Earl Warren
f3045f0519
fix(security): CVE-2024-24788 malformed DNS message
...
Refs: https://pkg.go.dev/vuln/GO-2024-2824
2024-05-08 14:25:08 +02:00
Earl Warren
a2c8fe0370
Merge pull request '[gitea] week 2024-19 cherry pick (gitea-github/main -> forgejo)' ( #3639 ) from earl-warren/wcp/2024-19 into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3639
Reviewed-by: Gergely Nagy <algernon@noreply.codeberg.org>
2024-05-07 22:47:53 +00:00
Earl Warren
99d1ae52fc
Merge pull request 'Update module github.com/PuerkitoBio/goquery to v1.9.2' ( #3634 ) from renovate/github.com-puerkitobio-goquery-1.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3634
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-05-07 11:28:32 +00:00
Michael Jerger
2177d38e9c
feat(federation): validate like activities ( #3494 )
...
First step on the way to #1680
The PR will
* accept like request on the api
* validate activity in a first level
You can find
* architecture at: https://codeberg.org/meissa/forgejo/src/branch/forgejo-federated-star/docs/unsure-where-to-put/federation-architecture.md
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3494
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
Co-committed-by: Michael Jerger <michael.jerger@meissa-gmbh.de>
2024-05-07 07:59:49 +00:00
silverwind
fb693442f5
Remove external API calls in `TestPassword` ( #30716 )
...
The test had a dependency on `https://api.pwnedpasswords.com ` which
caused many failures on CI recently:
```
--- FAIL: TestPassword (2.37s)
pwn_test.go:41: Get "https://api.pwnedpasswords.com/range/e6b6a ": context deadline exceeded (Client.Timeout exceeded while awaiting headers)
FAIL
coverage: 82.9% of statements
```
(cherry picked from commit 9235442ba58524c8d12ae54865d583acfa1f439d)
2024-05-05 12:15:40 +01:00
Renovate Bot
aa8a757fe2
Update module github.com/PuerkitoBio/goquery to v1.9.2
2024-05-05 00:05:34 +00:00
Renovate Bot
58bf120eba
Update module gitea.com/go-chi/binding to v0.0.0-20240430071103-39a851e106ed
2024-05-02 00:05:56 +00:00
Earl Warren
425d64a023
Merge pull request 'Update module connectrpc.com/connect to v1.16.1' ( #3491 ) from renovate/connectrpc.com-connect-1.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3491
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-30 07:10:13 +00:00
Earl Warren
79ffb2de47
Merge pull request '[gitea] week 2024-18 cherry pick (gitea-github/main -> forgejo)' ( #3513 ) from earl-warren/wcp/2024-18 into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3513
Reviewed-by: jean-daricade <jean-daricade@noreply.codeberg.org>
2024-04-30 06:42:26 +00:00
Chongyi Zheng
7517e70740
Use `ProtonMail/go-crypto` for `opengpg` in tests ( #30736 )
...
(cherry picked from commit 8b8b48ef5fb1c5c164d5534ea4b8049f1db26ce9)
Conflicts:
go.mod
trivial context confllict
2024-04-28 15:39:02 +02:00
Renovate Bot
95f8b1bbc5
Update module github.com/urfave/cli/v2 to v2.27.2
2024-04-28 00:05:53 +00:00
Otto
98589b487c
Merge pull request 'Update module github.com/minio/minio-go/v7 to v7.0.70' ( #3469 ) from renovate/github.com-minio-minio-go-v7-7.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3469
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-27 19:15:38 +00:00
Renovate Bot
004fe91d37
Update module gitea.com/gitea/act to v0.261.1
2024-04-27 02:04:59 +00:00
Renovate Bot
01d9faefa5
Update module connectrpc.com/connect to v1.16.1
2024-04-27 00:07:16 +00:00
Renovate Bot
ca9c039ba6
Update module github.com/minio/minio-go/v7 to v7.0.70
2024-04-26 02:05:51 +00:00
Renovate Bot
aec0e1c43a
Update module github.com/klauspost/compress to v1.17.8
2024-04-10 02:10:00 +00:00
Earl Warren
2d3705bb81
Merge pull request '[CHORE] Remove Microsoft SQL Server support' ( #3040 ) from gusted/forgejo-rm-mssql into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/3040
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-04-09 05:34:54 +00:00
Gusted
2d9afd0c21
[CHORE] Remove Microsoft SQL Server Support
...
- Per https://codeberg.org/forgejo/discussions/issues/122
2024-04-05 23:37:36 +02:00
Gusted
32134e3a43
[CHORE] Remove u2f dependency
...
