Commit Graph

4518 Commits

Author SHA1 Message Date
Giteabot
a82e6301f7
Fix no edit history after editing issue's title and content (#30814) (#30845)
Backport #30814 by @yp05327

Fix #30807

reuse functions in services

Co-authored-by: yp05327 <576951401@qq.com>
2024-05-03 14:43:16 +00:00
Giteabot
1f9a9fab5f
Improve grep search (#30843) (#30850)
Backport #30843 by wxiaoguang

Reduce the context line number to 1, make "git grep" search respect the
include/exclude patter, and fix #30785

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 17:59:33 +08:00
Giteabot
7ad2d039fd
Don't only list code-enabled repositories when using repository API (#30817) (#30848)
Backport #30817 by kemzeb

We should be listing all repositories by default.

Fixes #28483.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-05-03 16:52:38 +08:00
Giteabot
ab2ef1ae49
Ignore useless error message "broken pipe" (#30801) (#30842)
Backport #30801 by wxiaoguang

Fix #30792

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-03 04:20:34 +00:00
Giteabot
6d83f5eddc
Prevent automatic OAuth grants for public clients (#30790) (#30836)
Backport #30790 by archer-321

This commit forces the resource owner (user) to always approve OAuth 2.0
authorization requests if the client is public (e.g. native
applications).

As detailed in [RFC 6749 Section
10.2](https://www.rfc-editor.org/rfc/rfc6749.html#section-10.2),

> The authorization server SHOULD NOT process repeated authorization
requests automatically (without active resource owner interaction)
without authenticating the client or relying on other measures to ensure
that the repeated request comes from the original client and not an
impersonator.

With the implementation prior to this patch, attackers with access to
the redirect URI (e.g., the loopback interface for
`git-credential-oauth`) can get access to the user account without any
user interaction if they can redirect the user to the
`/login/oauth/authorize` endpoint somehow (e.g., with `xdg-open` on
Linux).

Fixes #25061.

Co-authored-by: Archer <archer@beezig.eu>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-02 19:06:32 +00:00
Giteabot
665a06c41f
Catch and handle unallowed file type errors in issue attachment API (#30791) (#30834)
Backport #30791 by kemzeb

Before, we would just throw 500 if a user passes an attachment that is
not an allowed type. This commit catches this error and throws a 422
instead since this should be considered a validation error.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-05-03 01:45:45 +08:00
Giteabot
e1a79ae0bf
Skip gzip for some well-known compressed file types (#30796) (#30813)
Backport #30796 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: silverwind <me@silverwind.io>
2024-05-02 14:50:24 +08:00
Giteabot
97a7c04a8f
Fix bleve fuzziness (#30799) (#30804)
Backport #30799 by wxiaoguang

Fix #30797
Fix #30317

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-05-01 12:59:59 +00:00
Giteabot
dc9e795ce2
Fix issue label rendering in the issue popup (#30763) (#30773)
Backport #30763 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-04-30 09:40:47 +00:00
Giteabot
6edee2eca4
Rename CodeIndexerEnabled to IsRepoIndexerEnabled (#30762) (#30767)
Backport #30762 by @wxiaoguang

Fix  #30761

Most places use `IsRepoIndexerEnabled` but not `CodeIndexerEnabled`, so
it should always use `IsRepoIndexerEnabled` for consistency.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-04-29 21:57:48 +00:00
Giteabot
6c86034e0f
Fix all rounded borders, change affected tab menus to pills (#30707) (#30769)
Backport #30707 by @silverwind

Fixes https://github.com/go-gitea/gitea/issues/30673, all 23 issues.
Notes:

- Tab bar menus had to change to pills because of unsolvable issue with
the border-radius as tab bar renders a overlapping border onto the box
below. And I think pills look better.
- Added padding to code editor empty preview message
- Hide monaco's built-in blue focus border, we don't need it and it
never showed before either.
- Label add menu is simplified, removing the nested segment.

