mirror of
1
Fork 0
Commit Graph

17104 Commits

Author SHA1 Message Date
wxiaoguang ecc0107809
Only use supported sort order for "explore/users" page (#29430) (#29443)
Backport #29430

Thanks to inferenceus : some sort orders on the "explore/users" page
could list users by their lastlogintime/updatetime.

It leaks user's activity unintentionally. This PR makes that page only
use "supported" sort orders.

Removing the "sort orders" could also be a good solution, while IMO at
the moment keeping the "create time" and "name" orders is also fine, in
case some users would like to find a target user in the search result,
the "sort order" might help.

(cherry picked from commit 2b059f493e46b8b0fb52492623e36a8375cb5fbb)
2024-03-10 18:45:59 +07:00
Giteabot 19c5642971
Fix incorrect cookie path for AppSubURL (#29534) (#29552)
Backport #29534
Regression of #24107

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 5ca2971ccbc8769f7e6ee41c125db47f818e7599)
2024-03-10 18:45:59 +07:00
Giteabot 446d7bd7a7
Fix incorrect redirection when creating a PR fails (#29537) (#29543)
Backport #29537 by wxiaoguang

This is only a quick fix to make it easier to backport.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 971eab18fa0b29312105df739fba443cf9e84d50)
2024-03-10 18:45:59 +07:00
Giteabot 52f52f60f1
Fix queue worker incorrectly stopped when there are still more items in the queue (#29532) (#29546)
Backport #29532

Without `case <-t.C`, the workers would stop incorrectly, the test won't
pass. For the worse case, there might be only one running worker
processing the queue items for long time because other workers are
stopped. The root cause is related to the logic of doDispatchBatchToWorker.
It isn't a serious problem at the moment, so keep it as-is.

(cherry picked from commit 86cd94cba6d63c84528f6f8d52b1ec22b44ac2f8)
2024-03-10 18:45:59 +07:00
Giteabot 1a65ecb867
Fix incorrect relative/absolute URL usages (#29531) (#29547)
Backport #29531 by wxiaoguang

Add two "HTMLURL" methods for PackageDescriptor.
And rename "FullWebLink" to "VersionWebLink"

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 8723389028bcb5e96359fca61efd7d6da0d6af99)
2024-03-10 18:45:59 +07:00
Giteabot 22419d9f8d
Fix incorrect subpath in links (#29535) (#29541)
Backport #29535 by wxiaoguang

* `$referenceUrl`: it is constructed by "Issue.Link", which already has
the "AppSubURL"
* `window.location.href`: AppSubURL could be empty string, so it needs
the trailing slash

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 401cc394d52c6126d3cbca1e1367c4e4da5110f9)
2024-03-10 18:45:59 +07:00
Giteabot e6441a18d2
Fix issue link does not support quotes (#29484) (#29487) (#29536)
Backport #29487 by @charles7668

Close #29484

![圖片](https://github.com/go-gitea/gitea/assets/30816317/b27e6e16-67e0-469c-8e04-30180c585890)

Co-authored-by: charles <30816317+charles7668@users.noreply.github.com>
(cherry picked from commit 3a8877c058fd8583f28711750cf26716526200c4)
2024-03-10 18:45:59 +07:00
Giteabot 5099d3c747
Set pre-step status to `skipped` if job is skipped (#29489) (#29523)
Backport #29489 by @sillyguodong

close #27496
1. Set pre-step (Set up job) status to `skipped` if job is skipped.
2. Apart from pre-step, the other steps should also be set to `skipped`.
The status of other steps are reported from the runner side. This will
be completed by this PR: https://gitea.com/gitea/act_runner/pulls/500

before:

![image](https://github.com/go-gitea/gitea/assets/33891828/4bac2ba9-66de-4679-b7ed-fbae459c0c54)

after:

![image](https://github.com/go-gitea/gitea/assets/33891828/ead4871a-4e0f-4bb1-9fb4-37f4fdb78dfc)

Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
(cherry picked from commit 8d085587831d1357ae80046fe0627dbcc8657a79)
2024-03-10 18:45:58 +07:00
Giteabot 2662e74883
Improve contrast on blame timestamp, fix double border (#29482) (#29485)
Backport #29482 by @silverwind

