Previously, we had only set __webpack_public_path__ to a path which
caused webpack chunks to be loaded from the current origin which is
incorrect when STATIC_URL_PREFIX points to another origin.
This should fix the issue curretnly seen on gitea.com.
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Backport #11590
Unfortunately when the virtual session is released it requires that the
real session does not exist. This worked fine when sessions were only
saved at the end of request/response cycle however, now sessions are
saved proactively this does not hold.
The result is a caught panic in the logs during every log-in. This
panic has no significant side-effects but should not occur.
This PR marks the virtual session as released when released and updates
it if the same session is released again.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Allow all members of private orgs to see public repos (#11442)
Backport (#11442)
Allow all members of private orgs to see public repos
Fix#10144
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update models/repo_list.go
* Oops missed the repos we own!
Signed-off-by: Andrew Thornton <art27@cantab.net>
The content_type value was defaulting to the string value of the
ContentType, not the integer value as expected by the backend.
Co-authored-by: Jeff Stein <jeff@jeffvstein.org>
Thanks to @simon-on-gh for tracking down the issue.
Fix#11200
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
There is a potential memory leak in `Workerpool` due to the intricacies of
`time.Timer` stopping.
Whenever a `time.Timer` is `Stop`ped its channel must be cleared using a
`select` if the result of the `Stop()` is `false`.
Unfortunately in `Workerpool` these were checked the wrong way round.
However, there were a few other places that were not being checked.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #11303
Prevent multiple listings of organization when creating a repository (#11303)
prevent double entries in results of GetOrgsCanCreateRepoByUserID
I first try to only add GroupBy directly but xorm return broken user objects ...
... solution was to just query related UserIDs(OrgIDs) first and return OrgUsers based on this IDs
close#11258
Co-authored-by: zeripath <art27@cantab.net>
* Manage port in submodule refurl
Fix#11304
Signed-off-by: Andrew Thornton <art27@cantab.net>
* fix lint
Signed-off-by: Andrew Thornton <art27@cantab.net>
* URLJoin is causes a cyclic dependency and possibly isn't what what we want anyway
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Protect against leading .. in scp syntax
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: Lauris BH <lauris@nix.lv>
There is an unfortunate signature change with the api.Context
NotFound function; whereas the normal modules/context/Context
NotFound function requires an error or nil, the api.Context
variant will panic with an NPE if a nil is provided.
This PR will allow api.Context.NotFound to tolerate a being
passed a nil.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Previously, this required authentication, but there's not actually
any privileged information on this page. Move the endpoint out of
the group that requires sign-in. It still requires the ability to
read issues and pull requests, so private repositories (for instance)
will not be exposed.
Fixes#10312Fixes#11233
Co-authored-by: guillep2k <18600385+guillep2k@users.noreply.github.com>
It is possible for misconfigured protected branches to have required status checks that are not in any of the current statuses: Pending, Success, Error, Failure, or Warning - presumably because the CI has not contacted us as yet.
Fix#10636 by adding case: missing StatusChecks when these are missing
do it by define Semantic UI image class
Signed-off-by: a1012112796 <1012112796@qq.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Mulitple Gitea Doctor improvements (#10943)
Backport #10943
* Add `gitea doctor --list` flag to list the checks that will be run, including those by default
* Add `gitea doctor --run` to run specific checks
* Add `gitea doctor --all` to run all checks
* Add db version checker
* Add non-default recalculate merge bases check/fixer to doctor
* Add hook checker (Fix#9878) and ensure hooks are executable (Fix#6319)
* Fix authorized_keys checker - slight change of functionality here because parsing the command is fragile and we should just check if the authorized_keys file is essentially the same as what gitea would produce. (This is still not perfect as order matters - we should probably just md5sum the two files.)
* Add SCRIPT_TYPE check (Fix#10977)
* Add `gitea doctor --fix` to attempt to fix what is possible to easily fix
* Add `gitea doctor --log-file` to set the log-file, be it a file, stdout or to switch off completely. (Fixes previously undetected bug with certain xorm logging configurations - see @6543 comment.)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Switch to io.Writer instead of io.StringWriter
Signed-off-by: Andrew Thornton <art27@cantab.net>
Git changed the technique used in rebase from
simple apply-patches to use merge. This breaks
our conflict detection code.
created by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Backport #10936
* Generate Diff and Patch direct from Pull head
Fix#10932
Also fix "Empty Diff/Patch File when pull is merged"
Closes#10934
* Add tests to ensure that diff does not change
* Ensure diffs and pulls pages work if head branch is deleted too
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Only update merge_base if not already merged
Fix#10766
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Prevent race in transfer pull request
* Update services/pull/pull.go
* Fix milestones too many SQL variables bug
* Fix test
* Don't display repositories with no milestone and fix tests
* Remove unused code and add some comments
* Protect against NPEs in notifications list (#10879)
Unfortunately there appears to be potential race with notifications
being set before the associated issue has been committed.
This PR adds protection in to the notifications list to log any failures
and remove these notifications from the display.
References #10815 - and prevents the panic but does not completely fix
this.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* add log import
* Update models/notification.go
Co-Authored-By: Lauris BH <lauris@nix.lv>
Co-authored-by: Lauris BH <lauris@nix.lv>
* Fix panic in API pulls when headbranch does not exist (#10676)
Backport #10676
* Fix panic in API pulls when headbranch does not exist
* refix other reference to plumbing.ErrReferenceNotFound
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Apply suggestions from code review
Co-Authored-By: Lauris BH <lauris@nix.lv>