Commit Graph

1350 Commits

Author SHA1 Message Date
Rowan Bohde 0b5da27570
allow the actions user to login via the jwt token (#32527) (#32580)
Backport #32527

We have some actions that leverage the Gitea API that began receiving
401 errors, with a message that the user was not found. These actions
use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to
authenticate with the Gitea API. The format of this env var in actions
jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a
corresponding update to `act_runner`) Since it was a JWT, the OAuth
parsing logic attempted to parse it as an OAuth token, and would return
user not found, instead of falling back to look up the running task and
assigning it to the actions user.

Make ACTIONS_RUNTIME_TOKEN in action runners could be used, attempting
to parse Oauth JWTs. The code to parse potential old
`ACTION_RUNTIME_TOKEN` was kept in case someone is running an older
version of act_runner that doesn't support the Actions JWT.
2024-11-21 03:18:00 +00:00
Giteabot 3661b14d97
Remove unnecessary code (#32560) (#32567)
Backport #32560 by @lunny

PushMirrors only be used in the repository setting page. So it should
not be loaded on every repository page.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-20 02:55:59 +08:00
Lunny Xiao cf2d332443
Refactor find forks and fix possible bugs that weak permissions check (#32528) (#32547)
Backport #32528

- Move models/GetForks to services/FindForks
- Add doer as a parameter of FindForks to check permissions
- Slight performance optimization for get forks API with batch loading
of repository units
- Add tests for forking repository to organizations

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-19 04:08:32 +00:00
Lunny Xiao 673fee427e
Refactor push mirror find and add check for updating push mirror (#32539) (#32549)
backport #32539

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-18 23:55:27 +08:00
Giteabot 6555cfcac3
Fix basic auth with webauthn (#32531) (#32536)
Backport #32531 by @lunny

WebAuthn should behave the same way as TOTP. When enabled, basic auth
with username/password should need to WebAuthn auth, otherwise returned
401.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-16 18:21:00 +00:00
Giteabot d03dd04d65
Remove transaction for archive download (#32186) (#32520)
Backport #32186 by @lunny

Since there is a status column in the database, the transaction is
unnecessary when downloading an archive. The transaction is blocking
database operations, especially with SQLite.

Replace #27563

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-15 10:27:38 +01:00
Lunny Xiao 781310df77
Trim title before insert/update to database to match the size requirements of database (#32498) (#32507) 2024-11-14 18:06:31 -08:00
Giteabot a4263d341c
Add a doctor check to disable the "Actions" unit for mirrors (#32424) (#32497)
Backport #32424 by @Zettat123

Resolve #32232

Users can disable the "Actions" unit for all mirror repos by running 
```
gitea doctor check --run  disable-mirror-actions-unit --fix
```

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-11-13 18:47:56 +00:00
wxiaoguang 26437a03b0
Disable Oauth check if oauth disabled (#32368) (#32480)
Partially backport Disable Oauth check if oauth disabled #32368
2024-11-12 06:09:47 +00:00
Giteabot eb5733636b
Fix broken releases when re-pushing tags (#32435) (#32449)
Backport #32435 by @Zettat123

Fix #32427

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-10 23:49:59 +00:00
Giteabot 22a93c1cdc
Only provide the commit summary for Discord webhook push events (#32432) (#32447)
Backport #32432 by @kemzeb

Resolves #32371.

#31970 should have just showed the commit summary, but
`strings.SplitN()` was misused such that we did not perform any
splitting at all and just used the message. This was not caught in the
unit test made in that PR since the test commit summary was > 50 (which
truncated away the commit description).

This snapshot resolves this and adds another unit test to ensure that we
only show the commit summary.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-11-08 09:13:49 +08:00
Zettat123 898f852d03
Fix `missing signature key` error when pulling Docker images with `SERVE_DIRECT` enabled (#32365) (#32397)
Backport #32365

Fix #28121

I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.


