1
1
mirror of https://github.com/go-gitea/gitea synced 2025-01-11 18:24:27 +00:00

1058 Commits

Author SHA1 Message Date
techknowlogick
3fb906dc02
remove google font call (#9668) (#9681) 2020-01-09 16:40:57 -05:00
Lunny Xiao
c0f8795462 Upgrade lato fonts to v16. (#9498)
* Upgrade lato fonts to v16

* Upgrade lato fonts to v16

* fix bug
2019-12-25 23:11:39 -05:00
techknowlogick
590d56dbb3
switch to fomantic-ui (#9374) 2019-12-17 16:34:11 -05:00
silverwind
d9c67a8c90 Add Node.js build dep, remove built js/css files (#9114)
- Added Node.js as build dependency and removes build files from git.
- Added version checks for both Go and Node.js.
- Overhauled the js/css make target to only run when needed.
- Merged the `generate` make target into `build` as per suggestion.

Fixes: https://github.com/go-gitea/gitea/issues/6782
Fixes: https://github.com/go-gitea/gitea/issues/9216
2019-12-05 11:41:38 +08:00
Alexey 〒erentyev
e80fe201c0 Fixed topics margin (#9248)
Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
2019-12-03 23:10:40 -05:00
jaqra
8875586570 Change some label colors (#9051)
* Change label colors

* Override black basic label background for green theme on label list
2019-12-03 20:39:58 -05:00
David Svantesson
bac4b78e09 Branch protection: Possibility to not use whitelist but allow anyone with write access (#9055)
* Possibility to not use whitelist but allow anyone with write access

* fix existing test

* rename migration function

* Try to give a better name for migration step

* Clear settings if higher level setting is not set

* Move official reviews to db instead of counting approvals each time

* migration

* fix

* fix migration

* fix migration

* Remove NOT NULL from EnableWhitelist as migration isn't possible

* Fix migration, reviews are connected to issues.

* Fix SQL query issues in GetReviewersByPullID.

* Simplify function GetReviewersByIssueID

* Handle reviewers that has been deleted

* Ensure reviews for test is in a well defined order

* Only clear and set official reviews when it is an approve or reject.
2019-12-03 20:08:56 -05:00
John Olheiser
51432ebb9c Fix context menu overflow & review tag margin (#9231)
* Fix context menu overflow

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add review tag CSS

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-12-03 01:03:30 +02:00
Alexey 〒erentyev
2fc3eb1d15 Fixed topic regex pattern and added search by topic links after save (#9219)
Signed-off-by: Alexey Terentyev <axifnx@gmail.com>
2019-12-02 11:13:19 +02:00
jaqra
802aa6d5f3 Add comment highlight when target from url (#9047)
* Add comment highlight css

* Add js to remove highlight on click outside

* Improve refresh page on click outside

* Use location.hash property to remove target

* Handle click ONLY clicked outside of 'targetted comment' (not other comment)

* Remove unnecessary checks and simply code

* Combine hash and setState to remove target path
2019-11-25 11:50:46 +00:00
Benno
bb2c0c3729 fix add comment button text align (#9140) 2019-11-24 01:07:15 +02:00
QuaSoft
7b4d2f7a2a Add single sign-on support via SSPI on Windows (#8463)
* Add single sign-on support via SSPI on Windows

* Ensure plugins implement interface

* Ensure plugins implement interface

* Move functions used only by the SSPI auth method to sspi_windows.go

* Field SSPISeparatorReplacement of AuthenticationForm should not be required via binding, as binding will insist the field is non-empty even if another login type is selected

* Fix breaking of oauth authentication on download links. Do not create new session with SSPI authentication on download links.

