Commit Graph

4541 Commits

Author SHA1 Message Date
wxiaoguang
81ec66c257
Fix submodule parsing (#32571) (#32577)
A quick fix for #32568
Partially backport from #32571
2024-11-21 10:32:19 +08:00
wxiaoguang
578c02d652
Improve some sanitizer rules (#32534)
This is a backport-only fix for 1.22

1.23 has a proper fix #32533
2024-11-18 03:42:30 +00:00
wxiaoguang
ef339713c2
Refactor internal routers (partial backport, auth token const time comparing) (#32473) (#32479)
Partially backport #32473. LFS related changes are not in 1.22, so skip
them.

1. Ignore non-existing repos during migrations
2. Improve ReadBatchLine's comment
3. Use `X-Gitea-Internal-Auth` header for internal API calls and make
the comparing constant time (it wasn't a serous problem because in a
real world it's nearly impossible to timing-attack the token, but indeed
security related and good to fix and backport)
4. Fix route mock nil check
2024-11-13 10:26:37 +08:00
Giteabot
b48df1082e
cargo registry - respect renamed dependencies (#32430) (#32478)
Backport #32430 by usbalbin

Co-authored-by: Albin Hedman <albin9604@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-12 03:26:26 +00:00
Lunny Xiao
7430d069b3
Fix created_unix for mirroring (#32342) (#32406)
Fix #32233
Backport #32342
2024-11-05 11:43:30 +08:00
Zettat123
898f852d03
Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) (#32397)
Backport #32365

Fix #28121

I did some tests and found that the `missing signature key` error is
caused by an incorrect `Content-Type` header. Gitea correctly sets the
`Content-Type` header when serving files.


348d1d0f32/routers/api/packages/container/container.go (L712-L717)
However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may
be set to an incorrect value by the storage service. To fix this issue,
we can use query parameters to override response header values.

https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html <img
width="600px"

src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555"
/>

In this PR, I introduced a new parameter to the `URL` method to support
additional parameters.

```
URL(path, name string, reqParams url.Values) (*url.URL, error)
```
2024-11-01 03:53:59 +00:00
Giteabot
361221c531
Fixed race condition when deleting documents by repoId in ElasticSearch (#32185) (#32188)
Backport #32185 by @bsofiato

Resolves #32184

Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>
Co-authored-by: Bruno Sofiato <bruno.sofiato@gmail.com>
2024-10-03 16:33:26 +00:00
Giteabot
634454c48c
Fix wrong status of Set up Job when first step is skipped (#32120) (#32125)
Backport #32120 by @yp05327

Fix #32089

Co-authored-by: yp05327 <576951401@qq.com>
2024-09-25 10:19:35 +08:00
Giteabot
af0cab23ea
Fix wrong last modify time (#32102) (#32104)
Backport #32102 by @lunny

Fix #31930 and more places which use `http.TimeFormat` wrongly.
`http.TimeFormat` requires a UTC time. refer to
https://pkg.go.dev/net/http#TimeFormat

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-22 19:12:57 +00:00
Giteabot
73066e3f97
Add bin to Composer Metadata (#32099) (#32106)
Backport #32099 by @maantje

This PR addresses the missing `bin` field in Composer metadata, which
currently causes vendor-provided binaries to not be symlinked to
`vendor/bin` during installation.

In the current implementation, running `composer install` does not
publish the binaries, leading to issues where expected binaries are not
available.

By properly declaring the `bin` field, this PR ensures that binaries are
correctly symlinked upon installation, as described in the [Composer
documentation](https://getcomposer.org/doc/articles/vendor-binaries.md).

Co-authored-by: Jamie Schouten <j4mie@hey.com>
2024-09-22 18:42:02 +00:00
Giteabot
2831ae369e
Lazy load avatar images (#32051) (#32063)
Backport #32051 by @hiifong

Before:

https://github.com/user-attachments/assets/7b1681ba-4781-432a-ae20-c07e94c1dbb6

After:

https://github.com/user-attachments/assets/5154e160-e22c-460e-b0d9-28768486c178

Co-authored-by: hiifong <i@hiif.ong>
2024-09-18 16:52:44 +08:00
Giteabot
0629c08a6d
Support allowed hosts for migrations to work with proxy (#32025) (#32026)
Backport #32025 by @wolfogre

Fix #32024. Follow #27655.

