mirror of
1
Fork 0
Commit Graph

3856 Commits

Author SHA1 Message Date
Loïc Dachary 1247056856
[SECURITY] default to pbkdf2 with 320,000 iterations
(cherry picked from commit 3ea0b287d7)
(cherry picked from commit db8392a8ac)
(cherry picked from commit bd2a5fa292)
(cherry picked from commit 2436acb3d9)
(cherry picked from commit 62f50e1c52)
(cherry picked from commit dba1892521)
(cherry picked from commit 4b58e3b6d4)
2023-04-11 23:38:23 +02:00
Leon Busch-George 7a8a4f5432
Prefer native parser for SSH public key parsing (#23798)
Without this patch, the setting SSH.StartBuiltinServer decides whether
the native (Go) implementation is used rather than calling 'ssh-keygen'.
It's possible for 'using ssh-keygen' and 'using the built-in server' to
be independent.
In fact, the gitea rootless container doesn't ship ssh-keygen and can be
configured to use the host's SSH server - which will cause the public
key parsing mechanism to break.

This commit changes the decision to be based on SSH.KeygenPath instead.
Any existing configurations with a custom KeygenPath set will continue
to function. The new default value of '' selects the native version. The
downside of this approach is that anyone who has relying on plain
'ssh-keygen' to have special properties will now be using the native
version instead.
I assume the exec-variant is only there because /x/crypto/ssh didn't
support ssh-ed25519 until 2016. I don't see any other reason for using
it so it might be an acceptable risk.

Fixes #23363

EDIT: this message was garbled when I tried to get the commit
description back in.. Trying to reconstruct it:

## ⚠️ BREAKING ⚠️ Users who don't have SSH.KeygenPath
explicitly set and rely on the ssh-keygen binary need to set
SSH.KeygenPath to 'ssh-keygen' in order to be able to continue using it
for public key parsing.

There was something else but I can't remember at the moment.

EDIT2: It was about `make test` and `make lint`. Can't get them to run.
To reproduce the issue, I installed `golang` in `docker.io/node:16` and
got:
```
...
go: mvdan.cc/xurls/v2@v2.4.0: unknown revision mvdan.cc/xurls/v2.4.0
go: gotest.tools/v3@v3.4.0: unknown revision gotest.tools/v3.4.0
...
go: gotest.tools/v3@v3.0.3: unknown revision gotest.tools/v3.0.3
...
go: error loading module requirements
```

Signed-off-by: Leon M. Busch-George <leon@georgemail.eu>
2023-04-11 14:34:28 +08:00
Yarden Shoham b7b5834831
Use auto-updating, natively hoverable, localized time elements (#23988)
- Added [GitHub's `relative-time` element](https://github.com/github/relative-time-element)
- Converted all formatted timestamps to use this element
- No more flashes of unstyled content around time elements
- These elements are localized using the `lang` property of the HTML file
- Relative (e.g. the activities in the dashboard) and duration (e.g.
server uptime in the admin page) time elements are auto-updated to keep
up with the current time without refreshing the page
- Code that is not needed anymore such as `formatting.js` and parts of `since.go` have been deleted

Replaces #21440
Follows #22861

## Screenshots

### Localized

![image](https://user-images.githubusercontent.com/20454870/230775041-f0af4fda-8f6b-46d3-b8e3-d340c791a50c.png)

![image](https://user-images.githubusercontent.com/20454870/230673393-931415a9-5729-4ac3-9a89-c0fb5fbeeeb7.png)

### Tooltips

#### Native for dates

![image](https://user-images.githubusercontent.com/20454870/230797525-1fa0a854-83e3-484c-9da5-9425ab6528a3.png)

#### Interactive for relative

![image](https://user-images.githubusercontent.com/115237/230796860-51e1d640-c820-4a34-ba2e-39087020626a.png)

### Auto-update

![rec](https://user-images.githubusercontent.com/20454870/230672159-37480d8f-435a-43e9-a2b0-44073351c805.gif)

---------

Signed-off-by: Yarden Shoham <git@yardenshoham.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
2023-04-11 01:01:20 +02:00
wxiaoguang 4e33481357
Make label templates have consistent behavior and priority (#23749)
Fix https://github.com/go-gitea/gitea/issues/23715

Other related PRs:

* #23717
* #23716
* #23719

This PR is different from others, it tries to resolve the problem fundamentally (and brings more benefits)

Although it looks like some more lines are added, actually many new lines are for tests.

----

Before, the code was just "guessing" the file type and try to parse them.

<details>

![image](https://user-images.githubusercontent.com/2114189/228002245-57d58e27-1078-4da9-bf42-5bc0b264c6ce.png)

</details>

This PR:

* Always remember the original option file names, and always use correct parser for them.

