John Olheiser and GitHub
4d5854b216
Update docs for docusaurus v3 ( #28127 )
...
Signed-off-by: jolheiser <john.olheiser@gmail.com >
2023-11-20 00:24:36 -05:00
439e071acf
Restricted users only see repos in orgs which their team was assigned to ( #28025 ) ( #28050 )
...
Backport #28025 by @6543
---
*Sponsored by Kithara Software GmbH*
Co-authored-by: 6543 <m.huber@kithara.com >
2023-11-14 16:44:38 +01:00
Giteabot and GitHub
69ea554e23
Dont leak private users via extensions ( #28023 ) ( #28028 )
...
Backport #28023 by @6543
there was no check in place if a user could see a other user, if you
append e.g. `.rss`
2023-11-14 00:03:56 +01:00
Nanguan Lin and GitHub
c077a084d7
Fix wrong xorm Delete usage(backport for 1.20) ( #28003 )
...
manually backport for https://github.com/go-gitea/gitea/pull/27995
The conflict is `ctx` and `db.Defaultctx`.
2023-11-12 14:31:03 +02:00
dfd960f22a
Render email addresses as such if followed by punctuation ( #27987 ) ( #27991 )
...
Backport #27987 by @yardenshoham
Added the following characters to the regular expression for the email:
- ,
- ;
- ?
- !
Also added a test case.
- Fixes #27616
# Before

# After

Signed-off-by: Yarden Shoham <git@yardenshoham.com >
Co-authored-by: Yarden Shoham <git@yardenshoham.com >
2023-11-11 13:26:27 +08:00
Nanguan Lin and GitHub
2978b435bb
Remove duplicated button in Install web page ( #27941 )
...
Fix #27934
Regression #25648
2023-11-07 09:22:30 +00:00
KN4CK3R and GitHub
00705da102
Unify two factor check ( #27915 ) ( #27939 )
...
Backport of #27915
Fixes #27819
We have support for two factor logins with the normal web login and with
basic auth. For basic auth the two factor check was implemented at three
different places and you need to know that this check is necessary. This
PR moves the check into the basic auth itself.
2023-11-06 23:06:21 +01:00
4a48370d91
Fix DownloadFunc when migrating releases ( #27887 ) ( #27889 )
...
Backport #27887 by @Zettat123
We should not use `asset.ID` in DownloadFunc because DownloadFunc is a
closure.
https://github.com/go-gitea/gitea/blob/1bf5527eac6b947010c8faf408f6747de2a2384f/services/migrations/gitea_downloader.go#L284-L295
A similar bug when migrating from GitHub has been fixed in #14703 . This
PR fixes the bug when migrating from Gitea and GitLab.
Co-authored-by: Zettat123 <zettat123@gmail.com >
2023-11-03 08:29:30 +00:00
Lunny Xiao and GitHub
1dedf9bba0
Fix http protocol auth ( #27875 ) ( #27878 )
...
backport #27875
2023-11-02 21:38:08 +01:00
2147bfde05
Fix package webhook ( #27839 ) ( #27854 )
...
Backport #27839 by @lunny
Fix #23742
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
Co-authored-by: KN4CK3R <admin@oldschoolhack.me >
2023-10-31 11:26:06 +01:00
Lunny Xiao and GitHub
a1c232cae3
Revert "fix orphan check for deleted branch ( #27310 ) ( #27320 )" ( #27763 )
...
Because branch table is created until 1.21
Fix #27508
2023-10-24 05:58:11 +00:00
63512cd15d
Fix label render containing invalid HTML ( #27752 ) ( #27761 )
...
Backport #27752 by @earl-warren
- The label HTML contained a quote that wasn't being closed.
Refs: https://codeberg.org/forgejo/forgejo/pulls/1651
(cherry picked from commit e2bc2c9a1fff482c49dbeb3a51e4e1c698bf506c)
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com >
Co-authored-by: Gusted <postmaster@gusted.xyz >
2023-10-24 09:39:17 +08:00
71803d33e3
Fix org team endpoint ( #27721 ) ( #27729 )
...
Backport #27721 by @lng2020
Fix #27711
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com >
2023-10-22 13:45:16 +02:00
a954cc3fb9
Adapt .changelog.yml to new labeling system ( #27701 ) ( #27708 )
...
Backport #27701 by @delvh
Otherwise, it is not possible anymore to generate changelogs.
Co-authored-by: delvh <dev.lh@web.de >
2023-10-20 14:36:39 +02:00
ca4418eff1
Support allowed hosts for webhook to work with proxy ( #27655 ) ( #27674 )
...
