forked from gitea/gitea
1
0
Fork 0
Commit Graph

9697 Commits

Author SHA1 Message Date
techknowlogick 0e9dcc9500
When reading expired sessions - expire them (#12686) (#12690)
* When reading expired sessions - expire them

Update to latest macaron/session following merge of
https://gitea.com/macaron/session/pulls/11

Also remove old memory provider as 11 updates the memory provider to
make it unnecessary.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* and macaron/session/pulls/12

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-09-02 18:51:56 -04:00
6543 87f02d90cf
Escape provider name in oauth2 provider redirect (#12650)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Andrew Thornton <art27@cantab.net>
2020-08-30 23:55:19 +01:00
John Olheiser 21cd7ab812
Mark Cache with ini tag (#12605) (#12611)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
2020-08-26 11:53:14 -04:00
John Olheiser 981216c9fe
Escape Email in forgot_password.tmpl (#12610) (#12612)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-26 10:12:09 -05:00
techknowlogick cfbfb73c56
go1.15 on windows (#12589) (#12593)
We don't support go1.15 on 1.12.x branch, however this will allow users who chose to build with go1.15 on windows to be successful
2020-08-24 18:38:47 -04:00
zeripath 4a548a0332
Fix diff path unquoting (#12554) (#12575)
Backport #12554

* Fix diff path unquoting

services/gitdiff/gitdiff.go whereby there it assumed that the path would
always be quoted on both sides

This PR simplifies the code here and uses fmt.Fscanf to parse the
strings as necessary.

Fix #12546

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add testcase as per @mrsdizzie

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-23 16:58:09 +03:00
zeripath 8bf2ee1e02
Skip SSPI authentication attempts for /api/internal (#12556) (#12559)
Backport #12556

SSPI fails badly on authentication attempts to /api/internal which
it can never succesfully authenticate.

Fix #11260

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-08-22 17:09:14 -04:00
zeripath a687980412
Default empty merger list to those with write permissions (#12535) (#12560)
Backport #12535

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-22 23:35:56 +03:00
zeripath 1f85815a3b
models: break out of loop (#12386) (#12561)
Backport #12386

Co-authored-by: Lars Lehtonen <lars.lehtonen@gmail.com>
2020-08-22 16:22:07 +01:00
silverwind ee5e5a5093
Improve HTML escaping helper (#12562)
The previous method did not escape single quotes which under some
circumstances can lead to XSS vulnerabilites and the fact that it
depends on jQuery is also not ideal. Replace it with a lightweight
module.
2020-08-22 13:36:56 +01:00
zeripath 03ba12aabf
Prevent NPE on commenting on lines with invalidated comments (#12549) (#12550)
* Prevent NPE on commenting on lines with invalidated comments

Only check for a review if we are replying to a previous review.

Prevent the NPE in #12239 by assuming that a comment without a Review is
non-pending.

Fix #12239

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Add hack around to show the broken comments

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-08-21 10:52:20 +03:00
John Olheiser 24ed1b5feb
Remove hardcoded ES indexername (#12521) (#12526)
Co-authored-by: Wim <wim@42.be>
2020-08-18 21:42:22 -04:00
zeripath 8282697734
Keys should not verify revoked email addresses (#12486) (#12495)
Backport #12486

Fix #6778

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-17 12:06:31 -04:00
techknowlogick ec48618d40
Fix bug preventing transfer to private organization (#12497) (#12501)
* Fix bug preventing transfer to private organization

The code assessing whether a private organization was visible to a user before
allowing transfer was incorrect due to testing membership the wrong way round

This PR fixes this issue and renames the function performing the test to be
clearer.

Further looking at the API for transfer repository - no testing was
performed to ensure that the acting user could actually see the new
owning organization.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* change IsUserPartOfOrg everywhere

Co-authored-by: zeripath <art27@cantab.net>
2020-08-17 09:32:33 +03:00
techknowlogick f0dd07129a
Do not add prefix on http/https submodule links (#12477) (#12479)
Fix #12345

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-13 11:53:40 -04:00
techknowlogick 6d3b8141df
Fix ignored login on compare (#12476) (#12478)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-12 16:36:22 -04:00
techknowlogick 13c4c7a132
Match GH with Commit page (#12425) (#12431)
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-08-05 15:49:12 +08:00
techknowlogick 6015d30dd6
Fix incorrect error logging in Stats indexer and OAuth2 (#12387) (#12422)
* Fix incorrect logging in oauth2.go

Fix #11945

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Handle ErrAlreadyInQueue in stats indexer

Fix #12380

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fixes type in error message of indexer

Add the missing character in the error message.

