Commit Graph

4360 Commits

Author SHA1 Message Date
Yarden Shoham
324626a11c
Fix htmx rendering the login page in frame on session logout (#29405)
- Fix #29391

With this change, htmx will not follow the redirect in the AJAX request
but instead redirect the whole browser.

To reproduce the bug fixed by this change without waiting a long time
for the token to expire, you can logout in another tab then look in the
original tab. Just make sure to comment out both instances of
`window.location.href = appSubUrl` in the codebase so you won't be
redirected immediately on logout. This is what I did in the following
gifs.

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-02-26 20:40:41 +08:00
KN4CK3R
1c6858543c
Integrate alpine noarch packages into other architectures index (#29137)
Fixes #26691
Revert #24972

The alpine package manager expects `noarch` packages in the index of
other architectures too.

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-02-25 15:10:55 +00:00
wxiaoguang
d2f6588b66
Remove incorrect and unnecessary Escape from templates (#29394)
Follow #29165

* some of them are incorrect, which would lead to double escaping (eg:
`(print (Escape $.RepoLink)`)
* other of them are not necessary, because `Tr` handles strings&HTML
automatically

Suggest to review by "unified view":
https://github.com/go-gitea/gitea/pull/29394/files?diff=unified&w=0
2024-02-25 14:02:20 +00:00
KN4CK3R
f79c9e817a
Use crypto/sha256 (#29386)
Go 1.21 improved the performance of `crypto/sha256`. It's now similar to
`minio/sha256-simd`, so we should just use the standard libs.

https://go.dev/doc/go1.21#crypto/sha256
https://go-review.googlesource.com/c/go/+/408795
https://github.com/multiformats/go-multihash/pull/173
2024-02-25 13:32:13 +00:00
KN4CK3R
ad0a34b492
Add io.Closer guidelines (#29387)
Co-authored-by: Yarden Shoham <git@yardenshoham.com>
2024-02-25 13:05:23 +00:00
wxiaoguang
f9207b0947
Refactor Safe modifier (#29392)
After this PR: no need to play with the Safe/Escape tricks anymore. See
the changes for more details.
2024-02-25 10:45:56 +00:00
wxiaoguang
1ef87773b1
Refactor modules/git global variables (#29376)
Move some global variables into a struct to improve maintainability
2024-02-25 05:35:47 +00:00
wxiaoguang
10c7996b5a
Remove RenderEmojiPlain from template helper (#29375)
RenderEmojiPlain(emoji.ReplaceAliases) should be called explicitly for
some contents, but not for everything.

Actually in modern days, in most cases it doesn't need such
"ReplaceAliases". So only keep it for issue/PR titles.

If anyone really needs to do ReplaceAliases for some contents, I will
propose a following fix.
2024-02-24 22:34:51 +00:00
KN4CK3R
4197e28100
Refactor git attributes (#29356) 2024-02-24 18:46:49 +00:00
wxiaoguang
29a26d9d8c
Customizable "Open with" applications for repository clone (#29320)
Users could customize the "clone" menu with their own application URLs on the admin panel.

Replace #22378
Close #21121
Close #22149
2024-02-24 13:12:17 +00:00
Zettat123
c42083a339
Allow non-admin users to delete review requests (#29057)
Fix #14459

The following users can add/remove review requests of a PR
- the poster of the PR
- the owner or collaborators of the repository
- members with read permission on the pull requests unit
2024-02-24 12:38:43 +00:00
KN4CK3R
553d46e6f6
Do not double close reader (#29354)
Fixes #29346

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-24 11:45:59 +00:00
Lunny Xiao
b79c30435f
Use the database object format name but not read from git repoisitory everytime and fix possible migration wrong objectformat when migrating a sha256 repository (#29294)
Now we can get object format name from git command line or from the
database repository table. Assume the column is right, we don't need to
read from git command line every time.

This also fixed a possible bug that the object format is wrong when
migrating a sha256 repository from external.

<img width="658" alt="image"
src="https://github.com/go-gitea/gitea/assets/81045/6e9a9dcf-13bf-4267-928b-6bf2c2560423">
2024-02-24 06:55:19 +00:00
6543
53c7d8908e
Make optional.Option[T] type serializable (#29282)
make the generic `Option` type de-/serializable for json and yaml

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-23 21:51:46 +00:00
KN4CK3R
2a278b996f
Add support for linguist-detectable and linguist-documentation (#29267)
Add support for `linguist-detectable` and `linguist-documentation`
Add tests for the attributes


https://github.com/github-linguist/linguist/blob/master/docs/overrides.md#detectable

https://github.com/github-linguist/linguist/blob/master/docs/overrides.md#documentation
2024-02-23 17:24:27 +00:00
Lunny Xiao
3ef6252e06
Allow options to disable user deletion from the interface on app.ini (#29275)
Extract from #20549

