mirror of
1
Fork 0
Commit Graph

12526 Commits

Author SHA1 Message Date
Gusted 257b7171c3
Fix possible panic (#17694)
- The code will get the first and second character `link[{0,1]]`.
However in a rare case the `link` could have 1 character and thus the
`link[1]` will create a panic.
2021-11-18 21:25:56 +08:00
Gusted d1f5584039
Simplify code for wrting SHA to name-rev (#17696) 2021-11-18 04:50:22 -05:00
zeripath 878c2ce6e6
Prevent NPE due to missing repo in regression in #17551 (#17697) 2021-11-18 03:18:12 -05:00
Lunny Xiao 1f1ae57139
Move task from modules to services (#17680) 2021-11-18 14:47:57 +08:00
Lunny Xiao 3c3855a05c
Move user functions into user.go (#17659)
* Move user functions into user.go

* Fix test
2021-11-18 13:58:42 +08:00
silverwind 6874fe90e5
Cleanup and use global style on popups (#17674)
* Cleanup and use global style on popups

- Fix typo 'poping' to 'popping'
- Remove most inline 'data-variation' attributes
- Initialize all popups with 'inverted tiny' variation

* misc tweaks

* rename to .tooltip, use jQuery

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-18 11:26:50 +08:00
Gusted c98dd7a3e0
Remove unnecessary variable assignments (#17695)
* Remove unnecessary variable assignments

As title

* enable ineffassign

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-18 09:33:06 +08:00
GiteaBot b01f6c1a8c [skip ci] Updated translations via Crowdin 2021-11-18 00:25:14 +00:00
KN4CK3R ea42d3c04e
Fixed commit count. (#17698)
Added "Tag" label.
Unified branch, tag and commit name.
2021-11-17 23:50:17 +00:00
zeripath 3c4724d70e
Add .gitattribute assisted language detection to blame, diff and render (#17590)
Use check attribute code to check the assigned language of a file and send that in to
chroma as a hint for the language of the file.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-17 20:37:00 +00:00
Lunny Xiao 81a4fc7528
Return 400 but not 500 when request archive with wrong format (#17691) 2021-11-17 14:47:35 -05:00
Gusted d8a8961b99
Sanitize user-input on file name (#17666)
* Sanitize user-input on file name

- Sanitize user-input before it get passed into the DOM.
- Prevent things like "<iframe onload=alert(1)></iframe>" from being
executed. This isn't a XSS attack as the server seems to be santizing
the path as well.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-17 18:08:25 +00:00
Lunny Xiao 5233051e64
Move some functions into services/repository (#17677) 2021-11-17 23:17:31 +08:00
wxiaoguang 750a8465f5
A better go code formatter, and now `make fmt` can run in Windows (#17684)
* go build / format tools
* re-format imports
2021-11-17 20:34:35 +08:00
Lunny Xiao 29cc169d20
Fix bug when read mysql database max lifetime (#17682) 2021-11-17 18:59:23 +08:00
Lunny Xiao 95d3266bee
Move user follow and openid into models/user/ (#17613)
* Move UserRedirect into models/user/

* Fix lint & test

* Fix lint

* Fix lint

* remove nolint comment

* Fix lint

* Move user follow and openid into models/user

* Ignore the lint

* Ignore the lint

* Fix test

* ignore stutters lint on UserOpenID
2021-11-17 17:58:31 +08:00
Gusted adda27668b
Enable bidichk (#17610)
- https://github.com/breml/bidichk

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-11-17 16:47:28 +08:00
Lunny Xiao e3da8c1e88
fix migrations documents (#17679)
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-17 15:17:37 +08:00
Gusted 21f6c0be08
Update golangci-lint in Makefile (#17647)
* Update golangci-lint in Makefile

- Partially resolvess #17596
- Download specific version(v1.43.0) by default.
- If current installed version is older than the minium version, it will
download the mininium required version.
- Update the install script to avoid deprecated error
`golangci/golangci-lint err this script is deprecated, please do not use
it anymore. check https://github.com/goreleaser/godownloader/issues/207`

* Simplify golangci-lint version check

* Fix version conversion

* Add version that's downloading

Co-authored-by: zeripath <art27@cantab.net>

* Consistency

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-17 13:41:01 +08:00
Lunny Xiao 42670e6b1c
Set unit test timeout to 20 minutes (#17664)
* Set unit test timeout to 15 minutes

* Update Makefile

Co-authored-by: silverwind <me@silverwind.io>

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-16 21:54:05 -05:00
rstular 8fdc5247de
Update for reverse proxying static resources (#17670)
Gitea fetches static resources from /assets, so nginx configuration has to be updated accordingly.

