Commit graph

17181 commits

Author SHA1 Message Date
Giteabot
62474c84cc
Fix swagger title (#28164) (#28167)
Backport #28164 by @yp05327

![image](https://github.com/go-gitea/gitea/assets/18380374/380859b2-a643-42fd-b53e-78c93c05c826)
Don't know why there's a `.` behind. 🤔

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit 994ba35f11)
2023-11-22 17:13:09 +01:00
Earl Warren
b0afde6d64
Revert "[BRANDING] Replace branding in Swagger"
This reverts commit 07fbe2ba69.
2023-11-22 17:12:37 +01:00
Giteabot
9078aef244
Fix the description about the default setting for action in quick start document (#28160) (#28168)
Backport #28160 by @yp05327

Since #27054, Actions are enabled by default. so we should also edit the
document. 😃

ps: I think this should be backport to 1.21.0.

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit 447422fe27)
2023-11-22 17:12:12 +01:00
Giteabot
c5bb91a9eb
Add guide page to actions when there's no workflows (#28145) (#28153)
Backport #28145 by @yp05327

Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/599d40c1-9b8d-4189-9286-c9c36fb780dd)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/848a73d1-aaec-478f-93a7-adcc7ee18907)

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit 9bfee5014b)
2023-11-22 17:12:12 +01:00
Giteabot
2f8672c4dc
Do not display search box when there's no packages yet (#28146) (#28159)
Backport #28146 by @yp05327

Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/3012f544-7ff5-4ccb-ac80-ce24d50abe97)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/4084312a-9ac0-4103-8c93-ea178ae24493)

![image](https://github.com/go-gitea/gitea/assets/18380374/3c47d175-0735-476d-8979-da2bc0a4fc95)

![image](https://github.com/go-gitea/gitea/assets/18380374/033c6a81-d1f7-4426-8063-5793d0b47462)

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit 7128929a0d)
2023-11-22 17:12:12 +01:00
Giteabot
40ded966ce
Fix no ActionTaskOutput table waring (#28149) (#28152)
Backport #28149 by @yp05327

Reproduce:
- Create a new Gitea instance
- Register a runner
- Create a repo and add a workflow
- Check the log, you will see warnings:

![image](https://github.com/go-gitea/gitea/assets/18380374/5f1278e0-114b-48bc-8113-8ba1404d9975)
It comes from:

![image](https://github.com/go-gitea/gitea/assets/18380374/c2807831-e137-4229-9536-87f6114c8a5b)

The reason is that we forgot registering `ActionTaskOutput` model.
So `action_table_output` table will be missing in your db.

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit efcbaf8fa8)
2023-11-22 17:12:12 +01:00
Giteabot
4da95b7cf7
Fix empty action run title (#28113) (#28148)
Backport #28113 by @lunny

Fix #27901

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit c997e90738)
2023-11-22 17:12:12 +01:00
Giteabot
2969745b0c
Use "is-loading" to avoid duplicate form submit for code comment (#28143) (#28147)
Backport #28143 by @wxiaoguang

Compare by ignoring spaces:
https://github.com/go-gitea/gitea/pull/28143/files?diff=split&w=1

When the form is going to be submitted, add the "is-loading" class to
show an indicator and avoid user UI events.

When the request finishes (success / error), remove the "is-loading"
class to make user can interact the UI.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit ffab076b72)
2023-11-22 17:12:12 +01:00
Giteabot
e627592402
Fix typo in packages.cleanup.success (#28133) (#28136)
Backport #28133 by @wolfogre

Follow
https://github.com/go-gitea/gitea/pull/28129#discussion_r1398971596

Co-authored-by: Jason Song <i@wolfogre.com>
(cherry picked from commit 117d9a117f)
2023-11-22 17:12:12 +01:00
Giteabot
70fcf38205
Add missing packages.cleanup.success (#28129) (#28132)
Backport #28129 by @wolfogre

