Commit Graph

12825 Commits

Author SHA1 Message Date
Gusted 0b83cc21be
Fix commit's time (#18375) (#18392)
- Backport of #18375
2022-01-25 05:48:56 +00:00
wxiaoguang b68e605d56
Prevent showing webauthn error for every time visiting `/user/settings/security` (#18385) (#18386)
Backport #18385
2022-01-25 00:11:49 +00:00
Gusted 42991dc89a
Fix partial cloning a repo (#18373) (#18377)
* Fix partial cloning a repo (#18373)

- Backport from: #18373
- Backport isn't 1-1, because the frontport had a refactor in that area,
which v1.16 doesn't have.

* Include diff & use copy

* Add partial clone test

* patch

* Apply suggestions from code review

* globalArgs first

* avoid copy but make GlobalCMDArgs append first

* please linter

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2022-01-23 21:46:09 +00:00
wxiaoguang 160de9fbda
Fix mime-type detection for HTTP server (#18371) 2022-01-23 21:17:20 +08:00
Gusted d644289fcb
Backport: Disable content sniffing on `PlainTextBytes` (#18365)
- Backport of #18359
2022-01-23 01:58:09 +02:00
6543 fd9ff7cd6f
Update github.com/duo-labs/webauthn (#18357) (#18364) 2022-01-22 13:32:10 -05:00
GiteaBot b7c6457648 [skip ci] Updated translations via Crowdin 2022-01-19 21:28:43 +00:00
zeripath 6b0a71230d
Stop trimming preceding and suffixing spaces from editor filenames (#18334)
* Stop trimming preceding and suffixing spaces from editor filenames

In #5702 it was decided to trim preceding and suffixed spaces aswell as / from
editing file filenames. This was because at this point in time the url-safety of
Gitea was much poorer.

We can now drop this requirement and file editing should work correctly.

Fix #18176

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-19 21:03:15 +00:00
GiteaBot c68f1281f6 [skip ci] Updated translations via Crowdin 2022-01-19 20:29:22 +00:00
silverwind f19f53c077
Left-Align text in Unicode warning boxes (#18331)
Wrapped text is more readable when left-aligned.

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
2022-01-19 19:25:08 +00:00
zeripath 6779d9726f
Only warn on bidi but still escape non-bidi (#18333)
Fix #18324

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-19 19:24:15 +00:00
wxiaoguang 6fba174606
Fix incorrect OAuth message (#18332)
As the title,

Fix #18327
2022-01-19 19:05:06 +00:00
GiteaBot 531b6d60e1 [skip ci] Updated translations via Crowdin 2022-01-19 18:28:18 +00:00
techknowlogick 4a6bae59c0
Changelog for 1.16.0-rc1 (#18309)
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
2022-01-19 18:08:23 +01:00
zeripath 4a20eadfd7
Restore propagation of ErrDependenciesLeft (#18325)
Unfortunately #17643 prevented all propagation of ErrDependenciesLeft meaning
that dependency errors that prevent closing of issues get swallowed.

This PR restores propagation of the error but instead swallows the error in the
places where it needs to be swallowed.

Fix #18223

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-19 00:26:42 +01:00
wxiaoguang 84f8ef3df6
Fix PR comments UI (#18323)
Closes:
* Review comment cannot be edited #17768
* Changing PR Comment Resolved State Disables Further Changes #18315
2022-01-19 01:28:38 +08:00
wxiaoguang 11b4827791
Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
And shrink the height of Dropzone.
2022-01-19 00:57:57 +08:00
Gusted 9dcf0bf6ec
Fix commit links on compare page (#18310)
* Fix commit links on compare page

- Use the correct repo link for each commit(the headrepo). As for
compare pages were baserepo != headrepo, it wouldn't have the correct
link.

