Commit graph

1635 commits

Author SHA1 Message Date
Earl Warren 6f825ab156 Merge pull request '[gitea] week 2024-47-v9.0 cherry pick (gitea/main -> v9.0/forgejo)' (#5998) from earl-warren/wcp/2024-47-v9.0 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5998
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-11-18 18:30:46 +00:00
Gusted 0ca5b8496b fix: check read permissions for code owner review requests
- Only send a review request based on the code owner file if the code
owner user has read permissions to the pull requests of that repository.
- This avoids leaking title of PRs from private repository when a
CODEOWNER file is present which contains users that do not have access
to the private repository.
- Found by @oliverpool.
- Integration test added.

(cherry picked from commit 693f7731f9)
2024-11-17 19:19:11 +00:00
Lunny Xiao 8cec637d08
Disable Oauth check if oauth disabled (#32368)
Fix #32367

---------

Co-authored-by: Giteabot <teabot@gitea.io>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
(cherry picked from commit 840ad7eefe2b49ab453b9a89b153a264a8c9f8a2)

Conflicts:
	services/auth/oauth2.go
  trivial context conflict
2024-11-17 11:48:37 +01:00
Gusted 90e05e7d52 bug: correctly generate oauth2 jwt signing key
- When RS256, RS384, ES384, ES512 was specified as the JWT signing
algorithm they would generate RS512 and ES256 respectively.
- Added unit test.

(cherry picked from commit 7d59060dc6)
2024-11-16 17:07:01 +00:00
Gusted 42f3644409
fix: disallow basic authorization when security keys are enrolled
- This unifies the security behavior of enrolling security keys with
enrolling TOTP as a 2FA method. When TOTP is enrolled, you cannot use
basic authorization (user:password) to make API request on behalf of the
user, this is now also the case when you enroll security keys.
- The usage of access tokens are the only method to make API requests on
behalf of the user when a 2FA method is enrolled for the user.
- Integration test added.

(cherry picked from commit e6bbecb02d)
2024-11-15 11:33:45 +01:00
Gusted 1770117178
fix: extend forgejo_auth_token table
- Add a `purpose` column, this allows the `forgejo_auth_token` table to
be used by other parts of Forgejo, while still enjoying the
no-compromise architecture.
- Remove the 'roll your own crypto' time limited code functions and
migrate them to the `forgejo_auth_token` table. This migration ensures
generated codes can only be used for their purpose and ensure they are
invalidated after their usage by deleting it from the database, this
also should help making auditing of the security code easier, as we're
no longer trying to stuff a lot of data into a HMAC construction.
-Helper functions are rewritten to ensure a safe-by-design approach to
these tokens.
- Add the `forgejo_auth_token` to dbconsistency doctor and add it to the
`deleteUser` function.
- TODO: Add cron job to delete expired authorization tokens.
- Unit and integration tests added.

(cherry picked from commit 1ce33aa38d)

v9: Removed migration - XORM can handle this case automatically without
migration. Add `DEFAULT 'long_term_authorization'`.
2024-11-15 11:33:17 +01:00
Gusted 1379914c45
Improve usage of HMAC output for mailer tokens
- If the incoming mail feature is enabled, tokens are being sent with
outgoing mails. These tokens contains information about what type of
action is allow with such token (such as replying to a certain issue
ID), to verify these tokens the code uses the HMAC-SHA256 construction.
- The output of the HMAC is truncated to 80 bits, because this is
recommended by RFC2104, but RFC2104 actually doesn't recommend this. It
recommends, if truncation should need to take place, it should use
max(80, hash_len/2) of the leftmost bits. For HMAC-SHA256 this works out
to 128 bits instead of the currently used 80 bits.
- Update to token version 2 and disallow any usage of token version 1,
token version 2 are generated with 128 bits of HMAC output.
- Add test to verify the deprecation of token version 1 and a general
MAC check test.

