1
1
mirror of https://github.com/go-gitea/gitea synced 2025-09-28 03:28:13 +00:00
Commit Graph

12721 Commits

Author SHA1 Message Date
Gusted
d644289fcb Backport: Disable content sniffing on PlainTextBytes (#18365)
- Backport of #18359
2022-01-23 01:58:09 +02:00
6543
fd9ff7cd6f Update github.com/duo-labs/webauthn (#18357) (#18364) 2022-01-22 13:32:10 -05:00
GiteaBot
b7c6457648 [skip ci] Updated translations via Crowdin 2022-01-19 21:28:43 +00:00
zeripath
6b0a71230d Stop trimming preceding and suffixing spaces from editor filenames (#18334)
* Stop trimming preceding and suffixing spaces from editor filenames

In #5702 it was decided to trim preceding and suffixed spaces aswell as / from
editing file filenames. This was because at this point in time the url-safety of
Gitea was much poorer.

We can now drop this requirement and file editing should work correctly.

Fix #18176

Signed-off-by: Andrew Thornton <art27@cantab.net>
v1.16.0-rc1
2022-01-19 21:03:15 +00:00
GiteaBot
c68f1281f6 [skip ci] Updated translations via Crowdin 2022-01-19 20:29:22 +00:00
silverwind
f19f53c077 Left-Align text in Unicode warning boxes (#18331)
Wrapped text is more readable when left-aligned.

Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: zeripath <art27@cantab.net>
2022-01-19 19:25:08 +00:00
zeripath
6779d9726f Only warn on bidi but still escape non-bidi (#18333)
Fix #18324

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-19 19:24:15 +00:00
wxiaoguang
6fba174606 Fix incorrect OAuth message (#18332)
As the title,

Fix #18327
2022-01-19 19:05:06 +00:00
GiteaBot
531b6d60e1 [skip ci] Updated translations via Crowdin 2022-01-19 18:28:18 +00:00
techknowlogick
4a6bae59c0 Changelog for 1.16.0-rc1 (#18309)
Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
Co-authored-by: 6543 <6543@obermui.de>
2022-01-19 18:08:23 +01:00
zeripath
4a20eadfd7 Restore propagation of ErrDependenciesLeft (#18325)
Unfortunately #17643 prevented all propagation of ErrDependenciesLeft meaning
that dependency errors that prevent closing of issues get swallowed.

This PR restores propagation of the error but instead swallows the error in the
places where it needs to be swallowed.

Fix #18223

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-19 00:26:42 +01:00
wxiaoguang
84f8ef3df6 Fix PR comments UI (#18323)
Closes:
* Review comment cannot be edited #17768
* Changing PR Comment Resolved State Disables Further Changes #18315
2022-01-19 01:28:38 +08:00
wxiaoguang
11b4827791 Make the height of the editor in Review Box smaller (4 lines as GitHub) (#18319)
And shrink the height of Dropzone.
2022-01-19 00:57:57 +08:00
Gusted
9dcf0bf6ec Fix commit links on compare page (#18310)
* Fix commit links on compare page

- Use the correct repo link for each commit(the headrepo). As for
compare pages were baserepo != headrepo, it wouldn't have the correct
link.

Co-authored-by: zeripath <art27@cantab.net>
2022-01-18 16:12:10 +00:00
silverwind
8156e0f855 Update JS dependencies, remove eslint-plugin-github (#18317)
- Update all JS dependencies
- Add new lint rules
- Regenerate SVGs
- Tested Monaco and Mermaid
* Remove eslint-plugin-github
2022-01-18 23:01:36 +08:00
Peter Gardfjäll
89a3214352 Add MirrorUpdated field to Repository API type (#18267)
Add the last update time to the repository api type.

Close #18266
2022-01-18 13:18:30 +00:00
zeripath
68b59d8966 replace satori/go.uuid with gofrs/uuid (#18311)
Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 11:04:24 +00:00
JonRB
483409716d Place inline diff comment dialogs in the 4th column. (#18321)
Comment dialogs for inline comments should appear in 4th column (not 3rd column), this PR changes the column that the inline review comment is associated with.

This problem has occurred due to an unrecognised conflict between #17562 and #17315. 

Fix as zeripath suggested in #18320

Fix #18320 

Co-authored-by: zeripath <art27@cantab.net>
2022-01-18 10:28:45 +00:00
zeripath
089b4e6a45 Use indirect comparison when showing pull requests (#18313)
When generating the commits list and number of files changed for PRs and
compare we should use "..." always not "..".

