Commit graph

21118 commits

Author SHA1 Message Date
Earl Warren 1dc03cc1c3 Merge pull request '[v9.0/forgejo] use constant time check for internal token' (#5724) from bp-v9.0/forgejo-53231ba into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5724
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-28 08:03:48 +00:00
Earl Warren e4dac6a6ab Merge pull request '[v9.0/forgejo] add permission check to 'delete branch after merge'' (#5721) from bp-v9.0/forgejo-266e0b2 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5721
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-28 07:24:05 +00:00
Earl Warren ff585d0a20 Merge pull request '[gitea] week 2024-44-v9.0 cherry pick (gitea/main -> v9.0/forgejo)' (#5715) from earl-warren/wcp/2024-44-v9.0 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5715
2024-10-28 06:59:58 +00:00
Gusted 5f9a2ad1db fix(sec): use constant time check for internal token
(cherry picked from commit 53231bad61)
2024-10-28 06:17:25 +00:00
Gusted 618eb8e72a security: add permission check to 'delete branch after merge'
- Add a permission check that the doer has write permissions to the head
repository if the the 'delete branch after merge' is enabled when
merging a pull request.
- Unify the checks in the web and API router to `DeleteBranchAfterMerge`.
- Added integration tests.

(cherry picked from commit 266e0b2ce9)
2024-10-28 06:04:45 +00:00
Earl Warren d763886dae
chore(release-notes): notes for the week 2024-44-v9.0 weekly cherry pick 2024-10-27 12:05:14 +01:00
Lunny Xiao 768402c884
Fix disable 2fa bug (#32320)
(cherry picked from commit 2abdbe88b5d16dcb345d27b73f1d9738f2d826dd)
2024-10-27 11:57:08 +01:00
Lunny Xiao 9c6f2a132d
Add warn log when deleting inactive users (#32318)
Add log for the problem #31480

(cherry picked from commit a264c46fb04112c5ec2c1b2acd523a2e4450da40)

Conflicts:
	- services/user/user.go
	  Resolved by manually adding the log line.
2024-10-27 11:54:36 +01:00
Otto d77096071d Merge pull request '[v9.0/forgejo] fix: use buffered iterate for debian searchpackages' (#5710) from bp-v9.0/forgejo-459ab11 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5710
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-27 01:17:59 +00:00
Gusted f0abba3eef fix: use buffered iterate for debian searchpackages
- The driver being used for PostgreSQL doesn't handle interleaved
queries (you start a query, read some rows and start another query while
you didn't finish that query yet), this is the case with using
`.Iterate` from XORM.
- Switch to a variant of what exist in the current codebase of
`db.Iterate`, which is a simple buffered iteration and doesn't keep
queries open, which allow other database operations to happen.
- Unit test added. This doesn't cover that postgres does not error on
this case, as this is not run with a postgres database.
- Resolves #5696

(cherry picked from commit 459ab11a8a)
2024-10-27 00:10:02 +00:00
Earl Warren 5d211c101f Merge pull request '[v9.0/forgejo] Fix boolean inputs in workflow_dispatch' (#5708) from bp-v9.0/forgejo-96c4ca2 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5708
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-26 06:42:18 +00:00
Mai-Lapyst 01e9ac0561 Fix boolean inputs in workflow_dispatch; closes #5425
(cherry picked from commit 96c4ca249a)
2024-10-26 06:00:50 +00:00
Earl Warren a4e5b1b6bc Merge pull request '[v9.0/forgejo] fix: make branch protection work for new branches' (#5691) from bp-v9.0/forgejo-f5e0259 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5691
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-24 21:09:50 +00:00
Gusted 1f62fe8ae0 fix: make branch protection work for new branches
- If `GetAffectedFiles` is called for a push with an empty oldCommitID,
then set the oldCommitID to the empty tree. This will effictively diff
all the changes included in the push, which is the expected behavior for
branches.
- Integration test added.
- Resolves #5683
- Port of gitea#31778 but implemented differently.