<img width="1322" alt="Screenshot 2024-04-25 at 22 26 19"
src="https://github.com/go-gitea/gitea/assets/115237/7e394e0c-b7ad-417d-8e9f-12f1dea93ed1">
<img width="1326" alt="Screenshot 2024-04-25 at 22 28 00"
src="https://github.com/go-gitea/gitea/assets/115237/66c8499f-aa9f-4d95-8cca-ef13dfa82c65">
<img width="997" alt="Screenshot 2024-04-25 at 22 36 53"
src="https://github.com/go-gitea/gitea/assets/115237/07896102-c71d-4246-8173-c2bc2e1d3cae">
<img width="832" alt="Screenshot 2024-04-25 at 22 56 09"
src="https://github.com/go-gitea/gitea/assets/115237/d83afc96-08ca-4adc-baf4-3d02804be57c">
<img width="361" alt="Screenshot 2024-04-25 at 22 57 12"
src="https://github.com/go-gitea/gitea/assets/115237/c7371a68-00b5-47d8-84d0-ddc5268b2b2c">

Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-04-29 21:19:44 +00:00
wxiaoguang
d07019f539
Fix nil dereference on error (#30740) (#30746)
Backport #30740 manually

Co-authored-by: Chongyi Zheng <git@zcy.dev>
2024-04-29 00:23:35 +00:00
Kemal Zebari
dd301cae1c
Prevent allow/reject reviews on merged/closed PRs (#30686)
Resolves #30675.
2024-04-27 11:55:03 +00:00
silverwind
9b2536b78f
Update misspell to 0.5.1 and add misspellings.csv (#30573)
Misspell 0.5.0 supports passing a csv file to extend the list of
misspellings, so I added some common ones from the codebase. There is at
least one typo in a API response so we need to decided whether to revert
that and then likely remove the dict entry.
2024-04-27 08:03:49 +00:00
Bo-Yi Wu
852547d0dc
feat(api): enhance Actions Secrets Management API for repository (#30656)
- Add endpoint to list repository action secrets in API routes
- Implement `ListActionsSecrets` function to retrieve action secrets
from the database
- Update Swagger documentation to include the new
`/repos/{owner}/{repo}/actions/secrets` endpoint
- Add `actions` package import and define new routes for actions,
secrets, variables, and runners in `api.go`.
- Refactor action-related API functions into `Action` struct methods in
`org/action.go` and `repo/action.go`.
- Remove `actionAPI` struct and related functions, replacing them with
`NewAction()` calls.
- Rename `variables.go` to `action.go` in `org` directory.
- Delete `runners.go` and `secrets.go` in both `org` and `repo`
directories, consolidating their content into `action.go`.
- Update copyright year and add new imports in `org/action.go`.
- Implement `API` interface in `services/actions/interface.go` for
action-related methods.
- Remove individual action-related functions and replace them with
methods on the `Action` struct in `repo/action.go`.

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Signed-off-by: appleboy <appleboy.tw@gmail.com>
2024-04-26 21:11:49 +08:00
wxiaoguang
993736d838
Fix code search input for different views (#30678)
Now only show the "code search" on the repo home page, because it only
does global search.
So do not show it when viewing file or directory to avoid misleading
users (it doesn't search in a directory)
2024-04-26 11:21:04 +00:00
wxiaoguang
1e749b80d7
Add route handler info for debugging purpose (#30705)
Follow #30519
2024-04-26 09:09:49 +00:00
yp05327
2a3906d755
Improve job commit description (#30579)
Fix https://github.com/go-gitea/gitea/issues/30567

When job is a schedule:

![image](https://github.com/go-gitea/gitea/assets/18380374/b07e9d43-e8b7-4ee2-87b3-a7050c3a8ca5)
When it is a normal one:

![image](https://github.com/go-gitea/gitea/assets/18380374/0d58dab9-74bb-421b-8952-0578cdf21a52)

also add a 'space' behind  `:`

![image](https://github.com/go-gitea/gitea/assets/18380374/4cebece0-bfe6-4ad9-b806-e5c49bb9be43)


![image](https://github.com/go-gitea/gitea/assets/18380374/02da7681-474b-4c0f-9dad-b6558f6cb484)

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-04-26 02:22:45 +00:00
wxiaoguang
6a0750177f
Allow to save empty comment (#30706)
Fix #29986
2024-04-26 01:17:43 +00:00
wxiaoguang
bffbbf5470
Improve oauth2 client "preferred username field" logic and the error handling (#30622)
Follow #30454
And fix #24957

When using "preferred_username", if no such field,
`extractUserNameFromOAuth2` (old `getUserName`) shouldn't return an
error. All other USERNAME options do not return such error.

