mirror of
1
Fork 0
Commit Graph

905 Commits

Author SHA1 Message Date
Gusted 266e0b2ce9
security: add permission check to 'delete branch after merge'
- Add a permission check that the doer has write permissions to the head
repository if the the 'delete branch after merge' is enabled when
merging a pull request.
- Unify the checks in the web and API router to `DeleteBranchAfterMerge`.
- Added integration tests.
2024-10-28 05:48:10 +01:00
Earl Warren 0e0a153adb Merge pull request 'feat: combine review requests comments' (#5695) from gusted/forgejo-combine-request-review into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5695
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-27 04:49:23 +00:00
Gusted 8fdc0a7a6c feat: combine review requests comments
- Combine review requests comments similairy how labels comments are
combined. If review requests comments were made within 60 seconds of
each other they will be grouped.
- Integration and unit test added.
- Resolves #2774
2024-10-25 22:57:32 +02:00
Gusted f5e025917f fix: make branch protection work for new branches
- If `GetAffectedFiles` is called for a push with an empty oldCommitID,
then set the oldCommitID to the empty tree. This will effictively diff
all the changes included in the push, which is the expected behavior for
branches.
- Integration test added.
- Resolves #5683
- Port of gitea#31778 but implemented differently.
2024-10-24 18:44:58 +02:00
Gusted 3a4bc7cdd1 Merge pull request 'feat: use combo markdown editor for milestone description' (#5657) from gusted/forgejo-milestone-comboeditor into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5657
Reviewed-by: Otto <otto@codeberg.org>
2024-10-23 13:38:35 +00:00
Gusted 4c6587d6a0 feat: use combo markdown editor for milestone description
- Use the combo markdown editor for the milestone description. The
milestone description is rendered in markdown, so it makes sense to use
a 'markdown-aware' editor. This also includes the option to use
monospace font.
- Resolves #5649
2024-10-22 19:58:44 +02:00
Earl Warren fac25238d4 Merge pull request 'fix: don't show truncated comments in RSS/Atom feeds' (#5653) from gusted/forgejo-truncated-comment-rss into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5653
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-22 16:48:52 +00:00
Gusted f4a7132a89 fix: don't show truncated comments in RSS/Atom feeds
- When a truncated comment is detected in the RSS/Atom feeds, fetch the
comment from the database and use the original content.
- Added integration test.
- Resolves #5650
2024-10-22 15:15:09 +02:00
Gusted 6c0698c7de Merge pull request 'fix: make syncronize tags to database handle annoted tags' (#5641) from gusted/forgejo-sync-tags into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5641
Reviewed-by: Otto <otto@codeberg.org>
2024-10-21 18:45:21 +00:00
0ko 3e1d5cc447 feat(ui): better activity messages for cases of private profiles (#5638)
* added a message for the case where the user's profile is private but the Public activity is not hidden
The activity is still hidden anyway because the profile is private, but previously the message would say:
`Your activity is visible to everyone, except for interactions in private spaces...`
which I would consider as a flaw of the original implementation. Now it will say:
`Your activity is only visible to you and the instance administrators because your profile is private...`
* started showing the message for admins that the activity they see should remain private in the case
where the whole profile is private, not just the activity tab. Previously it would say:
This activity is visible to everyone, but as an administrator you can also see interactions in private spaces.`
which I would also consider as a flaw of the original implementation. Now it will say:
`This activity is visible to you because you're an administrator, but the user wants it to remain private.`
* added test cases
* bumped up the number of our GPL-licensed files

Preview
For both screenshots, Forgejo would previously display misinformation.

Change 1: User viewing their private profile, but activity isn't configured as hidden
https://codeberg.org/attachments/6659c80c-15dd-48be-a379-db737fd1dd5e

Change 2: Admin viewing user's private profile
https://codeberg.org/attachments/220da57f-b658-4474-9ad2-049e8438a0af