Before, double border on top, bad contrast on dark:
<img width="155" alt="Screenshot 2024-02-29 at 02 06 17"
src="https://github.com/go-gitea/gitea/assets/115237/fc0f1e08-a5ce-47ed-9eb6-135eed5a1abb">
<img width="126" alt="Screenshot 2024-02-29 at 02 07 28"
src="https://github.com/go-gitea/gitea/assets/115237/38ae8483-8d9b-484c-8909-d4466131ea16">

After, no double border on top, good contrast:
<img width="154" alt="Screenshot 2024-02-29 at 02 20 20"
src="https://github.com/go-gitea/gitea/assets/115237/ad91282b-e9f5-4f41-8f5e-6ba28db3beac">
<img width="147" alt="Screenshot 2024-02-29 at 02 20 38"
src="https://github.com/go-gitea/gitea/assets/115237/7ee2ec92-e72a-4981-aec3-98fc8e579bae">

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 65b9ffe3c081b54234306b2d6231569bff3ce02d)
2024-03-10 18:45:58 +07:00
Giteabot 581261efb1
Fix/Improve `processWindowErrorEvent` (#29407) (#29480)
Backport #29407 by @silverwind

- `e.error` can be undefined in some cases which would raise an error
inside this error handler, fixed that.
- The displayed message mentions looking into the console, but in my
case of error from `ResizeObserver` there was nothing there, so add this
logging. I think this logging was once there but got lost during
refactoring.

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 9abba8c11a2eddfa8da25946fdd43be8d0c53689)
2024-03-10 18:09:59 +07:00
Giteabot 8babbe7ccf
Fix counter display number incorrectly displayed on the page (#29448) (#29478)
Backport #29448 by @charles7668

issue : #28239

The counter number script uses the 'checkbox' attribute to determine
whether an item is selected or not.

However, the input event only increments the counter value, and when
more items are displayed, it does not update all previously loaded
items.

As a result, the display becomes incorrect because it triggers the
update counter script, but checkboxes that are selected without the
'checked' attribute are not counted

Co-authored-by: charles <30816317+charles7668@users.noreply.github.com>
(cherry picked from commit 5477728282de19b1638691b88449b1933ed5a4d8)
2024-03-10 18:09:32 +07:00
Giteabot 0b287c4d4c
Fix URL calculation in clone input box (#29470) (#29473)
Backport #29470 by @silverwind

Ported the function as-is and added comments so we don't forget about
this in the future.

Fixes: https://github.com/go-gitea/gitea/issues/29462

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 222f93822eb4d03f5001ef665377a115bc27ccb6)
2024-03-10 18:08:36 +07:00
Giteabot 813577aee1
The job should always run when `if` is `always()` (#29464) (#29469)
Backport #29464 by @Zettat123

Fix #27906

According to GitHub's
[documentation](https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idneeds),
a job should always run when its `if` is `always()`

> If you would like a job to run even if a job it is dependent on did
not succeed, use the `always()` conditional expression in
`jobs.<job_id>.if`.

Co-authored-by: Zettat123 <zettat123@gmail.com>
(cherry picked from commit eabcfd3f7d9321fcf03e52977c178a96627a68da)
2024-03-10 18:08:15 +07:00
Giteabot d97cd15a1b
Fix missed return (#29450) (#29453)
Backport #29450 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 2df38af752c13ca02a899d6a53848c68259d3336)
2024-03-10 18:08:05 +07:00
Lunny Xiao 40c602df9b
Fix template bug (#27581) (#29446)
Fix #29152
Backport #27581

(cherry picked from commit dc48eb070b2e4143739b7ab22bb9e172af90106d)
2024-03-10 18:07:56 +07:00
Giteabot 40318cf9c3
Not trigger all jobs any more, when re-running the first job (#29439) (#29441)
Backport #29439 by @sillyguodong

Previously, it will be treated as "re-run all jobs" when `jobIndex ==
0`. So when you click re-run button on the first job, it triggers all
the jobs actually.

Caused by #26535.

