* make sure headGitRepo is closed on err too
* refactor
* Fix git.Blob.DataAsync(): exec cancel since we already read all bytes (close pipe since we return a NopCloser)
Co-authored-by: zeripath <art27@cantab.net>
There are multiple places where wiki git repositories are not properly closed.
This PR ensures they are closed.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Andrew Thornton <art27@cantab.net>
Backport #16775
Gitea has relied on some slow JS code to match up added and deleted lines on the
diff pages. This can cause a considerable slow down on large diff pages.
This PR makes a small change meaning that the matching up can occur much more simply.
Partial fix#1351
Signed-off-by: Andrew Thornton <art27@cantab.net>
* In Render tolerate not being passed a context
It is possible for RenderString to be passed to an external renderer if markdown
is set to be rendered by an external renderer. No context is currently sent to these
meaning that this will error out.
Fix#16835
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Add Context to Repo calls for RenderString
All calls from routers can easily add the context - so add it.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
* Upgrade xorm to v1.2.2 (#16663)
Backport #16663Fix#16683
* Add test to ensure that dumping of login sources remains correct (#16847)
#16831 has occurred because of a missed regression. This PR adds a simple test to
try to prevent this occuring again.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Report the correct number of pushes on the feeds
Since the number of commits in the Action table has been limited to 5
the number of commits reported on the feeds page is now incorrectly also
limited to 5. The correct number is available as the Len and this PR
changes this to report this.
Fix#16804
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update templates/user/dashboard/feeds.tmpl
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Backport #16813
Make the group_id a primary key in issue_index. This already has an
unique index and therefore is a good candidate for becoming a primary
key.
This PR also changes all other uses of this table to add the group_id as
the primary key.
The migration v192 from #16813 has not been backported but Xorm will
work fine with non-primary keyed tables. If a user on 1.15 wishes to
have the correct schema sooner than 1.16 - they can use gitea doctor
recreate-table issue_index and gitea will recreate the table with the
primary key.
Fix#16802
Signed-off-by: Andrew Thornton art27@cantab.net
Backport #16805Fix#16801
Even if default branch is removed from the current page, but the total branches number should be still kept. So that the pagination calculation will be correct.
Backport #16788
Although panics within the rendering pipeline are caught and dealt with,
panics that occur before that starts are unprotected and will kill Gitea
without being sent to the logs.
This PR adds a basic recovery handler to catch panics that occur after
the logger is initialised and ensure that they're sent to the logger.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Backport #16794
There is a missing return in handleSettingRemoteAddrError which means
that the error page for repo settings is duplicately rendered.
Fix#16771
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
The MySQL indexes are not being renamed at the same time as RENAME table despite the
CASCADE. Therefore it is probably better to just recreate the indexes instead.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
In #7269, thin scrollbars were added in Arc Green theme. It got moved
in base theme in #13361.
This PR removes the use of thin scrollbars which causes an
accessibility issue. The scrollbars become too thin to be dragged.
Signed-off-by: Elouan Martinet <exa@elou.world>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Partial Backport #16705
There was an inadvertent breaking change in #15629 meaning that notes refs and other
git extension refs will be automatically rejected.
This PR removes this incorrect forced rejection of non-standard refs.
Fix#16688
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16678
When files are highlighted the newline character needs to be added in a whitespace
compliant mode. Also ensure the final empty newline is rendered.
Fix#16434
Signed-off-by: Andrew Thornton <art27@cantab.net>
Partial backport #16356
Whilst looking at adding migration support for onedev it has become apparent that gitea would attempt to pull patches on other migration targets even if that PatchURL was empty.
The fuzzer found an issue with the issue pattern processor where there is a spurious
path.Clean which does not need to be there. This PR also sets the default AppURL for
the fuzzer too.
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: zeripath <art27@cantab.net>
From #16612 it was noticed that when creating new external users directly it was not
possible to set their username correctly. This PR restores this ability.
Signed-off-by: Andrew Thornton <art27@cantab.net>
This fixes two problems with MSSQL:
* `ALTER TABLE DROP ... IF EXISTS ...` is only supported in SQL Server >16.
The `IF EXISTS` here is a belt-and-braces and does not need to be present. Therefore
can be dropped. Also stop attempting to drop the indexes as constraints as they're indexes!
* System tables like: `sys.indexes` should be lowercase not uppercase because of collation issues.
