Commit Graph

18585 Commits

Author SHA1 Message Date
wxiaoguang 169031b7cf
Fix "Filter by commit" Dropdown (#31695)
Regression of #31281
Fix #31673
2024-07-25 01:48:51 +00:00
GiteaBot 7bd127522f [skip ci] Updated translations via Crowdin 2024-07-25 00:27:15 +00:00
techknowlogick b4ccef3dee
use nolyfill to remove some polyfills (#31468)
We don't need to have polyfills down to Node v4. Some of our deps have
polyfills, and don't utilize the built-in implementation if available.
While this does decrease our package graph, I haven't been able to
notice any decrease/increase in page load times, although that could
likely be just because it's already pretty fast.

Nolyfill is https://github.com/SukkaW/nolyfill

updates to files generated with:

```shell
npx nolyfill install
npm update
```

Before this is/isn't merged, I'd be appreciative/thankful for other's
insights.

Edit: This isn't due to a specific individual. I am generally supportive
of them and their dedication to backward compatibility. This PR is due
to not needing those imports for our minimum requirements. Please don't
take this PR as commentary on anyone's character.

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-07-24 00:42:21 +00:00
Kemal Zebari c0b5a843ba
Properly filter issue list given no assignees filter (#31522)
Quick fix #31520. This issue is related to #31337.
2024-07-23 18:36:32 +00:00
Jason Song bbd14769cd
Run `detectWebAuthnSupport` only on sign-in page (#31676)
Fix #31675, regression of #31504.
2024-07-23 17:52:40 +00:00
Shivaram Lingamneni 2f1cb1d289
fix OIDC introspection authentication (#31632)
See discussion on #31561 for some background.

The introspect endpoint was using the OIDC token itself for
authentication. This fixes it to use basic authentication with the
client ID and secret instead:

* Applications with a valid client ID and secret should be able to
  successfully introspect an invalid token, receiving a 200 response
  with JSON data that indicates the token is invalid
* Requests with an invalid client ID and secret should not be able
  to introspect, even if the token itself is valid

Unlike #31561 (which just future-proofed the current behavior against
future changes to `DISABLE_QUERY_AUTH_TOKEN`), this is a potential
compatibility break (some introspection requests without valid client
IDs that would previously succeed will now fail). Affected deployments
must begin sending a valid HTTP basic authentication header with their
introspection requests, with the username set to a valid client ID and
the password set to the corresponding client secret.
2024-07-23 12:43:03 +00:00
techknowlogick 24f9390f34
Enable direnv (#31672)
This lets developers who have direnv enabled to load our nix flake
automatically when entering it
2024-07-23 12:07:41 +00:00
GiteaBot ad91a59c18 [skip ci] Updated translations via Crowdin 2024-07-23 00:27:23 +00:00
GiteaBot d919df4f09 [skip ci] Updated translations via Crowdin 2024-07-21 00:30:14 +00:00
techknowlogick ba9589a92d
fix redis dep (#31662)
fix https://github.com/go-gitea/gitea/issues/31658
2024-07-19 20:10:31 +00:00
Denys Konovalov a8d0c879c3
add skip secondary authorization option for public oauth2 clients (#31454) 2024-07-19 14:28:30 -04:00
Zettat123 e9aa39bda4
Fix a branch divergence cache bug (#31659)
Fix #31599

A branch divergence is counted based on the default branch. If the
default branch is updated, all divergence caches of the repo need to be
deleted.
2024-07-19 17:52:49 +02:00
GiteaBot 03c8c2683c [skip ci] Updated translations via Crowdin 2024-07-18 00:27:07 +00:00
silverwind 0c1127a2fb
Remove unneccessary uses of `word-break: break-all` (#31637)
Fixes: https://github.com/go-gitea/gitea/issues/31636

1. Issue sidebar topic is disussed in
https://github.com/go-gitea/gitea/issues/31636
2. Org description already has `overflow-wrap: anywhere` to ensure no
overflow.

Co-authored-by: Giteabot <teabot@gitea.io>
2024-07-17 12:04:28 +02:00
GiteaBot de1a5506d1 [skip ci] Updated translations via Crowdin 2024-07-17 00:27:54 +00:00
Carsten Klein 3571b7e3dd
Allow searching issues by ID (#31479)
When you are entering a number in the issue search, you likely want the
issue with the given ID (code internal concept: issue index).
As such, when a number is detected, the issue with the corresponding ID
will now be added to the results.

Fixes #4479

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-07-17 00:49:05 +02:00
Rowan Bohde 416c36f303
allow synchronizing user status from OAuth2 login providers (#31572)
This leverages the existing `sync_external_users` cron job to
synchronize the `IsActive` flag on users who use an OAuth2 provider set
to synchronize. This synchronization is done by checking for expired
access tokens, and using the stored refresh token to request a new
access token. If the response back from the OAuth2 provider is the
`invalid_grant` error code, the user is marked as inactive. However, the
user is able to reactivate their account by logging in the web browser
through their OAuth2 flow.