Co-authored-by: sillyguodong <33891828+sillyguodong@users.noreply.github.com>
(cherry picked from commit 9456deb512db59025cae26d82812ff880c5ea3bc)
2024-03-10 18:06:44 +07:00
Giteabot 47409b2fa0
Ignore empty repo for CreateRepository in action notifier (#29416) (#29424)
Backport #29416 by @yp05327

Fix #29415

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit c758a8afba85fe1847f4d1f5441f6c62b37517ae)
2024-03-10 18:06:30 +07:00
Earl Warren 84449e9288 Merge pull request '[BUG] prevent removing session cookie when redirect_uri query contains ://' (#2606) from oliverpool/forgejo:backport2590 into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2606
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-03-08 15:07:50 +00:00
Earl Warren 4696f4cefd Merge pull request 'Fix `/api/v1/{owner}/{repo}/issue_templates`' (#2605) from gusted/forgejo-bp-2292 into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2605
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-03-08 15:07:38 +00:00
oliverpool 3877a2332b implement fix 2024-03-07 22:43:38 +01:00
oliverpool 20bc8662b1 [BUG] prevent removing session cookie when redirect_uri query contains :// 2024-03-07 22:41:47 +01:00
Gergely Nagy 969d3f4410
Fix `/api/v1/{owner}/{repo}/issue_templates`
Backport of #2292

When issue templates were moved into services in
def4956122, the code was also refactored
and simplified. Unfortunately, that simplification broke the
`/api/v1/{owner}/{repo}/issue_templates` route, because it was
previously using a helper function that ignored invalid templates, and
after the refactor, the function it called *always* returned non-nil as
the second return value. This, in turn, results in the aforementioned
end point always returning an internal server error.

This change restores the previous behaviour of ignoring invalid files
returned by `issue.GetTemplatesFromDefaultBranch`, and adds a few test
cases to exercise the endpoint.

Other users of `GetTemplatesFromDefaultBranch` already ignore the second
return value, or handle it correctly, so no changes are necessary there.

Signed-off-by: Gergely Nagy <forgejo@gergo.csillger.hu>
(cherry picked from commit be8d16438a)
2024-03-07 21:50:27 +01:00
Earl Warren 6e877f02ab Merge pull request '[gitea] v1.21 cherry-pick' (#2566) from earl-warren/forgejo:wip-v1.21-gitea-cherry-pick into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2566
2024-03-06 05:50:42 +00:00
Earl Warren 812458206f Merge pull request 'Revert "[CI] pin go v1.21.8 version"' (#2570) from earl-warren/forgejo:wip-v1.21-ci-go-action into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2570
2024-03-06 05:09:16 +00:00
Earl Warren ded6e7a4b2
[SEMVER] 6.0.7+0-gitea-1.21.7 2024-03-06 13:05:29 +08:00
Giteabot 91a2d3ecc4
Add missing space (#29393) (#29399)
Backport #29393 by @KN4CK3R

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 0f35cb5a2a9ad3b1d78f9547148b594adc4bdabf)
2024-03-06 12:20:42 +08:00
Giteabot 40c3a1d2ea
enforce maxlength in frontend (#29389) (#29396)
Backport #29389 by @zokkis

Set maxlength attribute in frontend

to long file-name

![image](https://github.com/go-gitea/gitea/assets/72873130/15111614-55ab-4583-acb2-15c25997601d)

![image](https://github.com/go-gitea/gitea/assets/72873130/4105ddd8-4973-4da8-b3ab-4cfae1b45554)
(same for branch-name and commit-summary)

Co-authored-by: Tim-Niclas Oelschläger <72873130+zokkis@users.noreply.github.com>
(cherry picked from commit 0b3d6c399c88e42e827f422dc4c8458f0d20c613)
2024-03-06 12:20:42 +08:00
Lunny Xiao 2c802fc8f0
Display friendly error message (#29105) (#29363)
Backport #29105

`ctx.Error` only displays the text but `ctx.ServerError` renders the
usual error page.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit a1c0b3a02e54e5fe879dabccb71fba9498b64051)
2024-03-06 12:20:42 +08:00
Giteabot a28d6686fa
Fix validity of the FROM email address not being checked (#29347) (#29360)
Backport #29347 by @carlosfelgueiras

Fixes #27188.
Introduces a check on the installation that tries to parse the FROM
address. If it fails, shows a new error message to the user.

