1
1
mirror of https://github.com/go-gitea/gitea synced 2025-09-28 03:28:13 +00:00
Commit Graph

103 Commits

Author SHA1 Message Date
luzpaz
8c647bf0f6 Fix various typos (#18219)
Found via `codespell -q 3 -S ./options/locale,./vendor -L ba,pullrequest,pullrequests,readby,te,unknwon`

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-01-10 17:32:37 +08:00
zeripath
e4e411821d Abort merge if head has been updated before pressing merge (#18032)
* Abort merge if head has been updated before pressing merge

It is possible that a PR head may be pushed to between the merge page being shown
and the merge button being pressed. Pass the current expected head in as a parameter
and cancel the merge if it has changed.

Fix #18028

Signed-off-by: Andrew Thornton <art27@cantab.net>

* adjust swagger

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-12-20 08:32:54 +08:00
Lunny Xiao
3ca5dc7e32 Move keys to models/asymkey (#17917)
* Move keys to models/keys

* Rename models/keys -> models/asymkey

* change the missed package name

* Fix package alias

* Fix test

* Fix docs

* Fix test

* Fix test

* merge
2021-12-10 16:14:24 +08:00
Lunny Xiao
719bddcd76 Move repository model into models/repo (#17933)
* Some refactors related repository model

* Move more methods out of repository

* Move repository into models/repo

* Fix test

* Fix test

* some improvements

* Remove unnecessary function
2021-12-10 09:27:50 +08:00
mscherer
34b5436ae1 Refactor various strings (#17784)
Fixes #16478

Co-authored-by: Gusted <williamzijl7@hotmail.com>

Co-authored-by: Gusted <williamzijl7@hotmail.com>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-12-02 15:28:08 +08:00
zeripath
b5a9ee94fd Make Co-committed-by and co-authored-by trailers optional (#17848)
This PR adds another option to app.ini make co-committed-by and co-authored-by trailers
optional on a per server basis.

Fix #17194

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-11-29 07:09:55 +00:00
Lunny Xiao
a666829a37 Move user related model into models/user (#17781)
* Move user related model into models/user

* Fix lint for windows

* Fix windows lint

* Fix windows lint

* Move some tests in models

* Merge
2021-11-24 17:49:20 +08:00
Gusted
253d9e4158 Remove unnecassary calls to filepath.Join (#17608)
- Partialy resolvess #17596
- Resolves `badCall` errors from go-critic `badCall: suspicious Join on
1 argument`
- When only 1 argument is passed into `filepath.Join`, it won't do
anything special other than `filepath.Clean(...)` will be applied over
it.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 6543 <6543@obermui.de>
2021-11-15 14:02:53 +08:00
Lunny Xiao
99b2858e62 Move unit into models/unit/ (#17576)
* Move unit into models/unit/

* Rename unit.UnitType as unit.Type
2021-11-09 20:57:58 +01:00
Eng Zer Jun
f2e7d5477f refactor: move from io/ioutil to io and os package (#17109)
The io/ioutil package has been deprecated as of Go 1.16, see
https://golang.org/doc/go1.16#ioutil. This commit replaces the existing
io/ioutil functions with their new definitions in io and os packages.

Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-09-22 13:38:34 +08:00
a1012112796
cbf05c3f79 Add option to update pull request by rebase (#16125)
* add option to update pull request by `rebase`

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-08-31 16:03:45 +02:00
zeripath
84f5a0bc62 Always set the merge base used to merge the commit (#15352)
The issue is that the TestPatch will reset the PR MergeBase - and it is possible for TestPatch to update the MergeBase whilst a merge is ongoing. The ensuing merge will then complete but it doesn't re-set the MergeBase it used to merge the PR.

Fixes the intermittent error in git test.

Signed-off-by: Andrew Thornton art27@cantab.net
2021-04-10 09:27:29 +01:00
6543
9c4601bdf8 Code Formats, Nits & Unused Func/Var deletions (#15286)
* _ to unused func options

* rm useless brakets

* rm trifial non used models functions

* rm dead code

* rm dead global vars

* fix routers/api/v1/repo/issue.go

* dont overload import module
2021-04-09 09:40:34 +02:00
a1012112796
a5279b74b6 Make manual merge autodetection optional and add manual merge as merge method (#12543)
* Make auto check manual merge as a chooseable mod and add manual merge way on ui

as title, Before this pr, we use same way with GH to check manually merge.
It good, but in some special cases, misjudgments can occur. and it's hard
to fix this bug. So I add option to allow repo manager block "auto check manual merge"
function, Then it will have same style like gitlab(allow empty pr). and to compensate for
not being able to detect THE PR merge automatically, I added a manual approach.

