Commit Graph

4581 Commits

Author SHA1 Message Date
Giteabot
0f834f052b
Allow set branch protection in an empty repository (#32095) (#32119)
Backport #32095 by @lunny

Resolve #32093

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-24 11:42:52 +09:00
Giteabot
d5d5fb1925
Fix Bug in Issue/pulls list (#32081) (#32115) 2024-09-24 01:26:10 +00:00
Giteabot
1f8cbbab3d
Fix rename branch permission bug (#32066) (#32108)
Backport #32066 by @lunny

The previous implementation requires admin permission to rename branches
which should be write permission.

Fix #31993

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-22 19:43:13 +00:00
Giteabot
af0cab23ea
Fix wrong last modify time (#32102) (#32104)
Backport #32102 by @lunny

Fix #31930 and more places which use `http.TimeFormat` wrongly.
`http.TimeFormat` requires a UTC time. refer to
https://pkg.go.dev/net/http#TimeFormat

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-22 19:12:57 +00:00
Giteabot
919b82461a
Fix incorrect /tokens api (#32085) (#32092)
Backport #32085 by @KN4CK3R

Fixes #32078

- Add missing scopes output.
- Disallow empty scope.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-09-22 18:02:09 +00:00
wxiaoguang
2891edbbcb
Refactor CSRF protector (#32057) (#32069)
#32057 improves the CSRF handling and is worth to backport
2024-09-18 17:02:45 +00:00
Giteabot
e6395e1e81
Handle invalid target when creating releases using API (#31841) (#32043)
Backport #31841 by @kemzeb

A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on #31840.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-09-17 02:23:40 +00:00
Giteabot
3d7d0c36e7
Check if the due_date is nil when editing issues (#32035) (#32042)
Backport #32035 by @Zettat123

Fix #32030

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-09-15 01:31:34 +08:00
Lunny Xiao
30d989d411
Fix container parallel upload bugs (#32022)
This PR should be replaced by #31860 in v1.23. The aim of creating this
PR is to fix it in 1.22 because globallock hasn't been introduced.

Fix #27640
Fix #29563
Fix #31215
2024-09-12 03:11:03 +00:00
Giteabot
b39aa8528b
Fix nuget/conan/container packages upload bugs (#31967) (#31982)
Backport #31967 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-09-05 07:34:41 +00:00
Lunny Xiao
9c990ac043
Add lock for parallel maven upload (#31954)
Backport #31851 
Fix #30171
2024-09-03 14:33:28 +08:00
yp05327
cc1520221a
Fix sort order for organization home and user profile page (#31921) (#31922)
Backport #31921
2024-09-02 07:58:18 +00:00
Giteabot
b5500cded1
Fix 500 error when state params is set when editing issue/PR by API (#31880) (#31952)
Backport #31880 by @yp05327

A quick fix for #31871

Co-authored-by: yp05327 <576951401@qq.com>
2024-09-01 18:38:10 +00:00
Giteabot
1d98d4e69a
Fix search team (#31923) (#31942)
Backport #31923 by @lunny

Fix #20658

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-30 00:05:21 +08:00
Lunny Xiao
e060ae88e5
Don't return 500 if mirror url contains special chars (#31859) (#31895)
Backport #31859
2024-08-22 00:10:50 +08:00
Giteabot
0affb5c775
add CfTurnstileSitekey context data to all captcha templates (#31874) (#31876)
Backport #31874 by @bohde

In the OpenID flows, the "CfTurnstileSitekey" wasn't populated, which
caused those flows to fail if using Turnstile as the Captcha
implementation.

This adds the missing context variables, allowing Turnstile to be used
in the OpenID flows.

Co-authored-by: Rowan Bohde <rowan.bohde@gmail.com>
2024-08-20 14:45:08 +00:00
Giteabot
3fe1f73268
Fix raw wiki links (#31825) (#31845)
Backport #31825 by @Zettat123

Fix #31395

This regression is introduced by #30273. To find out how GitHub handles
this case, I did [some
tests](https://github.com/go-gitea/gitea/issues/31395#issuecomment-2278929115).

I use redirect in this PR instead of checking if the corresponding `.md`
file exists when rendering the link because GitHub also uses redirect.
With this PR, there is no need to resolve the raw wiki link when
rendering a wiki page. If a wiki link points to a raw file, access will
be redirected to the raw link.

