Commit graph

13425 commits

Author SHA1 Message Date
Wim 2a48833f93
Respond with a 401 on git push when password isn't changed yet (#20027)
Fixes #19090

If the user-agent starts with git and user must change password but
hasn't return a 401 with the message.

It must be a 401, git doesn't seem to show the contents of the error message
when we return a 403

Co-authored-by: 6543 <6543@obermui.de>
2022-06-19 20:02:18 +03:00
a1012112796 a4b1967ea3
Fix delete pull head ref for DeleteIssue (#20032) (#20034)
Backport #20032 

In DeleteIssue the PR git head reference should be `/refs/pull/xxx/head` not `/refs/pull/xxx`

Fix #19655

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-06-19 14:37:14 +01:00
wxiaoguang 8733f4b25a
use quoted regexp instead of git fixed-value (#20030)
Backport #20029
2022-06-19 12:55:59 +01:00
6543 a180d945eb
Dump should only copy regular files and symlink regular files (#20015) (#20021)
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-19 10:05:31 +08:00
Wim 36ccb8829b
Return 404 when tag is broken (#20024)
Fixes #19979
2022-06-18 20:29:29 +02:00
zeripath 870d7f90e7 [skip ci] Updated translations via Crowdin 2022-06-18 13:10:18 +00:00
zeripath af7cfdee0e [skip ci] Updated translations via Crowdin 2022-06-18 10:11:27 +00:00
zeripath 90f3365d93
Add fgprof pprof profiler (#20005)
fgprof is a sampling Go profiler that allows you to analyze On-CPU as
well as Off-CPU (e.g. I/O) time together.

Go's builtin sampling CPU profiler can only show On-CPU time, but it's
better than fgprof at that. Go also includes tracing profilers that can
analyze I/O, but they can't be combined with the CPU profiler.

fgprof is designed for analyzing applications with mixed I/O and CPU
workloads. This kind of profiling is also known as wall-clock profiling.

Whilst fgprof can cause significant STW latencies in applications with a
lot of goroutines (> 1-10k), these latencies only occur if the profile
is requested - it doesn't cause a delay by simply being available.

The fgprof profile is mounted on
`http://localhost:6060/debug/fgprof?seconds=3`

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-18 11:04:52 +01:00
zeripath 7fbf002403 [skip ci] Updated translations via Crowdin 2022-06-18 09:10:16 +00:00
zeripath 5d653cc10d
Improve action table indices (#19472) 2022-06-18 04:46:50 -04:00
zeripath dd1ed35f75
Add dbconsistency checks for Stopwatches (#20010)
It appears possible that stopwatches can become orphaned or have been orphaned in
the past.

This PR adds Orphan checks for Stopwatches.

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-18 11:31:00 +08:00
Mohamed Sekour fd0d481de8
fix push mirrors URL are no longer displayed on the UI (#20011)
* fix push mirrors URL are no longer displayed on the UI

Signed-off-by: Mohamed Sekour <mohamed.sekour@exfo.com>

* Update modules/templates/helper.go

Co-authored-by: zeripath <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-18 11:30:26 +08:00
zeripath 8eefe2af45
Empty log queue on flush and close (#19994)
* Empty log queue on flush and close

It is possible for log events to remain in the buffer off the multichannelledlog
and thus not be logged despite close or flush.

This PR simply adds a function to empty the queue before closing or flushing.
(Except when the logger is paused.)

Reference #19982

Signed-off-by: Andrew Thornton <art27@cantab.net>

* and do similar for ChannelledLog

Signed-off-by: Andrew Thornton <art27@cantab.net>

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-18 10:33:13 +08:00
zeripath 46e50bcbfc [skip ci] Updated translations via Crowdin 2022-06-18 00:10:15 +00:00
zeripath ae446b13f9
Stop spurious APIFormat stopwatches logs (#20008)
If there are dangling stopwatches with missing issues there will be repeated
logging of Unable to APIFormat stopwatches. These are unhelpful and instead
we should only log if the error is not an issue not exist error.

And we should also prevent an error on missing issue in GetActiveStopwatch too

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-17 22:47:15 +01:00
zeripath 5d80feb5a6
Fix CountOrphanedLabels in orphan check (#20009)
gitea doctor --run check-db-consistency is currently broken due to an incorrect
and old use of Count() with a string.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-17 22:42:51 +01:00
zeripath 1e9ad8eb21
Write Commit-Graphs in RepositoryDumper (#20004)
When migrating git repositories we should ensure that the commit-graph is written.