(cherry picked from commit f5e025917f)
2024-10-24 20:21:43 +00:00
Earl Warren 96f0c76648 Merge pull request '[v9.0/forgejo] i18n: update of translations from Codeberg Translate' (#5680) from bp-v9.0/forgejo-f72567e into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5680
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-24 05:21:03 +00:00
Codeberg Translate e37a344ce5 i18n: update of translations from Codeberg Translate (#5583)
Co-authored-by: SomeTr <SomeTr@users.noreply.translate.codeberg.org>
Co-authored-by: eldyj <eldyj@users.noreply.translate.codeberg.org>
Co-authored-by: Benedikt Straub <Nordfriese@users.noreply.translate.codeberg.org>
Co-authored-by: tkbremnes <tkbremnes@users.noreply.translate.codeberg.org>
Co-authored-by: Gusted <postmaster@gusted.xyz>
Co-authored-by: meskobalazs <meskobalazs@users.noreply.translate.codeberg.org>
Co-authored-by: div72 <div72@users.noreply.translate.codeberg.org>
Co-authored-by: xtex <xtexchooser@duck.com>
Co-authored-by: kmpm <kmpm@users.noreply.translate.codeberg.org>
Co-authored-by: Fnurkla <Fnurkla@users.noreply.translate.codeberg.org>
Co-authored-by: Juno Takano <jutty@users.noreply.translate.codeberg.org>
Co-authored-by: Fjuro <fjuro@alius.cz>
Co-authored-by: buhtz <buhtz@users.noreply.translate.codeberg.org>
Co-authored-by: 0ko <0ko@users.noreply.translate.codeberg.org>
Co-authored-by: Dirk <Dirk@users.noreply.translate.codeberg.org>
Co-authored-by: Outbreak2096 <Outbreak2096@users.noreply.translate.codeberg.org>
Co-authored-by: Atul_Eterno <Atul_Eterno@users.noreply.translate.codeberg.org>
Co-authored-by: artnay <artnay@users.noreply.translate.codeberg.org>
Co-authored-by: earl-warren <earl-warren@users.noreply.translate.codeberg.org>
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5583
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
Co-authored-by: Codeberg Translate <translate@noreply.codeberg.org>
Co-committed-by: Codeberg Translate <translate@noreply.codeberg.org>
(cherry picked from commit f72567ee14)
2024-10-24 04:39:43 +00:00
Earl Warren 887a9576b8 Merge pull request '[v9.0/forgejo] link to security policy in security.txt' (#5656) from bp-v9.0/forgejo-d06f1c6 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5656
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-22 18:05:09 +00:00
Earl Warren edd468323f Merge pull request '[v9.0/forgejo] fix: don't show truncated comments in RSS/Atom feeds' (#5655) from bp-v9.0/forgejo-f4a7132 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5655
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-22 17:45:54 +00:00
Otto Richter 4b7f369290 link to security policy in security.txt
(cherry picked from commit d06f1c6856)
2024-10-22 16:51:21 +00:00
Gusted ef8f366734 fix: don't show truncated comments in RSS/Atom feeds
- When a truncated comment is detected in the RSS/Atom feeds, fetch the
comment from the database and use the original content.
- Added integration test.
- Resolves #5650

(cherry picked from commit f4a7132a89)
2024-10-22 16:50:57 +00:00
Earl Warren c5e4694327 Merge pull request '[gitea] week 2024-43-v9.0 cherry pick (gitea/main -> v9.0/forgejo)' (#5647) from earl-warren/wcp/2024-43-v9.0 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5647
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-22 16:47:01 +00:00
Gusted 9471083571 Merge pull request '[v9.0/forgejo] fix: typo on releases for source code downloads' (#5654) from bp-v9.0/forgejo-02f8fad into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5654
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Michael Kriese <michael.kriese@gmx.de>
2024-10-22 15:22:50 +00:00
Michael Kriese 804051b9dd fix: typo on releases for source code downloads
Closes #5648

(cherry picked from commit 02f8fad54d)
2024-10-22 14:03:42 +00:00
Earl Warren 893d0941a8
chore(release-notes): weekly cherry-pick week 2024-43-v9.0 2024-10-22 07:36:59 +02:00
Zettat123 1913399d81
Always update expiration time when creating an artifact (#32281)
Fix #32256