* Update documentation for the new 'SPNEGO with SSPI' login source

* Mention in documentation that ROOT_URL should contain the FQDN of the server

* Make sure that Contexter is not checking for active login sources when the ORM engine is not initialized (eg. when installing)

* Always initialize and free SSO methods, even if they are not enabled, as a method can be activated while the app is running (from Authentication sources)

* Add option in SSPIConfig for removing of domains from logon names

* Update helper text for StripDomainNames option

* Make sure handleSignIn() is called after a new user object is created by SSPI auth method

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Remove default value from text of form field helper

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Only make a query to the DB to check if SSPI is enabled on handlers that need that information for templates

* Remove code duplication

* Log errors in ActiveLoginSources

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert suffix of randomly generated E-mails for Reverse proxy authentication

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Revert unneeded white-space change in template

Co-Authored-By: Lauris BH <lauris@nix.lv>

* Add copyright comments at the top of new files

* Use loopback name for randomly generated emails

* Add locale tag for the SSPISeparatorReplacement field with proper casing

* Revert casing of SSPISeparatorReplacement field in locale file, moving it up, next to other form fields

* Update docs/content/doc/features/authentication.en-us.md

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Remove Priority() method and define the order in which SSO auth methods should be executed in one place

* Log authenticated username only if it's not empty

* Rephrase helper text for automatic creation of users

* Return error if more than one active SSPI auth source is found

* Change newUser() function to return error, letting caller log/handle the error

* Move isPublicResource, isPublicPage and handleSignIn functions outside SSPI auth method to allow other SSO methods to reuse them if needed

* Refactor initialization of the list containing SSO auth methods

* Validate SSPI settings on POST

* Change SSPI to only perform authentication on its own login page, API paths and download links. Leave Toggle middleware to redirect non authenticated users to login page

* Make 'Default language' in SSPI config empty, unless changed by admin

* Show error if admin tries to add a second authentication source of type SSPI

* Simplify declaration of global variable

* Rebuild gitgraph.js on Linux

* Make sure config values containing only whitespace are not accepted
2019-11-23 01:33:31 +02:00
silverwind
7bc8c6b180 move semantic.dropdown.custom.js to webpack (#9064)
* move semantic.dropdown.custom.js to webpack

Also disabled a annoying linter rule which insisted that imports can not
contain a file extension.

Fixes: https://github.com/go-gitea/gitea/issues/8971

* reorganize web_src files and rebuild

* restart ci
2019-11-21 18:30:14 -05:00
guillep2k
c57edb6c7b Add password requirement info on error (#9074)
* Add password requirement info on error

* Move BuildComplexityError to the password pkg

* Unexport complexity type

* Fix extra line

* Update modules/password/password.go

Co-Authored-By: Lauris BH <lauris@nix.lv>
2019-11-19 22:44:58 +00:00
John Olheiser
eb0359cad4 Context menus for comments (#9043)
* Add quote replies

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-11-19 20:33:42 +02:00
Vedran
ef513e1af3 Fix double scroll in branch dropdown (#9048)
* Fix double scroll in branch dropdown

* Revert of 425ae38aa9ea3e9a25dee235aa9176762fe4bc5b

* Changes in .less, generated new .css

* Revert unnecessary commented line
2019-11-18 09:25:24 +08:00
silverwind
f8bd90ba60 enable lazy-loading of gitgraph.js (#9036)
- moved gitgraph.js to web_src and made it importable and es6-compatible
- created new webpack chunk for gitgraph
- enabled CSS loader in webpack
- enabled async/await syntax via regenerator-runtime
- added script to ensure webpack chunks are loaded correctly
- disable terser's comment extraction to prevent .LICENCE files

gitgraph.js has many issues:

1. it is incompatible with ES6 because of strict-mode violations
1. it does not export anything
1. it's css has weird styles like for `body`
1. it is not available on npm

I fixed points 1-3 in our version so it's now loadable in webpack. We should eventually consider alternatives.
2019-11-17 23:39:06 +02:00
Cherrg
1c911aa825 wiki - add 'write' 'preview' buttons to wiki edit like in issues (#7241)
* Add add 'write' 'preview' buttons to wiki edit like in issues

affects #6975

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* update dark theme

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* fix css lint warnings - missing spaces

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* hide preview button on no fullscreen toolbar

