Commit Graph

18547 Commits

Author SHA1 Message Date
KN4CK3R 08adbc468f
Fix incorrect `/tokens` api (#32085)
Fixes #32078

- Add missing scopes output.
- Disallow empty scope.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-20 19:00:39 +00:00
silverwind aa9faf8250
Set manual `tabindex`es on login page (#31689)
Fixes https://github.com/go-gitea/gitea/issues/31686.

A more elborate manual tabindex numbering could be done, but I think
it's not really worth the extra effort and such stuff could easily break
during refactors.

Includes another small tweak to un-stretch the`<a>` element so it's only
as large as it needs to be and this change also made the margin
unneeded.
2024-09-20 15:27:19 +00:00
wxiaoguang 3b10fd9b34
Only use Host header from reverse proxy (#32060)
X-Forwarded-Host has many problems: non-standard, not well-defined
(X-Forwarded-Port or not), conflicts with Host header, it already caused
problems like #31907. So do not use X-Forwarded-Host, just use Host
header directly.

Official document also only uses `Host` header and never mentioned
others.
2024-09-20 14:57:55 +00:00
GiteaBot 55d5a74bb3 [skip ci] Updated translations via Crowdin 2024-09-20 00:29:58 +00:00
GiteaBot 2fc347bcb3 [skip ci] Updated translations via Crowdin 2024-09-19 00:30:35 +00:00
Exploding Dragon 269c630923
Fix: database not update release when using `git push --tags --force` (#32040)
link: https://codeberg.org/forgejo/forgejo/issues/4274

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-18 20:15:03 +00:00
Kemal Zebari adea500aa0
Resolve duplicate local string key related to PR comments (#32073)
A regression in #31924 caused there to be two `issues.review.comment`
keys in the English language locale file, leading to a problem when
reading PR review histories that contain comments.

This snapshot addresses this by making the newer key unique.
2024-09-18 19:46:41 +00:00
wxiaoguang 1fede04b83
Refactor CSRF protector (#32057)
Remove unused CSRF options, decouple "new csrf protector" and "prepare"
logic, do not redirect to home page if CSRF validation falis (it
shouldn't happen in daily usage, if it happens, redirecting to home
doesn't help either but just makes the problem more complex for "fetch")
2024-09-18 15:17:25 +08:00
KN4CK3R 55f1fcf0ad
Add missing comment reply handling (#32050)
Fixes #31937

- Add missing comment reply handling
- Use `onGiteaRun` in the test because the fixtures are not present
otherwise (did this behaviour change?)

Compare without whitespaces.
2024-09-17 20:56:26 +00:00
Lunny Xiao 8cdf4e29c4
Fix CI (#32062) 2024-09-17 19:35:59 +00:00
hiifong f38e101448
Lazy load avatar images (#32051) 2024-09-17 19:02:48 +00:00
Bruno Sofiato 7dde3e6489
Included tag search capabilities (#32045)
Resolves #31998

The first screenshot shows the tag page without any filter being
applied:


![image](https://github.com/user-attachments/assets/eac0e51c-9e48-42b2-bb1c-a25896ca40cb)

The second one, shows the page when the given filter returns no tag:


![image](https://github.com/user-attachments/assets/98df191e-1a7b-4947-b0ef-4987a0293c3e)

The last one shows a single tag being filtered:


![image](https://github.com/user-attachments/assets/79c7e05e-8c86-4f06-b17e-15818b7b9291)

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
2024-09-18 02:33:11 +08:00
KN4CK3R f528df944b
Do not escape relative path in RPM primary index (#32038)
Fixes #32021

Do not escape the relative path.
2024-09-16 21:10:33 +00:00
Simon Pistache 859be09813
feat(#31666): Set the columns height to hug all its contents (#31726)
In Projects, columns heights are defined by the sum of all contents
height of the biggest column, rather than a fraction of the viewport
height. It default to 60vh when there is no cards to display.

Fix #31666
2024-09-16 20:41:46 +00:00
GiteaBot 74550a9b94 [skip ci] Updated translations via Crowdin 2024-09-16 00:31:40 +00:00
GiteaBot 6f989fc506 [skip ci] Updated translations via Crowdin 2024-09-15 00:34:01 +00:00
Lunny Xiao 3febcaa53b
Use a common message template instead of a special one (#31878) 2024-09-14 17:17:49 +00:00
Zettat123 3a51c37672
Check if the `due_date` is nil when editing issues (#32035) 2024-09-14 12:40:36 -04:00
Kemal Zebari f05d9c98c4
Handle invalid target when creating releases using API (#31841)
A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on #31840.
2024-09-12 07:47:31 +00:00
Lauris BH 4ab6fc62d2
Add option to filter board cards by labels and assignees (#31999)
Works in both organization and repository project boards

Fixes #21846

Replaces #21963
Replaces #27117
 

![image](https://github.com/user-attachments/assets/1837ace8-3de2-444f-a153-e166bd0da2c0)

