* add issue subscriber API
* subscribers return []user.APIFormat
* add comments
* more meaningfull description
* without "reqToken()" api works ...
* should be still secure beause ctx.user has to be there or nothing will hapen
* FIX: getIssueWatchers() get only aktive suscriber
* add return avter error on right position
* Revert "FIX: getIssueWatchers() get only aktive suscriber"
This reverts commit 5eca929185.
* Update routers/api/v1/repo/issue.go
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* test go linter again
* update swagger
* GetIssueWatchers -> GetIssueSubscribers
part one
Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>
* GetIssueWatchers -> GetIssueSubscribers
part two
* Revert "test go linter again"
This reverts commit bab1235622.
* change description for unsubscribe too
* golangci-lint timeout avter 5min
* move issueSubscription to seperate file
* dont create black entitys
* use IsWatching until refactoring
* Update License Info
* better swagger description
* Update .golangci.yml
because functions moved from issue.go to issue_subscription.go
* add IssueWatchList type
* batch tasks
* use e Engien
* add error handling
* error should be the last type when returning multiple items
* short version
* reurn empy UserList instead of nil
This PR fixes#7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.
## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
- [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
- Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
- [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
- app.ini configuration done
- [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation
I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
* Update golangci to v1.20
Signed-off-by: kolaente <k@knt.li>
* Use the timeout flag instead of deadline, move it to config
Signed-off-by: kolaente <k@knt.li>
* workaround broken swagger
only master brach is not working, latest release seems to work
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* make vendor
Signed-off-by: Michael Gnehr <michael@gnehr.de>
* Don't export GO111MODULE
* set go-swagger to fixed release version
mentioned here: https://github.com/go-gitea/gitea/pull/7362#discussion_r300831537
Signed-off-by: Michael Gnehr <michael@gnehr.de>
New CSS linter which is much more powerfull than the previous one.
Configuration is default but I had to remove a few rules that were
throwing too many or weird errors.
More importantly, the linter will exit with code 1 on errors so now our
build will fail if the CSS linter fails which should eliminate linter
errors being introduced without notice.
* add 'npm' and 'npm-update' make targets and lockfile
- `make npm` installs and updates node_modules, triggered automatically
on `make css` and `make js` as it completes reasonably fast and
ensures consistent modules.
- `make npm-update` updates all dependencies to their latest version,
regenerates `node_modules` from scratch and updates
`package-lock.json`. It uses npm modules `updates` written by yours
truly to find the latest version of each dependency.
* add suggested make dependencies
* remove package-lock.json during npm-update
* regenerate package-lock.json
- Fix layout overflow in repo file list.
- Fix invisible status icon in file view and commit list. In file view,
the icon was moved to the left because I could not figure out a proper
fix because of HTML tables.
- Added title attribute to commit messages.
- Fixed two CSS linter warnings in existing CSS.
- Fixed CI variable check in 'make css'.
Fixes: https://github.com/go-gitea/gitea/issues/7180
* add make targets for js,css, add javascript linter
- add `make js`, deprecating `make javascripts`
- add `make css`, deprecating `make generate-stylesheets` and
`make stylesheets-check`
- changed the unclean css check to only run on CI
- add JS linting via eslint with basic configuration and fixed
discovered issues
- changed autoprefixer to use official `postcss-cli` avoiding the need
to loop in the makefile
- moved browserslist to package.json so other future tools can use it
too.
- update documentation for new make targets and added JS section
* fix indentation
* move functions used in html to 'exported' list
* Run lessc binary without having to install anything to node_modules
* use relative paths to node bin scripts, removing npx
* Revert "use relative paths to node bin scripts, removing npx"
This reverts commit 119b725525.