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-16 21:53:15 -05:00
GiteaBot 171f2d066e [skip ci] Updated translations via Crowdin 2021-11-17 00:25:11 +00:00
qwerty287 3be156f66a
Allow admins to change user avatars (#17661)
Adds the avatar change panel to the edit user page (bottom) and allows admins to change it this way

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2021-11-16 19:13:13 +00:00
zeripath bbffcc3aec
Multiple Escaping Improvements (#17551)
There are multiple places where Gitea does not properly escape URLs that it is building and there are multiple places where it builds urls when there is already a simpler function available to use this.
    
This is an extensive PR attempting to fix these issues.

1. The first commit in this PR looks through all href, src and links in the Gitea codebase and has attempted to catch all the places where there is potentially incomplete escaping.
2. Whilst doing this we will prefer to use functions that create URLs over recreating them by hand.
3. All uses of strings should be directly escaped - even if they are not currently expected to contain escaping characters. The main benefit to doing this will be that we can consider relaxing the constraints on user names and reponames in future. 
4. The next commit looks at escaping in the wiki and re-considers the urls that are used there. Using the improved escaping here wiki files containing '/'. (This implementation will currently still place all of the wiki files the root directory of the repo but this would not be difficult to change.)
5. The title generation in feeds is now properly escaped.
6. EscapePound is no longer needed - urls should be PathEscaped / QueryEscaped as necessary but then re-escaped with Escape when creating html with locales Signed-off-by: Andrew Thornton <art27@cantab.net>

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-16 18:18:25 +00:00
Lunny Xiao 7e1ae38097
Move migrations into services and base into modules/migration (#17663)
* Move migrtions into services and base into modules/migration

* Fix imports

* Fix lint
2021-11-16 23:25:33 +08:00
Lunny Xiao 48ccd325a1
Move some functions into services/repository (#17660) 2021-11-16 21:30:11 +08:00
Gusted 447428f446
Remove superfluous argument (#17667)
As title.
2021-11-16 19:36:03 +08:00
wxiaoguang 81926d61db
Decouple unit test, remove intermediate `unittestbridge` package (#17662)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-16 16:53:21 +08:00
silverwind 23bd7b1211
Add copy button to markdown code blocks (#17638)
* Add copy button to markdown code blocks

Done mostly in JS because I think it's better not to try getting buttons
past the markup sanitizer.

* add svg module tests

* fix sanitizer regexp

* remove outdated comment

* vertically center button in issue comments as well

* add comment to css

* fix undefined on view file line copy

* combine animation less files

* Update modules/markup/markdown/markdown.go

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* add test for different sizes

* add cloneNode and add tests for it

* use deep clone

* remove useless optional chaining

* remove the svg node cache

* unify clipboard copy string and i18n

* remove unused var

* remove unused localization

* minor css tweaks to the button

* comment tweak

* remove useless attribute

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-16 16:16:05 +08:00
Lunny Xiao d789670894
Migrating wiki don't require token, so we should move it out of the require form (#17645)
* Migrating wiki don't require token, so we should move it out of the require form

* Fix lint
2021-11-16 14:17:21 +08:00
silverwind 6f7082ff56
Fix GitBucket icon (#17644)
Partial fix for https://github.com/go-gitea/gitea/issues/17642.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-16 12:24:22 +08:00
wxiaoguang 6292603215
Fix database deadlock when update issue labels (#17649)
This fix updates issue labels one by one, and won't cause database deadlock.
In future, we can use a batch API to update all changed labels by one request.
2021-11-16 10:21:13 +08:00
GiteaBot 3a60e0ad89 [skip ci] Updated translations via Crowdin 2021-11-16 00:25:21 +00:00
KN4CK3R ff9564a679
Changed migration text. (#17654) 2021-11-15 18:12:09 -05:00
Gusted ab1379743e
Fix nil checking on typed interface (#17598)
* Fix nil checking on typed interface

- Partially resoles #17596
- Resolves SA4023 errors.
- Ensure correctly that typed interface are nil.