Signed-off-by: a1012112796 <1012112796@qq.com>

* make swager

* api support

* ping ci

* fix TestPullCreate_EmptyChangesWithCommits

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* Apply review suggestions and add test

* Apply suggestions from code review

Co-authored-by: zeripath <art27@cantab.net>

* fix build

* test error message

* make fmt

* Fix indentation issues identified by @silverwind

Co-authored-by: silverwind <me@silverwind.io>

* Fix tests and make manually merged disabled error on API the same

Signed-off-by: Andrew Thornton <art27@cantab.net>

* a small nit

* fix wrong commit id error

* fix bug

* simple test

* fix test

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-03 22:41:23 -05:00
Cirno the Strongest
2c9dd71140 Standardize Co-Authored-By / Reviewed-By strings (#14097)
* Standardize Co-Authored-By / Reviewed-By strings

* Use lowercase variant

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-12-21 21:19:33 -05:00
a1012112796
682f0b0460 Fix Pull Merge when tag with same name as base branch exist (#13882)
fix dst refspec error in 'Push back to upstream' when base branch have
same name with a tag.

fix #13851
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: zeripath <art27@cantab.net>
2020-12-08 02:46:50 +01:00
a1012112796
9c26dc1f3a Add block on official review requests branch protection (#13705)
Signed-off-by: a1012112796 <1012112796@qq.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-11-28 21:30:46 +02:00
zeripath
de6e427a01 go-version constraints ignore pre-releases (#13234)
Go-version constraints ignore pre-releases.

Rather than change the library further this PR simply changes
the git version comparison to use simple version compare ignoring the
issue of pre-releases.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-10-21 11:42:08 -04:00
赵智超
dfa7291f8f [Enhancement] Allow admin to merge pr with protected file changes (#12078)
* [Enhancement] Allow admin to merge pr with protected file changes

As tilte, show protected message in diff page and merge box.

Signed-off-by: a1012112796 <1012112796@qq.com>

* remove unused ver

* Update options/locale/locale_en-US.ini

Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>

* Add TrN

* Apply suggestions from code review

* fix lint

* Update options/locale/locale_en-US.ini

Co-authored-by: zeripath <art27@cantab.net>

* Apply suggestions from code review

* move pr proteced files check to TestPatch
* Call TestPatch when protected branches settings changed

* Apply review suggestion @CirnoT

* move to service @lunny

* slightly restructure routers/private/hook.go

Adds a lot of comments and simplifies the logic

Signed-off-by: Andrew Thornton <art27@cantab.net>

* placate lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* skip duplicate protected files check

* fix check logic

* slight refactor of TestPatch

Signed-off-by: Andrew Thornton <art27@cantab.net>

* When checking for protected files changes in TestPatch use the temporary repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix introduced issue with hook

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Remove the check on PR index being greater than 0 as it unnecessary

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <matti@mdranta.net>
Co-authored-by: Cirno the Strongest <1447794+CirnoT@users.noreply.github.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-10-13 14:50:57 -04:00
zeripath
4979f15c3f Add configurable Trust Models (#11712)
* Add configurable Trust Models

Gitea's default signature verification model differs from GitHub. GitHub
uses signatures to verify that the committer is who they say they are -
meaning that when GitHub makes a signed commit it must be the committer.
The GitHub model prevents re-publishing of commits after revocation of a
key and prevents re-signing of other people's commits to create a
completely trusted repository signed by one key or a set of trusted
keys.

The default behaviour of Gitea in contrast is to always display the
avatar and information related to a signature. This allows signatures to
be decoupled from the committer. That being said, allowing arbitary
users to present other peoples commits as theirs is not necessarily
desired therefore we have a trust model whereby signatures from
collaborators are marked trusted, signatures matching the commit line
are marked untrusted and signatures that match a user in the db but not
the committer line are marked unmatched.

