tdsds.com/gitea
1
1
Fork 0
mirror of https://github.com/go-gitea/gitea synced 2025-08-09 02:58:20 +00:00
Code Releases Activity
15,973 Commits 18 Branches 235 Tags
release/v1.20
Commit Graph

4040 Commits

Author SHA1 Message Date
Lunny Xiao
782414ba8f Fix missing check (#28406) (#28413) 
backport #28406
 2023-12-12 16:49:00 +08:00
Lunny Xiao
dfd511faf3 Fix comment permissions (#28213) (#28217) 
backport #28213 

This PR will fix some missed checks for private repositories' data on
web routes and API routes.
 2023-11-26 07:21:41 +08:00
Giteabot
69ea554e23 Dont leak private users via extensions (#28023) (#28028) 
Backport #28023 by @6543

there was no check in place if a user could see a other user, if you
append e.g. `.rss`
 2023-11-14 00:03:56 +01:00
KN4CK3R
00705da102 Unify two factor check (#27915) (#27939) 
Backport of #27915

Fixes #27819

We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
 2023-11-06 23:06:21 +01:00
Lunny Xiao
1dedf9bba0 Fix http protocol auth (#27875) (#27878) 
backport #27875
 2023-11-02 21:38:08 +01:00
Giteabot
71803d33e3 Fix org team endpoint (#27721) (#27729) 
Backport #27721 by @lng2020

Fix #27711

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
 2023-10-22 13:45:16 +02:00
Giteabot
171950a0d4 Fix 404 when deleting Docker package with an internal version (#27615) (#27629) 
Backport #27615 by @lng2020

close #27601
The Docker registry has an internal version, which leads to 404

Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com>
 2023-10-15 12:08:01 +02:00
Giteabot
4ffa683820 Fix panic in storageHandler (#27446) (#27478) 
Backport #27446 by @sryze

storageHandler() is written as a middleware but is used as an endpoint
handler, and thus `next` is actually `nil`, which causes a null pointer
dereference when a request URL does not match the pattern (where it
calls `next.ServerHTTP()`).

Example CURL command to trigger the panic:

```
curl -I "http://yourhost/gitea//avatars/a"
```

Fixes #27409

---

Note: the diff looks big but it's actually a small change - all I did
was to remove the outer closure (and one level of indentation) ~and
removed the HTTP method and pattern checks as they seem redundant
because go-chi already does those checks~. You might want to check "Hide
whitespace" when reviewing it.

Alternative solution (a bit simpler): append `, misc.DummyOK` to the
route declarations that utilize `storageHandler()` - this makes it
return an empty response when the URL is invalid. I've tested this one
and it works too. Or maybe it would be better to return a 400 error in
that case (?)

Co-authored-by: Sergey Zolotarev <sryze@outlook.com>
 2023-10-06 16:51:04 +02:00
Giteabot
973b7f6298 When comparing with an non-exist repository, return 404 but 500 (#27437) (#27441) 
Backport #27437 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2023-10-04 14:27:42 +00:00
Giteabot
23139aa27b Allow get release download files and lfs files with oauth2 token format (#26430) (#27378) 
Backport #26430 by @lunny

Fix #26165
Fix #25257

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2023-10-01 19:54:15 +08:00
Giteabot
fbe1f35112 Fix organization field being null in POST /orgs/{orgid}/teams (#27150) (#27162) 
Backport #27150 by @memphis88

Similarly to the fix in https://github.com/go-gitea/gitea/pull/24694,
this addresses the team creation not returning the organization
information in the response.

This fix is connected to the
[issue](https://gitea.com/gitea/terraform-provider-gitea/issues/27)
discovered in the terraform provider.
Moreover, the
[documentation](https://docs.gitea.com/api/1.20/#tag/organization/operation/orgCreateTeam)
suggests that the response body should include the `organization` field
(currently being `null`).

Co-authored-by: Dionysios Kakouris <1369451+memphis88@users.noreply.github.com>
 2023-09-21 12:14:59 +02:00
Giteabot
1d6e5c8e58 fix pagination for followers and following (#27127) (#27138) 
Backport #27127 by @earl-warren

- Use the correct total amount for pagination. Thereby correctly show
the pagination bare when there's more than one page of
followers/followings.