Fix#13615
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
* Changelog for 1.15.0-rc3
## [1.15.0-rc3](https://github.com/go-gitea/gitea/releases/tag/v1.15.0-rc3) - 2021-08-04
* BREAKING
* Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
* SECURITY
* Upgrade to the latest version of golang-jwt and increase minimum go to 1.15 (#16590) (#16606)
* Switch to maintained jwt lib (#16532) (#16533)
* Correctly create of git-daemon-export-ok files (#16508) (#16514)
* Don't show private user's repo in explore view (#16550) (#16554)
* API
* Swagger AccessToken fixes (#16574) (#16597)
* Set AllowedHeaders on API CORS handler (#16524) (#16618)
* BUGFIXES
* Restore Accessibility for Dropdown (#16576) (#16617)
* Pass down SignedUserName down to AccessLogger context (#16605) (#16616)
* Fix table alignment in markdown (#16596) (#16602)
* Fix 500 on first wiki page (#16586) (#16598)
* Lock goth/gothic and Re-attempt OAuth2 registration on login if registration failed at startup (#16564) (#16570)
* Upgrade levelqueue to v0.4.0 (#16560) (#16561)
* Handle too long PR titles correctly (#16517) (#16549)
* Fix data race in bleve indexer (#16474) (#16509)
* Restore CORS on git smart http protocol (#16496) (#16506)
* Fix race in log (#16490) (#16505)
* Fix prepareWikiFileName to respect existing unescaped files (#16487) (#16498)
* Make cancel from CatFileBatch and CatFileBatchCheck wait for the command to end (#16479) (#16480)
* Update notification table with only latest data (#16445) (#16469)
* Revert to use alpine 3.13 (#16451) (#16452)
* Fix crash following ldap authentication update (#16447) (#16448)
* Fix direct creation of external users on admin page (partial #16612) (#16613)
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Update CHANGELOG.md
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
* Update CHANGELOG.md
Co-authored-by: zeripath <art27@cantab.net>
* Update CHANGELOG.md
* Update CHANGELOG.md
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: Lauris BH <lauris@nix.lv>
It is possible to create draft releases prior to creating a tag. This will cause a
500 on the releases page due to compare page failing.
This PR only shows the compare button if there is a SHA1 present.
Fix#16610
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Backport #16622
Forcibly update dev dependency on tar to 6.1.6
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Backport #16524
Set AllowedHeaders on API CORS handler and add missing Access-Control-Expose-Headers
to pull API.
Fix#16100
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16605
Unfortunately when the AccessLogger was moved back before the contexters the
SignedUserName reporting was lost. This is due to Request.WithContext leading to a
shallow copy of the Request and the modules/context/Context being within that request.
This PR adds a new context variable of a string pointer which is set and handled
in the contexters.
Fix#16600
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Backport #16576
This PR restores the vendored and patched dropdow from #8638. It
however, it partially abandons the call to `click()` using instead the
default dropdown click calls instead. This prevents the issue of the
dropdown grabbing focus permanently however, this may have negative
effects on the effect of focus on the dropdowns.
Of note, the behaviour of the template selector dropdown on the repo
creation page is slightly odd - I don't believe that this odd behaviour
is caused by this PR but rather by the feed source for this. I suspect
that the dropdown should be adding a delete button to its selection.
Fix#15172
References: #7057
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16596
Set the TableOptions in markdown to allow alignment of the tables to work correctly
Fix#15959
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16586
There is a mistake in #16319 and #16487 which means that the first time
a wiki page is created a 500 is reported because the `master` branch is
not in existence in that wiki yet.
This PR simply checks for this error and returns not found.
Fix#16584
Signed-off-by: Andrew Thornton <art27@cantab.net>
* Upgrade to the latest version of golang-jwt.
Backport #16590
* Forcibly update the vendored versions too
* Update our minimal go lang version to 1.15 (differs from 1.16 in #16590)
Signed-off-by: Andrew Thornton <art27@cantab.net>
### ⚠️ BREAKING ⚠️
This PR raises the minimal version of go supported to 1.15 which will mean the end of support of 32-bit Mac and Mac OS versions before Sierra.
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update minimal go required
Signed-off-by: Andrew Thornton <art27@cantab.net>
* update config.yaml
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16574
There is a subtle problem with the Swagger definition for AccessTokens which causes
autogeneration of APIs for these endpoints to fail.
This PR corrects these errors.
Ref: https://github.com/zeripath/java-gitea-api/issues/4
Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
Backport #16564
This PR has two parts:
* Add locking to goth and gothic calls with a RWMutex
The goth and gothic calls are currently unlocked and thus are a cause of multiple potential races
* Reattempt OAuth2 registration on login if registration failed
If OAuth2 registration fails at startup we currently disable the login_source however an alternative approach could be to reattempt registration on login attempt.
Fix#16096
Signed-off-by: Andrew Thornton <art27@cantab.net>
Backport #16517
The CompareAndPullRequestPost handler for POST to /compare
incorrectly handles returning errors to the user. For a start
it does not set the necessary markers to switch SimpleMDE
but it also does not immediately return to the form.
This PR fixes this by setting the appropriate values, fixing
the templates and preventing the suggestion of a too long
title.
Fix#16507
Signed-off-by: Andrew Thornton <art27@cantab.net>