348d1d0f32/routers/api/packages/container/container.go (L712-L717)
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html <img
width="600px"

src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>

In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.

```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```
2024-11-01 03:53:59 +00:00
Lunny Xiao b7d12347f3
Add warn log when deleting inactive users (#32318) (#32321)
Backport #32318 

Add log for the problem #31480
2024-10-23 10:48:42 +08:00
Zettat123 55562f9c79
Update scheduled tasks even if changes are pushed by "ActionsUser" (#32246) (#32252)
Backport #32246

Fix #32219

Co-authored-by: delvh <dev.lh@web.de>
2024-10-14 16:55:16 +08:00
Giteabot 24b65f122a
Only rename a user when they should receive a different name (#32247) (#32249)
Backport #32247 by @lunny

Fix #31996

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-10-13 19:27:37 +00:00
Lunny Xiao 56051d9b3b
Fix bug when a token is given public only (#32204) (#32218)
Backport #32204
2024-10-09 02:16:37 +00:00
Lunny Xiao 2e3a191097
Fix javascript error when an anonymous user visiting migration page (#32144) (#32179)
backport #32144

This PR fixes javascript errors when an anonymous user visits the
migration page.
It also makes task view checking more restrictive.

The router moved from `/user/task/{id}/status` to
`/username/reponame/-/migrate/status` because it's a migrate status.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-10-04 17:58:04 +00:00
Lunny Xiao d86433cce2
Don't init singing keys if oauth2 provider disabled (#32177)
Backport #32148
2024-10-03 11:34:56 -04:00
Giteabot 9fc3915e04
Fix the logic of finding the latest pull review commit ID (#32139) (#32165)
Backport #32139 by @Zettat123

Fix #31423

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-10-01 13:10:03 +09:00
Giteabot 1ef74004a2
Fix bug when deleting a migrated branch (#32075) (#32123)
Backport #32075 by @lunny

After migrating a repository with pull request, the branch is missed and
after the pull request merged, the branch cannot be deleted.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-24 17:01:05 +08:00
Giteabot a32aaf4d43
Truncate commit message during Discord webhook push events (#31970) (#32121)
Backport #31970 by @kemzeb

Resolves #31668.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-09-24 13:28:01 +08:00
Giteabot ea9e09abe5
Fix: database not update release when using `git push --tags --force` (#32040) (#32074)
Backport #32040 by @ExplodingDragon

link: https://codeberg.org/forgejo/forgejo/issues/4274

Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
2024-09-19 07:57:28 +08:00
wxiaoguang 2891edbbcb
Refactor CSRF protector (#32057) (#32069)
#32057 improves the CSRF handling and is worth to backport
2024-09-18 17:02:45 +00:00
Giteabot 8dbe83d205
Add missing comment reply handling (#32050) (#32065)
Backport #32050 by @KN4CK3R

Fixes #31937

- Add missing comment reply handling
- Use `onGiteaRun` in the test because the fixtures are not present
otherwise (did this behaviour change?)

Compare without whitespaces.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-09-18 09:23:28 +00:00
Giteabot e6395e1e81
Handle invalid target when creating releases using API (#31841) (#32043)
Backport #31841 by @kemzeb

A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on #31840.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-09-17 02:23:40 +00:00
Giteabot 8a39a4812f
Do not escape relative path in RPM primary index (#32038) (#32054)
Backport #32038 by @KN4CK3R

Fixes #32021

Do not escape the relative path.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-09-17 08:19:35 +08:00
Giteabot b3af359cc6
Fix `/repos/{owner}/{repo}/pulls/{index}/files` endpoint not populating `previous_filename` (#32017) (#32028)
Backport #32017 by @charles-plutohealth

---
`status == "rename"` should have read `status == "renamed"`. The typo
means that file.PreviousFilename would never be populated, which e.g.
breaks usage of the Github Action at
https://github.com/dorny/paths-filter.

Co-authored-by: charles-plutohealth <143208583+charles-plutohealth@users.noreply.github.com>
2024-09-12 08:58:43 +09:00
Giteabot 0629c08a6d
