4670 Commits

Author	SHA1	Message	Date
Zettat123	0690cb076b	Fix missing signature key error when pulling Docker images with SERVE_DIRECT enabled (#32365) ... Fix #28121 I did some tests and found that the `missing signature key` error is caused by an incorrect `Content-Type` header. Gitea correctly sets the `Content-Type` header when serving files. 348d1d0f32/routers/api/packages/container/container.go (L712-L717) However, when `SERVE_DIRECT` is enabled, the `Content-Type` header may be set to an incorrect value by the storage service. To fix this issue, we can use query parameters to override response header values. https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html <img width="600px" src="https://github.com/user-attachments/assets/f2ff90f0-f1df-46f9-9680-b8120222c555" /> In this PR, I introduced a new parameter to the `URL` method to support additional parameters. ``` URL(path, name string, reqParams url.Values) (*url.URL, error) ``` --- Most S3-like services support specifying the content type when storing objects. However, Gitea always use `application/octet-stream`. Therefore, I believe we also need to improve the `Save` method to support storing objects with the correct content type. b7fb20e73e/modules/storage/minio.go (L214-L221)	2024-10-31 15:28:25 +00:00
wxiaoguang	a4a121c684	Fix suggestions for issues (#32380)	2024-10-30 20:06:36 +00:00
Oleksandr Redko	f4d3aaeeb9	refactor: remove redundant err declarations (#32381)	2024-10-30 19:36:24 +00:00
6543	58eb16eda7	Respect UI.ExploreDefaultSort setting again (#32357) ... fix regression of https://github.com/go-gitea/gitea/pull/29430 --- *Sponsored by Kithara Software GmbH*	2024-10-30 12:33:25 +00:00
Anbraten	b7fb20e73e	Suggestions for issues (#32327) ... closes #16872	2024-10-29 17:20:49 +08:00
wxiaoguang	d70af38447	Refactor the DB migration system slightly (#32344) ... Introduce "idNumber" for each migration, and clarify the difference between the migration ID number and database version.	2024-10-27 19:54:35 +08:00
Lunny Xiao	2abdbe88b5	Fix disable 2fa bug (#32320)	2024-10-23 06:41:00 +00:00
Tim	de2ad2e1b1	Make admins adhere to branch protection rules (#32248) ... This introduces a new flag `BlockAdminMergeOverride` on the branch protection rules that prevents admins/repo owners from bypassing branch protection rules and merging without approvals or failing status checks. Fixes #17131 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com> Co-authored-by: Giteabot <teabot@gitea.io>	2024-10-23 12:39:43 +08:00
Zettat123	9206fbb55f	Add DISABLE_ORGANIZATIONS_PAGE and DISABLE_CODE_PAGE settings for explore pages and fix an issue related to user search (#32288) ... These settings can allow users to only display the repositories explore page. Thanks to yp05327 and wxiaoguang ! --------- Co-authored-by: Giteabot <teabot@gitea.io> Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2024-10-22 13:09:19 +08:00
6543	d638067d3c	API: enhance SearchIssues swagger docs (#32208) ... this will result in better api clients generated out of the openapi docs ... for SearchIssues --- *Sponsored by Kithara Software GmbH*	2024-10-19 20:11:56 +00:00
wxiaoguang	5242e520c4	Make owner/repo/pulls handlers use "PR reader" permission (#32254) ... Fix #32253 (partially)	2024-10-15 06:47:07 +00:00
wxiaoguang	afa8dd45af	Make git push options accept short name (#32245) ... Just like what most CLI parsers do: `--opt` means `opt=true` Then users could use `-o force-push` as `-o force-push=true`	2024-10-12 05:42:10 +00:00
Zettat123	0fe5e2b08c	Allow maintainers to view and edit files of private repos when "Allow maintainers to edit" is enabled (#32215) ... Fix #31539	2024-10-11 19:08:19 +00:00
Lunny Xiao	aebb741c08	Use per package global lock for container uploads instead of memory lock (#31860) ... This PR uses a per-package lock instead of a global lock for container uploads. So that different packages can be uploaded simultaneously.	2024-10-11 07:37:49 +00:00
Lunny Xiao	c2217670dd	Move admin routers from /admin to /-/admin (#32189) ... Resolve #32181 --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2024-10-10 04:56:49 +00:00
wxiaoguang	dd83cfcacc	Refactor CSRF token (#32216)	2024-10-10 03:48:21 +00:00
Zettat123	4eacc61f64	Fix incorrect "Target branch does not exist" in PR title (#32222)	2024-10-10 08:25:46 +08:00
Lunny Xiao	d6d3c96e65	Fix bug when a token is given public only (#32204)	2024-10-08 12:51:09 +03:00