Fix #18303

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 07:45:43 +00:00
zeripath
a7ee4d507a Prevent ambiguous column error in organizations page (#18314)
Explicitly set the table for the org_id column queries on the organizations pages.

Fix #18229

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 07:45:14 +00:00
zeripath
851b54ba9f Correctly upload LFS files (#18316)
We need to use the cached .gitattributes file for checking if a file
should be stored in the lfs.

Fix #18297

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-18 07:44:30 +00:00
GiteaBot
eed8633fb0 [skip ci] Updated translations via Crowdin 2022-01-18 00:31:56 +00:00
a1012112796
8581e2f4ec update description about vendoring in CONTRIBUTING.md (#18280)
* update description about vendoring in CONTRIBUTING.md

follow #18277

Signed-off-by: a1012112796 <1012112796@qq.com>

* Update CONTRIBUTING.md

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

* fix and readd test-vendor step

* remove vendor from .gitattributes @silverwind

* simplify go mod check

Signed-off-by: a1012112796 <1012112796@qq.com>

* Revert "remove vendor from .gitattributes @silverwind"

This reverts commit 4789e704cb.

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2022-01-17 13:39:07 -05:00
Aravinth Manivannan
076cead40d Fix CheckRepoStats and reuse it during migration (#18264)
The CheckRepoStats function missed the following counters:

- label num_closed_issues & num_closed_pulls
- milestone num_closed_issues & num_closed_pulls

The update SQL statements for updating the repository
num_closed_issues & num_closed_pulls fields were repeated in three
functions (repo.CheckRepoStats, migrate.insertIssues and
models.Issue.updateClosedNum) and were moved to a single helper.

The UpdateRepoStats is implemented and called in the Finish migration method so that it happens immediately instead of wating for the
CheckRepoStats to run.

Signed-off-by: Loïc Dachary loic@dachary.org

---
[source](https://lab.forgefriends.org/forgefriends/forgefriends/-/merge_requests/34)
2022-01-17 19:31:58 +01:00
silverwind
7dde39a6db Minor tweak to tag list (#18295)
Slightly reduce the font size and padding in the tags table, it seemed a bit too big to me.
2022-01-17 14:26:35 +01:00
a1012112796
43a22c6a21 show pull link for agit pull request also (#18235) 2022-01-17 13:56:43 +08:00
GiteaBot
bd7680f450 [skip ci] Updated translations via Crowdin 2022-01-17 00:28:33 +00:00
silverwind
212e81f11d Add some .ignore entries (#18296)
Exclude node_modules and minified files from search tools like `rg` and `ag`.
2022-01-16 17:26:15 +00:00
Ben Niemann
2871e58a01 Remove unneeded debug messages to stdout. (#18298)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-16 23:42:06 +08:00
zeripath
52bfb7f012 Handle missing default branch better in owner/repo/branches page (#18290)
This PR more nicely handles a missing default branch in owner/repo/branches

Fix #18265

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-01-16 22:59:16 +08:00
wxiaoguang
4d0a72a271 Revert "Prevent possible XSS when using jQuery (#18289)" (#18293)
This reverts commit 661d3d28e9.
2022-01-16 11:19:26 +00:00
a1012112796
72b3681648 not show double error response in git hook (#18292)
if return a error message to cli, it will print it
to stderr which is duplicate with our code (line 82
in same file). so user will see two line same
error message in git output. I think it's not mecessary,
so suggerst not return error message to cli. Thanks.

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-01-16 09:32:32 +00:00
zeripath
7960c96c19 Remove accidental debugging in blob_excerpt.tmpl (#18287)
* Remove accidental debugging in blob_excerpt.tmpl

Unfortunately it appears that a small bit of debugging code was left in blob_excerpt.tmpl
This breaks diff expansion causing #18281.

Fix #18281

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-16 09:31:41 +00:00
Gusted
661d3d28e9 Prevent possible XSS when using jQuery (#18289)
In the case of misuse or misunderstanding from a developer whereby,
if `sel` can receive user-controlled data, jQuery `$(sel)` can lead to the
creation of a new element. Current usage is using hard-coded selectors
in the templates, but nobody prevents that from expanding to
user-controlled somehow.
2022-01-16 13:14:32 +08:00
zeripath
4b4884ce88 Return nicer error if trying to pull from non-existent user (#18288)
* Return nicer error if trying to pull from non-existent user

Gitea serv will currently return an 500 if we try to pull from a repository where
the owner does not exist.