Co-authored-by: zeripath <art27@cantab.net>
2022-01-18 16:12:10 +00:00
silverwind 8156e0f855
Update JS dependencies, remove eslint-plugin-github (#18317)
- Update all JS dependencies
- Add new lint rules
- Regenerate SVGs
- Tested Monaco and Mermaid
* Remove eslint-plugin-github
2022-01-18 23:01:36 +08:00
Peter Gardfjäll 89a3214352
Add MirrorUpdated field to Repository API type (#18267)
Add the last update time to the repository api type.

Close #18266
2022-01-18 13:18:30 +00:00
zeripath 68b59d8966
replace satori/go.uuid with gofrs/uuid (#18311)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 11:04:24 +00:00
JonRB 483409716d
Place inline diff comment dialogs in the 4th column. (#18321)
Comment dialogs for inline comments should appear in 4th column (not 3rd column), this PR changes the column that the inline review comment is associated with.

This problem has occurred due to an unrecognised conflict between #17562 and #17315. 

Fix as zeripath suggested in #18320

Fix #18320 

Co-authored-by: zeripath <art27@cantab.net>
2022-01-18 10:28:45 +00:00
zeripath 089b4e6a45
Use indirect comparison when showing pull requests (#18313)
When generating the commits list and number of files changed for PRs and
compare we should use "..." always not "..".

Fix #18303

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 07:45:43 +00:00
zeripath a7ee4d507a
Prevent ambiguous column error in organizations page (#18314)
Explicitly set the table for the org_id column queries on the organizations pages.

Fix #18229

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 07:45:14 +00:00
zeripath 851b54ba9f
Correctly upload LFS files (#18316)
We need to use the cached .gitattributes file for checking if a file
should be stored in the lfs.

Fix #18297

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 07:44:30 +00:00
GiteaBot eed8633fb0 [skip ci] Updated translations via Crowdin 2022-01-18 00:31:56 +00:00
a1012112796 8581e2f4ec
update description about vendoring in CONTRIBUTING.md (#18280)
* update description about vendoring in CONTRIBUTING.md

follow #18277

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update CONTRIBUTING.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* fix and readd test-vendor step

* remove vendor from .gitattributes @silverwind

* simplify go mod check

Signed-off-by: a1012112796 <1012112796@qq.com>

* Revert "remove vendor from .gitattributes @silverwind"

This reverts commit 4789e704cb.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-01-17 13:39:07 -05:00
Aravinth Manivannan 076cead40d
Fix CheckRepoStats and reuse it during migration (#18264)
The CheckRepoStats function missed the following counters:

- label num_closed_issues & num_closed_pulls
- milestone num_closed_issues & num_closed_pulls

The update SQL statements for updating the repository
num_closed_issues & num_closed_pulls fields were repeated in three
functions (repo.CheckRepoStats, migrate.insertIssues and
models.Issue.updateClosedNum) and were moved to a single helper.

The UpdateRepoStats is implemented and called in the Finish migration method so that it happens immediately instead of wating for the
CheckRepoStats to run.

Signed-off-by: Loïc Dachary loic@dachary.org

---
[source](https://lab.forgefriends.org/forgefriends/forgefriends/-/merge_requests/34)
2022-01-17 19:31:58 +01:00
silverwind 7dde39a6db
Minor tweak to tag list (#18295)
Slightly reduce the font size and padding in the tags table, it seemed a bit too big to me.
2022-01-17 14:26:35 +01:00
a1012112796 43a22c6a21
show pull link for agit pull request also (#18235) 2022-01-17 13:56:43 +08:00
GiteaBot bd7680f450 [skip ci] Updated translations via Crowdin 2022-01-17 00:28:33 +00:00
silverwind 212e81f11d
Add some .ignore entries (#18296)
Exclude node_modules and minified files from search tools like `rg` and `ag`.
2022-01-16 17:26:15 +00:00
Ben Niemann 2871e58a01
Remove unneeded debug messages to stdout. (#18298)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-16 23:42:06 +08:00
zeripath 52bfb7f012
Handle missing default branch better in owner/repo/branches page (#18290)
This PR more nicely handles a missing default branch in owner/repo/branches

Fix #18265

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-16 22:59:16 +08:00
wxiaoguang 4d0a72a271
Revert "Prevent possible XSS when using jQuery (#18289)" (#18293)
This reverts commit 661d3d28e9.
2022-01-16 11:19:26 +00:00
a1012112796 72b3681648
not show double error response in git hook (#18292)
if return a error message to cli, it will print it
to stderr which is duplicate with our code (line 82
in same file). so user will see two line same
error message in git output. I think it's not mecessary,
so suggerst not return error message to cli. Thanks.