Also changed to support this is that a linked `ExternalLoginUser` is
always created upon a login or signup via OAuth2.

### Notes on updating permissions
Ideally, we would also refresh permissions from the configured OAuth
provider (e.g., admin, restricted and group mappings) to match the
implementation of LDAP. However, the OAuth library used for this `goth`,
doesn't seem to support issuing a session via refresh tokens. The
interface provides a [`RefreshToken`
method](https://github.com/markbates/goth/blob/master/provider.go#L20),
but the returned `oauth.Token` doesn't implement the `goth.Session` we
would need to call `FetchUser`. Due to specific implementations, we
would need to build a compatibility function for every provider, since
they cast to concrete types (e.g.
[Azure](https://github.com/markbates/goth/blob/master/providers/azureadv2/azureadv2.go#L132))

---------

Co-authored-by: Kyle D <kdumontnu@gmail.com>
2024-07-16 20:33:16 +02:00
silverwind 3a7454df7a
Enable `no-jquery/no-class-state` (#31639)
Just 4 validations and I specifically tested this by
selecting/unselecting issue labels.

Co-authored-by: Giteabot <teabot@gitea.io>
2024-07-16 12:14:27 +02:00
Bartlomiej Komendarczuk e8d4b7a8b1
Added default sorting milestones by name (#27084)
#26996 
Added default sorting for milestones by name.
Additional, name for sorting closestduedate and furthestduedate was
broken, so I fixed it.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-07-16 10:08:54 +02:00
silverwind 0bb4c1cde2
Code editor theme enhancements (#31629)
1. Fixed border-radius
2. Monaco ignores the alpha channel on the shadow color, introduce
`color-shadow-opaque`
3. Remove scrollbar color which follows
https://github.com/go-gitea/gitea/pull/29800

Before:

<img width="34" alt="Screenshot 2024-07-13 at 15 38 18"
src="https://github.com/user-attachments/assets/042d9bde-6db9-4467-a2a4-8f61ecc773eb">
<img width="35" alt="Screenshot 2024-07-13 at 15 38 31"
src="https://github.com/user-attachments/assets/04146ee0-551c-4ff2-9636-bd119b33595a">


After:

<img width="45" alt="Screenshot 2024-07-13 at 15 38 06"
src="https://github.com/user-attachments/assets/1f58fa5a-1289-4e45-83c9-18ca82a5e266">
<img width="39" alt="Screenshot 2024-07-13 at 21 16 56"
src="https://github.com/user-attachments/assets/e12ebe22-b29b-4798-9f0d-4c100f311562">
2024-07-14 23:22:48 +00:00
6543 0f53324182
Add option to change mail from user display name (#31528)
Make it posible to let mails show e.g.:

`Max Musternam (via gitea.kithara.com) <gitea@kithara.com>`

Docs: https://gitea.com/gitea/docs/pulls/23

---
*Sponsored by Kithara Software GmbH*
2024-07-14 23:27:00 +02:00
Lunny Xiao 0d08bb6112
Upgrade xorm to v1.3.9 and improve some migrations Sync (#29899)
Co-authored-by: 6543 <6543@obermui.de>
2024-07-14 17:15:59 -04:00
6543 1064e817c4
Issue Templates: add option to have dropdown printed list (#31577)
Issue template dropdown can have many entries, and it could be better to
have them rendered as list later on if multi-select is enabled.

so this adds an option to the issue template engine to do so.

DOCS: https://gitea.com/gitea/docs/pulls/19

---

## demo:

```yaml
name: Name
title: Title
about: About
labels: ["label1", "label2"]
ref: Ref
body:
  - type: dropdown
    id: id6
    attributes:
      label: Label of dropdown (list)
      description: Description of dropdown
      multiple: true
      list: true
      options:
        - Option 1 of dropdown
        - Option 2 of dropdown
        - Option 3 of dropdown
        - Option 4 of dropdown
        - Option 5 of dropdown
        - Option 6 of dropdown
        - Option 7 of dropdown
        - Option 8 of dropdown
        - Option 9 of dropdown
```


![image](https://github.com/user-attachments/assets/102ed0f4-89da-420b-ab2a-1788b59676f9)

![image](https://github.com/user-attachments/assets/a2bdb14e-43ff-4cc6-9bbe-20244830453c)


---
*Sponsored by Kithara Software GmbH*
2024-07-14 16:38:45 +02:00
6543 957c75bfd2
Fix update flake (#31626) 2024-07-12 16:25:54 +00:00
GiteaBot d73623d526 [skip ci] Updated translations via Crowdin 2024-07-12 00:27:07 +00:00
Sunny Wan 4913edaa70
Display app name in the registration email title (#31562)
I changed the title of the registation email from "Welcome to Gitea" to
"Welcome to (appname)". I did this by substituting 'Gitea' in
register_notify to %s and formating the registration title in mail.go. I
changed this for all the languages I could, but I struggled to changed
the translation file for Farsi. I have attached the screenshots of
before and after and the related issue below.

