18113 Commits

Author SHA1 Message Date
Giteabot
f0e74da719
Upgrade tqdm dependency (#30996) (#31000)
Backport #30996 by @silverwind

Result of `make update-py`

Fixes: https://github.com/go-gitea/gitea/security/dependabot/65

Co-authored-by: silverwind <me@silverwind.io>
2024-05-17 02:39:39 +02:00
Giteabot
835411b978
template: label fix correct input id (#30987) (#30997)
Just a small commit to fix a wrong label for id.
Thanks and cheers!

Signed-off-by: Frank Villaro-Dixon <frank@villaro-dixon.eu>
Co-authored-by: Frank Villaro-Dixon <frank@vi-di.fr>
2024-05-16 08:45:52 -05:00
Giteabot
3cdf9ed202
Put web editor into a segment (#30966) (#30993)
Backport #30966 by silverwind

Co-authored-by: silverwind <me@silverwind.io>
2024-05-16 07:03:45 +00:00
Giteabot
0c9dcda10d
Check if the release is converted from the tag when updating the release (#30984) (#30986)
We should call `notify_service.NewRelease` when a release is created
from an existing tag.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-05-15 16:34:38 -05:00
Giteabot
cb52eb639e
Remove unnecessary double quotes on language file (#30977) (#30979)
Backport #30977 by @lunny

The double quotes and the prefix/suffix space are unnecessary.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-15 11:00:58 +02:00
Giteabot
5b7e54f72f
Always load or generate oauth2 jwt secret (#30942) (#30978)
Backport #30942 by @wxiaoguang

 Fix #30923

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-14 15:00:38 +00:00
Giteabot
042777abd7
Filter out duplicate action(activity) items for a repository (#30957) (#30976)
Backport #30957

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-14 14:14:39 +00:00
Giteabot
8393ff78fc
Protected tag is no internal server error (#30962) (#30970)
Backport #30962 by @KN4CK3R

Fixes #30959

Adds an API test for protected tags.
Fix existing tag in combination with fixtures.

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-14 07:15:36 +00:00
Giteabot
c1337e7316
Restyle release list, fix branch dropdown (#30837) (#30968)
Backport #30837 by @silverwind

Fixes https://github.com/go-gitea/gitea/issues/30821 and restyles the
release list.

Desktop:

<img width="1199" alt="Screenshot 2024-05-02 at 20 46 10"
src="https://github.com/go-gitea/gitea/assets/115237/bee92423-d4a9-4b26-8301-3a1e09eef4cd">


Mobile:

<img width="443" alt="Screenshot 2024-05-02 at 20 46 21"
src="https://github.com/go-gitea/gitea/assets/115237/42ecbae5-bdb6-4b16-a0ee-9c64daede68d">

Co-authored-by: silverwind <me@silverwind.io>
2024-05-13 22:00:52 +00:00
Giteabot
70eaa99ac0
fix: change npm scope registry (#30964) (#30965)
Backport #30964 by @llxlr


https://docs.npmjs.com/cli/v10/using-npm/scope#associating-a-scope-with-a-registry

Co-authored-by: james yang <yanghongday369@gmail.com>
2024-05-13 18:14:31 +02:00
Giteabot
f806bbb815
Support using label names when changing issue labels (#30943) (#30958)
Backport #30943 by @Zettat123

Resolve #30917

Make the APIs for adding labels and replacing labels support both label
IDs and label names so the
[`actions/labeler`](https://github.com/actions/labeler) action can work
in Gitea.

<img width="600px"
src="https://github.com/go-gitea/gitea/assets/15528715/7835c771-f637-4c57-9ce5-e4fbf56fa0d3"
/>

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-05-13 14:28:11 +08:00
Giteabot
ebe8e63dfd
Fix file path width in repo non-homepage view (#30951) (#30952)
Backport #30951 by @silverwind

Fixes: https://github.com/go-gitea/gitea/issues/30940

<img width="1310" alt="Screenshot 2024-05-11 at 20 48 41"
src="https://github.com/go-gitea/gitea/assets/115237/f163dfd4-1299-421f-a99e-cd0c793e0e3d">