(cherry picked from commit 9116665e9c1c01d882c919fb3058f7fdb695350e)
2024-10-22 07:28:30 +02:00
Zettat123 4fe311e7c0
Update scheduled tasks even if changes are pushed by "ActionsUser" (#32246)
Fix #32219

---------

Co-authored-by: delvh <dev.lh@web.de>
(cherry picked from commit 81aec6d621a3ea0dfb02d3b4d20b9be77c30c6ab)
2024-10-22 07:28:30 +02:00
Otto b8ffb88d1d Merge pull request '[v9.0/forgejo] Revert "add gap between branch dropdown and PR button"' (#5645) from bp-v9.0/forgejo-04e2e15 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5645
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-10-21 22:13:03 +00:00
Otto Richter fd8565c91a Revert "add gap between branch dropdown and PR button"
This change does not bring the desired benefit, because the button is
reinitialized from a Vue component once loaded, overriding this change
and causing a visual glitch upon page load (the button is moving its
position).

See the comment:

> this code must match the code in BranchTagSelector.vue

This button is also used in other places such as the release list where
the additional margin does not fit well. As such, this needs a new
solution.

This reverts commit 18cad9d342.

(cherry picked from commit 04e2e1510d)
2024-10-21 20:44:28 +00:00
Earl Warren c87ff7dc1d Merge pull request '[v9.0/forgejo] package arch database not updating when uploading "any" architecture' (#5636) from bp-v9.0/forgejo-95c7599 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5636
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-21 06:04:38 +00:00
Earl Warren 7d3d8ef142 Merge pull request '[v9.0/forgejo] specify default value for EXPLORE_DEFAULT_SORT.' (#5629) from bp-v9.0/forgejo-f4be4e7 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5629
Reviewed-by: Otto <otto@codeberg.org>
2024-10-21 05:18:20 +00:00
Earl Warren 032bb17899 Merge pull request '[v9.0/forgejo] correct SQL query for active issues' (#5631) from bp-v9.0/forgejo-0055fdb into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5631
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-21 05:16:13 +00:00
dragon fa307f06ac fix arch pkg
(cherry picked from commit 95c7599db5)
2024-10-21 05:10:13 +00:00
Gusted d5c6036c53 fix: correct SQL query for active issues
- The `OR` should be inside the `AND` condition to not 'bypass' the other
conditions.
- Added minimal unit test.
- Regression from 2675a24649

(cherry picked from commit 0055fdbdc4)
2024-10-20 23:31:54 +00:00
Gusted f3b16e1363 fix: Specify default value for EXPLORE_DEFAULT_SORT.
- This is another regression from
5a0bc35799, where the default value was
changed to "alphabetically" because it relied on `ExploreDefaultSort`
providing a fallback value.
- Set the default value for `EXPLORE_DEFAULT_SORT` to `recentupdate`,
this was already the behavior explicitly for existing users of this setting
but with 5a0bc35799 it didn't provide a
explicit fallback to `recentupdate`. So opting for a 'easy' fix, that
doesn't add boilerplate code to those instances.

(cherry picked from commit f4be4e733c)
2024-10-20 23:07:18 +00:00
Gusted 240fbc2661 Merge pull request '[v9.0/forgejo] fix: Add recentupdated as recognized sort option' (#5624) from bp-v9.0/forgejo-df38c41 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5624
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-20 12:38:24 +00:00
Gusted 642dd61446 fix: Add recentupdated as recognized sort option
- Add `recentupdated` to the `OrderByMap`.
- Add integration testing for organization and user repository sorting.
- Resolves #5612
- Regression from 12e23ee199 where the
`recentupdated` case was not added to the map, but was handled
seperately as a fallback. The regression came into affect when
5a0bc35799 also relied on this map but
didn't handle the `recentupdated` case.