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-11-17 14:42:44 -05:00
Cherrg
6fbfffeeb8 wiki - editor - enable side-by-side button (#7242)
* wiki - enable side-by-side button in editor

and add some delay so side-by-side live preview is updated
* every 10th keypress
* if keypress < 10 -> apter no input for 1 sec

affects #5436


Signed-off-by: Michael Gnehr <michael@gnehr.de>

* decrease timeinterval user need to stop before rendering is triggered

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* removed not needed code with simpleMDE placeholder

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* run highlight.js on markdown preview

Signed-off-by: Michael Gnehr <michael@gnehr.de>

* fix white border around side-by-side preview

Signed-off-by: Michael Gnehr <michael@gnehr.de>
2019-11-16 10:20:07 +08:00
mrsdizzie
69cfff1541 Update display of reactions to issues and comments (#9038)
Modify display of reactions to issues to remove spaces and make them
feel more apart of the reactions bar rather than separate items within.
2019-11-15 23:47:04 +02:00
Benno
149a9df9e8 Expand/Collapse Files and Blob Excerpt while Reviewing/Comparing code (#8924)
* update #8659 fold/unfold code diffs

* add fold button style

* update #8659 implement expand up/down codes (blob excerpt)

* fix golint errors

* fix expand direction

* remove debug message

* update css style for blob exceprt

* fix typo in comment

* update style sheet with less

* update expect diff (add SectionInfo)

* update #8942 accept suggested change (fix typo)

* close reader and check file type before get tail section

* adjust button position and check file type before insert fold button

* move index js to web_src

* merge index.js with master

* generate index.js

* update js coding style
2019-11-15 10:52:59 +08:00
Lunny Xiao
42ada741e3 Pack web_src/js/draw.js to public/js/index.js (#8975)
* pack web_src/js/draw.js to public/js/index.js

* fix eslint
2019-11-14 20:27:50 -05:00
silverwind
3621944c2d modernize js and use babel (#8973)
* modernize js and use babel

- add babel toolchain to transform modern JS to ES5
- extend eslint config for modern rules
- fixes linting issues via `eslint --fix` and manual fixes

* run 'make css' to satisfy CI

* code style tweaks and set js indendation to 2 in .editorconfig

* regenerate js
2019-11-14 21:39:51 +00:00
Lunny Xiao
9bd879bef8 fix bug when pack js (#8992) 2019-11-14 19:58:32 +02:00
6543
a3e42bfebd [Feature] Add Gitea Emoji (#8950)
* add gitea emoji

* alphabetic order

* Update emojify.js to 1.1.0

* mv to custom

* add gitea emoji

* minify
2019-11-14 14:44:46 +01:00
Lunny Xiao
afe50873a5 Move index.js to web_src and use webpack to pack them (#8598)
* Move index.js to web_src and use webpack

* Fix initHeatMap

* update eslint and move webpack to devDependencies

* update index.js

* add eslint env node
2019-11-13 15:52:13 +01:00
Lunny Xiao
e4e6d48e30 Move less from public/ to web_src/ so that it will not be packe… (#8908) 2019-11-12 10:22:16 +01:00
Jookia
173da1b5ae js: Revert change to click behaviour in forceSelection (#8921)
Calling .click() in forceSelection() in blur() causes a focus loop,
this needs a proper fix later but for now just revert the change.
2019-11-11 17:06:57 +00:00
John Olheiser
74a6add4d9 Template Repositories (#8768)
* Start work on templates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Continue work

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix IsTemplate vs IsGenerated

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix tabs vs spaces

* Tabs vs Spaces

* Add templates to API & start adding tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix integration tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Remove unused User

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move template tests to existing repos

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Minor re-check updates and cleanup

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* make fmt

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Test cleanup

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix optionalbool

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* make fmt

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Test fixes and icon change

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add new user and repo for tests

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix tests (finally)

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update meta repo with env variables

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Move generation to create page

Combine with repo create template
Modify API search to prioritize owner for repo

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix tests and coverage

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix swagger and JS lint

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix API searching for own private repos

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Change wording

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Fix repo search test. User had a private repo that didn't show up

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Another search test fix

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Clarify git content

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Feedback updates

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Add topics WIP

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Finish adding topics

Signed-off-by: jolheiser <john.olheiser@gmail.com>

* Update locale

Signed-off-by: jolheiser <john.olheiser@gmail.com>
2019-11-11 23:15:29 +08:00
David Svantesson
9ae4c17cb1 Allow to add and remove all repositories to/from team. (#8867)
* Allow to add and remove all repositories to team.

