09d5028442
Fix the runs will not be displayed bug when the main branch have no workflows but other branches have ( #28359 )
12 months ago
14354e4f8e
Read `previous` info from git blame ( #28306 )
...
Fixes #28280
Reads the `previous` info from the `git blame` output instead of
calculating it afterwards.
12 months ago
3618715fab
Add missing variable in tag list ( #28305 )
...
This fixes a regression from #25859
If a tag has no Release, Gitea will show a Link to create a Release for
the Tag if the User has the Permission to do this, but the variable to
indicate that is no longer set.
Used here:
1bfcdeef4c/templates/repo/tag/list.tmpl (L39-L41)
12 months ago
8572e71a7f
Fix issue will be detected as pull request when checking `First-time contributor` ( #28237 )
...
Fix #28224
12 months ago
882e502327
Fix comment permissions ( #28213 )
...
This PR will fix some missed checks for private repositories' data on
web routes and API routes.
12 months ago
df1e7d0067
Use db.Find instead of writing methods for every object ( #28084 )
...
For those simple objects, it's unnecessary to write the find and count
methods again and again.
1 year ago
7c0ab8b974
Make CORS work for oauth2 handlers ( #28184 )
...
Fix #25473
Although there was `m.Post("/login/oauth/access_token", CorsHandler()...`,
it never really worked, because it still lacks the "OPTIONS" handler.
1 year ago
37ed92d6fd
Revert "Fix EOL handling in web editor" ( #28101 )
...
Reverts go-gitea/gitea#27141
close #28097
1 year ago
08552f0076
Add edit option for README.md ( #28071 )
...
Fix #28059
1 year ago
e88377470a
Fix project counter in organization/individual profile ( #28068 )
...
Fix #28052
Before:
After:
1 year ago
48b9d98593
Fix viewing wiki commit on empty repo ( #28040 )
...
Fixes https://codeberg.org/forgejo/forgejo/issues/1758
For some weird reason we need to cast this nil.
1 year ago
c6366089df
Dont leak private users via extensions ( #28023 )
1 year ago
089ac06969
Improve profile for Organizations ( #27982 )
...
Fixes some problems in #27955 :
- autofocus of the search box
before:
if access the home page will jump to the search box
after:
will not jump to the search box
- incorrect display of overview tab
before:
after:
- improve the permission check to the private profile repo
In #26295 , we simply added access control to the private profile.
But if user have access to the private profile repo , we should also
display the profile.
- add a button which can jump to the repo list?
I agree @wxiaoguang 's opinion here:
https://github.com/go-gitea/gitea/pull/27955#issuecomment-1803178239
But it seems that this feature is sponsored.
So can we add a button which can quickly jump to the repo list or just
move profile to the `overview` page?
---------
Co-authored-by: silverwind <me@silverwind.io>
1 year ago
603573366a
Add Profile Readme for Organisations ( #27955 )
...
https://blog.gitea.com/release-of-1.20.0/#-user-profile-readme-23260
(#23260 ) did introduce Profile Readme for Users.
This makes it usable for Organisations:
---
*Sponsored by Kithara Software GmbH*
---------
Co-authored-by: silverwind <me@silverwind.io>
Co-authored-by: KN4CK3R <admin@oldschoolhack.me>
1 year ago
16ba16dbe9
Allow to set explore page default sort ( #27951 )
...
as title
---
*Sponsored by Kithara Software GmbH*
1 year ago
f48a863b99
Fix citation error when the file size is larger than 1024 bytes ( #27958 )
...
Mentioned in:
https://github.com/go-gitea/gitea/pull/27931#issuecomment-1798016960
Same to #25131 , so use the same method to fix this problem.
1 year ago
8557a9455b
Revert #27870 ( #27917 )
...
Now that we have #27798 we don't need the check from #27870 anymore.
With the check it's not possible to remove an inactive auth source from
the user.
1 year ago
1bf5527eac
Refactor Find Sources and fix bug when view a user who belongs to an unactive auth source ( #27798 )
...
The steps to reproduce it.
First, create a new oauth2 source.
Then, a user login with this oauth2 source.
Disable the oauth2 source.
Visit users -> settings -> security, 500 will be displayed.
This is because this page only load active Oauth2 sources but not all
Oauth2 sources.
1 year ago
0ba4ecc3bd
Fix http protocol auth ( #27875 )
1 year ago
e378545f30
Filter inactive auth sources ( #27870 )
...
Fix nil access for inactive auth sources.
> Render failed, failed to render template:
user/settings/security/security, error: template error:
builtin(static):user/settings/security/accountlinks:32:20 : executing
"user/settings/security/accountlinks" at <$providerData.IconHTML>: nil
pointer evaluating oauth2.Provider.IconHTML
Code tries to access the auth source of an `ExternalLoginUser` but the
list contains only the active auth sources.
1 year ago
1756e30e10
Allow pull requests Manually Merged option to be used by non-admins ( #27780 )
...