* Another benefit is that we can sort the Label Templates now (before there was a map, its key order is undefined)

![image](https://user-images.githubusercontent.com/2114189/228002432-931b9f18-3908-484b-a36b-04760c9ad132.png)
2023-04-10 16:44:02 +08:00
wxiaoguang 94fde46151
Make bindata static build parse builtin templates correctly (#24003)
Close #24002


Two problems before:

1. The `log.Fatal` is missing after these `wrapFatal` calls, so the
error is not shown to users.
2. `GetTemplateAssetNames` has different behaviors for local files and
builtin assets, for builtin assets, it also returns directories, so we
need to check the extension again.

I have tested with `TAGS="bindata sqlite sqlite_unlock_notify" make
build && ./gitea` , it works well now. Before, the server responds
internal server error (because it doesn't complete the template parsing)
2023-04-08 21:56:50 +08:00
wxiaoguang fdbd646113
Group template helper functions, remove `Printf`, improve template error messages (#23982)
Follow #23328 


Major changes:

* Group the function in `templates/help.go` by their purposes. It could
make future work easier.
* Remove the `Printf` helper function, there is already a builtin
`printf`.
* Remove `DiffStatsWidth`, replace with `Eval` in template
* Rename the `NewTextFuncMap` to `mailSubjectTextFuncMap`, it's for
subject text template only, no need to make it support HTML functions.


----

And fine tune template error messages, to make it more friendly to
developers and users.


![image](https://user-images.githubusercontent.com/2114189/230714245-4fd202d1-2b25-41b2-8be5-03c5fee45091.png)


![image](https://user-images.githubusercontent.com/2114189/230714277-66783577-2a03-49d5-8e8c-ceba5e07a2d4.png)

---------

Co-authored-by: silverwind <me@silverwind.io>
2023-04-08 21:15:22 +08:00
wxiaoguang 8f00979f73
Drop "unrolled/render" package (#23965)
None of the features of `unrolled/render` package is used. 

The Golang builtin "html/template" just works well. Then we can improve
our HTML render to resolve the "$.root.locale.Tr" problem as much as
possible.

Next step: we can have a template render pool (by Clone), then we can
inject global functions with dynamic context to every `Execute` calls.
Then we can use `{{Locale.Tr ....}}` directly in all templates , no need
to pass the `$.root.locale` again and again.
2023-04-08 14:21:50 +08:00
wxiaoguang 97d5ec2aeb
Use Get/Set instead of Rename when Regenerate session id (#23975)
Do not use Rename here, because the old sid and new sid may be in
different redis cluster slot.

Fix #23869
2023-04-07 18:11:24 +02:00
yp05327 26a0cd7143
Allow repo admins too to delete the repo (#23940)
Fixes https://github.com/go-gitea/gitea/issues/23934

We need to check `AccessModeAdmin` in `CanUserDelete` instead of
`AccessModeOwner`
2023-04-07 11:21:02 -04:00
wxiaoguang 36c0840cf1
Merge template functions "dict/Dict/mergeinto" (#23932)
One of the steps in #23328


Before there were 3 different but similar functions: dict/Dict/mergeinto

The code was just copied & pasted, no test.

This PR defines a new stable `dict` function, it covers all the 3 old
functions behaviors, only +160 -171


Future developers do not need to think about or guess the different dict
functions, just use one: `dict`

Why use `dict` but not `Dict`? Because there are far more `dict` than
`Dict` in code already ......
2023-04-07 09:39:08 -05:00
wxiaoguang 5b89670a31
Use a general Eval function for expressions in templates. (#23927)
One of the proposals in #23328

This PR introduces a simple expression calculator
(templates/eval/eval.go), it can do basic expression calculations.

Many untested template helper functions like `Mul` `Add` can be replaced
by this new approach.

Then these `Add` / `Mul` / `percentage` / `Subtract` / `DiffStatsWidth`
could all use this `Eval`.

And it provides enhancements for Golang templates, and improves
readability.

Some examples:

----

* Before: `{{Add (Mul $glyph.Row 12) 12}}`
* After: `{{Eval $glyph.Row "*" 12 "+" 12}}`

----

* Before: `{{if lt (Add $i 1) (len $.Topics)}}`
* After: `{{if Eval $i "+" 1 "<" (len $.Topics)}}`

## FAQ

### Why not use an existing expression package?

We need a highly customized expression engine:

* do the calculation on the fly, without pre-compiling
* deal with int/int64/float64 types, to make the result could be used in
Golang template.
* make the syntax could be used in the Golang template directly
* do not introduce too much complex or strange syntax, we just need a
simple calculator.
* it needs to strictly follow Golang template's behavior, for example,
Golang template treats all non-zero values as truth, but many 3rd
packages don't do so.