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5638
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-21 14:39:29 +00:00
Gusted 6da194fae8 fix: make syncronize tags to database handle annoted tags
- When an admin wants syncronize tags in the Git data to the database
via the admin dashboard all annoted tags loses their title. This was
caused because the code didn't correctly handle annoted tags. Annoted
tags have their own objectID to store the annoted message, unlike
'normal' tags which point to the commitID. While the function was being
run for annoted tags, the code thought it found a mismatch in the
objectIDs, because the stored version was actually correct which pointed
to the commitID but the code found the objectID of the annoted tag.
- Make `SyncReleasesWithTags` corectly handle annoted tags.
- Added unit and integration tests.
- Resolves #5628
2024-10-21 16:21:07 +02:00
dragon 95c7599db5 fix arch pkg 2024-10-21 10:08:57 +08:00
Gusted 215700fc83 Merge pull request 'fix: Add `recentupdated` as recognized sort option' (#5613) from gusted/forgejo-add-recentupdated-case into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5613
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-10-20 10:57:20 +00:00
Gusted df38c41c7a
fix: Add `recentupdated` as recognized sort option
- Add `recentupdated` to the `OrderByMap`.
- Add integration testing for organization and user repository sorting.
- Resolves #5612
- Regression from 12e23ee199 where the
`recentupdated` case was not added to the map, but was handled
seperately as a fallback. The regression came into affect when
5a0bc35799 also relied on this map but
didn't handle the `recentupdated` case.
2024-10-19 23:53:29 +02:00
Earl Warren e2354703ed Merge pull request '[gitea] week 2024-42 cherry pick (gitea/main -> forgejo)' (#5543) from earl-warren/wcp/2024-42 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5543
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-19 13:54:24 +00:00
0ko 19ca039486 feat(ui): set your_repositories as the default filter for org dashboards (#5593)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5593
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
2024-10-17 13:24:41 +00:00
Otto 1d13249e17 Merge pull request '[BUG] Don't allow owner team with incorrect unit access' (#5529) from gusted/forgejo-owners-team-description into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5529
Reviewed-by: Otto <otto@codeberg.org>
2024-10-14 19:56:58 +00:00
Earl Warren 7855e4bb56
Improve the maintainblity of the reserved username list (#32229)
(cherry picked from commit 6029d78ab5006e8fb4f42adb5a8c491f19fa7b0a)

Conflicts:
  models/user/user.go
	services/user/user_test.go
    trivial context conflict
	tests/integration/user_test.go
    discarded entirely because dot may be allowed in Forgejo under
    some conditions
2024-10-13 14:17:08 +03:00
Otto 57802c8e3d Merge pull request '[BUG] Don't allow modification to internal reference' (#5307) from gusted/forgejo-internal-ref into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5307
Reviewed-by: Otto <otto@codeberg.org>
2024-10-11 19:34:55 +00:00
Gusted 9de9034400
[BUG] Don't allow owner team with incorrect unit access
- On editting a team, only update the units if the team isn't the
'Owners' team. Otherwise the 'Owners' team end up having all of their
unit access modes set to 'None'; because the request form doesn't send
over any units, as it's simply not shown in the UI.
- Adds a database inconstency check and fix for the case where the
'Owners' team is affected by this bug.
- Adds unit test.
- Adds integration test.
- Resolves #5528
- Regression of https://github.com/go-gitea/gitea/pull/24012
2024-10-11 14:48:47 +02:00
Earl Warren 14d85597f8
chore(lint): Fix bug when a token is given public only 2024-10-10 16:00:16 +03:00
Lunny Xiao a052d2b602
Fix bug when a token is given public only
Port of https://github.com/go-gitea/gitea/pull/32204

(cherry picked from commit d6d3c96e6555fc91b3e2ef21f4d8d7475564bb3e)

Conflicts:
  routers/api/v1/api.go
	services/context/api.go
  trivial context conflicts
2024-10-10 10:41:42 +03:00
Otto ca2c850122 Merge pull request 'fix: correct Discord webhook JSON for issue events' (#5492) from kidsan/forgejo:discord-api-conformance into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5492
Reviewed-by: Otto <otto@codeberg.org>
2024-10-09 16:02:49 +00:00
Earl Warren 31fc0f66b7 Merge pull request '[gitea] week 2024-41 cherry pick (gitea/main -> forgejo)' (#5477) from earl-warren/wcp/2024-41 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5477
Reviewed-by: Otto <otto@codeberg.org>
2024-10-09 05:02:20 +00:00
JakobDev 1fc5e41592 [Feat]Add link to show all Issues/PullRequests (#4125)
The Issue and PullRequest list has 3 states:
- open: This lists all open Issues/PullRequests
- closed: This lists all closed Issues/PullRequests
- all: This lists all open and closed Issues/PullRequests

If you want to get to the all state, you need to click Open while in open state or Closed while in closed state, which is very unintuitive. This PR adss a third button to get to this state.