- It was only used to parse old U2F data to webauthn credentials. We
only used the public key and keyhandle. This functiontionality was
reworked to `parseU2FRegistration`.
- Tests are already present, `Test_RemigrateU2FCredentials`.
2024-04-05 16:23:10 +02:00
Gusted
ded1080bc2
[CHORE] Update golang.org/x/net
...
Per https://pkg.go.dev/vuln/GO-2024-2687
2024-04-04 06:17:41 +02:00
Renovate Bot
e6da9c6cd9
Update dependency go to v1.22.2
2024-04-04 04:04:38 +00:00
Earl Warren
4aebf52129
Merge pull request 'Update module github.com/editorconfig/editorconfig-core-go/v2 to v2.6.2' ( #2987 ) from renovate/github.com-editorconfig-editorconfig-core-go-v2-2.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2987
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-04-03 16:56:21 +00:00
Michael Kriese
99efe01a08
fix: set proper go directive
2024-04-03 14:50:34 +02:00
Renovate Bot
8f3b2096a8
Update module github.com/editorconfig/editorconfig-core-go/v2 to v2.6.2
2024-04-03 04:08:11 +00:00
Renovate Bot
85cbdefaaa
Update module github.com/go-sql-driver/mysql to v1.8.1
2024-03-30 14:46:43 +00:00
Gusted
bc04183e47
Merge pull request 'Update module github.com/felixge/fgprof to v0.9.4' ( #2805 ) from renovate/github.com-felixge-fgprof-0.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2805
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-30 13:47:43 +00:00
Earl Warren
0761207cc2
Merge pull request 'Update module github.com/minio/minio-go/v7 to v7.0.69' ( #2851 ) from renovate/github.com-minio-minio-go-v7-7.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2851
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-30 11:11:37 +00:00
Renovate Bot
02dcd07437
Update module github.com/felixge/fgprof to v0.9.4
2024-03-30 10:11:45 +00:00
Renovate Bot
0cb9ea64a6
Update module github.com/opencontainers/image-spec to v1.1.0
2024-03-30 06:05:12 +00:00
Renovate Bot
a517e4aeb1
Update module github.com/minio/minio-go/v7 to v7.0.69
2024-03-30 06:05:07 +00:00
Gusted
f579bde69d
[CHORE] Cleanup dependency
...
- Remove `gitea.com/lunny/dingtalk_webhook` as dependency, we only use
two structs which are small enough to be recreated in Forgejo and don't
need to rely on the dependency.
- Existing tests (thanks @oliverpool) prove that this has no effect.
2024-03-30 00:01:42 +01:00
Earl Warren
168c56d7d4
Merge pull request 'Update module github.com/gliderlabs/ssh to v0.3.7' ( #2806 ) from renovate/github.com-gliderlabs-ssh-0.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2806
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-28 14:01:48 +00:00
Renovate Bot
9ff9036377
Update module github.com/klauspost/compress to v1.17.7
2024-03-25 20:07:17 +00:00
Earl Warren
5194bd15ef
Merge pull request 'Update module github.com/editorconfig/editorconfig-core-go/v2 to v2.6.1' ( #2804 ) from renovate/github.com-editorconfig-editorconfig-core-go-v2-2.x into forgejo
...
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2804
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-03-25 19:48:58 +00:00
Renovate Bot
a6fdab95f8
Update module github.com/go-enry/go-enry/v2 to v2.8.7
2024-03-25 19:05:23 +00:00
Renovate Bot
ac08242493
Update module github.com/gliderlabs/ssh to v0.3.7
2024-03-25 18:24:23 +00:00
Renovate Bot
eccd824b01
Update module github.com/editorconfig/editorconfig-core-go/v2 to v2.6.1
2024-03-25 17:37:18 +00:00
Renovate Bot
6e968e0ce3
Update gitea.com/go-chi/session digest to 16768d9
2024-03-25 15:18:21 +00:00
Renovate Bot
46aaecc2b8
Update gitea.com/go-chi/captcha digest to fb487f6
2024-03-25 13:37:57 +00:00
Earl Warren
84f28f36b0
go: upgrade to go v1.22
2024-03-25 06:52:23 +01:00
JakobDev
0a88259df4
Update Chroma to v2.13.0 ( #29732 )
...
This adds new lexers and includes some fixes. See
https://github.com/alecthomas/chroma/releases/tag/v2.13.0 for the full
changelog.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
(cherry picked from commit 3e7ae79f99ef0e5ba3d1201c38f491121ea2a156)
2024-03-20 08:46:28 +01:00
sillyguodong
6cb9e8d869
Make runs-on support variable expression ( #29468 )
...