After this PR, all usage of "new dial context" needs to provide a proxy,
so I dropped the old `NewDialContext` and renamed
`NewDialContextWithProxy` to `NewDialContext`.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-09-11 14:54:19 +08:00
Giteabot
54d828f8ec
Increase cacheContextLifetime to reduce false reports (#32011) (#32023)
Backport #32011 by @wolfogre

Replace #32001.

To prevent the context cache from being misused for long-term work
(which would result in using invalid cache without awareness), the
context cache is designed to exist for a maximum of 10 seconds. This
leads to many false reports, especially in the case of slow SQL.

This PR increases it to 5 minutes to reduce false reports.

5 minutes is not a very safe value, as a lot of changes may have
occurred within that time frame. However, as far as I know, there has
not been a case of misuse of context cache discovered so far, so I think
5 minutes should be OK.

Please note that after this PR, if warning logs are found again, it
should get attention, at that time it can be almost 100% certain that it
is a misuse.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-09-11 11:14:40 +08:00
Giteabot
f7f4256c82
Use forum.gitea.com instead of old URL (#31989) (#31992)
Backport #31989 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-07 03:47:23 +08:00
Lunny Xiao
d3b0bc22c0
Fix index too many file names bug (#31903) (#31953)
Try to fix #31884
Fix #28584 
Backport #31903
2024-09-03 01:15:30 +00:00
Lunny Xiao
d9c65c9a52
Upgrade bleve to 2.4.2 (#31894)
backport #31762
2024-08-21 05:13:59 +00:00
Giteabot
e536d18fe5
Refactor the usage of batch catfile (#31754) (#31889)
Backport #31754 by @lunny

When opening a repository, it will call `ensureValidRepository` and also
`CatFileBatch`. But sometimes these will not be used until repository
closed. So it's a waste of CPU to invoke 3 times git command for every
open repository.

This PR removed all of these from `OpenRepository` but only kept
checking whether the folder exists. When a batch is necessary, the
necessary functions will be invoked.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-21 01:55:14 +08:00
Giteabot
3fe1f73268
Fix raw wiki links (#31825) (#31845)
Backport #31825 by @Zettat123

Fix #31395

This regression is introduced by #30273. To find out how GitHub handles
this case, I did [some
tests](https://github.com/go-gitea/gitea/issues/31395#issuecomment-2278929115).

I use redirect in this PR instead of checking if the corresponding `.md`
file exists when rendering the link because GitHub also uses redirect.
With this PR, there is no need to resolve the raw wiki link when
rendering a wiki page. If a wiki link points to a raw file, access will
be redirected to the raw link.

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-17 03:19:26 +00:00
Giteabot
144648a4af
Fix IsObjectExist with gogit (#31790) (#31806)
Backport #31790 by @wolfogre

Fix #31271.

When gogit is enabled, `IsObjectExist` calls
`repo.gogitRepo.ResolveRevision`, which is not correct. It's for
checking references not objects, it could work with commit hash since
it's both a valid reference and a commit object, but it doesn't work
with blob objects.

So it causes #31271 because it reports that all blob objects do not
exist.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-09 15:43:23 +08:00
Giteabot
8d11946d67
Fix protected branch files detection on pre_receive hook (#31778) (#31796)
Backport #31778 by @lunny

Fix #31738

When pushing a new branch, the old commit is zero. Most git commands
cannot recognize the zero commit id. To get the changed files in the
push, we need to get the first diverge commit of this branch. In most
situations, we could check commits one by one until one commit is
contained by another branch. Then we will think that commit is the
diverge point.

And in a pre-receive hook, this will be more difficult because all
commits haven't been merged and they actually stored in a temporary
place by git. So we need to bring some envs to let git know the commit
exist.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-08 03:08:30 +00:00
Giteabot
27e4b316f1
Add TAGS to TEST_TAGS and fix bugs found with gogit (#31791) (#31795)
Backport #31791 by @wolfogre

Found at
https://github.com/go-gitea/gitea/pull/31790#issuecomment-2272898915

`unit-tests-gogit` never work since the workflow set `TAGS` with
`gogit`, but the Makefile use `TEST_TAGS`.