Co-authored-by: Jason Song <i@wolfogre.com>
(cherry picked from commit f8c5f202b7)
2023-11-22 17:12:12 +01:00
John Olheiser
47ca0cd0c5
Update docs for docusaurus v3 (#28126)
Signed-off-by: jolheiser <john.olheiser@gmail.com>
(cherry picked from commit 7213506680)
2023-11-22 17:12:12 +01:00
Giteabot
b389926f4c
Fix Matrix and MSTeams nil dereference (#28089) (#28105)
Backport #28089 by @KN4CK3R

Fixes #28088
Fixes #28094

Added missing tests.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
(cherry picked from commit 1f82be6604)
2023-11-22 17:12:12 +01:00
Giteabot
c1595117ce
Change default size of attachments and repo files (#28100) (#28106)
Backport #28100 by @lng2020

https://github.com/go-gitea/gitea/pull/27946 forgets to change them in
code. Sorry about that.

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
(cherry picked from commit 56bedf2bcc)
2023-11-22 17:12:12 +01:00
Giteabot
9584a3619a
Fix incorrect pgsql conn builder behavior (#28085) (#28098)
Backport #28085 by @wxiaoguang

Fix #28083 and fix the tests

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit f7567f798d)
2023-11-22 17:12:12 +01:00
Giteabot
702ef8d12f
Fix permissions for Token DELETE endpoint to match GET and POST (#27610) (#28099)
Backport #27610 by @evantobin

Fixes #27598

In #27080, the logic for the tokens endpoints were updated to allow
admins to create and view tokens in other accounts. However, the same
functionality was not added to the DELETE endpoint. This PR makes the
DELETE endpoint function the same as the other token endpoints and adds
unit tests

Co-authored-by: Evan Tobin <me@evantob.in>
(cherry picked from commit 93ede4bc83)
2023-11-22 17:12:11 +01:00
Giteabot
1eb83ea8cc
Fix system config cache expiration timing (#28072) (#28090)
Backport #28072

To avoid unnecessary database access, the `cacheTime` should always be
set if the revision has been checked.

Fix #28057

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 9f63d27ec4)
2023-11-22 17:12:11 +01:00
Giteabot
c51dd2b4fd
Restricted users only see repos in orgs which their team was assigned to (#28025) (#28051)
Backport #28025 by @6543

---
*Sponsored by Kithara Software GmbH*

Co-authored-by: 6543 <m.huber@kithara.com>
(cherry picked from commit 073d8c50dd)
2023-11-22 17:12:11 +01:00
Denys Konovalov
e4b92a1d47
Add v1.21.0 changelog (#28005) (#28048)
Backport changelog for v1.21.0 as Giteabot doesn't seem to be in the
mood for it

---------

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
(cherry picked from commit bc6477b36b)
2023-11-22 17:12:11 +01:00
Giteabot
0e9243bd8f
Fix viewing wiki commit on empty repo (#28040) (#28044)
Backport #28040 by @JakobDev

Fixes https://codeberg.org/forgejo/forgejo/issues/1758

For some weird reason we need to cast this nil.

Co-authored-by: JakobDev <jakobdev@gmx.de>
(cherry picked from commit 124a9957d0)
2023-11-22 17:11:57 +01:00
Giteabot
1600b2c8ff
Add word break to the repo list in admin settings page (#28034) (#28035)
Backport #28034 by @yp05327

Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/ed464937-e20d-4f5b-b997-e86c2d96469d)

After:

![image](https://github.com/go-gitea/gitea/assets/18380374/471e77b3-516e-4ae9-b901-0cf8745eb9aa)

Co-authored-by: yp05327 <576951401@qq.com>
(cherry picked from commit d72e20627d)
2023-11-22 17:11:57 +01:00
Giteabot
ab609f3610
fixed duplicate attachments on dump on windows (#28019) (#28031)
Backport #28019 by @anudeepreddy

Hi,

This PR fixes #27988. The use of `path.join`(which uses `/` as the file
separator) to construct paths and comparing them with paths constructed
using `filepath.join`(which uses platform specific file separator) is
the root cause of this issue.

The desired behavior is to ignore attachments when dumping data
directory. Due to the what's mentioned above, the function
`addRecursiveExclude` is not actually ignoring the attachments directory
and is being written to the archive. The attachment directory is again
added to the archive (with different file separator as mentioned in the
issue) causing a duplicate entry on windows.