Backport #27655 by @wolfogre
When `webhook.PROXY_URL` has been set, the old code will check if the
proxy host is in `ALLOWED_HOST_LIST` or reject requests through the
proxy. It requires users to add the proxy host to `ALLOWED_HOST_LIST`.
However, it actually allows all requests to any port on the host, when
the proxy host is probably an internal address.
But things may be even worse. `ALLOWED_HOST_LIST` doesn't really work
when requests are sent to the allowed proxy, and the proxy could forward
them to any hosts.
This PR fixes it by:
- If the proxy has been set, always allow connectioins to the host and
port.
- Check `ALLOWED_HOST_LIST` before forwarding.
Co-authored-by: Jason Song <i@wolfogre.com >
2023-10-18 15:07:20 +02:00
80c0c88152
Fix poster is not loaded in get default merge message ( #27657 ) ( #27665 )
...
Backport #27657 by @lunny
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2023-10-17 18:20:23 +02:00
171950a0d4
Fix 404 when deleting Docker package with an internal version ( #27615 ) ( #27629 )
...
Backport #27615 by @lng2020
close #27601
The Docker registry has an internal version, which leads to 404
Co-authored-by: Nanguan Lin <70063547+lng2020@users.noreply.github.com >
2023-10-15 12:08:01 +02:00
7b96f71bc7
Fix attachment download bug ( #27486 ) ( #27570 )
...
Backport #27486 by @lunny
Fix #27204
This PR allows `/<username>/<reponame>/attachments/<uuid>` access with
personal access token and also changed attachments API download url to
it so it can be download correctly.
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2023-10-11 04:38:50 +02:00
yp05327 and GitHub
e6d1afaee3
Avoid run change title process when the title is same ( #27467 ) ( #27557 )
...
Backport #27467 manually.
2023-10-10 09:01:24 +02:00
silverwind and GitHub
1d4c193df5
Fix mermaid flowchart margin issue ( #27503 ) ( #27517 )
...
Backport https://github.com/go-gitea/gitea/pull/27503 to 1.20
Fixes: https://github.com/go-gitea/gitea/issues/27435
Related: https://github.com/mermaid-js/mermaid/issues/4907
<img width="924" alt="image"
src="https://github.com/go-gitea/gitea/assets/115237/494a1d2e-4c56-48d0-9843-82a5e5aa977e ">
2023-10-08 15:32:42 +02:00
4ffa683820
Fix panic in storageHandler ( #27446 ) ( #27478 )
...
Backport #27446 by @sryze
storageHandler() is written as a middleware but is used as an endpoint
handler, and thus `next` is actually `nil`, which causes a null pointer
dereference when a request URL does not match the pattern (where it
calls `next.ServerHTTP()`).
Example CURL command to trigger the panic:
```
curl -I "http://yourhost/gitea//avatars/a "
```
Fixes #27409
---
Note: the diff looks big but it's actually a small change - all I did
was to remove the outer closure (and one level of indentation) ~and
removed the HTTP method and pattern checks as they seem redundant
because go-chi already does those checks~. You might want to check "Hide
whitespace" when reviewing it.
Alternative solution (a bit simpler): append `, misc.DummyOK` to the
route declarations that utilize `storageHandler()` - this makes it
return an empty response when the URL is invalid. I've tested this one
and it works too. Or maybe it would be better to return a 400 error in
that case (?)
Co-authored-by: Sergey Zolotarev <sryze@outlook.com >
2023-10-06 16:51:04 +02:00
973b7f6298
When comparing with an non-exist repository, return 404 but 500 ( #27437 ) ( #27441 )
...
Backport #27437 by @lunny
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2023-10-04 14:27:42 +00:00
Lunny Xiao and GitHub
4126aad4aa
Add 1.20.5 changelog ( #27404 )
v1.20.5
2023-10-03 12:53:35 +00:00
Lunny Xiao and GitHub
5c96a2be87
Fix bug of review request number ( #27406 )
...
Manually backport #27104 without tests because too many conflicted files
to backport it completely.
2023-10-03 08:08:12 +00:00
acedf0f702
Fix git 2.11 error when checking IsEmpty ( #27393 ) ( #27396 )
...
Backport #27393 by @wxiaoguang
Fix #27389
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2023-10-02 23:30:04 +08:00
23139aa27b
Allow get release download files and lfs files with oauth2 token format ( #26430 ) ( #27378 )
...
Backport #26430 by @lunny
Fix #26165
Fix #25257
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2023-10-01 19:54:15 +08:00
b6b71c78c4
Add logs for data broken of comment review ( #27326 ) ( #27344 )
...