![grafik](/attachments/4ff59e4c-e318-40f0-80ba-f921ce098919)

I'm not sure if the eye icon fits well, but I couldn't find a better one.

Tests will be added once #4124 is merged.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4125
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-committed-by: JakobDev <jakobdev@gmx.de>
2024-10-09 04:56:40 +00:00
Kidsan 6ea6f224b8 fix: improve discord webhook api conformance
This commit corrects some cases in the discord webhook payload that do
not align with the discord documentation
2024-10-08 22:43:28 +02:00
Earl Warren 6488d15860
Fix the logic of finding the latest pull review commit ID (#32139) (followup)
Adjust the tests for review deletion to ignore a newly inserted
fixture. It is a review request and cannot be deleted.
2024-10-06 10:00:09 +02:00
Earl Warren 1bee6fa839
Add support for searching users by email (#30908) (testifylint) 2024-10-06 08:29:19 +02:00
yp05327 af901ac7bb
Add support for searching users by email (#30908)
Fix #30898

we have an option `SearchByEmail`, so enable it, then we can search user
by email.
Also added a test for it.

(cherry picked from commit 5d6d025c9b8d2abca9ec2bfdc795d1f0c1c6592d)
2024-10-06 08:10:22 +02:00
Job 1dfe58ad11
Fix PR creation on forked repositories (#31863)
Resolves #20475

(cherry picked from commit 7e68bc88238104d2ee8b5a877fc1ad437f1778a4)

Conflicts:
	tests/integration/pull_create_test.go
  add missing testPullCreateDirectly from
  c63060b130d34e3f03f28f4dccbf04d381a95c17 Fix code owners will not be mentioned when a pull request comes from a forked repository (#30476)
2024-10-06 08:08:40 +02:00
Zettat123 b67b7c1238
Fix the logic of finding the latest pull review commit ID (#32139)
Fix #31423

(cherry picked from commit f4b8f6fc40ce2869135372a5c6ec6418d27ebfba)

Conflicts:
	models/fixtures/comment.yml
  comment fixtures have to be shifted because there is one more in Forgejo
2024-10-06 07:44:28 +02:00
Earl Warren 388e7c9719
Ensure `GetCSRF` doesn't return an empty token (#32130) (followup)
Modifies the calls to createAttachment() for tests that do not exist
in Gitea.
2024-10-06 07:35:19 +02:00
Jason Song 2bc47e81a3
Ensure `GetCSRF` doesn't return an empty token (#32130)
Since page templates keep changing, some pages that contained forms with
CSRF token no longer have them.

It leads to some calls of `GetCSRF` returning an empty string, which
fails the tests. Like

3269b04d61/tests/integration/attachment_test.go (L62-L63)

The test did try to get the CSRF token and provided it, but it was
empty.

(cherry picked from commit 13283873e9d523d5a5557f55d64f702c1a9f76ec)

Conflicts:
	tests/integration/integration_test.go
  trivial context conflict
2024-10-06 07:29:45 +02:00
Otto f7f7800460 Merge pull request 'feat: support regexp in git-grep search' (#4968) from yoctozepto/git-grep-regexp into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/4968
Reviewed-by: Shiny Nematoda <snematoda@noreply.codeberg.org>
2024-10-04 17:10:14 +00:00
Gusted 84e77c41fa
[FEAT] Don't allow modification to internal reference
- This a port of https://github.com/go-gitea/gitea/pull/31931 in a
behavior-sense. None of the code was actually ported.
- Follow up for #2834, now also don't allow modification.
- Integration test added.
- Unit test modified.
2024-10-02 20:50:06 +02:00
Earl Warren a226064711
Fix artifact v4 upload above 8MB (#31664) (fix lint errors) 2024-09-29 09:58:47 +02:00
ChristopherHX 8f0a05a7e4
Fix artifact v4 upload above 8MB (#31664)
Multiple chunks are uploaded with type "block" without using
"appendBlock" and eventually out of order for bigger uploads.
8MB seems to be the chunk size

This change parses the blockList uploaded after all blocks to get the
final artifact size and order them correctly before calculating the
sha256 checksum over all blocks

Fixes #31354

(cherry picked from commit b594cec2bda6f861effedb2e8e0a7ebba191c0e9)