**Note** that implementation was made intentionally to work same as in
issue list so that URL can be bookmarked for quick access with
predefined filters in URL
2024-09-12 03:53:40 +00:00
GiteaBot 20d7707124 [skip ci] Updated translations via Crowdin 2024-09-12 00:30:02 +00:00
Daniel 64298dcb9e
Failed authentications are logged to level Warning (#32016)
PR for issue #31968 
Replaces PR #31983 to comply with gitea's error definition

Failed authentications are now logged to level `Warning` instead of
`Info`.
2024-09-11 17:58:45 +00:00
charles-plutohealth 7c6edf1ba0
Fix `/repos/{owner}/{repo}/pulls/{index}/files` endpoint not populating `previous_filename` (#32017)
---
`status == "rename"` should have read `status == "renamed"`. The typo
means that file.PreviousFilename would never be populated, which e.g.
breaks usage of the Github Action at
https://github.com/dorny/paths-filter.
2024-09-12 01:29:27 +08:00
Jason Song 125679f2e1
Support allowed hosts for migrations to work with proxy (#32025) 2024-09-11 05:47:00 +00:00
Zettat123 def1c9670b
Support migration from AWS CodeCommit (#31981)
This PR adds support for migrating repos from [AWS
CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html).

The access key ID and secret access key are required to get repository
information and pull requests. And [HTTPS Git
credentials](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html)
are required to clone the repository.

<img
src="https://github.com/user-attachments/assets/82ecb2d0-8d43-42b0-b5af-f5347a13b9d0"
width="680" />

The AWS CodeCommit icon is from [AWS Architecture
Icons](https://aws.amazon.com/architecture/icons/).

<img
src="https://github.com/user-attachments/assets/3c44d21f-d753-40f5-9eae-5d3589e0d50d"
width="320" />
2024-09-11 07:49:42 +08:00
techknowlogick d9a7748cdc
bump to go 1.23 (#31855) 2024-09-10 02:23:07 +00:00
Jason Song 1620e3f03b
Enable compression for Actions logs by default (#32013)
Close #31801. Follow #31761.

Since there are so many benefits of compression and there are no reports
of related issues after weeks, it should be fine to enable compression
by default.
2024-09-09 21:34:42 +00:00
techknowlogick f183783baa
Save initial signup information for users to aid in spam prevention (#31852)
This will allow instance admins to view signup pattern patterns for
public instances. It is modelled after discourse, mastodon, and
MediaWiki's approaches.

Note: This has privacy implications, but as the above-stated open-source
projects take this approach, especially MediaWiki, which I have no doubt
looked into this thoroughly, it is likely okay for us, too. However, I
would be appreciative of any feedback on how this could be improved.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-09-09 17:05:16 -04:00
Jason Song a323a82ec4
Increase `cacheContextLifetime` to reduce false reports (#32011)
Replace #32001.

To prevent the context cache from being misused for long-term work
(which would result in using invalid cache without awareness), the
context cache is designed to exist for a maximum of 10 seconds. This
leads to many false reports, especially in the case of slow SQL.

This PR increases it to 5 minutes to reduce false reports.

5 minutes is not a very safe value, as a lot of changes may have
occurred within that time frame. However, as far as I know, there has
not been a case of misuse of context cache discovered so far, so I think
5 minutes should be OK.

Please note that after this PR, if warning logs are found again, it
should get attention, at that time it can be almost 100% certain that it
is a misuse.
2024-09-09 04:51:25 +00:00
GiteaBot 972eae358d [skip ci] Updated licenses and gitignores 2024-09-09 00:31:04 +00:00
GiteaBot df96088bc4 [skip ci] Updated translations via Crowdin 2024-09-08 00:32:28 +00:00
Wim 01dec7577a
Remove SHA1 for support for ssh rsa signing (#31857)
https://github.com/go-fed/httpsig seems to be unmaintained. 

Switch to github.com/42wim/httpsig which has removed deprecated crypto
and default sha256 signing for ssh rsa.

No impact for those that use ed25519 ssh certificates.

This is a breaking change for:
- gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too
- activitypub using deprecated crypto (is this actually used?)
2024-09-07 18:05:18 -04:00
Lunny Xiao d8f3498875
Upgrade cache to v0.2.1 (#32003)
Fix #31757
2024-09-07 17:12:37 +00:00
Luca Söthe f3090977c6
Add automatic light/dark option for the colorblind theme (#31997)
The normal themes already have a variant which automatically chooses
light/dark mode based on the browser.
This PR adds the same variant, but for the colorblind themes.
2024-09-07 03:09:40 +00:00
GiteaBot e8b801ff02 [skip ci] Updated translations via Crowdin 2024-09-07 00:29:09 +00:00
Lunny Xiao 2da2000413
Use global lock instead of NewExclusivePool to allow distributed lock between multiple Gitea instances (#31813)
Replace #26486 
Fix #19620

---------

Co-authored-by: Jason Song <i@wolfogre.com>
2024-09-06 10:12:41 +00:00
Lunny Xiao a5818470fe
Use forum.gitea.com instead of old URL (#31989) 2024-09-06 07:20:30 +00:00
william-allspice e9c64f41a6
Distinguish official vs non-official reviews, add tool tips, and upgr… (#31924)
This Pull Request is a follow up to
https://github.com/go-gitea/gitea/pull/31886:

1. Adds a UI indicator between official (green) and unofficial (grey)
approved pull requests on the Pull Request page (as suggested by
@kdumontnu )
2. Adds tooltips adding clarity to the type and status of a review on
the Pull Request page (as suggested by @kdumontnu)
3. Updates text adding more clarity to required approvals (as suggested
by @kdumontnu)
4. Updates text on the branch settings page explaining what branch
approval limitations (as suggested by @yp05327)

Official approval:
<img width="376" alt="Screenshot 2024-08-26 at 1 03 52 PM"
src="https://github.com/user-attachments/assets/500f083d-bfc0-45c5-82b7-b98e20495696">

Unofficial approval:
<img width="442" alt="Screenshot 2024-08-26 at 12 53 15 PM"
src="https://github.com/user-attachments/assets/e8c565ff-5886-4ce1-8b79-a0fa26c282f7">

Rejected approval:
<img width="452" alt="Screenshot 2024-08-26 at 12 53 06 PM"
src="https://github.com/user-attachments/assets/aebc0e2f-7052-4dea-8098-7caa0db86617">

Stale approval:
<img width="546" alt="Screenshot 2024-08-26 at 1 07 59 PM"
src="https://github.com/user-attachments/assets/da599ff3-e35c-4fa3-8141-ed80b738dd77">

Requested review tooltip:
<img width="434" alt="Screenshot 2024-08-26 at 12 53 22 PM"
src="https://github.com/user-attachments/assets/460d163e-8724-43b6-8760-34b285da8fe2">

Updated text for approvals:
<img width="991" alt="Screenshot 2024-08-26 at 12 54 00 PM"
src="https://github.com/user-attachments/assets/ab3ff012-9742-4c1b-933d-21addcb89f2c">

Updated text for allowlisted/whitelisted approvals:
<img width="990" alt="Screenshot 2024-08-26 at 1 01 40 PM"
src="https://github.com/user-attachments/assets/1a5bae61-d9e0-4d96-b86f-92610b0940d1">

Protected branch settings text:
<img width="1022" alt="Screenshot 2024-08-26 at 1 01 14 PM"
src="https://github.com/user-attachments/assets/892ce208-e1c2-41f7-8fec-46d5a0e7e776">

Comments list:
<img width="1048" alt="Screenshot 2024-08-28 at 9 25 31 AM"
src="https://github.com/user-attachments/assets/9c5c00c5-06cf-43b3-b413-4f7f673609b2">

---------

Co-authored-by: Kyle D. <kdumontnu@gmail.com>
2024-09-06 06:40:02 +00:00
Adam Majer bf7ae0429c
Return 404 instead of error when commit not exist (#31977)
Fix #31976
2024-09-06 02:39:23 +08:00
6543 19af534462
For consistency make repo search sort options case sensitive (#31951) 2024-09-05 18:53:30 +08:00
Lunny Xiao 5c05dddbed
Fix nuget/conan/container packages upload bugs (#31967) 2024-09-05 07:05:42 +00:00
GiteaBot 74b1c589c6 [skip ci] Updated translations via Crowdin 2024-09-04 06:28:39 +00:00
GiteaBot 30da734f37 [skip ci] Updated translations via Crowdin 2024-09-04 05:30:04 +00:00
Lunny Xiao a366af4b7a
Remove html tags from create tag and branch translation (#31973)
Follow #31950 and Fix the display bug of #31966 .

This will only fix the English version. I will update all these
translation files in crowdin after this merged so that all the languages
can be fixed.

And all these files should be backported together.

This PR remove the bold effect around the name when creating a new tag
or branch.
2024-09-04 12:53:55 +08:00
Lunny Xiao 7eef261c3e
Replace v-html with v-text in search inputbox (#31966)
Credit for @techknowlogick

Co-authored-by: techknowlogick <techknowlogick@noreply.gitea.com>
2024-09-04 02:52:00 +00:00
GiteaBot d5f35cc54e [skip ci] Updated translations via Crowdin 2024-09-04 00:29:09 +00:00
GiteaBot cf52cc985a [skip ci] Updated translations via Crowdin 2024-09-03 00:29:33 +00:00
Lunny Xiao 85b1f3080c
Improve get feed with pagination (#31821)
Fix #31752

@somera

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-09-02 19:05:09 +00:00
Denys Konovalov 83f37f6302
Remove urls from translations (#31950)
Part of #27700

Removes all URLs from translation strings to easy up changing them in
the future and to exclude people injecting malicious URLs through
translations. First measure as long as #24402 is out of scope.
2024-09-02 18:36:24 +00:00
Lunny Xiao ac34449747
Prevent update pull refs manually and will not affect other refs update (#31931)
All refs under `refs/pull` should only be changed from Gitea inside but
not by pushing from outside of Gitea.
This PR will prevent the pull refs update but allow other refs to be
updated on the same pushing with `--mirror` operations.

The main changes are to add checks on `update` hook but not
`pre-receive` because `update` will be invoked by every ref but
`pre-receive` will revert all changes once one ref update fails.
2024-09-02 07:38:27 +00:00