(cherry picked from commit df38c41c7a)
2024-10-20 10:58:07 +00:00
Otto c7e52852bb Merge pull request '[v9.0/forgejo] fix: Don't double escape delete branch text' (#5618) from bp-v9.0/forgejo-8c8b31f into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5618
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
Reviewed-by: Otto <otto@codeberg.org>
2024-10-19 22:28:48 +00:00
Gusted 5d85dc2d91 fix: Don't double escape delete branch text
- Don't double escape the 'Delete branch "$BRANCH"' text. `Locale.Tr`
escapes the argument already and Vue does too by default.
- Let Vue escape the text and add a unit test ensuring that it escapes.
- Resolves #5582

(cherry picked from commit 8c8b31f304)
2024-10-19 21:29:27 +00:00
Gusted b692da7f6f Merge pull request 'Update dependency mermaid to v11.3.0 (v9.0/forgejo)' (#5616) from renovate/v9.0/forgejo-mermaid-11.x into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5616
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-19 21:12:44 +00:00
Renovate Bot 2c5d47ec1f Update dependency mermaid to v11.3.0 2024-10-19 20:03:44 +00:00
Otto e740aa05a4 Merge pull request '[v9.0/forgejo] fix: Add server logging for OAuth server errors' (#5596) from bp-v9.0/forgejo-a857007 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5596
Reviewed-by: Gusted <gusted@noreply.codeberg.org>
2024-10-17 10:29:39 +00:00
Gusted fb21899097 fix: Add server logging for OAuth server errors
Although an error was presented to the user about that there's an
internal server error, the error itself is never logged.

Relevant: https://codeberg.org/Codeberg/Community/issues/1675
(cherry picked from commit a857007d65)
2024-10-17 09:47:06 +00:00
Earl Warren 0f7020cbef Merge pull request '[v9.0/forgejo] forgejo-cli is now a symlink and cannot be used for sanity checks' (#5594) from bp-v9.0/forgejo-1a7a905-54c8ac3 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5594
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-17 06:46:15 +00:00
Earl Warren e491b05935 vars.SKIP_END_TO_END optionally skip tests when building a release
The end-to-end tests will always fail when more than one release is
broken. When trying to fix one, the other will get in the way and vice
versa. The only way to get out of this deadlock is to replace all
broken releases but one by doing the following on forgejo-integration:

* set SKIP_END_TO_END to true in the actions vars tab
* pushing a commit to the corresponding branch, fixing the problem

(cherry picked from commit 54c8ac3e39)
2024-10-17 06:00:05 +00:00
Earl Warren 7845659322 forgejo-cli is now a symlink and cannot be used for sanity checks
It could be used but then `cp --dereference` would need to be used instead in
the forgejo-build-publish action.

+ docker cp forgejo-amd64:/app/gitea/forgejo-cli forgejo-9.0-test-linux-amd64
+ chmod +x forgejo-9.0-test-linux-amd64
chmod: cannot operate on dangling symlink 'forgejo-9.0-test-linux-amd64'

(cherry picked from commit 1a7a9055e4)
2024-10-17 06:00:05 +00:00
Earl Warren 9011f73da3 Merge pull request '[v9.0/forgejo] Dockerfile: use alpine:3.20 instead of golang:1.23-alpine3.20' (#5588) from bp-v9.0/forgejo-a99bb2c into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5588
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-16 21:45:29 +00:00
Earl Warren b1ffd0f58f Dockerfile: use alpine:3.20 instead of golang:1.23-alpine3.20
Runtime does not need golang.

(cherry picked from commit a99bb2c61a)
2024-10-16 20:45:09 +00:00
Earl Warren f5d83f395f Merge pull request '[v9.0/forgejo] unnecessary container image layer duplication' (#5586) from bp-v9.0/forgejo-7d779a7 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5586
Reviewed-by: Earl Warren <earl-warren@noreply.codeberg.org>
2024-10-16 20:34:26 +00:00
Earl Warren 348e083227 unecessary container image layer duplication
container images grew by 100MB when

RUN ln /app/gitea/gitea /app/gitea/forgejo-cli

was added because hard links are not preserved.

Use symbolic links instead.

https://tauri.earth/@AliveDevil/113318561067465279
(cherry picked from commit 7d779a7859)
2024-10-16 19:45:35 +00:00
Earl Warren 704910c7e9 Merge pull request '[v9.0/forgejo] fix: correct documentation for non 200 responses in swagger' (#5575) from bp-v9.0/forgejo-fcc3dd2 into v9.0/forgejo
Reviewed-on: https://codeberg.org/forgejo/forgejo/pulls/5575
Reviewed-by: Otto <otto@codeberg.org>
2024-10-16 17:54:00 +00:00