Conflicts:
	routers/api/actions/artifactsv4.go
  conflict because of Refactor AppURL usage (#30885) 67c1a07285008cc00036a87cef966c3bd519a50c
    that was not cherry-picked in Forgejo
    the resolution consist of removing the extra ctx argument
2024-09-29 09:24:15 +02:00
Exploding Dragon 89742c4913 feat: add architecture-specific removal support for arch package (#5351)
- [x] add architecture-specific removal support
- [x] Fix upload competition
- [x] Fix not checking input when downloading

docs: https://codeberg.org/forgejo/docs/pulls/874

### Release notes

- [ ] I do not want this change to show in the release notes.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5351
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-09-27 08:21:22 +00:00
Earl Warren 89d9307d56 Merge pull request '[gitea] week 2024-39 cherry pick (gitea/main -> forgejo)' (#5372) from earl-warren/wcp/2024-39 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5372
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-09-27 08:12:43 +00:00
Jamie Schouten 9d34731198
Add bin to Composer Metadata (#32099)
This PR addresses the missing `bin` field in Composer metadata, which
currently causes vendor-provided binaries to not be symlinked to
`vendor/bin` during installation.

In the current implementation, running `composer install` does not
publish the binaries, leading to issues where expected binaries are not
available.

By properly declaring the `bin` field, this PR ensures that binaries are
correctly symlinked upon installation, as described in the [Composer
documentation](https://getcomposer.org/doc/articles/vendor-binaries.md).

(cherry picked from commit d351a42494e71b5e2da63302c2f9b46c78e6dbde)
2024-09-27 08:42:48 +02:00
KN4CK3R 526054332a
Fix incorrect `/tokens` api (#32085)
Fixes #32078

- Add missing scopes output.
- Disallow empty scope.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 08adbc468f8875fd4763c3656b334203c11adc0a)
2024-09-27 08:42:48 +02:00
Earl Warren 6275d1bc50
Refactor CSRF protector (#32057) (fix forgejo tests)
Fix the tests unique to Forgejo that are impacted by the refactor.
2024-09-27 08:42:48 +02:00
wxiaoguang 1ae3b127fc
Refactor CSRF protector (#32057)
Remove unused CSRF options, decouple "new csrf protector" and "prepare"
logic, do not redirect to home page if CSRF validation falis (it
shouldn't happen in daily usage, if it happens, redirecting to home
doesn't help either but just makes the problem more complex for "fetch")

(cherry picked from commit 1fede04b83288d8a91304a83b7601699bb5cba04)

Conflicts:
	options/locale/locale_en-US.ini
	tests/integration/repo_branch_test.go
  trivial context conflicts
2024-09-27 08:42:48 +02:00
Bram Hagens 4a74113dee
feat(ui): add more emoji and code block rendering in issues 2024-09-24 14:20:33 +02:00
Exploding Dragon a6508f5b03 Fix: database not updated when using `git push --tags --force` (#5319)
Closes #4274

link: https://github.com/go-gitea/gitea/pull/32040

### Release notes

- [ ] I do not want this change to show in the release notes.

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Bug fixes
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/5319): <!--number 5319 --><!--line 0 --><!--description Rml4OiBkYXRhYmFzZSBub3QgdXBkYXRlZCB3aGVuIHVzaW5nIGBnaXQgcHVzaCAtLXRhZ3MgLS1mb3JjZWA=-->Fix: database not updated when using `git push --tags --force`<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5319
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-09-22 07:35:25 +00:00
Shiny Nematoda 9c70c7a8ea test(code-search): fix oops 2024-09-16 16:20:55 +02:00
Shiny Nematoda 30d07c3ba3 test(code-search): add for options dropdown 2024-09-16 16:20:55 +02:00
Kemal Zebari eb765dabfd
Handle invalid target when creating releases using API (#31841)
A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on #31840.

(cherry picked from commit f05d9c98c4cb95e3a8a71bf3e2f8f4529e09f96f)
2024-09-14 18:45:18 +02:00
Shiny Nematoda 14abf65269 feat: set created_by as the default filter for /issues and /pulls (#5286)
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5286
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-09-13 12:55:39 +00:00
Shiny Nematoda 6178a46fe2 feat: set fuzzy as default for issue search (#5270)
Closes #5225

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5270
Reviewed-by: Otto <otto@codeberg.org>
Reviewed-by: 0ko <0ko@noreply.codeberg.org>
Co-authored-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
Co-committed-by: Shiny Nematoda <snematoda.751k2@aleeas.com>
2024-09-10 15:57:58 +00:00