And fine tune some logic and error messages, make code more stable and
more friendly to end users.
2024-04-25 11:22:32 +00:00
Lunny Xiao
8b3632435e
Fix a panic bug when head repository deleting (#30674)
When visiting a pull request files which head repository has been
deleted, it will panic because headrepo is nil.
2024-04-24 13:26:50 +08:00
wxiaoguang
b79e3db264
Initial support for colorblindness-friendly themes (#30625)
Initial support for #25680

This PR only adds some simple styles from GitHub, it is big enough and
it focuses on adding the necessary framework-level supports. More styles
could be fine-tuned later.
2024-04-24 00:18:41 +08:00
Lunny Xiao
8924d9b2ef
Fix compare api swagger (#30648)
The swagger format on #30349 is not right. This PR will fix it.
2024-04-23 02:22:43 +00:00
silverwind
74f0c84fa4
Enable more revive linter rules (#30608)
Noteable additions:

- `redefines-builtin-id` forbid variable names that shadow go builtins
- `empty-lines` remove unnecessary empty lines that `gofumpt` does not
remove for some reason
- `superfluous-else` eliminate more superfluous `else` branches

Rules are also sorted alphabetically and I cleaned up various parts of
`.golangci.yml`.
2024-04-22 11:48:42 +00:00
Bo-Yi Wu
6459c50278
fix(api): refactor branch and tag existence checks (#30618)
- Update branch existence check to also include tag existence check
- Adjust error message for branch/tag existence check

ref: https://github.com/go-gitea/gitea/pull/30349

---------

Signed-off-by: appleboy <appleboy.tw@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-22 00:19:59 +02:00
Lunny Xiao
e865de1e9d
Use maintained gziphandler (#30592)
Replace #27894

---------

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-04-21 00:53:45 +00:00
wxiaoguang
48d4580dd5
Clarify permission "HasAccess" behavior (#30585)
Follow #30495

"HasAccess" behavior wasn't clear, to make it clear:

* Use a new name `HasAnyUnitAccess`, it will be easier to review related
code and permission problems.
* Separate everyone access mode to a separate field, then all calls to
HasAccess are reverted to old behavior before #30495.
* Add new tests.

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-20 03:15:04 +00:00
wxiaoguang
f60e1a1af2
Fix HEAD method for robots.txt (#30603)
Fix #30601
2024-04-19 21:43:56 +08:00
wxiaoguang
eb24d973b0
Fix project description rendering for org (#30587)
Fix #30263


![image](https://github.com/go-gitea/gitea/assets/2114189/41cabe6c-f94a-4874-a26f-d01bb89bb28c)

Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-19 07:58:56 +00:00
wxiaoguang
d1ba5f431b
Some following up changes for routes (#30550)
1. Switch back to the old order for `reqRepoAdmin, context.RepoRef()`
2. Add a routing function info for global NotFound
2024-04-18 09:36:19 +00:00
6543
be5be0ac81
Expose fuzzy search for issues/pulls (#29701)
close  #29685

---------

Signed-off-by: 6543 <6543@obermui.de>
Co-authored-by: silverwind <me@silverwind.io>
2024-04-18 00:16:52 +00:00
wxiaoguang
3feba9f1f4
Allow everyone to read or write a wiki by a repo unit setting (#30495)
Replace #6312
Help #5833
Wiki solution for #639
2024-04-17 15:58:37 +00:00
Michael Kriese
bafb80f80d
Support nuspec manifest download for nuget packages (#28921)
Support downloading nuget nuspec manifest[^1]. This is useful for
renovate because it uses this api to find the corresponding repository

- Store nuspec along with nupkg on upload
- allow downloading nuspec
- add doctor command to add missing nuspec files 


[^1]:
https://learn.microsoft.com/en-us/nuget/api/package-base-address-resource#download-package-manifest-nuspec

---------

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
2024-04-17 15:30:41 +00:00
Edward Zhang
02e183bf3f
Fix branch_protection api shows users/teams who has no readAccess (#30291)
Add some logic in `convert.ToBranchProtection` to return only the names
associated with readAccess instead of returning all names. This will
ensure consistency in behavior between the frontend and backend.
Fixes: #27694

---------

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
Co-authored-by: wenzhuo.zhang <wenzhuo.zhang@geely.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-17 15:24:07 +02:00
wxiaoguang
3e2e76e248
Refactor web routes (#30519)
Re-organize the routes in web.go and use ctx constants instead of `context.UnitTypes()`

---------

Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-17 08:31:37 +00:00
SimonErm
6ba0c371c2
Allow preferred_username as username source for OIDC (#30454)
This PR adds the preferred_username claim as a possible username source
for the oauth2_client.