Co-authored-by: silverwind <me@silverwind.io>
2024-05-12 14:07:16 +02:00
Giteabot
bc455883fc
Remove If Exist check on migration for mssql because that syntax required SQL server 2016 (#30894) (#30946)
Backport #30894 by @lunny

Fix #30872

We will assume the database is consistent before executing the
migration. So the indexes should exist. Removing `IF EXIST` then is safe
enough.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-12 03:15:01 +00:00
Giteabot
14dc00ae01
Move reverproxyauth before session so the header will not be ignored even if user has login (#27821) (#30948)
Backport #27821 by @lunny

When a user logout and then login another user, the reverseproxy auth
should be checked before session otherwise the old user is still login.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-12 10:25:55 +08:00
Giteabot
94c5a30c8b
Fix some UI regressions for commit list (#30920) (#30937)
Backport #30920 by wxiaoguang

Close #30919

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-10 22:36:06 +08:00
Giteabot
b99473f4ec
Check if reverse proxy is correctly configured (#30890) (#30935)
Backport #30890 by wxiaoguang

Follow #27011
Follow #30885

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-10 12:34:04 +00:00
yp05327
2200c41ffd
Fix incorrect default branch when adopt a repository (#30912) (#30928)
Backport #30912

ps: removed useless `u *user_model.User` for `adoptRepository`
2024-05-10 12:00:01 +00:00
Giteabot
45475250bd
Remove deprecated stuff for runners (#30930) (#30931)
Backport #30930 by @wolfogre

It's time (maybe somewhat late) to remove some deprecated stuff for the
runner.

- `x-runner-version`: runners needn't to report version in every
request, they will call `Declare`.
- `AgentLabels`: runners will report them as `Labels`.

Co-authored-by: Jason Song <i@wolfogre.com>
2024-05-10 16:57:30 +08:00
Giteabot
df5513978a
Update issue indexer after merging a PR (#30715) (#30903)
Backport #30715 by @Zettat123

Fix #30684

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-05-09 13:51:57 +08:00
Giteabot
08d697ae70
Add missing menu active item background back (#30897) (#30907)
Backport #30897 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 23:53:02 +00:00
Giteabot
5f1af1f37d
Fix incorrect issue form (#30881) (#30904)
Backport #30881 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 23:26:53 +00:00
Giteabot
2f91a461f7
Fix misspelling of mergable (#30896) (#30905)
Backport #30896 by @yp05327

https://github.com/go-gitea/gitea/pull/25812#issuecomment-2099833692
Follow #30573

Co-authored-by: yp05327 <576951401@qq.com>
2024-05-08 16:38:46 +00:00
Giteabot
084bec89ed
Fix various problems around projects board view (#30696) (#30902)
Backport #30696 by @lunny

# The problem
The previous implementation will start multiple POST requests from the
frontend when moving a column and another bug is moving the default
column will never be remembered in fact.

# What's changed

- [x] This PR will allow the default column to move to a non-first
position
- [x] And it also uses one request instead of multiple requests when
moving the columns
- [x] Use a star instead of a pin as the icon for setting the default
column action
- [x] Inserted new column will be append to the end
- [x] Fix #30701 the newly added issue will be append to the end of the
default column
- [x] Fix when deleting a column, all issues in it will be displayed
from UI but database records exist.
- [x] Add a limitation for columns in a project to 20. So the sorting
will not be overflow because it's int8.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 15:46:21 +00:00
Giteabot
271e8748a2
Fix wrong transfer hint (#30889) (#30900)
Backport #30889 by @lunny

Fix #30187

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-08 15:12:37 +00:00
Giteabot
ec3f5f9992
Move database operations of merging a pull request to post receive hook and add a transaction (#30805) (#30888)
Backport #30805 by @lunny

Merging PR may fail because of various problems. The pull request may
have a dirty state because there is no transaction when merging a pull
request. ref
https://github.com/go-gitea/gitea/pull/25741#issuecomment-2074126393

This PR moves all database update operations to post-receive handler for
merging a pull request and having a database transaction. That means if
database operations fail, then the git merging will fail, the git client
will get a fail result.