Co-authored-by: Carlos Felgueiras <carlosfelgueiras@tecnico.ulisboa.pt>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 35db5a373babd9af157fd63eeb20d6da53320b73)
2024-03-06 12:20:42 +08:00
Lunny Xiao e4d3067138
Fix project counter in organization/individual profile (#28068) (#29361)
Fix #28052
Backport #28068
Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/5f299983-4b38-4d68-ac0e-4be3c62c0558)

![image](https://github.com/go-gitea/gitea/assets/18380374/f0e12afd-483b-4882-80e9-0261beb3fe0c)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/47cccb7b-bb35-4a7d-9c5b-83133be0323a)

![image](https://github.com/go-gitea/gitea/assets/18380374/77825c0c-4bf2-4762-83a2-1a5a173cc22d)

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit 5043ad54c7a0d1dc6bf5f1caf21b4646ec9344d3)
2024-03-06 12:20:42 +08:00
Giteabot 8e2c991b35
Fix tarball/zipball download bug (#29342) (#29352)
Backport #29342 by @Zettat123

Fix #29249

~~Use the `/repos/{owner}/{repo}/archive/{archive}` API to download.~~

Apply #26430 to archive download URLs.

Co-authored-by: Zettat123 <zettat123@gmail.com>
(cherry picked from commit 829b807a91f9895e3f4b262f688a8d0d9a44caf6)
2024-03-06 12:20:42 +08:00
Giteabot 9da608abad
Don't show third-party JS errors in production builds (#29303) (#29333)
Backport #29303 by @silverwind

So we don't get issues like
https://github.com/go-gitea/gitea/issues/29080 and
https://github.com/go-gitea/gitea/issues/29273 any more. Only active in
[production
builds](https://webpack.js.org/guides/production/#specify-the-mode), in
non-production the errors will still show.

Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit 6ca8cb590d510c98610031675e0a316f95efaf61)
2024-03-06 12:20:42 +08:00
Giteabot c4ac72e6a0
Only log error when tag sync fails (#29295) (#29327)
Backport #29295 by @lunny

Fix #28843

This PR will bypass the pushUpdateTag to database failure when
syncAllTags. An error log will be recorded.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit b78f5fc60f510a58d58535af77c5b424a8b5a660)
2024-03-06 12:20:42 +08:00
Lunny Xiao 790a27f38a
Fix SSPI user creation (#28948) (#29323)
Fixes #28945
Backport #28948

Setting the avatar is wrong and creating a random password is equal to
leave it empty.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
(cherry picked from commit 7ea2ffaf166780b7786291f7ff022e3f5b49e8c2)
2024-03-06 12:20:42 +08:00
Earl Warren b837bd81d0
Revert "[CI] pin go v1.21.8 version"
This reverts commit e3698d8662.
2024-03-06 12:18:06 +08:00
Earl Warren 2a2b51c5f7 Merge pull request '[CI] pin go v1.21.8 version' (#2568) from earl-warren/forgejo:wip-v1.21-ci-go-action into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2568
2024-03-06 04:17:23 +00:00
techknowlogick e7448699f6
bump protobuf module (#29617)
(cherry picked from commit 06039bf0b7ec4dffe74ae323b8bbbbedec69d0c8)

Conflicts:
	go.mod
	go.sum
	trivial context conflict
2024-03-06 11:53:02 +08:00
Earl Warren e3698d8662
[CI] pin go v1.21.8 version
Because setup-go fails to pick it up.