<img width="690" alt="image"
src="https://github.com/user-attachments/assets/fb68df49-952b-42b9-8438-44200cefff43">


![image](https://github.com/user-attachments/assets/78ff88c7-3b5f-4d50-9c58-e607bf7b1a71)

This PR adds the values of `TAGS` to `TEST_TAGS`, ensuring that setting
`TAGS` is always acceptable and avoiding confusion about which one
should be set.

After this PR:

<img width="714" alt="image"
src="https://github.com/user-attachments/assets/54cc7f38-d95b-4dbc-a87c-daba63462b86">

Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-07 15:58:09 +00:00
Giteabot
6203ae764a
Distinguish LFS object errors to ignore missing objects during migration (#31702) (#31745)
Backport #31702 by @wolfogre

Fix #31137.

Replace #31623 #31697.

When migrating LFS objects, if there's any object that failed (like some
objects are losted, which is not really critical), Gitea will stop
migrating LFS immediately but treat the migration as successful.

This PR checks the error according to the [LFS api
doc](https://github.com/git-lfs/git-lfs/blob/main/docs/api/batch.md#successful-responses).

> LFS object error codes should match HTTP status codes where possible:
> 
> - 404 - The object does not exist on the server.
> - 409 - The specified hash algorithm disagrees with the server's
acceptable options.
> - 410 - The object was removed by the owner.
> - 422 - Validation error.

If the error is `404`, it's safe to ignore it and continue migration.
Otherwise, stop the migration and mark it as failed to ensure data
integrity of LFS objects.

And maybe we should also ignore others errors (maybe `410`? I'm not sure
what's the difference between "does not exist" and "removed by the
owner".), we can add it later when some users report that they have
failed to migrate LFS because of an error which should be ignored.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-07-31 23:06:37 +08:00
Giteabot
60267859fc
Properly filter issue list given no assignees filter (#31522) (#31685)
Backport #31522 by @kemzeb

Quick fix #31520. This issue is related to #31337.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-07-24 15:55:21 +08:00
Giteabot
6486c8b7b3
Fix slow patch checking with commits that add or remove many files (#31548) (#31560)
Backport #31548 by @brechtvl

Running git update-index for every individual file is slow, so add and
remove everything with a single git command.

When such a big commit lands in the default branch, it could cause PR
creation and patch checking for all open PRs to be slow, or time out
entirely. For example, a commit that removes 1383 files was measured to
take more than 60 seconds and timed out. With this change checking took
about a second.

This is related to #27967, though this will not help with commits that
change many lines in few files.

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2024-07-05 11:24:01 +02:00
rayden84
50ecae7357
remove typo (#31524) 2024-06-29 15:54:15 +00:00
Giteabot
be302f3025
Support relative paths to videos from Wiki pages (#31061) (#31453)
Backport #31061 by @sergeyvfx

This change fixes cases when a Wiki page refers to a video stored in the
Wiki repository using relative path. It follows the similar case which
has been already implemented for images.

Test plan:
- Create repository and Wiki page
- Clone the Wiki repository
- Add video to it, say `video.mp4`
- Modify the markdown file to refer to the video using `<video
src="video.mp4">`
- Commit the Wiki page
- Observe that the video is properly displayed

Co-authored-by: Sergey Sharybin <sergey.vfx@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-22 00:03:31 +03:00
Giteabot
7fbcc58062
Fix markdown math brackets render problem (#31420) (#31430)
Backport #31420 by charles7668

Co-authored-by: charles <30816317+charles7668@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-20 17:45:08 +08:00
Giteabot
05f32114d1
Increase max length of org team names from 30 to 255 characters (#31410) (#31421)
Backport #31410 by tobiasbp

This PR modifies the structs for editing and creating org teams to allow
team names to be up to 255 characters. The previous maximum length was
30 characters.

Co-authored-by: Tobias Balle-Petersen <tobias.petersen@unity3d.com>
2024-06-20 01:27:13 +00:00
wxiaoguang
042e9fcd81
Fix rendered wiki page link (#31398) (#31407)
Backport #31398

Fix #31395
2024-06-19 11:23:24 +08:00
Lunny Xiao
a9d1e4311e
Fix bug filtering issues which have no project (#31337) (#31367) 2024-06-17 10:23:15 +00:00
Giteabot
ed0fc0ec46
Fix natural sort (#31384) (#31394)
Backport #31384 by wxiaoguang

Fix #31374

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-17 07:41:47 +00:00
wxiaoguang
fa307167f9
Fix missing images in editor preview due to wrong links (#31299) (#31393)
Backport #31299

Parse base path and tree path so that media links can be correctly
created with /media/.