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-17 03:19:26 +00:00
Giteabot
1cf8f69b38
Avoid returning without written ctx when posting PR (#31843) (#31848)
Backport #31843 by @wolfogre

Fix #31625.

If `pull_service.NewPullRequest` return an error which misses each `if`
check, `CompareAndPullRequestPost` will return immediately, since it
doesn't write the HTTP response, a 200 response with empty body will be
sent to clients.

```go
	if err := pull_service.NewPullRequest(ctx, repo, pullIssue, labelIDs, attachments, pullRequest, assigneeIDs); err != nil {
		if repo_model.IsErrUserDoesNotHaveAccessToRepo(err) {
			ctx.Error(http.StatusBadRequest, "UserDoesNotHaveAccessToRepo", err.Error())
		} else if git.IsErrPushRejected(err) {
			// ...
			ctx.JSONError(flashError)
		} else if errors.Is(err, user_model.ErrBlockedUser) {
			// ...
			ctx.JSONError(flashError)
		} else if errors.Is(err, issues_model.ErrMustCollaborator) {
			// ...
			ctx.JSONError(flashError)
		}
		return
	}
```

Not sure what kind of error can cause it to happen, so this PR just
expose it. And we can fix it when users report that creating PRs failed
with error responses.

It's all my guess since I cannot reproduce the problem, but even if it's
not related, the code here needs to be improved.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-16 13:50:12 -04:00
Giteabot
771fb453a1
Add missing repository type filter parameters to pager (#31832) (#31837)
Backport #31832 by @yp05327

Fix #31807

ps: the newly added params's value will be changed.
When the first time you selected the filter, the values of params will
be `0` or `1`
But in pager it will be `true` or `false`.
So do we have `boolToInt` function?

Co-authored-by: yp05327 <576951401@qq.com>
2024-08-16 20:41:45 +08:00
Giteabot
a39fe53252
Show lock owner instead of repo owner on LFS setting page (#31788) (#31817)
Backport #31788 by @wolfogre

Fix #31784.

Before:

<img width="1648" alt="image"
src="https://github.com/user-attachments/assets/03f32545-4a85-42ed-bafc-2b193a5d8023">

After:

<img width="1653" alt="image"
src="https://github.com/user-attachments/assets/e5bcaf93-49cb-421f-aac1-5122bc488b02">

Co-authored-by: Jason Song <i@wolfogre.com>
2024-08-11 15:17:34 +00:00
Bo-Yi Wu
e563297c34
fix(api): owner ID should be zero when created repo secret (#31715) (#31811)
- Change condition to include `RepoID` equal to 0 for organization
secrets

Backport https://github.com/go-gitea/gitea/pull/31715 by @appleboy

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2024-08-10 00:21:51 +08:00
Giteabot
8d11946d67
Fix protected branch files detection on pre_receive hook (#31778) (#31796)
Backport #31778 by @lunny

Fix #31738

When pushing a new branch, the old commit is zero. Most git commands
cannot recognize the zero commit id. To get the changed files in the
push, we need to get the first diverge commit of this branch. In most
situations, we could check commits one by one until one commit is
contained by another branch. Then we will think that commit is the
diverge point.

And in a pre-receive hook, this will be more difficult because all
commits haven't been merged and they actually stored in a temporary
place by git. So we need to bring some envs to let git know the commit
exist.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-08 03:08:30 +00:00
Giteabot
82003a3b47
Fix wiki revision pagination (#31760) (#31772)
Backport #31760 by @lunny

Fix #31755

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-08-04 10:45:41 +08:00
Giteabot
8591c918f6
Fix the display of project type for deleted projects (#31732) (#31734)
Backport #31732 by @yp05327

Fix: #31727
After:

![image](https://github.com/user-attachments/assets/1dfb4b31-3bd6-47f7-b126-650f33f453e2)

Co-authored-by: yp05327 <576951401@qq.com>
2024-07-30 14:05:14 +08:00
Giteabot
ec467c344f
Set owner id to zero when GetRegistrationToken for repo (#31725) (#31729)
Backport #31725 by @wolfogre

Fix #31707.

It's split from #31724.