Refs: https://codeberg.org/forgejo/forgejo/pulls/1477

(cherry picked from commit c1a136318be3bf72511bed108f2d67f2cf34e1b8)

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: Gusted <postmaster@gusted.xyz>
 2023-09-19 16:03:01 +00:00
Giteabot
b139234fa8 Fix issue templates when blank isses are disabled (#27061) (#27082) 
Backport #27061 by @JakobDev

Fixes #27060

Co-authored-by: JakobDev <jakobdev@gmx.de>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: delvh <dev.lh@web.de>
 2023-09-14 17:39:34 +02:00
Giteabot
2cfabb68ff Redirect from {repo}/issues/new to {repo}/issues/new/choose when blank issues are disabled (#26813) (#26847) 
Backport #26813 by @JakobDev

You can currently visit `{repo}/issues/new` and create a blank issue,
even if it's disabled. This PR fixes this,

Fixes https://codeberg.org/forgejo/forgejo/issues/1356

Co-authored-by: JakobDev <jakobdev@gmx.de>
 2023-09-01 15:14:54 +00:00
Giteabot
93c36f395c Fix verifyCommits error when push a new branch (#26664) (#26810) 
Backport #26664 by @CaiCandong

> ### Description
> If a new branch is pushed, and the repository has a rule that would
require signed commits for the new branch, the commit is rejected with a
500 error regardless of whether it's signed.
> 
> When pushing a new branch, the "old" commit is the empty ID
(0000000000000000000000000000000000000000). verifyCommits has no
provision for this and passes an invalid commit range to git rev-list.
Prior to 1.19 this wasn't an issue because only pre-existing individual
branches could be protected.
> 
> I was able to reproduce with
[try.gitea.io/CraigTest/test](https://try.gitea.io/CraigTest/test),
which is set up with a blanket rule to require commits on all branches.


Fix #25565
Very thanks to @Craig-Holmquist-NTI for reporting the bug and suggesting
an valid solution!

Co-authored-by: CaiCandong <50507092+CaiCandong@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2023-08-31 15:29:55 +00:00
yp05327
c72f6067b3 Fix context filter has no effect in dashboard (#26695) (#26811) 
Backport #26695
 2023-08-30 11:14:54 +00:00
js6pak
54cc459ea8 Include the GITHUB_TOKEN/GITEA_TOKEN secret for fork pull requests (#26759) (#26806) 
Backport #26759

Co-authored-by: Jason Song <i@wolfogre.com>
 2023-08-30 02:25:34 -04:00
Giteabot
4013f3f600 Fix some slice append usages (#26778) (#26798) 
Backport #26778 by @harryzcy

Co-authored-by: Chongyi Zheng <git@zcy.dev>
Co-authored-by: delvh <dev.lh@web.de>
 2023-08-29 16:13:24 +00:00
Giteabot
3bab20491e Fix being unable to use a repo that prohibits accepting PRs as a PR source. (#26785) (#26790) 
Backport #26785 by @CaiCandong

## Description 
Sometimes, we need to use an upstream mirror repository to update the
current development repository, but mirror repositories are prohibited
from PR. It should not appear in `merge to,` but it can appear in `pull
from.`
Fix #24585 #26193 #26781
Related #24183

Many thanks to @apnote  for assisting me in reproducing this bug!

## ScreenShot
---
### Before

<img
src="https://github.com/go-gitea/gitea/assets/50507092/3d76c376-1f54-45b9-80c9-6ba8319d6a9a"
width="400px">

<img
src="https://github.com/go-gitea/gitea/assets/50507092/fbfd9f7f-421f-4a2e-9a3e-f2958bbf3312"
width="400px">

### After

<img
src="https://github.com/go-gitea/gitea/assets/50507092/e6984524-4f61-4310-b795-4d8598bd8963"
width="400px">

<img
src="https://github.com/go-gitea/gitea/assets/50507092/04065b44-78d7-4721-bf31-0f1674150727"
width="400px">

Co-authored-by: CaiCandong <50507092+CaiCandong@users.noreply.github.com>
 2023-08-29 18:06:05 +08:00
Lunny Xiao
b159ebbab7 Use docs.gitea.com instead of docs.gitea.io (#26769) 
backport #26739
 2023-08-28 19:58:16 +08:00
Giteabot
352a495c02 Fix unable to display individual-level project (#26198) (#26636) 
Backport #26198 by @CaiCandong

As title

Before:

![image](https://github.com/go-gitea/gitea/assets/50507092/94afc3bf-5597-4151-a59b-5632840ffa21)

After:

![image](https://github.com/go-gitea/gitea/assets/50507092/df81aa0b-98a6-477d-a270-2e45b3dca0fc)

fix #26189

Co-authored-by: caicandong <50507092+CaiCandong@users.noreply.github.com>
 2023-08-21 17:38:06 +00:00
a1012112796
f43df2f820 fix reopen logic for agit flow pull request (#26399) (#26613) 
Backport #26399

Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: Giteabot <teabot@gitea.io>
 2023-08-21 13:13:34 +00:00
Giteabot
1cedf36d30 Fix "issueReposQueryPattern does not match query" (#26556) (#26564) 
Backport #26556 by @wolfogre

Fix
`https://github.com/go-gitea/gitea/pull/26545#discussion_r1295734340`

Co-authored-by: Jason Song <i@wolfogre.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2023-08-17 21:13:00 +08:00
Giteabot
7da85fa0c3 Sync repo's IsEmpty status correctly (#26517) (#26560) 
Backport #26517 by @wxiaoguang

Close #26509

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2023-08-17 05:12:14 +00:00
Giteabot
0ac8b774e9 Fix typo of RunerOwnerID (#26508) (#26528) 
Backport #26508 by @yp05327

Co-authored-by: yp05327 <576951401@qq.com>
 2023-08-16 06:28:39 +00:00
KN4CK3R
762d4245fb Fix NuGet search endpoints (#25613) (#26499) 
Backport of #25613

Fixes #25564
Fixes #23191

- Api v2 search endpoint should return only the latest version matching
the query
- Api v3 search endpoint should return `take` packages not package
versions
 2023-08-16 06:01:20 +00:00
Giteabot
acc0fd22d8 Add ThreadID parameter for Telegram webhooks (#25996) (#26480) 
Backport #25996

Telegram has recently implemented threads (channels) for group chats.

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
Co-authored-by: neveraskedtoexist <matikot415@gmail.com>
 2023-08-14 08:55:17 +08:00
crystal
f155cf60d3 Improve profile readme rendering (#25988) (#26453) 
manual backport of #25988 to v1.20

- Tell the renderer to use the `document` mode, so it's consistent with
other renderers.
- Use the same padding as `.file-view.markup`, so it's consistent with
other containers that contain markup rendering.
- Resolves https://codeberg.org/forgejo/forgejo/issues/833

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
 2023-08-11 10:58:50 +02:00
Lunny Xiao
368e9e0f1b Add transaction when creating pull request created dirty data (#26259) (#26437) 
Backport #26259 

This PR will introduce a transaction on creating pull request so that if
some step failed, it will rollback totally. And there will be no dirty
pull request exist.

Co-authored-by: Giteabot <teabot@gitea.io>
 2023-08-11 05:27:23 +00:00
Giteabot
ec37ea5945 Fix wrong middleware sequence (#26428) (#26436) 
Backport #26428 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
 2023-08-10 11:26:22 +00:00
wxiaoguang
8ad331c9d2 Fix admin queue page title and fix CI failures (#26409) (#26421) 
Backport #26409

* Fix #26408
* Bypass the data race issue in "ssh" package
 2023-08-10 11:04:48 +02:00
Giteabot
2d1a7e1cd4 Introduce ctx.PathParamRaw to avoid incorrect unescaping (#26392) (#26405) 
Backport #26392 by @wxiaoguang

Fix #26389

And complete an old TODO: `ctx.Params does un-escaping,..., which is
incorrect.`

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2023-08-09 07:31:44 +00:00
Giteabot
060026995a Fix pull request check list is limited (#26179) (#26245) 
Backport #26179 by @CaiCandong

In the original implementation, we can only get the first 30 records of
the commit status (the default paging size), if the commit status is
more than 30, it will lead to the bug #25990. I made the following two
changes.
- On the page, use the ` db.ListOptions{ListAll: true}` parameter
instead of `db.ListOptions{}`
- The `GetLatestCommitStatus` function makes a determination as to
whether or not a pager is being used.

fixed #25990

Co-authored-by: caicandong <50507092+CaiCandong@users.noreply.github.com>
 2023-07-31 08:56:46 +00:00
Giteabot
3a29712e0a Fix access check for org-level project (#26182) (#26223) 
Backport #26182 by @Zettat123

Fix #25934

Add `ignoreGlobal` parameter to `reqUnitAccess` and only check global
disabled units when `ignoreGlobal` is true. So the org-level projects
and user-level projects won't be affected by global disabled
`repo.projects` unit.

