querying the
db on a per user basis. This can lead to problems if a user has a large number of
repositories or putative repositories.

This PR changes the buffering to check the db in IterataeBufferSize batches instead.

Fix #19137

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-21 09:09:42 +01:00
Sasha Melentyev c604c9ae66
Add 1.18 (#19151)
Co-authored-by: 6543 <6543@obermui.de>
2022-03-21 11:22:34 +08:00
GiteaBot 572c63d237 [skip ci] Updated translations via Crowdin 2022-03-21 00:24:03 +00:00
Gusted 49c5fc565c
Fix NPE `/repos/issues/search` when not signed in (#19154)
- Don't panic when on
`/repos/issues/search?{created,assigned,mentioned,review_requested}=true`
when client didn't pass any authentication.
- Resolves #19115
2022-03-20 22:04:51 +01:00
Anthony Wang ebef769703
Assert if json.Unmarshal succeeds
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-20 10:53:05 -05:00
Anthony Wang d75809aeee
Remove LogSQL from ActivityPub person test
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-20 10:53:05 -05:00
Anthony Wang 456ed42d3e
Run make fmt again, fix err var redeclaration
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-20 10:52:49 -05:00
GiteaBot 83a2f79d5d [skip ci] Updated licenses and gitignores 2022-03-20 00:24:18 +00:00
Anthony Wang ea4129e888
Use Gitea JSON library, add assert for pkp
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-19 16:36:44 -05:00
Abheek Dhawan f96e8be41f
Use custom favicon when viewing static files if it exists (#19130)
Redirect `/favicon.ico` to `/assets/img/favicon.png`.

Fix #19109
2022-03-19 19:53:31 +00:00
zeripath 3322f4d7cc
not send notification emails to inactive users (part 2) (#19142)
Unfortunately fixing changes to `mail_issue.go` did not get included in #19131.

We also need to not send issue comment mails to deactivated users.

Fix #18950

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-19 16:20:03 +00:00
zeripath 2d21d2af9e
Make migrations SKIP_TLS_VERIFY apply to git too (#19132)
Make SKIP_TLS_VERIFY apply to git data migrations too through adding the `-c http.sslVerify=false` option to the git clone command.

Fix #18998

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-19 14:16:38 +00:00
Anthony Wang f9e33d97cc
Run make fmt and make generate-swagger
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-19 09:14:08 -05:00
Anthony Wang b480c52f60
Change 2021 to 2022, properly format package imports
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-19 08:55:58 -05:00
Anthony Wang 2a8864fe43
Fix CI checks-backend errors with go mod tidy
Signed-off-by: Anthony Wang <ta180m@pm.me>
2022-03-19 08:54:32 -05:00
zeripath fb08d2b3fd
Do not send notification emails to inactive users (#19131)
Emails should not be sent to inactive users except for Activate and ResetPassword
messages.

Fix #18950

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-03-19 20:45:44 +08:00
Loïc Dachary b342241abc
activitypub: hack_16834
Signed-off-by: Loïc Dachary <loic@dachary.org>
2022-03-18 17:34:10 -05:00
Loïc Dachary 97fedf2616
activitypub: implement the ReqSignature middleware
Signed-off-by: Loïc Dachary <loic@dachary.org>
2022-03-18 17:34:09 -05:00
Loïc Dachary 15c1f6218c
activitypub: signing http client
Signed-off-by: Loïc Dachary <loic@dachary.org>
2022-03-18 17:34:09 -05:00
Loïc Dachary e8907c3c9e
activitypub: go-fed conformant Clock instance
Signed-off-by: Loïc Dachary <loic@dachary.org>
2022-03-18 17:34:09 -05:00
Loïc Dachary 678a56fbf8
activitypub: add the public key to Person (#14186)
Refs: https://github.com/go-gitea/gitea/issues/14186

Signed-off-by: Loïc Dachary <loic@dachary.org>
2022-03-18 17:34:09 -05:00