* Remove unnecessary code

`NewBleveIndexer` will never return nil, even on errors.

* Patch `NewBleveIndexer`

* Fix low-level functions

* Remove deadcode

* Fix GetSession

* Close Elastic search when err isn't nil

* Update elastic_search.go

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2021-11-15 21:16:11 +08:00
Gusted 253d9e4158
Remove unnecassary calls to `filepath.Join` (#17608)
- Partialy resolvess #17596
- Resolves `badCall` errors from go-critic `badCall: suspicious Join on
1 argument`
- When only 1 argument is passed into `filepath.Join`, it won't do
anything special other than `filepath.Clean(...)` will be applied over
it.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-11-15 14:02:53 +08:00
Gusted 562785ef4e
Add download button for file viewer (#17640)
- Resolves #17286
- Use the `download` attribute such that the browser will natively
initate a download dialog for the given URL.

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-11-15 09:05:12 +08:00
GiteaBot 10db864c66 [skip ci] Updated translations via Crowdin 2021-11-15 00:24:54 +00:00
缘生 83a04e42cc
fix typo (#17614) 2021-11-14 17:32:48 -05:00
silverwind cd32b84811
Add icon to vscode clone link (#17641) 2021-11-14 16:48:26 -05:00
KN4CK3R 42ea0023a3
Add migration from GitBucket (#16767)
This PR adds [GitBucket](https://gitbucket.github.io/) as migration source.

Supported:
- Milestones
- Issues
- Pull Requests
- Comments
- Reviews
- Labels

There is no public usable instance so no integration tests added.
2021-11-14 20:11:10 +01:00
Gusted d2163df6a0
Fix offBy1 errors (#17606)
* Fix offBy1 errors

- Partially resolves #17596
- Resolve errors from go-critic `offBy1: Index() can return -1; maybe
you wanted to do Index()+1`.

* Match golang spec

* Remove comments

* Update migrations.go

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-11-14 10:11:49 +02:00
Gusted 8eddb75508
perf: only generate data-comment-url once (#17618) 2021-11-14 00:28:57 -05:00
GiteaBot 424959e07c [skip ci] Updated licenses and gitignores 2021-11-14 00:26:06 +00:00
zeripath bab95c3a86
Correctly handle failed migrations (#17575)
* Correctly handle failed migrations

There is a bug in handling failed migrations whereby the migration task gets decoupled
from the migration repository. This leads to a failure of the task to get deleted with
the repository and also leads to the migration failed page resulting in a ISE.

This PR removes the zeroing out of the task id from the migration but also makes
the migration handler tolerate missing tasks much nicer.

Fix #17571

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-13 19:28:50 +08:00
Michael Grigoryan 47448083a1
Minor readability patch. (#17627) 2021-11-12 18:27:18 -05:00
wxiaoguang df64fa4865
Decouple unit test code from business code (#17623) 2021-11-12 22:36:47 +08:00
wxiaoguang 7f802631c5
Fix some incorrect async functions, improve frontend document. (#17597) 2021-11-12 20:37:45 +08:00
Lunny Xiao 0db7a32b92
unbind the CheckConsistency for some structs so that they can be moved to sub packages easier (#17612)
* unbind the CheckConsistency for some structs so that they can be moved to sub packages easier

* Fix functions name

* Fix typo
2021-11-12 08:56:45 +08:00
Lunny Xiao 90eb9fb889
Move EmailAddress & UserRedirect into models/user/ (#17607)
* Move EmailAddress into models/user/

* Fix test

* rename user_mail to user_email

* Fix test

* Move UserRedirect into models/user/

* Fix lint & test

* Fix lint

* Fix lint

* remove nolint comment

* Fix lint
2021-11-11 15:03:30 +08:00