Support allowed hosts for migrations to work with proxy (#32025) (#32026)
Backport #32025 by @wolfogre

Fix #32024. Follow #27655.

After this PR, all usage of "new dial context" needs to provide a proxy,
so I dropped the old `NewDialContext` and renamed
`NewDialContextWithProxy` to `NewDialContext`.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-09-11 14:54:19 +08:00
Giteabot b39aa8528b
Fix nuget/conan/container packages upload bugs (#31967) (#31982)
Backport #31967 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-05 07:34:41 +00:00
Giteabot b5500cded1
Fix 500 error when `state` params is set when editing issue/PR by API (#31880) (#31952)
Backport #31880 by @yp05327

A quick fix for #31871

Co-authored-by: yp05327 <576951401@qq.com>
2024-09-01 18:38:10 +00:00
Giteabot a0d1630700
Fix agit automerge (#31207) (#31881)
Backport #31207 by @lunny

Fix #31134

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-20 16:20:58 +00:00
Giteabot 3913ef69d5
Fix actions notify bug (#31866) (#31875)
Backport #31866 by @lunny

Try to fix
https://github.com/go-gitea/gitea/issues/31757#issuecomment-2295131062

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-20 02:14:29 +08:00
Giteabot b6ede69a1b
Fixes for unreachable project issues when transfer repository from organization (#31770) (#31828)
Backport #31770 by @emrebdr

When transferring repositories that have issues linked to a project
board to another organization, the issues remain associated with the
original project board. This causes the columns in the project board to
become bugged, making it difficult to move other issues in or out of the
affected columns. As a solution, I removed the issue relations since the
other organization does not have this project table.

Fix for #31538

Co-authored-by: Edip Emre Bodur <emrebdr29@gmail.com>
Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-14 09:57:23 +08:00
Giteabot 8d11946d67
Fix protected branch files detection on pre_receive hook (#31778) (#31796)
Backport #31778 by @lunny

Fix #31738

When pushing a new branch, the old commit is zero. Most git commands
cannot recognize the zero commit id. To get the changed files in the
push, we need to get the first diverge commit of this branch. In most
situations, we could check commits one by one until one commit is
contained by another branch. Then we will think that commit is the
diverge point.

And in a pre-receive hook, this will be more difficult because all
commits haven't been merged and they actually stored in a temporary
place by git. So we need to bring some envs to let git know the commit
exist.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-08 03:08:30 +00:00
Giteabot 6203ae764a
Distinguish LFS object errors to ignore missing objects during migration (#31702) (#31745)
Backport #31702 by @wolfogre

Fix #31137.

Replace #31623 #31697.

When migrating LFS objects, if there's any object that failed (like some
objects are losted, which is not really critical), Gitea will stop
migrating LFS immediately but treat the migration as successful.

This PR checks the error according to the [LFS api
doc](https://github.com/git-lfs/git-lfs/blob/main/docs/api/batch.md#successful-responses).

> LFS object error codes should match HTTP status codes where possible:
> 
> - 404 - The object does not exist on the server.
> - 409 - The specified hash algorithm disagrees with the server's
acceptable options.
> - 410 - The object was removed by the owner.
> - 422 - Validation error.

If the error is `404`, it's safe to ignore it and continue migration.
Otherwise, stop the migration and mark it as failed to ensure data
integrity of LFS objects.

And maybe we should also ignore others errors (maybe `410`? I'm not sure
what's the difference between "does not exist" and "removed by the
owner".), we can add it later when some users report that they have
failed to migrate LFS because of an error which should be ignored.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-07-31 23:06:37 +08:00
yp05327 d3f0867204
Add permission check when creating PR (#31033) (#31720)
Backport #31033

user should be a collaborator of the base repo to create a PR
2024-07-29 14:11:29 +08:00
Giteabot 00aade2cab
Fix a branch divergence cache bug (#31659) (#31661)
