Commit Graph

18017 Commits

Author SHA1 Message Date
Giteabot ab33b7849f
Fix "force private" logic (#31012) (#31021)
Backport #31012 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-20 10:27:52 +08:00
Giteabot a58498cc43
Improve reverse proxy documents and clarify the AppURL guessing behavior (#31003) (#31020)
Backport #31003 by wxiaoguang

Fix #31002

1. Mention Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea
2. Clarify the basic requirements and move the "general configuration" to the top
3. Add a comment for the "container registry"
4. Use 1.21 behavior if the reverse proxy is not correctly configured

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-19 15:22:54 +00:00
Giteabot 8eac16de21
Simplify mirror repository API logic (#30963) (#31009)
Backport #30963 by wxiaoguang

Fix #30921

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-18 08:26:20 +00:00
Giteabot bd3787c774
Fix JS error when editing a merged PR's title (#30990) (#31001)
Backport #30990 by @wxiaoguang

Regression of Fix issue/PR title edit (#30858)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-17 01:07:09 +00:00
Giteabot f0e74da719
Upgrade `tqdm` dependency (#30996) (#31000)
Backport #30996 by @silverwind

Result of `make update-py`

Fixes: https://github.com/go-gitea/gitea/security/dependabot/65

Co-authored-by: silverwind <me@silverwind.io>
2024-05-17 02:39:39 +02:00
Giteabot 835411b978
template: `label` fix correct input id (#30987) (#30997)
Just a small commit to fix a wrong label for id.
Thanks and cheers!

Signed-off-by: Frank Villaro-Dixon <frank@villaro-dixon.eu>
Co-authored-by: Frank Villaro-Dixon <frank@vi-di.fr>
2024-05-16 08:45:52 -05:00
Giteabot 3cdf9ed202
Put web editor into a segment (#30966) (#30993)
Backport #30966 by silverwind

Co-authored-by: silverwind <me@silverwind.io>
2024-05-16 07:03:45 +00:00
Giteabot 0c9dcda10d
Check if the release is converted from the tag when updating the release (#30984) (#30986)
We should call `notify_service.NewRelease` when a release is created
from an existing tag.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-05-15 16:34:38 -05:00
Giteabot cb52eb639e
Remove unnecessary double quotes on language file (#30977) (#30979)
Backport #30977 by @lunny

The double quotes and the prefix/suffix space are unnecessary.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-15 11:00:58 +02:00
Giteabot 5b7e54f72f
Always load or generate oauth2 jwt secret (#30942) (#30978)
Backport #30942 by @wxiaoguang

 Fix #30923

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-14 15:00:38 +00:00
Giteabot 042777abd7
Filter out duplicate action(activity) items for a repository (#30957) (#30976)
Backport #30957

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-14 14:14:39 +00:00
Giteabot 8393ff78fc
Protected tag is no internal server error (#30962) (#30970)
Backport #30962 by @KN4CK3R

Fixes #30959

Adds an API test for protected tags.
Fix existing tag in combination with fixtures.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-14 07:15:36 +00:00
Giteabot c1337e7316
Restyle release list, fix branch dropdown (#30837) (#30968)
Backport #30837 by @silverwind

Fixes https://github.com/go-gitea/gitea/issues/30821 and restyles the
release list.

Desktop:

<img width="1199" alt="Screenshot 2024-05-02 at 20 46 10"
src="https://github.com/go-gitea/gitea/assets/115237/bee92423-d4a9-4b26-8301-3a1e09eef4cd">


Mobile:

<img width="443" alt="Screenshot 2024-05-02 at 20 46 21"
src="https://github.com/go-gitea/gitea/assets/115237/42ecbae5-bdb6-4b16-a0ee-9c64daede68d">

Co-authored-by: silverwind <me@silverwind.io>
2024-05-13 22:00:52 +00:00
Giteabot 70eaa99ac0
fix: change npm scope registry (#30964) (#30965)
Backport #30964 by @llxlr


https://docs.npmjs.com/cli/v10/using-npm/scope#associating-a-scope-with-a-registry

Co-authored-by: james yang <yanghongday369@gmail.com>
2024-05-13 18:14:31 +02:00
Giteabot f806bbb815
Support using label names when changing issue labels (#30943) (#30958)
Backport #30943 by @Zettat123

Resolve #30917

Make the APIs for adding labels and replacing labels support both label
IDs and label names so the
[`actions/labeler`](https://github.com/actions/labeler) action can work
in Gitea.