* Change style, buttons on same row.

* Apply suggestions from code review

Grammar

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Move set num repos to lower function.

* Make general language sentences
2019-11-09 08:39:37 +08:00
Jookia
1274ad864e a11y: Improve accessibility of dropdown menus (#8638)
* js: Import Semantic-UI's dropdown.js (version 2.3.1)

* js: Set tabindex=-1 on dropdown items

Setting tabindex=-1 on focusable elements within dropdown menus allows
the user to treat dropdown menus as a single focusable item with its own
internal navigation using arrow keys.

* js: Don't use jQuery to click menu items

Menu items are often <a> elements, which jQuery refuses to trigger click
events on. Instead it just bubbles up to the menu.

Using HTMLElement's click method fixes this and makes menu items
clickable from the keyboard using dropdown menus.

* js: Set correct ARIA 1.1 roles on dropdown menus

Setting role= makes assistive technology aware there is a widget here.
In this case, Orca will now exit browse mode and allow us to capture
keydown events when focused on a dropdown menu. It will also inform the
user that there's a menu focused.

Since dropdowns can be used in multiple elements each with different
ARIA roles, a guessRole method is used to find the correct role.
All roles I consider possible are listed, but only menu is implemented.

* js: Set aria-expanded when dropdown menus show and hide

This is deliberately done before the transition finishes so that screen
readers get immediate feedback.

* js: Set aria-label or aria-labelledby on dropdown menus

This makes dropdown menu buttons screen reader accessible.

aria-labelledby refers to an element using an ID, so the chosen labels
are now assigned a unique ID- This ID is not stable, do not refer to it
with user scripts.

* js: Set aria-activedescendant on dropdown menus

As the menus grab focus and navigate by tracking a 'selected' div class,
assistive technology has no idea that what the current selection is.

Assign IDs to each menu item and set aria-activedescendant to the ID of
the currently selected menu item.

When the menu is unfocused, remove aria-activedescendant- This isn't
neccessary but in my experience it triggers Orca to remind the user of
their current selection when re-focusing the menu.

* Makefile: Make eslint ignore semantic.dropdown.js

This file is taken from Semantic UI which isn't linted upstream.
Ignore it as we won't fix these issues.

* js: Add version note to semantic.dropdown.js

* Add Md5 AppVer to templates/base/footer.tmpl

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* Add Md5 AppVer to templates/pwa/serviceworker_js.tmpl

Co-Authored-By: guillep2k <18600385+guillep2k@users.noreply.github.com>

* semantic.dropdown.js -> semantic.dropdown.custom.js

* Use eslintignore

* remove bogus submodule
2019-11-08 12:33:21 -05:00
mrsdizzie
b747501337 Show due date in dashboard issues list (#8860)
* Show due date in dashboard issues list

Include due date when vieiwiing all issues on dashboard (matching what
we show for repo issue lists).

Fixes #8859

* Put in same order as repo issue list

* Add suggested changes and also update repo issue list to match
2019-11-07 21:12:23 +01:00
Damien Pollet
d5b1e6bc51 Theme arc-green: reverse heatmap colors (#8840)
* Theme arc-green: reverse heatmap colors

This uses the same colors as the updated palette in the base theme.