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lieven Hollevoet <hollie@lika.be>
2020-08-04 16:27:43 +08:00
6543 b1cfb0d7a2
[Vendor] upgrade google/go-github to v32.1.0 (#12361) (#12390)
* upgrate go-github client to v32.1.0

* migrate
2020-07-31 12:02:23 -04:00
6543 48a423a8a8
Rendoer emoji's of Commit message on feed-page (#12373) 2020-07-29 17:09:47 -04:00
zeripath cc8a7c9345
Git 2.28 no longer permits diff with ... on unrelated branches (#12370)
Backport #12364

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-29 12:42:22 -04:00
6543 77af0a23c4
Changelog v1.12.3 (#12356)
* Changelog v1.12.3

* better description for 12351

* @techknowlogick suggestions
2020-07-28 16:41:36 -04:00
Richard Mahn 87bfe02b5b
Backport to v1.12 for #12341 - Release date fix (#12351)
* Backport for Issue #12341 PR #12343 - Release date fix

* Adds sleep for comparing times

* Fixes imports

* Fixes tests
2020-07-28 14:10:50 -04:00
techknowlogick 9bac656b7d
Show 404 page when release not found (#12328) (#12332)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-27 00:39:44 +03:00
silverwind ad68c9ccb2
Backport emoji fixes to 1.12 (#12327)
* Fix emoji detection in certain cases (#12320)

* Fix emoji detection certain cases

Previous tests weren't complicated enough so there were some situations where emojis were't detected properly. Find the earliest occurance in addition to checking for the longest combination.

Fixes #12312

* ok spell bot

Co-authored-by: Lauris BH <lauris@nix.lv>

* Reduce emoji size (#12317)

* Reduce emoji size

Rendering should now pretty much match GitHub with 1.25em. I verified
that emojis don't increase the line height and removed unecessary size
overrides because now all emojis should appear similar in relation to
the font size.

* fix reaction hover

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-25 12:50:57 -04:00
techknowlogick 8d1cd4d252
Fix double-indirection bug in logging IDs (#12294) (#12308)
This PR fixes a bug in log.NewColoredIDValue() which led to a double
indirection and incorrect IDs being printed out.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: zeripath <art27@cantab.net>
2020-07-24 02:24:22 +03:00
techknowlogick 64eaa2a942
[ui] Link to pr list page on sidebar when view pr (#12256) (#12263)
Fix #12254

Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: 赵智超 <1012112796@qq.com>
2020-07-16 11:56:09 -04:00
zeripath 489e9162fc
Extend Notifications API and return pinned notifications by default (#12164) (#12232)
Backport #12164

This PR extends the notifications API to allow specific notification statuses to be searched for and to allow setting of notifications to statuses other than read.

By default unread and pinned statuses will be returned when querying for notifications - however pinned statuses will not be marked as read.

Close #12152

Signed-off-by: Andrew Thornton art27@cantab.net
2020-07-13 21:52:05 +01:00
Lauris BH 5e62137fe3
Changelog for v1.12.2 (#12214)
* Changelog for v1.12.2

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

* Update CHANGELOG.md

Co-authored-by: mrsdizzie <info@mrsdizzie.com>

Co-authored-by: mrsdizzie <info@mrsdizzie.com>
2020-07-11 19:53:26 +03:00
赵智超 6a081f95c0
Decrease the num_stars when deleting a repo (#11954) (#12188)
* Decrease the  num_stars when deleting a repo

fix #11949

Signed-off-by: a1012112796 <1012112796@qq.com>

* Add migration

* use batch

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>

* fix lint

* fix lint

* fix ci

* fix ci2

* add doctor

* duplicate code

* fix migration

* fix some nits

* add start

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-08 17:52:40 -04:00
techknowlogick c3c246cffc
Fix regression: Gitea commits API again returns commit summaries, not full messages (#12186) (#12187)
Closes #12185