Related issue:
https://github.com/go-gitea/gitea/issues/31108

Before change:
![Screenshot from 2024-07-04
22-32-17](https://github.com/go-gitea/gitea/assets/94445569/4178b51c-1acc-45f4-9750-dff41564a709)

After:
![Screenshot from 2024-07-04
22-32-01](https://github.com/go-gitea/gitea/assets/94445569/9cd7a58d-c0f5-4a3c-a66c-805c55411eaa)

---------

Signed-off-by: Sunny Wan <Sunnywan2020@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2024-07-11 23:23:31 +00:00
techknowlogick fa160b915d
typo on date in security document (#31617) 2024-07-11 21:51:08 +00:00
silverwind a06bbcf0b6
Update JS dependencies (#31616)
Result of `make update-js`. Tested all dependencies. Lockfile diff is
because of https://github.com/npm/cli/pull/7475.
2024-07-11 14:36:02 -04:00
silverwind 228c354b16
Add types for js globals (#31586)
Adds types for `window.config` and jQuery/htmx globals, eliminating 48
`tsc` errors.
2024-07-11 10:20:51 +00:00
Lunny Xiao 1b0ccf4bea
Upgrade security public key (#31594)
Fix #31591
2024-07-10 16:28:22 +00:00
Lunny Xiao 436af472a9
Fix wrong merge on removing docs (#31605) 2024-07-10 15:47:32 +00:00
wxiaoguang 72b6bc8caf
Refactor webhook (#31587)
A more complete fix for #31588

1. Make "generic" code more readable
2. Clarify HTML or Markdown for the payload content
2024-07-10 11:37:16 +00:00
Tobias Balle-Petersen 4ea2a6de81
Fix: Allow org team names of length 255 in create team form (#31564)
Gitea 1.22.1 was supposed to allow for team names of length 255 (up from
30) after the following PR was merged in:
https://github.com/go-gitea/gitea/pull/31410. However, the length of
team names was still limited to 30 as described in this issue:
https://github.com/go-gitea/gitea/issues/31554.

One more change to _gitea_ needs to be made to allow for the longer team
names, as there is a 30 character limit here:
2c92c7c522/services/forms/org.go (L65)

This PR changes that value to 255.
2024-07-10 02:15:17 +00:00
Lunny Xiao af1f0dfcc6
Remove docs sub folder since docs has been moved to https://gitea.com/gitea/docs (#31536) 2024-07-10 01:46:08 +00:00
Kyle D d6f8a60b65
Add bohde as maintainer (#31601)
[4 merged
PRs](https://github.com/go-gitea/gitea/pulls?q=is%3Apr+author%3Abohde+is%3Aclosed)
2024-07-10 08:18:35 +08:00
delvh 7bb3835811
Add `YEAR`, `MONTH`, `MONTH_ENGLISH`, `DAY` variables for template repos (#31584)
Fixes #31583
2024-07-09 18:05:12 +00:00
Rowan Bohde 1ee59f0fa3
Allow disabling authentication related user features (#31535)
We have some instances that only allow using an external authentication
source for authentication. In this case, users changing their email,
password, or linked OpenID connections will not have any effect, and
we'd like to prevent showing that to them to prevent confusion.

Included in this are several changes to support this:
* A new setting to disable user managed authentication credentials
(email, password & OpenID connections)
* A new setting to disable user managed MFA (2FA codes & WebAuthn)
* Fix an issue where some templates had separate logic for determining
if a feature was disabled since it didn't check the globally disabled
features
* Hide more user setting pages in the navbar when their settings aren't
enabled

---------

Co-authored-by: Kyle D <kdumontnu@gmail.com>
2024-07-09 17:36:31 +00:00
silverwind 13015bba5a
Add back esbuild-loader for .js files (#31585)
The build currently seems to work fine without this, but in theory it
should fail because Fomantic is JavaScript. I feel more comfortable
having this loader declared.

Note: I did try using the [combined loader
config](https://github.com/privatenumber/esbuild-loader#-quick-setup)
but when I did that, vue files could not load, so I think this is the
best option.
2024-07-09 09:28:43 +00:00
6543 4696bcb3f7
Use FullName in Emails to address the recipient if possible (#31527)
Before we had just the plain mail address as recipient. But now we
provide additional Information for the Mail clients.