See #8709 and #5864, in particular [my comment showing the problem](https://github.com/go-gitea/gitea/issues/5864#issuecomment-462334171)

* Rebuild CSS

* Use link color as hot, interpolate between hot and cold colors

* Use color from a:hover
2019-11-06 18:23:06 +01:00
Lauris BH
ebcc38188e
Fix commit expand button to not go to commit link (#8745)
* Fix commit expand button to not go to commit link

* Fix message rendering to have correct HTML in result

* Fix check for empty commit message

* Code optimization
2019-11-01 06:48:30 +02:00
Brad Albright
887a8fe242 Allow cross-repository dependencies on issues (#7901)
* in progress changes for #7405, added ability to add cross-repo dependencies

* removed unused repolink var

* fixed query that was breaking ci tests; fixed check in issue dependency add so that the id of the issue and dependency is checked rather than the indexes

* reverted removal of string in local files becasue these are done via crowdin, not updated manually

* removed 'Select("issue.*")' from getBlockedByDependencies and getBlockingDependencies based on comments in PR review

* changed getBlockedByDependencies and getBlockingDependencies to use a more xorm-like query, also updated the sidebar as a result

* simplified the getBlockingDependencies and getBlockedByDependencies methods; changed the sidebar to show the dependencies in a different format where you can see the name of the repository

* made some changes to the issue view in the dependencies (issue name on top, repo full name on separate line). Change view of issue in the dependency search results (also showing the full repo name on separate line)

* replace call to FindUserAccessibleRepoIDs with SearchRepositoryByName. The former was hardcoded to use isPrivate = false on the repo search, but this code needed it to be true. The SearchRepositoryByName method is used more in the code including on the user's dashboard

* some more tweaks to the layout of the issues when showing dependencies and in the search box when you add new dependencies

* added Name to the RepositoryMeta struct

* updated swagger doc

* fixed total count for link header on SearchIssues

* fixed indentation

* fixed aligment of remove icon on dependencies in issue sidebar

* removed unnecessary nil check (unnecessary because issue.loadRepo is called prior to this block)

* reverting .css change, somehow missed or forgot that less is used

* updated less file and generated css; updated sidebar template with styles to line up delete and issue index

* added ordering to the blocked by/depends on queries

* fixed sorting in issue dependency search and the depends on/blocks views to show issues from the current repo first, then by created date descending; added a "all cross repository dependencies" setting to allow this feature to be turned off, if turned off, the issue dependency search will work the way it did before (restricted to the current repository)

* re-applied my swagger changes after merge

* fixed split string condition in issue search

* changed ALLOW_CROSS_REPOSITORY_DEPENDENCIES description to sound more global than just the issue dependency search; returning 400 in the cross repo issue search api method if not enabled; fixed bug where the issue count did not respect the state parameter

* when adding a dependency to an issue, added a check to make sure the issue and dependency are in the same repo if cross repo dependencies is not enabled

* updated sortIssuesSession call in PullRequests, another commit moved this method from pull.go to pull_list.go so I had to re-apply my change here

* fixed incorrect setting of user id parameter in search repos call
2019-10-31 13:06:10 +08:00
May
c0f97f2687 add marking to title_wip_desc (#8705)
Signed-off-by: May <themaymeow@gmail.com>
2019-10-29 10:29:39 -04:00
jaqra
c4bc5abda3 Make 100% width search bar (#8710)
* Make 100% width search bar

* Use flex: auto instead of flex: 1
2019-10-29 08:19:18 +08:00
zeripath
5e6a008fba
Add basic repository lfs management (#7199)
This PR adds basic repository LFS management UI including the ability to find all possible pointers within the repository. Locks are not managed at present but would be addable through some simple additions.