Currently this feature is only available to admins, but there is no
clear reason why. If a user can actually merge pull requests, then this
seems fine as well.
This is useful in situations where direct pushes to the repository are
commonly done by developers.
---------
Co-authored-by: delvh <dev.lh@web.de>
1 year ago
e544a277fe
Fix the missing repo count in new team page and edit team page ( #27743 )
...
Follow #26942
Before:
After:
1 year ago
ce83609ff6
Upgrade to golangci-lint@v1.55.0 ( #27756 )
...
https://github.com/golangci/golangci-lint/releases/tag/v1.55.0
1 year ago
61d94b247a
Fix `link-action` redirect network error ( #27734 )
...
<img width="823" alt="image"
src="https://github.com/go-gitea/gitea/assets/70063547/99da3d5a-c28a-4fd0-8ae0-88461a9142e2 ">
---------
Co-authored-by: 6543 <6543@obermui.de>
1 year ago
881806a50b
Replace -1 with GhostUserID ( #27703 )
1 year ago
adbc995c34
Show total TrackedTime on issue/pull/milestone lists ( #26672 )
...
TODOs:
- [x] write test for `GetIssueTotalTrackedTime`
- [x] frontport kitharas template changes and make them mobile-friendly
---
---
*Sponsored by Kithara Software GmbH*
1 year ago
3dc0c962bf
Delete repos of org when purge delete user ( #27273 )
...
Fixes https://codeberg.org/forgejo/forgejo/issues/1514
I had to remove `RenameOrganization` to avoid circular import.
We should really add some foreign keys to the database.
1 year ago
0a2b93d411
Fix typo "GetLatestRunnerToken" ( #27680 )
1 year ago
8abc1aae4a
Improve the list header in milestone page ( #27302 )
...
The ui of list header in milestone page is not same as issue and pr list
page.
And they are using different template codes which can be merged into
one.
Before:
After:
---------
Co-authored-by: puni9869 <80308335+puni9869@users.noreply.github.com>
1 year ago
cddf245c12
Replace more db.DefaultContext ( #27628 )
...
Target #27065
1 year ago
7480aacdad
Fix 404 when there is an internal version of package ( #27615 )
...
close #27601
The Docker registry has an internal version, which leads to 404
1 year ago
76a85a4ce9
Final round of `db.DefaultContext` refactor ( #27587 )
...
Last part of #27065
1 year ago
c6c829fe3f
Enhanced auth token / remember me ( #27606 )
...
Closes #27455
> The mechanism responsible for long-term authentication (the 'remember
me' cookie) uses a weak construction technique. It will hash the user's
hashed password and the rands value; it will then call the secure cookie
code, which will encrypt the user's name with the computed hash. If one
were able to dump the database, they could extract those two values to
rebuild that cookie and impersonate a user. That vulnerability exists
from the date the dump was obtained until a user changed their password.
>
> To fix this security issue, the cookie could be created and verified
using a different technique such as the one explained at
https://paragonie.com/blog/2015/04/secure-authentication-php-with-long-term-persistence#secure-remember-me-cookies .
The PR removes the now obsolete setting `COOKIE_USERNAME`.
1 year ago
328da56a28
Don't show Link to TOTP if not set up ( #27585 )
1 year ago
73b63d9311
Replace ajax with fetch, improve image diff ( #27267 )
...
1. Dropzone attachment removal, pretty simple replacement
2. Image diff: The previous code fetched every image twice, once via
`img[src]` and once via `$.ajax`. Now it's only fetched once and a
second time only when necessary. The image diff code was partially
rewritten.
---------
Co-authored-by: Giteabot <teabot@gitea.io>
1 year ago
ebe803e514
Penultimate round of `db.DefaultContext` refactor ( #27414 )
...
Part of #27065
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
1 year ago
7b79be24ca
Fix panic in storageHandler ( #27446 )
...
storageHandler() is written as a middleware but is used as an endpoint
handler, and thus `next` is actually `nil`, which causes a null pointer
dereference when a request URL does not match the pattern (where it
calls `next.ServerHTTP()`).
Example CURL command to trigger the panic:
```
curl -I "http://yourhost/gitea//avatars/a "
```
Fixes #27409
---
Note: the diff looks big but it's actually a small change - all I did
was to remove the outer closure (and one level of indentation) ~and
removed the HTTP method and pattern checks as they seem redundant
because go-chi already does those checks~. You might want to check "Hide
whitespace" when reviewing it.
Alternative solution (a bit simpler): append `, misc.DummyOK` to the
route declarations that utilize `storageHandler()` - this makes it
return an empty response when the URL is invalid. I've tested this one
and it works too. Or maybe it would be better to return a 400 error in
that case (?)
1 year ago
13d5d2e711
Remove redundant `len` check around loop ( #27464 )
...
This pull request is a minor code cleanup.
