1
1
mirror of https://github.com/go-gitea/gitea synced 2025-07-04 17:47:19 +00:00
Commit Graph

4375 Commits

Author SHA1 Message Date
0af7a7b79f Fix some log and UI problems (#34863) (#34868)
Backport #34863 by @wxiaoguang

Remove the misleading error log, fix #34738

Make the "search" input auto-focused, fix #34807

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-25 22:08:30 +03:00
9339661078 Fix archive API (#34853) (#34857)
Backport #34853 by wxiaoguang

Fix #34852

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-25 07:20:42 +00:00
534b9b35dd Fix job status aggregation logic (#34823) (#34835)
Backport #34823 by nienjiuntai

Co-authored-by: JIUN-TAI NIEN <44364165+nienjiuntai@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-24 23:23:16 +08:00
dbadc59b56 Fix team permissions (#34827) (#34836)
Backport #34827 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-24 14:17:14 +00:00
d1fdbf46bd when using rules to delete packages, remove unclean bugs (#34632) (#34761)
Backport #34632 by @anthony-zh

By default, the code extracts 200 package versions. If too many packages
are generated every day or if rule cleaning is enabled later, which
means there are more than 200 versions corresponding to the library
package, it may not be cleaned up completely, resulting in residue

Fix #31961

Co-authored-by: anthony-zh <118415914+anthony-zh@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-18 06:18:55 +00:00
4c2441ba5d Fix ghost user in feeds when pushing in an actions, it should be gitea-actions (#34703) (#34756)
Backport #34703 by @lunny

Fix #34688 

This PR will store the `publisher_id` of `release`(tag) table as
pusher's id. It could be a real userID or a system user id. If the user
is deleted, ghost will be replaced.

This PR will also correct the wrong user `Ghost` in the feeds and wrong
committer on tag list page if pushing a tag from an actions. Now the
behavior is the same as Github. Some codes are deleted because it tries
to get commit author as pusher which is not right.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-06-18 01:04:45 +00:00
3290aff964 Fix commit message rendering and some UI problems (#34680) (#34683)
Backport #34680 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-10 19:57:25 +00:00
b947bc4363 Fix footnote jump behavior on the issue page. (#34621) (#34669)
Backport #34621 by @charles7668

Close #34511 
Close #34590 

Add comment ID to the footnote item's id attribute to ensure uniqueness.

Co-authored-by: charles <30816317+charles7668@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-09 20:57:01 +00:00
1b788946a7 Fix GetUsersByEmails (#34643) (#34646)
Backport #34643 by wxiaoguang

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-08 10:40:58 +08:00
c60bc26fd3 Fix issue label delete incorrect labels webhook payload (#34575) (#34603)
Backport #34575 by @badhezi

Fixes https://github.com/go-gitea/gitea/issues/34560
explanation of the bug in the issue

setting `issue.isLabelsLoaded = false` before calling `deleteIssueLabel`
guarantee we will load the new state of the labels into the issue object
before sending it in the webhook.

Co-authored-by: badhezi <zlilaharon@gmail.com>
2025-06-05 00:41:01 +08:00
3ace45c118 Fix doctor deleting orphaned issues attachments (#34142) (#34571)
Backport #34142 by @lunny

Fix the bug when deleting orphaned issues attachments. The attachments
maybe stored on other storages service rather than disk.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-06-03 07:01:09 +00:00
5d6c5ce71a Fix/improve avatar sync from LDAP (#34573) (#34587)
Backport #34573 by @raucao

This fixes 3 issues I encountered when debugging problems with our LDAP
sync:

1. The comparison of the hashed image data in `IsUploadAvatarChanged` is
wrong. It seems to be from before avatar hashing was changed and unified
in #22289. This results in the function always returning `true` for any
avatars, even if they weren't changed.
2. Even if there's no avatar to upload (i.e. no avatar available for the
LDAP entry), the upload function would still be called for every single
user, only to then fail, because the data isn't valid. This is
unnecessary.
3. Another small issue is that the comparison function (and thus hashing
of data) is called for every user, even if there is no avatar attribute
configured at all for the LDAP source. Thus, I switched the condition
nesting, so that no cycles are wasted when avatar sync isn't configured
in the first place.

I also added a trace log for when there is actually a new avatar being
uploaded for an existing user, which is now only shown when that is
actually the case.