* Add basic repository lfs management
* add auto-associate function
* Add functionality to find commits with this lfs file
* Add link to find commits on the lfs file view
* Adjust commit view to state the likely branch causing the commit
* Only read Oid from database
2019-10-28 18:31:55 +00:00
May
e3875ace91 update color theme for heatmap (#8709)
Signed-off-by: May <themaymeow@gmail.com>
2019-10-28 14:47:54 +08:00
guillep2k
8b07823680 Improve visibility of "Pending" indicator (#8685)
* Improve visibility of "Pending" indicator

* Use background-color instead of just background

* Tone down the yellow
2019-10-26 08:43:38 +08:00
jaqra
c34e58fc00 Prevent chrome download page with alt + click (#8669) 2019-10-25 12:06:03 +01:00
jaqra
dbd9d8dd54 Add 'Alt + click' feature to exclude labels (#8199)
Add 'Alt + click' and 'Alt +enter' feature to exclude particular labels on searching for issues.
2019-10-23 17:29:14 +01:00
Lukas
3fe9646564 Enabling and disabling the commit button to prevent empty commits (web editor) (#8590)
* Enabling and disabling the commit button to prevent empty commits

Signed-off-by: LukBukkit <luk.bukkit@gmail.com>

* The button won't get enabled if you change the commit message

Signed-off-by: LukBukkit <luk.bukkit@gmail.com>

* Fixes a spelling mistake for 'silent'

Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
2019-10-23 08:29:33 +08:00
zeripath
2f9a66a76c
Prevent .code-view from overriding font on icon fonts (#8614) 2019-10-21 23:23:35 +01:00
yan
bfdcedfe89 fix emoji panel be removed bug in issue page, when the sub issue summit the duplicate emoji (#8609) 2019-10-21 14:02:51 +03:00
6543
b1c1e1549b Ensure that diff stats can scroll independently of the diff (#8581)
This PR ensures that once opened the diff stats detail box can be scrolled independently of the diff on the compare page.

Fixes #5532 

Details:

* make diff-detail-box the main container
* move file diff at the same level as diff-stats
* make diff-view options sticy again
* make diff-stats scroll if to mouch
* rm useless css info
* less: mv diff-stats to own class
* use new css class
* cleanup less file
* diff-counter: margin-right: 15px;
* make CI work
* make numbers colorful
* add sign (-/+) to numbers
2019-10-21 08:51:24 +01:00
Nicholas Smith
05e437f8fd Remove arrows on numeric inputs (#8516)
* Nothing needs the arrows for input, especially 2FA

* Moved into LESS
2019-10-18 19:26:13 +03:00
Lukas
de4f10be86 Allow committing / adding empty files using the web ui (#8420) (#8532)
* Allow committing / adding empty files from the web ui (#8420)

Signed-off-by: LukBukkit <luk.bukkit@gmail.com>

* Add a modal to confirm the commit of an empty file

Signed-off-by: LukBukkit <luk.bukkit@gmail.com>
2019-10-16 22:28:41 +03:00
zeripath
fcb535c5c3
Sign merges, CRUD, Wiki and Repository initialisation with gpg key (#7631)
This PR fixes #7598 by providing a configurable way of signing commits across the Gitea instance. Per repository configurability and import/generation of trusted secure keys is not provided by this PR - from a security PoV that's probably impossible to do properly. Similarly web-signing, that is asking the user to sign something, is not implemented - this could be done at a later stage however.

## Features
- [x] If commit.gpgsign is set in .gitconfig sign commits and files created through repofiles. (merges should already have been signed.)
- [x] Verify commits signed with the default gpg as valid
- [x] Signer, Committer and Author can all be different
    - [x] Allow signer to be arbitrarily different - We still require the key to have an activated email on Gitea. A more complete implementation would be to use a keyserver and mark external-or-unactivated with an "unknown" trust level icon.
- [x] Add a signing-key.gpg endpoint to get the default gpg pub key if available
    - Rather than add a fake web-flow user I've added this as an endpoint on /api/v1/signing-key.gpg
    - [x] Try to match the default key with a user on gitea - this is done at verification time
- [x] Make things configurable?
    - app.ini configuration done
    - [x] when checking commits are signed need to check if they're actually verifiable too
- [x] Add documentation

I have decided that adjusting the docker to create a default gpg key is not the correct thing to do and therefore have not implemented this.
2019-10-16 14:42:42 +01:00
blueworrybear
8c909820a9 Enable Uploading/Removing Attachments When Editing an Issue/Comment (#8426) 2019-10-15 13:19:32 +01:00