The solution is to use `filepath.join` in `addResursiveExclude` to
construct `currentAbsPath`.

Co-authored-by: Anudeep Reddy <anudeepc85@gmail.com>
(cherry picked from commit 00cd5ba6f4)
2023-11-22 17:11:57 +01:00
Giteabot
21a8fae8d6
Dont leak private users via extensions (#28023) (#28029)
Backport #28023 by @6543

there was no check in place if a user could see a other user, if you
append e.g. `.rss`

(cherry picked from commit eef4148935)
2023-11-22 17:11:57 +01:00
Giteabot
5770f694f5
Change default size of issue/pr attachments and repo file (#27946) (#28017)
Backport #27946 by @lng2020

As title. Some attachments and file sizes can easily be larger than
these limits

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
(cherry picked from commit d4122712f7)
2023-11-22 17:11:57 +01:00
Earl Warren
8869464c1d
Merge branch 'rebase-v1.21/forgejo-branding' into wip-v1.21-forgejo 2023-11-13 16:47:18 +01:00
Earl Warren
30a15784d4
Merge branch 'rebase-v1.21/forgejo-dependency' into wip-v1.21-forgejo 2023-11-13 16:47:12 +01:00
Earl Warren
2f84786d0c
Merge branch 'rebase-v1.21/forgejo-moderation' into wip-v1.21-forgejo 2023-11-13 16:47:07 +01:00
Earl Warren
13c05ade07
Merge branch 'rebase-v1.21/forgejo-i18n' into wip-v1.21-forgejo 2023-11-13 16:47:01 +01:00
Gusted
68dddcc6ff
[GITEA] Ignore temporary files for directory size
- Backport https://codeberg.org/forgejo/forgejo/pulls/1742
  - While looking trough the logs for unrelated things I noticed errors
for directory size calculations in `pushUpdates` that were being caused
by a race condition in which git was making temporary file,
`filepath.WalkDir` noticed that but by the time the second lstat
came(`info.Info()`) it was already gone and it would error.
  - Ignore temporary files created by Git.
  - There are other cases but much much more rarer and not trivial to detect.

Examples:

...s/repository/push.go:96:pushUpdates() [E] Failed to update size for repository: updateSize: lstat [...]/objects/info/commit-graphs/tmp_graph_Wcy9kR: no such file or directory
...s/repository/push.go:96:pushUpdates() [E] Failed to update size for repository: updateSize: lstat [...]/packed-refs.lock: no such file or directory

(cherry picked from commit 16ce00772d)
(cherry picked from commit 2aebef847f)
2023-11-13 14:06:32 +01:00
Gusted
9080bb1fdc
[GITEA] Fix required error for token name
- Say to the binding middleware which locale should be used for the
required error.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1683

(cherry picked from commit 64faeb6bef)
(cherry picked from commit c93dbe1a6a)
(cherry picked from commit 81fcaee761)
2023-11-13 14:06:32 +01:00
Gusted
0944b7a92a
[GITEA] Add repo empty check for branch feed
- If you attempted to get a branch feed on a empty repository, it would
result in a panic as the code expects that the branch exists.
- `context.RepoRefByType` would normally already 404 if the branch
doesn't exist, however if a repository is empty, it would not do this
check.
- Fix bug where `/atom/branch/*` would return a RSS feed.

(cherry picked from commit d27bcd98a4)
(cherry picked from commit 07916c8723)
(cherry picked from commit 2eedbe0c55)
(cherry picked from commit 3810d905c6)
2023-11-13 14:06:32 +01:00
Earl Warren
c6a572cc0b
[GITEA] Add anchor to review types (#26894)
- The review type '22' is a general comment type that is attached to
single codecomments, reviews with multiple comments or to simple approve
and request changes comment. This comment can be used to create a link
towards this action on an pull request.
- Adds an anchor to the review comment type, so that when its getting
linked to it, it actually jumps towards that event.
- This also now fixes the behavior that after you created a review you
will be redirected to that review and because this is an general comment
type other mails will also be 'fixed' such as the approved or request
changes.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1248