---
*Sponsored by Kithara Software GmbH*
2024-07-08 08:38:45 +00:00
6543 d7c7a78994
Don't show hidden labels when filling out an issue template (#31576)
Related to #31574


---
*Sponsored by Kithara Software GmbH*
2024-07-08 04:31:12 +00:00
GiteaBot 017ea19e5d [skip ci] Updated translations via Crowdin 2024-07-08 00:28:11 +00:00
silverwind 5791a73e75
Convert frontend code to typescript (#31559)
None of the frontend js/ts files was touched besides these two commands
(edit: no longer true, I touched one file in
61105d0618
because of a deprecation that was not showing before the rename).

`tsc` currently reports 778 errors, so I have disabled it in CI as
planned.

Everything appears to work fine.
2024-07-07 15:32:30 +00:00
GiteaBot 5115c278ff [skip ci] Updated translations via Crowdin 2024-07-07 00:29:37 +00:00
GiteaBot 264f74c02a [skip ci] Updated translations via Crowdin 2024-07-06 00:26:24 +00:00
Henry Goodman 12cb1d2998
Allow force push to protected branches (#28086)
Fixes #22722 

### Problem
Currently, it is not possible to force push to a branch with branch
protection rules in place. There are often times where this is necessary
(CI workflows/administrative tasks etc).

The current workaround is to rename/remove the branch protection,
perform the force push, and then reinstate the protections.

### Solution
Provide an additional section in the branch protection rules to allow
users to specify which users with push access can also force push to the
branch. The default value of the rule will be set to `Disabled`, and the
UI is intuitive and very similar to the `Push` section.

It is worth noting in this implementation that allowing force push does
not override regular push access, and both will need to be enabled for a
user to force push.

This applies to manual force push to a remote, and also in Gitea UI
updating a PR by rebase (which requires force push)

This modifies the `BranchProtection` API structs to add:
- `enable_force_push bool`
- `enable_force_push_whitelist bool`
- `force_push_whitelist_usernames string[]`
- `force_push_whitelist_teams string[]`
- `force_push_whitelist_deploy_keys bool`

### Updated Branch Protection UI:

<img width="943" alt="image"
src="https://github.com/go-gitea/gitea/assets/79623665/7491899c-d816-45d5-be84-8512abd156bf">

### Pull Request `Update branch by Rebase` option enabled with source
branch `test` being a protected branch:


![image](https://github.com/go-gitea/gitea/assets/79623665/e018e6e9-b7b2-4bd3-808e-4947d7da35cc)
<img width="1038" alt="image"
src="https://github.com/go-gitea/gitea/assets/79623665/57ead13e-9006-459f-b83c-7079e6f4c654">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-07-05 18:21:56 +00:00
Anbraten 9c00dda33a
Refactor login page (#31530)
As requested in
https://github.com/go-gitea/gitea/pull/31504#issuecomment-2196196646.
This PR refactor the login page:

![Screenshot from 2024-07-04
19-23-10](https://github.com/go-gitea/gitea/assets/6918444/c45700f4-6747-473c-bdee-2156718a7953)

![Screenshot from 2024-07-04
19-23-21](https://github.com/go-gitea/gitea/assets/6918444/b1bf71cf-85f9-4517-a409-cc6d72e6af8f)

![Screenshot from 2024-06-30
09-35-20](https://github.com/go-gitea/gitea/assets/6918444/728cc37e-0cca-4883-afec-a43663d2c666)


# Changes
- [x] use separate box for passkey login and go to registration
- [x] move forgot passoword next to password label
- [x] fix password required label `*` and padding 
- [x] remove tabs from login page

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-07-05 20:10:09 +03:00
Brecht Van Lommel b88e5fc72d
Fix slow patch checking with commits that add or remove many files (#31548)
Running git update-index for every individual file is slow, so add and
remove everything with a single git command.

When such a big commit lands in the default branch, it could cause PR
creation and patch checking for all open PRs to be slow, or time out
entirely. For example, a commit that removes 1383 files was measured to
take more than 60 seconds and timed out. With this change checking took
about a second.

This is related to #27967, though this will not help with commits that
change many lines in few files.
2024-07-04 18:57:11 +00:00
silverwind 2c92c7c522
Add typescript guideline and typescript-specific eslint plugins and fix issues (#31521)
1. Add some general guidelines how to write our typescript code
2. Add `@typescript-eslint/eslint-plugin`, general typescript rules
3. Add `eslint-plugin-deprecation` to detect deprecated code
4. Fix all new lint issues that came up
2024-07-03 17:48:14 +02:00
silverwind b270b30aeb
Update `golang.org/x/image` to v0.18.0 (#31541)
Result of `go get -u  golang.org/x/image && make tidy`

Fixes: https://github.com/go-gitea/gitea/security/dependabot/67
2024-07-02 15:41:14 -04:00
GiteaBot 3bd87fb170 [skip ci] Updated translations via Crowdin 2024-07-01 00:30:50 +00:00