Signed-off-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: delvh <dev.lh@web.de>
2022-06-17 21:19:21 +01:00
zeripath ea9997a9dd
Add fetch.writeCommitGraph to gitconfig (#20006)
Add fetch.writeCommitGraph to gitconfig to ensure that a commit-graph will be written
on git fetch calls.

Signed-off-by: Andrew Thornton <art27@cantab.net>
2022-06-17 21:18:35 +01:00
Lunny Xiao 27ba86d283
move agit dependcy (#19998) 2022-06-17 20:17:12 +02:00
wxiaoguang 719eb4a879
Fix a JS error in initRepoCommitLastCommitLoader's entryMap (#19996) 2022-06-17 17:44:35 +08:00
singuliere a036507204
gitconfig: set safe.directory = * (#19870)
Allow git push to work when networked file systems with mixed
ownership are used with Gitea docker images >= 1.16.6 or Gitea
binaries running alongside git versions published after 04/2022.

There are circumstances independent of Gitea (networked file systems
with various permission systems) by which the git repositories managed
by Gitea may have mixed owners. It is not a behavior that Gitea have
control over nor is it a problem as long as the permissions for Gitea to
operate are correct. Gitea instances have been operating under these
conditions for a number of years.

It is detected as a potential security risk ( see
GHSA-vw2c-22j4-2fh2
) by the most recent git versions. However, Gitea always runs git
commands with a current directory matching the repository on
which it operates. That makes Gitea immune from this security problem
and it is safe to ignore the mixed owner permission check.

This gitconfig modification is done on a file dedicated to the user
exclusively used by Gitea.

Fixes: #19455

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: zeripath <art27@cantab.net>
2022-06-17 06:49:38 +01:00
Lunny Xiao bdde56c95c
Fix Readme render bug (#19992)
Fix #19988 

Co-authored-by: zeripath <art27@cantab.net>
2022-06-17 06:48:10 +01:00
Lunny Xiao 1e05adfc3e
Delete duplicated update btn on pull request view page (#19993)
Fix #19987
2022-06-17 05:52:06 +01:00
oGi4i 9068c784c8
Use DisplayName() instead of FullName in Oauth provider (#19991)
Use DisplayName() in Oauth as this provides a fallback if FullName is not set.

Closes #19382
2022-06-16 23:29:54 +01:00
a1012112796 e3e06d13af
fix permission check for delete tag (#19985)
fix #19970

by the way, fix some error response about protected tags.

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-06-16 22:03:03 +02:00
wxiaoguang 89b0aac374 [skip ci] Updated translations via Crowdin 2022-06-16 16:10:29 +00:00
wxiaoguang 157b405753
Remove legacy git code (ver < 2.0), fine tune markup tests (#19930)
* clean git support for ver < 2.0

* fine tune tests for markup (which requires git module)

* remove unnecessary comments

* try to fix tests

* try test again

* use const for GitVersionRequired instead of var

* try to fix integration test

* Refactor CheckAttributeReader to make a *git.Repository version

* update document for commit signing with Gitea's internal gitconfig

* update document for commit signing with Gitea's internal gitconfig

Co-authored-by: Andrew Thornton <art27@cantab.net>
Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-16 23:47:44 +08:00
Gusted 70ce051f1a [skip ci] Updated translations via Crowdin 2022-06-16 15:10:36 +00:00
Gusted 36127a3336
Don't prevent overflow on y-as (#19978)
- Fomantic tries to prevent overflowing on the `y/x`-as by default on
stackable menu's on mobile screens. We already solve this issue by
forcing overflow on x as and hide it on y as(due to some issues with
other menu's), since https://github.com/go-gitea/gitea/pull/19486.
- However this edge case does require a y-overflow to show the dropdown,
because you cannot easily adjust this with CSS, once you're fiddling
with overflow's (https://stackoverflow.com/a/6433475). However
interesting behavior is noted
https://css-tricks.com/popping-hidden-overflow/ when you remove the
position: relative, it will suddenly work again. Well because this is
the only solution without redesigning dropdowns, I think we can live
with the side-effect of the dropdown items being full-width instead
"relative" width to their parent.
- Resolves #19976

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-16 22:49:22 +08:00
a1012112796 d05fb6f6c9 [skip ci] Updated translations via Crowdin 2022-06-16 14:10:29 +00:00
a1012112796 a6b7c3646a
fix go to file link for mirror repository (#19983)
the `BaseRepo` not always exit, should
use `Repository`.