6543	bdd655f2bd	Allow filtering PRs by poster in the ListPullRequests API (#32209) ... as title --- *Sponsored by Kithara Software GmbH*	2024-10-07 23:21:07 +02:00
Zisu Zhang	66923e02d2	Enhance USER_DISABLED_FEATURES to allow disabling change username or full name (#31959) ... Fix #31958 Enhanced `USER_DISABLED_FEATURES`(also `EXTERNAL_USER_DISABLE_FEATURES`) option in `[admin]` section. Added following values: - `change_username`: Disable change username - `change_full_name`: Disable change full name --- Progress: - [x] Update code - [x] Update translations	2024-10-05 20:41:38 +00:00
yp05327	5d6d025c9b	Add support for searching users by email (#30908) ... Fix #30898 we have an option `SearchByEmail`, so enable it, then we can search user by email. Also added a test for it.	2024-10-04 17:45:06 +00:00
Job	7e68bc8823	Fix PR creation on forked repositories (#31863) ... Resolves #20475	2024-10-04 13:12:48 -04:00
Lunny Xiao	a989404e23	Fix javascript error when an anonymous user visiting migration page (#32144) ... This PR fixes javascript errors when an anonymous user visits the migration page. It also makes task view checking more restrictive. The router moved from `/user/task/{id}/status` to `/username/reponame/-/migrate/status` because it's a migrate status. --------- Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>	2024-10-02 04:37:16 +00:00
Lunny Xiao	3a4a1bffbe	Make oauth2 code clear. Move oauth2 provider code to their own packages/files (#32148) ... Fix #30266 Replace #31533	2024-10-02 08:03:19 +08:00
yp05327	70b7df0e5e	Support repo license (#24872) ... Close #278 Close #24076 ## Solutions: - Use [google/licenseclassifier](https://github.com/google/licenseclassifier/) Test result between [google/licensecheck](https://github.com/google/licensecheck) and [go-license-detector](https://github.com/go-enry/go-license-detector): https://github.com/go-gitea/gitea/pull/24872#issuecomment-1560361167 Test result between [google/licensecheck](https://github.com/google/licensecheck) and [google/licenseclassifier](https://github.com/google/licenseclassifier/): https://github.com/go-gitea/gitea/pull/24872#issuecomment-1576092178 - Generate License Convert Name List to avoid import license templates with same contents Gitea automatically get latest license data from[ spdx/license-list-data](https://github.com/spdx/license-list-data). But unfortunately, some license templates have same contents. #20915 [click here to see the list](https://github.com/go-gitea/gitea/pull/24872#issuecomment-1584141684) So we will generate a list of these license templates with same contents and create a new file to save the result when using `make generate-license`. (Need to decide the save path) - Save License info into a new table `repo_license` Can easily support searching repo by license in the future. ## Screen shot Single License:  Multiple Licenses:  Triggers: - [x] Push commit to default branch - [x] Create repo - [x] Mirror repo - [x] When Default Branch is changed, licenses should be updated Todo: - [x] Save Licenses info in to DB when there's a change to license file in the commit - [x] DB Migration - [x] A nominal test? - [x] Select which library to use(https://github.com/go-gitea/gitea/pull/24872#issuecomment-1560361167) - [x] API Support - [x] Add repo license table - ~Select license in settings if there are several licenses(Not recommended)~ - License board(later, not in this PR)  --------- Co-authored-by: silverwind <me@silverwind.io> Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com> Co-authored-by: Denys Konovalov <kontakt@denyskon.de> Co-authored-by: delvh <dev.lh@web.de> Co-authored-by: KN4CK3R <admin@oldschoolhack.me> Co-authored-by: 6543 <6543@obermui.de> Co-authored-by: 6543 <m.huber@kithara.com> Co-authored-by: a1012112796 <1012112796@qq.com> Co-authored-by: techknowlogick <techknowlogick@gitea.com>	2024-10-01 15:25:08 -04:00
Zettat123	f4b8f6fc40	Fix the logic of finding the latest pull review commit ID (#32139) ... Fix #31423	2024-10-01 01:58:55 +00:00
ConcurrentCrab	8a9fd7f771	Add pure SSH LFS support (#31516) ... Fixes #17554 /claim #17554 Docs PR https://gitea.com/gitea/docs/pulls/49 To test, run pushes like: `GIT_TRACE=1` git push. The trace output should mention "pure SSH connection".	2024-09-27 10:27:37 -04:00
