Commit Graph

18277 Commits

Author SHA1 Message Date
Lunny Xiao
c630b88f35
Fix misuse of PublicKeyCallback(#32810) (#32824)
Backport #32810
2024-12-13 07:34:52 +00:00
Giteabot
e7de2fc136
Fix lfs migration (#32812) (#32818)
Backport #32812 by @hiifong

Fix: #32803

![image](https://github.com/user-attachments/assets/3ea1f4e0-e26f-4a15-957e-dd6caf91deb1)

![image](https://github.com/user-attachments/assets/44b99624-c347-4f2d-a11c-13ec1276eea2)

Co-authored-by: hiifong <i@hiif.ong>
2024-12-13 11:41:12 +08:00
Giteabot
4fe19fc722
Avoid MacOS keychain dialog in integration tests (#32813) (#32816)
Backport #32813 by @bohde

Mac's git installation ships with a system wide config that configures
the credential helper `osxkeychain`, which will prompt the user with a
dialog.

```
$ git config list --system 
credential.helper=osxkeychain
```
By setting the environment variable
[`GIT_CONFIG_NOSYSTEM=true`](https://git-scm.com/docs/git-config#ENVIRONMENT),
Git will not load the system wide config, preventing the dialog from
populating.

Closes #26717

Co-authored-by: Rowan Bohde <rowan.bohde@gmail.com>
2024-12-13 05:41:02 +08:00
techknowlogick
b54b6d103f
use specific namespace labels 2024-12-12 15:45:55 -05:00
Giteabot
84ce417312
use dedicated runners for release artifacts (#32811) (#32814)
Backport #32811 by @techknowlogick

GH runners are having trouble, so switch the remaining release jobs to
use dedicated runners.

Co-authored-by: techknowlogick <techknowlogick@gitea.com>
2024-12-12 15:44:58 -05:00
Lunny Xiao
c0092af2e0
Add changelog for 1.22.5 (#32794) 2024-12-12 04:56:35 +08:00
Lunny Xiao
6092bbac4d
🐛 Fixe a keystring misuse and refactor duplicates keystrings (#32668) (#32792)
Backport #32668 

- Fixes a translation keystring misuse where the string 'open
milestones' is used in place of 'closed milestones'.
- De-duplicates the use of 'open milesones' and 'closed milestones'
keystrings on the sidebar of an issue, reusing the ones on the issues
filter and action bars.
- Closes #32667

Co-authored-by: Simon Pistache <105607989+SimonPistache@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-12-11 13:32:10 -05:00
Lunny Xiao
e4ca557fd0
Upgrade crypto library (#32791)
backport #32750
2024-12-11 13:18:58 -05:00
Giteabot
ef9d1e9002
Add standard-compliant route to serve outdated R packages (#32783) (#32789)
Backport #32783 by Sebastian-T-T

The R package repository currently does not have support for older
versions of packages which should be stored in a separate /Archive
router. This PR remedies that by adding a new path router.

Fixes #32782

Co-authored-by: Sebastian T. T. <109338575+Sebastian-T-T@users.noreply.github.com>
2024-12-11 16:49:06 +00:00
Giteabot
0c7e44fcf7
Fix internal server error when updating labels without write permission (#32776) (#32785) 2024-12-10 17:22:03 -08:00
Giteabot
3a9039bc95
Make wiki pages visit fast (#32732) (#32745)
Backport #32732 by @lunny

Fix #20156

We reuse the code from the repository code view instead of the current
code.
Previously it took `5653ms` for
https://gitea.com/henri/wiki/wiki/?action=_pages in my local machine,
now it's about `300ms` .

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-12-07 02:54:29 +08:00
silverwind
063655c391
Bump relative-time-element to v4.4.4 (#32739)
Backport https://github.com/go-gitea/gitea/pull/32730 to v1.22
2024-12-06 15:39:45 +01:00
Giteabot
eee16e433c
Fix fork page branch selection (#32711) (#32725)
Backport #32711 by @lunny

Fix #32709

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-12-05 18:25:14 +00:00
KN4CK3R
0c4c28bc29
Add Swift login endpoint (#32693) (#32701)
Backport of #32693

Fix #32683

This PR adds the login endpoint and fixes the documentation links.
2024-12-06 01:53:55 +08:00
Giteabot
d8ad9228ca
Fix gogit GetRefCommitID (#32705) (#32712)
Backport #32705 by @Zettat123

Fix #32335

When we call `GetRefCommitID` and the reference is already a commit ID,
the `GetRefCommitID` with go-git will return a `NotExist` error. This PR
improves the `GetRefCommitID` for go-git. If the input is already a
commit ID, it will be returned directly.