Co-authored-by: Râu Cao <842+raucao@users.noreply.github.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-02 23:19:55 +02:00
7baa6fa47c Fix some trivial problems (#34579) (#34585)
Backport #34579 by wxiaoguang

See the comments

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-06-02 17:31:35 +00:00
d0ec1788b8 Add sort option recentclose for issues and pulls (#34525) (#34539)
Backport #34525 by @MarkusAmshove

closes #34171 

Adds a new sort option `recentclose` for issues and pull requests which
will return items in a descending order of when they were closed

Co-authored-by: Markus Amshove <scm@amshove.org>
2025-05-27 02:16:50 +08:00
1162cbccc0 Performance optimization for tags synchronization (#34355) (#34522)
Backport #34355 by @lunny

The tags synchronization is very slow for a non-mirror repository with
many tags especially forking. This PR make all repositories' tags
synchronization use the same function and remove the low performance
synchronization function. The commit count of tag now will not be stored
into database when syncing. Since the commits count will always be read
from cache or git data, the `NumCommits` in the release table will be
updated for the first read from git data.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-05-22 19:28:25 -07:00
038990e0ff Fix ephemeral runner deletion (#34447) (#34513) 2025-05-21 18:02:34 -04:00
d2cbe2fba0 Add migrations tests (#34456) (#34483)
Backport #34456 by @lunny

Fix #34455

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-05-16 10:37:06 -04:00
a1dc3c9bd1 Fix remove org user failure on mssql (#34449) (#34453)
Backport #34449 by @ChristopherHX

* mssql does not support fetching 0 repositories
* remove paging by NumRepos that might be 0
* extend admin api test to purge user 2

Fixes #34448

Co-authored-by: ChristopherHX <christopher.homberger@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-05-13 13:28:26 -07:00
cdac263bb8 Only git operations should update last changed of a repository (#34388) (#34427)
Backport #34388 by @lunny

Try to fix #32046

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-05-11 23:23:12 +02:00
a5c7df7a4c Fix GetUsersByEmails (#34423) (#34425)
Backport #34423 by wxiaoguang

Fix #34418, fix #34353

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-05-11 04:42:59 +08:00
6d738fecc4 Fix a bug when uploading file via lfs ssh command (#34408) (#34416)
Backport #34408 by @lunny

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-05-10 02:03:37 +00:00
b44175c071 Refactor commit message rendering and fix bugs (#34412) (#34414)
Backport #34412 by wxiaoguang

Fix #34398, fix #33308

Remove all `repo.ComposeCommentMetas` from templates,
only use `repo` to render commit message.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-05-09 13:08:23 +00:00
0148d03f21 Enforce two-factor auth (2FA: TOTP or WebAuthn) (#34187)
Fix #880

Design:

1. A global setting `security.TWO_FACTOR_AUTH`.
* To support org-level config, we need to introduce a better "owner
setting" system first (in the future)
2. A user without 2FA can login and may explore, but can NOT read or
write to any repositories via API/web.
3. Keep things as simple as possible.
* This option only aggressively suggest users to enable their 2FA at the
moment, it does NOT guarantee that users must have 2FA before all other
operations, it should be good enough for real world use cases.
* Some details and tests could be improved in the future since this
change only adds a check and seems won't affect too much.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2025-04-28 15:31:59 -07:00
4ed07244b9 actions artifacts api list/download check status upload confirmed (#34273)
* fixes a fixture status to upload confirmed
* add another fixture as noise to break tests as soon they are exposed
to api
* v4 delete test added check that artifact is no longer visible in
internal api with status pending delete
* removal of http 404 on empty list: actions/upload-artifact@v4 now
backoff on http 404 of ListArtifacts endpoint
* fixes artifacts with pending delete etc. are able to be found and
downloaded if the storage is not freed
2025-04-28 16:31:53 +00:00
44ece1e6f3 Explicitly not update indexes when sync database schemas (#34281)
Fix #34275

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-26 09:50:45 -07:00
a9343896f4 Option to delay conflict checking of old pull requests until page view (#27779)
`[repository.pull-request] DELAY_CHECK_FOR_INACTIVE_DAYS` is a new
setting to delay the mergeable check for pull requests that have been
inactive for the specified number of days.

This avoids potentially long delays for big repositories with many pull
requests. and reduces system load overall when there are many
repositories or pull requests.