Co-authored-by: Kristian Antonsen <kristian@derfor.dk>
2020-07-08 11:22:07 -04:00
techknowlogick 85be939c2a
properly set symbolic-ref HEAD when a repo is created with a non-master default branch (#12135) (#12182)
This fixes an issue I noticed with #10803: when you create a repo with a non-master default branch, gitea doesn't change the remote ref HEAD, so it still points at refs/heads/master. As a result, cloning my repos gives me error messages and doesn't check out the desired default branch, so I need to manually check it out after cloning.

Co-authored-by: xenofem <45297511+xenofem@users.noreply.github.com>
2020-07-08 00:40:22 -04:00
Jürgen Hötzel a680c911e4
Trim to 255 runes instead of bytes (#12150)
* Trim to 255 runes instead of bytes

Prevents invalid UTF-8 encoding for Description and Website. Refs #7905

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-07-07 19:05:35 -04:00
zeripath d9c18cbba0
Ensure Subkeys are verified (#12155) (#12168)
Backport #12155

When attempting to verify subkeys the email address verification step
requires checking the emails however, these emails are not stored on
subkeys but instead on the primary key.

This PR will obtain the primaryKey and check against these emails too.

Fix #12128

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-06 20:13:18 -04:00
Lauris BH 3daedb3877
Use hash of repo path, ref and entrypath as cache key (#12151) (#12161) 2020-07-06 16:51:45 +08:00
zeripath 2bf987229a
Multiple small admin dashboard fixes (#12153) (#12156)
* Prevent (EXTRA string) comments in Task headers
* Redirect tasks started from monitor page back to monitor
* Fix #12107 - redirects from process cancel should use AppSubUrl
* When wrapping queues set the name correctly

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-05 21:19:53 +01:00
zeripath f984a7e6c6
Remove spurious logging (#12139) (#12148)
Backport #12139

Unfortunately #10745 merged a spurious logging message. This PR removes this.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lauris BH <lauris@nix.lv>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-05 12:09:13 -04:00
Andreas Shimokawa c96da610c2
templates/repo/empty.tmpl : fix repo setup instructions (#12147)
Co-authored-by: codeberg <codeberg@codeberg.org>
Co-authored-by: zeripath <art27@cantab.net>
2020-07-05 15:56:10 +03:00
zeripath e46dbec294
Move EventSource to SharedWorker (#12095) (#12130)
* Move EventSource to SharedWorker (#12095)

Backport #12095

Move EventSource to use a SharedWorker. This prevents issues with HTTP/1.1
open browser connections from preventing gitea from opening multiple tabs.

Also allow setting EVENT_SOURCE_UPDATE_TIME to disable EventSource updating

Fix #11978

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>

* Bugfix for shared event source

For some reason our eslint configuration is not working correctly
and a bug has become apparent when trying to backport this to 1.12.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Re-fix #12095 again

Unfortunately some of the suggested changes to #12095 introduced
bugs which due to caching behaviour of sharedworkers were not caught
on simple tests.

These are as follows:

* Changing from simple for loop to use includes here:

```js
  register(port) {
    if (!this.clients.includes(port)) return;

    this.clients.push(port);

    port.postMessage({
      type: 'status',
      message: `registered to ${this.url}`,
    });
  }
```

The additional `!` prevents any clients from being added and should
read:

```js
    if (this.clients.includes(port)) return;
```

* Dropping the use of jQuery `$(...)` selection and using DOM
`querySelector` here:

```js
async function receiveUpdateCount(event) {
  try {
    const data = JSON.parse(event.data);

    const notificationCount = document.querySelector('.notification_count');
    if (data.Count > 0) {
      notificationCount.classList.remove('hidden');
    } else {
      notificationCount.classList.add('hidden');
    }

    notificationCount.text() = `${data.Count}`;
    await updateNotificationTable();
  } catch (error) {
    console.error(error, event);
  }
}
```

Requires that `notificationCount.text()` be changed to use `textContent`
instead.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-07-05 01:08:03 +03:00
赵智超 8f64017058
Fix ui bug in wiki commit page (#12089) (#12125)
* Fix ui bug in wiki commit page

TODO: Maybe we should allow wiki to have its own ``.editorconfig`` file.