### What's the benefit?

* Developers don't need to add more `Add`/`Mul`/`Sub`-like functions,
they were getting more and more.
Now, only one `Eval` is enough for all cases.
* The new code reads better than old `{{Add (Mul $glyph.Row 12) 12}}`,
the old one isn't familiar to most procedural programming developers
(eg, the Golang expression syntax).
* The `Eval` is fully covered by tests, many old `Add`/`Mul`-like
functions were never tested.

### The performance?

It doesn't use `reflect`, it doesn't need to parse or compile when used
in Golang template, the performance is as fast as native Go template.

### Is it too complex? Could it be unstable?

The expression calculator program is a common homework for computer
science students, and it's widely used as a teaching and practicing
purpose for developers. The algorithm is pretty well-known.

The behavior can be clearly defined, it is stable.
2023-04-07 21:25:49 +08:00
Jason Song ecf34fcd89
Do not crash when parsing an invalid workflow file (#23972)
Fix #23658.

Related to https://gitea.com/gitea/act/pulls/39
2023-04-07 20:12:10 +08:00
silverwind ca5722a0fa
Ensure RSS icon is present on all repo tabs (#23904)
Previously, not all repo tabs had shown the RSS icon in the repo header
because the context data was not being set. Added this context data in a
new function.

Before:

<img width="806" alt="image"
src="https://user-images.githubusercontent.com/115237/229639615-9cc00e75-3a26-4ff4-a6f2-316c1fccc596.png">

After:

<img width="815" alt="Screenshot 2023-04-04 at 00 16 17"
src="https://user-images.githubusercontent.com/115237/229639201-2e1c015b-1f13-46d4-aa14-e7a82fab3982.png">

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2023-04-07 16:48:23 +08:00
wxiaoguang ff2f479a4b
Clean template/helper.go (#23922)
The first step of #23328

This PR cleans:

1. Dead function like `SubStr`
2. Unnecessary function like `UseHTTPS`, it should be provided by
`window.origin`
3. Duplicate function like `IsShowFullName`, there was already a
`DeafultShowFullName`

I have searched these removed functions globally, no use in code.
2023-04-07 03:31:41 -04:00
ChristopherHX 17623bba0d
Remove `Repository.getFilesChanged` to fix Actions `paths` and `paths-ignore` filter (#23920)
Remove the misbehaving function and call
Repository.GetFilesChangedBetween instead.

Fixes #23919

---

~~_TODO_ test this~~ `Repository.getFilesChanged` seems to be only used
by Gitea Actions, but a similar function already exists

**Update** I tested this change and the issue is gone.
2023-04-07 14:42:43 +08:00
Yoan Blanc 9b416b2e36
Use graceful editorconfig loader to reduce errors when loading malformed editorconfigs (#21257)
The _graceful_ should fail less when the `.editorconfig` file isn't
properly written, e.g. boolean values from YAML or unparseable numbers
(when a number is expected). As is... information is lost as the
_warning_ (a go-multierror.Error) is ignored. If anybody knows how to
send them to the UI as warning; any help is appreciated.

Closes #20694

Signed-off-by: Yoan Blanc <yoan@dosimple.ch>
2023-04-06 16:01:20 -04:00
yp05327 bbf83f5d4b
Improve permission check of packages (#23879)
At first, we have one unified team unit permission which is called
`Team.Authorize` in DB.
But since https://github.com/go-gitea/gitea/pull/17811, we allowed
different units to have different permission.

The old code is only designed for the old version. So after #17811, if
org users have write permission of other units, but have no permission
of packages, they can also get write permission of packages.

Co-authored-by: delvh <dev.lh@web.de>
2023-04-06 22:18:29 +08:00
Zettat123 6b0df6d8da
Add activity feeds API (#23494)
Close #5666

Add APIs for getting activity feeds.
2023-04-04 21:35:31 +08:00
wxiaoguang 5fc9929da7
Fix `cases.Title` crash for concurrency (#23885)
Regression of #19676 and #21814

Fix #23872

`cases.Title` is not thread-safe, it has internal state, so it can't be
used as a global shared variable.
2023-04-03 18:03:45 -04:00
wxiaoguang 19de52e0f4
Introduce GiteaLocaleNumber custom element to handle number localization on pages. (#23861)
Follow #21429 & #22861

Use `<gitea-locale-number>` instead of backend `PrettyNumber`. All old
`PrettyNumber` related functions are removed. A lot of code could be
simplified.

And some functions haven't been used for long time (dead code), so they
are also removed by the way (eg: `SplitStringAtRuneN`, `Dedent`)

This PR only tries to improve the `PrettyNumber` rendering problem, it
doesn't touch the "plural" problem.