The problem with this model is that this conflicts with Github therefore
we need to provide an option to allow users to choose the Github model
should they wish to.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Adjust locale strings

Signed-off-by: Andrew Thornton <art27@cantab.net>

* as per @6543

Co-authored-by: 6543 <6543@obermui.de>

* Update models/gpg_key.go

* Add migration for repository

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-09-20 00:44:55 +08:00
6543
bc11caff94 [Vendor] Switch go-version lib (#12719)
* vendor: switch from "mcuadros/go-version" to "hashicorp/go-version"

* Adapt P1

* simplify

* fix lint

* adapt

* fix lint & rm old code

* no deadlock

* rm RWMutex and check GoVersion only 1-time

* Copyright header

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2020-09-05 12:42:58 -04:00
zeripath
d15bb17b78 Default empty merger list to those with write permissions (#12535)
Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2020-08-20 10:48:40 +03:00
6543
c52d48aae4 Prevent merge of outdated PRs on protected branches (#11012)
* Block PR on Outdated Branch

* finalize

* cleanup

* fix typo and sentences

thanks @guillep2k

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-04-16 22:00:36 -03:00
6543
f7ecc2bee7 fix (#11066) 2020-04-14 19:29:31 +03:00
6543
d21b974f6c Load pr Issue Poster on API too (#11033) 2020-04-10 13:40:36 +03:00
j.yao.SUSE
b40107c416 [suggest] change merge strategy: do not check write access if user in merge white list (#10951)
* [suggest] change merge strategy: do not check write access if user in merge white list #10935

(cherry picked from commit ba74fc6389dfcad03c273441a49b54e4d38c86ee)

* fix NPE

* Fix cross compile (#10952)

* Fix cross compile

* Add test for cross compile

* Fix drone

* Fix drone

* Also prevent CC environment not to generate

Co-authored-by: zeripath <art27@cantab.net>

* fix merge box icon color bug (#10974)

that because need some space beturn ``text`` and color defines

Signed-off-by: a1012112796 <1012112796@qq.com>

* [skip ci] Updated translations via Crowdin

* Allow X in addition to x in tasks (#10979)

Signed-off-by: Andrew Thornton <art27@cantab.net>

* remove api: merge  reqRepoWriter

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: 赵智超 <1012112796@qq.com>
Co-authored-by: GiteaBot <teabot@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-04-08 14:26:50 +03:00
zeripath
97eb37e823 Fix rebase conflict detection in git 2.26 (#10929)
* Fix rebase conflict detection in git 2.26

Git changed the technique used in rebase from
simple apply-patches to use merge. This breaks
our conflict detection code.

Signed-off-by: Andrew Thornton <art27@cantab.net>

* As per @techknowlogick reduce copying

Signed-off-by: Andrew Thornton <art27@cantab.net>
2020-04-03 19:00:41 +03:00
zeripath
7cd47046ea Handle push rejection in branch and upload (#10854)
* Handle push rejections and push out-of-date in branch creation and
file upload.
* Remove the duplicated sanitize from services/pull/merge
* Move the errors Err(Merge)PushOutOfDate and ErrPushRejected to
modules/git
* Handle errors better in the upload file dialogs

Fix #10460

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-03-28 01:13:18 -03:00
Lunny Xiao
5abe1c52de Display pull request head branch even the branch deleted or repository deleted (#10413)
* Display pull request head branch even the branch deleted or repository deleted

* Merge getHeadRepo/loadHeadRepo and getBaseRepo/loadBaseRepo on pull and fill repo when pr.Issue.Repo is available

* retrieve sha from pull head when pull request branch deleted and fix tests

* Fix test

* Ensure MustHeadRepoName returns empty string if no head repo

Co-authored-by: zeripath <art27@cantab.net>
2020-03-02 22:31:55 +00:00
zeripath
089ccb0c80 Handle push rejection message in Merge & Web Editor (#10373)
* Handle push rejection message in Merge

* placate golangci-lint

* Fix sanitize, adjust message handling

* oops

* Oops

* Handle push-rejection in webeditor CRUD too

* Apply suggestions from code review

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-02-22 15:08:48 +02:00
zeripath
875c5e1305 Only check for conflicts/merging if the PR has not been merged in the interim (#10132)
* Only check for merging if the PR has not been merged in the interim

* fixup! Only check for merging if the PR has not been merged in the interim

* Try to fix test failure

* Use PR2 not PR1 in tests as PR1 merges automatically

* return already merged error

* enforce locking

* enforce locking - fix-test

* enforce locking - fix-testx2

* enforce locking - fix-testx3

* move pullrequest checking to after merge

This might improve the chance that the race does not affect us but does not prevent it.