(cherry picked from commit 1741a5f1fe)

---------

Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: Caesar Schinas <caesar@caesarschinas.com>
(cherry picked from commit 89c9a498fd)
(cherry picked from commit a2e2ce79f4)
(cherry picked from commit 299e437379)
(cherry picked from commit 91a224ce2d)
(cherry picked from commit 3a89b23b3b)
2023-11-13 14:06:31 +01:00
Gusted
8d2dab94a6
[GITEA] rework long-term authentication
- The current architecture is inherently insecure, because you can
construct the 'secret' cookie value with values that are available in
the database. Thus provides zero protection when a database is
dumped/leaked.
- This patch implements a new architecture that's inspired from: [Paragonie Initiative](https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies).
- Integration testing is added to ensure the new mechanism works.
- Removes a setting, because it's not used anymore.

(cherry picked from commit eff097448b)

[GITEA] rework long-term authentication (squash) add migration

Reminder: the migration is run via integration tests as explained
in the commit "[DB] run all Forgejo migrations in integration tests"

(cherry picked from commit 4accf7443c)
(cherry picked from commit 99d06e344ebc3b50bafb2ac4473dd95f057d1ddc)
(cherry picked from commit d8bc98a8f0)
(cherry picked from commit 6404845df9)
(cherry picked from commit 72bdd4f3b9)
(cherry picked from commit 4b01bb0ce8)
(cherry picked from commit c26ac31816)
2023-11-13 14:06:31 +01:00
Grigory Kirillov
d7268d7266
[GITEA] convert feed items' titles to plain text
Refs: https://codeberg.org/forgejo/forgejo/pulls/1595

(cherry picked from commit 35b962e631)
(cherry picked from commit 1004e35b84)
(cherry picked from commit af51dd594d)
(cherry picked from commit 7fb66b4556)
(cherry picked from commit 0c409950f1)
(cherry picked from commit edf1cb72b4)
(cherry picked from commit d1e5d9d664)
2023-11-13 14:06:31 +01:00
Gusted
dd2414f226
[GITEA] Use maintained gziphandler
- https://github.com/NYTimes/gziphandler doesn't seems to be maintained
anymore and Forgejo already includes
https://github.com/klauspost/compress which provides a maintained and
faster gzip handler fork.
- Enables Jitter to prevent BREACH attacks, as this *seems* to be
possible in the context of Forgejo.

(cherry picked from commit cc2847241d)
(cherry picked from commit 99ba56a876)

Conflicts:
	go.sum
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 711638193d)
(cherry picked from commit 9c12a37fde)
(cherry picked from commit 91191aaaed)
(cherry picked from commit 72be417f84)
(cherry picked from commit 98497c84da)
(cherry picked from commit fba042adb5)
2023-11-13 14:06:31 +01:00
Gusted
7e15173c16
[GITEA] Use existing jsonschema library
- Use the 'existing' jsonschema library for the nodeinfo integration test.

(cherry picked from commit 73864840f2)
(cherry picked from commit da36df306b)

Conflicts:
	go.mod
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 2b4ab46d8e)

Conflicts:
	go.mod
	https://codeberg.org/forgejo/forgejo/pulls/1617
(cherry picked from commit 8064130344)
(cherry picked from commit ca32f14bc2)
(cherry picked from commit 6a4abb928f)
(cherry picked from commit 0059a44ae8)
(cherry picked from commit 8dc8451fd0)
2023-11-13 14:06:31 +01:00
Gusted
d6432cab25
[GITEA] Make atomic ssh keys replacement robust
- After stumbling upon https://github.com/golang/go/issues/22397 and
reading the implementations I realized that Forgejo code doesn't have
`Sync()` and it doesn't properly error handle the `Close` function.
- (likely) Resolves https://codeberg.org/forgejo/forgejo/issues/1446