When viewing the PR, checking will start immediately and the PR merge
box will automatically reload when complete. Accessing the PR through
the API will also start checking immediately.

The default value of `7` provides a balance between system load, and
keeping behavior similar to what it was before both for users and API
access. With `0` all conflict checking will be delayed, while `-1`
always checks immediately to restore the previous behavior.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-24 19:26:57 +00:00
e73c1139ac Fix panic when comment is nil (#34257)
Fix #34254
2025-04-24 01:58:00 +00:00
e947f309b1 Add API routes to lock and unlock issues (#34165)
This pull request adds a GitHub-compatible API endpoint to lock and
unlock an issue.

The following routes exist now:
- `PUT /api/v1/repos/{owner}/{repo}/issues/{id}/lock` to lock an issue
- `DELETE /api/v1/repos/{owner}/{repo}/issues/{id}/lock` to unlock an issue

Fixes #33677
Fixes #20012

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-21 00:43:43 +00:00
21b43fce08 Actions Runner rest api (#33873)
Implements runner apis based on
https://docs.github.com/en/rest/actions/self-hosted-runners?apiVersion=2022-11-28#list-self-hosted-runners-for-an-organization

- Add Post endpoints for registration-token, google/go-github revealed
this as problem
  - We should deprecate Get Endpoints, leaving them for compatibility
- Get endpoint of admin has api path /admin/runners/registration-token
that feels wrong, /admin/actions/runners/registration-token seems more
consistent with user/org/repo api
- Get Runner Api
- List Runner Api
- Delete Runner Api

- Tests admin / user / org / repo level endpoints

Related to #33750 (implements point 1 and 2)
Via needs discovered in #32461, this runner api is needed to allow
cleanup of runners that are deallocated without user interaction.

---------

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-18 15:22:41 +00:00
2683adfcb4 Swift files can be passed either as file or as form value (#34068)
Fix #33990

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-18 20:09:56 +08:00
a2651c14ce Add cache for common package queries (#22491)
This adds a cache for common package queries in `GetPackageDescriptor`.
Code which needs to process a list of packages benefits from this
change. This skips 350 queries in the package integration tests for
example.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-13 09:40:36 +00:00
aada0370e7 fix webhook url (#34186)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-13 02:24:32 +00:00
fa49cd719f feat: Add sorting by exclusive labels (issue priority) (#33206)
Fix #2616

This PR adds a new sort option for exclusive labels.

For exclusive labels, a new property is exposed called "order", while in
the UI options are populated automatically in the `Sort` column (see
screenshot below) for each exclusive label scope.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-10 17:18:07 +00:00
4a5af4edca Cache GPG keys, emails and users when list commits (#34086)
When list commits, some of the commits authors are the same at many
situations. But current logic will always fetch the same GPG keys from
database. This PR will cache the GPG keys, emails and users for the
context so that reducing the database queries.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-09 16:34:38 +00:00
32b97b3ce8 Uniform all temporary directories and allow customizing temp path (#32352)
This PR uniform all temporary directory usage so that it will be easier
to manage.

Relate to #31792 

- [x] Added a new setting to allow users to configure the global
temporary directory.
- [x] Move all temporary files and directories to be placed under
os.Temp()/gitea.
- [x] `setting.Repository.Local.LocalCopyPath` now will be
`setting.TempPath/local-repo` and the customized path is removed.
```diff
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;[repository.local]
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;;
-;;
-;; Path for local repository copy. Defaults to  TEMP_PATH + `local-repo`, this is deprecated and cannot be changed
-;LOCAL_COPY_PATH = local-repo
```

- [x] `setting.Repository.Upload.TempPath` now will be
`settting.TempPath/uploads` and the customized path is removed.
```diff
;[repository.upload]
-;;
-;; Path for uploads. Defaults to TEMP_PATH + `uploads`
-;TEMP_PATH = uploads
```

- [x] `setting.Packages.ChunkedUploadPath` now will be
`settting.TempPath/package-upload` and the customized path is removed.
```diff
;[packages]
-;;
-;; Path for chunked uploads. Defaults it's `package-upload` under `TEMP_PATH` unless it's an absolute path.
-;CHUNKED_UPLOAD_PATH = package-upload
```

- [x] `setting.SSH.KeyTestPath` now will be
`settting.TempPath/ssh_key_test` and the customized path is removed.
```diff
[server]
-;;
-;; Directory to create temporary files in when testing public keys using ssh-keygen,
-;; default is the system temporary directory.
-;SSH_KEY_TEST_PATH =
```

TODO:
- [ ] setting.PprofDataPath haven't been changed because it may need to
be kept until somebody read it but temp path may be clean up any time.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-08 16:15:28 +00:00
fd7c364ca6 Check user/org repo limit instead of doer (#34147)
This PR tries to finally fix the bug mentioned in #30011 and #15504,
where the user repo limit is checked when creating a repo in an
organization.