charles	3269b04d61	Notify the user when the file path contains leading or trailing spaces and fix the error message for invalid file names. (#31507) ... close #31478	2024-09-24 19:06:52 +00:00
Lunny Xiao	e2f365b55c	Display head branch more comfortable on pull request view (#32000) ... This PR do some minor improvements for head branch display on pull request view UI. - [x] Remove the link if the head branch has been deleted with a tooltip, so that users will not result in a 404 page - [x] Display a label if this pull request is an agit based one. 	2024-09-24 04:14:57 +00:00
Lunny Xiao	6eb5950835	Allow set branch protection in an empty repository (#32095)	2024-09-24 02:06:28 +00:00
Zettat123	fcedf634d5	Fix bug in getting merged pull request by commit (#32079)	2024-09-24 01:00:09 +00:00
cloudchamb3r	e1f0598c8f	Fix Bug in Issue/pulls list (#32081) ... fix #32080 ## After ### for opened issues <img width="1199" alt="Screenshot 2024-09-19 at 6 29 31 PM" src="https://github.com/user-attachments/assets/86cf48ad-5e4b-4dcb-8abe-4d7fd74e0aec"> ### for closed issues <img width="1208" alt="Screenshot 2024-09-19 at 6 29 37 PM" src="https://github.com/user-attachments/assets/a16bc545-bfcf-49a4-be52-3e7334910482"> ### for all issues <img width="1340" alt="Screenshot 2024-09-20 at 12 07 12 PM" src="https://github.com/user-attachments/assets/b2309c8f-e59d-44e9-ae3b-bf54e1196169">	2024-09-24 01:09:57 +08:00
Lunny Xiao	9e0db1b646	Fix rename branch permission bug (#32066) ... The previous implementation requires admin permission to rename branches which should be write permission. Fix #31993	2024-09-22 18:08:27 +00:00
ChristopherHX	b594cec2bd	Fix artifact v4 upload above 8MB (#31664) ... Multiple chunks are uploaded with type "block" without using "appendBlock" and eventually out of order for bigger uploads. 8MB seems to be the chunk size This change parses the blockList uploaded after all blocks to get the final artifact size and order them correctly before calculating the sha256 checksum over all blocks Fixes #31354	2024-09-22 14:01:09 +03:00
Lunny Xiao	a802508f88	Fix wrong last modify time (#32102)	2024-09-21 21:56:25 +00:00
Lunny Xiao	5de41737a5	Fix upload maven pacakge parallelly (#31851) ... Use globallock for maven package uploads. Thanks @tlusser for the test code. Depends on ~#31813~	2024-09-21 19:26:45 +00:00
KN4CK3R	08adbc468f	Fix incorrect /tokens api (#32085) ... Fixes #32078 - Add missing scopes output. - Disallow empty scope. --------- Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>	2024-09-20 19:00:39 +00:00
wxiaoguang	1fede04b83	Refactor CSRF protector (#32057) ... Remove unused CSRF options, decouple "new csrf protector" and "prepare" logic, do not redirect to home page if CSRF validation falis (it shouldn't happen in daily usage, if it happens, redirecting to home doesn't help either but just makes the problem more complex for "fetch")	2024-09-18 15:17:25 +08:00
Bruno Sofiato	7dde3e6489	Included tag search capabilities (#32045) ... Resolves #31998 The first screenshot shows the tag page without any filter being applied:  The second one, shows the page when the given filter returns no tag:  The last one shows a single tag being filtered:  Signed-off-by: Bruno Sofiato <bruno.sofiato@gmail.com>	2024-09-18 02:33:11 +08:00
Lunny Xiao	3febcaa53b	Use a common message template instead of a special one (#31878)	2024-09-14 17:17:49 +00:00
Zettat123	3a51c37672	Check if the due_date is nil when editing issues (#32035)	2024-09-14 12:40:36 -04:00
Kemal Zebari	f05d9c98c4	Handle invalid target when creating releases using API (#31841) ... A 500 status code was thrown when passing a non-existent target to the create release API. This snapshot handles this error and instead throws a 404 status code. Discovered while working on #31840.	2024-09-12 07:47:31 +00:00
Lauris BH	4ab6fc62d2	Add option to filter board cards by labels and assignees (#31999) ... Works in both organization and repository project boards Fixes #21846 Replaces #21963 Replaces #27117  **Note** that implementation was made intentionally to work same as in issue list so that URL can be bookmarked for quick access with predefined filters in URL	2024-09-12 03:53:40 +00:00
Daniel	64298dcb9e	Failed authentications are logged to level Warning (#32016) ... PR for issue #31968 Replaces PR #31983 to comply with gitea's error definition Failed authentications are now logged to level `Warning` instead of `Info`.	2024-09-11 17:58:45 +00:00