Co-authored-by: Zettat123 <zettat123@gmail.com>
 2023-07-29 18:50:58 +00:00
Giteabot
54614767a2 Fix handling of plenty Nuget package versions (#26075) (#26173) 
Backport #26075 by @KN4CK3R

Fixes #25953

- Do not load full version information (v3)
- Add pagination support (v2)

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
 2023-07-26 21:41:40 +00:00
Lunny Xiao
c598741f01 Display deprecated warning in admin panel pages as well as in the log file (#26094) (#26154) 
backport #26094 
Temporily resolve #25915
Related #25994

This PR includes #26007 's changes but have a UI to prompt administrator
about the deprecated settings as well as the log or console warning.
Then users will have enough time to notice the problem and don't have
surprise like before.

<img width="1293" alt="图片"
src="https://github.com/go-gitea/gitea/assets/81045/c33355f0-1ea7-4fb3-ad43-cd23cd15391d">
 2023-07-26 09:22:39 +00:00
Giteabot
a8445e9320 Remove "misc" scope check from public API endpoints (#26134) (#26149) 
Backport #26134 by @wxiaoguang

Fix #26035

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2023-07-26 05:32:41 +00:00
Giteabot
a424f6d4f8 Fix handling of Debian files with trailing slash (#26087) (#26098) 
Backport #26087 by @KN4CK3R

Fixes #26022

- Fix handling of files with trailing slash
- Fix handling of duplicate package file errors
- Added test for both

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
 2023-07-24 14:56:13 +00:00
Giteabot
59713541b6 fix Missing 404 swagger response docs for /admin/users/{username} (#26086) (#26089) 
Backport #26086 by @CaiCandong

close #26079

Co-authored-by: caicandong <50507092+CaiCandong@users.noreply.github.com>
 2023-07-24 12:07:39 +02:00
Giteabot
54a516e9da Fix the route for pull-request's authors (#26016) (#26018) 
Backport #26016 by @wxiaoguang

Close #25906



![image](https://github.com/go-gitea/gitea/assets/2114189/e689f3e1-9a90-46c0-89f4-2d61394d34d3)


Succeeded logs:

```
[I] router: completed GET /root/test/issues/posters?&q=%20&_=1689853025011 for [::1]:59271, 200 OK in 127.7ms @ repo/issue.go:3505(repo.IssuePosters)


[I] router: completed GET /root/test/pulls/posters?&q=%20&_=1689853968204 for [::1]:59269, 200 OK in 94.3ms @ repo/issue.go:3509(repo.PullPosters)
```

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2023-07-20 13:38:12 +00:00
Giteabot
f81a612eb1 parseScope with owner/repo always sets owner to zero (#25987) (#25989) 
Backport #25987 by @earl-warren

Refs: https://codeberg.org/forgejo/forgejo/pulls/1001

Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com>
 2023-07-19 22:57:17 +08:00
Giteabot
ee47face12 Update path related documents (#25417) (#25982) 
Backport #25417 by @wxiaoguang

Update WorkPath/WORK_PATH related documents, remove out-dated
information.

Remove "StaticRootPath" on the admin config display page, because few
end user really need it, it only causes misconfiguration.


![image](https://github.com/go-gitea/gitea/assets/2114189/8095afa4-da76-436b-9e89-2a92c229c01d)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2023-07-19 09:48:54 +00:00
Giteabot
b7d054e4b5 Ignore runs-on with expressions when warning no matched runners (#25917) (#25933) 
Backport #25917 by @wolfogre

Fix #25905

Co-authored-by: Jason Song <i@wolfogre.com>
 2023-07-18 06:40:28 +00:00
Giteabot
9159964ada Avoid opening/closing PRs which are already merged (#25883) (#25903) 
Backport #25883 by @yp05327

We can select PRs to open/close them by one click, but we forgot to
check whether it is merged.
You can get an opening merged PR:

![image](https://github.com/go-gitea/gitea/assets/18380374/22c2e747-4bb9-4742-a9aa-ef39d5308bc5)

You can confirm this in:
https://try.gitea.io/yp05327/testrepo/pulls/5

Co-authored-by: yp05327 <576951401@qq.com>
 2023-07-17 12:14:22 +00:00
Giteabot
36b9a86bd8 Fix incorrect milestone count when provide a keyword (#25880) (#25904) 
Backport #25880 by @yp05327

You can confirm this issue in:
https://try.gitea.io/yp05327/testrepo/milestones?state=open&q=a
There's no milestone, but the count is 1.