* fix lessc and postcss plugins
* check for node_modules and use actual bin names
* Prevent creating empty sessions
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update modules/setting/session.go
* Remove unnecessary option
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add destory to list of ignored misspellings
* rename cookie.go -> virtual.go
* Delete old file
* Add test to ensure that sessions are not created without being logged in
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix tests
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update integrations/create_no_session_test.go
* Migrate to go modules
* make vendor
* Update mvdan.cc/xurls
* make vendor
* Update code.gitea.io/git
* make fmt-check
* Update github.com/go-sql-driver/mysql
* make vendor
* Added Go Path and node_modules to PATH
* Uses npx now for generate-stylesheets
* Uses `go env GOPATH` to calculate adding GOPATH/bin to PATH
* Added note about installing Node 8.0+ to generate stylesheets
* Added preferred Node version to CONTRIBUTING.md
* Add migration test
This commit adds a simple migration test for v1.5.3, v1.6.4 and v1.7.0-rc3
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Automigrate based on available dbs
* remove old ini file
* Standardise the dialect names
* Added test environment for m$sql
* Added template for test environment for m$sql
* Fix password
* Fix password (again)
* Fix password (again again)
* Fix db
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Ci trigger (Looking at you drone....)
* Create master database for mssql integration tests
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Create database only if master do not exist
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Fix mssql integration tests by using custom database "gitea"
Signed-off-by: Jonas Franz <info@jonasfranz.software>
* Moved defer
* bump xorm
* updated xorm
* Fixed build
* Create manifest and serviceworker
* Create templates and add AppSubUrl
* Add JSRenderer
* fix ctx type
* Add JSRenderer to static.go
* Complete adding {{AppSubUrl}}
* Add more fonts to urlsToCache
* Add 512px and 192px icons
* Hardcode font MD5
* Default theme doesn't have a specific CSS file
This makes it easier for user who want to theme but
don't have the ability to know how to customize templates
all that is required is a change in a config option
The reason why I chose the DEFAULT_THEME as variable,
as perhaps in the future we will allow users to chose their
theme whon logged in just like we do with languages
* Update makefile to use dep
* Migrate to dep
* Fix some deps
* Try to find a better version for golang.org/x/net
* Try to find a better version for golang.org/x/oauth2
* Create docker/manifest/base.yml
serve as base for build docker image for most platform (386,amd64,arm,arm64)
* Add make task docker-multi-arch-push-manifest
To update references of a multi-arch image on docker registry.
* Use SED_INPLACE generic sed command
* Delete Dockerfile.aarch64
Delete Dockerfile.rpi
* Use gitea/gitea-base as base
and replace deprecated MAINTAINER by LABEL (https://docs.docker.com/engine/reference/builder/#maintainer-deprecated)
* Fix rebase
* Use sapk/gitea-base as base
* Split makefile for docker
* Fix version to v3.6
Could use in later version edge of alpine official library that support multi-arch for armhf.
* Remove sapk/gitea-base and use directly new official alpine multi-arch
* Move swagger interface under /api/v1
* Update swagger-ui
* Add /api/swagger and prepare for multiple api version
* Update test links
* Fix footer link
* Use standard lessc and minify CSS using Node.js
This changes the previous nonstandard `lessc` to the official one and
enables CSS minification via the clean-css module.
To build CSS, Node.js is required along with a `npm install` to get the
tools installed locally in node_modules so there is no dependency on
binaries in PATH. Benefits include:
- Allows one to have a standard lessc in PATH.
- Can now use command line switches on lessc.
- Minified CSS brings faster page load times and also has the benefit
of discouraging contributors from editing CSS directly.
To build CSS, Node.js is required along with a `npm install` to get the
tools installed locally based on the information in `package.json`.
The 'make stylesheet' task was modified to run without condition. This
makes it easier to work on the make task itself without having to delete
files.
Also fixes: https://github.com/go-gitea/gitea/issues/2198
* install node, npm and modules on drone
* .PHONY
* use 'minify' to minify CSS
* Cleaning up public/ and documenting js/css libs.
This commit mostly addresses #1484 by moving vendor'ed plugins into a
vendor/ directory and documenting their upstream source and license in
vendor/librejs.html.
This also proves gitea is using only open source js/css libraries which
helps toward reaching #1524.
* Removing unused css file.
The version of this file in use is located at:
vendor/plugins/highlight/github.css
* Cleaned up librejs.html and added javascript header
A SafeJS function was added to templates/helper.go to allow keeping
comments inside of javascript.