Zettat123	def1c9670b	Support migration from AWS CodeCommit (#31981) ... This PR adds support for migrating repos from [AWS CodeCommit](https://docs.aws.amazon.com/codecommit/latest/userguide/welcome.html). The access key ID and secret access key are required to get repository information and pull requests. And [HTTPS Git credentials](https://docs.aws.amazon.com/codecommit/latest/userguide/setting-up-gc.html) are required to clone the repository. <img src="https://github.com/user-attachments/assets/82ecb2d0-8d43-42b0-b5af-f5347a13b9d0" width="680" /> The AWS CodeCommit icon is from [AWS Architecture Icons](https://aws.amazon.com/architecture/icons/). <img src="https://github.com/user-attachments/assets/3c44d21f-d753-40f5-9eae-5d3589e0d50d" width="320" />	2024-09-11 07:49:42 +08:00
techknowlogick	d9a7748cdc	bump to go 1.23 (#31855)	2024-09-10 02:23:07 +00:00
techknowlogick	f183783baa	Save initial signup information for users to aid in spam prevention (#31852) ... This will allow instance admins to view signup pattern patterns for public instances. It is modelled after discourse, mastodon, and MediaWiki's approaches. Note: This has privacy implications, but as the above-stated open-source projects take this approach, especially MediaWiki, which I have no doubt looked into this thoroughly, it is likely okay for us, too. However, I would be appreciative of any feedback on how this could be improved. --------- Co-authored-by: Giteabot <teabot@gitea.io>	2024-09-09 17:05:16 -04:00
Wim	01dec7577a	Remove SHA1 for support for ssh rsa signing (#31857) ... https://github.com/go-fed/httpsig seems to be unmaintained. Switch to github.com/42wim/httpsig which has removed deprecated crypto and default sha256 signing for ssh rsa. No impact for those that use ed25519 ssh certificates. This is a breaking change for: - gitea.com/gitea/tea (go-sdk) - I'll be sending a PR there too - activitypub using deprecated crypto (is this actually used?)	2024-09-07 18:05:18 -04:00
william-allspice	e9c64f41a6	Distinguish official vs non-official reviews, add tool tips, and upgr… (#31924) ... This Pull Request is a follow up to https://github.com/go-gitea/gitea/pull/31886: 1. Adds a UI indicator between official (green) and unofficial (grey) approved pull requests on the Pull Request page (as suggested by @kdumontnu ) 2. Adds tooltips adding clarity to the type and status of a review on the Pull Request page (as suggested by @kdumontnu) 3. Updates text adding more clarity to required approvals (as suggested by @kdumontnu) 4. Updates text on the branch settings page explaining what branch approval limitations (as suggested by @yp05327) Official approval: <img width="376" alt="Screenshot 2024-08-26 at 1 03 52 PM" src="https://github.com/user-attachments/assets/500f083d-bfc0-45c5-82b7-b98e20495696"> Unofficial approval: <img width="442" alt="Screenshot 2024-08-26 at 12 53 15 PM" src="https://github.com/user-attachments/assets/e8c565ff-5886-4ce1-8b79-a0fa26c282f7"> Rejected approval: <img width="452" alt="Screenshot 2024-08-26 at 12 53 06 PM" src="https://github.com/user-attachments/assets/aebc0e2f-7052-4dea-8098-7caa0db86617"> Stale approval: <img width="546" alt="Screenshot 2024-08-26 at 1 07 59 PM" src="https://github.com/user-attachments/assets/da599ff3-e35c-4fa3-8141-ed80b738dd77"> Requested review tooltip: <img width="434" alt="Screenshot 2024-08-26 at 12 53 22 PM" src="https://github.com/user-attachments/assets/460d163e-8724-43b6-8760-34b285da8fe2"> Updated text for approvals: <img width="991" alt="Screenshot 2024-08-26 at 12 54 00 PM" src="https://github.com/user-attachments/assets/ab3ff012-9742-4c1b-933d-21addcb89f2c"> Updated text for allowlisted/whitelisted approvals: <img width="990" alt="Screenshot 2024-08-26 at 1 01 40 PM" src="https://github.com/user-attachments/assets/1a5bae61-d9e0-4d96-b86f-92610b0940d1"> Protected branch settings text: <img width="1022" alt="Screenshot 2024-08-26 at 1 01 14 PM" src="https://github.com/user-attachments/assets/892ce208-e1c2-41f7-8fec-46d5a0e7e776"> Comments list: <img width="1048" alt="Screenshot 2024-08-28 at 9 25 31 AM" src="https://github.com/user-attachments/assets/9c5c00c5-06cf-43b3-b413-4f7f673609b2"> --------- Co-authored-by: Kyle D. <kdumontnu@gmail.com>	2024-09-06 06:40:02 +00:00
Adam Majer	bf7ae0429c	Return 404 instead of error when commit not exist (#31977) ... Fix #31976	2024-09-06 02:39:23 +08:00