(cherry picked from commit 9508aa7713)
2024-11-15 11:33:08 +01:00
Lunny Xiao 770fa89dc8 [PORT] Fix code owners will not be mentioned when a pull request comes from a forked repository (gitea#30476)
Fix #30277
Caused by #29783

---

- Resolves #5842
- Regression from #2855

(cherry picked from commit c63060b130d34e3f03f28f4dccbf04d381a95c17)
(cherry picked from commit 2efc1f5686)
2024-11-09 18:43:37 +00:00
Earl Warren d624a5edd6 fix: Actions PR workflows must update the commit status
When a workflow has

on:
  pull_request:
    types:
      - labeled
      - unlabeled

The outcome of the workflow (success or failure) must be associated
with the head sha commit status. Otherwise it cannot be used as a
requirement for merging the pull request (branch protections).

(cherry picked from commit 66c85b7d8b)
2024-11-04 14:10:27 +00:00
Earl Warren 11f71dcb09 fix: add label to issues and PR labeled/unlabeled events
When a workflow has

on:
  pull_request:
    types:
      - labeled
      - unlabeled

The payload misses the label field describing the added or removed
label.

The unlabeled event type was also incorrectly mapped to the labeled
event type.

(cherry picked from commit 58e3c1fbdb)
2024-11-04 14:10:27 +00:00
Michael Kriese 0c0fd333f3 fix: support www.github.com for migrations
(cherry picked from commit 284ffe4e00)
2024-11-03 17:28:30 +00:00
Earl Warren e4dac6a6ab Merge pull request '[v9.0/forgejo] add permission check to 'delete branch after merge'' (#5721) from bp-v9.0/forgejo-266e0b2 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5721
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-28 07:24:05 +00:00
Gusted 618eb8e72a security: add permission check to 'delete branch after merge'
- Add a permission check that the doer has write permissions to the head
repository if the the 'delete branch after merge' is enabled when
merging a pull request.
- Unify the checks in the web and API router to `DeleteBranchAfterMerge`.
- Added integration tests.

(cherry picked from commit 266e0b2ce9)
2024-10-28 06:04:45 +00:00
Lunny Xiao 9c6f2a132d
Add warn log when deleting inactive users (#32318)
Add log for the problem #31480

(cherry picked from commit a264c46fb04112c5ec2c1b2acd523a2e4450da40)

Conflicts:
	- services/user/user.go
	  Resolved by manually adding the log line.
2024-10-27 11:54:36 +01:00
Zettat123 4fe311e7c0
Update scheduled tasks even if changes are pushed by "ActionsUser" (#32246)
Fix #32219

---------

Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit 81aec6d621a3ea0dfb02d3b4d20b9be77c30c6ab)
2024-10-22 07:28:30 +02:00
dragon fa307f06ac fix arch pkg
(cherry picked from commit 95c7599db5)
2024-10-21 05:10:13 +00:00
JakobDev acd7e57295 fix: correct documentation for non 200 responses in swagger
(cherry picked from commit fcc3dd228d)
2024-10-15 20:05:40 +00:00
Gusted fe35a17dbe [BUG] Don't allow owner team with incorrect unit access
- On editting a team, only update the units if the team isn't the
'Owners' team. Otherwise the 'Owners' team end up having all of their
unit access modes set to 'None'; because the request form doesn't send
over any units, as it's simply not shown in the UI.
- Adds a database inconstency check and fix for the case where the
'Owners' team is affected by this bug.
- Adds unit test.
- Adds integration test.
- Resolves #5528
- Regression of https://github.com/go-gitea/gitea/pull/24012

(cherry picked from commit 9de9034400)
2024-10-14 19:59:17 +00:00
Kwonunn d2d161ad28 fix: don't cancel schedule workflows on push to main branch
(cherry picked from commit b20c0b1469)
2024-10-13 12:25:59 +00:00
Earl Warren 044cd5cf7e Merge pull request '[v9.0/forgejo] Fix bug when a token is given public only' (#5526) from earl-warren/forgejo:wip-v9.0-public-scope into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5526
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-11 20:16:28 +00:00
Kwonunn 3cd20d7d37 log concise repo names in lfs doctor
the old log prints the entire repo object