Although #31724 could also fix #31707, it has change a lot so it's not a
good idea to backport it.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-07-30 09:57:43 +08:00
Giteabot
7b37f77f1a
Fix API endpoint for registration-token (#31722) (#31728)
Backport #31722 by @wolfogre

Partially fix #31707. Related to #30656.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-07-29 21:15:07 +03:00
yp05327
d3f0867204
Add permission check when creating PR (#31033) (#31720)
Backport #31033

user should be a collaborator of the base repo to create a PR
2024-07-29 14:11:29 +08:00
wxiaoguang
042e9fcd81
Fix rendered wiki page link (#31398) (#31407)
Backport #31398

Fix #31395
2024-06-19 11:23:24 +08:00
wxiaoguang
fa307167f9
Fix missing images in editor preview due to wrong links (#31299) (#31393)
Backport #31299

Parse base path and tree path so that media links can be correctly
created with /media/.

Resolves #31294

---------

Co-authored-by: Brecht Van Lommel <brecht@blender.org>
2024-06-17 15:07:21 +08:00
Giteabot
3f44844244
Allow downloading attachments of draft releases (#31369) (#31380)
Backport #31369 by Zettat123

Fix #31362

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-06-16 20:55:14 +08:00
wxiaoguang
52925e9c7c
Fix duplicate sub-path for avatars (#31365) (#31368)
Backport #31365, only backport necessary changes.
2024-06-15 03:44:44 +00:00
Giteabot
b1ad8ccb73
Reduce memory usage for chunked artifact uploads to MinIO (#31325) (#31338)
Backport #31325 by @bohde

When using the MinIO storage driver for Actions Artifacts, we found that
the chunked artifact required significantly more memory usage to both
upload and merge than the local storage driver. This seems to be related
to hardcoding a value of `-1` for the size to the MinIO client [which
has a warning about memory usage in the respective
docs](https://pkg.go.dev/github.com/minio/minio-go/v7#Client.PutObject).
Specifying the size in both the upload and merge case reduces memory
usage of the MinIO client.

Co-authored-by: Rowan Bohde <rowan.bohde@gmail.com>
Co-authored-by: Kyle D <kdumontnu@gmail.com>
2024-06-12 16:25:46 +02:00
Giteabot
1dc8a66074
Remove sub-path from container registry realm (#31293) (#31300)
Backport #31293 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-10 12:04:49 +08:00
Giteabot
c07416b3d0
Fix Activity Page Contributors dropdown (#31264) (#31269)
Backport #31264 by wxiaoguang

Fix #31261

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-06-06 08:14:00 +00:00
Thomas Desveaux
ca414a7ccf
Fix NuGet Package API for $filter with Id equality (#31188) (#31242)
Backport #31188

Fixes issue when running `choco info pkgname` where `pkgname` is also a
substring of another package Id.

Relates to #31168

---

This might fix the issue linked, but I'd like to test it with more choco
commands before closing the issue in case I find other problems if
that's ok.
I'm pretty inexperienced with Go, so feel free to nitpick things.

Not sure I handled
[this](70f87e11b5/routers/api/packages/nuget/nuget.go (L135-L137))
in the best way, so looking for feedback on if I should fix the
underlying issue (`nil` might be a better default for `Value`?).

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-06-04 14:56:59 +03:00
Giteabot
33fa93a952
Fix agit checkout command line hint & fix ShowMergeInstructions checking (#31219) (#31222)
Backport #31219 by @lunny

Fix #31135 

Before
<img width="527" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/60c07b55-3db2-4a9a-98f1-0eb72d149df2">

After
<img width="664" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/0670ff5d-9e0b-47ac-aba4-9db9131de3b3">

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-06-03 09:45:57 +08:00
wxiaoguang
cc64d4d2b2
Ignore FindRecentlyPushedNewBranches err (#31164) (#31171)
Backport #31164
2024-05-30 14:24:14 +08:00
Giteabot
fb14ca30eb
Fix markup preview (#31158) (#31166)
Backport #31158 by @wxiaoguang

Fix #31157

After:


![image](https://github.com/go-gitea/gitea/assets/2114189/4d918cce-cd0d-4601-9c81-4b32df1b0b38)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-30 02:38:30 +02:00
Giteabot
c6189cfcb9
Add an immutable tarball link to archive download headers for Nix (#31139) (#31145)
Backport #31139 by @Mic92

This allows `nix flake metadata` and nix in general to lock a *branch*
tarball link in a manner that causes it to fetch the correct commit even
if the branch is updated with a newer version.