Refs: https://github.com/actions/setup-go/issues/462
(cherry picked from commit d7aaefcea9d38ca50a96f34ff42efe954bce4acd)

Conflicts:
	.forgejo/workflows/build-release.yml
	.forgejo/workflows/cascade-setup-end-to-end.yml
	.forgejo/workflows/e2e.yml
	.forgejo/workflows/testing.yml
	trivial context conflict
2024-03-06 11:53:02 +08:00
Gusted 9196f0d618 Merge pull request '[BUG] Ensure `HasIssueContentHistory` takes into account `comment_id`' (#2535) from gusted/forgejo-bp-2518 into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2535
Reviewed-by: oliverpool <oliverpool@noreply.codeberg.org>
2024-03-01 15:19:38 +00:00
Gusted 8fb027fea5
[BUG] Ensure `HasIssueContentHistory` takes into account `comment_id`
- Backport of #2518
- The content history table contains the content history of issues and
comments. For issues they are saved with an comment id of zero.
- If you want to check if the issue has an content history, it should
take into account that SQL has `comment_id = 0`, as it otherwise could
return incorrect results when for example the issue already has an
comment that has an content history.
- Fix the code of `HasIssueContentHistory` to take this into account, it
relied on XORM to generate the SQL from the non-default values of the
struct, this wouldn't generate the `comment_id = 0` SQL as `0` is the
default value of an integer.
- Remove an unncessary log (it's not the responsibility of `models`
code to do logging).
- Adds unit test.
- Resolves #2513

(cherry picked from commit 331fa44956)
2024-03-01 15:48:42 +01:00
Gusted 5d5059f42c Merge pull request '[BUG] Correct changed files for codeowners' (#2519) from gusted/forgejo-bp-2507 into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2519
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-28 23:18:08 +00:00
Gusted 9b70caf798
[BUG] Correct changed files for codeowners
- Backport of #2507
- The CODEOWNER feature relies on the changed files to determine which
reviewers should be added according to the `CODEOWNER` file.
- The current approach was to 'diff' between the base and head branch,
which seems logical but fail in practice when the pull request is out of
date with the base branch. Therefore it should instead diff between the
head branch and the merge base of the head and base branch, so only the
actual affected files by the pull requests are used, the same approach
is used by the diff of an unmerged pull request.
- Add integration testing (for the feature as well).
- Resolves #2458

(cherry picked from commit fb2795b5bb)
2024-02-28 20:13:20 +01:00
Earl Warren ab67eb7d8a Merge pull request '[BUG] Remember topic only in repo search' (#2508) from gusted/forgejo-bp-2489 into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2508
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-28 10:20:12 +00:00
Gusted 9955e38fa2
[BUG] Remember topic only in repo search
- Backport of #2489
- If the user is searching repositories with an specific topic, adding
any other filter option, such as showing unrelevant repositories or
using another sort Forgejo should remember that 'topic only' was set.
- Adds integration test.
- Resolves #2461

(cherry picked from commit b4360d504c)
2024-02-27 23:37:26 +01:00
Gusted da9473cd4d Merge pull request '[BUG] Log FindRenamedBranch error' (#2468) from gusted/forgejo-fix-error into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2468
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-02-25 15:13:28 +00:00
Gusted 255b60931f
[BUG] Log FindRenamedBranch error
- Fix error string to add an `%v` verb to log the error correctly.
2024-02-25 15:40:18 +01:00
Earl Warren 031822b8fc Merge pull request '[SECURITY] Fix XSS vulnerabilities' (#2434) from earl-warren/forgejo:wip-v1.21-xss into v1.21/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/2434
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-02-22 15:03:20 +00:00
Gusted d3de80b9cc
[SECURITY] Test XSS in dismissed review
It's possible for reviews to not be assiocated with users, when they
were migrated from another forge instance. In the migration code,
there's no sanitization check for author names, so they could contain
HTML tags and thus needs to be properely escaped.

(cherry picked from commit ca798e4cc2)
2024-02-22 15:35:04 +01:00
Gusted fe2df46d05
[SECURITY] Fix XSS in dismissed review
- It's possible for reviews to not be assiocated with users, when they
were migrated from another forge instance. In the migration code,
there's no sanitization check for author names, so they could contain
HTML tags and thus needs to be properely escaped.
- Pass `$reviewerName` trough `Escape`.
2024-02-22 15:04:36 +01:00
Gusted 92dae3a387
[SECURITY] Test XSS in wiki last commit information
On the wiki and revisions page, information is shown about the last
commit that modified that wiki page. This includes the time it was last
edited and by whom. Verify it is sanitized.

(cherry picked from commit 565e331238)
2024-02-22 15:04:11 +01:00