There are already many tests for pull request merging, so we don't need
to add a new one.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-08 14:17:18 +00:00
wxiaoguang
d4c2db39bf
Refactor AppURL usage (#30885) (#30891)
Backport #30885
Fix #30883
Fix #29591

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-05-08 13:34:43 +00:00
6543
d410e2acce
Repository explore alphabetically order respect owner name (#30882)
similar to #30784 but only for the repo explore page

is covered by #30876 for the main branch
2024-05-07 16:35:02 +00:00
Giteabot
216c8eada3
Fix missing migrate actions artifacts (#30874) (#30886)
Backport #30874 by @lunny

The actions artifacts should be able to be migrate to the new storage
place.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-07 21:59:00 +08:00
wxiaoguang
d5563be0ee
Make sure git version&feature are always prepared (#30877) (#30879)
Backport #30877
2024-05-07 02:07:33 +00:00
Giteabot
ad5a8d043c
Make "sync branch" also sync object format and add tests (#30878) (#30880)
Backport #30878 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-07 08:33:28 +08:00
Giteabot
cfe6779d4e
Get repo list with OrderBy alpha should respect owner too (#30784) (#30875)
Backport #30784 by @6543

instead of:
- zowner/gcode
- awesome/nul
- zowner/nul
- zowner/zzz

we will get:
- awesome/nul
- zowner/gcode
- zowner/nul
- zowner/zzz

Co-authored-by: 6543 <6543@obermui.de>
2024-05-06 15:06:45 +00:00
Giteabot
b22d7fd8cd
Fix some UI problems (dropdown/container) (#30849) (#30871)
Backport #30849 by wxiaoguang

Follow #30345
Follow #30547

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-06 07:45:04 +00:00
Giteabot
e2e326f154
Fix some UI problems (install/checkbox) (#30854) (#30870)
Backport #30854 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-06 06:58:42 +00:00
Giteabot
2252a7bf84
Have time.js use UTC-related getters/setters (#30857) (#30869)
Backport #30857 by kemzeb

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
Co-authored-by: Sam Fisher <fisher@3echelon.local>
2024-05-06 10:01:22 +08:00
Giteabot
bb7150c30d
Do not show monaco JS errors (#30862) (#30866)
Backport #30862 by wxiaoguang

Fix #30861

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-06 00:53:09 +08:00
Giteabot
60fa2a5960
Fix issue/PR title edit (#30858) (#30865)
Backport #30858 by wxiaoguang

1. "enter" doesn't work (I think it is the last enter support for #14843)
2. if a branch name contains something like `&`, then the branch selector doesn't update

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-05 13:53:12 +00:00
Giteabot
054602977a
Add result check in TestAPIEditUser (#29674) (#30860)
Backport #29674 by @yp05327

Fix #29514
there are too many usage of `NewRequestWithValues`, so there's no need
to check all of them.
Just one is enough I think.

Co-authored-by: yp05327 <576951401@qq.com>
2024-05-05 21:17:03 +08:00
Giteabot
471b411873
Fix markdown URL parsing for commit ID (#30812) (#30855)
Backport #30812 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-04 12:04:05 +08:00
Giteabot
a82e6301f7
Fix no edit history after editing issue's title and content (#30814) (#30845)
Backport #30814 by @yp05327

Fix #30807

reuse functions in services

Co-authored-by: yp05327 <576951401@qq.com>
2024-05-03 14:43:16 +00:00
Giteabot
1f9a9fab5f
Improve grep search (#30843) (#30850)
Backport #30843 by wxiaoguang

Reduce the context line number to 1, make "git grep" search respect the
include/exclude patter, and fix #30785

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 17:59:33 +08:00
Giteabot
7ad2d039fd
Don't only list code-enabled repositories when using repository API (#30817) (#30848)
Backport #30817 by kemzeb

We should be listing all repositories by default.

Fixes #28483.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-05-03 16:52:38 +08:00
Giteabot
ab2ef1ae49
Ignore useless error message "broken pipe" (#30801) (#30842)
Backport #30801 by wxiaoguang

Fix #30792

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 04:20:34 +00:00
Giteabot
7db434bfa9
Fix JS error on pull request page (#30838) (#30841)
Backport #30838 by silverwind

Fix this error seen on PR page, regression from
https://github.com/go-gitea/gitea/pull/30803:

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 02:17:11 +00:00
Giteabot
41f8ef8af5
Improve repo button row layout (#30668) (#30839)
Backport #30668 by @silverwind

Since there is now a second `<input>` in the repo buttons, we can make a
better-looking layout with no empty space, except on mobile.