For further context, Nix flakes are a feature that, among other things,
allows for "inputs" that are "github:someuser/somerepo",
"https://some-tarball-service/some-tarball.tar.gz",
"sourcehut:~meow/nya" or similar. This feature allows our users to fetch
tarballs of git-based inputs to their builds rather than using git to
fetch them, saving significant download time.

There is presently no gitea or forgejo specific fetcher in Nix, and we
don't particularly wish to have one. Ideally (as a developer on a Nix
implementation myself) we could just use the generic tarball fetcher and
not add specific forgejo support, but to do so, we need additional
metadata to know which commit a given *branch* tarball represents, which
is the purpose of the Link header added here.

The result of this patch is that a Nix user can specify
`inputs.something.url =
"https://forgejo-host/some/project/archive/main.tar.gz"` in flake.nix
and get a link to some concrete tarball for the actual commit in the
lock file, then when they run `nix flake update` in the future, they
will get the latest commit in that branch.

Example of it working locally:

» nix flake metadata --refresh
'http://localhost:3000/api/v1/repos/jade/cats/archive/main.tar.gz?dir=configs/nix'
Resolved URL:
http://localhost:3000/api/v1/repos/jade/cats/archive/main.tar.gz?dir=configs/nix
Locked URL:
804ede182b.tar.gz?dir=configs
/nix&narHash=sha256-yP7KkDVfuixZzs0fsqhSETXFC0y8m6nmPLw2GrAMxKQ%3D
Description:   Computers with the nixos
Path:          /nix/store/s856c6yqghyan4v0zy6jj19ksv0q22nx-source
Revision:      804ede182b6b66469b23ea4d21eece52766b7a06
Last modified: 2024-05-02 00:48:32

For details on the header value, see:

56763ff918/doc/manual/src/protocols/tarball-fetcher.md

Co-authored-by: Jörg Thalheim <Mic92@users.noreply.github.com>
Co-authored-by: Jade Lovelace <software@lfcode.ca>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-29 01:34:14 +00:00
Giteabot
e6bacf1fed
Add missed return after ctx.ServerError (#31130) (#31133)
Backport #31130 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-28 12:47:11 +02:00
Giteabot
e0b7938d74
Fix possible ui 500 if workflow's job is nil (#31092) (#31098)
Backport #31092 by @lunny

Fix #31087

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-27 14:13:15 +08:00
Giteabot
02b947a15f
Fix View File button link if branch deleted on pull request files pages (#31063) (#31077) 2024-05-26 14:07:17 +00:00
yp05327
564fef1e20
Fix wrong display of recently pushed notification (#25812) (#31043)
Backport #25812

~~ps: removed some new codes in `tests/integration/pull_merge_test.go`~~

---------

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-23 04:14:26 +00:00
Giteabot
e3390e2441
use existing oauth grant for public client (#31015) (#31042)
Backport #31015 by @denyskon

Do not try to create a new authorization grant when one exists already,
thus preventing a DB-related authorization issue.

Fix https://github.com/go-gitea/gitea/pull/30790#issuecomment-2118812426

Co-authored-by: Denys Konovalov <kontakt@denyskon.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-21 17:32:31 +00:00
Giteabot
55cb356b84
Refactor sha1 and time-limited code (#31023) (#31030)
Backport #31023 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-21 00:58:21 +08:00
Giteabot
8a259e54c5
Return access_denied error when an OAuth2 request is denied (#30974) (#31029)
Backport #30974 by Zettat123

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-20 22:49:04 +08:00
Giteabot
8446caa813
Fix bug on avatar (#31008) (#31019)
Backport #31008 by @lunny

Extract from #30995

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-20 02:54:53 +00:00
Giteabot
ab33b7849f
Fix "force private" logic (#31012) (#31021)
Backport #31012 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-20 10:27:52 +08:00
Giteabot
a58498cc43
Improve reverse proxy documents and clarify the AppURL guessing behavior (#31003) (#31020)
Backport #31003 by wxiaoguang

Fix #31002

1. Mention Make sure `Host` and `X-Fowarded-Proto` headers are correctly passed to Gitea
2. Clarify the basic requirements and move the "general configuration" to the top
3. Add a comment for the "container registry"
4. Use 1.21 behavior if the reverse proxy is not correctly configured

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-19 15:22:54 +00:00
Giteabot
8eac16de21
Simplify mirror repository API logic (#30963) (#31009)
Backport #30963 by wxiaoguang

Fix #30921

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-18 08:26:20 +00:00