Screenshot:


![image](https://user-images.githubusercontent.com/2114189/229290804-1f63db65-1e34-4a54-84ba-e00b44331b17.png)


![image](https://user-images.githubusercontent.com/2114189/229290911-c88dea00-b11d-48dd-accb-9f52edd73ce4.png)
2023-04-03 12:58:09 -04:00
Hester Gong ca905b82df
Append `(comment)` when a link points at a comment rather than the whole issue (#23734)
Close #23671 

For the feature mentioned above, this PR append ' (comment)' to the
rendered html if it is a hashcomment.
After the PR, type in the following

```
pull request from other repo:
http://localhost:3000/testOrg/testOrgRepo/pulls/2

pull request from this repo:
http://localhost:3000/aaa/testA/pulls/2

issue comment from this repo:
http://localhost:3000/aaa/testA/issues/1#issuecomment-18

http://localhost:3000/aaa/testA/pulls/2#issue-9

issue comment from other repo:
http://localhost:3000/testOrg/testOrgRepo/pulls/2#issuecomment-24

http://localhost:3000/testOrg/testOrgRepo/pulls/2#issue
```
Gives:
<img width="687" alt="截屏2023-03-27 13 53 06"
src="https://user-images.githubusercontent.com/17645053/227852387-2b218e0d-3468-4d90-ad81-d702ddd17fd2.png">



Other than the above feature, this PR also includes two other changes:

1 Right now, the render of links from file changed tab in pull request
might not be very proper, for example, if type in the following. (not
sure if this is an issue or design, if not an issue, I will revert the
changes). example on
[try.gitea.io](https://try.gitea.io/HesterG/testrepo/pulls/1)
```
https://try.gitea.io/HesterG/testrepo/pulls/1/files#issuecomment-162725
https://try.gitea.io/HesterG/testrepo/pulls/1/files
```
it will render the following 
<img width="899" alt="截屏2023-03-24 15 41 37"
src="https://user-images.githubusercontent.com/17645053/227456117-5eccedb7-9118-4540-929d-aee9a76de852.png">

In this PR, skip processing the link into a ref issue if it is a link
from files changed tab in pull request

After:
type in following
```
hash comment on files changed tab:
http://localhost:3000/testOrg/testOrgRepo/pulls/2/files#issuecomment-24

files changed link:
http://localhost:3000/testOrg/testOrgRepo/pulls/2/files
```
Gives

<img width="708" alt="截屏2023-03-27 22 09 02"
src="https://user-images.githubusercontent.com/17645053/227964273-5dc06c50-3713-489c-b05d-d95367d0ab0f.png">

2 Right now, after editing the comment area, there will not be tippys
attached to `ref-issue`; and no tippy attached on preview as well.
example:

https://user-images.githubusercontent.com/17645053/227850540-5ae34e2d-b1d7-4d0d-9726-7701bf825d1f.mov

In this PR, in frontend, make sure tippy is added after editing the
comment, and to the comment on preview tab
After:

https://user-images.githubusercontent.com/17645053/227853777-06f56b4c-1148-467c-b6f7-f79418e67504.mov
2023-04-03 16:02:57 +08:00
KN4CK3R fbd4eaceed
Display image size for multiarch container images (#23821)
Fixes #23771

Changes the display of different architectures for multiarch images to
show the image size:

![grafik](https://user-images.githubusercontent.com/1666336/228781477-cc76c4d1-4728-434f-8a27-fc008790d924.png)
2023-04-02 17:53:37 +08:00
wxiaoguang 78046e5137
Fix incorrect CORS failure detection logic (#23844)
Regression of #23495

Fixes #23838
Fixes #23850
2023-03-31 11:35:48 -04:00
wxiaoguang 288c2e8c48
Clarify Gitea/Crowdin locale behaviors, add tests for LocaleStore, fix some strings with semicolons (#23819)
Follow #23633 and #23240

Close #23814

Now we almost have a complete test set for Gitea's LocalStore.

This PR is still a quick fix for the legacy locale system (see the
TODOs), to resolve the problems fundamentally, it needs more work in the
future.
2023-03-31 12:16:41 +08:00
Jason Song 964a057a76
Fix checks for `needs` in Actions (#23789)
Fix:
- https://gitea.com/gitea/act_runner/issues/77
- https://gitea.com/gitea/act_runner/issues/81

Before:
<img width="1489" alt="image"
src="https://user-images.githubusercontent.com/9418365/228501567-f752cf87-a7ed-42c6-8f3d-ba741795c1fe.png">

Highlights:
- Upgrade act to make things doable, related to
  - https://gitea.com/gitea/act/pulls/32
  - https://gitea.com/gitea/act/pulls/33
  - https://gitea.com/gitea/act/pulls/35
- Make `needs` works
- Sort jobs in the original order in the workflow files
2023-03-30 22:33:17 +08:00
wxiaoguang e57e1144c5
Add ONLY_SHOW_RELEVANT_REPOS back, fix explore page bug, make code more strict (#23766)
Follow #21962

After I eat my own dogfood, I would say that
ONLY_SHOW_RELEVANT_REPOS=false is necessary for many private/enterprise
instances, because many private repositories do not have
"description/topic", users just want to search by their names.