(cherry picked from commit 0efcb334c2)
(cherry picked from commit 04ef02c0dd)
(cherry picked from commit 85f2065c9b)
(cherry picked from commit 8d36b5cce6)
(cherry picked from commit 0f406dc4d2)
(cherry picked from commit 347a2e7372)
(cherry picked from commit f6c04d6b86)
(cherry picked from commit cf8b64f937)
2023-11-13 14:06:31 +01:00
Gusted
a7a74706ec
[GITEA] Remove SSH workaround
- Update github.com/gliderlabs/ssh to include 02f9d57300.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1230

(cherry picked from commit 05a0fd8c9f)
(cherry picked from commit fcd68716a3)

Conflicts:
	go.mod
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit ff60267b91)
(cherry picked from commit cff3238a21)
(cherry picked from commit 93a3cc6bda)
(cherry picked from commit 213f1edbdc)
(cherry picked from commit c249b0b0aa)
(cherry picked from commit 43abe08aff)
2023-11-13 14:06:31 +01:00
Gusted
0d8478cff8
[GITEA] Drop sha256-simd in favor of stdlib
- In Go 1.21 the crypto/sha256 [got a massive
improvement](https://go.dev/doc/go1.21#crypto/sha256) by utilizing the
SHA instructions for AMD64 CPUs, which sha256-simd already was doing.
The performance is now on par and I think it's preferable to use the
standard library rather than a package when possible.

```
cpu: AMD Ryzen 5 3600X 6-Core Processor
                │  simd.txt   │               go.txt                │
                │   sec/op    │    sec/op     vs base               │
Hash/8Bytes-12    63.25n ± 1%    73.38n ± 1%  +16.02% (p=0.002 n=6)
Hash/64Bytes-12   98.73n ± 1%   105.30n ± 1%   +6.65% (p=0.002 n=6)
Hash/1K-12        567.2n ± 1%    572.8n ± 1%   +0.99% (p=0.002 n=6)
Hash/8K-12        4.062µ ± 1%    4.062µ ± 1%        ~ (p=0.396 n=6)
Hash/1M-12        512.1µ ± 0%    510.6µ ± 1%        ~ (p=0.485 n=6)
Hash/5M-12        2.556m ± 1%    2.564m ± 0%        ~ (p=0.093 n=6)
Hash/10M-12       5.112m ± 0%    5.127m ± 0%        ~ (p=0.093 n=6)
geomean           13.82µ         14.27µ        +3.28%

                │   simd.txt   │               go.txt                │
                │     B/s      │     B/s       vs base               │
Hash/8Bytes-12    120.6Mi ± 1%   104.0Mi ± 1%  -13.81% (p=0.002 n=6)
Hash/64Bytes-12   618.2Mi ± 1%   579.8Mi ± 1%   -6.22% (p=0.002 n=6)
Hash/1K-12        1.682Gi ± 1%   1.665Gi ± 1%   -0.98% (p=0.002 n=6)
Hash/8K-12        1.878Gi ± 1%   1.878Gi ± 1%        ~ (p=0.310 n=6)
Hash/1M-12        1.907Gi ± 0%   1.913Gi ± 1%        ~ (p=0.485 n=6)
Hash/5M-12        1.911Gi ± 1%   1.904Gi ± 0%        ~ (p=0.093 n=6)
Hash/10M-12       1.910Gi ± 0%   1.905Gi ± 0%        ~ (p=0.093 n=6)
geomean           1.066Gi        1.032Gi        -3.18%
```

(cherry picked from commit abd94ff5b5)
(cherry picked from commit 15e81637ab)

Conflicts:
	go.mod
	https://codeberg.org/forgejo/forgejo/pulls/1581
(cherry picked from commit 5caea2d75aeac78fb306f58a3cf7809d5b70c7f2)
(cherry picked from commit 08da542cce)
(cherry picked from commit d71a8cc9fb)
(cherry picked from commit 63c9fc2bee)
(cherry picked from commit e1db85d48a)
(cherry picked from commit 5e86a5d2d1)
2023-11-13 14:06:31 +01:00
rome-user
d3abb8a964
[GITEA] fix indentation in Maven package install instructions
The installation instructions of a Maven package places the `url` child
of the `repository` node in an extra indentation level. This indentation
is unnecesary since both the `id` and `url` nodes are direct children of
the `repository` node.