A javascript comment was added in the header of templates/base/head.tmpl
to mark all non-inline source as free.
The librejs.html file was updated to meet the current librejs spec. I
have now verified that the librejs plugin detects most of the scripts
included in gitea and suspect the non-free detections are the result of
a bug in the plugin. I believe this commit is enough to meet the C0.0
requirement of #1534.
* Updating SafeJS function per lint suggestion
* Added VERSIONS file, per request
To support High-DPI displays, generate images at 4 times their displayed
resolution, which should be enough to support all current devices
according to https://material.io/devices/.
* Use POSIX complaint ! operator in find
-not is a GNU extension and not all find(8) implementations
support it. It's just an alias for ! which is POSIX compliant.
Now gitea compiles on NetBSD at least.
* Revert change in vendor directory as requested
* Separate generate-swagger
* Remove go generate rules
* Add missing definition replacement + remove use of -i sed flag
for compatibility with mac os default sed version.
This is a little hacky a better solution could be use.
* Use custom SED_INPLACE
depending of platform detection
* Use SED_INPLACE for swagger-ui also
* Include formatting check to the `make check` rule
... and give it its own standalone target too (make fmt-check)
Show diff on fmt-check failure
Do not allow running "fmt-check" with incompatible go version
Also simplify the `fmt` rule
* Forbid running "make fmt" with Go version != 1.7 or 1.8
* Ignore bindata.go for spelling and formatting checks
also remove duplicated variable assignment for GOFILES
* Run `make fmt`
- Generate swagger.json into public/
- Add swagger-ui auto-installation
- Add footer link to local swagger-ui
- Add /swagger url for using app url.
- Fix Swagger-UI version via git tag
* Do not allow commiting to protected branch from online editor
* Add editor integration tests for adding new file and not allowing to add new file to protected branch
* improve integration test to resue models/fixtures and store git repos with source
* use gitea-integration-meta dir instead .tar.gz and cleanup every before every test
* fix import package name
* Check if missing deps in vendor
This will catch import from other repos. (maybe by auto-import)
* Remove github.com/smartystreets unused deps
* Remove github.com/boltdb/bolt unused dep
* Fetch github.com/go-xorm/core + sync gopkg.in/ldap.v2/ldap.go
* Auto-install govendor + reinstall github.com/boltdb/bolt needed by vendor/github.com/blevesearch/bleve/index/store/boltdb
* Update go-xorm/xorm to a5cb21 in vendor.json
* Use a custom repo for implementing change to bolt dep.
* Switching bolt to github.com/go-gitea/bolt
* Switching bolt to github.com/go-gitea/bolt (fork version)
* change the drone sign
As we can not compile darwin binaries with static flags I have split the
build process into different make tasks. Now we get static linked
binaries especially for linux so that it also can run on older versions
of CenOS and so on.
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Implement '/api/v1/version'
* Cleanup and various fixes
* Enhance run.sh
* Add install_test.go
* Add parameter utils.Config for testing handlers
* Re-organize TestVersion.go
* Rename functions
* handling process cleanup properly
* Fix missing function renaming
* Cleanup the 'retry' logic
* Cleanup
* Remove unneeded logging code
* Logging messages tweaking
* Logging message tweaking
* Fix logging messages
* Use 'const' instead of hardwired numbers
* We don't really need retries anymore
* Move constant ServerHttpPort to install_test.go
* Restore mistakenly removed constant
* Add required comments to make the linter happy.
* Fix comments and naming to address linter's complaints
* Detect Gitea executale version automatically
* Remove tests/run.sh, `go test` suffices.