(cherry picked from commit 15a407a617)
2024-10-11 14:26:53 +00:00
Lunny Xiao ea5a8c7809
Fix bug when a token is given public only
Port of https://github.com/go-gitea/gitea/pull/32204

(cherry picked from commit d6d3c96e6555fc91b3e2ef21f4d8d7475564bb3e)

Conflicts:
  routers/api/v1/api.go
	services/context/api.go
  trivial context conflicts
(cherry picked from commit a052d2b602)

Conflicts:
	routers/api/v1/user/user.go
  trivial context conflict (search by email is not in v9.0)
2024-10-11 05:24:23 +03:00
Kidsan e2ffe12e50 fix: improve discord webhook api conformance
This commit corrects some cases in the discord webhook payload that do
not align with the discord documentation

(cherry picked from commit 6ea6f224b8)
2024-10-09 16:07:34 +00:00
Kidsan 2c0c6f408e fix: add length limit to discord webhook icon_url
(cherry picked from commit cf3ebab4ba)
2024-10-09 16:07:34 +00:00
Zettat123 700e9f027b
Fix the logic of finding the latest pull review commit ID (#32139)
Fix #31423

(cherry picked from commit f4b8f6fc40ce2869135372a5c6ec6418d27ebfba)

Conflicts:
	models/fixtures/comment.yml
  comment fixtures have to be shifted because there is one more in Forgejo
2024-10-06 11:34:08 +02:00
Earl Warren f1e413eb7c Merge pull request '[gitea] week 2024-40-v9.0 cherry pick (gitea/main -> v9.0/forgejo)' (#5418) from earl-warren/wcp/2024-40-v9.0 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5418
Reviewed-by: Otto <otto@codeberg.org>
2024-10-01 07:51:16 +00:00
Earl Warren 00749b3a8f fix: referenced sha256:* container images may be deleted
The inventory of the sha256:* images and the manifest index that
reference them is incomplete because it does not take into account any
image older than the expiration limit. As a result some sha256:* will
be considered orphaned although they are referenced from a manifest
index that was created more recently than the expiration limit.

There must not be any filtering based on the creation time when
building the inventory. The expiration limit must only be taken into
account when deleting orphaned images: those that are more recent than
the expiration limit must not be deleted.

This limit is specially important because it protects against a race
between a cleanup task and an ongoing mirroring task. A mirroring
task (such as skopeo sync) will first upload sha256:* images and then
create the corresponding manifest index. If a cleanup races against
it, the sha256:* images that are not yet referenced will be deleted
without skopeo noticing and the published index manifest that happens
at a later time will contain references to non-existent images.

(cherry picked from commit 0a5fd7fdb8)
2024-09-30 16:46:11 +00:00
Lunny Xiao 0a0a3cea1b
Fix bug when deleting a migrated branch (#32075)
After migrating a repository with pull request, the branch is missed and
after the pull request merged, the branch cannot be deleted.

(cherry picked from commit 5a8568459d22e57cac506465463660526ca6a08f)

Conflicts:
	services/repository/branch.go
  conflict because of [GITEA] Fix typo in formatting error e71b5a038e
2024-09-29 11:51:47 +02:00
Kemal Zebari e1e7299bd9
Truncate commit message during Discord webhook push events (#31970)
Resolves #31668.

(cherry picked from commit aadbe0488f454b9f7f5a56765f4530f9d1e2c6ec)
2024-09-29 11:50:27 +02:00
Earl Warren 5442b0a6b1 Merge pull request '[v9.0/forgejo] feat: add architecture-specific removal support for arch package' (#5407) from bp-v9.0/forgejo-89742c4 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5407
2024-09-27 12:09:01 +00:00
Exploding Dragon 658ed564cb feat: add architecture-specific removal support for arch package (#5351)
- [x] add architecture-specific removal support
- [x] Fix upload competition
- [x] Fix not checking input when downloading

docs: https://codeberg.org/forgejo/docs/pulls/874

### Release notes

- [ ] I do not want this change to show in the release notes.