Signed-off-by: a1012112796 <1012112796@qq.com>

* fix a small nit

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2020-07-03 00:49:55 -04:00
zeripath d737eaa63a
Set the base url when migrating from Gitlab using access token or username without password (#11852) (#12104)
Backport #11852

When migrating from gitlab, set the baseUrl in NewGitlabDownloader when using an access token or username without password

Fix #11851

Co-authored-by: Gernot Eger <gernot.eger@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-07-02 20:26:47 +08:00
zeripath 058ee52333
Fix gitgraph branch continues after merge (#12044) (#12105)
Backport #12044

* Fix gitgraph branch continues after merge

After fixing the initial problem in #11981 another
problem has come to light...

Fix #11981 (part 2)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Update web_src/js/vendor/gitgraph.js

* Apply suggestions from code review

Co-authored-by: silverwind <me@silverwind.io>
2020-07-02 11:46:06 +01:00
Lauris BH 47b1fc5149
Fix merge section in dark theme (#12086) (#12109)
Backport #12086

* Fix merge section in dark theme

* Fix lint
2020-07-02 10:36:45 +01:00
zeripath 20c2bdf86b
Ensure BlameReaders close at end of request (#12102) (#12103)
Backport #12102

this was thought to be due to timeouts, however on closer look this
appears to be due to the Close() function of the BlameReader hanging
with a blocked stdout pipe.

This PR fixes this Close function to:

* Cancel the context of the cmd
* Close the StdoutReader - ensuring that the output pipe is closed

Further it makes the context of the `git blame` command a child of the
request context - ensuring that even if Close() is not called, on
cancellation of the Request the blame is command will also be cancelled.

Fixes #11716
Closes #11727

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-07-01 18:43:25 +03:00
Stefan Bethke df13fc8818
Disable go module when downloading global binaries (#12030) (#12084)
Prevent `go get` from touching `go.mod` and `go.sum` when executing
global binaries during the build process. Once
https://github.com/golang/go/issues/30515 is fixed, we should is
whatever solution is provided there.

Fixes: https://github.com/go-gitea/gitea/pull/12010

Co-authored-by: techknowlogick <techknowlogick@gitea.io>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-06-28 21:14:22 +03:00
Cornel 445992d929
Fix comments webhook panic backport (#12058)
* Handle HookIssueReviewed action in webhook

* Fix webhook comment handling type cast panic
2020-06-25 21:19:11 -04:00
silverwind d059156c3a
Disable dropzone's timeout (#12024) (#12032)
Dropzone 4.4 introduced a 30s XHR timeout that will kill any upload
still in progress. This disable that timeout again.

Ref: https://www.dropzonejs.com/#config-timeout
Ref: https://github.com/go-gitea/gitea/pull/10645
Ref: https://xhr.spec.whatwg.org/#the-timeout-attribute
Fixes: https://github.com/go-gitea/gitea/issues/12022
Fixes: https://github.com/go-gitea/gitea/issues/11906

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-06-24 10:24:27 -04:00
Lauris BH 12f51ec7dd
Changelog for v1.12.1 (#12006) 2020-06-22 01:12:42 +03:00
zeripath 82b843a5ab
Handle multiple merges in gitgraph.js (#11996) (#12000)
Backport #11996

There is a bug in web_src/js/vendor/gitgraph.js whereby it fails to
handle multiple merges in a single commit correctly. This PR adds
changes to make this work.

Fix #11981

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-06-21 16:08:25 +01:00
silverwind dcbbf37082
Add serviceworker.js to KnownPublicEntries (#11992) (#11994)
Fixes a wrong 302 redirect to the login page, see https://github.com/go-gitea/gitea/issues/11989.
Also made it so the reserved username list is extended with those known
entries so we avoid code duplication.
2020-06-20 15:23:04 +01:00