<img width="600px"
src="https://github.com/go-gitea/gitea/assets/15528715/7835c771-f637-4c57-9ce5-e4fbf56fa0d3"
/>

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-05-13 14:28:11 +08:00
Giteabot ebe8e63dfd
Fix file path width in repo non-homepage view (#30951) (#30952)
Backport #30951 by @silverwind

Fixes: https://github.com/go-gitea/gitea/issues/30940

<img width="1310" alt="Screenshot 2024-05-11 at 20 48 41"
src="https://github.com/go-gitea/gitea/assets/115237/f163dfd4-1299-421f-a99e-cd0c793e0e3d">

Co-authored-by: silverwind <me@silverwind.io>
2024-05-12 14:07:16 +02:00
Giteabot bc455883fc
Remove If Exist check on migration for mssql because that syntax required SQL server 2016 (#30894) (#30946)
Backport #30894 by @lunny

Fix #30872

We will assume the database is consistent before executing the
migration. So the indexes should exist. Removing `IF EXIST` then is safe
enough.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-12 03:15:01 +00:00
Giteabot 14dc00ae01
Move reverproxyauth before session so the header will not be ignored even if user has login (#27821) (#30948)
Backport #27821 by @lunny

When a user logout and then login another user, the reverseproxy auth
should be checked before session otherwise the old user is still login.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-12 10:25:55 +08:00
Giteabot 94c5a30c8b
Fix some UI regressions for commit list (#30920) (#30937)
Backport #30920 by wxiaoguang

Close #30919

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-10 22:36:06 +08:00
Giteabot b99473f4ec
Check if reverse proxy is correctly configured (#30890) (#30935)
Backport #30890 by wxiaoguang

Follow #27011
Follow #30885

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-10 12:34:04 +00:00
yp05327 2200c41ffd
Fix incorrect default branch when adopt a repository (#30912) (#30928)
Backport #30912

ps: removed useless `u *user_model.User` for `adoptRepository`
2024-05-10 12:00:01 +00:00
Giteabot 45475250bd
Remove deprecated stuff for runners (#30930) (#30931)
Backport #30930 by @wolfogre

It's time (maybe somewhat late) to remove some deprecated stuff for the
runner.

- `x-runner-version`: runners needn't to report version in every
request, they will call `Declare`.
- `AgentLabels`: runners will report them as `Labels`.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-05-10 16:57:30 +08:00
Giteabot df5513978a
Update issue indexer after merging a PR (#30715) (#30903)
Backport #30715 by @Zettat123

Fix #30684

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-05-09 13:51:57 +08:00
Giteabot 08d697ae70
Add missing menu active item background back (#30897) (#30907)
Backport #30897 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 23:53:02 +00:00
Giteabot 5f1af1f37d
Fix incorrect issue form (#30881) (#30904)
Backport #30881 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 23:26:53 +00:00
Giteabot 2f91a461f7
Fix misspelling of mergable (#30896) (#30905)
Backport #30896 by @yp05327

https://github.com/go-gitea/gitea/pull/25812#issuecomment-2099833692
Follow #30573

Co-authored-by: yp05327 <576951401@qq.com>
2024-05-08 16:38:46 +00:00
Giteabot 084bec89ed
Fix various problems around projects board view (#30696) (#30902)
Backport #30696 by @lunny

# The problem
The previous implementation will start multiple POST requests from the
frontend when moving a column and another bug is moving the default
column will never be remembered in fact.