As title.
Close issue: https://gitea.com/gitea/act_runner/issues/445
Follow: https://gitea.com/gitea/act/pulls/91
Move `getSecretsOfTask` and `getVariablesOfTask` under `models` because
of circular dependency issues.
(cherry picked from commit a1f5dd767729e30d07ab42fda80c19f30a72679f)
2024-03-11 23:36:59 +07:00
wxiaoguang
abb0294996
Partially enable MSSQL case-sensitive collation support ( #29238 )
...
Follow #28662
(cherry picked from commit 29a8c8de779924694fadad80b31cc855dd62c0f2)
2024-03-11 23:36:59 +07:00
Gusted
578f0b3335
[DEPS] Bump mysql driver
...
- Bump the SQL driver for MySQL to
[v1.8.0](https://github.com/go-sql-driver/mysql/releases/tag/v1.8.0 ),
which notably includes support for ed25519 authentication scheme (by
yours truly).
- Resolves #1868
2024-03-10 14:57:56 +01:00
techknowlogick
2c26b187ea
bump protobuf module ( #29617 )
...
(cherry picked from commit 06039bf0b7ec4dffe74ae323b8bbbbedec69d0c8)
2024-03-06 11:39:07 +08:00
Gusted
0c4872f839
[CHORE] Update `connect-go` to maintained fork
...
- Update github.com/bufbuild/connect-go to
https://github.com/connectrpc/connect-go .
- This is a fork that's actively maintained and is recommend by the
original library. Looking at the recent release notes, it looks like
going in the right direction what one would expect of a library, no
strange features being added, lots of improvements.
- There's still an indirect dependency by
`code.gitea.io/actions-proto-go` on a old version of `connect-go`.
2024-02-28 09:40:56 +01:00
Gusted
295cd6be94
[GITEA] Use existing error functionality
...
- There's no need to use `github.com/pkg/errors` when the standard
library already has the functionality to wrap and create errors.
(cherry picked from commit 40f603a538
)
(cherry picked from commit aa68a2753f
)
(cherry picked from commit 48e252d739
)
(cherry picked from commit cc6f40ccd2
)
(cherry picked from commit 03c4b97358
)
(cherry picked from commit f25eeb7695
)
(cherry picked from commit 989d8fa1cb
)
(cherry picked from commit 10e890ed8e
)
(cherry picked from commit 581519389d
)
(cherry picked from commit 03d00b11ac
)
(cherry picked from commit 04e6c853d4
)
Conflicts:
go.mod
https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 2c4c29f7bc
)
2024-02-05 16:09:40 +01:00
Gusted
92413041bd
[GITEA] Use maintained gziphandler
...
- https://github.com/NYTimes/gziphandler doesn't seems to be maintained
anymore and Forgejo already includes
https://github.com/klauspost/compress which provides a maintained and
faster gzip handler fork.
- Enables Jitter to prevent BREACH attacks, as this *seems* to be
possible in the context of Forgejo.
(cherry picked from commit cc2847241d
)
(cherry picked from commit 99ba56a876
)
Conflicts:
go.sum
https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 711638193d
)
(cherry picked from commit 9c12a37fde
)
(cherry picked from commit d130653454
)
(cherry picked from commit 45a16f8c3c
)
(cherry picked from commit a497acb31f
)
(cherry picked from commit fe87fd8289
)
(cherry picked from commit 6ac12e6693
)
(cherry picked from commit 981ec37e1e
)
(cherry picked from commit 5d6892ec10
)
(cherry picked from commit 9df7968f4f
)
(cherry picked from commit 7d588d1833
)
Conflicts:
routers/web/web.go
https://codeberg.org/forgejo/forgejo/pulls/2075
(cherry picked from commit defb101281
)
(cherry picked from commit 5830f204a1
)
(cherry picked from commit 029f4e9863
)
(cherry picked from commit 816fe55812
)
Conflicts:
go.sum
https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 99866d8045
)
2024-02-05 16:09:40 +01:00
Gusted
662c8ee341
[GITEA] Use existing jsonschema library
...
- Use the 'existing' jsonschema library for the nodeinfo integration test.