* Make `make build` a prerequisite of `make test`
* Do not sleep before trying
* Speedup the server pinging loop
* Use defined const instead of hardwired numbers
* Remove redundant error handling
* Use a dedicated target for running code.gitea.io/tests
* Do not make 'test' depend on 'build' target
* Rectify the excluded package list
* Remove redundant 'exit 1'
* Change the API to allow passing test.T to test handlers
* Make testing.T an embedded field
* Use assert.Equal to comparing results
* Add copyright info
* Parametrized logging output
* Use tmpdir instead
* Eliminate redundant casting
* Remove unneeded variable
* Fix last commit
* Add missing copyright info
* Replace fmt.Fprintf with fmt.Fprint
* rename the xtest to integration-test
* Use Symlink instead of hard-link for cross-device linking
* Turn debugging logs on
* Follow the existing framework for APIs
* Output logs only if test.v is true
* Re-order import statements
* Enhance the error message
* Fix comment which breaks the linter's rule
* Rename 'integration-test' to 'e2e-test' for saving keystrokes
* Add comment to avoid possible confusion
* Rename tests -> integration-tests
Also change back the Makefile to use `make integration-test`.
* Use tests/integration for now
* tests/integration -> integrations
Slightly flattened directory hierarchy is better.
* Update Makefile accordingly
* Fix a missing change in Makefile
* govendor update code.gitea.io/sdk/gitea
* Fix comment of struct fields
* Fix conditional nonsense
* Fix missing updates regarding version string changes
* Make variable naming more consistent
* Check http status code
* Rectify error messages
* Fix for #828
Add build tags to ldflags and print in version output
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Reworked formatBuiltWith function
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Add tags to version information in admin panel
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Added new variable for use on admin page.
Signed-off-by: Jonas Östanbäck <jonas.ostanback@gmail.com>
* Fixed incorrect indentation
Fix for #1013: adds "bindata" to tags by default, as without this the
resulting docker image won't start, as it doesn't contain locale files.
Verified to work even if you specify TAGS="bindata" such that it appears
twice.
* Use local folder for xgo
* Always do crosscompile and testing to fail early
* Added mips* values for boltdb
In order to get master building again I have applied these 2 additional
files to boltdb. This should get dropped when
https://github.com/boltdb/bolt/issues/656 gets solved.
* Moved conf assets into options folder
* Dropped old bindata
* Started to integrate options bindata and accessors
* Do not enforce a builtin app.ini
* Replaced bindata calls with options
* Dropped bindata task from makefile, it's the generate task now
* Always embedd app.ini to provide sane config defaults
* Use sane defaults for the configuration
* Defined default value for SSH_KEYGEN_PATH
* Dropped "NEVER EVER MODIFY THIS FILE" header from app.ini
* Fixed new paths in latest test additions
* Drop bindata with make clean task
* Set more proper default values
* Added stupid docker task to makefile
* Dropped unknown option PrintLastLog from docker ssh config
* OpenSSH should log to docker stdout
* Set random pw for docker git user, otherwise it is locked
* Stop using templates and public within docker
* Get rid of the bin folder within the build process
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped latest make task, it is unused
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Added tidb tag to drone config
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped the cert build tag
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped useless minwinsvc build tag
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped the useless build tags from drone config
Signed-off-by: Thomas Boerger <thomas@webhippie.de>
* Dropped unused codekit config
* Integrated dynamic and static bindata for public
* Ignore public bindata
* Add a general generate make task
* Integrated flexible public assets into web command
* Updated vendoring, added all missiong govendor deps
* Made the linter happy with the bindata and dynamic code
* Moved public bindata definition to modules directory
* Ignoring the new bindata path now
* Updated to the new public modules import path
* Updated public bindata command and drop the new prefix
This allows the user to specify build flags from the make command
line. For example to force a complete rebuild one could use:
make BUILD_FLAGS='-v -a' TAGS="sqlite"
This is achieved by adding public/css/gogs.css to special .IGNORE target, which
makes inability to generate/update gogs.css non-fatal and not stopping whole
build process. User is still notified about missing lessc command though, since
inability to update CSS may lead to potential problems:
lessc public/less/gogs.less public/css/gogs.css
make: lessc: No such file or directory
make: [public/css/gogs.css] Error 1 (ignored)
More info at:
https://www.gnu.org/software/make/manual/html_node/Special-Targets.html
This speeds up single build/rebuild rather than install & build which compiles
everything twice, we just copy installed binary back to the project root.