Backport #27326 by @lunny
Fix #27306
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com >
2023-09-29 13:31:10 +08:00
2138661dae
fix orphan check for deleted branch ( #27310 ) ( #27320 )
...
Backport #27310 by @earl-warren
- Modify the deleted branch orphan check to check for the new table
instead.
- Regression from 6e19484f4d
- Resolves https://codeberg.org/forgejo/forgejo/issues/1522
(cherry picked from commit c1d888686fe445e4edecb9d835c5b3893b574b75)
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com >
Co-authored-by: Gusted <postmaster@gusted.xyz >
2023-09-28 11:16:05 +08:00
4b37eb2c23
Fix PushEvent NullPointerException jenkinsci/github-plugin ( #27203 ) ( #27249 )
...
Backport #27203 by @Nabapadma-sarker
Fixes #27202
Co-authored-by: Nabapadma-sarker <nabapadmacse1991@gmail.com >
2023-09-25 07:02:08 +00:00
dd2f007501
Fix z-index on markdown completion ( #27237 ) ( #27242 )
...
Backport #27237 by @silverwind
Fixes: https://github.com/go-gitea/gitea/issues/27230
Co-authored-by: silverwind <me@silverwind.io >
2023-09-25 09:10:46 +08:00
dd44c2164e
Fix z-index on markdown completion ( #27237 ) ( #27238 )
...
Backport #27237 by @silverwind
Fixes: https://github.com/go-gitea/gitea/issues/27230
Co-authored-by: silverwind <me@silverwind.io >
2023-09-24 23:37:58 +00:00
2604571993
Update database-preparation and add note re: MariaDB ( #27232 ) ( #27235 )
...
Backport #27232 by @techknowlogick
update DB docs per feedback.
https://gitea.com/gitea/gitea-docusaurus/issues/69
Co-authored-by: techknowlogick <techknowlogick@gitea.com >
2023-09-25 05:27:15 +08:00
KN4CK3R and GitHub
eae6985b63
Quote table release in sql queries ( #27205 ) ( #27219 )
...
Backport of #27205
Fixes #27174
`release` is a reserved keyword in MySql. I can't reproduce the issue on
my setup and we have a test for that code but it seems there can be
setups where it fails.
2023-09-24 01:48:50 +03:00
d8583edfe7
Fix release URL in webhooks ( #27182 ) ( #27184 )
...
Backport #27182 by @jolheiser
Resolves #27180
`URL` points to the API URL, `HTMLURL` points to the web page.
Notably, however, for PRs they are the same URL. I switched them to use
HTMLURL to match the rest of the codebase terminology.
Co-authored-by: John Olheiser <john.olheiser@gmail.com >
2023-09-21 23:59:27 +00:00
d99479c810
Fix organization field being null in POST /orgs/{orgid}/teams ( #27150 ) ( #27167 )
...
Backport #27150 by @memphis88
Similarly to the fix in https://github.com/go-gitea/gitea/pull/24694 ,
this addresses the team creation not returning the organization
information in the response.
This fix is connected to the
[issue](https://gitea.com/gitea/terraform-provider-gitea/issues/27 )
discovered in the terraform provider.
Moreover, the
[documentation](https://docs.gitea.com/api/1.20/#tag/organization/operation/orgCreateTeam )
suggests that the response body should include the `organization` field
(currently being `null`).
Co-authored-by: Dionysios Kakouris <1369451+memphis88@users.noreply.github.com >
2023-09-21 22:23:33 +02:00
fbe1f35112
Fix organization field being null in POST /orgs/{orgid}/teams ( #27150 ) ( #27162 )
...
Backport #27150 by @memphis88
Similarly to the fix in https://github.com/go-gitea/gitea/pull/24694 ,
this addresses the team creation not returning the organization
information in the response.
This fix is connected to the
[issue](https://gitea.com/gitea/terraform-provider-gitea/issues/27 )
discovered in the terraform provider.
Moreover, the
[documentation](https://docs.gitea.com/api/1.20/#tag/organization/operation/orgCreateTeam )
suggests that the response body should include the `organization` field
(currently being `null`).
Co-authored-by: Dionysios Kakouris <1369451+memphis88@users.noreply.github.com >
2023-09-21 12:14:59 +02:00
25233a9bdc
Fix successful return value for SyncAndGetUserSpecificDiff ( #27152 ) ( #27156 )
...
Backport #27152 by @delvh
A function should not return an error when it is successful.