This PR also adds `PageIsExploreRepositories` check, to make code more
strict, because the `search` template is shared for different purpose.

And during the test, I found a bug that the "Search" button didn't
respect the "relevant" parameter, so this PR fixes the bug by the way
together.

I think this PR needs to be backported.
2023-03-29 08:41:45 -05:00
wxiaoguang f4538791f5
Refactor internal API for git commands, use meaningful messages instead of "Internal Server Error" (#23687)
# Why this PR comes

At first, I'd like to help users like #23636 (there are a lot)

The unclear "Internal Server Error" is quite anonying, scare users,
frustrate contributors, nobody knows what happens.

So, it's always good to provide meaningful messages to end users (of
course, do not leak sensitive information).

When I started working on the "response message to end users", I found
that the related code has a lot of technical debt. A lot of copy&paste
code, unclear fields and usages.

So I think it's good to make everything clear.

# Tech Backgrounds

Gitea has many sub-commands, some are used by admins, some are used by
SSH servers or Git Hooks. Many sub-commands use "internal API" to
communicate with Gitea web server.

Before, Gitea server always use `StatusCode + Json "err" field` to
return messages.

* The CLI sub-commands: they expect to show all error related messages
to site admin
* The Serv/Hook sub-commands (for git clients): they could only show
safe messages to end users, the error log could only be recorded by
"SSHLog" to Gitea web server.

In the old design, it assumes that:

* If the StatusCode is 500 (in some functions), then the "err" field is
error log, shouldn't be exposed to git client.
* If the StatusCode is 40x, then the "err" field could be exposed. And
some functions always read the "err" no matter what the StatusCode is.

The old code is not strict, and it's difficult to distinguish the
messages clearly and then output them correctly.

# This PR

To help to remove duplicate code and make everything clear, this PR
introduces `ResponseExtra` and `requestJSONResp`.

* `ResponseExtra` is a struct which contains "extra" information of a
internal API response, including StatusCode, UserMsg, Error
* `requestJSONResp` is a generic function which can be used for all
cases to help to simplify the calls.
* Remove all `map["err"]`, always use `private.Response{Err}` to
construct error messages.
* User messages and error messages are separated clearly, the `fail` and
`handleCliResponseExtra` will output correct messages.
* Replace all `Internal Server Error` messages with meaningful (still
safe) messages.

This PR saves more than 300 lines, while makes the git client messages
more clear.

Many gitea-serv/git-hook related essential functions are covered by
tests.

---------

Co-authored-by: delvh <dev.lh@web.de>
2023-03-29 14:32:26 +08:00
techknowlogick 92c160d8e7
Add meilisearch support (#23136)
Add meilisearch support

Fixes #20665
2023-03-28 22:23:23 -04:00
JakobDev f384b13f1c
Implement Issue Config (#20956)
Closes #20955

This PR adds the possibility to disable blank Issues, when the Repo has
templates. This can be done by creating the file
`.gitea/issue_config.yaml` with the content `blank_issues_enabled` in
the Repo.
2023-03-28 14:22:07 -04:00
qwerty287 3cab9c6b0c
Add API to manage issue dependencies (#17935)
Adds API endpoints to manage issue/PR dependencies
* `GET /repos/{owner}/{repo}/issues/{index}/blocks` List issues that are
blocked by this issue
* `POST /repos/{owner}/{repo}/issues/{index}/blocks` Block the issue
given in the body by the issue in path
* `DELETE /repos/{owner}/{repo}/issues/{index}/blocks` Unblock the issue
given in the body by the issue in path
* `GET /repos/{owner}/{repo}/issues/{index}/dependencies` List an
issue's dependencies
* `POST /repos/{owner}/{repo}/issues/{index}/dependencies` Create a new
issue dependencies
* `DELETE /repos/{owner}/{repo}/issues/{index}/dependencies` Remove an
issue dependency

Closes https://github.com/go-gitea/gitea/issues/15393
Closes #22115

Co-authored-by: Andrew Thornton <art27@cantab.net>
2023-03-28 13:23:25 -04:00
wxiaoguang 5727056ea1
Make minio package support legacy MD5 checksum (#23768)
A feedback from discord:
https://discord.com/channels/322538954119184384/561007778139734027/1090185427115319386

Some storages like:

 * https://developers.cloudflare.com/r2/api/s3/api/
 * https://www.backblaze.com/b2/docs/s3_compatible_api.html

They do not support "x-amz-checksum-algorithm" header

But minio recently uses that header with CRC32C by default. So we have
to tell minio to use legacy MD5 checksum.