Backport #31659 by @Zettat123

Fix #31599
Fix #31472

A branch divergence is counted based on the default branch. If the
default branch is updated, all divergence caches of the repo need to be
deleted.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-07-19 13:12:23 -04:00
Giteabot c2445ae3d4
Fix: Allow org team names of length 255 in create team form (#31564) (#31603)
Backport #31564 by @tobiasbp

Gitea 1.22.1 was supposed to allow for team names of length 255 (up from
30) after the following PR was merged in:
https://github.com/go-gitea/gitea/pull/31410. However, the length of
team names was still limited to 30 as described in this issue:
https://github.com/go-gitea/gitea/issues/31554.

One more change to _gitea_ needs to be made to allow for the longer team
names, as there is a 30 character limit here:
2c92c7c522/services/forms/org.go (L65)

This PR changes that value to 255.

Co-authored-by: Tobias Balle-Petersen <tobias.petersen@unity3d.com>
2024-07-10 12:28:27 -04:00
wxiaoguang 43c63c33ae
Use old behavior for telegram webhook (#31588)
Fix #31182
2024-07-09 11:23:33 +08:00
Giteabot 6486c8b7b3
Fix slow patch checking with commits that add or remove many files (#31548) (#31560)
Backport #31548 by @brechtvl

Running git update-index for every individual file is slow, so add and
remove everything with a single git command.

When such a big commit lands in the default branch, it could cause PR
creation and patch checking for all open PRs to be slow, or time out
entirely. For example, a commit that removes 1383 files was measured to
take more than 60 seconds and timed out. With this change checking took
about a second.

This is related to #27967, though this will not help with commits that
change many lines in few files.

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2024-07-05 11:24:01 +02:00
Giteabot 9ecaeda66e
[Fix] Account Linking UpdateMigrationsByType (#31428) (#31434)
Backport #31428 by Sumit189

Co-authored-by: Sumit <sumit.18.paul@gmail.com>
2024-06-20 13:53:15 +00:00
Giteabot 758f84f33e
Fix #31185 try fix lfs download from bitbucket failed (#31201) (#31329)
Backport #31201 by @Zoupers

Fix #31185

Co-authored-by: Zoupers Zou <1171443643@qq.com>
2024-06-12 02:34:37 +03:00
Giteabot e8c776c793
Fix push multiple branches error with tests (#31151) (#31153)
Backport #31151 by @lunny

Fix #31140 

The previous logic is wrong when pushing multiple branches. After first
branch updated, it will ignore left other branches sync operations.

As a workaround for the repositories, just push a new commit after the
patch applied will fix the repositories status.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-30 07:04:42 +00:00
Giteabot d6ae2b3c4e
Fix API repository object format missed (#31118) (#31132)
Backport #31118 by @lunny

Fix #31117

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-28 09:59:56 +00:00
Giteabot 1171b24d52
Make gitea webhooks openproject compatible (#28435) (#31081)
Backport #28435 by Chief-Detektor

Co-authored-by: André Rosenhammer <andre.rosenhammer@gmail.com>
2024-05-26 12:53:42 +08:00
Giteabot 2648962ae0
Fix automerge will not work because of some events haven't been triggered (#30780) (#31039)
Backport #30780 by @lunny

Replace #25741
Close #24445
Close #30658
Close #20646
~Depends on #30805~

Since #25741 has been rewritten totally, to make the contribution
easier, I will continue the work in this PR. Thanks @6543

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-22 02:08:05 +00:00
Giteabot 55cb356b84
Refactor sha1 and time-limited code (#31023) (#31030)
Backport #31023 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-21 00:58:21 +08:00
Giteabot 8a259e54c5
Return `access_denied` error when an OAuth2 request is denied (#30974) (#31029)
Backport #30974 by Zettat123

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-20 22:49:04 +08:00
Giteabot 8446caa813
Fix bug on avatar (#31008) (#31019)
Backport #31008 by @lunny

Extract from #30995

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-20 02:54:53 +00:00
Giteabot ab33b7849f
Fix "force private" logic (#31012) (#31021)
Backport #31012 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-20 10:27:52 +08:00