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5351
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
(cherry picked from commit 89742c4913)
2024-09-27 08:29:09 +00:00
Earl Warren 5b6d8a303d Refactor CSRF protector (#32057) (fix forgejo tests)
Fix the tests unique to Forgejo that are impacted by the refactor.

(cherry picked from commit 6275d1bc50)
2024-09-27 08:13:29 +00:00
wxiaoguang d26b7902ec Refactor CSRF protector (#32057)
Remove unused CSRF options, decouple "new csrf protector" and "prepare"
logic, do not redirect to home page if CSRF validation falis (it
shouldn't happen in daily usage, if it happens, redirecting to home
doesn't help either but just makes the problem more complex for "fetch")

(cherry picked from commit 1fede04b83288d8a91304a83b7601699bb5cba04)

Conflicts:
	options/locale/locale_en-US.ini
	tests/integration/repo_branch_test.go
  trivial context conflicts
(cherry picked from commit 1ae3b127fc)
2024-09-27 08:13:29 +00:00
KN4CK3R 232179aa3d Do not escape relative path in RPM primary index (#32038)
Fixes #32021

Do not escape the relative path.

(cherry picked from commit f528df944bb9436afcb9272add2ee0cccefbdb55)
(cherry picked from commit 0cafec4c7a)
2024-09-27 08:13:29 +00:00
Exploding Dragon a6508f5b03 Fix: database not updated when using git push --tags --force (#5319)
Closes #4274

link: https://github.com/go-gitea/gitea/pull/32040

### Release notes

- [ ] I do not want this change to show in the release notes.

<!--start release-notes-assistant-->

## Draft release notes
<!--URL:https://codeberg.org/forgejo/forgejo-->
- Bug fixes
  - [PR](https://codeberg.org/forgejo/forgejo/pulls/5319): <!--number 5319 --><!--line 0 --><!--description Rml4OiBkYXRhYmFzZSBub3QgdXBkYXRlZCB3aGVuIHVzaW5nIGBnaXQgcHVzaCAtLXRhZ3MgLS1mb3JjZWA=-->Fix: database not updated when using `git push --tags --force`<!--description-->
<!--end release-notes-assistant-->

Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5319
Reviewed-by: Otto <otto@codeberg.org>
Co-authored-by: Exploding Dragon <explodingfkl@gmail.com>
Co-committed-by: Exploding Dragon <explodingfkl@gmail.com>
2024-09-22 07:35:25 +00:00
Kemal Zebari eb765dabfd
Handle invalid target when creating releases using API (#31841)
A 500 status code was thrown when passing a non-existent target to the
create release API. This snapshot handles this error and instead throws
a 404 status code.

Discovered while working on #31840.

(cherry picked from commit f05d9c98c4cb95e3a8a71bf3e2f8f4529e09f96f)
2024-09-14 18:45:18 +02:00
charles-plutohealth 5af168fb92
Fix /repos/{owner}/{repo}/pulls/{index}/files endpoint not populating previous_filename (#32017)
---
`status == "rename"` should have read `status == "renamed"`. The typo
means that file.PreviousFilename would never be populated, which e.g.
breaks usage of the Github Action at
https://github.com/dorny/paths-filter.