This PR checks for the UserNotExist Error when checking for the user and will
return a NotFound error instead.

Fix #18225
2022-01-16 11:44:11 +08:00
GiteaBot
a15353dc00 [skip ci] Updated translations via Crowdin 2022-01-16 00:28:39 +00:00
Jan Tojnar
a38ab71b20 docs: mention client_max_body_size affects LFS (#18291) 2022-01-15 17:26:01 -05:00
silverwind
0ed9b006e8 Add lockfile-check (#18285)
* Add lockfile-check

This check runs `npm install` which will rewrite the lockfile in case it
is inconsistent with package.json. This check detects this and will fail
the CI in such a case.
2022-01-15 21:06:29 +01:00
zeripath
d7c2a2951c Webauthn nits (#18284)
This contains some additional fixes and small nits related to #17957 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-15 17:52:56 +01:00
Gusted
e239d354c9 Update package-lock.json (#18283)
- NPM didn't like that package-lock.json was out-of-sync, webpack
throwed some errors as well with building.
- Follow-up for: #18278
2022-01-15 15:25:25 +01:00
wxiaoguang
aa1e8f6a74 Upgrade EasyMDE to 2.16.1 (#18278) 2022-01-15 11:20:47 +01:00
techknowlogick
84145e45c5 Remove golang vendored directory (#18277)
* rm go vendor

* fix drone yaml

* add to gitignore
2022-01-14 18:16:05 -05:00
zeripath
2b16ca7c77 Changelog for 1.15.10 (#18274) (#18276)
* Changelog for 1.15.10 (#18274)

[1.15.10](https://github.com/go-gitea/gitea/releases/tag/v1.15.10) - 2022-01-14

* BUGFIXES
  * Fix inconsistent PR comment counts (#18260) (#18261)
  * Fix release link broken (#18252) (#18253)
  * Fix update user from site administration page bug (#18250) (#18251)
  * Set HeadCommit when creating tags (#18116) (#18173)
  * Use correct translation key for error messages due to max repo limits (#18135 & #18153) (#18152)
  * Fix purple color in suggested label colors (#18241) (#18242)
* SECURITY
  * Bump mermaid from 8.10.1 to 8.13.8 (#18198) (#18206)

* update docs/config.yaml

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Richard Mahn <richmahn@users.noreply.github.com>
2022-01-14 15:02:37 -05:00
Lunny Xiao
35c3553870 Support webauthn (#17957)
Migrate from U2F to Webauthn

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-14 16:03:31 +01:00
GiteaBot
8808293247 [skip ci] Updated translations via Crowdin 2022-01-14 00:29:34 +00:00
Gusted
d413a1f8a4 Improve the comment for 2FA filter in admin panel (#18017)
Replace TODO with explanation

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-13 21:32:28 +01:00
Norwin
696521b33b fix regression from #16075 (#18260)
we don't want reviews to count towards comments, as this needs changes
in other components as well (eg repo stats cron job, etc).

Co-authored-by: 6543 <6543@obermui.de>
2022-01-14 00:50:43 +08:00
silverwind
f635d60344 Prevent underline hover on cards (#18259)
Prevent a undesired underline effect on hovered cards.

This was regressed by #17898.
2022-01-13 14:33:04 +00:00
Lunny Xiao
dd135c6258 Fix release link broken (#18252)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-13 15:14:53 +02:00
Aravinth Manivannan
69a28299e2 migrations: a deadline at January 1st, 1970 is valid (#18237)
* migrations: a deadline at January 1st, 1970 is valid

Do not change the deadline value if it is set to January 1st, 1970.

Setting the deadline to year 9999 when it is zero (which is equal to
January 1st, 1970) modifies a deadline set to January 1st, 1970 which
is a valid date. In addition, setting a date in year 9999 will be
converted to a null date in some cases.

Signed-off-by: Loïc Dachary <loic@dachary.org>

* tests: set milestone.deadline_unix in fixtures

The value of deadline_unix must be set to 253370764800 (i.e. 9999-01-01) in
fixtures, otherwise it will be inserted as null which leads to
unexpected errors. For instance, DumpRepository will store a null
deadline_unix as 0 (i.e. 1970-01-01) and RestoreRepository will change
it to 9999-01-01.

Signed-off-by: Loïc Dachary <loic@dachary.org>

Co-authored-by: Loïc Dachary <loic@dachary.org>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-01-13 14:03:30 +08:00