This PR added a new option on app.ini `[admin]USER_DISABLED_FEATURES` to
allow the site administrator to disable users visiting deletion user
interface or allow.
This options are also potentially allowed to define more features in
future PRs.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-23 07:24:04 +00:00
6543
7fbdb60fc1
Start to migrate from util.OptionalBool to optional.Option[bool] (#29329)
just create transition helper and migrate two structs
2024-02-23 02:18:33 +00:00
Earl Warren
b748d62b46
Add slow SQL query warning (#27545)
- Databases are one of the most important parts of Forgejo, every
interaction uses the database in one way or another. Therefore, it is
important to maintain the database and recognize when the server is not
doing well with the database. There already is the option to log *every*
SQL query along with its execution time, but monitoring becomes
impractical for larger instances and takes up unnecessary storage in the
logs.
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of
Codeberg, monitoring SQL logs is not very fruitful and most of them are
uninteresting. Recently, in the context of persistent deadlock issues
(https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that
certain queries hold locks on tables like comment and issue for several
seconds. This patch helps to identify which queries these are and when
they happen.
- Added unit test.

(cherry picked from commit 9cf501f1af4cd870221cef6af489618785b71186)

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: 6543 <6543@obermui.de>
2024-02-23 00:57:24 +00:00
Tim-Nicas Oelschläger
532e422027
Unify organizations header (#29248)
Unify organizations header

before:

![image](https://github.com/go-gitea/gitea/assets/72873130/74474e0d-33c3-4bbf-9324-d130ea2c62f8)

after:

![image](https://github.com/go-gitea/gitea/assets/72873130/1c65de0d-fa0f-4b17-ab8d-067de8c7113b)

---------

Co-authored-by: silverwind <me@silverwind.io>
2024-02-23 01:24:57 +01:00
Lunny Xiao
5ed17d9895
Ignore the linux anchor point to avoid linux migrate failure (#29295)
Fix #28843

This PR will bypass the pushUpdateTag to database failure when
syncAllTags. An error log will be recorded.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-02-22 17:40:53 +00:00
Zettat123
a4fe1cdf38
Improve the issue_comment workflow trigger event (#29277)
Fix #29175
Replace #29207

This PR makes some improvements to the `issue_comment` workflow trigger
event.

1. Fix the bug that pull requests cannot trigger `issue_comment`
workflows
2. Previously the `issue_comment` event only supported the `created`
activity type. This PR adds support for the missing `edited` and
`deleted` activity types.
3. Some events (including `issue_comment`, `issues`, etc. ) only trigger
workflows that belong to the workflow file on the default branch. This
PR introduces the `IsDefaultBranchWorkflow` function to check for these
events.
2024-02-22 22:47:35 +08:00
KN4CK3R
d6811baf88
Discard unread data of git cat-file (#29297)
Fixes #29101
Related #29298

Discard all read data to prevent misinterpreting existing data. Some
discard calls were missing in error cases.

---------

Co-authored-by: yp05327 <576951401@qq.com>
2024-02-22 03:48:19 +00:00
KN4CK3R
f74c869221
Prevent double use of git cat-file session. (#29298)
Fixes the reason why #29101 is hard to replicate.
Related #29297

Create a repo with a file with minimum size 4097 bytes (I use 10000) and
execute the following code:
```go
gitRepo, err := gitrepo.OpenRepository(db.DefaultContext, <repo>)
assert.NoError(t, err)

commit, err := gitRepo.GetCommit(<sha>)
assert.NoError(t, err)

entry, err := commit.GetTreeEntryByPath(<file>)
assert.NoError(t, err)

b := entry.Blob()

// Create a reader
r, err := b.DataAsync()
assert.NoError(t, err)
defer r.Close()

// Create a second reader
r2, err := b.DataAsync()
assert.NoError(t, err) // Should be no error but is ErrNotExist
defer r2.Close()
```

The problem is the check in `CatFileBatch`:

79217ea63c/modules/git/repo_base_nogogit.go (L81-L87)
`Buffered() > 0` is used to check if there is a "operation" in progress
at the moment. This is a problem because we can't control the internal
buffer in the `bufio.Reader`. The code above demonstrates a sequence
which initiates an operation for which the code thinks there is no
active processing. The second call to `DataAsync()` therefore reuses the
existing instances instead of creating a new batch reader.
2024-02-21 19:54:17 +01:00
wxiaoguang
6130522aa8
Refactor markup rendering to accept general "protocol:" prefix (#29276)
Follow #29024

Major changes:

* refactor validLinksPattern to fullURLPattern and add comments, now it
accepts "protocol:" prefix
* rename `IsLink*` to `IsFullURL*`, and remove unnecessray "mailto:"
check
* fix some comments (by the way)
* rename EmojiShortCodeRegex -> emojiShortCodeRegex (by the way)
2024-02-21 10:08:08 +00:00
wxiaoguang
7f45dfb030
Always write proc-receive hook for all git versions (#29287) 2024-02-21 07:01:48 +00:00
wxiaoguang
567a68a0bf
Remove DataRaceCheck (#29258)
Since #26254, it started using `{{ctx.Locale.Tr ...}}`

Now the `ctx` seems stable enough, so the check could be removed.
2024-02-19 11:25:58 +00:00
wxiaoguang
8be198cdef
Use general token signing secret (#29205)
Use a clearly defined "signing secret" for token signing.
2024-02-18 17:39:04 +00:00
wxiaoguang
4345cac529
Improve TrHTML and add more tests (#29228)
Follow #29165.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-18 12:15:24 +00:00
yp05327
1a6e1cbada
Implement some action notifier functions (#29173)
Fix #29166

Add support for the following activity types of `pull_request`
- assigned
- unassigned
- review_requested
- review_request_removed
- milestoned
- demilestoned
2024-02-18 10:58:46 +00:00
wxiaoguang
31bb9f3247
Refactor more code in templates (#29236)
Follow #29165. 

* Introduce JSONTemplate to help to render JSON templates
* Introduce JSEscapeSafe for templates. Now only use `{{ ... |
JSEscape}}` instead of `{{ ... | JSEscape | Safe}}`
* Simplify "UserLocationMapURL" useage
2024-02-18 10:52:02 +01:00
wxiaoguang
45c15387b2
Refactor JWT secret generating & decoding code (#29172)
Old code is not consistent for generating & decoding the JWT secrets.

Now, the callers only need to use 2 consistent functions:
NewJwtSecretWithBase64 and DecodeJwtSecretBase64

And remove a non-common function Base64FixedDecode from util.go
2024-02-16 15:18:30 +00:00
wxiaoguang
f3eb835886
Refactor locale&string&template related code (#29165)
Clarify when "string" should be used (and be escaped), and when
"template.HTML" should be used (no need to escape)

And help PRs like  #29059 , to render the error messages correctly.
2024-02-14 21:48:45 +00:00
techknowlogick
a346a8c852
bump to use go 1.22 (#29119) 2024-02-14 18:19:57 +00:00
wxiaoguang
d0183dfa49
Refactor git version functions and check compatibility (#29155)
Introduce a new function checkGitVersionCompatibility, when the git
version can't be used by Gitea, tell the end users to downgrade or
upgrade. The refactored functions are related to make the code easier to
test.

And simplify the comments for "safe.directory"

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-02-14 17:18:30 +00:00
Chris Copeland
47b5965862
Add merge style fast-forward-only (#28954)
With this option, it is possible to require a linear commit history with
the following benefits over the next best option `Rebase+fast-forward`:
The original commits continue existing, with the original signatures
continuing to stay valid instead of being rewritten, there is no merge
commit, and reverting commits becomes easier.

Closes #24906
2024-02-12 23:37:23 +01:00
Yarden Shoham
12865ae9c6
Add alert blocks in markdown (#29121)
- Follows https://github.com/go-gitea/gitea/pull/21711
- Closes https://github.com/go-gitea/gitea/issues/28316

Implement GitHub's alert blocks markdown feature

Docs:
-
https://docs.github.com/en/get-started/writing-on-github/getting-started-with-writing-and-formatting-on-github/basic-writing-and-formatting-syntax#alerts
- https://github.com/orgs/community/discussions/16925

### Before

![image](https://github.com/go-gitea/gitea/assets/20454870/14f7b02a-5de5-4fd0-8437-a055dadb31f2)

### After

![image](https://github.com/go-gitea/gitea/assets/20454870/ed06a869-e545-42f1-bf25-4ba20b1be196)

## ⚠️ BREAKING ⚠️

The old syntax no longer works

How to migrate:

If you used
```md
> **Note** My note
```

Switch to
```md
> [!NOTE]
> My note
```

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-02-10 18:43:09 +00:00
Lunny Xiao
92fda9c5a2
Disallow duplicate storage paths (#26484)
Replace #26380
2024-02-09 14:06:03 +00:00
wxiaoguang
a24e1da7e9
Refactor parseSignatureFromCommitLine (#29054)
Replace #28849. Thanks to @yp05327 for the looking into the problem.
Fix #28840

The old behavior of newSignatureFromCommitline is not right. The new
parseSignatureFromCommitLine:

1. never fails
2. only accept one format (if there is any other, it could be easily added)

And add some tests.
2024-02-09 11:02:53 +08:00
Lunny Xiao
8c6ffdac37
Remove unnecessary parameter (#29092)
The parameter extraConfigs has never been used anywhere. This PR just
removed it. It can be taken back once it's needed.
2024-02-08 12:31:38 +00:00
wxiaoguang
a4859dcfea
Improve user experience for outdated comments (#29050)
Try to improve #28949

1. Make `ctx.Data["ShowOutdatedComments"] = true` by default: it brings
consistent user experience, and sometimes the "outdated (source
changed)" comments are still valuable.
2. Show a friendly message if the comment won't show, then the end users
won't fell that "the comment disappears" (it is the special case when
`ShowOutdatedComments = false`)
2024-02-08 01:50:48 +00:00
dark-angel
5c0fc90872
fix: Elasticsearch: Request Entity Too Large #28117 (#29062)
Fix for gitea putting everything into one request without batching and
sending it to Elasticsearch for indexing as issued in #28117

This issue occured in large repositories while Gitea tries to 
index the code using ElasticSearch.

I've applied necessary changes that takes batch length from below config
(app.ini)
```
[queue.code_indexer]
BATCH_LENGTH=<length_int>
```
and batches all requests to Elasticsearch in chunks as configured in the
above config
2024-02-07 08:57:16 +00:00
wxiaoguang
2bac85dc33
Fix orgmode link resolving (#29024)
Fix #28974

Add some new tests and fix some legacy unclear tests.
2024-02-07 08:32:31 +00:00
Sergey Bugaev
2da233ad8b
Propagate install_if and provider_priority to APKINDEX (#28899)
Resolves https://github.com/go-gitea/gitea/issues/28704

Example of an entry in the generated `APKINDEX` file:

```
C:Q1xCO3H9LTTEbhKt9G1alSC87I56c=
P:hello
V:2.12-r1
A:x86_64
T:The GNU Hello program produces a familiar, friendly greeting
U:https://www.gnu.org/software/hello/
L:GPL-3.0-or-later
S:15403
I:36864
o:hello
m:
t:1705934118
D:so:libc.musl-x86_64.so.1
p:cmd:hello=2.12-r1
i:foobar=1.0 !baz
k:42
```

the `i:` and `k:` entries are new.

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-02-05 05:52:56 +00:00
Bram Hagens
50f55f11c4
Show whether a PR is WIP inside popups (#28975)
Fixes https://codeberg.org/forgejo/forgejo/issues/2257

Draft status of a PR is currently not exposed by the API. This PR adds a
'draft' field to pull requests in the API, which is used to correctly
set the PR color/icon in a ContextPopup.

---

Before:

![image](https://github.com/go-gitea/gitea/assets/5541521/72cbd30e-1175-4338-aa97-ac99c46c5118)

After:

![image](https://github.com/go-gitea/gitea/assets/5541521/111c9eba-460e-4d57-bcca-23a151c3a4f1)
2024-02-04 22:37:45 +00:00
KN4CK3R
f8b471ace1
Unify user update methods (#28733)
Fixes #28660
Fixes an admin api bug related to `user.LoginSource`
Fixed `/user/emails` response not identical to GitHub api

This PR unifies the user update methods. The goal is to keep the logic
only at one place (having audit logs in mind). For example, do the
password checks only in one method not everywhere a password is updated.

After that PR is merged, the user creation should be next.
2024-02-04 13:29:09 +00:00
silverwind
a6cea59514
Update tool dependencies (#29030) 2024-02-02 19:11:39 -05:00
yp05327
3aed8ae034
Fix default avatar image size in PR diff page (#28971)
Fix #28941

ps: didn't test. The repo is too big to migrate.
2024-02-02 10:01:11 +00:00
Zettat123
adc3598a75
Fix an actions schedule bug (#28942)
In #28691, schedule plans will be deleted when a repo's actions unit is
disabled. But when the unit is enabled, the schedule plans won't be
created again.

This PR fixes the bug. The schedule plans will be created again when the
actions unit is re-enabled
2024-01-31 14:55:12 +00:00
cchangwen
28fe3db1fb
Also match weakly validated ETags (#28957)
https://stackoverflow.com/questions/51973120/where-does-the-w-in-an-etag-appear-from

https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/ETag#

---------

Co-authored-by: delvh <dev.lh@web.de>
2024-01-29 16:18:40 +00:00
Lunny Xiao
34633d85f1
Fix bug for generated repository object format (#28969)
A repository generated from a template repository should have the same
git ObjectFormat.
2024-01-28 20:18:15 +00:00