Signed-off-by: a1012112796 <1012112796@qq.com>
2022-06-16 20:37:13 +08:00
Gusted e399f0f5b4
Don't buffer doctor logger (#19982)
- We don't need to buffer the logger with a thousand capacity. It's not
a high-throughput logger, this also caused issue whereby the logger
can't keep up with repeated messages being send(somehow they are lost in
the queue?).
- Resolves #19969

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-16 17:10:33 +08:00
Lunny Xiao b01dce2a6e
Allow render HTML with css/js external links (#19017)
* Allow render HTML with css/js external links

* Fix bug because of filename escape chars

* Fix lint

* Update docs about new configuration item

* Fix bug of render HTML in sub directory

* Add CSP head for displaying iframe in rendering file

* Fix test

* Apply suggestions from code review

Co-authored-by: delvh <dev.lh@web.de>

* Some improvements

* some improvement

* revert change in SanitizerDisabled of external renderer

* Add sandbox for iframe and support allow-scripts and allow-same-origin

* refactor

* fix

* fix lint

* fine tune

* use single option RENDER_CONTENT_MODE, use sandbox=allow-scripts

* fine tune CSP

* Apply suggestions from code review

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>

Co-authored-by: delvh <dev.lh@web.de>
Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-16 11:33:23 +08:00
Gusted 7d1770cd71
Use correct count for NumOpenIssues (#19980)
- Don't specify the field in `Count` instead use `Cols` for this.
- Call `log.Error` when a error occur.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-16 10:51:34 +08:00
Hugo Hoitink 6473bd333a
In code search, get code unit accessible repos in one (main) query (#19764)
* When non-admin users use code search, get code unit accessible repos in one main query

* Modified some comments to match the changes

* Removed unnecessary check for Access Mode in Collaboration table

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: Lauris BH <lauris@nix.lv>
2022-06-16 02:24:10 +03:00
Gusted 881646520e [skip ci] Updated translations via Crowdin 2022-06-15 22:10:15 +00:00
Gusted f0ce5470e5
Always try to fetch repo for mirrors (#19975)
- Always give a best-effort to fetching the repositories, if even that
fails indeed give a disconnected mirror found error.
- *Partially* resolves #19928

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
2022-06-15 23:58:44 +08:00
Lauris BH 1f8f9c3826
Remove tab/TabName usage where it's not needed (#19973)
`tab` query argument and `TabName` in context is used only in profile so remove it from all other places where it's not used anymore.
2022-06-15 23:05:32 +08:00
wxiaoguang 9f87b60b46
Fix cli command restore-repo: "units" should be parsed as StringSlice (#19953)
* Fix cli command restore-repo: "units" should be parsed as StringSlice because after  #15790 it's read by c.StringSlice("units").  Before, the "units" were processed by strings.Split
* Add checking for invalid unit names

Co-authored-by: 6543 <6543@obermui.de>
2022-06-15 20:28:03 +08:00
AHOHNMYC 97548d2722
Uppercase first languages letters (#19965) 2022-06-15 12:08:49 +02:00
Lunny Xiao d91d4db344
Move tests as seperate sub packages to reduce duplicated file names (#19951) 2022-06-15 09:02:00 +02:00
silverwind b4d420d865
Replace unstyled meter with progress (#19968)
Replace the only `<meter>` element in use with a `<progress>` which is
styled properly. Also slightly adjust colors on it for better contrast.

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
2022-06-15 12:28:24 +08:00
singuliere f6e2dbaf1e [skip ci] Updated translations via Crowdin 2022-06-15 00:10:14 +00:00
singuliere 460c03ca49 [skip ci] Updated translations via Crowdin 2022-06-14 00:10:10 +00:00
singuliere 1fef9a2d69
Remove singuliere from MAINTAINERS (#19883) 2022-06-13 21:05:41 +01:00
wxiaoguang 0d7eda511f
Fix aria for logo (#19955)
Co-authored-by: 6543 <6543@obermui.de>
2022-06-13 14:46:39 -04:00
Lunny Xiao ff82a18315
Fix mirror template bug (#19959)
* Fix mirror template bug

Co-authored-by: wxiaoguang <wxiaoguang@gmail.com>
Co-authored-by: delvh <dev.lh@web.de>
2022-06-13 18:12:59 +02:00
Lunny Xiao 3c6c150740
Add deprecated log when using MySQL with utf8 charset (#19952) 2022-06-13 20:55:08 +08:00
Lunny Xiao 1a9821f57a
Move issues related files into models/issues (#19931)
* Move access and repo permission to models/perm/access

* fix test

* fix git test

* Move functions sequence

* Some improvements per @KN4CK3R and @delvh

* Move issues related code to models/issues

* Move some issues related sub package

* Merge

* Fix test

* Fix test

* Fix test

* Fix test

* Rename some files
2022-06-13 17:37:59 +08:00
yutotnh 3708ca8e28
fix: some typos (#19956) 2022-06-13 15:34:46 +08:00