Also I fixed one bug with focus border on clone panel.

## Large

<img width="1163" alt="Screenshot 2024-04-23 at 22 25 22"
src="https://github.com/go-gitea/gitea/assets/115237/8135a572-aa67-4672-ad49-b76b06890b52">

## Medium
<img width="870" alt="Screenshot 2024-04-23 at 22 25 34"
src="https://github.com/go-gitea/gitea/assets/115237/9e93f61c-3315-4a78-8328-8cefad5b50fa">

## Mobile
<img width="416" alt="Screenshot 2024-04-23 at 22 25 52"
src="https://github.com/go-gitea/gitea/assets/115237/859e341f-807a-48e6-8bcf-31715963216c">

Co-authored-by: silverwind <me@silverwind.io>
2024-05-02 19:38:37 +00:00
Giteabot
6d83f5eddc
Prevent automatic OAuth grants for public clients (#30790) (#30836)
Backport #30790 by archer-321

This commit forces the resource owner (user) to always approve OAuth 2.0
authorization requests if the client is public (e.g. native
applications).

As detailed in [RFC 6749 Section
10.2](https://www.rfc-editor.org/rfc/rfc6749.html#section-10.2),

> The authorization server SHOULD NOT process repeated authorization
requests automatically (without active resource owner interaction)
without authenticating the client or relying on other measures to ensure
that the repeated request comes from the original client and not an
impersonator.

With the implementation prior to this patch, attackers with access to
the redirect URI (e.g., the loopback interface for
`git-credential-oauth`) can get access to the user account without any
user interaction if they can redirect the user to the
`/login/oauth/authorize` endpoint somehow (e.g., with `xdg-open` on
Linux).

Fixes #25061.

Co-authored-by: Archer <archer@beezig.eu>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-02 19:06:32 +00:00
Giteabot
665a06c41f
Catch and handle unallowed file type errors in issue attachment API (#30791) (#30834)
Backport #30791 by kemzeb

Before, we would just throw 500 if a user passes an attachment that is
not an allowed type. This commit catches this error and throws a 422
instead since this should be considered a validation error.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-05-03 01:45:45 +08:00
Giteabot
f62f04c6bf
Fix incorrect message id for release email (#30825) (#30833)
Backport #30825 by wxiaoguang

Make generateMessageIDForRelease outputs the same format as
generateMessageIDForIssue (old `createReference`)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 00:00:29 +08:00
Giteabot
253c97b922
Add hover outline to heatmap squares (#30828) (#30832)
Backport #30828 by @silverwind

Makes it easier to use because you see which square is currently
hovered:

<img width="314" alt="Screenshot 2024-05-02 at 15 38 20"
src="https://github.com/go-gitea/gitea/assets/115237/3a15dad1-2259-4f28-9fae-5cf6ad3d8798">

I did try a `scoped` style for this, but that did not work for some
reason.

Co-authored-by: silverwind <me@silverwind.io>
2024-05-02 15:01:07 +00:00
Giteabot
c34a03d504
Upgrade chi-binding (#30826) (#30830)
Backport #30826 by @lunny

Front port #30742

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-05-02 16:50:10 +02:00
Giteabot
3f0dc69400
Improve context popup rendering (#30824) (#30829)
Backport #30824 by @silverwind

Before, lot of empty space when no labels or body:

<img width="281" alt="Screenshot 2024-05-02 at 13 51 29"
src="https://github.com/go-gitea/gitea/assets/115237/8a980ccd-d53c-43a3-a059-dc8c614621e1">

After, empty space collapsed:

<img width="306" alt="Screenshot 2024-05-02 at 13 51 16"
src="https://github.com/go-gitea/gitea/assets/115237/8d9c154d-5de1-43d0-8536-afd9194d99b3">

All `<p>` (unsuitable) and `<small>` (discouraged in favor of css) tags
are removed.

Co-authored-by: silverwind <me@silverwind.io>
2024-05-02 13:47:32 +00:00