(cherry picked from commit 73864840f2
)
(cherry picked from commit da36df306b
)
Conflicts:
go.mod
https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 2b4ab46d8e
)
Conflicts:
go.mod
https://codeberg.org/forgejo/forgejo/pulls/1617
(cherry picked from commit 8064130344
)
(cherry picked from commit 0ccefc633e
)
(cherry picked from commit 19e647b531
)
(cherry picked from commit 2bcc04889d
)
(cherry picked from commit 2fd1932699
)
(cherry picked from commit b9a3e1e525
)
(cherry picked from commit 92d932d23f
)
(cherry picked from commit c125217fea
)
(cherry picked from commit f9801ba57b
)
Conflicts:
go.mod
https://codeberg.org/forgejo/forgejo/pulls/2034
(cherry picked from commit 2558a8a764
)
(cherry picked from commit f53b2d3112
)
(cherry picked from commit c098055f0a
)
(cherry picked from commit 0e1591554a
)
(cherry picked from commit 876d9d5c6f
)
Conflicts:
go.mod
https://codeberg.org/forgejo/forgejo/pulls/2249
(cherry picked from commit 7110bb6a78
)
2024-02-05 16:09:40 +01:00
Gusted
fa37a211fb
[GITEA] Drop sha256-simd in favor of stdlib
...
- In Go 1.21 the crypto/sha256 [got a massive
improvement](https://go.dev/doc/go1.21#crypto/sha256 ) by utilizing the
SHA instructions for AMD64 CPUs, which sha256-simd already was doing.
The performance is now on par and I think it's preferable to use the
standard library rather than a package when possible.
```
cpu: AMD Ryzen 5 3600X 6-Core Processor
│ simd.txt │ go.txt │
│ sec/op │ sec/op vs base │
Hash/8Bytes-12 63.25n ± 1% 73.38n ± 1% +16.02% (p=0.002 n=6)
Hash/64Bytes-12 98.73n ± 1% 105.30n ± 1% +6.65% (p=0.002 n=6)
Hash/1K-12 567.2n ± 1% 572.8n ± 1% +0.99% (p=0.002 n=6)
Hash/8K-12 4.062µ ± 1% 4.062µ ± 1% ~ (p=0.396 n=6)
Hash/1M-12 512.1µ ± 0% 510.6µ ± 1% ~ (p=0.485 n=6)
Hash/5M-12 2.556m ± 1% 2.564m ± 0% ~ (p=0.093 n=6)
Hash/10M-12 5.112m ± 0% 5.127m ± 0% ~ (p=0.093 n=6)
geomean 13.82µ 14.27µ +3.28%
│ simd.txt │ go.txt │
│ B/s │ B/s vs base │
Hash/8Bytes-12 120.6Mi ± 1% 104.0Mi ± 1% -13.81% (p=0.002 n=6)
Hash/64Bytes-12 618.2Mi ± 1% 579.8Mi ± 1% -6.22% (p=0.002 n=6)
Hash/1K-12 1.682Gi ± 1% 1.665Gi ± 1% -0.98% (p=0.002 n=6)
Hash/8K-12 1.878Gi ± 1% 1.878Gi ± 1% ~ (p=0.310 n=6)
Hash/1M-12 1.907Gi ± 0% 1.913Gi ± 1% ~ (p=0.485 n=6)
Hash/5M-12 1.911Gi ± 1% 1.904Gi ± 0% ~ (p=0.093 n=6)
Hash/10M-12 1.910Gi ± 0% 1.905Gi ± 0% ~ (p=0.093 n=6)
geomean 1.066Gi 1.032Gi -3.18%
```
(cherry picked from commit abd94ff5b5
)
(cherry picked from commit 15e81637ab
)
Conflicts:
go.mod
https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 325d92917f
)
Conflicts:
modules/context/context_cookie.go
https://codeberg.org/forgejo/forgejo/pulls/1617
(cherry picked from commit 358819e895
)
(cherry picked from commit 362fd7aae1
)
(cherry picked from commit 4f64ee294e
)
(cherry picked from commit 4bde77f7b1
)
(cherry picked from commit 1311e30a81
)
(cherry picked from commit 57b69e334c
)
(cherry picked from commit 52dc892fad
)
(cherry picked from commit 77f54f4187
)
(cherry picked from commit 0d0392f3a5
)
Conflicts:
go.mod
https://codeberg.org/forgejo/forgejo/pulls/2034
(cherry picked from commit 92798364e8
)
(cherry picked from commit 43d2181277
)
(cherry picked from commit 45c88b86a3
)
(cherry picked from commit a1cd6f4e3a
)
(cherry picked from commit 01191dc2ad
)
(cherry picked from commit 151e07f37e
)
2024-02-05 16:09:40 +01:00