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-12-04 07:59:48 +00:00
Giteabot
0d1fc2b2e9
Fix delete branch perm checking (#32654) (#32707)
Backport #32654 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-12-04 13:25:35 +08:00
Giteabot
a332805f6e
Fix word overflow in file search page (#32695) (#32699)
Backport #32695 by yp05327

Co-authored-by: yp05327 <576951401@qq.com>
2024-12-04 08:19:43 +08:00
Giteabot
4b73e92264
Fix race condition in mermaid observer (#32599) (#32673)
Backport #32599 by william-allspice
2024-11-29 19:44:41 +08:00
Giteabot
27489f2e0b
Don't create action when syncing mirror pull refs (#32659) (#32664)
Backport #32659 by @lunny

Fix #27961

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-29 02:13:16 +08:00
Lunny Xiao
293355777f
Add release note for v1.22.4 (#32513)
Add release note for v1.22.4

---------

Co-authored-by: Kyle D. <kdumontnu@gmail.com>
2024-11-26 03:01:54 +08:00
Lunny Xiao
cf1a38b03d
Fix get reviewers' bug (#32415) (#32616)
This PR rewrites `GetReviewer` function and move it to service layer.

Reviewers should not be watchers, so that this PR removed all watchers
from reviewers. When the repository is under an organization, the pull
request unit read permission will be checked to resolve the bug of

Fix #32394
Backport #32415
2024-11-23 12:42:58 +08:00
Lunny Xiao
073ba977fc
Fix clean tmp dir (#32360) (#32593)
Backport #32360 

Try to fix #31792 

Credit to @jeroenlaylo
Copied from
https://github.com/go-gitea/gitea/issues/31792#issuecomment-2311920520

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-22 08:50:35 +00:00
Lunny Xiao
2b8b2772fd
Fix PR creation on forked repositories (#31863) (#32591)
Resolves #20475
Backport #31863

Co-authored-by: Job <LordChunk@users.noreply.github.com>
2024-11-22 08:12:40 +00:00
Lunny Xiao
87ceecfb3a
Fix the missing menu in organization project view page (#32313) (#32592)
Backport #32313 

#29248 didn't modify the view page.
The class name is not good enough, so this is a quick fix.

Before:
org:

![image](https://github.com/user-attachments/assets/3e26502d-66b4-4043-ab03-003ba7391487)
user:

![image](https://github.com/user-attachments/assets/9b22b90c-d63c-4228-acad-4d9fb20590ac)

After:
org:

![image](https://github.com/user-attachments/assets/21bf98a7-8a5b-4dc6-950a-88f529e36450)
user: (no change)

![image](https://github.com/user-attachments/assets/fea0dcae-3625-44e8-bb9e-4c3733da8764)

Co-authored-by: yp05327 <576951401@qq.com>
2024-11-22 01:50:34 +00:00
Lunny Xiao
c2598b4642
Support HTTP POST requests to /userinfo, aligning to OpenID Core specification (#32578) (#32594) 2024-11-21 07:22:18 -08:00
wxiaoguang
a290aab0e8
Fix debian package clean up (#32351) (#32590)
Partially backport #32351
2024-11-21 06:27:02 +00:00
Giteabot
8f6cc95734
Fix GetInactiveUsers (#32540) (#32588)
Backport #32540 by @lunny

Fix #31480

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-21 13:25:36 +08:00
Rowan Bohde
0b5da27570
allow the actions user to login via the jwt token (#32527) (#32580)
Backport #32527

We have some actions that leverage the Gitea API that began receiving
401 errors, with a message that the user was not found. These actions
use the `ACTIONS_RUNTIME_TOKEN` env var in the actions job to
authenticate with the Gitea API. The format of this env var in actions
jobs changed with go-gitea/gitea/pull/28885 to be a JWT (with a
corresponding update to `act_runner`) Since it was a JWT, the OAuth
parsing logic attempted to parse it as an OAuth token, and would return
user not found, instead of falling back to look up the running task and
assigning it to the actions user.

Make ACTIONS_RUNTIME_TOKEN in action runners could be used, attempting
to parse Oauth JWTs. The code to parse potential old
`ACTION_RUNTIME_TOKEN` was kept in case someone is running an older
version of act_runner that doesn't support the Actions JWT.
2024-11-21 03:18:00 +00:00
wxiaoguang
81ec66c257
Fix submodule parsing (#32571) (#32577)
A quick fix for #32568
Partially backport from #32571
2024-11-21 10:32:19 +08:00
Giteabot
3661b14d97
Remove unnecessary code (#32560) (#32567)
Backport #32560 by @lunny

PushMirrors only be used in the repository setting page. So it should
not be loaded on every repository page.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-20 02:55:59 +08:00
Lunny Xiao
cf2d332443
Refactor find forks and fix possible bugs that weak permissions check (#32528) (#32547)
Backport #32528

- Move models/GetForks to services/FindForks
- Add doer as a parameter of FindForks to check permissions
- Slight performance optimization for get forks API with batch loading
of repository units
- Add tests for forking repository to organizations

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-19 04:08:32 +00:00
Giteabot
1b7031c5c2
Fix some places which doesn't repsect org full name setting (#32243) (#32550)
Backport #32243 by @lunny

Partially fix #31345

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-19 02:49:29 +00:00
Lunny Xiao
673fee427e
Refactor push mirror find and add check for updating push mirror (#32539) (#32549)
backport #32539