# What's changed

- [x] This PR will allow the default column to move to a non-first
position
- [x] And it also uses one request instead of multiple requests when
moving the columns
- [x] Use a star instead of a pin as the icon for setting the default
column action
- [x] Inserted new column will be append to the end
- [x] Fix #30701 the newly added issue will be append to the end of the
default column
- [x] Fix when deleting a column, all issues in it will be displayed
from UI but database records exist.
- [x] Add a limitation for columns in a project to 20. So the sorting
will not be overflow because it's int8.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 15:46:21 +00:00
Giteabot 271e8748a2
Fix wrong transfer hint (#30889) (#30900)
Backport #30889 by @lunny

Fix #30187

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-08 15:12:37 +00:00
Giteabot ec3f5f9992
Move database operations of merging a pull request to post receive hook and add a transaction (#30805) (#30888)
Backport #30805 by @lunny

Merging PR may fail because of various problems. The pull request may
have a dirty state because there is no transaction when merging a pull
request. ref
https://github.com/go-gitea/gitea/pull/25741#issuecomment-2074126393

This PR moves all database update operations to post-receive handler for
merging a pull request and having a database transaction. That means if
database operations fail, then the git merging will fail, the git client
will get a fail result.

There are already many tests for pull request merging, so we don't need
to add a new one.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 14:17:18 +00:00
wxiaoguang d4c2db39bf
Refactor AppURL usage (#30885) (#30891)
Backport #30885
Fix #30883
Fix #29591

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-08 13:34:43 +00:00
6543 d410e2acce
Repository explore alphabetically order respect owner name (#30882)
similar to #30784 but only for the repo explore page

is covered by #30876 for the main branch
2024-05-07 16:35:02 +00:00
Giteabot 216c8eada3
Fix missing migrate actions artifacts (#30874) (#30886)
Backport #30874 by @lunny

The actions artifacts should be able to be migrate to the new storage
place.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-07 21:59:00 +08:00
wxiaoguang d5563be0ee
Make sure git version&feature are always prepared (#30877) (#30879)
Backport #30877
2024-05-07 02:07:33 +00:00
Giteabot ad5a8d043c
Make "sync branch" also sync object format and add tests (#30878) (#30880)
Backport #30878 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-07 08:33:28 +08:00
Giteabot cfe6779d4e
Get repo list with OrderBy alpha should respect owner too (#30784) (#30875)
Backport #30784 by @6543

instead of:
- zowner/gcode
- awesome/nul
- zowner/nul
- zowner/zzz

we will get:
- awesome/nul
- zowner/gcode
- zowner/nul
- zowner/zzz

Co-authored-by: 6543 <6543@obermui.de>
2024-05-06 15:06:45 +00:00
Giteabot b22d7fd8cd
Fix some UI problems (dropdown/container) (#30849) (#30871)
Backport #30849 by wxiaoguang

Follow #30345
Follow #30547

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-06 07:45:04 +00:00
Giteabot e2e326f154
Fix some UI problems (install/checkbox) (#30854) (#30870)
Backport #30854 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-06 06:58:42 +00:00
Giteabot 2252a7bf84
Have time.js use UTC-related getters/setters (#30857) (#30869)
Backport #30857 by kemzeb

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
Co-authored-by: Sam Fisher <fisher@3echelon.local>
2024-05-06 10:01:22 +08:00
Giteabot bb7150c30d
Do not show monaco JS errors (#30862) (#30866)
Backport #30862 by wxiaoguang

Fix #30861

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-06 00:53:09 +08:00
Giteabot 60fa2a5960
Fix issue/PR title edit (#30858) (#30865)
Backport #30858 by wxiaoguang

1. "enter" doesn't work (I think it is the last enter support for #14843)
2. if a branch name contains something like `&`, then the branch selector doesn't update

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-05 13:53:12 +00:00
Giteabot 054602977a
Add result check in TestAPIEditUser (#29674) (#30860)
Backport #29674 by @yp05327

Fix #29514
there are too many usage of `NewRequestWithValues`, so there's no need
to check all of them.
Just one is enough I think.