Fix #30011

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: TheFox0x7 <thefox0x7@gmail.com>
2025-04-07 23:45:31 -07:00
a100ac3306 Rework create/fork/adopt/generate repository to make sure resources will be cleanup once failed (#31035)
Fix #28144 

To make the resources will be cleanup once failed. All repository
operations now follow a consistent pattern:

- 1. Create a database record for the repository with the status
being_migrated.
- 2. Register a deferred cleanup function to delete the repository and
its related data if the operation fails.
- 3.	Perform the actual Git and database operations step by step.
- 4. Upon successful completion, update the repository’s status to
ready.

The adopt operation is a special case — if it fails, the repository on
disk should not be deleted.
2025-04-07 22:12:54 -07:00
07c6087878 Fix team permission (#34128)
The `team.access_mode` should be either `none` or `admin/owner`.
For non-admin team, the real permissions are provided by `team_unit`.
2025-04-08 04:15:15 +00:00
e1c2d05bde Fix markdown render behaviors (#34122)
* Fix #27645
* Add config options `MATH_CODE_BLOCK_DETECTION`, problematic syntaxes
are disabled by default
* Fix #33639
    * Add config options `RENDER_OPTIONS_*`, old behaviors are kept
2025-04-05 11:56:48 +08:00
6cee3bfa96 Refactor markup render to fix various path problems (#34114)
* Fix #33972
    * Use consistent path resolving for links and medias.
* No need to make the markup renders to resolve the paths, instead, the
paths are all correctly resolved in the "post process" step.
* Fix #33274
* Since 1.23, all paths starting with "/" are relative to current render
context (for example: the current repo branch)
* Introduce `/:root/path-relative-to-root`, then the path will be
rendered as relative to "ROOT_URL"
2025-04-04 23:45:23 +08:00
c27d87a9ac Refactor Branch struct in package modules/git (#33980)
The `Branch` struct in `modules/git` package is unnecessary. We can just
use a `string` to represent a branch
2025-04-02 17:31:32 +00:00
55a69ae4c6 Add new CLI flags to set name and scopes when creating a user with access token (#34080)
Resolves #33474.

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-02 22:00:54 +08:00
88352e0b25 Return default avatar url when user id is zero rather than updating database (#34094) 2025-04-02 01:03:27 +00:00
92dfec704f Move ParseCommitWithSSHSignature to service layer (#34087)
No code change.
2025-04-01 16:30:53 +00:00
ee3c82f874 Enable addtional linters (#34085)
enable mirror, usestdlibbars and perfsprint 
part of: https://github.com/go-gitea/gitea/issues/34083

---------

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2025-04-01 10:14:01 +00:00
4d2323183d fix users being able bypass limits with repo transfers (#34031)
prevent user from being able to transfer repo to user who cannot have
more repositories
2025-03-31 20:19:32 +00:00
a2e8a289b2 Improve pull request list api (#34052)
The pull request list API is slow, for every pull request, it needs to
open a git repository. Assume it has 30 records, there will be 30 sub
processes back because every repository will open a git cat-file --batch
sub process. This PR use base git repository to get the head commit id
rather than read it from head repository to avoid open any head git
repository.
2025-03-31 12:54:31 -07:00
0fde8ecd55 Enable testifylint rules (#34075)
enable testifylint rules disabled in:
https://github.com/go-gitea/gitea/pull/34054
2025-03-31 01:53:48 -04:00
2a59dfbd47 enable staticcheck QFxxxx rules (#34064) 2025-03-29 17:32:28 -04:00
cddd19efc8 Add anonymous access support for private/unlisted repositories (#34051)
Follow #33127

Fix #8649, fix #639

This is a complete solution. A repo unit could be set to:

* Anonymous read (non-signed-in user)
* Everyone read (signed-in user)
* Everyone write (wiki-only)
2025-03-29 13:26:41 +08:00