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-18 23:55:27 +08:00
wxiaoguang
578c02d652
Improve some sanitizer rules (#32534)
This is a backport-only fix for 1.22

1.23 has a proper fix #32533
2024-11-18 03:42:30 +00:00
Giteabot
6555cfcac3
Fix basic auth with webauthn (#32531) (#32536)
Backport #32531 by @lunny

WebAuthn should behave the same way as TOTP. When enabled, basic auth
with username/password should need to WebAuthn auth, otherwise returned
401.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-16 18:21:00 +00:00
Giteabot
b6eef34874
Fix artifact v4 upload above 8MB (#31664) (#32523) 2024-11-16 09:15:33 -08:00
Giteabot
d03dd04d65
Remove transaction for archive download (#32186) (#32520)
Backport #32186 by @lunny

Since there is a status column in the database, the transaction is
unnecessary when downloading an archive. The transaction is blocking
database operations, especially with SQLite.

Replace #27563

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-15 10:27:38 +01:00
Giteabot
257ce61023
Fix oauth2 error handle not return immediately (#32514) (#32516)
Backport #32514 by lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-15 11:27:04 +08:00
Lunny Xiao
781310df77
Trim title before insert/update to database to match the size requirements of database (#32498) (#32507) 2024-11-14 18:06:31 -08:00
Giteabot
f79f8e13e3
Fix nil panic if repo doesn't exist (#32501) (#32502)
Backport #32501 by wxiaoguang

fix  #32496

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-14 04:47:04 +00:00
Giteabot
a4263d341c
Add a doctor check to disable the "Actions" unit for mirrors (#32424) (#32497)
Backport #32424 by @Zettat123

Resolve #32232

Users can disable the "Actions" unit for all mirror repos by running 
```
gitea doctor check --run  disable-mirror-actions-unit --fix
```

Co-authored-by: Zettat123 <zettat123@gmail.com>
2024-11-13 18:47:56 +00:00
6543
52a66d78d4
Update nix development environment vor v1.22.x (#32495)
just bump:

 * golang:  v1.22.2 ->  v1.22.9
 * nodejs: v20.12.2 -> v20.18.0
 * python: v3.12.3 -> v3.12.7
2024-11-13 12:40:52 -05:00
wxiaoguang
ef339713c2
Refactor internal routers (partial backport, auth token const time comparing) (#32473) (#32479)
Partially backport #32473. LFS related changes are not in 1.22, so skip
them.

1. Ignore non-existing repos during migrations
2. Improve ReadBatchLine's comment
3. Use `X-Gitea-Internal-Auth` header for internal API calls and make
the comparing constant time (it wasn't a serous problem because in a
real world it's nearly impossible to timing-attack the token, but indeed
security related and good to fix and backport)
4. Fix route mock nil check
2024-11-13 10:26:37 +08:00
wxiaoguang
26437a03b0
Disable Oauth check if oauth disabled (#32368) (#32480)
Partially backport Disable Oauth check if oauth disabled #32368
2024-11-12 06:09:47 +00:00
Giteabot
b48df1082e
cargo registry - respect renamed dependencies (#32430) (#32478)
Backport #32430 by usbalbin

Co-authored-by: Albin Hedman <albin9604@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2024-11-12 03:26:26 +00:00
Giteabot
eb5733636b
Fix broken releases when re-pushing tags (#32435) (#32449)
Backport #32435 by @Zettat123

Fix #32427

---------

Co-authored-by: Zettat123 <zettat123@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2024-11-10 23:49:59 +00:00
Giteabot
62d8433194
Fix mermaid diagram height when initially hidden (#32457) (#32464)
Backport #32457 by @silverwind

In a hidden iframe, `document.body.clientHeight` is not reliable. Use
`IntersectionObserver` to detect the visibility change and update the
height there.

Fixes: https://github.com/go-gitea/gitea/issues/32392

<img width="885" alt="image"
src="https://github.com/user-attachments/assets/a95ef6aa-27e7-443f-9d06-400ef27919ae">

Co-authored-by: silverwind <me@silverwind.io>
2024-11-11 04:05:42 +08:00
Giteabot
22a93c1cdc
Only provide the commit summary for Discord webhook push events (#32432) (#32447)
Backport #32432 by @kemzeb

Resolves #32371.

#31970 should have just showed the commit summary, but
`strings.SplitN()` was misused such that we did not perform any
splitting at all and just used the message. This was not caught in the
unit test made in that PR since the test commit summary was > 50 (which
truncated away the commit description).

This snapshot resolves this and adds another unit test to ensure that we
only show the commit summary.

Co-authored-by: Kemal Zebari <60799661+kemzeb@users.noreply.github.com>
2024-11-08 09:13:49 +08:00
Lunny Xiao
16e51e91a1
Only query team tables if repository is under org when getting assignees (#32414) (#32426)
backport #32414 

It's unnecessary to query the team table if the repository is not under
organization when getting assignees.
2024-11-06 11:22:11 +08:00
wxiaoguang
936847b3da
Quick fix milestone deadline 9999 for 1.22 (#32423) 2024-11-05 14:13:19 +08:00