I guess this needs to be backported because IIRC we 1.19 and 1.20 are
using similar minio package.


The minio package code for SendContentMD5 looks like this:

<details>

<img width="755" alt="image"
src="https://user-images.githubusercontent.com/2114189/228186768-4f2f6f67-62b9-4aee-9251-5af714ad9674.png">

</details>
2023-03-28 11:10:24 -04:00
ChristopherHX 6840258c95
Use GitHub Actions compatible globbing for `branches`, `tag`, `path` filter (#22804)
Replaces the current globbing library with a
https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#filter-pattern-cheat-sheet
compatible one.

This adds support for
- `paths-ignore`, `tags-ignore` and `branches-ignore` filters.
- negative patterns in `paths`, `tags` and `branches` filters
- using both `tags` and `paths` filter on the push event

Original PR https://gitea.com/gitea/act/pulls/13.
nektos/act PR https://github.com/nektos/act/pull/1618 for the
workflowpattern package (It can take some months for it to appear in
https://gitea.com/gitea/act)

Related to https://github.com/go-gitea/gitea/issues/13539
2023-03-27 16:27:40 +08:00
wxiaoguang 0df81b9e0d
Add git dashes separator to some "log" and "diff" commands (#23606)
Reference:
https://github.com/go-gitea/gitea/issues/22578#issuecomment-1444180053

Credits to @tdesveaux , thank you very much for catching the problem. If
you'd like to open a PR, feel free to replace this one.

Git reports fatal errors for ambiguous arguments:

```
fatal: ambiguous argument 'refs/a...refs/b': unknown revision or path not in the working tree.
        Use '--' to separate paths from revisions, like this:
        'git <command> [<revision>...] -- [<file>...]'
```

So the `--` separator is necessary in some cases.
2023-03-26 19:31:21 +01:00
wxiaoguang 8d5fbeb7a2
Use data-tooltip-content for tippy tooltip (#23649)
Follow:
* #23574
* Remove all ".tooltip[data-content=...]"

Major changes:

* Remove "tooltip" class, use "[data-tooltip-content=...]" instead of
".tooltip[data-content=...]"
* Remove legacy `data-position`, it's dead code since last Fomantic
Tooltip -> Tippy Tooltip refactoring
* Rename reaction attribute from `data-content` to
`data-reaction-content`
* Add comments for some `data-content`: `{{/* used by the form */}}`
* Remove empty "ui" class
* Use "text color" for SVG icons (a few)
2023-03-24 18:35:38 +08:00
Brecht Van Lommel 84daddc2fa
Editor preview support for external renderers (#23333)
Remove `[repository.editor] PREVIEWABLE_FILE_MODES` setting that seemed
like it was intended to support this but did not work. Instead, whenever
viewing a file shows a preview, also have a Preview tab in the file
editor.

Add new `/markup` web and API endpoints with `comment`, `gfm`,
`markdown` and new `file` mode that uses a file path to determine the
renderer.

Remove `/markdown` web endpoint but keep the API for backwards and
GitHub compatibility.

## ⚠️ BREAKING ⚠️

The `[repository.editor] PREVIEWABLE_FILE_MODES` setting was removed.
This setting served no practical purpose and was not working correctly.
Instead a preview tab is always shown in the file editor when supported.

---------

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-24 14:12:23 +08:00
Zettat123 df411819eb
Check LFS/Packages settings in dump and doctor command (#23631)
Close #23622 

As described in the issue, disabling the LFS/Package settings will cause
errors when running `gitea dump` or `gitea doctor`. We need to check the
settings and the related operations should be skipped if the settings
are disabled.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-23 20:30:28 +08:00
Zettat123 e7f0bcf884
Improve workflow event triggers (#23613)
Follow #23037 
Fix [#22598
comment](https://github.com/go-gitea/gitea/issues/22958#issuecomment-1475763042)

Workflows with `pull_request` trigger event can't be triggered by
`pull_request_sync` event. This PR adds the `canGithubEventMatch`
function to check if a Github event can match any Gitea event. If the
Github event matches a Gitea event, the related workflows should be
triggered.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2023-03-23 12:04:15 +08:00
wxiaoguang ce9dee5a1e
Introduce path Clean/Join helper functions (#23495)
Since #23493 has conflicts with latest commits, this PR is my proposal
for fixing #23371

Details are in the comments

And refactor the `modules/options` module, to make it always use
"filepath" to access local files.