From the Go specification (https://go.dev/ref/spec#For_range ):
> "1. For a nil slice, the number of iterations is 0."
> "3. If the map is nil, the number of iterations is 0."
`len` returns 0 if the slice or map is nil
(https://pkg.go.dev/builtin#len ). Therefore, checking `len(v) > 0`
before a loop is unnecessary.
---
At the time of writing this pull request, there wasn't a lint rule that
catches these issues. The closest I could find is
https://staticcheck.dev/docs/checks/#S103
Signed-off-by: Eng Zer Jun <engzerjun@gmail.com>
1 year ago
9f8d59858a
Refactor system setting ( #27000 )
...
This PR reduces the complexity of the system setting system.
It only needs one line to introduce a new option, and the option can be
used anywhere out-of-box.
It is still high-performant (and more performant) because the config
values are cached in the config system.
1 year ago
fe68bbeea0
When comparing with an non-exist repository, return 404 but 500 ( #27437 )
1 year ago
cc5df26680
Even more `db.DefaultContext` refactor ( #27352 )
...
Part of #27065
---------
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
1 year ago
e709bc199f
Differentiate between `push` and `pull` `mirror sync in progress` ( #27390 )
...
Previously, if you had both a push and a pull mirror, the message did
not clarify if you've accidentally synchronized the wrong one.
Additionally fixed two typos that were encountered while debugging.
## Screenshots
1 year ago
e4313feefd
Document the line-number counting behavior ( #27386 )
...
Ref #27377
1 year ago
50070550a8
Hide archived labels when filtering by labels on the issue list ( #27115 )
...
Followup https://github.com/go-gitea/gitea/pull/26820
## Archived labels UI for issue filter and issue filter actions for
issues/pull request pages.
Changed:
* Enhanced the Issue filter and Issue filter actions UI page to
seamlessly incorporate a list of archived labels.
* Pagination functionality is same as before. If archived label checkbox
is checked then we are adding a query string`archived=true` in the url
to save the state of page.
* Issue filter actions menu is separated into different template.
* Adding the archived flag in issue url labels.
* Pull Request page is also work the same.
Outsourced:
* Defer the implementation of specialized handling for archived labels
to upcoming pull requests. This step will be undertaken subsequent to
the successful merge of this pull request.
Screenshots
### Issue page
<img width="1360" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/d7efb2ef-5b2b-449d-83f0-d430a32ec432 ">
### Issue page with label filter on archived label checkbox when not
checked --> No archived label is there in list
<img width="1249" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/ceea68ef-91f2-4693-910f-2e25e236bfc9 ">
### Issue page with label filter on archived label checkbox when checked
--> Show archived label in the list.
<img width="710" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/2414d26b-2079-4c3c-bd9e-f2f5411bcabf ">
### Issue page with label filter on issue action menu on archived label
checkbox when checked --> Show archived label in the list.
<img width="409" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/259cac87-3e21-4778-99a2-a6a0b8c81178 ">
### Applied the archived=true in Issue labels when archived checkbox is
checked.
<img width="984" alt="image"
src="https://github.com/go-gitea/gitea/assets/80308335/657ce3db-c0ae-402e-b12d-3b580d3c2ed0 ">
---
Part of https://github.com/go-gitea/gitea/issues/25237
---------
Signed-off-by: puni9869 <punitinani1@hotmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Giteabot <teabot@gitea.io>
1 year ago
6e87a44034
Allow get release download files and lfs files with oauth2 token format ( #26430 )
...
Fix #26165
Fix #25257
1 year ago
393193a3e0
Fix repo count in org action settings ( #27245 )
...
Only in org action settings, repo count is missing
Before:
In other setting page:
After:
1 year ago
65e09a303e
Introduce fixes and more rigorous tests for 'Show on a map' feature ( #26803 )
...
This change introduces a fix for the PR #26214 to set the UserLocationMapURL correctly.
1 year ago
2a2b0cb1d2
rename TotalTimes() to TotalTimesForEachUser() ( #27261 )
...
make function name more descriptive as it would otherwise imply it could
be used for e.g. #26672 too ...
---
*Sponsored by Kithara Software GmbH*
1 year ago
cf0df023be
More `db.DefaultContext` refactor ( #27265 )
...
Part of #27065
This PR touches functions used in templates. As templates are not static
typed, errors are harder to find, but I hope I catch it all. I think
some tests from other persons do not hurt.
1 year ago
3945c26722
Improve tree not found page ( #26570 )
...
Before:
After:
In Github:
https://github.com/yp05327/test/blob/main/test.drawio
Updated:
UI changed
---------
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
1 year ago
Lunny Xiao
KN4CK3R
JakobDev
yp05327
wxiaoguang
Nanguan Lin
6543
Brecht Van Lommel
853
silverwind
Jason Song
Sergey Zolotarev
Eng Zer Jun
delvh
puni9869
Panagiotis "Ivory" Vasilopoulos
6543