Closes #21518
2024-04-16 05:41:39 +00:00
yp05327
cf9061f44a
Fix empty field login_name in API response JSON when creating user (#30511)
Fix #30508

ps: if `sourceID` is not set, `LoginName` will be ignored
2024-04-16 13:13:00 +08:00
Bo-Yi Wu
c70e442ce4
feat(api): implement branch/commit comparison API (#30349)
- Add new `Compare` struct to represent comparison between two commits
- Introduce new API endpoint `/compare/*` to get commit comparison
information
- Create new file `repo_compare.go` with the `Compare` struct definition
- Add new file `compare.go` in `routers/api/v1/repo` to handle
comparison logic
- Add new file `compare.go` in `routers/common` to define `CompareInfo`
struct
- Refactor `ParseCompareInfo` function to use `common.CompareInfo`
struct
- Update Swagger documentation to include the new API endpoint for
commit comparison
- Remove duplicate `CompareInfo` struct from
`routers/web/repo/compare.go`
- Adjust base path in Swagger template to be relative (`/api/v1`)

GitHub API
https://docs.github.com/en/rest/commits/commits?apiVersion=2022-11-28#compare-two-commits

---------

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-04-16 11:45:04 +08:00
silverwind
4b1063f3db
Rewrite and restyle reaction selector and enable no-sizzle eslint rule (#30453)
Enable `no-sizzle` lint rule, there was only one use in `initCompReactionSelector` and:

- Remove all jQuery except the necessary fomantic dropdown init
- Remove the recursion, instead bind event listeners to common parent container nodes

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-14 18:44:11 +08:00
yp05327
af02b8a0e9
Fix network error when open/close organization/individual projects and redirect to project page (#30387)
Follow #27734


![image](https://github.com/go-gitea/gitea/assets/18380374/02ed6b9a-cbb6-4f49-a54a-ca76a0d052a9)

Updated:
Redirect to project page instead of project list page.
2024-04-13 16:17:01 +00:00
wxiaoguang
c248f010ad
Refactor cache and disable go-chi cache (#30417)
use built-in cache package to wrap external go-chi cache package
2024-04-13 08:38:44 +00:00
Lunny Xiao
9466fec879
Fix rename branch 500 when the target branch is deleted but exist in database (#30430)
Fix #30428
2024-04-12 13:11:16 +03:00
Zettat123
0fe9f93eb4
Check the token's owner and repository when registering a runner (#30406)
Fix #30378
2024-04-11 16:01:44 +08:00
Rafael
c1f76aea45
Use raw Wiki links for non-renderable Wiki files (#30273)
In Wiki pages, short-links created to local Wiki files were always
expanded as regular Wiki Links. In particular, if a link wanted to point
to a file that Gitea doesn't know how to render (e.g, a .zip file), a
user following the link would be silently redirected to the Wiki's home
page.

This change makes short-links* in Wiki pages be expanded to raw wiki
links, so these local wiki files may be accessed without manually
accessing their URL.

* only short-links ending in a file extension that isn't renderable are
affected.

Closes #27121.

Signed-off-by: Rafael GirĂ£o <rafael.s.girao@tecnico.ulisboa.pt>
Co-authored-by: silverwind <me@silverwind.io>
2024-04-10 17:49:57 +00:00
Lunny Xiao
263a716cb5
Performance optimization for git push (#30104)
Agit returned result should be from `ProcReceive` hook but not
`PostReceive` hook. Then for all non-agit pull requests, it will not
check the pull requests for every pushing `refs/pull/%d/head`.
2024-04-09 03:43:17 +00:00
Lunny Xiao
908426aa0f
Fix missed doer (#30231)
Fix #29879

Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-08 21:26:41 +00:00
yp05327
7d66b9ea65
Avoid showing Failed to change the default wiki branch if repo has no wiki when saving repo settings (#30329) 2024-04-08 19:43:23 +08:00
wxiaoguang
83f83019ef
Clean up log messages (#30313)
`log.Xxx("%v")` is not ideal, this PR adds necessary context messages.
Remove some unnecessary logs.

Co-authored-by: Giteabot <teabot@gitea.io>
2024-04-07 19:17:06 +08:00
wxiaoguang
bbe5cd7c92
Refactor startup deprecation messages (#30305)
It doesn't change logic, it only does:

1. Rename the variable and function names
2. Use more consistent format when mentioning config section&key
3. Improve some messages
2024-04-07 01:11:25 +00:00
wxiaoguang
ca5c895efb
Render embedded code preview by permlink in markdown (#30234)
The permlink in markdown will be rendered as a code preview block, like GitHub

Co-authored-by: silverwind <me@silverwind.io>
2024-04-02 17:48:27 +00:00