Commit Graph

11415 Commits

Author SHA1 Message Date
GiteaBot ad42adac93 [skip ci] Updated translations via Crowdin 2021-03-16 00:12:50 +00:00
zeripath ed31ddc29a
Fix several render issues (#14986)
* Fix an issue with panics related to attributes
* Wrap goldmark render in a recovery function
* Reduce memory use in render emoji
* Use a pipe for rendering goldmark - still needs more work and a limiter

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-16 00:20:05 +01:00
Lauris BH 044cd4d016
Add reverse proxy configuration support for remote IP address (#14959)
* Add reverse proxy configuration support for remote IP address validation

* Trust all IP addresses in containerized environments by default

* Use single option to specify networks and proxy IP addresses. By default trust all loopback IPs

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-16 00:27:28 +02:00
zeripath 6e423d5573
Ensure validation occurs on clone addresses too (#14994)
* Ensure validation occurs on clone addresses too

Fix #14984

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix lint

Signed-off-by: Andrew Thornton <art27@cantab.net>

* fix test

Signed-off-by: Andrew Thornton <art27@cantab.net>

* Fix api tests

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-15 17:52:11 -04:00
tuxmaster5000 f268b4896b
Update comparison docs for gitlab (#14999) 2021-03-15 11:19:00 -04:00
Lauris BH 1ae9b2a89b
Update go-enry to v2.6.1 (#14997)
Co-authored-by: Gitea <gitea@gitea.io>
2021-03-15 04:20:02 +01:00
Mike L 5f8478ab0a
Fix repo page language stat span color (#14993)
Co-authored-by: Lauris BH <lauris@nix.lv>
2021-03-14 22:27:58 +02:00
Bo-Yi Wu 167b0f46ef
chore(models): rewrite code format. (#14754)
* chore: rewrite format.

* chore: update format

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* chore: update format

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>

* chore: Adjacent parameters with the same type should be grouped together

* chore: update format.
2021-03-14 19:52:12 +01:00
zeripath 164e35ead3
Make sure sibling images get a link too (#14979)
* Make sure sibling images get a link too

Due a problem with the ast.Walker in the our transformer in goldmark
an image with a sibling image will not be transformed to gain a parent
link. This PR fixes this.

Fix #12925

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-14 16:36:51 +00:00
zeripath 6463483ec5
Do not show full lfs file on error in git_test.go:rawTest() (#14980)
If there is a problem uploading to LFS it is possible for the raw
endpoint to return a very large file when a pointer file is expected
This will then cause the drone logs to fill up unnecessarily with
the contents of the very large file.

If the file returned from raw is of the incorrect size we should
therefore not test it see if it contains the pointer file
and just declare that it is incorrect.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-14 15:53:59 +00:00
Mike L 9566c9f0c7
Re-enable listing of forks when logged out (#14992)
* Re-enable listing of forks when logged out

* Further improvements on repo button logic
2021-03-14 14:48:28 +00:00
GiteaBot f5aaa74b90 [skip ci] Updated licenses and gitignores 2021-03-14 00:12:26 +00:00
Norwin 658d1bfac8
API: fix set milestone on PR creation (#14981)
* API: fix set milestone on PR creation

pr creation via API failed with 404, because we searched
for milestoneID 0, due to uninitialized var usage D:

* add tests

* fix expected status codes

* fix tests

Co-authored-by: 6543 <6543@obermui.de>
2021-03-13 19:06:52 +01:00
Mike L e256a62257
Fix spacing of issue/pulls list review status icons (#14985) 2021-03-13 15:37:09 +02:00
GiteaBot cc6470425c [skip ci] Updated translations via Crowdin 2021-03-13 00:12:41 +00:00
Norwin 19bcd29c7e
fix release mail html template (#14975)
was missing an </a>
2021-03-12 21:47:52 +00:00
Norwin 3c7582061f
check if original author is set (#14971)
Co-authored-by: zeripath <art27@cantab.net>
2021-03-12 21:01:33 +00:00
zeripath ff1bccf3dd
Fix Anchor jumping with escaped query components (#14969)
Fix #14968

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-12 18:59:13 +00:00
zeripath 42b9b46ad2
Never add labels not from this repository or organisation and remove org labels on transfer (#14928)
* Never add labels not from this repository or organisation and remove org labels on transfer

Prevent the addition of labels from outside of the repository or
organisation and remove organisation labels on transfer.