* Remove minor race with getting merge commit id

* fixup

* move check pr after merge

* Remove unnecessary prepareTestEnv - onGiteaRun does this for us

* Add information about when merging occuring

* fix fmt

* More logging

* Attempt to fix mysql

* Try MySQL fix again

* try again

* Try again?!

* Try again?!

* Sigh

* remove the count - perhaps that will help

* next remove the update id

* next remove the update id - make it updated_unix instead

* On failure to merge ensure that the pr is rechecked for conflict errors

* On failure to merge ensure that the pr is rechecked for conflict errors

* Update models/pull.go

* Update models/pull.go

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-02-10 01:09:31 +02:00
6543
36943e56d6 Add "Update Branch" button to Pull Requests (#9784)
* add Divergence

* add Update Button

* first working version

* re-use code

* split raw merge commands and db-change functions (notify, cache, ...)

* use rawMerge (remove redundant code)

* own function to get Diverging of PRs

* use FlashError

* correct Error Msg

* hook is triggerd ... so remove comment

* add "branch2" to "user2/repo1" because it unit-test "TestPullView_ReviewerMissed" use it but dont exist jet :/

* move GetPerm to IsUserAllowedToUpdate

* add Flash Success MSG

* imprufe code
- remove useless js chage

* fix-lint

* TEST: add PullRequest ID:5
Repo: user2/repo1
Base: branch1
Head: pr-to-update

* correct comments

* make PR5 outdated

* fix Tests

* WIP: add pull update test

* update revs

* update locales

* working TEST

* update UI

* misspell

* change style

* add 1s delay so rev exist

* move row up (before merge row)

* fix lint nit

* UI remove divider

* Update style

* nits

* do it right

* introduce IsSameRepo

* remove useless check

Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-17 08:03:40 +02:00
David Svantesson
18e0447b3f Fix admin handling at merge of PR (#9749)
* Admin shall be able to bypass merge checks.

* Repository admin should not bypass if merge whitelist is set.

* Add code comment about checks that PR are ready

* notAllOverrideableChecksOk->notAllOverridableChecksOk

* Fix merge, require signed currently not overridable.

* fix

Co-authored-by: Antoine GIRARD <sapk@users.noreply.github.com>
2020-01-16 23:01:22 +02:00
6543
06cd3e03a2 [refactor] notify remove unused praram (#9804) 2020-01-16 17:24:20 +01:00
zeripath
66ee9b87f9 Add require signed commit for protected branch (#9708)
* Add require signed commit for protected branch

* Fix fmt

* Make editor show if they will be signed

* bugfix

* Add basic merge check and better information for CRUD

* linting comment

* Add descriptors to merge signing

* Slight refactor

* Slight improvement to appearances

* Handle Merge API

* manage CRUD API

* Move error to error.go

* Remove fix to delete.go

* prep for merge

* need to tolerate \r\n in message

* check protected branch before trying to load it

* Apply suggestions from code review

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* fix commit-reader

Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
2020-01-15 09:32:57 +01:00
David Svantesson
32fb813133 Allow repo admin to merge PR regardless of review status (#9611)
* Allow repo admin to merge even if review is not ok.
2020-01-11 02:29:34 -05:00
guillep2k
705b1e49a8 Don't attempt to close issue if already closed (#9696)
Co-authored-by: Lauris BH <lauris@nix.lv>
2020-01-11 09:20:11 +08:00
David Svantesson
25531c71a7 Mark PR reviews as stale at push and allow to dismiss stale approvals (#9532)
Fix #5997.