Benefits:

* No need to do `util.CleanPath(strings.ReplaceAll(p, "\\", "/"))),
"/")` any more (not only one before)
* The function behaviors are clearly defined
2023-03-21 16:02:49 -04:00
wxiaoguang a797b8458e
Keep (add if not existing) xmlns attribute for generated SVG images (#23410)
Fix #23409 

Developers could browse & preview the local SVG images files directly.

It still has clear output.

![image](https://user-images.githubusercontent.com/2114189/224317107-f4b26c76-e36a-4e80-9eee-d8dc2e16421f.png)


![image](https://user-images.githubusercontent.com/2114189/224317527-2d4ca131-978c-4933-b071-4bae483f06e1.png)

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <leon@kske.dev>
2023-03-21 13:39:27 +08:00
zeripath 8f3aaef374
Improve template error reporting (#23396)
There are multiple duplicate reports of errors during template rendering
due to broken custom templates.

Unfortunately the error returned here is somewhat difficult for users to
understand and it doesn't return the context of the error.

This PR attempts to parse the error returned by the template renderer to
add in some further context including the filename of the template AND
the preceding lines within that template file.

Ref #23274

---------

Signed-off-by: Andrew Thornton <art27@cantab.net>
2023-03-20 15:56:48 -05:00
silverwind af3711100a
Add `.patch` to `attachment.ALLOWED_TYPES` (#23580) 2023-03-19 15:58:43 -04:00
Zettat123 46addc1f93
Return `repository` in npm package metadata endpoint (#23539)
Close #23444 

Add `Repository` to npm package `Metadata` struct so the `repository` in
`package.json` can be stored and be returned in the endpoint.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-03-17 14:39:19 -04:00
silverwind 272cf6a2a9
Make time tooltips interactive (#23526)
Fixes https://codeberg.org/forgejo/forgejo/issues/511

<img width="379" alt="Screenshot 2023-03-16 at 20 23 10"
src="https://user-images.githubusercontent.com/115237/225731294-4c6e4f44-bdcc-4c8c-86e2-49f7c03b377d.png">
2023-03-16 15:40:56 -05:00
James Cleverley-Prance 574d8fe6d6
Add absent repounits to create/edit repo API (#23500)
Adds the ability to enable/disable Actions, Packages and Releases from
the API, via the Edit and Get Repository API endpoints.
2023-03-16 12:30:42 -05:00
Hester Gong 8d9f8e10b1
Fix tags sort by creation time (descending) on branch/tag dropdowns (#23491)
This PR fixes the tags sort issue mentioned in #23432
The tags on dropdown shoud be sorted in descending order of time but are
not. Because when getting tags, it execeutes `git tag sort
--sort=-taggerdate`. Git supports two types of tags: lightweight and
annotated, and `git tag sort --sort=-taggerdate` dosen't work with
lightweight tags, which will not give correct result. This PR add
`GetTagNamesByRepoID ` to get tags from the database so the tags are
sorted.

Also adapt this change to the droplist when comparing branches. 

Dropdown places:

<img width="369" alt="截屏2023-03-15 14 25 39"
src="https://user-images.githubusercontent.com/17645053/225224506-65a72e50-4c11-41d7-8187-a7e9c7dab2cb.png">

<img width="675" alt="截屏2023-03-15 14 25 27"
src="https://user-images.githubusercontent.com/17645053/225224526-65ce8008-340c-43f6-aa65-b6bd9e1a1bf1.png">
2023-03-16 12:01:10 -05:00
Hester Gong 661e78bed5
Allow both fullname and username search when `DEFAULT_SHOW_FULL_NAME` is true (#23463)
This PR adds the ability to search both fullname and username for
assignees, reviewers and author search boxes when the config
[`DEFAULT_SHOW_FULL_NAME`](6ff5400af9/custom/conf/app.example.ini (L1238))
in `app.ini` is set to `true`. Which is originally raised
[here](https://projects.blender.org/infrastructure/blender-projects-platform/issues/14)
And if `DEFAULT_SHOW_FULL_NAME` is set to `false`(default value), these
search boxes will only show username.