This commit removes the unnecessary indentation.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1534

(cherry picked from commit 82f0ddad7b)
(cherry picked from commit 905e546549)
(cherry picked from commit 4e58ab82b7)
(cherry picked from commit 2f207e7deb)
(cherry picked from commit c3552fb2be)
(cherry picked from commit 6c8e4d4fc9)
(cherry picked from commit a9f7fa924c)
(cherry picked from commit 4592a73f57)
2023-11-13 14:06:31 +01:00
Gusted
f9cdbb889a
[GITEA] Detect file rename and show in history
- Add a indication to the file history if the file has been renamed,
this indication contains a link to browse the history of the file
further.
- Added unit testing.
- Added integration testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1279

(cherry picked from commit 72c297521b)
(cherry picked from commit 283f964894)

Conflicts:
	options/locale/locale_en-US.ini
	https://codeberg.org/forgejo/forgejo/pulls/1550
(cherry picked from commit 7c30af7fde)
(cherry picked from commit f3be6eb269)
(cherry picked from commit 78e1755b94)
(cherry picked from commit 9f30b92009)
(cherry picked from commit bb694684a4)
(cherry picked from commit 721f0ccf3e)
(cherry picked from commit 6a6ec50130)

[GITEA] Detect file rename and show in history (squash) ctx.Locale

(cherry picked from commit 08698d747f)
2023-11-13 14:06:30 +01:00
Gusted
b39452fc1d
[GITEA] Skip unsupported code comment
- If there's a code comment that's received during the migration that
contains no diffhunk, skip it. This either means it was commenting on
old diffhunk or it's just a general codecomment. Forgejo supports
neither of such type of code comment.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1407

(cherry picked from commit ae463c7c55)
(cherry picked from commit bf48f02a86)
(cherry picked from commit 10c3f102fa)
(cherry picked from commit 828b4cc10c)
(cherry picked from commit 6427fa65b6)
(cherry picked from commit 5b7a43c43f)
(cherry picked from commit 49eb256648)
(cherry picked from commit 0be26ca144)
(cherry picked from commit c083236a58)
(cherry picked from commit 85738bc0a1)
2023-11-13 14:06:30 +01:00
Gusted
6836149d45
[GITEA] Fix issue card links on projects
- Don't expect that rendering is done on a repository, use the given
issue to figure out the repository link.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1321

(cherry picked from commit 63f16652ca)
(cherry picked from commit 821785d0af)
(cherry picked from commit 345742a0dc)
(cherry picked from commit 2a37b91d7c)
(cherry picked from commit 9d40b409d7)
(cherry picked from commit c4c377e733)
(cherry picked from commit 41f85e3bca)
(cherry picked from commit b5a2da8210)
(cherry picked from commit 3a01437704)
(cherry picked from commit a007f67f74)
2023-11-13 14:06:30 +01:00
Gusted
17e70e401c
[GITEA] Use restricted sanitizer for repository description
- Currently the repository description uses the same sanitizer as a
normal markdown document. This means that element such as heading and
images are allowed and can be abused.
- Create a minimal restricted sanitizer for the repository description,
which only allows what the postprocessor currently allows, which are
links and emojis.
- Added unit testing.
- Resolves https://codeberg.org/forgejo/forgejo/issues/1202
- Resolves https://codeberg.org/Codeberg/Community/issues/1122

(cherry picked from commit a8afa4cd18)
(cherry picked from commit 0238587c51)
(cherry picked from commit a8c7bbf728)
(cherry picked from commit 80e05a8245)
(cherry picked from commit f5af5050b3)
(cherry picked from commit 608f981e55)
(cherry picked from commit 6591867502)
(cherry picked from commit b7e6dedafd)
(cherry picked from commit 1cd196da49)
(cherry picked from commit 4c74fd4a04)
2023-11-13 14:06:30 +01:00
Gusted
e8b93e8de6
[GITEA] Tidy up archive modal
- Make it consistent with the other modals of the dangerous actions.