If a push causes the patch/diff of a PR towards target branch to change, all existing reviews for the PR will be set and shown as stale.
New branch protection option to dismiss stale approvals are added.
To show that a review is not based on the latest PR changes, an hourglass is shown
2020-01-09 01:47:45 +00:00
zeripath
3abe17f9e0 Sign protected branches (#8993)
* Move SignMerge to PullRequest

* Add approved signing mode

* As per @guillep2k comment
2019-12-15 11:06:31 +00:00
zeripath
74179d1b5e Remove SavePatch and generate patches on the fly (#9302)
* Save patches to temporary files

* Remove SavePatch and generate patches on the fly

* Use ioutil.TempDir

* fixup! Use ioutil.TempDir

* fixup! fixup! Use ioutil.TempDir

* RemoveAll LocalCopyPath() in initIntergrationTest

* Default to status checking on PR creation

* Remove unnecessary set to StatusChecking

* Protect against unable to load repo

* Handle conflicts

* Restore original conflict setting

* In TestPullRequests update status to StatusChecking before running TestPatch
2019-12-13 23:21:06 +01:00
Lunny Xiao
d7ac9727bb Move merge actions to notification (#9024)
* Move merge actions to notification

* Add missing mail notification
2019-11-21 12:08:42 -05:00
guillep2k
b15f26b1cf Close/reopen issues by keywords in titles and comments (#8866)
* Add close/reopen from comment functionality

* Fix comment

* Rewrite closing/reopening template

* Check xref permissions, move action to services/pull

* Fix RefIsPull field

* Add xref tests

* Fix xref unique filter

* Only highlight keywords for actionable xrefs

* Fix xref neuter filter

* Fix check return status

* Restart CI
2019-11-18 15:13:07 +02:00
Lunny Xiao
21ae9838e0 Move transfer repository and rename repository on a service package and start action notification (#8573)
* move transfer repository and rename repository on a service package and start action notification

* remove unused codes

* fix lint

* fix bugs

* fix test

* fix test

* fix test

* fix lint

* update go mod and sum
2019-11-15 16:06:11 +08:00
zeripath
8eeb2877d5 Adjust error reporting from merge failures and use LC_ALL=C for git (#8548)
There are two major components to this PR:

* This PR handles merge and rebase failures from merging a little more nicely with Flash errors rather a 500.
* All git commands are run in the LC_ALL="C" environment to ensure that error messages are in English. This DefaultLocale is defined in a way that if necessary (due to platform weirdness) it can be overridden at build time using LDFLAGS="-X "code.gitea.io/gitea/modules/git.DefaultLocale=C"" with C changed for the locale as necessary.
2019-11-10 08:42:51 +00:00
Lunny Xiao
aaeef295bb Move pull webhook to notification (#8805)
* Move pull webhook to notification

* fix fmt
2019-11-05 19:04:08 +08:00
Lunny Xiao
f518fe6662 Rename HookQueue to hookQueue (#8778)
* Rename HookQueue to hookQueue

* fix lint
2019-11-02 10:35:12 +08:00
Lunny Xiao
0e7f7df3cf Move webhook to a standalone package under modules (#8747)
* Move webhook to a standalone package under modules

* fix test

* fix comments
2019-11-01 22:51:22 +00:00
Ilya
ac0fb36c41 Allow to merge if file path contains " or \ (#8629)
* if a filename in a repository contains " or \ the owner can't merge pull request with this files
because "git diff-tree" adds double quotes to that filepath
example: filepath is ab"cd but "git diff-tree" returns "ab\"cd"

now, when the owner click "Merge Pull Request" button the server returns 500
this commit fix it

Signed-off-by: Ilya Pavlov <ilux@cpan.org>

* add -z option to getDiffTree
escape spec symbols for sparse-checkout

Signed-off-by: Ilya Pavlov <ilux@cpan.org>

* go fmt

Signed-off-by: Ilya Pavlov <ilux@cpan.org>

* typo

Signed-off-by: Ilya Pavlov <ilux@cpan.org>

* escape '\'
escape all spaces and '!'

* use regexp.ReplaceAllString()

Signed-off-by: Ilya Pavlov <ilux@cpan.org>

* strings.ReplaceAll was added in go 1.12

Signed-off-by: Ilya Pavlov <ilux@cpan.org>

* add '\' to regexp.MustCompile

Signed-off-by: Ilya Pavlov <ilux@cpan.org>
2019-11-01 00:30:02 +00:00
Lunny Xiao
945f121262 Fix bug on pull requests when transfer head repository (#8564)
* fix bug on pull requests when transfer head repository

* add migration and fix lint

* fix tests and add a cache check on LoadBaseRepo
2019-10-18 19:13:31 +08:00
zeripath
fcb535c5c3 Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00