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-01-16 09:32:32 +00:00
zeripath 7960c96c19
Remove accidental debugging in blob_excerpt.tmpl (#18287)
* Remove accidental debugging in blob_excerpt.tmpl

Unfortunately it appears that a small bit of debugging code was left in blob_excerpt.tmpl
This breaks diff expansion causing #18281.

Fix #18281

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-16 09:31:41 +00:00
Gusted 661d3d28e9
Prevent possible XSS when using jQuery (#18289)
In the case of misuse or misunderstanding from a developer whereby,
if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the
creation of a new element. Current usage is using hard-coded selectors
in the templates, but nobody prevents that from expanding to
user-controlled somehow.
2022-01-16 13:14:32 +08:00
zeripath 4b4884ce88
Return nicer error if trying to pull from non-existent user (#18288)
* Return nicer error if trying to pull from non-existent user

Gitea serv will currently return an 500 if we try to pull from a repository where
the owner does not exist.

This PR checks for the UserNotExist Error when checking for the user and will
return a NotFound error instead.

Fix #18225
2022-01-16 11:44:11 +08:00
GiteaBot a15353dc00 [skip ci] Updated translations via Crowdin 2022-01-16 00:28:39 +00:00
Jan Tojnar a38ab71b20
docs: mention client_max_body_size affects LFS (#18291) 2022-01-15 17:26:01 -05:00
silverwind 0ed9b006e8
Add lockfile-check (#18285)
* Add lockfile-check

This check runs `npm install` which will rewrite the lockfile in case it
is inconsistent with package.json. This check detects this and will fail
the CI in such a case.
2022-01-15 21:06:29 +01:00
zeripath d7c2a2951c
Webauthn nits (#18284)
This contains some additional fixes and small nits related to #17957 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-15 17:52:56 +01:00
Gusted e239d354c9
Update `package-lock.json` (#18283)
- NPM didn't like that package-lock.json was out-of-sync, webpack
throwed some errors as well with building.
- Follow-up for: #18278
2022-01-15 15:25:25 +01:00
wxiaoguang aa1e8f6a74
Upgrade EasyMDE to 2.16.1 (#18278) 2022-01-15 11:20:47 +01:00
techknowlogick 84145e45c5
Remove golang vendored directory (#18277)
* rm go vendor

* fix drone yaml

* add to gitignore
2022-01-14 18:16:05 -05:00
zeripath 2b16ca7c77
Changelog for 1.15.10 (#18274) (#18276)
* Changelog for 1.15.10 (#18274)

[1.15.10](https://github.com/go-gitea/gitea/releases/tag/v1.15.10) - 2022-01-14

* BUGFIXES
  * Fix inconsistent PR comment counts (#18260) (#18261)
  * Fix release link broken (#18252) (#18253)
  * Fix update user from site administration page bug (#18250) (#18251)
  * Set HeadCommit when creating tags (#18116) (#18173)
  * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
  * Fix purple color in suggested label colors (#18241) (#18242)
* SECURITY
  * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)

* update docs/config.yaml

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Richard Mahn <richmahn@users.noreply.github.com>
2022-01-14 15:02:37 -05:00
Lunny Xiao 35c3553870
Support webauthn (#17957)
Migrate from U2F to Webauthn

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-14 16:03:31 +01:00
GiteaBot 8808293247 [skip ci] Updated translations via Crowdin 2022-01-14 00:29:34 +00:00
Gusted d413a1f8a4
Improve the comment for 2FA filter in admin panel (#18017)
Replace TODO with explanation

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-13 21:32:28 +01:00