(cherry picked from commit 576d7ec759)
(cherry picked from commit 8b1225f974)
(cherry picked from commit c2c47972ee)
(cherry picked from commit eec301806b)
(cherry picked from commit 6b5e728f0a)
(cherry picked from commit 3681691e65)
(cherry picked from commit 0d6f131e21)
(cherry picked from commit 7ac510074b)
(cherry picked from commit 2d561205d2)
(cherry picked from commit dbb4737afe)

[GITEA] Tidy up archive modal (squash) ctx.Locale

(cherry picked from commit aa682a5f04)
2023-11-13 14:06:29 +01:00
Earl Warren
00c8b16b8c
[GITEA] enable system users for comment.LoadPoster
System users (Ghost, ActionsUser, etc) have a negative id and may be
the author of a comment, either because it was created by a now
deleted user or via an action using a transient token.

The GetPossibleUserByID function has special cases related to system
users and will not fail if given a negative id.

Refs: https://codeberg.org/forgejo/forgejo/issues/1425
(cherry picked from commit 97667e06b3)
(cherry picked from commit 8ef73a09c9)
(cherry picked from commit fa8a00d264)
(cherry picked from commit 2ada2074b5)
(cherry picked from commit f9a59b940a)
(cherry picked from commit cd82834043)
(cherry picked from commit 7fb032c240)
(cherry picked from commit 64438ff837)
(cherry picked from commit 8174592b29)
(cherry picked from commit 46d36555f9)
2023-11-13 14:06:29 +01:00
Earl Warren
e54348f67c
[GITEA] enable system users search via the API
Refs: https://codeberg.org/forgejo/forgejo/issues/1403
(cherry picked from commit 87bd40411e)

Conflicts:
	routers/api/v1/user/user.go
	https://codeberg.org/forgejo/forgejo/pulls/1469
(cherry picked from commit 74f70ca873)
(cherry picked from commit 673a75bb43)
(cherry picked from commit fcd4535ac6)
(cherry picked from commit 56b229f22e)
(cherry picked from commit 45b922ae76)
(cherry picked from commit 03805f3bf4)
(cherry picked from commit 16c67f70d5)
(cherry picked from commit 1b862a14ad)
(cherry picked from commit 4a5cdcf649)
2023-11-13 14:06:29 +01:00
Aravinth Manivannan
9acd6ff137
[GITEA] notifies admins on new user registration
Sends email with information on the new user (time of creation and time of last sign-in) and a link to manage the new user from the admin panel

closes: https://codeberg.org/forgejo/forgejo/issues/480

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/1371
Co-authored-by: Aravinth Manivannan <realaravinth@batsense.net>
Co-committed-by: Aravinth Manivannan <realaravinth@batsense.net>
(cherry picked from commit c721aa828b)
(cherry picked from commit 6487efcb9d)

Conflicts:
	modules/notification/base/notifier.go
	modules/notification/base/null.go
	modules/notification/notification.go
	https://codeberg.org/forgejo/forgejo/pulls/1422
(cherry picked from commit 7ea66ee1c5)

Conflicts:
	services/notify/notifier.go
	services/notify/notify.go
	services/notify/null.go
	https://codeberg.org/forgejo/forgejo/pulls/1469
(cherry picked from commit 7d2d997011)
(cherry picked from commit 435a54f140)
(cherry picked from commit 8ec7b3e448)

[GITEA] notifies admins on new user registration (squash) performance bottleneck

Refs: https://codeberg.org/forgejo/forgejo/issues/1479
(cherry picked from commit 97ac9147ff)
(cherry picked from commit 19f295c16b)
(cherry picked from commit 3367dcb2cf)

[GITEA] notifies admins on new user registration (squash) cosmetic changes

Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit 9f1670e040)
(cherry picked from commit de5bb2a224)
(cherry picked from commit 8f8e52f31a)
(cherry picked from commit e0d5130312)
(cherry picked from commit f1288d6d9b)
(cherry picked from commit f664f41658)
(cherry picked from commit e44e6c7e47)
(cherry picked from commit c0d958cc4c)
(cherry picked from commit a88baa5e48)