Example:
When `DEFAULT_SHOW_FULL_NAME = true`

<img width="1220" alt="截屏2023-03-14 14 28 06"
src="https://user-images.githubusercontent.com/17645053/224914546-80ef2837-ab72-4d66-9f00-6eb77ed4baaa.png">

When `DEFAULT_SHOW_FULL_NAME = false` (default value)

<img width="1243" alt="截屏2023-03-14 14 29 37"
src="https://user-images.githubusercontent.com/17645053/224914798-f69ec8a2-0929-4330-827c-3e30188f9b47.png">


The specific search boxes that adapts these changes include:
1. Author, Assignee search boxes in pull requests tab and issues tab in
repository
<img width="1283" alt="截屏2023-03-14 14 35 01"
src="https://user-images.githubusercontent.com/17645053/224916250-8e452525-71d6-4b48-bf1c-bf7a176abaaa.png">

2. Assigee and Author on milestones issue page (Added missing search box
for author here)
<img width="1261" alt="截屏2023-03-14 14 38 20"
src="https://user-images.githubusercontent.com/17645053/224916569-d3105619-7824-4bb8-a6d0-1a600eaa9963.png">

3. Assignee on issues and PR Sidebar, Reviewer on PR Sidebar
<img width="976" alt="截屏2023-03-14 14 41 06"
src="https://user-images.githubusercontent.com/17645053/224917431-c45d821e-9660-4f58-a196-5979a0bb64ce.png">

<img width="1027" alt="截屏2023-03-14 14 41 58"
src="https://user-images.githubusercontent.com/17645053/224917290-ad4dbc52-0c20-45c4-9fce-9dcd59ad7d47.png">

4. Assignee when creating new issue
<img width="961" alt="截屏2023-03-14 14 44 33"
src="https://user-images.githubusercontent.com/17645053/224917694-34bee5a7-e975-4f37-8862-56ebc2556808.png">

5. Whitelisted users for pushing, Whitelisted users for merging and
Whitelisted reviewers in Protected branch settings
<img width="920" alt="截屏2023-03-14 14 48 56"
src="https://user-images.githubusercontent.com/17645053/224918551-9b46b44e-b075-4895-8d33-1aafc7d3c8e5.png">
<img width="901" alt="截屏2023-03-14 14 49 02"
src="https://user-images.githubusercontent.com/17645053/224918584-efa66f23-a593-4e26-a3eb-bb1fbc5516ae.png">
<img width="944" alt="截屏2023-03-14 14 49 21"
src="https://user-images.githubusercontent.com/17645053/224918591-be60455d-0513-4f66-84f6-b5e1bc40ff91.png">


6.  "Allowed users" in tags settings
<img width="935" alt="截屏2023-03-14 14 50 11"
src="https://user-images.githubusercontent.com/17645053/224918701-797699aa-c7e5-4290-b3fe-27dcead1c6c7.png">
2023-03-16 11:32:25 -05:00
Kirill Bolashev 4938945668
Handle files starting with colons in WalkGitLog (#22935)
Currently gitea shows no commit information for files starting with a
colon.

[I set up a minimal repro repository that reproduces this error once
it's migrated on gitea](https://github.com/kbolashev/colon-test)

<img width="1209" alt="image"
src="https://user-images.githubusercontent.com/111061261/219326625-0e6d3a86-8b58-4d67-bc24-8a78963f36b9.png">

This is happening because the filenames piped to the `git log` command
are written as is, and it doesn't work when you have a colon at the
start of the filename, and you need to escape it.


You can test it locally,  if you do
```
mkdir repo
git init
touch :file 
git add . && git commit -m "Add file with colon"
git log -- :file 
```
git log returns nothing. However, if you do `git log -- "\:file"`, it
will show the commit with the file change.

This PR escapes the starting colons in paths in the `LogNameStatusRepo`
function, making gitea return commit info about the file with the bad
filename.

<img width="1209" alt="image"
src="https://user-images.githubusercontent.com/111061261/219328299-46451246-4006-45e3-89b1-c244635ded23.png">

This error shows up only with files starting with colon, anywhere else
in filename is ok. Dashes at the beginning also seem to be working.
I don't know gitea internals well enough to know where else this error
can pop up, so I'm keeping this PR small as suggested by your
contributor guide
2023-03-16 11:03:04 -05:00
Lunny Xiao 623a539f23
Move pidfile creation from setting to web cmd package (#23285)
Creating pid file should not belong to setting package and only web
command needs that. So this PR moves pidfile creation from setting
package to web command package to keep setting package more readable.

I marked this as `break` because the PIDFile path moved. For those who
have used the pid build argument, it has to be changed.

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2023-03-16 15:22:54 +08:00
techknowlogick 32204fcf8b
test_env: hardcode major go version in use (#23464)
hardcode the version of test_env we use in docker, so that we can use
different major versions of golang between versions of Gitea

---------

Co-authored-by: Lauris BH <lauris@nix.lv>
2023-03-14 16:09:01 -04:00
Lunny Xiao 8e40634797
Convert GitHub event on actions and fix some pull_request events. (#23037)
Follow #22680

Partially Fix #22958, on pull_request, `opened`, `reopened`,
`synchronize` supported, `edited` hasn't been supported yet because
Gitea doesn't trigger that events.

---------

Co-authored-by: yp05327 <576951401@qq.com>
2023-03-14 20:50:51 +08:00