Co-authored-by: yp05327 <576951401@qq.com>
2024-05-05 21:17:03 +08:00
Giteabot 471b411873
Fix markdown URL parsing for commit ID (#30812) (#30855)
Backport #30812 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-04 12:04:05 +08:00
Giteabot a82e6301f7
Fix no edit history after editing issue's title and content (#30814) (#30845)
Backport #30814 by @yp05327

Fix #30807

reuse functions in services

Co-authored-by: yp05327 <576951401@qq.com>
2024-05-03 14:43:16 +00:00
Giteabot 1f9a9fab5f
Improve grep search (#30843) (#30850)
Backport #30843 by wxiaoguang

Reduce the context line number to 1, make "git grep" search respect the
include/exclude patter, and fix #30785

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 17:59:33 +08:00
Giteabot 7ad2d039fd
Don't only list code-enabled repositories when using repository API (#30817) (#30848)
Backport #30817 by kemzeb

We should be listing all repositories by default.

Fixes #28483.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-05-03 16:52:38 +08:00
Giteabot ab2ef1ae49
Ignore useless error message "broken pipe" (#30801) (#30842)
Backport #30801 by wxiaoguang

Fix #30792

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 04:20:34 +00:00
Giteabot 7db434bfa9
Fix JS error on pull request page (#30838) (#30841)
Backport #30838 by silverwind

Fix this error seen on PR page, regression from
https://github.com/go-gitea/gitea/pull/30803:

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 02:17:11 +00:00
Giteabot 41f8ef8af5
Improve repo button row layout (#30668) (#30839)
Backport #30668 by @silverwind

Since there is now a second `<input>` in the repo buttons, we can make a
better-looking layout with no empty space, except on mobile.

Also I fixed one bug with focus border on clone panel.

## Large

<img width="1163" alt="Screenshot 2024-04-23 at 22 25 22"
src="https://github.com/go-gitea/gitea/assets/115237/8135a572-aa67-4672-ad49-b76b06890b52">

## Medium
<img width="870" alt="Screenshot 2024-04-23 at 22 25 34"
src="https://github.com/go-gitea/gitea/assets/115237/9e93f61c-3315-4a78-8328-8cefad5b50fa">

## Mobile
<img width="416" alt="Screenshot 2024-04-23 at 22 25 52"
src="https://github.com/go-gitea/gitea/assets/115237/859e341f-807a-48e6-8bcf-31715963216c">

Co-authored-by: silverwind <me@silverwind.io>
2024-05-02 19:38:37 +00:00
Giteabot 6d83f5eddc
Prevent automatic OAuth grants for public clients (#30790) (#30836)
Backport #30790 by archer-321

This commit forces the resource owner (user) to always approve OAuth 2.0
authorization requests if the client is public (e.g. native
applications).

As detailed in [RFC 6749 Section
10.2](https://www.rfc-editor.org/rfc/rfc6749.html#section-10.2),

> The authorization server SHOULD NOT process repeated authorization
requests automatically (without active resource owner interaction)
without authenticating the client or relying on other measures to ensure
that the repeated request comes from the original client and not an
impersonator.

With the implementation prior to this patch, attackers with access to
the redirect URI (e.g., the loopback interface for
`git-credential-oauth`) can get access to the user account without any
user interaction if they can redirect the user to the
`/login/oauth/authorize` endpoint somehow (e.g., with `xdg-open` on
Linux).

Fixes #25061.

Co-authored-by: Archer <archer@beezig.eu>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-02 19:06:32 +00:00
Giteabot 665a06c41f
Catch and handle unallowed file type errors in issue attachment API (#30791) (#30834)
Backport #30791 by kemzeb

Before, we would just throw 500 if a user passes an attachment that is
not an allowed type. This commit catches this error and throws a 422
instead since this should be considered a validation error.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-05-03 01:45:45 +08:00