[GITEA] notifies admins on new user registration (squash) ctx.Locale

(cherry picked from commit 2f6329f693)
2023-11-13 14:06:27 +01:00
Earl Warren
df257aee22
[GITEA] [picture].*AVATAR_UPLOAD_PATH is legacy
(cherry picked from commit cb4cc01825)
(cherry picked from commit bef11d6131)
(cherry picked from commit 077b1c52b6)
(cherry picked from commit aff7aa0858)
(cherry picked from commit d2f8f6eacb)
(cherry picked from commit 476bd3c491)
(cherry picked from commit 2b39e973be)
(cherry picked from commit 822f25de53)
(cherry picked from commit ea4a31da3f)
(cherry picked from commit a066b3d24f)
(cherry picked from commit a5e05a53b2)
(cherry picked from commit b2ec269f4b)
2023-11-13 14:04:16 +01:00
Gusted
3715a6af2e
[GITEA] Use vertical tabs on issue filters
- This is actually https://github.com/go-gitea/gitea/pull/19978 &
https://github.com/go-gitea/gitea/pull/19486 but was removed in one of
the UI refactors of v1.20
- This is a very technical fix and is best explained in the CSS
comments. But the short version: When there's an overflow being set, but
you want an element to 'break out' of that overflow with `position:
absolute`, it sometimes doesn't work! You need to set some CSS to let
the browser know that the element needs to use an element outside of
that overflow as 'clip parent'.
- Resolves my internal frustration with the mobile UI constantly getting broken.

(cherry picked from commit 879f842bed)
(cherry picked from commit 6099c9b41b)
(cherry picked from commit 0749d00b16)
(cherry picked from commit ec6a5428a7)
(cherry picked from commit 9d0bee784d)
(cherry picked from commit 61d6ae4882)
(cherry picked from commit 8b3f3639b6)
(cherry picked from commit 2c600ddb2c)
(cherry picked from commit 960a9786ef)
(cherry picked from commit b194354c3b)
(cherry picked from commit 4f00fa1046)
(cherry picked from commit 1016f7e71a)
(cherry picked from commit 9a1a59a998)
(cherry picked from commit 39563c5c84)
2023-11-13 14:04:16 +01:00
Gusted
0418c19287
[GITEA] Add slow SQL query warning
- Databases are one of the most important parts of Forgejo, every
interaction with Forgejo uses the database in one way or another.
Therefore, it is important to maintain the database and recognize when
Forgejo is not doing well with the database. Forgejo already has the
option to log *every* SQL query along with its execution time, but
monitoring becomes impractical for larger instances and takes up
unnecessary storage in the logs.
- Add a QoL enhancement that allows instance administrators to specify a
threshold value beyond which query execution time is logged as a warning
in the xorm logger. The default value is a conservative five seconds to
avoid this becoming a source of spam in the logs.
- The use case for this patch is that with an instance the size of Codeberg, monitoring SQL logs is not very fruitful and most of them are uninteresting. Recently, in the context of persistent deadlock issues (https://codeberg.org/forgejo/forgejo/issues/220), I have noticed that certain queries hold locks on tables like comment and issue for several seconds. This patch helps to identify which queries these are and when they happen.
- Added unit test.

(cherry picked from commit 24bbe7886f)
(cherry picked from commit 6e29145b3c)
(cherry picked from commit 63731e3071)
(cherry picked from commit 3ce1a09736)
(cherry picked from commit a64426907d)
(cherry picked from commit 4b19215691)
(cherry picked from commit e635674435)
(cherry picked from commit 9cf501f1af)
(cherry picked from commit 0d6b934eba)
(cherry picked from commit 4b6c273879)
(cherry picked from commit b50517139c)
(cherry picked from commit 6546dd1fc9)
(cherry picked from commit 3eda6890e6)

[GITEA] Add slow SQL query warning (squash) document the setting

(cherry picked from commit ce38599c51)
(cherry picked from commit 794aa67c68)
(cherry picked from commit 8227673deb)
(cherry picked from commit 8854d1d4dd)
(cherry picked from commit 9121a0e21f)
(cherry picked from commit 41bae2e425)
2023-11-13 14:04:16 +01:00