![image](https://github.com/go-gitea/gitea/assets/18380374/25e58cee-aeeb-43c1-8ec8-6e2ec6bf1284)

Co-authored-by: yp05327 <576951401@qq.com>
 2023-07-17 11:12:59 +02:00
Giteabot
de8127e78b fix incorrect repo url when changed the case of ownername (#25733) (#25881) 
Backport #25733 by @hiifong

When only the casing of the username changes, update the owner name of the repo,
and keep the original logic consistent with other conditions.

example: assume your username is `gitea`, lowercase username is `gitea` too,
repo URL is `.../gitea/{repo}`.
You change your username to `Gitea`, `GiTea` or something like that,
as long as the lowercase username is still `gitea`, the repo URL remained `.../gitea/{repo}`.

this pr keeps the new username consistent with the repo URL.

Before:

![image](https://github.com/go-gitea/gitea/assets/89133723/84177296-f0ff-4176-84f1-1f9ec3f5b86f)
![image](https://github.com/go-gitea/gitea/assets/89133723/8f8f4a12-ecdd-4dec-af89-85c009b0ccfe)

After: 

![image](https://github.com/go-gitea/gitea/assets/89133723/0564edb6-9467-405a-8cd4-d6f70e6f614b)
![image](https://github.com/go-gitea/gitea/assets/89133723/554ecd6e-e5a1-43bc-a46d-99e988c2ff58)

Co-authored-by: hiifong <i@hiif.ong>
 2023-07-15 19:47:24 +02:00
Giteabot
45b1f4dd3b Add support for different Maven POM encoding (#25873) (#25890) 
Backport #25873 by @KN4CK3R

Fixes #25853

- Maven POM files aren't always UTF-8 encoded.
- Reject the upload of unparsable POM files

Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
 2023-07-14 10:27:15 +00:00
Giteabot
026e745b9e Fix incorrect release count (#25879) (#25887) 
Backport #25879 by @yp05327

Release count is not correct:
https://try.gitea.io/yp05327/testrepo/tags

![image](https://github.com/go-gitea/gitea/assets/18380374/07f97c62-d450-4ccb-b3f2-3e0af9d9fc52)

https://try.gitea.io/yp05327/testrepo/releases

![image](https://github.com/go-gitea/gitea/assets/18380374/6f1d55a4-bb68-445d-84b9-90552a40f403)

https://try.gitea.io/yp05327/testrepo/releases/tag/testtag

![image](https://github.com/go-gitea/gitea/assets/18380374/09ab5d51-52b6-4621-a571-3100198eb260)

We already have correct release count, no need to calculate it again.

c5e187c389/modules/context/repo.go (L547)

Co-authored-by: yp05327 <576951401@qq.com>
 2023-07-14 09:32:43 +00:00
Giteabot
c334be8284 Fix empty project displayed in issue sidebar (#25802) (#25854) 
Backport #25802 by @yp05327

You can confirm this issue in
https://try.gitea.io/yp05327/testrepo/issues/2

Before:

![image](https://github.com/go-gitea/gitea/assets/18380374/1ab476dc-2f9b-4c85-9e87-105fc73af1ee)
After:

![image](https://github.com/go-gitea/gitea/assets/18380374/786f984d-5c27-4eff-b3d9-159f68034ce4)

This issue comes from the change in #25468.
`LoadProject` will always return at least one record, so we use
`ProjectID` to check whether an issue is linked to a project in the old
code.
As other `issue.LoadXXX` functions, we need to check the return value
from `xorm.Session.Get`.

In recent unit tests, we only test `issueList.LoadAttributes()` but
don't test `issue.LoadAttributes()`. So I added a new test for
`issue.LoadAttributes()` in this PR.

Co-authored-by: yp05327 <576951401@qq.com>
Co-authored-by: Denys Konovalov <privat@denyskon.de>
 2023-07-12 19:07:03 +02:00
Giteabot
abe9c641ce Show correct SSL Mode on "install page" (#25818) (#25838) 
Backport #25818 by @wxiaoguang

Fix #25817


![image](https://github.com/go-gitea/gitea/assets/2114189/49f7b85d-c229-41b5-86fd-58cd812eaca6)

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
 2023-07-12 02:01:38 -04:00