Otherwise, things like
https://discord.com/channels/322538954119184384/322538954119184384/1153705341620600833
happen…
Co-authored-by: delvh <dev.lh@web.de >
2023-09-21 00:58:13 +02:00
7a99c7b83c
Improve actions docs related to pull_request event ( #27126 ) ( #27145 )
...
Backport #27126 by @Zettat123
Related to #27039
The `ref` property in Gitea Actions is different from GitHub Actions.
This PR improves the documentation to explain the difference.
Co-authored-by: Zettat123 <zettat123@gmail.com >
2023-09-20 11:49:58 +02:00
1d6e5c8e58
fix pagination for followers and following ( #27127 ) ( #27138 )
...
Backport #27127 by @earl-warren
- Use the correct total amount for pagination. Thereby correctly show
the pagination bare when there's more than one page of
followers/followings.
Refs: https://codeberg.org/forgejo/forgejo/pulls/1477
(cherry picked from commit c1a136318be3bf72511bed108f2d67f2cf34e1b8)
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com >
Co-authored-by: Gusted <postmaster@gusted.xyz >
2023-09-19 16:03:01 +00:00
882e465c3a
services/wiki: Close() after error handling ( #27129 ) ( #27137 )
...
Backport #27129 by @earl-warren
Refs: https://codeberg.org/forgejo/forgejo/pulls/1385
Signed-off-by: Lars Lehtonen <lars.lehtonen@gmail.com >
(cherry picked from commit 589e7d346f51de4a0e2c461b220c8cad34133b2f)
Co-authored-by: Earl Warren <109468362+earl-warren@users.noreply.github.com >
Co-authored-by: Lars Lehtonen <lars.lehtonen@gmail.com >
2023-09-19 15:13:23 +00:00
b139234fa8
Fix issue templates when blank isses are disabled ( #27061 ) ( #27082 )
...
Backport #27061 by @JakobDev
Fixes #27060
Co-authored-by: JakobDev <jakobdev@gmx.de >
Co-authored-by: silverwind <me@silverwind.io >
Co-authored-by: delvh <dev.lh@web.de >
2023-09-14 17:39:34 +02:00
sebastian-sauer and GitHub
d8b39324d7
Load reviewer before sending notification ( #27063 ) ( #27064 )
...
Fixes #27035
2023-09-13 15:32:58 -05:00
Lunny Xiao and GitHub
9df573bddc
Fix context cache bug & enable context cache for dashabord commits' authors( #26991 ) ( #27017 )
...
backport #26991
Unfortunately, when a system setting hasn't been stored in the database,
it cannot be cached.
Meanwhile, this PR also uses context cache for push email avatar display
which should avoid to read user table via email address again and again.
According to my local test, this should reduce dashboard elapsed time
from 150ms -> 80ms .
2023-09-13 15:15:00 +08:00
wxiaoguang and GitHub
b0a405c5fa
Use secure cookie for HTTPS sites ( #26999 ) ( #27013 )
...
Backport #26999
If the AppURL(ROOT_URL) is an HTTPS URL, then the COOKIE_SECURE's
default value should be true.
And, if a user visits an "http" site with "https" AppURL, they won't be
able to login, and they should have been warned. The only problem is
that the "language" can't be set either in such case, while I think it
is not a serious problem, and it could be fixed easily if needed.
2023-09-11 09:59:00 +00:00
Infinoid and GitHub
3c53740244
Correct the database.LOG_SQL default value in config cheat sheet ( #26997 ) ( #27002 )
...
This is a manual backport of #26997 to v1.20.
2023-09-10 21:43:42 -04:00
da7d7e60d8
Fix INI parsing for value with trailing slash ( #26995 ) ( #27001 )
...
Backport #26995 by @wxiaoguang
Fix #26977 (a temp fix)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com >
2023-09-10 20:52:25 +02:00
Lunny Xiao and GitHub
e502be46f3
Fix changelog typo ( #26973 )
v1.20.4
2023-09-08 16:35:37 +08:00
techknowlogick and GitHub
4a886de71e
1.20.4 changelog ( #26966 )
2023-09-08 12:17:00 +08:00
b6fd1e48c0
Improve LDAP group config documentation ( #21227 ) ( #26921 )
...
backport #21227
author @svenseeberg
Co-authored-by: Sven Seeberg <mail@sven-seeberg.de >
Co-authored-by: Giteabot <teabot@gitea.io >
2023-09-05 22:41:10 -04:00
techknowlogick and GitHub
69c4e2954c
update footer link to new landing page ( #26916 ) ( #26919 )
...
Backport #26916
2023-09-05 19:06:35 +00:00