Related #14908

* switch to use sql

* subquery alias

* once more around the merry go round

* fix api problem
2021-03-12 18:45:49 +01:00
zeripath ccfb205ad1
Fix excluding more than two labels on issues list (#14962)
* Fix excluding more than two labels on issues list

Fix #14840

Signed-off-by: Andrew Thornton <art27@cantab.net>

* refactor DRY

* fix multiple-label filter on milestone issuelist

* Apply suggestions from code review

Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>

* Update web_src/js/index.js

Co-authored-by: Norwin Roosen <git@nroo.de>
Co-authored-by: jaqra <48099350+jaqra@users.noreply.github.com>
2021-03-13 00:07:23 +08:00
Norwin 855a4f476e
don't show project cog in issue sidebar if no permission (#14953) 2021-03-12 16:14:02 +01:00
zeripath 91ee3be588
Prevent incorrect HTML escaping in swagger.json (#14957)
* Prevent incorrect HTML escaping in swagger.json

Fix #14706

Signed-off-by: Andrew Thornton <art27@cantab.net>

* oops add it to the helper

Signed-off-by: Andrew Thornton <art27@cantab.net>

* try again

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-11 23:43:04 -05:00
Norwin df76d9f7ad
Show correct issues for team dashboard (#14952)
* fix no items under /org/$org/{issues,pulls}?type=mentioned

it was filtering by org id, but org-mentions are not persisted like that
to the DB, we need to filter by UID.
This means, selecting different teams will only have an effect on the
selected repos, otherwise results will be the same, which may be
suboptimal.

fixes #14941

* don't spam a warning for a perfectly fine request
2021-03-12 04:06:33 +01:00
a1012112796 a44b2d01d2
CI: pre install git last verson and git lfs in test (#14681)
link:
https://hub.docker.com/r/gitea/test_env
Source:
https://gitea.com/gitea/test_env/src/branch/master/Dockerfile

Signed-off-by: a1012112796 <1012112796@qq.com>
2021-03-12 03:04:43 +01:00
GiteaBot 21be2aee1a [skip ci] Updated translations via Crowdin 2021-03-12 00:12:35 +00:00
Kyle D e475ccfe09
Add kdumontnu to MAINTAINERS (#14964) 2021-03-11 23:25:07 +01:00
zeripath 5705f72fd6
Prevent panic when editing forked repos by API (#14960)
When editing forked repos using the API the BaseRepository needs to loaded
in order to check its visibility otherwise there will be NPE panic.

Fix #14956

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-11 19:09:52 +01:00
zeripath c8e5c79cfd
Add ui.explore settings to control view of explore pages (2) (#14094)
This is an alternative PR to #13687.

Add `[ui.explore]` settings to allow restricting the
explore pages to logged in users only and to disable the users explore page.

The two proposed settings are:

- `REQUIRE_SIGNIN_VIEW`: Only allows access to the explore pages if the
user is signed in. Also restricts
  - `/api/v1/user/search`
  - `/api/v1/users/{username}`
  - `/api/v1/users/{username}/repos`
  - but does not restrict `/api/v1/users/{username}/heatmap`
- `DISABLE_USERS_PAGE`: Disables the /explore/users page