Resolves #31294

---------

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2024-06-17 15:07:21 +08:00
wxiaoguang
52925e9c7c
Fix duplicate sub-path for avatars (#31365) (#31368)
Backport #31365, only backport necessary changes.
2024-06-15 03:44:44 +00:00
wxiaoguang
cdd057c7a3
Backport Iif (#31353) 2024-06-13 14:52:34 +08:00
Giteabot
6ca70c5bf2
Fix hash render end with colon (#31319) (#31346)
Backport #31319 by @lunny

Fix a hash render problem like `<hash>: xxxxx` which is usually used in
release notes.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-06-13 01:14:49 +00:00
Giteabot
568ff1015b
Fix adopt repository has empty object name in database (#31333) (#31335)
Backport #31333 by @lunny

Fix #31330
Fix #31311

A workaround to fix the old database is to update object_format_name to
`sha1` if it's empty or null.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-06-12 15:59:54 +00:00
Giteabot
758f84f33e
Fix #31185 try fix lfs download from bitbucket failed (#31201) (#31329)
Backport #31201 by @Zoupers

Fix #31185

Co-authored-by: Zoupers Zou <1171443643@qq.com>
2024-06-12 02:34:37 +03:00
Giteabot
3fcf865a4b
Delete legacy cookie before setting new cookie (#31306) (#31317)
Backport #31306 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-11 05:57:51 +00:00
Giteabot
1dc8a66074
Remove sub-path from container registry realm (#31293) (#31300)
Backport #31293 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-10 12:04:49 +08:00
Giteabot
1c1c2d36e8
Make blockquote attention recognize more syntaxes (#31240) (#31250)
Backport #31240 by wxiaoguang

Fix #31214

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-04 16:03:01 +00:00
Giteabot
5136c879c2
Make pasted "img" tag has the same behavior as markdown image (#31235) (#31243)
Backport #31235 by wxiaoguang

Fix #31230

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-06-04 13:26:55 +00:00
Giteabot
b6280f4d21
Split sanitizer functions and fine-tune some tests (#31192) (#31200)
Backport #31192 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-31 13:54:14 +00:00
Giteabot
b0981f6509
Fix missing memcache import (#31105) (#31109)
Backport #31105 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-27 14:23:47 +00:00
Giteabot
1171b24d52
Make gitea webhooks openproject compatible (#28435) (#31081)
Backport #28435 by Chief-Detektor

Co-authored-by: André Rosenhammer <andre.rosenhammer@gmail.com>
2024-05-26 12:53:42 +08:00
Giteabot
7d56ee3c0f
Support setting the default attribute of the issue template dropdown field (#31045) (#31059)
Backport #31045 by @Zettat123

Fix #31044

According to [GitHub issue template
documentation](https://docs.github.com/en/communities/using-templates-to-encourage-useful-issues-and-pull-requests/syntax-for-githubs-form-schema#attributes-for-dropdown),
the `default` attribute can be used to specify the preselected option
for a dropdown field.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-05-24 11:01:09 +08:00
Giteabot
55cb356b84
Refactor sha1 and time-limited code (#31023) (#31030)
Backport #31023 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-21 00:58:21 +08:00
Giteabot
a798a1eb17
Fix project column title overflow (#31011) (#31025)
Backport #31011 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-20 06:17:21 +00:00
Giteabot
a58498cc43
Improve reverse proxy documents and clarify the AppURL guessing behavior (#31003) (#31020)
Backport #31003 by wxiaoguang

Fix #31002

1. Mention Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea
2. Clarify the basic requirements and move the "general configuration" to the top
3. Add a comment for the "container registry"
4. Use 1.21 behavior if the reverse proxy is not correctly configured

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-19 15:22:54 +00:00
Giteabot
8eac16de21
Simplify mirror repository API logic (#30963) (#31009)
Backport #30963 by wxiaoguang

Fix #30921

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-18 08:26:20 +00:00
Giteabot
5b7e54f72f
Always load or generate oauth2 jwt secret (#30942) (#30978)
Backport #30942 by @wxiaoguang

 Fix #30923

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-14 15:00:38 +00:00