(cherry picked from commit 7c6edf1ba06d4c3269eaa78f4039c9123b006c51)
2024-09-14 17:53:55 +02:00
Jason Song 2da0ebbd23
Support allowed hosts for migrations to work with proxy (#32025)
(cherry picked from commit 125679f2e14cdc8a26a147f7e8fd0e5f174fb5cb)
2024-09-14 17:52:54 +02:00
Moritz Kobel 7724559a8e migrate scoped gitlab labels as scoped forgejo labels
* fix handling of scoped labels
* change gitlab migration test repo from gitea to forgejo
* rewrite test for new gitlab test_repo, add scoped labels
2024-09-08 09:13:02 +00:00
Radosław Piliszek f0a6ea454f chore: remove extra go-sqlite3 imports
go-sqlite3 is already properly included conditionally within the
`modules/setting` package.
2024-09-06 09:36:08 +00:00
Zettat123 1751825256
Handle "close" actionable references for manual merges (#31879)
Fix #31743

(cherry picked from commit 725a3ed9ad110f8354303140f527326c64f42dc8)
2024-09-01 08:07:27 +02:00
Gusted c87655b7ff Merge pull request '[CHORE] Move cache & captcha library' (#5146) from gusted/forgejo-captcha into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5146
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-29 08:02:09 +00:00
Gusted 5a871f6095
[SEC] Ensure propagation of API scopes for Conan and Container authentication
- The Conan and Container packages use a different type of
authentication. It first authenticates via the regular way (api tokens
or user:password, handled via `auth.Basic`) and then generates a JWT
token that is used by the package software (such as Docker) to do the
action they wanted to do. This JWT token didn't properly propagate the
API scopes that the token was generated for, and thus could lead to a
'scope escalation' within the Conan and Container packages, read
access to write access.
- Store the API scope in the JWT token, so it can be propagated on
subsequent calls that uses that JWT token.
- Integration test added.
- Resolves #5128
2024-08-28 10:33:32 +02:00
Gusted bf0d100b84
[CHORE] Move cache library
- This is in the spirit of #5090.
- Move to a fork of gitea.com/go-chi/cache,
code.forgejo.org/go-chi/cache. It removes unused code (a lot of
adapters, that can't be used by Forgejo) and unused dependencies (see
go.sum). Also updates existing dependencies.
8c64f1a362..main
2024-08-27 21:28:56 +02:00
Gusted 0404662e99
[CHORE] Move captcha library
- This is a fork of https://github.com/dchest/captcha, as
https://gitea.com/go-chi/captcha is a fork of
github.com/go-macaron/captcha which is a fork (although not properly
credited) of a older version of https://github.com/dchest/captcha. Hence
why I've just forked the original.
- The fork includes some QoL improvements (uses standard library for
determistic RNG instead of rolling your own crypto), and removal of
audio support (500KiB unused data that bloated the binary otherwise).
Flips the image over the x-asis.
47270f2b55..main
- This move is needed for the next commit, because
gitea.com/go-chi/captcha included the gitea.com/go-chi/cache dependency.
2024-08-27 21:28:16 +02:00
Earl Warren 9addaedaf3 Merge pull request '[gitea] week 2024-35 cherry pick (gitea/main -> forgejo)' (#5109) from algernon/wcp/2024-35 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5109
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-27 06:09:19 +00:00
Otto Richter 94af0e53e5 fix: correct doctor commands and rename to forgejo
The syntax is `doctor check --run` , see https://forgejo.org/docs/latest/admin/command-line/#doctor
2024-08-27 02:40:55 +02:00
Otto e5ea08b38b Merge pull request 'feat: Improve diffs generated by Forgejo' (#5110) from fnetx/better-diffs into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5110
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-08-26 18:47:21 +00:00
Gusted d623126103 Merge pull request '[PORT] Refactor the usage of batch catfile (gitea#31754)' (#5122) from gusted/forgejo-port-gt-31754 into forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5122
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-08-26 16:04:47 +00:00
Gusted 58ee9fdc4a feat: Improve diff being generated
Add `DiffCleanupSemantic` into the mix when generated diffs (PR review,
commit view and issue/comment history). This avoids trying to produce a
optimal diff and tries to reduce the amount of edits, by combing them
into larger edits, which is nicer and easier to 'look at'. There's no
need for a perfect minimal diff, as the output isn't being parsed by a
computer, it's parsed by people.

Ref: https://codeberg.org/forgejo/forgejo/issues/4996
2024-08-26 13:58:17 +02:00