Fix #2908

Close #13687 

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: 6543 <6543@obermui.de>
2021-03-11 13:40:54 +00:00
KN4CK3R bc423a1e84
Use correct default value (#14949)
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-11 00:09:30 -05:00
techknowlogick b175791665
build darwin on arm64 platforms (#14951)
fix #14945
2021-03-10 23:59:57 -05:00
GiteaBot a13c801b21 [skip ci] Updated translations via Crowdin 2021-03-11 00:12:39 +00:00
GiteaBot b7208c727d [skip ci] Updated translations via Crowdin 2021-03-10 00:12:39 +00:00
Ikko Ashimine 5b94a07ab5
Fix typo in .golangci.yml (#14933)
occured -> occurred
2021-03-09 03:38:18 -05:00
GiteaBot 8ee4d977a1 [skip ci] Updated translations via Crowdin 2021-03-09 00:12:38 +00:00
6543 177da717a7
[API] get pull, return head branch sha, even if deleted (#14931)
* API: return head branch sha, even if deleted

* relax if ref not resolvable
2021-03-08 21:48:31 +01:00
6543 14d8cb7819
Move Workaround for #12675 into it's own function (#14922)
* Move Workatround for #12675 into it's own function

* use more reliable solution (as tea do)
2021-03-08 20:00:19 +01:00
Norwin f4ce10c6a3
Minor UI fixes (#14926)
* disable fork button when not signed in

* fix commit body styling on PR page

* fixup! fix commit body styling on PR page
2021-03-08 18:55:37 +01:00
fnetX (aka fralix) f061277c86
Add "captcha" to list of reserved usernames (#14929)
Signed-off-by: Otto Richter <git@fralix.ovh>
2021-03-08 17:49:29 +01:00
zeripath 61711143b9
Fix alignment of People and Teams right arrow on org homepage (#14924)
Fix #14854

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: 6543 <6543@obermui.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2021-03-08 15:52:58 +01:00
zeripath eb576269d4
Re-enable import local paths after reversion from #13610 (#14925)
PR #13610 unfortunately disabled importing repositories from local paths.
This PR restores this functionality.

Fix #14700

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 13:10:17 +00:00
zeripath c03f530212
Make internal SSH server host key path configurable (#14918)
* Make SSH server host key path configurable

* make it possible to have multiple keys

* Make gitea.rsa the default key

* Add some more logging

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 03:43:59 +01:00
zeripath 78b7529cd4
Fix overdue marking of closed issues and milestones (#14923)
Closed milestones and issues should only be marked overdue if they were
closed after their deadline.

Fix: #14536

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-08 02:55:57 +01:00
GiteaBot 09fe0abb32 [skip ci] Updated translations via Crowdin 2021-03-08 00:12:25 +00:00
6543 ae62bb7b6c
Changelog v1.13.4 (#14917) (#14920) 2021-03-08 00:07:02 +01:00
Norwin 5eafd117a6
docs: swagger show models by default (#14880) 2021-03-07 22:19:14 +01:00
KN4CK3R 40aca73347
Fix migration context data (#14910)
* Unified context data.

* Changed method name.
2021-03-07 20:21:09 +01:00
zeripath 9b261f52f0
Add SameSite setting for cookies (#14900)
Add SameSite setting for cookies and rationalise the cookie setting code. Switches SameSite to Lax by default. 

There is a possible future extension of differentiating which cookies could be set at Strict by default but that is for a future PR.

Fix #5583

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-07 08:12:43 +00:00
zeripath beed5476e2
Prevent panic when empty MilestoneID in repo/issue/list (#14911)
This PR adds a simple check to only test the MilestoneID if it is not empty.

Fix #14906

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: techknowlogick <techknowlogick@gitea.io>
2021-03-07 10:25:54 +08:00
GiteaBot 4ba8572361 [skip ci] Updated licenses and gitignores 2021-03-07 00:12:31 +00:00
zeripath a68db9076a
Fix race in LFS ContentStore.Put(...) (#14895)
Continuing on from #14888

The previous implementation has race whereby an incomplete upload or
hash mismatch upload can end up in the ContentStore. This PR moves the
validation into the reader so that if there is a hash error or size
mismatch the reader will return with an error instead of an io.EOF
causing the storage to abort the storage.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2021-03-06 20:21:56 +00:00